dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
18478
share rss forum feed


NetDog
Premium,VIP
join:2002-03-04
Parker, CO
kudos:79
reply to Siobhan

Re: [IPv6] Comcast IPv6 Address Assignment/Delegation

said by Siobhan:

A /60 would be really nice, but even better would be any IPv6 address space from Comcast instead of still having to tunnel to he.net.

Happy new year, Comcast IPv6 team! Any updates on when us poor Cisco-CMTS people will be getting our dual-stack?

If you want a CMTS to test it out, I recommend starting with ten01.strack.tx.houston...

Really close, we have some Cisco CMTS's testing in the field now..


EG
The wings of love
Premium
join:2006-11-18
Union, NJ
kudos:10
reply to NetDog
said by NetDog:

EG.. I pinged you on this one.. If you request anything smaller then a /64 you could have issues..

Got it. Thank you sir !


camper
Premium
join:2010-03-21
Bethel, CT
kudos:1
Reviews:
·Comcast
reply to jjmb
said by jjmb:

I run the IPv6 program at Comcast and can answer your questions.... [a bunch of excellent info snipped]

 
jjmb, many thanks for your informative answer.


NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
reply to NetDog
said by NetDog:

said by NetFixer:

said by graysonf:

They will supply /60 to LAN on routers that will take it. See:

»Re: [IPv6] Comcast IPv6 Address Assignment/Delegation

Enabling the IPv6 firewall is the only thing that changed on my side. The rest of the DIR655's IPv6 setup is the same, and the firmware is the same. Fortunately, I don't need (and wasn't depending on) the /60 assignment; but if I had been using it, I would have been pissed that something as simple (and normal) as enabling the IPv6 firewall would cause such a major change in my IPv6 addressing.

This is not a Comcast issue but a router issue, if your router doesn't support more then one LAN or network behind the WAN why would you need more then one /64?

My home router is a 3845, I have 5 LAN's off of it so yes I would request a /61 so I can enabled all my LAN's for native IPv6.

So the next question is why would I ask for a /60 (16 networks) when I don't need a /60 but a /61 (8 networks). This is just me but I would only ask for that I need..

/60 (16 Network)
/61 (8 Network)
/62 (4 Network)
/63 (2 Network)
/64 (1 Network)

It would seem to me to be a Comcast issue when the router does support multiple IPv6 networks (I previously tested with my guest network behind it), and it used to get the /60 allocation but now it does not get it.

Comcast definitely used to supply the requested /60, but that suddenly stopped, and that is illustrated in the screen shots I previously posted. It is perhaps a total coincidence, but it happened after /60 vs /64 allocations were initially discussed in this forum in which I posted that I was getting a /60 assignment.

I had initially thought that perhaps enabling the IPv6 firewall in the router had caused this change, but I have since temporarily disabled the IPv6 firewall and rebooted the router, but I still only got the /64.

FWIW, "I" wasn't explicitly requesting a /60 allocation, the router was just getting it by default (I only have the option to enable/disable DHCP-PD). I don't currently need it (since I have a business class "c05" config file, my guest network can have its own totally isolated IPv4 and /64 IPv6 network), but I just thought that it was interesting that I used to automatically get the /60 allocation, but suddenly that stopped (for no reason that is apparent to me).
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.


NetDog
Premium,VIP
join:2002-03-04
Parker, CO
kudos:79
said by NetFixer:

It would seem to me to be a Comcast issue when the router does support multiple IPv6 networks (I previously tested with my guest network behind it), and it used to get the /60 allocation but now it does not get it.

Comcast definitely used to supply the requested /60, but that suddenly stopped, and that is illustrated in the screen shots I previously posted. It is perhaps a total coincidence, but it happened after /60 vs /64 allocations were initially discussed in this forum in which I posted that I was getting a /60 assignment.

I PMed you my work email, send me your info like the DUID of your router and cable modem MAC..

But we are accepting anything up to a /60 via DHCP, but the route injection will not work on some CMTS's. I have tested this and I am using it so I know this works and doesn't work in some cases.

