dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
18299
share rss forum feed


NetDog
Premium,VIP
join:2002-03-04
Parker, CO
kudos:79
reply to 34764170

Re: [IPv6] Comcast IPv6 Address Assignment/Delegation

said by 34764170:

said by NetDog:

[att=1]

LOL. I love the Cray supercomputer icon for your Windows server Is that what the current requirement is for running Windows? :P

Not many people get that joke ..


Mike Wolf

join:2009-05-24
Beachwood, NJ
kudos:4
reply to NetDog
Not sure what you mean by "back to a dialogue"
Anyway if you guys wanna do some testing on the IPv6 stuff, your're welcome to use me as a test subject What would requesting a smaller prefix entail, what would I gain, and what would I lose?


NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage

1 edit
said by Mike Wolf:

What would requesting a smaller prefix entail, what would I gain, and what would I lose?

It would entail having a router that was capable of maintaining multiple VLANS/LAN subnets, and the ability to be configured to request a PD other than the standard /64 from Comcast.

What you might gain is the ability to have multiple /64 IPv6 networks behind your router (how you would use them is up to you).

What you might lose is your internet connection if your router somehow got a /60 from Comcast and didn't know how to handle it.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.


Mike Wolf

join:2009-05-24
Beachwood, NJ
kudos:4
The whole internet connection would be lost? You mean even the IPv4 internet?


graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
kudos:2
reply to NetFixer
Any suggestion for values to try on a router that supports multiple LAN interfaces?

IPv6 Prefix Delegation:

Site-Level Aggregator ID: ?
ISP Prefix Length: /?
Expand your moderator at work


NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
reply to graysonf

Re: [IPv6] Comcast IPv6 Address Assignment/Delegation

said by graysonf:

Any suggestion for values to try on a router that supports multiple LAN interfaces?

IPv6 Prefix Delegation:

Site-Level Aggregator ID: ?
ISP Prefix Length: /?

Sorry, but the only router I have that supported getting a /60 (for a while) was my D-Link DIR655, and I don't have access to the low level configuration in that router (my only choice in its html menu is to either enable/disable DHCP-PD).




When I was getting a /60 from Comcast the config above was also being used, and a secondary router behind the DIR655 was able to get its own /64 IPv6 subnet. I have no idea why I no longer get a /60 from Comcast.

The screen shot below shows what I would get from Comcast when the /60 was working:




The DIR655 would get an IPv6 Network assignment of 2601:5:c80:90::/60, and its LAN would get the IPv6 assignment 2601:5:c80:91::/64. Unfortunately I did not get a screen capture of the secondary router's assignment, but as I recall it was 2601:5:c80:92::/64.

Now that I only get a /64 assignment, I get the same 2601:5:c80:90::/64 for both the Network and LAN.




My secondary (guest network) router is now connected directly (well, actually through a switch), to the modem and it still gets its own /64 assignment (it's just not a subnet of the DIR655's former /60 network).

One interesting thing is that just before I stopped getting the /60 assignment, Comcast changed the Network PD IP address from 2601:5:c80:90::/60 to 2601:5:c80:b0::/60. The next change was to eliminate the /60 assignment (but I went back to the 2601:5:c80:90: subnet again).




I guess that the point of this TLDR reply is to point out that Comcast's IPv6 implementation for dynamic IP address customers is still in flux (and may possibly stay that way), so even if you get something to work today, don't count on it to be working the same way tomorrow. If/when Comcast finally gets IPv6 for static IP business class customers working, I may go back to paying for static IP addresses again.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.


mackey
Premium
join:2007-08-20
kudos:12
reply to graysonf
said by graysonf:

Site-Level Aggregator ID: ?

Whatever you want, but when added to the prefix length the number of bits in it must be less than or equal to 64. I.e. if your prefix length is /64 then this must be 0. If your prefix length is /60 then it must be between 0 and 15 inclusive (0-15 = a 4-bit number. 4 + 60 = 64). This number is added to your prefix to get the subnet for that interface.

said by graysonf:

ISP Prefix Length: /?

