How does IPv6 negotiation over IPv4's PPPoE work?

Gertjan

Me too ;)

Some PPPoE/ADSL and VDSL these days.
I have to use the ISP router because their VDSL is not something that is defined in a RFC.
Also, they offer a single /64, so my ISP accepts multiple devices but not multiple LAN's which needs more then 1 /64 : the IPv6 from my ISP is useless for me.

I'm also a happy Hurricane user for years now although their bandwidth is lower as my native IPv4. Not a real issue, as it is free.

senseivita

I don't think it tunneled, IPv6 has more meta and taking into account the encapsulation in IPv4 is doesn't add up. At the end of the day tunnels are that repackaged packets not side channels.

This drives me nuts though:

In the left side parent interface suggests that it is indeed encapsulated then you don't even need to move you eyes to find its contradiction, keyword would be information as in control channel like a ton of protocols have, and when they do there's a data path somewhere in the vicinity. It's reminds me a lot to a an IPsec Phase1.

pfSense has a PPPoE server, in the Advanced section there's something about IPv6 in IPv4 too, but it's the client side and I think that's 6to4 not native IPv6 like my ISP claims it delivers. Does it come in a package maybe? (the server side IPv6 via IPv4-PPPoE)

After reading your answers now I want to setup a lab to try it, but there's still that missing part of what does "over the IPv4 connectivity link" means.

Thanks, and, if you remember something else you worked with regardless if not really related please share! :)

––––––––––––––––––
BTW, did you guys know that there are special switches for PPPoE? It's PPPoEoE, not kidding. I found about this while trying to learn more about it and because back when I had the 4DSLs, pfSense would only connect 3 when I tried to deliver them over VLANs, like a router-in-a-stick approach. This is because PPPoE lands somewhere between L2 and L3, something like that, the only info I could find was from Cisco who apparently is the only manufacturer of these as well, big surprise. I had to get a Cisco partner or associate or some nonsense of a title/name they have for idiot that pays for the "privilege" of being able to pay more in the future just to find the little I know about this, they might be even charging me IDK. I think they don't. That's messed up: you're a customer but if they need to give you a title wouldn't that make you like an employee too? A payedpaying employee?!

JKnott

@skilledinept said in How does IPv6 negotiation over IPv4's PPPoE work?:

BTW, did you guys know that there are special switches for PPPoE? It's PPPoEoE, not kidding.

Are you sure about that? I just Googled on PPPoEoE and not a single hit, other than to plain PPPoE. PPPoE is an implementation of PPP over Ethernet. In the past, we had PPP over serial port, for use with modems and ISDN. I have also configured it over fractional T1. PPP is just a way of carrying various protocols over a serial connection. For PPPoEoE to be a thing, it would have to include Ethernet over Ethernet. Well, that sounds like VLANs, MPLS or shortest path first, where an extra header is added to an Ethernet frame.

Hikari

Nobody today will provide paying service on a server hosted on residential link. ISPs should just drop these stuff and provide static addresses and prefixes for everybody.

JKnott

@Hikari

My IPv4 address changes so seldom it's virutally static and the host name, based on modem and router MAC addresses changes only when I changed hardware. My IPv6 prefix is rock solid. It even survived a recent WAN NIC change, unlike the IPv4 address and host name.

senseivita

@JKnott

I'm seriously not kidding, I thought it was silly too, here's from Wikipedia:

"For example, PPPoEoE, when the transport is Ethernet itself, as in the case of Metro Ethernet networks. (In this notation, the original use of PPPoE would be labeled PPPoEoA, although it should not be confused with PPPoA, which is a different encapsulation protocol.)"

It's in the first section. I saw it first on one of these Cisco Academy sites, for the CCNA and all the other CC-something tests they do.

That *oA thing was a staple in the xDSL modems, ATM. It's supposed to be super old but still held up until recently even competing with fiber. There was something that made it good for huge deployments, like an ISP's DSL infra but I forgot what it was.

@Hikari you're right, when my connection happens to drop, which is when I restart the firewall every leap year, sometimes I'd get it back. The IPv4 one, the IPv6 block is so large I can't memorize further than the first two digits, "28", considering they hand a /64 I'm still 14 digits short.

To check I'd have to go to one of these IPv6 test sites bc the firewall reports only a link-local address. Thanks but I'll pass, I'm fine too with the /48 from Hurricane Electric, even if it's got slightly higher ping time. 2ms is nothing anyway.

senseivita

"PPPoEoE is a variant of PPPoE where the Layer 2 transport protocol is now Ethernet or 802.1q VLAN
instead of ATM. This encapsulation method is generally found in Metro Ethernet or Ethernet digital
subscriber line access multiplexer (DSLAM) environments. The common deployment model is that this
encapsulation method is typically found in multi-tenant buildings or hotels. By delivering Ethernet to
the subscriber, the available bandwidth is much more abundant and the ease of further service delivery
is increased."

Understanding Broadband Access Aggregation (year 2005, ouch)
https://www.cisco.com/en/US/docs/ios/bbdsl/configuration/guide/bba_understanding.pdf

Catalyst 4500 Series Switch Software Configuration Guide, 12.2(54)SG
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/54sg/configuration/guide/config/PPPoE.html

I'm such a huge nerd that this gets me excited. I blame pfSense though, before I switched to it a few years ago three tops (the ugly red UI was already gone), I couldn't care less about networking...maybe VPNs for region blocks but that's it.

