Mcrobrewer Premium Member join:2001-03-04 Trenton, NJ |
to Anon58bf6
Re: [Networking] IPv6 working!Did you do something to fix it? Or did it just fix itself? |
|
|
Anon58bf6
Anon
2022-Aug-5 7:11 pm
It fixed itself, I saw another user in NJ (patelhiren) post this morning that they now had successful traceroutes after being in my same situation, so I turned IPv6 back on for another test and all was well. I have been turning it off after each test if that makes a difference, but I didn't reboot the ONT or anything. |
|
dennismurphyPut me on hold? I'll put YOU on hold Premium Member join:2002-11-19 Parsippany, NJ |
to dmb
said by dmb:Yeah, except just make sure you are properly protecting your devices now, as I realized some of my devices had ssh port wide open to the public via ipv6. Haven't figured out a good way to allow ports for only some ipv6 ips vs others easily yet. Indeed. I have inbound ports shut for the WAN and LAN interfaces on V6 altogether. Thankfully I have another network I can probe from. |
|
mikev Premium Member join:2002-05-04 Leesburg, VA ·Verizon FiOS (Software) pfSense Panasonic KX-TGP600
3 recommendations |
to custer
Ok, there have been lots of NJ folks posting recently, especially with the IPv6 connectivity issues that had been going on the past couple of days. I haven't really kept track of all that were posting with IPv6 addresses but connectivity issues (that are hopefully now resolved), so if you want a report for your town/CO added to the list, please post the info. Here's the spreadsheet link to see what I already have: » 1drv.ms/x/s!Ao8Y4GMcM4oz ··· e=d8cuAe |
|
|
AndyJ join:2022-08-06 Keansburg, NJ |
to Anonc43a1
said by Anonc43a1 :said by jtkarlma:Also, from what I read OpenWrt supports RFC6603, so what (if any) IPv6 address do you get assigned on your WAN interface? From what I can tell, it doesn’t. Odhcp6c supports it and provides the exclusion information to the netifd scripts, but after taking a look at the scripts, I don’t see it being used anywhere. (So, the WAN interface is not assigned an address.) Following up on this (I'll move over to the problems thread for further discussion)... tracing through the odhcpv6c and netifd code, rfc6603 should work. However, odhcp6c is showing that no PD exclusion was received. I looked at a tcpdump of the dhcpv6 request & response, and I can see OPTION_PD_EXCLUSION (option 67) in the request, but it's not in the response. So, there may be some quirks in Verizon's implementation if they really are supporting rfc6603. |
|
jasonwc join:2017-05-02 Springfield, VA
3 recommendations |
to custer
APNIC is showing AS701 at around 20% again so yesterday’s data clearly was erroneous. |
|
|
Anonedfd1 to mikev
Anon
2022-Aug-6 8:03 pm
to mikev
I just got up and running today in Perth Amboy, NJ.
I was just over at the Netgate pfSense forums. What info do you need to add it to your list?? |
|
mikev Premium Member join:2002-05-04 Leesburg, VA ·Verizon FiOS (Software) pfSense Panasonic KX-TGP600
|
mikev
Premium Member
2022-Aug-6 8:32 pm
said by Anonedfd1 :I was just over at the Netgate pfSense forums. What info do you need to add it to your list?? Well, it seems that in addition to the CO within Perth Amboy, there's another CO that appears to serve part of the area (likely northern and/or western parts, since it's in Fords)... so if you could provide a nearby intersection, maybe within a block or three of your location, so I can figure out which CO you're served from, that would be great. If you don't want to post it publicly, you can PM me over on the pfSense community (unless you want to register here, in which case you can PM me here instead). |
|
CGMason14Nj Roaddog join:2002-07-22 Mountainside, NJ |
Perth Amboy is solely served by PAMBNJPM. It also serves the Hopelawn section of Woodbridge Township to the west. The western boundary line of the CO is the Garden State Parkway. All neighboring COs don't have Fios yet. |
|
mikev Premium Member join:2002-05-04 Leesburg, VA |
mikev
Premium Member
2022-Aug-6 8:59 pm
Ok, thanks for the info! One of the sites I reference with CO info mentioned that Fords also serves part of Perth Amboy, so I guess that's incorrect then. Added Perth Amboy to the list! |
|
|
to mikev
You can add Olney, MD to the list - IPv6 became active here on July 28th. CO: Ashton "Olney Oakdale" CLLI: OLNYMDOK |
|
dmb join:2002-12-03 Morristown, NJ |
to custer
Anyone knows what happens if we configure a static ip amongst the prefix(for certain devices), and the prefix changes? I also am hoping ipv6 is more static than ipv4 dhcp, and hoping its based on mac, not lease time. Would it just stop routing? |
|
|
IPv6 DHCP prefix delegation is based on DUID which is not necessarily based on MAC address.
And setting a static IPv6 address on your network and then your prefix changing would result in non-functioning IPv6 at least to the greater internet. |
|
jasonwc join:2017-05-02 Springfield, VA
3 recommendations |
to dmb
At least on pfsense, you can set static DHCP entries based on a device’s DUID. If the LAN is set to Track Interface, the first 64 bits is dynamic based on the /56 from Verizon + the 8 bits for the LAN ID. The last 64 bits can then be set statically. |
|
cramer Premium Member join:2007-04-10 Raleigh, NC Westell 6100 Cisco PIX 501
1 recommendation |
cramer to dmb
Premium Member
2022-Aug-7 12:41 pm
to dmb
Depends on how you set the address. If you specify the full 128 bits, the address will no work if the prefix changes. If you specify only the "rest" of the address (prefix + whatever), then it will reflect whatever the prefix(es) is(are.)
