Matt Domsch wrote: > On Thu, Sep 10, 2009 at 05:16:23AM +0000, Daniel Drown wrote: >> That said, the various MSS fixes (point #2 and the origional poster's >> iptables command) avoid the problem for TCP. > > rhel5, which is what we're running in production, has a kernel old > enough that it doesn't have the iptables --clamp-mss-to-pmtu > capability for ipv6. The server side shouldn't need it. The option is used to make up for something broken on the other side of a lower MTU link. fp.o is native IPv6, isn't it? No tunnel? > We've had over 5000 successful connections using ipv6 this week, and > about 5 _reported_ failures. In the same time, we've had millions of > successful v4 connections. I'm inclined to believe the failures, > while annoying, are still few and far between compared with the rest > of our traffic. I'm not quite ready to turn off ipv6 again, or switch > to forcing "knowledgable" users to use www.ipv6.fp.o, as it would drop > our IPv6 userbase to effectively zero. In a previous note, Mike M reported spending more hours (his, yours, and others') than he liked tracking down connectivity problems. It would be enlightening to know if there was a common thread. _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