My config looks like this:

on My WAN
ipv6 dhcp client pd hint ::/61
ipv6 dhcp client pd prefix-from-Comcast

On my LAN's
ipv6 address prefix-from-Comcast ::1/64

ipv6 address prefix-from-Comcast ::1:0:0:0:1/64

ipv6 address prefix-from-Comcast ::2:0:0:0:1/64

and so on...

bigjoesmith

join:2000-11-21
Peoria, IL

1 recommendation

reply to NetDog
said by NetDog:

said by Siobhan:

A /60 would be really nice, but even better would be any IPv6 address space from Comcast instead of still having to tunnel to he.net.

Happy new year, Comcast IPv6 team! Any updates on when us poor Cisco-CMTS people will be getting our dual-stack?

If you want a CMTS to test it out, I recommend starting with ten01.strack.tx.houston...

Really close, we have some Cisco CMTS's testing in the field now..

I'm glad to hear that the Cisco CMTSs are close. However, I suspect Seattle needs the IPv6 goodness before Houston

AVonGauss
Premium
join:2007-11-01
Boynton Beach, FL
Nah, I'm fairly certain Boynton Beach needs IPv6 before Seattle and Texas. Oh, did I mention its in the 70s out? Maybe the engineers should personally come down and make sure the CMTS is upgraded correctly.


NetDog
Premium,VIP
join:2002-03-04
Parker, CO
kudos:79
said by AVonGauss:

Nah, I'm fairly certain Boynton Beach needs IPv6 before Seattle and Texas. Oh, did I mention its in the 70s out? Maybe the engineers should personally come down and make sure the CMTS is upgraded correctly.

Ok that is funny.. Because in March I will be in Orlando for IETF 86, March 10-15.. Denver Cold.. Orlando Warm.. Oh yes..

AVonGauss
Premium
join:2007-11-01
Boynton Beach, FL
Boynton Beach, two hours south of Orlando - 45 minutes north of Miami - and one very neglected Cisco CMTS needing attention. It doesn't even have upstream bonding yet, it might take a week on-site to get in to shape - or at least that's what I'd put on the travel requisition.

magamiako

join:2006-01-14
Halethorpe, MD

2 edits
reply to NetDog
Okay,

Rephrasing here.

Whenever I configure my juniper to request ::/60 ; I'll receive a /64 back from Comcast.

If I create another IAPD-ID, say, 1, and put another preference for ::/60, I'll get another /64 back, but all routing then stops for the original /64 I received. I assume because it's overwriting the route entry on the ISP end with the new /64.

** So I think I found my problem **

It seems the SSG5 is not passing the IA_PD Prefix option aloing with the IA_PD Option. Which would explain why I'm getting a /64, because the DHCP server is defaulting to a /64 when no request for a larger prefix comes through.

I've sent my flow logs off to Juniper to see if they can figure it out and give me an answer.


NetDog
Premium,VIP
join:2002-03-04
Parker, CO
kudos:79
said by magamiako:

I've sent my flow logs off to Juniper to see if they can figure it out and give me an answer.

PM me the Juniper case number and I will troubleshoot this on my end as well. PM me your model number as well.


mackey
Premium
join:2007-08-20
kudos:12
reply to magamiako
said by magamiako:

Whenever I configure my juniper to request ::/60 ; I'll receive a /64 back from Comcast.

If I create another IAPD-ID, say, 1, and put another preference for ::/60, I'll get another /64 back, but all routing then stops for the original /64 I received. I assume because it's overwriting the route entry on the ISP end with the new /64.

I'm seeing something similar using WIDE-DHCPv6 on a Linux (CentOS) box.

If I request ::/60 I just get a /64 back. However, if I request 2 IA_PD's in the same request using different ID's, the server happily obliges. (The packet looks something like "Req IA_NA, ID 0; Req IA_PD, ID 1; Req IA_PD, ID 2"). Both of the returned /64's work fine after a several seconds/minute delay (I'm assuming the routes are propagating during this time).

/M


NetDog
Premium,VIP
join:2002-03-04
Parker, CO
kudos:79

1 edit
said by mackey:

said by magamiako:

Whenever I configure my juniper to request ::/60 ; I'll receive a /64 back from Comcast.

If I create another IAPD-ID, say, 1, and put another preference for ::/60, I'll get another /64 back, but all routing then stops for the original /64 I received. I assume because it's overwriting the route entry on the ISP end with the new /64.

