Comcast and ipv6
-
I feel silly for posting this, but I want to make sure I have my information correct before I reach out to Comcast.
I think my line has ipv6 turned off.
I have pfsense 2.5.4-p1 running on a Dell p210ii for probably 5 years now. Modem is a Moto MB8600. Everything works great and I used to have ipv6 working, but noticed the router is no longer pulling a ipv6 from the modem and no ipv6 DNS entries are shown.
I had everything set as using dhcpv6, /64 subnet, send prefix hint, request v6 prefix thru v4 interface and track changes on the lan.
Modem reboots do not solve this. Nothing I seem to change in pfsense helps either.
I have not directly connected to the modem yet (will try that next since they will ask), but is it me or does it seem that ipv6 is turned off on there end?
Thanks!
-
Try requesting a /60 from Comcast in your WAN settings instead. I don't think they'd pull IPv6 from a node... it's a rather critical part of their network these days since their cable boxes use it for communication too (in a separate IPv6 address range than internet service is provided over).
-
@virgiliomi When I set it up a second time, I had changed to a /60.
I thought a /64 was silly. I have the prefix ID set to 1.
For ipv6 config type in the LAN, I have it set to "Track Interface".
-
@slk2k said in Comcast and ipv6:
I thought a /64 was silly. I have the prefix ID set to 1.
With a /60, your prefix choices are 0 - f.
-
@jknott Are you saying on a /60, I should use 0 for my prefix ID?
-
You can use whatever you want. I have a /56, so my prefix range is 0 - ff. I use 0 for my main LAN, 3 for my guest WiFi, 4 for a test LAN and ff for OpenVPN. I use the matching 3rd octet for IPv4 in the 172.16.0.0 range. The guest WiFi also uses VLAN 3, so all the numbers match up. So, you may also use similar considerations when choosing the prefix(es) you use.
-
@jknott For some reason I thought a /60 is 0-f (so 16). I really do not have a clue what comcast offers for residential ipv6. It's changed a few times over the years (I recall /56 in the early days). I believe business gets a /56. Since I had tried to use 0 before (and had problems), i moved over to 1.
Thanks!
-
Does Comcast have a user forum? My ISP (Rogers) does, where there's a lot of useful info and help. Yes, a /60 is 16 addresses. I don't know what Comcast offers, but you can select anything up to the maximum size. So, if they offer /56, you can choose a /60 and it should work fine.
-
@jknott They do offer a user forum, the details in there are inconsistent at best and wrong most of the time (too much user to user information that is incorrect). I'll try and fire off a post over there and see if I can get lucky
-
@slk2k comdcast only supports /64 on residentials. If you have more than one internal subnet pulling ipv6 then you will not get any ipv6 at all. I also have mine setup as follows
WAN:
everything unchecked. I am asking for a /64.The only internal subnet i have ipv6 enabled on is my internal one for my workstations. All other subnets have ipv6 OFF.
Once i did this i started getting ipv6 addresses again. Business class you can ask for a much much larger allocation.
-
@hescominsoon Thanks for the info - this is a classic example of the (lack of) information from Comcast on this. Years ago it was a /56 for everyone, then I heard /64 (as you have done it) and then a /60 (as I have it set up). Maybe I will go post something over in the comcast support channels on dslreports and get a networking person to respond and get the exact info.
Thank you again for sharing your config!
-
@slk2k I am a Comcast partner in my area of Maryland...i had to talk to lvl2 support to get this information. Ironically enough different Comcast regions sometimes do things a bit differently. Try my settings and let me know if it works in your area..:)
-
@hescominsoon said in Comcast and ipv6:
comdcast only supports /64 on residentials.
Why are they so stingy? There are enough global unique addresses available to give every single person on earth over 4000 /48s! Many other ISPs provide a /56 and some /48.
-
@jknott I have a client with Comcast in WA. They have residential service. I turned on the dhcp debug, and was able to see the prefix and /60. It has been consistent and stable. The hardest part is the lack of information on Comcast ipv6 in any of their forums. I get the best information from reading in this forum.
-
Even a /60 is d*mn cheap. I used to use a tunnel that provided a /56 which cost me nothing and Hurricane Electric provides a /48 tunnel, again for free.
-
@rdunkle said in Comcast and ipv6:
@jknott I have a client with Comcast in WA. They have residential service. I turned on the dhcp debug, and was able to see the prefix and /60. It has been consistent and stable. The hardest part is the lack of information on Comcast ipv6 in any of their forums. I get the best information from reading in this forum.
Same!
I do have a question that maybe you can answer - is the ipv6 gateway on the pfsense status "Unknown" and a Link Local Address? Just trying to compare configs to make sure I have it the way comcast needs it.
