ANNOUNCEMENT - The community will be down for maintenace this Thursday August 13 from 12:00 AM PT to 02:00 AM PT. As a precaution save your work.
Showing results for 
Search instead for 
Did you mean: 

IPv6 tunnel MTU problem


to get IPv6 connectivity, I use a tunnel by Hurricane Electrics. This is a ip6inip tunnel.

interface Tunnel0
 description Hurricane Electric IPv6 Tunnel Broker
 no ip address
 ipv6 address 2001:470:xxx:xxx/64
 ipv6 enable
 ipv6 mtu 1472
 tunnel source Dialer0
 tunnel mode ipv6ip
 tunnel destination

The tunnel itself works, I can browse the web via IPv6, I tried that out and I use it for months.

With some sites I encounter problems (,

The browser does TLS handshaking, but never finishes for minutes.

It is an MTU problem, because if I set MTU to 1472 (like the tunnel) on my PC (multiple Linux machines), it does work fine. I operate an 886va ISR.


At another location I operate a FritzBox (home router) and also an IPv6 tunnel by hurricane. The clients also have MTU of 1500, but no problems with some site's TLS.

Somebody told me about IPv6 MTU discovery being blocked by default in Cisco IOS.

Is that true?

How can I avoid that?

I like to forward all IPv6 packets.

Should I create an access list with the following content and enable it on the tunnel interface?

ipv6 access-list aclv6
 permit ipv6 any any

Kind regards


This widget could not be displayed.