I'm seeing something similar using WIDE-DHCPv6 on a Linux (CentOS) box.

If I request ::/60 I just get a /64 back. However, if I request 2 IA_PD's in the same request using different ID's, the server happily obliges. (The packet looks something like "Req IA_NA, ID 0; Req IA_PD, ID 1; Req IA_PD, ID 2"). Both of the returned /64's work fine after a several seconds/minute delay (I'm assuming the routes are propagating during this time).

/M

Does your CentOS Box have more then one VLAN or LAN behind the WAN? If not there is no point in asking for anything less then /64? Do you really need that may networks that a /60 will give you? Just asking...


mackey
Premium
join:2007-08-20
kudos:12
said by NetDog:

Does your CentOS Box have more then one VLAN or LAN behind the WAN? If not there is no point in asking for anything less then /64? Do you really need that may networks that a /60 will give you? Just asking...

I thought this thread was about the current state of getting something larger then a /64 on Comcasts' network, not justifying the need for something larger. My bad.

RFC 6177 says ISPs should issue something significantly larger then a /64 and "the default assignment size should take into consideration the likelihood that an end site will have need for multiple subnets in the future and avoid the IPv4 practice of having frequent and continual justification for obtaining small amounts of additional space."

I need more then a single /64. I shouldn't need to justify requesting something as tiny as a /60. Back on page 1 jjmb See Profile said the default size later this year will be a /60. Why are you guys even thinking about doing that if you feel no one has a valid reason for getting anything larger then a /64?

/M


NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
said by mackey:

I need more then a single /64. I shouldn't need to justify requesting something as tiny as a /60. Back on page 1 jjmb See Profile said the default size later this year will be a /60. Why are you guys even thinking about doing that if you feel no one has a valid reason for getting anything larger then a /64?

It's called the left hand vs right hand syndrome. It is a common malady in many (if not most) large organizations.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.


NetDog
Premium,VIP
join:2002-03-04
Parker, CO
kudos:79
reply to mackey
This is me just asking a question, trying to understand what people are thinking. Yes I have read that RFC, and a lot of others on IPv6 as well. I was thinking we could have a dialogue about this subject but I guess not.

So I will leave topic with this "Comcast will change the default to a /60 at a later date, but today it is /64. If your device supports requesting a smaller prefix up till a /60 you can request it."


Mike Wolf

join:2009-05-24
Beachwood, NJ
kudos:4
How do I know if my Linksys router supports these different things? Is there a way for Comcast to check?

biomesh
Premium
join:2006-07-08
Tomball, TX
reply to NetDog
My guess is that users will setup guest vlans or networks. This could also be used for vpn configurations in order to isolate their 'business network' from their 'home network'.

AVonGauss
Premium
join:2007-11-01
Boynton Beach, FL
reply to mackey
said by mackey:

RFC 6177 says ISPs should issue something significantly larger then a /64 and "the default assignment size should take into consideration the likelihood that an end site will have need for multiple subnets in the future and avoid the IPv4 practice of having frequent and continual justification for obtaining small amounts of additional space."

I need more then a single /64. I shouldn't need to justify requesting something as tiny as a /60. Back on page 1 jjmb See Profile said the default size later this year will be a /60. Why are you guys even thinking about doing that if you feel no one has a valid reason for getting anything larger then a /64?

/M

A bit of an over reaction, no? It was simply a question asked, not a demand for justification on how or for what purpose are you planning on using it - a fair question. I'd be willing to bet if we really took a look at it, this would fall more under the "I want to tinker" category, which is alright, but lets not masquerade it as something which it is not.


NetDog
Premium,VIP
join:2002-03-04
Parker, CO
kudos:79

1 edit
reply to Mike Wolf
said by Mike Wolf:

How do I know if my Linksys router supports these different things? Is there a way for Comcast to check?

Ok back to a dialogue???

Tell you the truth I only know two routers that support the a smaller prefix hint. Cisco IOS and a Cisco RV042G, other then that I have not tried other devices. But if you request a smaller prefix the DHCP server will grant to your device but depending on the CMTS your on will depend on if your route will get injected. It is safe at this time to just stick with the /64.

I will post when it is safe to request a smaller prefix.