Thanks!
-
@slk2k my gateway on my machine is the link local gateway on the pfsense:
Default Gateway . . . . . . . . . : fe80::1:1%4Doing a trace however works fine..so I do not worry about digging deeper..:)
tracert etc-md.comTracing route to etc-md.com [2604:4100:2:7:223:aeff:fefd:f06c]
over a maximum of 30 hops:1 <1 ms <1 ms <1 ms 2601:142:8200:29c2:217:54ff:fe02:69bb
2 7 ms 7 ms 7 ms 2001:558:4061:8::1
3 9 ms 7 ms 18 ms 2001:558:2f2:122::1
4 18 ms 14 ms 10 ms 2001:558:340:203f::1
5 10 ms 9 ms 9 ms te-9-4-ur01.potomac.md.bad.comcast.net [2001:558:340:209::2]
6 14 ms 12 ms 13 ms 2001:558:340:449::2
7 15 ms 15 ms 14 ms 2001:558:340:802d::2
8 15 ms 15 ms 23 ms 2001:558:340:283d::2
9 15 ms 16 ms 22 ms 2001:559:7bd::b6
10 15 ms 17 ms 15 ms 2604:4100:2:7:223:aeff:fefd:f06cStatus
up
DHCP
up Relinquish Lease
MAC Address
00:17:54:02:69:b5
IPv4 Address
76.100.142.***
Subnet mask IPv4
255.255.252.0
Gateway IPv4
76.100.140.1
IPv6 Link Local
fe80::217:54ff:fe02:69b5%em0
IPv6 Address
2001:558:6003:8:94c0:2197:589b:****
Subnet mask IPv6
128
Gateway IPv6
fe80::201:5cff:fe86:a446
DNS servers
127.0.0.1
9.9.9.9
149.112.112.112
2620:fe::fe
2620:fe::9
MTU
1500
Media
1000baseT <full-duplex>
In/out packets
274242494/112687333 (346.09 GiB/34.46 GiB)
In/out packets (pass)
274242494/112687333 (346.09 GiB/34.46 GiB)
In/out packets (block)
27401/2 (1.54 MiB/140 B)
In/out errors
0/0
CollisionsHere's my internal interface:
IPv4 Address
192.168.255.1
Subnet mask IPv4
255.255.255.0
IPv6 Link Local
fe80::1:1%em1.10
IPv6 Address
2601:142:8200:29c2:217:54ff:fe02:****
Subnet mask IPv6
64
MTU
1500
Media
1000baseT <full-duplex>
In/out packets
106112688/248294854 (33.64 GiB/314.61 GiB)
In/out packets (pass)
106112688/248294854 (33.64 GiB/314.61 GiB)
In/out packets (block)
8092/0 (839 KiB/0 B)
In/out errors
0/0
Collisions
0Then my computer addy on internal network:
Connection-specific DNS Suffix . : etc.local
Description . . . . . . . . . . . : Realtek PCIe GbE Family Controller #2
Physical Address. . . . . . . . . : 30-9C-23-AB-8A-8E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2601:142:8200:29c2:8d28:a236:7d38:**** (Preferred)
Temporary IPv6 Address. . . . . . : 2601:142:8200:29c2:d181:ed2b:4b0e:**** (Preferred)
Link-local IPv6 Address . . . . . : fe80::8d28:a236:7d38:**** (Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.255.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, December 14, 2020 8:02:23 AM
Lease Expires . . . . . . . . . . : Monday, December 14, 2020 3:02:23 PM
Default Gateway . . . . . . . . . : fe80::1:1%4
192.168.255.1
DHCP Server . . . . . . . . . . . : 192.168.255.1
DHCPv6 IAID . . . . . . . . . . . : 254843939
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-26-F3-51-93-30-9C-23-AB-8A-8E
DNS Servers . . . . . . . . . . . : 192.168.255.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Connection-specific DNS Suffix Search List :
etc.local -
@slk2k said in Comcast and ipv6:
is the ipv6 gateway on the pfsense status "Unknown" and a Link Local Address?
I assume you're referring to the WAN address, when you say unknown. With IPv6, the link local address is often used and a routeable WAN address is actually not needed. Even when there is one, it's probably not being used for routing.
-
@jknott It is the WAN Gateway I was asking about. I understand how it's used. Just the OCD in me to see something not green on the status page! I know that pfsense will use the ipv4 interface to determine next hop vales for the monitoring stats.
-
I don't have monitoring enabled. Is there some reason you do? You could disable monitoring IPv6 if that status bothers you. Also, what are you using for the monitor IP? It has to be some working address.
