[c0nsumer]

Unfortunately, it's anything that's slow... When I've got a tunnel live, Google properties and Facebook are pretty much unusable. Weirdly, sometimes it'll work fine... Other times it won't. (The server I'm testing against with is my personal site, https://nuxx.net, which has great IPv6 connectivity already. I just don't want to tunnel my home connection through it because that'll seriously push up the bandwidth use of the hosted server.)

There's two things that I haven't taken the time to rule out yet: my router potentially being problematic (it's an Apple Airport that otherwise works well) and the ISP slowing down tunneled traffic. The former would require setting up a new router, and the latter... I'm not sure how I'd do that yet. IPv6 connectivity had been working fine until a month or two ago when things just went weird.

Good thought on sending HE a message... I'll do that later today. Maybe there's something they've run into before with this combo. When their tunnel was up and working great it was surprisingly nice.

[ay]

This description might also match a partly-working path MTU discovery (a possibly too-high rate of ICMP egress from HE end to content sites, blocked by rate-limiter on the HE device).

In IPv4 you do not notice it (it almost never triggers) because there is less tunnels and also because generally everyone does MSS clamping. In IPv6, you have the tunnel and not necessarily MSS clamping.

Two ways to tackle it:

- configure on the home router interface facing your LAN, IPv6 MTU less than you have on the tunnel (I have 1400 just because I like round numbers :-) Cleaner because works for (mostly) all protocols.

- configure the first hop router to do MSS clamping for TCP on IPv6 to 20 bytes less than what it currently does (if at all). This will work for only TCP, but that'll be the vast percentage of the traffic you are having problems with.

[c0nsumer]

So... Changing the MTU didn't help. Even at the minimum of 1200 I still had issues. Sometimes pings (even small 60 byte ones) would be fast, other times they'd be upwards of one second. Not sure what's going on yet, as I've put working on this aside for now.

[ay]

Okay, if there is a jitter on individual pings, it is certainly not the PMTUD-related - and if there is no packet loss, then it is shaping - either intentional, or some middlebox can't cope with the load.

When using AICCU (sixxs) - were you using protocol 41 or the UDP-based encap ? if protocol 41, then experimenting with switching to UDP might be interesting.

[c0nsumer]

This is a very good thought, and something I hadn't tried yet... Mostly due to the sporadic functionality of the issue. I'll give this a go tonight; thank you.

[tw04]

You could try glasnost: http://broadband.mpi-sws.org/transparency/glasnost.php

It probably won't help you with your specific tunnel, but you can check other traffic to see if there's any filtering occurring. It seems unlikely they'd ONLY throttle ipv6 tunnel traffic.

Also, the other thing I ran into with he.net tunnel was a problem with pmtu discovery. I had to manually set the mtu/mss on my router (pfsense). I have no idea if the airport will even let you.

https://forums.he.net/index.php?topic=3028.0