Hi!
I recently changed my isp plan and i noticed something strange.
the connection is now dual stack (if it does matter)
https://www.speedguide.net/analyzer.php
Always gives me an MTU of 1460.
But when i do the ping dont not fragment test, the result is actually 1500.
Doing some debugging with wireshark it seems like all tcp connection have an mss of 1420 (MTU 1460)
Is it possible that my isp is redirecting all my tcp traffic over an tunnel?
quite possible that your isp only gives you native v6 and uses a nat64 tunnel.
My isp claims that they use full dual stack.
Even if they would use nat64, that wouldn't explain why it is possible to send pings with a size of 1472 (+28=1500) but tcp streams get clamped to 1460.
They may use a full stack within your ISP/AS, but could perhaps virtually tunnel to one of their IPv6 upstream BGP peers.
I know HE.net offers this.
i think it does, because mss-clamping will do its thing but not touch the icmp-ping which gets fragmented by the tunnel.
also i would not put it past marketeers to claim "full dual stack" because you can reach ipv6 and ipv4 endpoints.
What happens if the pings are send with the do-not-fragment bit set?
depends on the tunnel.
forcefully fragmenting (ignoring DF) is not uncommon