IPv6 Comcast issue



  • Hi,

    I'm attempting to get IPv6 working with my Comcast Business connection.  Based on old threads I've enabled the following options on my WAN interface:

    • IPv6 = DHCPv6

    • Use IPv4 connectivity as parent interface

    • DHCPv6 Prefix Delegation size = 60

    • Send IPv6 prefix hint

    And on my LAN interface, I've set IPv6 to Tracker Interface - WAN.

    I am able to ping ipv6.google.com over IPv6 from the LAN interface of my pfSense box, but I am not able to acquire an IPv6 address on any of my LAN machines.

    Looking in the DHCPv6 Status page, I do not see any prefix delegations listed, which I suspect is the problem.  I've tried the suggestion of deleting the DUID file and renewing my DHCPv6 lease, but that hasn't changed anything.

    Any other suggestions on what I should try?



  • Looking at ifconfig on the pfSense machine, it does look like there a /60 prefix is being used properly on the LAN port, so I'm confused as to what's going wrong…

    
    igb1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
    	options=6400bb <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,jumbo_mtu,vlan_hwcsum,vlan_hwtso,rxcsum_ipv6,txcsum_ipv6>ether 00:08:a2:0a:b0:e3
    	hwaddr 00:08:a2:0a:b0:e3
    	inet 10.0.1.1 netmask 0xffff0000 broadcast 10.0.255.255
    	inet6 2601:646:8a00:600:208:a2ff:fe0a:b0e3 prefixlen 60
    	inet6 fe80::1:1%igb1 prefixlen 64 scopeid 0x2
    	nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (1000baseT <full-duplex>)
    	status: active</full-duplex></performnud,auto_linklocal></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,jumbo_mtu,vlan_hwcsum,vlan_hwtso,rxcsum_ipv6,txcsum_ipv6></up,broadcast,running,simplex,multicast> 
    


  • That's not correct, you should be getting a /64 on your LAN. You are delegated a /60 but you are expected to break it down to 16  different /64s for your LAN type networks meaning each of the LANs should have their own separate /64.



  • Any pointers as to how that could happen?  That's just the output I got from ifconfig on the pfSense box…



  • @resistor:

    Any pointers as to how that could happen?  That's just the output I got from ifconfig on the pfSense box…

    On the Interfaces > LAN tab, ensure you have the WAN set for Track IPv6 Interface.  You can also select which of the /64 blocks to use with the IPv6 Prefix ID.  The default is 0, but you can select any available.



  • Before you changed the prefix length setting to 60, did you previously connect with it set to 64? If so, you'll need to delete the DUID file and release/renew the WAN interface so a new DUID is presented to Comcast's DHCPv6 servers. Otherwise Comcast's server will continue to provide you with a /64, since that's what it originally leased to your box. That might explain the inability to connect from the LAN, because pfSense isn't receiving the IP address block it's expecting.



  • @JKnott:

    On the Interfaces > LAN tab, ensure you have the WAN set for Track IPv6 Interface.  You can also select which of the /64 blocks to use with the IPv6 Prefix ID.  The default is 0, but you can select any available.

    As I mentioned in the original post, the LAN IPv6 is set to "Track Interface - WAN".  The prefix is set to 0.



  • @virgiliomi:

    Before you changed the prefix length setting to 60, did you previously connect with it set to 64? If so, you'll need to delete the DUID file and release/renew the WAN interface so a new DUID is presented to Comcast's DHCPv6 servers. Otherwise Comcast's server will continue to provide you with a /64, since that's what it originally leased to your box. That might explain the inability to connect from the LAN, because pfSense isn't receiving the IP address block it's expecting.

    I did initially connect with a prefix length of 64.  I've tried erasing the DUID and release/renewing (see first post) but it hasn't changed anything.



  • I have IPV6 working with Comcast Business in pfSense.

    Try setting DHCPv6 Prefix Delegation size = /56. My recollection is that I couldn't get it to work until I set that value. I got that from a post on how to configure pfSense for Comcast Business, but can't remember where I saw it. I don't think it was here.

    Also, I don't have use IPV4 connectivity as parent interface checked, but I'm not sure that makes any difference.