Messages

I use it with M-Net. I know that Telekom and their resellers does not work with 1500 bytes MTU.

Good to know; I'm also on M-Net FTTH.  Looks like I have some homework tonight and can unwind my MSS workaround in the same go.  Thanks for the quick reply!

*EDIT* With a bit of trial and error, I am working at MTU 1500 as expected. on my PROXMOX + opnsense setup  My steps in a nutshell:

PROXMOX:

1.) Set my dedicated "WAN" bridge (vmbr1 in my case) and its associated single interface (enp2s0 in my case) to 1512 MTU; reboot


OPNSENSE:

1.) (Interfaces > Assignments) Enable interface vtnet0 (which is mapped to WAN bridge vmbr1 in PROXMOX); assign it the name WAN_VLAN_PARENT; set MTU of WAN_VLAN_PARENT to 1512
2.) (Interfaces > Assignments) Enable interface vlan0.40 (which is for me VLAN40 for my ISP M-Net mapped to vtnet0); assign it the name WLAN_VTNET40; set MTU of WLAN_VTNET40 to 1508
3.) (Interfaces > Devices > Point-to-Point) Set MTU of PPPoE interface pppoe0 to 1500 (under advanced options)
4.) REBOOT opnsense (important!)

Note: The WAN interface in opnsense may still show that the "calculated MTU" remains 1492; ignore this as you've overriden the MTU on pppoe0! Test the config with a site like http://pmtud.enslaves.us/ -- IPv4 should show a MTU of 1460 and IPv6 an MTU of 1440 if the above steps were configured correctly.

To future readers:  your interface names (italic) above across your virtualization host and opnsense may vary, please remap accordingly!  Follow the notes in the guide in the OP if you are on a bare metal install as that takes out the complexity of configuring the MTU of the virtualization host.

With this setup I no longer need my MSS clamping workaround on my WAN interface for DNSMASQ; it's as if I have a "normal" ISP without PPPoE.  Reiterating OP's post that this only works with select ISPs and especially NOT telekom or telekom-hosted ISPs like 1&1, O2, etc.

@meyergru With which ISP in Germany are you utilizing the sortachonky-mini-baby-jumbo Frames?

I'm also oddly honored to have my post made it in the pppps of the OP :) Credit goes to the post I found on github for the workaround.

Closing this out with a fix if you missed it:

Validate your MTU settings.  DNSMASQ does not seem to configure MTU correctly if you are using PPPoE on WAN.  RADVD does not have this issue.  I set the "MSS" of my WAN interface to 1492 (PPPoE standard) and IPv6 now works flawlessly with DNSMASQ as my Router Advertisement service.

Thanks for this post. I had ISC dhcp working fine with Ipv6 but I saw that it was advised to go to Dnsmasq. After a week bad DNS (some sites like this forum even got 'timed out') I switched back to the normal Router advertisements and everything worked instantly.

Necrobumping this thread as I stumbled on nearly the exact same issue.  For me DNS didn't seem to be the issue as the behavior was the same regardless of if using local DNS resolution or a public resolver.  The issue I found was TLS connections not establishing as expected for IPv6.  Moving back to kea + router advertisements is my immediate fix, but getting to the root of why DNSMASQ didn't play nice would be great.

I'll also crosspost my Reddit post for anyone in the future who may stumble on this: https://www.reddit.com/r/opnsense/comments/1r9uxs0/odd_ipv6_traffic_behavior_dnsmasq/

Affects me on opnsense 26.1.2_5 on top of proxmox