Ipv6 comcast
-
On 2.1, amd64 nanobsd
Not sure where to start but, ipv6 is not working.
Ethernet adapter Local Area Connection 2: Connection-specific DNS Suffix . : localdomain Description . . . . . . . . . . . : LAN7500 USB 2.0 to Ethernet 10/100/1000 A dapter Physical Address. . . . . . . . . : 00-0E-C6-89-xx-xx DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::a4db:2673:24xx:xxx%16(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.1.244(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Saturday, November 09, 2013 7:48:00 PM Lease Expires . . . . . . . . . . : Sunday, November 10, 2013 12:48:20 PM Default Gateway . . . . . . . . . : fe80::e291:f5ff:fexx:xxxx%16 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DHCPv6 IAID . . . . . . . . . . . : 38587xxxx DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-D3-0C-CB-C8-xx-00-xx-xx-xxjust put a few x's in there but w/e
Interfaces ->Wan
DHCP6 is set, with a prefix deligation of /60Lan ipv6 is set to track interface, everything else left at defaults.
System->Advanced->Networking ipv6 is checked
Firewall rules lan,
ipv6 Source * , port *, dest *, port *.
No ipv6 connectivity is working though.
With openwrt it works flawlessly though. (Trunk builds)
EDIT: also tried with a /64, and it still doesn't work.
-
Works fine here with Comcast. The only remaining problem is modem resets. IPV6 connectivity is lost upon modem reset and does not recover.
I don't think Comcast has deployed IPV6 universally. Is it available in your area?
-
Yeah it's here. Works fine with openwrt.
It actually used to work on pfsense on some of the testing builds, but only for a few days.
I guess nobody really needs ipv6 but I just kind of want it lol.
-
If you set your delegation size to anything other than /64, make sure you enable "send prefix hint" as Comcast will only give you a /64 otherwise.
-
I'm using a 64 now, rebooted pfsense and the modem.
Still doesn't work.On status->gateways
it shows WAN_DHCP6 and fe80::201:5cff:xxxx:xxxx (i put those x's)
and that looks valid to menot sure why it's not working for the pc's though
-
Comcast recently changed their IPV6 connectivity. Before I was able to use DHCP on WAN, but now I had to twitch it to 6to4 Tunnel. LAN can still be Track Interface.
I found this out when I plugged directly into my modem, and ran ipconfig /all in Windows. It said it was using a 6to4 tunnel for ipv6.
It may take a while for ipv6 connectivity to work on the computers on the network. Despite my router being able to ping ipv6.google.com, my computer wasn't able to load ipv6.google.com. I gave up and tried again a few hours later, without making any changes, and it was working.
-
That is definitely not true for Comcast in general; my native v6 connection continues to work just fine, without any 6to4 tunneling.
-
Yup … Nothing changed here. Comcast native dual-stack IPv6 is working just fine.
-
ditto…
-
IPV6 connectivity is lost upon modem reset and does not recover.
Are you saying if someone unplugs the power cable to their modem, and plugs it back in, it no longer supports ipv6? Can you elaborate? I recently lost ipv6 around the time I got a new IP address after changing the spoofed mac address on my pfsense box.
-
No, that quote was about temporary loss of IPV6 connectivity after a modem reset. Temporary in the sense that a pfSense reboot is required to restore it. It's a known pfSense 2.1 flaw…
-
You guys were right, I tried multiple settings with WAN IPV6 until I just unchecked everything under DHCP v6 client configuration. Now it works fully. I don't know what changed, but before I could request just the prefix.
-
I am having this same issue. I have tried every combo I can think of and still cannot get an IPv6 address on the LAN side. I get a WAN ipv6 address and can ping from the pfsense box to the Netgear IP and to the outside world.
Any ideas??
-
I am on Comcast as well and they support IPv6. I too have problems getting it to work correctly so disabled it for now. Is this something by region? I am Northern California region area if that makes any difference?
What I did not like if I allow each device to be assigned IPv6 that can be seen on the internet by disabling the DHCP v6 for the LAN. Granted each device have it's own firewall but I rather this be NAT'D same way as IPv4. This been long discussed on various websites about this.
Any thoughts?
-
I found that block bogon network was breaking my IPV6 on comcast. It was blocking the dhcpv6 replies from getting to the router.
Darkk, your machines having public IPV6 addresses is how IPV6 is supposed to work. That's the entire point. But they are still firewalled by pfsense, you do not need NAT to have firewalling.
Incoming connections to ipv6 addresses behind your pfsense firewall will be blocked by pfsense, you still have to open the ports you need. But now because you're free of nat, you don't have the previous limitations of one service per port on your single wan IP. You can open port 80 for a webserver for example on several different servers, and because they each have public IPV6 addresses, those rules don't overlap.
Being free of NAT is wonderful.
-
I found that block bogon network was breaking my IPV6 on comcast. It was blocking the dhcpv6 replies from getting to the router.
Same here.
-
What I did not like if I allow each device to be assigned IPv6 that can be seen on the internet by disabling the DHCP v6 for the LAN. Granted each device have it's own firewall but I rather this be NAT'D same way as IPv4. This been long discussed on various websites about this.
Any reasonably modern device should support IPv6 privacy extensions, and will use a random temporary address (that also changes over time) for any outbound communication, not the SLAAC-assigned one that's derived from its MAC address. This provides effectively provides the same degree of privacy as NAT in IPv4, except that instead of seeing connections from a bunch of different ports on a single dynamically assigned IP, the outside world now sees connections from a bunch of random addresses in a dynamically allocated prefix.
-
Any reasonably modern device should support IPv6 privacy extensions, and will use a random temporary address (that also changes over time) for any outbound communication, not the SLAAC-assigned one that's derived from its MAC address.
Unfortunately this renders any per host bandwidth controls available using dummynet pipes unusable. In many ways I've found IPV6 less flexible (useful) than IPV4.
-
Any plans for patches to fix ipv6? I tried unblocking bogon, still no go.
-
Any reasonably modern device should support IPv6 privacy extensions, and will use a random temporary address (that also changes over time) for any outbound communication, not the SLAAC-assigned one that's derived from its MAC address.
Unfortunately this renders any per host bandwidth controls available using dummynet pipes unusable. In many ways I've found IPV6 less flexible (useful) than IPV4.
I'm not familiar with dummynet, but from a general networking perspective if your router that's limiting bandwidth is on the same lan as the device you want to limit you can see it's mac address and should be able to use that for unique host identification and control.
