Enabling IPv6 on Comcast home network

lenhuppe

@johnpoz said in Enabling IPv6 on Comcast home network:

@lenhuppe said in Enabling IPv6 on Comcast home network:

When I bypass the Netgate I can surf the net using IPv6

And how exactly are you doing that? Is there some isp router in front of pfsense? Or just a cable modem - what is the device your plugging pfsense into?

For pfsense to provide ipv6 to devices behind it will want request a prefix.. I had comcast back a few years ago - and always hated their ipv6 deployment.. Nothing but issues with it - I just run a HE tunnel for all my ipv6 wants.

Guy you want for ipv6 stuff around here is @JKnott - can't believe he hasn't chimed in already.. Its been 10 minutes since you mentioned IPv6 ;) heheheh

I have Comcast and a rented cable modem. If I remove the Netgate I get an IPv6 address. If I run the cable modem into the Netgate it will get an IPv6 address on the WAN but the LAN devices do not.

johnpoz

@lenhuppe said in Enabling IPv6 on Comcast home network:

but the LAN devices do not.

Did you request a IPv6 via track interface? With pfsense you will request a prefix via delegation, and then track interface tells which prefix out of the delegation to assign to your lan interface.

https://docs.netgate.com/pfsense/en/latest/interfaces/configure-ipv6.html#track-interface

lenhuppe

@johnpoz said in Enabling IPv6 on Comcast home network:

@lenhuppe said in Enabling IPv6 on Comcast home network:

but the LAN devices do not.

Did you request a IPv6 via track interface? With pfsense you will request a prefix via delegation, and then track interface tells which prefix out of the delegation to assign to your lan interface.

https://docs.netgate.com/pfsense/en/latest/interfaces/configure-ipv6.html#track-interface

Yes. Interfaces > LAN > IPv6 Configuration Type = Track Interface

johnpoz

But did you actually get a prefix that you requested? There are some threads around here talking about how to troubleshoot that.. @JKnott prob the guy you want to help with this.. He loves IPv6 ;) My advice would be to just turn it off.. Or just run a HE tunnel.

They will give you a free /48 and you can take it with you if you change ISPs.. They allow for PTR settings on the IPv6 addresses, etc. Many reasons why its just easier than dealing with some lack luster isp IPv6 deployments.

JKnott

@johnpoz said in Enabling IPv6 on Comcast home network:

Guy you want for ipv6 stuff around here is @JKnott - can't believe he hasn't chimed in already.. Its been 10 minutes since you mentioned IPv6 ;) heheheh

I just got here. It took me a while to find a phone booth, so I could change into my uniform. Phone booths are getting scarce these days.

While I am good with IPv6, I have no experience with Comcast. However, I assume they use DHCPv6-PD, like many other providers.

As for getting IPv6, it's entirely possible to plug a computer directly into a modem in bridge mode and get an address for that computer. I've done that here many times and it's how pfsense would get it's WAN address.

@lenhuppe Can you show your configuation, so I know what you've done? I'll need both WAN and LAN configurations.

JKnott

@lenhuppe said in Enabling IPv6 on Comcast home network:

I have Comcast and a rented cable modem.

Is the modem in bridge or gateway mode? You want bridge mode.

lenhuppe

@johnpoz said in Enabling IPv6 on Comcast home network:

HE tunnel

There are at least two places where I can enter a prefix. The "DHCPv6 Prefix Delegation size" defaults to 64 on the WAN side and the "IPv6 Prefix ID" defaults to 0 on the LAN side.

JKnott

@johnpoz said in Enabling IPv6 on Comcast home network:

But did you actually get a prefix that you requested?

One thing that can be done is run a packet capture on boot up, to see what's being provided. To do that:

Shut down pfsense and disconnect the WAN cable
Reboot pfsense and start Packet Capture, filtering on port 546
Reconnect the WAN cable
Post the capture file here.

lenhuppe

@jknott said in Enabling IPv6 on Comcast home network:

@lenhuppe said in Enabling IPv6 on Comcast home network:

I have Comcast and a rented cable modem.

Is the modem in bridge or gateway mode? You want bridge mode.

I should contact Comcast and tell them I need to access the cable modem. The last time I tried that they gave me hard time. Comcast is a terrible company and even worse ISP.

JKnott

@lenhuppe said in Enabling IPv6 on Comcast home network:

The "DHCPv6 Prefix Delegation size" defaults to 64 on the WAN side and the "IPv6 Prefix ID" defaults to 0 on the LAN side.

