I neglected to mention it but I did find and read many articles on
Comcast modem support. As a whole the posts were rather conflicting and
confused so it seemed that it may or may not work...older posts were more
likely to say it wasn't working.
We do have a static IPv4 block. Sadly a few years ago when we tried to
increase speeds we were down for a time because their other non-SMC modem
couldn't handle static IPs reliably and they had to scrounge for an SMC box for
us. I inferred the techs knew this but Comcast was switching modems anyway.
So, I'm hesitant to ask for a different one. :-/ Maybe it is different now.
I don't see anything in the SMC interface about a firmware update.
It's Comcast branded so I assume their firmware. Maybe we'd have to call. It
has v 3.1.6.57 now.
The SMC does show an IPv6 address, LAN DHCPv6 enabled with a range, and
has an "External Router Delegated Prefix" section that is empty. The building
router gets its IP from that range. The SMC has a different WAN IPv6 address
in 2001:558:...::/64. At the bottom of its Gateway Summary/Network tab I see:
LAN IPv6 Prefixs Delegations 2601:249:xxxx:yyyy::/64
...with the LAN IP range. (yes, it is spelled "prefixs")
--
Steve Yates
ITS, Inc.
-----Original Message-----
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Moshe Katz
Sent: Wednesday, May 18, 2016 10:10 PM
To: pfSense Support and Discussion Mailing List <list@lists.pfsense.org>
Subject: Re: [pfSense] IPv6 with Comcast and two pfSense - invalid prefix
length, XID mismatch
On Wed, May 18, 2016 at 7:14 PM, Steve Yates <st...@teamits.com> wrote:
> We have an application with a Comcast-provided SMC router and two
> pfSense routers (Comcast <- building <- tenant). The building router
> (v2.3.0) gets an IPv6 address and can ping out. However in its DHCP logs I
> see:
>
> dhcp6c invalid prefix length 64 + 4 + 64
> dhcp6c XID mismatch (several of these)
>
> Am I correct that "invalid prefix length" means the Comcast router
> isn't delegating a /60 properly? I have it set:
>
> DHCPv6 Prefix Delegation size 60
> Send IPv6 prefix hint checked
>
> If I as for a /56 I get "invalid prefix length 64 + 8 + 64."
>
> My second question was going to be about getting IPv6 to the PCs
> inside the tenant router but unless I'm mistaken I need a couple more
> /64 networks for that (what a waste of IPs...I know there's a lot but
> still...).
>
> Thanks,
>
> Steve Yates
> ITS, Inc.
>
>
Comcast's support documents claim that "Business IP Gateway" devices (a.k.a.
your SMC modem/router) are allocated a /56. However, there seem to be
indications on Comcast's forums and other networking forums that they aren't
doing that properly on certain models with certain firmware. (One example is
http://forums.businesshelp.comcast.com/t5/IPV6/Dual-Stack-on-SMC-D3GCCR-and-Cisco-DPC3939B/td-p/20504/page/2
is from over a year ago, but that could still be an issue now given the speed
which these companies release firmware updates.)
Can you check if there is a firmware update for the SMC box?
Is there any way to check in the settings of the SMC box to see what it got
from Comcast? None of my customers are using that model at the moment, so I
can't tell you where to look.
If you do not have static IPs from Comcast, your best option is probably to
replace the Comcast-provided router with a Motorola/Arris Surfboard modem and
have the building pfSense talk directly to Comcast through that.
However, for some reason that defies all logical explanation, Comcast will not
let you BYOM if you use static IPs.
Some people (also mentioned in the forum link above) have gotten prefix
delegation to work by asking Comcast to switch their SMC router for a Netgear
one.
--
Moshe Katz
-- mo...@ymkatz.net
-- +1(301)867-3732
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
