dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
315824

Mcrobrewer
Premium Member
join:2001-03-04
Trenton, NJ

Mcrobrewer to Anon58bf6

Premium Member

to Anon58bf6

Re: [Networking] IPv6 working!

Did you do something to fix it? Or did it just fix itself?

Anon58bf6
@173.61.87.x

Anon58bf6

Anon

It fixed itself, I saw another user in NJ (patelhiren) post this morning that they now had successful traceroutes after being in my same situation, so I turned IPv6 back on for another test and all was well. I have been turning it off after each test if that makes a difference, but I didn't reboot the ONT or anything.

dennismurphy
Put me on hold? I'll put YOU on hold
Premium Member
join:2002-11-19
Parsippany, NJ

dennismurphy to dmb

Premium Member

to dmb
said by dmb:

Yeah, except just make sure you are properly protecting your devices now, as I realized some of my devices had ssh port wide open to the public via ipv6. Haven't figured out a good way to allow ports for only some ipv6 ips vs others easily yet.

Indeed. I have inbound ports shut for the WAN and LAN interfaces on V6 altogether. Thankfully I have another network I can probe from.
mikev
Premium Member
join:2002-05-04
Leesburg, VA
·Verizon FiOS
(Software) pfSense
Panasonic KX-TGP600

3 recommendations

mikev to custer

Premium Member

to custer
Ok, there have been lots of NJ folks posting recently, especially with the IPv6 connectivity issues that had been going on the past couple of days. I haven't really kept track of all that were posting with IPv6 addresses but connectivity issues (that are hopefully now resolved), so if you want a report for your town/CO added to the list, please post the info.

Here's the spreadsheet link to see what I already have: »1drv.ms/x/s!Ao8Y4GMcM4oz ··· e=d8cuAe
AndyJ
join:2022-08-06
Keansburg, NJ

AndyJ to Anonc43a1

Member

to Anonc43a1
said by Anonc43a1 :

said by jtkarlma:

Also, from what I read OpenWrt supports RFC6603, so what (if any) IPv6 address do you get assigned on your WAN interface?

From what I can tell, it doesn’t. Odhcp6c supports it and provides the exclusion information to the netifd scripts, but after taking a look at the scripts, I don’t see it being used anywhere. (So, the WAN interface is not assigned an address.)

Following up on this (I'll move over to the problems thread for further discussion)... tracing through the odhcpv6c and netifd code, rfc6603 should work. However, odhcp6c is showing that no PD exclusion was received. I looked at a tcpdump of the dhcpv6 request & response, and I can see OPTION_PD_EXCLUSION (option 67) in the request, but it's not in the response. So, there may be some quirks in Verizon's implementation if they really are supporting rfc6603.
jasonwc
join:2017-05-02
Springfield, VA

3 recommendations

jasonwc to custer

Member

to custer
APNIC is showing AS701 at around 20% again so yesterday’s data clearly was erroneous.

Anonedfd1
@72.90.128.x

Anonedfd1 to mikev

Anon

to mikev
I just got up and running today in Perth Amboy, NJ.

I was just over at the Netgate pfSense forums. What info do you need to add it to your list??
mikev
Premium Member
join:2002-05-04
Leesburg, VA
·Verizon FiOS
(Software) pfSense
Panasonic KX-TGP600

mikev

Premium Member

said by Anonedfd1 :

I was just over at the Netgate pfSense forums. What info do you need to add it to your list??

Well, it seems that in addition to the CO within Perth Amboy, there's another CO that appears to serve part of the area (likely northern and/or western parts, since it's in Fords)... so if you could provide a nearby intersection, maybe within a block or three of your location, so I can figure out which CO you're served from, that would be great. If you don't want to post it publicly, you can PM me over on the pfSense community (unless you want to register here, in which case you can PM me here instead).

