Both provide a /64 on the internal interfaces but only dhcpcd gives an
address to the external interface (em0).
Yes, that is what I stated in my reply: dhcpcd(8) supports DHCPv6-NA
which is needed for em0 to get a globally-routable IPv6 address (unless
your ISP supports RFC 6603) while dhcp6leased(8) only supports
DHCPv6-PD.
If I request and receive two there is no ipv6 net access. Seems that
with multiple ipv6 subnets there needs to be an ipv6 address on the
external interface.
That's not surprising and (almost) agrees with what I've read from
others who use Xfinity. I've read that you _must_ use DHCPv6-NA for
DHCPv6-PD to work at all. In your case DHCPv6-PD with a single /64
prefix delegation works even without DHCPv6-NA. I require IPv6 on my
WAN-facing interface, so I've never bothered to test configuration
without it.
None of the above contructs work at all.
If Xfinity requires DHCPv6-NA as other have claimed, then it makes sense
that dhcp6leased(8) doesn't work. dhcpcd(8) should definitely work
though. Perhaps there is an issue with your firewall rules? Make sure
you have something like below:
pass out quick inet6 proto icmp6 allow-opts
pass out quick
pass in quick inet6 proto icmp6 allow-opts
pass in quick on $wan inet6 proto udp to port 546 no state
You can try and play Whac-A-Mole after if that is overly permissive.
People are used to blocking ICMP without (major) issues, but ICMPv6 is
more important. Personally, I don't try and filter ICMPv6. There was an
issue a few years back from someone using an overly restrictive pf(4)
ruleset[^1].
Something like below should work for dhcpcd(8):
ipv6only
noipv6rs
allowinterfaces em0 em1 vlan66
script ""
interface em0
duid
iaid 0
ia_na 0
ia_pd 0/::/60 em1/0/64 vlan66/1/64
ipv6rs
Note I'm assuming you _don't_ want dhcpcd(8) to touch your DNS or NTP
configuration which is what script "" does. You claim that "requesting
more than two pd's does not work with either dhpc6leased or dhcpcd".
With above you will only request one /60 prefix delegation and dhcpcd(8)
will subnet the /64s from it and assign them to the listed interfaces.
If you want to add another interface (e.g., vlan77), then you'd have:
allowinterfaces em0 em1 vlan66 vlan77
ia_pd 0/::/60 em1/0/64 vlan66/1/64 vlan77/2/64
dhcpcd(8) should have no problem subnetting more than two /64s from the
single /60 delegated prefix. If you still have issues, then I recommend
you run dhcpcd(8) in debug mode and reply with the logs.
[^1]: https://marc.info/?l=openbsd-misc&m=167502694716840&w=2
