I neglected to mention it but I did find and read many articles on Comcast modem support. As a whole the posts were rather conflicting and confused so it seemed that it may or may not work...older posts were more likely to say it wasn't working.
We do have a static IPv4 block. Sadly a few years ago when we tried to increase speeds we were down for a time because their other non-SMC modem couldn't handle static IPs reliably and they had to scrounge for an SMC box for us. I inferred the techs knew this but Comcast was switching modems anyway. So, I'm hesitant to ask for a different one. :-/ Maybe it is different now. I don't see anything in the SMC interface about a firmware update. It's Comcast branded so I assume their firmware. Maybe we'd have to call. It has v 3.1.6.57 now. The SMC does show an IPv6 address, LAN DHCPv6 enabled with a range, and has an "External Router Delegated Prefix" section that is empty. The building router gets its IP from that range. The SMC has a different WAN IPv6 address in 2001:558:...::/64. At the bottom of its Gateway Summary/Network tab I see: LAN IPv6 Prefixs Delegations 2601:249:xxxx:yyyy::/64 ...with the LAN IP range. (yes, it is spelled "prefixs") -- Steve Yates ITS, Inc. -----Original Message----- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Moshe Katz Sent: Wednesday, May 18, 2016 10:10 PM To: pfSense Support and Discussion Mailing List <list@lists.pfsense.org> Subject: Re: [pfSense] IPv6 with Comcast and two pfSense - invalid prefix length, XID mismatch On Wed, May 18, 2016 at 7:14 PM, Steve Yates <st...@teamits.com> wrote: > We have an application with a Comcast-provided SMC router and two > pfSense routers (Comcast <- building <- tenant). The building router > (v2.3.0) gets an IPv6 address and can ping out. However in its DHCP logs I > see: > > dhcp6c invalid prefix length 64 + 4 + 64 > dhcp6c XID mismatch (several of these) > > Am I correct that "invalid prefix length" means the Comcast router > isn't delegating a /60 properly? I have it set: > > DHCPv6 Prefix Delegation size 60 > Send IPv6 prefix hint checked > > If I as for a /56 I get "invalid prefix length 64 + 8 + 64." > > My second question was going to be about getting IPv6 to the PCs > inside the tenant router but unless I'm mistaken I need a couple more > /64 networks for that (what a waste of IPs...I know there's a lot but > still...). > > Thanks, > > Steve Yates > ITS, Inc. > > Comcast's support documents claim that "Business IP Gateway" devices (a.k.a. your SMC modem/router) are allocated a /56. However, there seem to be indications on Comcast's forums and other networking forums that they aren't doing that properly on certain models with certain firmware. (One example is http://forums.businesshelp.comcast.com/t5/IPV6/Dual-Stack-on-SMC-D3GCCR-and-Cisco-DPC3939B/td-p/20504/page/2 is from over a year ago, but that could still be an issue now given the speed which these companies release firmware updates.) Can you check if there is a firmware update for the SMC box? Is there any way to check in the settings of the SMC box to see what it got from Comcast? None of my customers are using that model at the moment, so I can't tell you where to look. If you do not have static IPs from Comcast, your best option is probably to replace the Comcast-provided router with a Motorola/Arris Surfboard modem and have the building pfSense talk directly to Comcast through that. However, for some reason that defies all logical explanation, Comcast will not let you BYOM if you use static IPs. Some people (also mentioned in the forum link above) have gotten prefix delegation to work by asking Comcast to switch their SMC router for a Netgear one. -- Moshe Katz -- mo...@ymkatz.net -- +1(301)867-3732 _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold