How does IPv6 negotiation over IPv4's PPPoE work?

senseivita

I'm curious about how does it work, what protocol uses and all that.

My ISP actually needs that and once a very long time ago when I was still on ADSL2+ I had to use their combo monstrosity thing they lend you as a router and in the logs I read IP-in-IP. I read about but (besides rather boring encapsulation protocol) it doesn't seem to fit because of MTU and latency. I still use a packet size of 1492 even if I'm basically over Ethernet on the public side. :/

Since then I was migrated to VDSL2 then fiber but I'm still using PPPoE to connect and I get a dynamic routed /64 (that I don't use bc I have a static /48 from Hurricane Electric ) and to this day I still have to check IPv6 will use the IPv4 connectivity link (PPPoE) for it to be brought up.

If I were the other side, what would I need to provide this? Can pfSense be the server as well?? It does have a PPPoE server… Is it real native IPv6 at all? I've tried those test sites and they tell me I am connected from native IPv6 and pinpoint my location and latency is MUCH lower than IPv4's (like 1/40th of IPv4's latency) but he whole "use … IPv4" wording throws me.

Any info would be awesome. I'm not trying to fix, create or setup anything, I'm just trying to learn new old things.. :)

Hikari

I'd like to know that too.

On OpenWRT, it creates a virtual (3rd) interface for IPv6 when link uses PPPoE. It's very odd.

JKnott

@skilledinept

PPPoE is still PPP and is capable of carrying a variety of protocols, not just IPv4. Your question is comparable to asking if Ethernet can carry IPv6.

Hikari

lol I'm not asking if it's capable of doing it, I know it is. I'm asking how pfSense manages it, if it also creates a virtual third interface for it.

JKnott

@Hikari said in How does IPv6 negotiation over IPv4's PPPoE work?:

On OpenWRT, it creates a virtual (3rd) interface for IPv6 when link uses PPPoE. It's very odd.

Perhaps it was using a tunnel. I used a 6in4 tunnel before my ISP provided native IPv6 and that resulted in another interface.

JKnott

@JKnott

Come to think of it, that 3rd interface may have been the PPPoE adapter. Was OpenWRT configured to work directly over PPPoE? Or did the modem provide plain Ethernet to it?

Hikari

I think it's how it handles IPv4+IPv6 over PPPoE.

All I have on /etc/conf/network is

config interface 'wan'
        option ifname 'eth0.2'
        option proto 'pppoe'
        option username 'cliente@cliente'
        option password 'cliente'
        option ipv6 'auto'
        option delegate '0'
        option metric '10'

config device 'wan_dev'
        option name 'eth0.2'
        option macaddr '80:2a:a8:5d:79:d8'

config interface 'wan6'
        option ifname '@wan'
        option proto 'dhcpv6'
        option reqaddress 'try'
        option peerdns '0'
        option metric '20'
        option reqprefix '56'

As it's on config, wan6 is an alias for wan. It creates a wan_6 which is called pppoe-wan and has same IPv6. wan has a fe80:: prefix.

It creates a whole lot of issues, because some softwares need to reference eth0.2 or eth0.3, other softwares need to use wan or wanb. Then I need to figure to use wan6 or wan_6 or pppoe-wan and nothing works.

How does pfSense handle it?

Gertjan

Me too ;)

Some PPPoE/ADSL and VDSL these days.
I have to use the ISP router because their VDSL is not something that is defined in a RFC.
Also, they offer a single /64, so my ISP accepts multiple devices but not multiple LAN's which needs more then 1 /64 : the IPv6 from my ISP is useless for me.

I'm also a happy Hurricane user for years now although their bandwidth is lower as my native IPv4. Not a real issue, as it is free.

senseivita

I don't think it tunneled, IPv6 has more meta and taking into account the encapsulation in IPv4 is doesn't add up. At the end of the day tunnels are that repackaged packets not side channels.

This drives me nuts though:

In the left side parent interface suggests that it is indeed encapsulated then you don't even need to move you eyes to find its contradiction, keyword would be information as in control channel like a ton of protocols have, and when they do there's a data path somewhere in the vicinity. It's reminds me a lot to a an IPsec Phase1.

pfSense has a PPPoE server, in the Advanced section there's something about IPv6 in IPv4 too, but it's the client side and I think that's 6to4 not native IPv6 like my ISP claims it delivers. Does it come in a package maybe? (the server side IPv6 via IPv4-PPPoE)

After reading your answers now I want to setup a lab to try it, but there's still that missing part of what does "over the IPv4 connectivity link" means.

Thanks, and, if you remember something else you worked with regardless if not really related please share! :)

––––––––––––––––––
BTW, did you guys know that there are special switches for PPPoE? It's PPPoEoE, not kidding. I found about this while trying to learn more about it and because back when I had the 4DSLs, pfSense would only connect 3 when I tried to deliver them over VLANs, like a router-in-a-stick approach. This is because PPPoE lands somewhere between L2 and L3, something like that, the only info I could find was from Cisco who apparently is the only manufacturer of these as well, big surprise. I had to get a Cisco partner or associate or some nonsense of a title/name they have for idiot that pays for the "privilege" of being able to pay more in the future just to find the little I know about this, they might be even charging me IDK. I think they don't. That's messed up: you're a customer but if they need to give you a title wouldn't that make you like an employee too? A payedpaying employee?!

JKnott

@skilledinept said in How does IPv6 negotiation over IPv4's PPPoE work?:

BTW, did you guys know that there are special switches for PPPoE? It's PPPoEoE, not kidding.

Are you sure about that? I just Googled on PPPoEoE and not a single hit, other than to plain PPPoE. PPPoE is an implementation of PPP over Ethernet. In the past, we had PPP over serial port, for use with modems and ISDN. I have also configured it over fractional T1. PPP is just a way of carrying various protocols over a serial connection. For PPPoEoE to be a thing, it would have to include Ethernet over Ethernet. Well, that sounds like VLANs, MPLS or shortest path first, where an extra header is added to an Ethernet frame.

Hikari

Nobody today will provide paying service on a server hosted on residential link. ISPs should just drop these stuff and provide static addresses and prefixes for everybody.

JKnott

@Hikari

My IPv4 address changes so seldom it's virutally static and the host name, based on modem and router MAC addresses changes only when I changed hardware. My IPv6 prefix is rock solid. It even survived a recent WAN NIC change, unlike the IPv4 address and host name.

senseivita

@JKnott

I'm seriously not kidding, I thought it was silly too, here's from Wikipedia:

"For example, PPPoEoE, when the transport is Ethernet itself, as in the case of Metro Ethernet networks. (In this notation, the original use of PPPoE would be labeled PPPoEoA, although it should not be confused with PPPoA, which is a different encapsulation protocol.)"

It's in the first section. I saw it first on one of these Cisco Academy sites, for the CCNA and all the other CC-something tests they do.

That *oA thing was a staple in the xDSL modems, ATM. It's supposed to be super old but still held up until recently even competing with fiber. There was something that made it good for huge deployments, like an ISP's DSL infra but I forgot what it was.

@Hikari you're right, when my connection happens to drop, which is when I restart the firewall every leap year, sometimes I'd get it back. The IPv4 one, the IPv6 block is so large I can't memorize further than the first two digits, "28", considering they hand a /64 I'm still 14 digits short.

To check I'd have to go to one of these IPv6 test sites bc the firewall reports only a link-local address. Thanks but I'll pass, I'm fine too with the /48 from Hurricane Electric, even if it's got slightly higher ping time. 2ms is nothing anyway.

senseivita

"PPPoEoE is a variant of PPPoE where the Layer 2 transport protocol is now Ethernet or 802.1q VLAN
instead of ATM. This encapsulation method is generally found in Metro Ethernet or Ethernet digital
subscriber line access multiplexer (DSLAM) environments. The common deployment model is that this
encapsulation method is typically found in multi-tenant buildings or hotels. By delivering Ethernet to
the subscriber, the available bandwidth is much more abundant and the ease of further service delivery
is increased."

Understanding Broadband Access Aggregation (year 2005, ouch)
https://www.cisco.com/en/US/docs/ios/bbdsl/configuration/guide/bba_understanding.pdf

Catalyst 4500 Series Switch Software Configuration Guide, 12.2(54)SG
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/54sg/configuration/guide/config/PPPoE.html

I'm such a huge nerd that this gets me excited. I blame pfSense though, before I switched to it a few years ago three tops (the ugly red UI was already gone), I couldn't care less about networking...maybe VPNs for region blocks but that's it.

JKnott

@skilledinept said in How does IPv6 negotiation over IPv4's PPPoE work?:

"For example, PPPoEoE, when the transport is Ethernet itself, as in the case of Metro Ethernet networks. (In this notation, the original use of PPPoE would be labeled PPPoEoA, although it should not be confused with PPPoA, which is a different encapsulation protocol.)"

As one who has worked with providing fibre connections to businesses and data centres, I can tell you that would be either VLANs or MPLS. I have worked with VLAN on VLAN (QinQ) many times, though not MPLS.

The difference between PPPoE & PPPoA is the underlying tech. Many years ago, the phone companies had the big idea that ATM would take over the world, but IP beat them to it. ATM was part of the synchronous telecom network, but even that network is disappearing. BTW, I spent many years working for a major telecom company and in the last 5 years there, my job was planning the installation of telecom equipment in the central office and customer sites, so I have an excellent understanding of the various technologies.

While Wikipedia is an excellent reference, it's not infallible. There have been a few times when I have provided corrections to it.

JKnott

@skilledinept

I'm the opposite. Almost my entire career has been about telecom, computers and networks. I spent 23 years at a telecom company, 17.5 as a tech and 5.5 in planning. I was also doing software support at IBM for almost 4 years. Over the years, I have worked with a wide variety of technology, some long obsolete, and always trying to learn more.

Hikari

@skilledinept said in How does IPv6 negotiation over IPv4's PPPoE work?:

@Hikari you're right, when my connection happens to drop, which is when I restart the firewall every leap year, sometimes I'd get it back. The IPv4 one, the IPv6 block is so large I can't memorize further than the first two digits, "28", considering they hand a /64 I'm still 14 digits short.

Me too. When I got my OpenWRT I was developing a few monitoring tools to help me know when any ISP goes offline and when IP is changed. I wanted to make a report to show how often IP changes.

But my battle with ISPs for proper IPv6 support and lack of knowledge on Bash made me tired and I stopped.

JKnott

@Hikari

Several years ago, when I had an intermittent problem, I wrote a bash script to ping the ISP's gateway and record the failures. There wasn't much to it.

#! /bin/sh
while [ 1 ]
do
ping <target> -4 -c 1 || date >> ~/log;sleep 50
done

This should work with IPv6 as well as IPv4.

Hikari

tnx!

In last few years I'm using a public service that receives an HTTP request and reports if it was received.

What I've been considering is developing a PHP app to receive data on GET request and record on Postgres. Then it's just a matter of querying it and building charts.

I also developed a Bash code that queries SpeedTest and receives some nice data back, I might do the same with it.

I also wish to run it on my server instead of on router and use some failover filter to somehow force each request to pass on specific WAN, so that I can properly test if LAN has connectivity. But it takes a lot of time doing tests of plugging and unplugging WAN cables to assure, and of course learn how to do these filters.

JKnott

@Hikari said in How does IPv6 negotiation over IPv4's PPPoE work?:

I also wish to run it on my server instead of on router

That would rule out using the IPv6 gateway, if it uses a link local address.