Comcast Residential /64 Delegation

johnpoz

@bmeeks great post - and to add to what ISPs could do - if they actually cared.. Is what HE is going and provide the users a way to get a specific sized prefix.. Doesn't have to be a /48

Many a colo or cloud hosts provide the ability to assign IPv6 networks to your machines or vms you host with them.

Your modem is registered with them - I should just be able to get a /X prefix assigned to me, and the ability to edit the PTR, etc. on that.. Its not freaking rocket science that is for sure - HE is doing it, and doing it for free!!

Comcast has one of the largest IPv6 delegation given - I believe a /9... They have enough space to freaking give their users some in a useable way if they so desired..

You for sure going to hinder your actual learning experience of how and what IPv6 is and how works dealing with how they have chosen to deploy it and roll it out.. Your over all learning experience would be way better with having a /48 of your own to play around with.. And use it in different ways on your local network.

You do understand you could actually use both the native IPv6 comcast gives you and the tunnel you create and then your /48

JKnott

@bearhntr said in Comcast Residential /64 Delegation:

When I configured the WAN - the first time I chose /64 for the prefix delegation size. Lots more reading, and it appears that Comcast allows residential users /60.
I had read some place else - cannot find the posting now, that if you change this value after an initial address is assigned -- there is a file you must modify or reset to allow for the new prefix delegation to take hold. Anyone know what I need to change?

Use /60 for delegation size. No, you do not have to modify a file.

JKnott

@johnpoz said in Comcast Residential /64 Delegation:

I couldn't keep a prefix for the life of me - the wind would change and would get a new prefix was my major issue with them.

Was that before pfsense added that Do not allow PD/Address release setting?

JKnott

@bmeeks said in Comcast Residential /64 Delegation:

Comcast and similar ISPs are not really wanting their residential users to have or utilize "static IP addresses" of any type (IPv4 or IPv6). While a select few may offer that as a premium-priced upgrade, most do not. They want to be able to change their network configurations on the fly. And they do not want, as a general rule, their residential customers hosting things for the Internet on their networks. So those two goals (the desire to be really flexible with network changes, and to discourage/disrupt service hosting by customers) lead to more advanced users having problems implementing something like you desire.
Comcast is likely to not always give you the same IPv6 prefix each time your cable modem reboots (or even if pfSense drops and then re-establishes its connection).

I used to have that problem with Rogers, until pfsense added the Do not allow PD/Address release setting. Now, my prefix is rock solid.

bearhntr

@bmeeks

I understand that COMCAST is not going to give a residential customer a rock-solid static Internet Address.

I cannot even get it working with the stuff internally (on my side the pfSense) - well, that part I can get working - but the fact that when I do have it working...and can get a 19/20 score at https://ipv6-test.com/ 3-5 days later it no longer works.

It honestly makes no sense to me why. I do not need 4 million addresses (LOL). I would be happy with a working /64 segment - which is reliable and "MINE".

Setting up the IPv4 was easy and always has been. But this IPv6 is giving me migraines.

I do not see what adding another layer of complexity by introducing HE would do. Seems like I would just be adding another door/window into what I am trying to secure.

Today I went to https://simpledns.plus/private-ipv6 -- and let it generate a Private IPv6 range for me. I then setup a new DHCP scope on my DC and that is not working either. So that I can have 'my' devices pull from that scope. But nothing is grabbing an address like it did when I had the scope of 2601:c9:200:491::/64 created there.

Everything on my network seems now to only be getting a linked-local type address - like fe80::dcce: and no IPv6 address at all.

These are the settings - I am using....now, and still the GATEWAY in pfSense is only showing an IPv4 address - no longer showing any form of IPv6 address.

--- I wish I could find that posting which talked about some which has to be deleted or modified when you change the Prefix Delegation Length....unless there is something else in another setting some place which is not right.

I also just noticed this - strange. There used to be interfaces listed here.

johnpoz

@bearhntr said in Comcast Residential /64 Delegation:

I would be happy with a working /64 segment - which is reliable and "MINE".

Well again - why dick with your isp when what your asking for is a click a way and 2 minutes of setup.. Yeah if you just want a /64 you can get that too, and your /48..

HE is one of the major players on the planet when it comes to IPv6 - they have pops all over the globe.. Its a no brainer to get IPv6 address space from them.. And no dick with some half assed IPv6 deployment from a company that could give 2 shits about users wanting to run their own hardware. Use the isp device - and your device will get IPv6 and work.. But wanting to do anything other than get an address - with your own router.. Why dick around..

bearhntr

@johnpoz

While I appreciate your dislike for COMCAST - some of your comments border on demeaning towards end users such as myself. You say "Get HE" over and over and over - but you have not once provided any helpful information as to "how". Everything that I have clicked on their site - is talking about fees.

All good and glorious that you love and use them - but how about a small tutorial as to 'what' to ask for or use on their site to make this happen? It is kinda like giving your kids the keys to the car, telling them to get in and press the gas pedal.

I do not want to come across as aggressive or even a jerk. I am trying to learn, and well "papa - I am in the car and pressing the gas pedal - but I hear nothing and the car does not go anywhere".

jpvonhemel

@bearhntr

@johnpoz != Comcast.

You might consider one of options.

I was successful getting Comcast to expand their plant 1/2 mile to add my home, simply by writing letters to the CEO. This got me off 18/2 VDSL. They did not charge anything to do this. Maybe writing old fashioned letters you stamp and mail might get your issues escalated to corporate level support.

Not sure if these are options for you. I know it’s not right to not get what you feel you are paying for.

Use Comcast support forums?

Get a Comcast Business account?

Get an HE account and play/learn.

Turn off IPv6 (that was how I handled this- move on with other things I need to be doing.

I know it is disappointing when a service you are paying for is not coming through. You should not have to settle for HE, but last I checked, there aren’t any Comcast employees here to help.

If you are determined to get v6 working with Comcast, seriously consider writing that letter to corporate. Comcast could do a much better job of documenting and supporting v6. The problem is the number of residential customers who care, are probably infinitesimal.

Good Luck.

jdeloach

This post is deleted!

bearhntr

@jpvonhemel

COMCAST support forums are a huge Joke!!! You got all the COMCAST Staff in there telling you their favorite answer "that configuration is 'not supported'" Trust me - I have B.T.D.T (been there done that).

I think I got it working in another way - back to 19/20 - still cannot figure out why I cannot get Hostname for ipv6 to show on the test. I can ping the IPv4 and IPv6 address of the DC and pfSense with name resolution - and they come back with the name from the DC.

From other machines on my network I get this

It resolves the NAME - but get ping failure.

I checked the Firewall on that workstation and ICMP is on - otherwise it would not have resolved the name or pinged at all.