The size of the prefix you're requesting from the ISP. Eventually Comcast will support /60-/64 inclusive, but for now only /64 works reliably.

/M


NetDog
Premium,VIP
join:2002-03-04
Parker, CO
kudos:79
reply to amwdrizz
I would like to give everyone a heads up, we are changing the allowed shortest prefix from /60 to a /64. There is an issue found on a version of CMTS code that creates an issue for the CMTS. Once all the CMTS's get upgraded to the latest code we will change the shortest prefix back to a /60.

So if you have a IA_PD request as a /60 the DHCP server will respond with a /64. So leave your IA_PD request as a /60 once we get the code in the field and change the DHCP back your request will be honored.

If you have any questions please feel free to PM me if you want. I will answer what I can; as you all are aware.

Sample from a Cisco router:

HomeRT01#show ipv6 dhcp interface
GigabitEthernet0/1.201 is in server mode
Using pool: phones
Preference value: 0
Vlan101 is in client mode
Prefix State is OPEN
Renew will be sent in 1d03h
Address State is OPEN
Renew for address will be sent in 1d03h
List of known servers:
Reachable via address: FE80::
DUID:
Preference: 255
Configuration parameters:
IA PD: IA ID 0x00120001, T1 172683, T2 276293
Prefix: 2601:1:Something::/64
preferred lifetime 345367, valid lifetime 345367
expires at Feb 08 2013 02:22 PM (270975 seconds)
IA NA: IA ID 0x00120001, T1 172800, T2 276480
Address: 2001:558:6040:5:Something/128
preferred lifetime 345600, valid lifetime 345600
expires at Feb 08 2013 02:22 PM (270973 seconds)
DNS server: 2001:558:FEED::2
DNS server: 2001:558:FEED::1
Information refresh time: 0
Prefix name: prefix-from-Comcast
Prefixes sent as hint:
::/60


NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
said by NetDog:

I would like to give everyone a heads up, we are changing the allowed shortest prefix from /60 to a /64. There is an issue found on a version of CMTS code that creates an issue for the CMTS. Once all the CMTS's get upgraded to the latest code we will change the shortest prefix back to a /60.

So if you have a IA_PD request as a /60 the DHCP server will respond with a /64. So leave your IA_PD request as a /60 once we get the code in the field and change the DHCP back your request will be honored.

If you have any questions please feel free to PM me if you want. I will answer what I can; as you all are aware.

Thanks for the heads up. I suspect that I must have gotten caught up in the middle of the config changes yesterday: »[IPv6] IPv6 problems with router's factory MAC address

After reading your post, I tried the DIR655's original WAN MAC address again, and now it works again (with a "/64" allocation).
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.

MrJester

join:2003-03-14
Knoxville, TN

1 recommendation

reply to jjmb
said by jjmb:

We will be changing the defaults later this year so that /60 is the default.

I am very glad you are considering the future and not sticking users with a single /64. From an academic perspective, can you share the rationale behind choosing a /60 instead of /56?

biomesh
Premium
join:2006-07-08
Tomball, TX

1 recommendation

Probably due to the fact that very few people can or will use a /60 effectively.

I doubt there are any business class customers that could use 256 /64s vs the 16 with a /60.

I am guessing as time goes on, this may change and larger allocations may be made available.


Mike Wolf

join:2009-05-24
Beachwood, NJ
kudos:4
What allocation is it for 1 address (a router with dhcp)


NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
said by Mike Wolf:

What allocation is it for 1 address (a router with dhcp)

A router's WAN should receive a /128 with a prefix beginning with "2001:558". A router's LAN should receive a /64 with the PD prefix beginning with "2601". If your router is capable of supporting multiple IPv6 networks on its LAN, you will currently also receive a network /64 assignment with a PD prefix beginning with "2601". The image below (from my DIR655) illustrates this.




