From: Derrick Lyndon Pallas <derrick@pallas.us>
To: Denis Kisselev <denis@dkisselev.net>
Cc: "STR ." <strykar@hotmail.com>,
"wireguard@lists.zx2c4.com" <wireguard@lists.zx2c4.com>
Subject: Re: Help calculate MTU, ISP's 1448
Date: Thu, 28 Feb 2019 12:56:44 -0800 [thread overview]
Message-ID: <A3395BE5-CB9C-41DD-8108-AF2307B79507@pallas.us> (raw)
In-Reply-To: <CY4PR14MB1141A575E3180794D7155EB3A2750@CY4PR14MB1141.namprd14.prod.outlook.com>
[-- Attachment #1.1: Type: text/plain, Size: 2306 bytes --]
I've had to drop to 1280 from Linode to several cellular carriers or else IPv6 fails. Ymmv, but the primary problem I've seen is MTU discovery failing because the v6 message is being eaten but not the v4 message. Have you enabled discovery in the kernel?
~Derrick • iPhone
> On Feb 28, 2019, at 11:56 AM, Denis Kisselev <denis@dkisselev.net> wrote:
>
> Check what IP's the google domains are resolving to.
>
> You might be getting IPv6 DNS responses back and your VPN/firewall configuration is blocking them.
> I've run into the opposite issue where my ISP's IPv4 stack crashed and Google/Facebook worked (over IPv6) but most other sites failed.
> From: WireGuard <wireguard-bounces@lists.zx2c4.com> on behalf of STR . <strykar@hotmail.com>
> Sent: Tuesday, February 26, 2019 4:39 AM
> To: wireguard@lists.zx2c4.com
> Subject: Help calculate MTU, ISP's 1448
>
> Hi,
>
> I have Fiber to our apartment complex basement, from there Cat6 runs to
> each apartment. The ISP/apartment service provider suggests an MTU of
> 1448, which I set for the PPPoE interface on my OpenWRT router.
>
> I read
> https://lists.zx2c4.com/pipermail/wireguard/2017-December/002201.html
> which comes to (assuming 1500 byte MTU) to 60 bytes (IPv6) to 80 bytes less to account for Wireguard protocol overhead.
>
> Using this info, I tried an MTU of both (1448-80=1368) and (1448-
> 60=1388).
> As my ISP assigns only IPv4, I expected an MTU of 1388 to work, which I
> set on the Wireguard interface in OpenWRT.
>
> However, when set to 1388, almost everything works except any Google
> related sites like Maps, Gmail, YT etc.
> When set to 1368, everything works and it's the way I have it setup
> right now.
>
> What am I missing here?
> Why won't Google sites load via my WG VPN when the MTU is set to 1388?
>
> If it helps, I host the WG server on Google's cloud platform and was
> informed that GCP has an MTU of 1460 bytes.
>
> Thank you,
> S
>
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
[-- Attachment #1.2: Type: text/html, Size: 3919 bytes --]
[-- Attachment #2: Type: text/plain, Size: 148 bytes --]
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
prev parent reply other threads:[~2019-02-28 20:57 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-26 12:39 STR .
2019-02-28 18:49 ` Roman Mamedov
2019-02-28 19:56 ` Denis Kisselev
2019-02-28 20:56 ` Derrick Lyndon Pallas [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=A3395BE5-CB9C-41DD-8108-AF2307B79507@pallas.us \
--to=derrick@pallas.us \
--cc=denis@dkisselev.net \
--cc=strykar@hotmail.com \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).