The proper value depends on what prefix size they provide. For example, I get a /56 from my provider. The prefix ID is used to select which /64 from your prefix you want to use on an interface.

JKnott

@lenhuppe

You might be able to do that yourself. Post the make and model here and perhaps someone knows. Otherwise, a search on the net may provide the info.

lenhuppe

@jknott said in Enabling IPv6 on Comcast home network:

@lenhuppe

You might be able to do that yourself. Post the make and model here and perhaps someone knows. Otherwise, a search on the net may provide the info.

I have accessed the cable modem and found the "Delegated prefix" number. Its an Xfinity CGM4140COM if that helps at all. I just need to know where to enter the prefix.

lenhuppe

@jknott said in Enabling IPv6 on Comcast home network:

@lenhuppe said in Enabling IPv6 on Comcast home network:

I have Comcast and a rented cable modem.

Is the modem in bridge or gateway mode? You want bridge mode.

If I try to enable bridge mode it warns that wifi will not work in bridge mode. I need wifi so I can't switch to bridge.

lenhuppe

@johnpoz said in Enabling IPv6 on Comcast home network:

But did you actually get a prefix that you requested? There are some threads around here talking about how to troubleshoot that.. @JKnott prob the guy you want to help with this.. He loves IPv6 ;) My advice would be to just turn it off.. Or just run a HE tunnel.

They will give you a free /48 and you can take it with you if you change ISPs.. They allow for PTR settings on the IPv6 addresses, etc. Many reasons why its just easier than dealing with some lack luster isp IPv6 deployments.

On the WAN side DHCPv6 Prefix Delegation size is set to 64 and the the router has a delegation prefix ending in ::64 so I think that I am getting the /64 prefix as requested.

JKnott

@lenhuppe

If you're not in bridge mode, you will only be able to get a single /64, which pfsense cannot split among your LAN interfaces. Here I have a modem that includes home phone and I also have IPTV. Instead of using the built in WiFi, I have a separate access point, which is mounted roughly in the middle of my condo. Bridge mode had no effect on my home phone or IPTV.

johnpoz

So NOT a modem - but a gateway... Which is why I asked for model...

Yeah its not going to work with one of their shitty gateways. I should of known that as soon as you said rent - they don't rent modems any more, only gateway.. Back in the day they just gave you a modem..

Get yourself a MODEM.. and then an AP and save yourself some money in the long vs paying them rent for the hardware.

Or - just use HE for ipv6... But you still going to have issues with your wifi stuff off their gateway and then stuff behind pfsense.

If your going to use pfsense - all you want is modem.. Get a docsis 3.1, maybe even one the new ones with 2.5gbps interfaces to future proof yourself when you want over 1gig internet.

How much are they raping you on rent? $10 a month.. Depending on what you get you could break even on the rent in a year or so and then anything after that is just saved money..

JKnott

@johnpoz said in Enabling IPv6 on Comcast home network:

So NOT a modem - but a gateway... Which is why I asked for model...

Well, the box I got from my ISP can be configured as a modem (in bridged mode) or gateway. What would you call it. It's been a long time since my ISP provided a plain modem. Even back around 2008 or so, it was difficult to get the local phone company to provide a basic ADSL modem. You had to get their gateway and configure it for bridge mode. And that was for business customers.

johnpoz

While yes some gateways can be put into bridge mode - but as he mentioned that kills his wifi. But as soon as he said rent I should of know why it wasn't working is because he was already behind a nat, etc.

If he had just actual modem - would of worked right out of the box pretty much.

I specifically asked right up front

Is there some isp router in front of pfsense? Or just a cable modem - what is the device your plugging pfsense into?

JKnott

@johnpoz said in Enabling IPv6 on Comcast home network:

but as he mentioned that kills his wifi

Mine too. When it's in bridge mode, all I get is the modem function.

johnpoz

@jknott said in Enabling IPv6 on Comcast home network:

all I get is the modem function.

Are you paying the isp for this device? Not sure why I would have a gateway device if all I am going to do is use it in modem mode.. I sure and the hell would not pay any sort of fee or rent to have this device from the ISP when I can buy a perfectly good "modem" that should last 3-5 years.. Way longer than needed to pay for itself vs rental fees to isp.

Just looked current "modem" I get back in sept 2017.. Cost me $110 rounded up... If would of been paying rent I would be at like $460 spent so far.. So looked I saved $350 to date.. Prob get another year out of it if not longer.. Only reason really would change it out is I increased isp speed and needed docsis 3.1. Or if it fails - which it has already paid for itself twice over.