After Comcast finishes upgrading their CMTS software, you may (or may not) be able to get a network /60 assignment for a PD prefix starting with "2601" as illustrated below with a snapshot of my DIR655 IPv6 status taken before Comcast temporarily rolled back giving out /60 assignments.



--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.


Mike Wolf

join:2009-05-24
Beachwood, NJ
kudos:4
Click for full size
Click for full size
This is all I see on my router regarding IPv6 so I don't even know if it can support /128 or /60 or something.


NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
said by Mike Wolf:

This is all I see on my router regarding IPv6 so I don't even know if it can support /128 or /60 or something.

The fact that your router does not report the assignment size for its WAN interface pretty much implies that it is properly getting a /128 (which is the size for a single IP address, and that is all a router's WAN needs).

Your screen shot also clearly shows that you are getting the current maximum /64 assignment on the router's LAN. There is really no way to tell if your router can support a /60 network assignment until Comcast once again starts issuing the /60 assignments. However, it you did not previously (before last week) get a /60 network assignment, then your router probably doesn't support it.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.


Mike Wolf

join:2009-05-24
Beachwood, NJ
kudos:4
Honestly I've never fully understood how IPv6 works, I'd love to learn but till I'm in the mood for my head to explode I'm comfortable just happy "It works" lol
I'd love to find a router that fully supports all of what IPv6 offers, I mean on all my systems there's no IPv6 DHCP lease information and no IPv6 DHCP settings on the router side.


NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
said by Mike Wolf:

Honestly I've never fully understood how IPv6 works, I'd love to learn but till I'm in the mood for my head to explode I'm comfortable just happy "It works" lol
I'd love to find a router that fully supports all of what IPv6 offers, I mean on all my systems there's no IPv6 DHCP lease information and no IPv6 DHCP settings on the router side.

When you do get in the mood, there are some basic tutorial links at Comcast's IPv6 Information Center to get you started. Until then, there is no point in worrying about whether your router supports multiple IPv6 networks on its LAN side because you would not be ready to implement it. Also, if you are using recent versions of Windows, OS X, or a recent *nix distribution, IPv6 on the client side should indeed work automatically.

And FWIW, there is a reason that I picked both of the IPv6 routers that I use from Comcast's approved/tested list. IPv6 has a way of making everyone's head explode.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.


PGHammer

join:2003-06-09
Accokeek, MD

1 recommendation

In the case of computer operating systems, in the case of Windows, it's Windows XP SP2 and later, as Windows Vista/7/8 support IPv6 out of the box (regardless of the bitness of the operating system itself).

Apple - All versions of OS X back to Tiger support IPv6 out of the box.

Linux distributions - While all Linux kernels from 2.6.x out have support for it, some distributions actually have said support turned off by default by user-community request.


bjbrock

@wallacemgt.com
reply to amwdrizz
According to the IPv6 RFC's, Your ISP should not be assigning you an IP but rather a 48-bit Global ID(Site ID). The next 16 bits should be your's for sub-netting anyway you want. This give you a 64-bit prefix plus a 64-bit identifier for your IPv6 address of your router or modem. The ISP then routes according to the Global ID and not the IP. Routing is done by routing to your 48-bit Global ID and the next-hop is the link-local address of your router or modem. Since there are approximately 35 trillion possible Site ID's, it is egregious to force you to one IP not to mention thumbing their nose at the RFC's and beautifully designed IPv6. IMHO.


NetDog
Premium,VIP
join:2002-03-04
Parker, CO
kudos:79

1 edit

1 recommendation

Click for full size
Comcast IPv6 Home User
said by bjbrock :

Since there are approximately 35 trillion possible Site ID's, it is egregious to force you to one IP not to mention thumbing their nose at the RFC's and beautifully designed IPv6.

