Hello Swinog members,
There is apparently an MTU issue with SwissPost website when MTU of the link is <1500 bytes. It is like if webserver answers everytime with 1500 bytes packets and doesn't make PMTUD.
The client connexion is over 6in4 with 1480 bytes MTU. No issues with other IPv6 enabled sites.
Can another person with <1500MTU connexion confirm the same behaviour, and maybe anyone from Swiss Post IT take a look at this probable ICMP filtering issue.
Below are the tests done:
jacota@cactus:~$ curl -6 http://www.post.ch/ <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="https://www.post.ch/">here</a>.</p> </body></html>
==> small packet <1480bytes ==> OK
jacota@cactus:~$ curl -6 https://www.post.ch/ no answer
==> SSL negociation with full packets ==> FAIL
jacota@cactus:~$ telnet -6 www.post.ch 443 Trying 2a00:17c8:0:103::20a... Connected to www.post.ch. Escape character is '^]'.
==> TCP connectivity with port 443 ==>OK
Best regards, Antoine Jacot-Descombes