CGMason14
Nj Roaddog
join:2002-07-22
Mountainside, NJ

CGMason14

Member

Perth Amboy is solely served by PAMBNJPM. It also serves the Hopelawn section of Woodbridge Township to the west. The western boundary line of the CO is the Garden State Parkway. All neighboring COs don't have Fios yet.
mikev
Premium Member
join:2002-05-04
Leesburg, VA

mikev

Premium Member

Ok, thanks for the info! One of the sites I reference with CO info mentioned that Fords also serves part of Perth Amboy, so I guess that's incorrect then. Added Perth Amboy to the list!
kohenkatz
join:2017-11-13
Olney, MD

kohenkatz to mikev

Member

to mikev
said by mikev:

... if you want a report for your town/CO added to the list, please post the info.

Here's the spreadsheet link to see what I already have: »1drv.ms/x/s!Ao8Y4GMcM4oz ··· e=d8cuAe

You can add Olney, MD to the list - IPv6 became active here on July 28th.

CO: Ashton "Olney Oakdale"
CLLI: OLNYMDOK
dmb
join:2002-12-03
Morristown, NJ

dmb to custer

Member

to custer
Anyone knows what happens if we configure a static ip amongst the prefix(for certain devices), and the prefix changes? I also am hoping ipv6 is more static than ipv4 dhcp, and hoping its based on mac, not lease time. Would it just stop routing?

Napsterbater
Meh
MVM
join:2002-12-28
Milledgeville, GA

Napsterbater

MVM

IPv6 DHCP prefix delegation is based on DUID which is not necessarily based on MAC address.

And setting a static IPv6 address on your network and then your prefix changing would result in non-functioning IPv6 at least to the greater internet.
jasonwc
join:2017-05-02
Springfield, VA

3 recommendations

jasonwc to dmb

Member

to dmb
At least on pfsense, you can set static DHCP entries based on a device’s DUID. If the LAN is set to Track Interface, the first 64 bits is dynamic based on the /56 from Verizon + the 8 bits for the LAN ID. The last 64 bits can then be set statically.
cramer
Premium Member
join:2007-04-10
Raleigh, NC
Westell 6100
Cisco PIX 501

1 recommendation

cramer to dmb

Premium Member

to dmb
Depends on how you set the address. If you specify the full 128 bits, the address will no work if the prefix changes. If you specify only the "rest" of the address (prefix + whatever), then it will reflect whatever the prefix(es) is(are.)

(In linux that's a "token", not "address")
SirSIlentBob
join:2008-01-28
Newport News, VA

SirSIlentBob to jasonwc

Member

to jasonwc
Can you give an image example of how this is set up in pfSense please? Is it something simple like "::1234:AAAA:BBBB:CCCC" and the first half is always going to just be whatever the delegated prefix is? Or is there some brackets/formatting needed?
dmb
join:2002-12-03
Morristown, NJ

dmb to cramer

Member

to cramer
I am just curious, me not being an expert with ipv6... what would to make an ipv6 no longer work if you try to use it statically when its not assigned. How does verizon enforce prefix changes?

Indeed, I will have to look at how in linux (debian specifically, all my machines are linux based) to only specify the prefix, and not the entire /128.
cramer
Premium Member
join:2007-04-10
Raleigh, NC
Westell 6100
Cisco PIX 501

3 recommendations

cramer

Premium Member

The same way you can't use Apple's IPv4 address space. It isn't routed to you. Even if you can send traffic with the wrong address ("spoofing"), no reply will ever come back to you.

(Good ISPs have anti-spoofing measures, so you can't send with the wrong address.)
patelhiren
join:2020-12-12

3 recommendations

patelhiren to mikev

Member

to mikev
I have fully functioning IPv6. Town is Monroe, NJ. Closest CO is Prospect Plains (PRPLNJPA)

cshilton
join:2002-12-16
Milford, CT
·Frontier FiberOp..
·Verizon FiOS

cshilton to dmb

Member

to dmb
said by dmb:

...snip...

Haven't figured out a good way to allow ports for only some ipv6 ips vs others easily yet.