We are talking about Comcast here so I will give input from a Comcast point of view..

Comcast uses DHCPv6 and DHCPv6-PD to allocate its customer IP addresses if your using IPv4 or IPv6. With that said the router needs to request three addresses:

Single IPv4 Address for the Routers WAN
Single IPv6 Address for the Routers WAN
Prefix-Delegation for the LAN interface (routers can request a smaller prefix up to a /60)
--
Comcaster.. Network Engineer with NETO

bjbrock9

join:2002-10-28
Mcalester, OK

1 recommendation

I'm sure this works well for residential sites that only need one simple configuration, but what about commercial customers that need a more complex routing structure. Is the process the same for commercial customers?

I have several small branches that use Comcast. I know my routers won't do /60 prefixes and I will need more than one sub-net at the locations.

I was simply going by the RFC's and I'm sure different ISP's will do different implementations (just like they do with IPv4). But every stray from standards makes it harder for me, the consumer, to keep up with configurations.

AT&T will be upgrading my Home Office MIS to IPv6 and it will be interesting to see their take on it.

Thank you for giving me the reasoning behind Comcast's method. Will my commercial accounts be configured this same way?


NetDog
Premium,VIP
join:2002-03-04
Parker, CO
kudos:79
reply to amwdrizz
Commercial accounts are a different story, static IP's vers dynamic. So No your Commercial accounts will not be configured the same way, and as well if they are static.

We are getting ready to trial the commercial accounts here shortly we had issues with the code on the modems that needed to get worked out.
--
Comcaster.. Network Engineer with NETO


NetDog
Premium,VIP
join:2002-03-04
Parker, CO
kudos:79
reply to amwdrizz
bjbrock9 See Profile PM me your contact info and I will see if I can add you to the trial list if you would like.
--
Comcaster.. Network Engineer with NETO

bjbrock9

join:2002-10-28
Mcalester, OK
Thank you for that offer. I need to get my home office converted first, though. And waiting on AT&T is like waiting on a snail. But as soon as I have that under my belt I'm going to start on my branches.

Most of my Comcast offices are in Illinois, 600 miles away. I will want to travel there and be on hand instead of trying to do it remotely. Where will you be rolling out the first trials?

Thanks again, NetDog. I'm sure I will be in touch.


NetDog
Premium,VIP
join:2002-03-04
Parker, CO
kudos:79
We will be starting really soon.. Don't wait on AT&T get a tunnel.. Here I two tunnel brokers I have used and still using for testing.

»www.sixxs.net/
»tunnelbroker.net/
--
Comcaster.. Network Engineer with NETO

bjbrock9

join:2002-10-28
Mcalester, OK
I assume you will be rolling out a dual stack so I can still use my IPv4 VPN until I'm ready to switch to an IPv6 VPN. I'll have to run a dual stack at the home office since I have 150 branches with numerous ISP's. I'm assuming I can pass IPv6 traffic through the IPv4 IpSec VPN but don't know for sure. I know my Vyatta router here has that capability.

Let me think about it.

Thanks again for your help.

KPEX

join:2013-03-31
Alpharetta, GA
reply to amwdrizz
Just wanted to share an example of a working configuration I put together for the Juniper Netscreen firewalls, after I spent way too long trying to figure it all out only to realize in the end that I had to also specify the IAPD and SLA fields for Prefix Delegation. Once I did this, everything worked!
»kevpeterson.com/comcast-ipv6/


NetDog
Premium,VIP
join:2002-03-04
Parker, CO
kudos:79
reply to amwdrizz
FYI... /60 IA_PD has been re-enabled in most areas, waiting on CMTS upgrades for the other areas...

So router can request anything from a /64 to /60 and the request will be honored.. Now on my cisco router I had to do a Release of the PD space and a reload to get it to start pulling the new /60 box.

If you have issues please feel free to ping me..

Tuska
--
Comcaster.. Network Engineer with NETO