NetDog
Premium,VIP
join:2002-03-04
Parker, CO
kudos:79
reply to biomesh
said by biomesh:

My guess is that users will setup guest vlans or networks.

This is what I am doing as well..

said by biomesh:

This could also be used for vpn configurations in order to isolate their 'business network' from their 'home network'.

This is totally the type of innovation I was looking for in that comment.. I didn't even think about a VPN type VLAN back to the office..


mackey
Premium
join:2007-08-20
kudos:12
said by NetDog:

This is totally the type of innovation I was looking for in that comment..

No, the way you phrased it and stated the obvious ("If not there is no point in asking for anything less then /64") it was clearly a challenge while saying you didn't think there was any reason to request something larger then a /64.

Of course there are multiple VLANs attached to it; I wouldn't be requesting something larger then a /64 otherwise. All the PCs and tablets are on one, a "guest" network is another, there are 4 or 5 VoIP phones and an Asterisk box on yet another, a locked down network that's only used for cleaning viruses, and while it's not really used any more, yet another is set up that had a couple file servers/NAS boxes on it.

Yes I'm aware that's only 5, and yes I'm aware that a /60 can be broken into 16 subnets, but there's no reason to be stingy with v6 addresses like there is with v4's and I like having elbow room to handle whatever tomorrow throws at me. I prefer to configure stuff once and not look at it again for quite a long time

I considered the VPN angle, but for my needs there's no reason to have an internet routable address assigned to that interface.

/M

AVonGauss
Premium
join:2007-11-01
Boynton Beach, FL
While I'm glad Comcast is going to give out a /60, and I'm not trying to pick on you personally, but you're saying 295,147,905,179,352,825,856 IPv6 addresses just won't be enough for say 256 real / virtual devices in the home?


whfsdude
Premium
join:2003-04-05
Washington, DC
Reviews:
·Comcast

1 edit
said by AVonGauss:

While I'm glad Comcast is going to give out a /60, and I'm not trying to pick on you personally, but you're saying 295,147,905,179,352,825,856 IPv6 addresses just won't be enough for say 256 real / virtual devices in the home?

Each VLAN or routed segment should be a /64 for the foreseeable future (netstacks stink, even without SLAAC in use). Which is why some segment (edit: network-pun unintended) of Comcast's residential users will need a /60.

AVonGauss
Premium
join:2007-11-01
Boynton Beach, FL
Oh I'm sure we can come up with all sorts of nifty ways to use routable IPv6 segments, but from the home user perspective, I think most other than a truly isolated guest network are probably more a product of tinkering rather than a definable need. I think Comcast's approach of providing additional routable segments only to those that request and know how to with DHCP-PD to be a very good compromise. Its far more than I personally was expecting from any decently sized residential provider to offer.


mackey
Premium
join:2007-08-20
kudos:12
said by AVonGauss:

Its far more than I personally was expecting from any decently sized residential provider to offer.

On Uverse, AT&T offers a /60 for each IPv4 address you have.

/M


NetDog
Premium,VIP
join:2002-03-04
Parker, CO
kudos:79
reply to amwdrizz
So here is what I have for my network..

Main network
Kids network (monitored)
Office network
Voice network
Guest Wifi network



AVonGauss
Premium
join:2007-11-01
Boynton Beach, FL
reply to mackey
said by mackey:

On Uverse, AT&T offers a /60 for each IPv4 address you have.

/M

I wasn't aware that U-verse was offering native IPv6 at this point, though admittedly I don't follow it as closely as I once did. If they are now offering it to residential U-verse subscribers that is good news indeed. We might just get this IPv6 migration thing done in under two decades after all.

34764170

join:2007-09-06
Etobicoke, ON
reply to NetDog
said by NetDog:

[att=1]

LOL. I love the Cray supercomputer icon for your Windows server Is that what the current requirement is for running Windows? :P

34764170

join:2007-09-06
Etobicoke, ON
reply to AVonGauss
said by AVonGauss:

I wasn't aware that U-verse was offering native IPv6 at this point, though admittedly I don't follow it as closely as I once did. If they are now offering it to residential U-verse subscribers that is good news indeed. We might just get this IPv6 migration thing done in under two decades after all.

It isn't native yet. They're using 6RD.