JKnott

@skilledinept said in How does IPv6 negotiation over IPv4's PPPoE work?:

"For example, PPPoEoE, when the transport is Ethernet itself, as in the case of Metro Ethernet networks. (In this notation, the original use of PPPoE would be labeled PPPoEoA, although it should not be confused with PPPoA, which is a different encapsulation protocol.)"

As one who has worked with providing fibre connections to businesses and data centres, I can tell you that would be either VLANs or MPLS. I have worked with VLAN on VLAN (QinQ) many times, though not MPLS.

The difference between PPPoE & PPPoA is the underlying tech. Many years ago, the phone companies had the big idea that ATM would take over the world, but IP beat them to it. ATM was part of the synchronous telecom network, but even that network is disappearing. BTW, I spent many years working for a major telecom company and in the last 5 years there, my job was planning the installation of telecom equipment in the central office and customer sites, so I have an excellent understanding of the various technologies.

While Wikipedia is an excellent reference, it's not infallible. There have been a few times when I have provided corrections to it.

JKnott

@skilledinept

I'm the opposite. Almost my entire career has been about telecom, computers and networks. I spent 23 years at a telecom company, 17.5 as a tech and 5.5 in planning. I was also doing software support at IBM for almost 4 years. Over the years, I have worked with a wide variety of technology, some long obsolete, and always trying to learn more.

Hikari

@skilledinept said in How does IPv6 negotiation over IPv4's PPPoE work?:

@Hikari you're right, when my connection happens to drop, which is when I restart the firewall every leap year, sometimes I'd get it back. The IPv4 one, the IPv6 block is so large I can't memorize further than the first two digits, "28", considering they hand a /64 I'm still 14 digits short.

Me too. When I got my OpenWRT I was developing a few monitoring tools to help me know when any ISP goes offline and when IP is changed. I wanted to make a report to show how often IP changes.

But my battle with ISPs for proper IPv6 support and lack of knowledge on Bash made me tired and I stopped.

JKnott

@Hikari

Several years ago, when I had an intermittent problem, I wrote a bash script to ping the ISP's gateway and record the failures. There wasn't much to it.

#! /bin/sh
while [ 1 ]
do
ping <target> -4 -c 1 || date >> ~/log;sleep 50
done

This should work with IPv6 as well as IPv4.

Hikari

tnx!

In last few years I'm using a public service that receives an HTTP request and reports if it was received.

What I've been considering is developing a PHP app to receive data on GET request and record on Postgres. Then it's just a matter of querying it and building charts.

I also developed a Bash code that queries SpeedTest and receives some nice data back, I might do the same with it.

I also wish to run it on my server instead of on router and use some failover filter to somehow force each request to pass on specific WAN, so that I can properly test if LAN has connectivity. But it takes a lot of time doing tests of plugging and unplugging WAN cables to assure, and of course learn how to do these filters.

JKnott

@Hikari said in How does IPv6 negotiation over IPv4's PPPoE work?:

I also wish to run it on my server instead of on router

That would rule out using the IPv6 gateway, if it uses a link local address.

Hikari

That's another challenge, do load balancing on IPv6 where router manages it and chooses what route connections will use.

If that works and I'm able in example to rule a given destination to always use a given WAN, it must work.

senseivita

What if you use a remote receiver?

From experience I've learned that DDNS in pfSense, or any other appliance only works when you're "gentle" to it, meaning one hostname. As soon as you add additional hostnames, domains it'll fail to update them so I got a VPS and installed pfSense on it for the static IP they give you, starting at USD5/mo, sometimes less, it's the cheapest static address you can rent.

I actually use it for the GIF to HurricaneElectric and tunnel both IPv4 and IPv6 to the local pfSense, I have about the same latency in local IPv4 as in tunneled IPv4 and (double-) tunneled IPv6.

But where I'm going with this is:

I also use my remote instance's public address as the monitor IP for the local WAN gateway. And since I can contact the remote instance locally through the tunnel, I get statistics on it with any tool, like from which IP a tunnel is has been brought up--which I know would only be mine. "Loopback" Stats. This data can be sent to a syslog server or queried through SNMP. You can query all sorts of data, I check consumption because the VPS has a data cap, I'm used to not having it because of my ISP so this is really handy, you can set it to notify you through a bot on Telegram, Matrix, classic email or a buttload of other integrations it has:

The first one is LibreNMS, completely free, does SNMP and syslog, you don't need scripts or databases because it's meant to keep historic data, it's all there as long as you feed it. The second one is VMware's vRealize Log Insight, also free (*with purchase) it only does syslog but it's very comprehensive, king of syslogs, it can proxy the syslog to yet more servers and has this thing called agents, custom-made-on-site apps preconfigured to send data to it and reconfigurable remotely. It's very cool.

LibreNMS is like a 2core/2G/20G VM if I'm not mistaken, Log Insight is much hungrier but you can tweak it before first starting it, I discovered. Both need fast disks.