IPv6 Comcast not working - overlapping v6 prefix delegation subnets?
-
Odd, I can request a /60 from Comcast just fine and I end up with different /64 prefixes (all subsets of the /60) on each internal interface, so it doesn't seem to be a general problem with the prefix delegation code. Do you get your v4 connectivity through PPPoE by any chance?
-
Yeah, might be something screwy with my ISP requesting anything larger than a /64 that it gives me a /60 on every interface. IPv6 addresses all look good (no private IPv6 addreses) but its still not routing or handing out IPs
No PPPoE here, cable modem connection with native IPv6.
-
SLAAC doesn't work with anything but /64's, so I'm not surprised the clients wouldn't know what to do if you advertise a /60 to them.
-
This is with Track Interface though, or am I missing something? I know quite a bit about networking but I'm still trying to grasp this IPv6 and its terminology.
-
Yeah, I don't understand why that seems to end up advertising the whole prefix on the internal interfaces for some; just pointing out that it's not unexpected that clients wouldn't be able to get an IPv6 address when that happens.
-
Reverted back to DHCP6 on WAN with a /64 Prefix Delegation Size, and Track Interface on LAN.
This is the only way I can get IPv6 to work albeit just on the LAN. Any other method either doesnt give out IPv6 addresses or causes workstations to fail the IPv6 test sites.
-
Thanks razzfazz, I will keep ya'll posted over the next few days and let you know what happens.
Okay, so I wanted to check and see if the lease times were decrementing for each of the prefix advertisements (/60 vs. /64) comparing the 10/4 capture to one from 10/6 (today).
-
ipv6-comcast-20131004.cap (packets 38-40)
-
/60 Prefix Advertisement (packet 39)
-
Preference: 0
-
Preferred lease time (pltime): 345600
-
Valid lease time (vltime): 345600
-
/64 Prefix Advertisement (packet 40)
-
Preference: 255
-
preferred lease time (pltime): 345385
-
valid lease time (vltime): 345385
-
ipv6-comcast-20131006.cap (packets 98-100)
-
/60 Prefix Advertisement (packet 99)
-
Preference: 0
-
Preferred lease time (pltime): 345600
-
Valid lease time (vltime): 345600
-
/64 Prefix Advertisement (packet 100)
-
Preference: 255
-
preferred lease time (pltime): 174315
-
valid lease time (vltime): 174315
So, it does look like the /64 lease will eventually expire in about 48 hours. Hopefully that will trigger the /60 offer to take effect.
-
-
Okay, so it looks like my leases have expired, I am getting a new address on the WAN interface (/128), but still nothing on the backend. I do see these error messages in the System Logs though:
Oct 8 15:31:15 dhcp6c[72315]: client6_recvadvert: XID mismatch Oct 8 15:31:15 dhcp6c[72315]: client6_recvadvert: XID mismatch Oct 8 15:29:14 dhcp6c[72315]: client6_recvadvert: XID mismatch Oct 8 15:29:14 dhcp6c[72315]: client6_recvadvert: XID mismatchIn this capture from today, I can see the pltime/vltime have reset in packets 70-72–the /60 offer is valid for 345600 with preference 00 and the /64 is valid for 329817 with preference 255. To me, it seems like this is still broken, though I can't tell if it's Comcast handing out bad leases or pfSense not picking the right one--perhaps it's got something to do with the XID mismatch above as well?
-
I've been struggling with the same problem as ahnhell for the last few days and finally got it working. I'm on TWC also and was able to get it to work by selecting the send prefix hint option and setting the prefix size to 64. I've verified that when I select 60 as the prefix size, I get a/56 which results in /60's for my LAN and dmz interfaces. I checked and pfsense is setting the prefix as "::/64 infinity" in dhcp6c_wan.cfg.
Am I misunderstanding how this is supposed to be configured or is TWC's implementation wrong?
-
It's just a hint, so at the end of the day, they can do whatever they want with it (including ignoring it completely); that said, that behavior does seem odd. What size prefix do they give you when you uncheck "send hint"?
-
So, I spoke too soon - that's what I get for trying to test from my iPhone. But it does look like selecting a prefix of /56 will work. I will do more testing to verify.
If I don't send a hint I get a /64.
Edit: I've done further testing and verified that when I request a /56 that is what I receive. So this config seems to work (at least with TWC.)
I guess the problem is when pfSense is configured to request a /60 the sla-len in the pd options is set to 4. But when a /56 is received instead of the expected /60 each interface is configured with a /60 and stateless autoconfig won't work with this. Hope this helps someone else.
-
Edit: I've done further testing and verified that when I request a /56 that is what I receive. So this config seems to work (at least with TWC.)
I've tried sending the /56 as the hint, and it's still not working. Haven't had a chance to look at a packet capture yet, but I may end up having to call Comcast, which isn't really my first choice, but I don't know what else to try.
-
Sorry guys just saw this post. I had posted about this weeks ago in another thread. This is only for Comcast as far as I know, but if you live in the north east right now the CMTS's are not setup to deal with a prefix any larger/smaller than /64. See http://forum.pfsense.org/index.php/topic,65724.15.html
Below is a link if you private message the OP of the forum he can tell you if this feature is supported yet in your area. He will need the CMAC of your cable modem. DON'T POST YOUR CMAC IN THE PUBLIC.
-
I've tried sending the /56 as the hint, and it's still not working. Haven't had a chance to look at a packet capture yet, but I may end up having to call Comcast, which isn't really my first choice, but I don't know what else to try.
Did you try changing the MAC address on the WAN interface?
-
I've tried sending the /56 as the hint, and it's still not working.
Also, this will definitely not work on Comcast; as far as I know, the shortest prefix they'll hand out is a /60.
-
Finally found success, thanks to Kolinger's statements. I've been requesting a /60 trying to get this to work to no end.
Requested a /56 on WAN with DHCP6, and then setup the other interfaces for Track Interface. When selecting Track Interface, I then hit Save, and once the page refreshes, I then enter the Prefix ID, hit Save again and then Apply Changes. Then did the same for my other interfaces, then rebooted.
Once rebooted I got a proper /128 for WAN and a /64 for each of my other interfaces using the proper Prefix ID on each interface. In the screen below you can see I used 1d for LAN, 2e for WLAN, and 3f for DMZ as Prefix ID's. Any computer connected to these interfaces gets a proper IPv6 address within the correct /64 prefix ID that was setup.
Ran a test at http://test-ipv6.com and got a 10/10 using a PC behind each interface so all is working now. ;D
 -
Below is a link if you private message the OP of the forum he can tell you if this feature is supported yet in your area. He will need the CMAC of your cable modem. DON'T POST YOUR CMAC IN THE PUBLIC.
I went ahead and posted a question in the Comcast forum.
Did you try changing the MAC address on the WAN interface?
No, I'd rather not do that unless I absolutely have to–it should just work.
-
Back to IPv4 unfortunately. Every 48 hours I was losing my WAN connection, I assume during the DHCP renew and the cable modem would show loss of sync in its log files. Back to IPv4 and my connection is back to rock solid.
-
Back to IPv4 unfortunately. Every 48 hours I was losing my WAN connection, …..
Everything or did you just loose the IPv6 addressing?
If you are loosing the IPv6 addressing, uncheck "Block bogon networks" under the WAN interface configuration. It's a known IPv6 DHCP-PD killer.
-
I'm losing everything, IPv4 and IPv6 addresses which requires a reboot to get back online.
