IPv6 connections to letsencrypt seem to fail

Some users have been able to work around these weird Akamai issues by dropping their MTU to 1300 or even 1280. Cannot get new certificate, readtimeout error

Especially if this is only happening on large payloads (e.g. submission of CSR doeesn’t work, but fetching the directory - like in your above post - does). I’m not sure whether that matches your description of what you see in pcaps.

Can’t hurt much to try, only takes a couple of minutes to verify.