Lot's of choices on securing SSH over IPv6. I like static IP. Set a static IP on the ssh target and allow that and only that from the outside through your firewall. I recommend setting the static IP address as alias on the interface, rather than as the sole IP address of the interface.
cshilton

cshilton to cramer

Member

to cramer
To elaborate: by design your IPv6 address is structured as two parts: a routing prefix and a host identifier. When Verizon assigns a routing prefix to you, they send all traffic for that routing prefix to your firewall/router. When you set a static IPv6 address, you combine the routing prefix that was assigned to you with some bits that you set manually. If Verizon changes your routing prefix, they will also stop sending you traffic for that routing prefix.
jasonwc
join:2017-05-02
Springfield, VA

jasonwc to cshilton

Member

to cshilton
Depending on the router, it may also be possible to use a static DHCP assignment where the final 64 bits of the address is static, but the address tracks the prefix assigned by Verizon. This is similar to static DHCP assignments on IPv4, but rather than using the device MAC address, it uses the system's DUID. I do this on pfsense, and it works well. pfsense also registers the system's hostname so you can simply use the hostname when connecting via SSH, rather than having to remember the new prefix when it changes.

Anonb53ca
@108.35.37.x

2 recommendations

Anonb53ca to mikev

Anon

to mikev
I have IPv6 working in Closter, NJ (Bergen County).

Not sure how to find out the CO.

-Devan
Rocky5728
join:2022-06-30

3 recommendations

Rocky5728

Member

said by Anonb53ca :

I have IPv6 working in Closter, NJ (Bergen County).

Not sure how to find out the CO.

-Devan

Pick 2-3 schools, government buildings, banks, or churches on Google Maps closest to your house, grab their phone number, and put the area code and prefix in here: »www.telcodata.us/search- ··· e-detail

If multiple all show the same CO, then it's likely the correct one.

CGMason14
Nj Roaddog
join:2002-07-22
Mountainside, NJ

CGMason14 to Anonb53ca

Member

to Anonb53ca
Closter has it's own CO: CLSTNJCO

wmcbrine
join:2002-12-30
Laurel, MD

wmcbrine to Anone2dda

Member

to Anone2dda
I meant to reply to this earlier, but I needed to double check on where LARLMDLRDS0 actually was...
said by Anone2dda :

Still no IPV6 in LARLMDLRDS0. Oddly, I do get full ICPM traceroute now.

...and it's literally two blocks from my house, so I'm about 95% sure that's where I'm connected. And I definitely have (and had, when you posted this) IPv6. So... maybe check your setup?
ingenium
join:2018-10-10
Pittsburgh, PA

1 recommendation

ingenium to custer

Member

to custer
Add PTTSBGZON1/PITBPANSDS0 to the spreadsheet
mikev
Premium Member
join:2002-05-04
Leesburg, VA
·Verizon FiOS
(Software) pfSense
Panasonic KX-TGP600

2 recommendations

mikev to wmcbrine

Premium Member

to wmcbrine
said by wmcbrine:

I meant to reply to this earlier, but I needed to double check on where LARLMDLRDS0 actually was...

I actually don't have this CO on my list... do you remember around when you first saw IPv6?
mikev

1 recommendation

mikev to ingenium

Premium Member

to ingenium
said by ingenium:

Add PTTSBGZON1/PITBPANSDS0 to the spreadsheet

Done, thanks for the info!

wmcbrine
join:2002-12-30
Laurel, MD

2 recommendations

wmcbrine to mikev

Member

to mikev
said by mikev:

said by wmcbrine:

I meant to reply to this earlier, but I needed to double check on where LARLMDLRDS0 actually was...

I actually don't have this CO on my list... do you remember around when you first saw IPv6?

This is where I posted about it:

»Re: [Networking] IPv6 working!

July 11th... it was surely available before that, but that's when I actually tried it.

OK, I found where I mentioned it, on Nextdoor -- June 14th! That was the night of the outage.