Networking problem in new nixos install

I’ve just installed nixos 20.09 on a VM (in Fusion, on a Mac). I downloaded the graphical live CD/installer, and ran the installation from there. Networking worked perfectly, it did the install, no problems. Now that I’m working in the installed version though, I’m having strange networking issues. Initially I had an adapter and could ping the gateway, but nothing beyond that (even by IP). I changed the VM networking to make the adapter be in bridged mode instead of “share with my Mac” mode that was default. Then I could ping, and browse pages and whatnot, and all seemed well.

However, when I went to try to install a couple more packages that I hadn’t included originally, I ran into issues. Most times, this operation is failing with “HTTP error 206 (curl error: Failure when receiving data from the peer)”, and then that it’s going to retry at X offset (X always changes). Every so often the request works.

I can ping the hostname just fine. Kind of looks like this problem - The NixOS Cache is now hosted by Fastly! - #10 by zarel except 1. that’s from a while ago and supposedly resolved, and 2. it looks like these were changed to range requests since I’m seeing 206s instead of 200s, and getting references to offsets. Tried the “fix” listed there but no luck.

It seems to possibly be ssl related, in that I can happily do file downloads no problem over http, but on https it usually errors (true for all sites I’ve tried - getting SSL routines:ssl3_get_record:decryption failed). But if I do an openssl s_client connect to them via 443 everything looks fine.

Been looking at this via wireshark and seeing a number of resets, unseen segment messages, etc…but not seeing anything yet that really points me in a particular direction. FWIW I’m not running a VPN, or behind a proxy, or anything notable. I’ve run other Linux VMs in this same setup without issues, so overall I don’t see any major networking/Fusion red flags.

If anyone’s got anything I can try, or tips as to what specifically I should be looking for in the dump output to get me the next step, that would be very appreciated!

1 Like

If anyone else comes across this, it was an MTU issue. (Which I thought I’d checked/changed initially, but for some reason my changed didn’t take at first. Must’ve missed something.) So once I got the MTU set to 1460 instead of 1500 - presuably needed because of encapulation happening on the bridged interface - https downloads were fine. I’m having other issues with this VM now, but at least the networking stuff seems resolved.

Glad you managed to solve this problem. Would you be able to explain briefly what this MTU change from 1500 to 1460 means just for a future reference.
Good luck with you work!