| 10 Feb 2026 |
|  Autiboy changed their profile picture. | 02:59:31 |
| Autiboy changed their profile picture. | 03:00:17 |
|  pneumatic changed their display name from ribosomerocker to pneumatic. | 10:28:51 |
|  Acid Bong joined the room. | 12:09:45 |
| Acid Bong | why does Dnsmasq service add a user and a group, but not use them? | 12:36:02 |
| Acid Bong | oh, it uses a CLI argument, got it | 12:42:28 |
 kdn | got a weird issue after setting up VLANs over ~7 different devices: when connected through AP that has VLAN 3547 some (eg: facebook works, hacker news dont) of the SSL (HTTPS) handshakes keep timing out and are retried in a loop, connecting to the same switch over ethernet works just fine
there is basically: AP (EAP773) -> zyxel switch -> mikrotik switch -> openwrt router (LAN on 3547) | 13:12:45 |
| kdn | the working/not working set of domains seem to be consistent across devices (laptop, phone etc.) | 13:13:23 |
 Molly Miller | that sounds like it could be an mtu problem | 13:14:53 |
| kdn | I don't think I have modified it anywhere, should be default 1500 all the way | 13:16:26 |
| kdn | is anything (VLANs?) in such setup chewing through MTU? | 13:16:58 |
| Molly Miller | i don't think so, i haven't ever seen similar problems when working with vlans, but tls handshakes timing out weirdly is often a symptom of mtu problems | 13:21:46 |
| Molly Miller | the sites that do and don't work, are there any patterns to those that do or those that don't? | 13:22:23 |
| Molly Miller | especially IPv4/IPv6 | 13:22:26 |
 Marcel | Otherwise you could trz to use traceroute (or tracepath) to check if there is a difference in the mtu to the target host. I always forget if traceroute or tracepath also determinates the mtu. | 13:25:12 |
| kdn | will check, I could issue pings of specific sizes to pinpoint at which connection the issue occurs? | 13:26:47 |
| Molly Miller | yes, that's an option | 13:30:16 |
| kdn | so curl -v https:// works for facebook.com, doesn't for news.ycombinator.com & nc.nazarewk.pw (my Hetzner nextcloud) | 13:32:48 |
| kdn | ping -s XXXX nc.nazarewk.pw seems to work fine between 1200 and 1700 | 13:34:56 |
| kdn | * ping -s XXXX nc.nazarewk.pw seems to work fine between 1200 and 1700 over IPv6, let's try other options | 13:35:10 |
| kdn | ping -4 -s XXXX nc.nazarewk.pw works for 1460, doesn't for 1470, let's try narrowing it down | 13:36:24 |
| kdn | 1468 is the last one that works, 1469 doesn't | 13:37:12 |
| kdn | yeah, it's the same for router's IP | 13:46:48 |
 magic_rb | Yeah last time i did it its just trial and error seeing what mtu works or not | 13:47:39 |
| magic_rb | If you know its 1468 then increase your routers uplink mtu to 1532 | 13:47:58 |
| magic_rb | Do you happen to be going over pppoe? That number seems familiar to me (i am going over pppoe) | 13:48:15 |
| magic_rb | Ideally your internal network mtu remains at 1500 | 13:48:31 |
| kdn | no, I'm not going over PPPoE, the connectivity fails over LAN address space too (from Wifi AP to the router over 2 switches) | 13:50:19 |
| kdn | I'm trying to find some MTU settings on AP (EAP773) or zyxel XGS1250-12, but so far no luck | 13:50:42 |
| kdn | that seems useful (from Kagi Assistant):
Why 1468 Bytes?
Normal MTU: 1500 bytes
Your effective MTU: 1468 + 28 (ICMP/IP headers) = 1496 bytes
Missing: 4 bytes = exactly the size of a VLAN 802.1Q tag
1
When VLAN tagging is added, frames grow from 1500 to 1504 bytes. If any device in the path doesn't account for this, it causes fragmentation or drops. | 13:51:23 |
