Hi there,
I got a new home internet connection and it’s currently using DS-Lite for IPv4 connectivity. I have already contacted the ISP and should get switched to native Dual Stack by tomorrow, but I am still wondering why my DS-Lite setup is only working properly when I activate sniffer or torch.
The setup:
- RouterOS 7.21.3
- IPv6 connectivity is provided via pppoe-client (mtu 1492)
- IPv6 /56 prefix is received via dhcpv6-client
- a public IPv6 address from the recieved prefix is assigned to the pppoe-client interface
- dhcpv6-client has a script based on GitHub - Pieshka/routeros-dslite-script: Script for DHCPv6 client emulating DS-Lite to extract the AFTR fqdn and set it as remote address on a prepared ipipv6 tunnel interface “dslite1”
- dslite1 properly detects actual MTU as 1452
- dslite1 interface has IPv4 address 192.0.0.2/29 assigned
- default IPv4 route via 192.0.0.1
- ip firewall has mangle rules for clamping tcpmss to 1412 for tcp syn packages with in- or out-interface “dslite1”
Now, as long as I have package sniffer or torch active, this setup is working fine: I have usable IPv4 connectivity.
But as soon as I disable them, things start to break: Small packages like pings are still fine, but a simple http download is incredibly slow and my firewall logs show that the router is sending out loads of ICMP type 3 code 4 (fragmentation needed) packages on the dslite1 interface to the public IP from where I am downloading.
Now, as sniffer/torch fixes the issue, the obvious culprit would be fasttrack. However, disabling IPv4- and IPv6-fasttrack does not fix the issue!
As mentioned, I should get rid of ds-lite soon. But I’d like to get some peace of mind and would really like to understand the issue I am facing with my current setup. Any ideas?
