On Thu, Sep 10, 2009 at 05:16:23AM +0000, Daniel Drown wrote: > That said, the various MSS fixes (point #2 and the origional poster's iptables > command) avoid the problem for TCP. rhel5, which is what we're running in production, has a kernel old enough that it doesn't have the iptables --clamp-mss-to-pmtu capability for ipv6. We've had over 5000 successful connections using ipv6 this week, and about 5 _reported_ failures. In the same time, we've had millions of successful v4 connections. I'm inclined to believe the failures, while annoying, are still few and far between compared with the rest of our traffic. I'm not quite ready to turn off ipv6 again, or switch to forcing "knowledgable" users to use www.ipv6.fp.o, as it would drop our IPv6 userbase to effectively zero. -- Matt Domsch Technology Strategist, Dell Office of the CTO linux.dell.com & www.dell.com/linux _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list