Android issues on cellular but not WiFi connection

This started about 2 months ago. I don’t know if it’s a ZeroTier update or an Android update that causes the issue. Further, it seems to only happen on my Pixel 6 and my wife’s Moto Stylus 2021, but works on my Samsung S21.

If I connect to my server through ZeroTier and retrieve mail via IMAP (with SSL/TLS or STARTTLS), it works perfectly, as long as I’m connected via WiFi. If I connect via cellular, then the TLS handshake always fails (it’s not a connection issue, I can watch the packets with wireshark on the server, and they fly by until a long IMAP Response is sent from the server, and the client goes into a retransmission cycle).

That would be weird enough, but the kicker is that if I take a second phone and put it in hotspot mode (running only over cellular network), and connect the Pixel 6 via WiFi to the hotspot (so ultimately I’m still using the cellular network!), it works every time.

So, the difference is whether ZeroTier is communicating directly with the underlying cellular network or over WiFi and it doesn’t behave identically in those circumstances. But, it’s not a “connection” issue, since I can ping and exchange network packets without any other issue, only the TLS handshake.

Does this sound familiar to anyone?

I’m having exactly the same issue. On my Pixel 5, WiFi+ZeroTier works just fine. When I disable WiFi and fallback to Google Fi, I start experiencing this issue. Same as you, pinging other hosts by their ZeroTier IP works fine. I can also access HTTP websites on those hosts; however, HTTPS endpoints are problematic and won’t load.

This used to work perfectly, so either a semi-recent upgrade to ZeroTier on Android (or Linux?), or something deeper in Android messed this up. Very frustrating. Even more so because the TLS handshake fully starts, and many packets are exchanged, then it fails and times out. Truly hard to imagine what’s going on/wrong here…