(In linux that's a "token", not "address") |
|
|
to jasonwc
Can you give an image example of how this is set up in pfSense please? Is it something simple like "::1234:AAAA:BBBB:CCCC" and the first half is always going to just be whatever the delegated prefix is? Or is there some brackets/formatting needed? |
|
dmb join:2002-12-03 Morristown, NJ |
to cramer
I am just curious, me not being an expert with ipv6... what would to make an ipv6 no longer work if you try to use it statically when its not assigned. How does verizon enforce prefix changes?
Indeed, I will have to look at how in linux (debian specifically, all my machines are linux based) to only specify the prefix, and not the entire /128. |
|
cramer Premium Member join:2007-04-10 Raleigh, NC Westell 6100 Cisco PIX 501
3 recommendations |
cramer
Premium Member
2022-Aug-7 3:22 pm
The same way you can't use Apple's IPv4 address space. It isn't routed to you. Even if you can send traffic with the wrong address ("spoofing"), no reply will ever come back to you.
(Good ISPs have anti-spoofing measures, so you can't send with the wrong address.) |
|
3 recommendations |
to mikev
I have fully functioning IPv6. Town is Monroe, NJ. Closest CO is Prospect Plains (PRPLNJPA) |
|
·Frontier FiberOp.. ·Verizon FiOS
|
to dmb
said by dmb:...snip...
Haven't figured out a good way to allow ports for only some ipv6 ips vs others easily yet. Lot's of choices on securing SSH over IPv6. I like static IP. Set a static IP on the ssh target and allow that and only that from the outside through your firewall. I recommend setting the static IP address as alias on the interface, rather than as the sole IP address of the interface. |
|
cshilton |
to cramer
To elaborate: by design your IPv6 address is structured as two parts: a routing prefix and a host identifier. When Verizon assigns a routing prefix to you, they send all traffic for that routing prefix to your firewall/router. When you set a static IPv6 address, you combine the routing prefix that was assigned to you with some bits that you set manually. If Verizon changes your routing prefix, they will also stop sending you traffic for that routing prefix. |
|
jasonwc join:2017-05-02 Springfield, VA |
to cshilton
Depending on the router, it may also be possible to use a static DHCP assignment where the final 64 bits of the address is static, but the address tracks the prefix assigned by Verizon. This is similar to static DHCP assignments on IPv4, but rather than using the device MAC address, it uses the system's DUID. I do this on pfsense, and it works well. pfsense also registers the system's hostname so you can simply use the hostname when connecting via SSH, rather than having to remember the new prefix when it changes. |
|
2 recommendations |
Anonb53ca to mikev
Anon
2022-Aug-9 3:14 pm
to mikev
I have IPv6 working in Closter, NJ (Bergen County).
Not sure how to find out the CO.
-Devan |
|
3 recommendations |
said by Anonb53ca :I have IPv6 working in Closter, NJ (Bergen County).
Not sure how to find out the CO.
-Devan Pick 2-3 schools, government buildings, banks, or churches on Google Maps closest to your house, grab their phone number, and put the area code and prefix in here: » www.telcodata.us/search- ··· e-detailIf multiple all show the same CO, then it's likely the correct one. |
|
CGMason14Nj Roaddog join:2002-07-22 Mountainside, NJ |
to Anonb53ca
Closter has it's own CO: CLSTNJCO |
|
|
to Anone2dda
I meant to reply to this earlier, but I needed to double check on where LARLMDLRDS0 actually was... said by Anone2dda :Still no IPV6 in LARLMDLRDS0. Oddly, I do get full ICPM traceroute now. ...and it's literally two blocks from my house, so I'm about 95% sure that's where I'm connected. And I definitely have (and had, when you posted this) IPv6. So... maybe check your setup? |
|
1 recommendation |
to custer
Add PTTSBGZON1/PITBPANSDS0 to the spreadsheet |
|
mikev Premium Member join:2002-05-04 Leesburg, VA ·Verizon FiOS (Software) pfSense Panasonic KX-TGP600
2 recommendations |
to wmcbrine
said by wmcbrine:I meant to reply to this earlier, but I needed to double check on where LARLMDLRDS0 actually was... I actually don't have this CO on my list... do you remember around when you first saw IPv6? |
|
mikev
1 recommendation |
to ingenium
said by ingenium:Add PTTSBGZON1/PITBPANSDS0 to the spreadsheet Done, thanks for the info! |
|
2 recommendations |
to mikev
said by mikev:said by wmcbrine:I meant to reply to this earlier, but I needed to double check on where LARLMDLRDS0 actually was... I actually don't have this CO on my list... do you remember around when you first saw IPv6? This is where I posted about it: » Re: [Networking] IPv6 working!July 11th... it was surely available before that, but that's when I actually tried it. OK, I found where I mentioned it, on Nextdoor -- June 14th! That was the night of the outage. |
|