[solved] Comcast xfinity: asking for /64, getting /128, help!



  • Hello pfSense,

    I live in Boston and have Comcast xfinity HSI. Not Business Class, in case it makes a difference. I am able to get an IPv6 address via DHCPv6, which is great. But despite asking for a /64, I'm getting a single address (/128) on my WAN interface. I have "Track Interface" turned on for my LAN interface, but it doesn't get the prefix delegated to it.

    Would someone here be kind enough to look at my configuration screenshots and let me know what I'm doing wrong?

    vr1/WAN Config

    vr0/LAN Config

    I think I have everything configured right. I've also tried all the possible permutations of the options in the WAN "DHCP6 client configuration" section, to no avail. Thanks for any help you can provide.
    -sam



  • Getting a /128 on the WAN interface is perfectly normal, and completely unrelated to prefix delegation; that just determines what you get for your LAN interfaces. Your WAN and LAN settings look correct (although you can request a prefix delegation size of up to /60 in case you want to support multiple LANs). Your screenshot for the LAN interface is cut off before the part that matters; does it not get an IPv6 address other than the link-local one? I'm on Xfinity as well, and I typically get 2001:558:…/128 on the WAN and 2601:9:.../60 for delegation to my LANs (note that this prefix never shows up on the WAN interface at all).



  • Thanks for getting back to me so quickly. I managed to tell my pfSense box to disconnect itself from the internet, so I'm going to have to wait until I get home tonight to check on whether my LAN interface gets any IPv6 address other than the link-local one. I'm pretty sure it wasn't, but maybe I was missing something right under my nose. Sorry for the delay; I should have something for you by tomorrow.



  • OK, quick update. Previously, the LAN interface was not getting anything but the link-local IPv6 address, but after a reboot, it's now getting a /64. Machines on my LAN are also now getting addresses within that /64, so this issues seems to be resolved. Thanks again.