Those of you lucky to have a native IPv6 connection from your ISP,
could you please share what network topology your ISP offers. E.g.
1. One IPv6 address
2. A /64 on the internal interface of ISP-owned CPE
3. A /64 for the link and a /56 for your devices (like HE does on
its tunnels)
4. Unnumbered for the link and a /56 for your devices
5. ??? (other variants)
I have native IPv6 only on my GSM mobile phone (MTS), and it's Case
1, from the MTS-Mobile-ipv6-Siberia netblock.
Those of you lucky to have a *native* IPv6 connection from your
ISP, could you please share what network topology your ISP
offers. E.g.
3. A /64 for the link and a /56 for your devices
I think #3 comes closest.
I am not sure about the /64 for the link. The only visible part of the link is the IPv6 WAN address of the router. It is outside the /56
assigned to the user, the link may just use a /128.
The modem/router supplied by the ISP assigns one /64 for the LAN and another /64 for the guest network. More /64 out of the /56 can be obtained by connecting extra routers.
For IPv6 one must use the modem/router from the provider. When the modem/router from the provider is set in bridge mode, the connection becomes IPv4 only.
Those of you lucky to have a native IPv6 connection from your
ISP, could you please share what network topology your ISP
offers. E.g. 1. One IPv6 address 2. A /64 on the internal
interface of ISP-owned CPE 3. A /64 for the link and a /56 for
your devices (like HE does on its tunnels) 4. Unnumbered for the
link and a /56 for your devices 5. ??? (other variants) I have
native IPv6 only on my GSM mobile phone (MTS), and it's Case 1,
from the MTS-Mobile-ipv6-Siberia netblock.
One address for the link and /48 routed in.
It appears very similar to the topology that is expected to become a common requirement for all ISPs here in Russia for the nearest future (hopefully 2022, possibly 2023): at least one address for the link and
at least /64 for the internal network.
Do you see the WAN address of the router in the `traceroute -6` output?
2. A /64 on the internal interface of ISP-owned CPE
For IPv6 one must use the modem/router from the provider. When
the modem/router from the provider is set in bridge mode, the
connection becomes IPv4 only.
This looks very similar to what I've heard from a Rostelecom
representative. This probably means that the IPv6 is not really
"native" and there is some kind of tunnel terminated at the
provider-owned CPE.
The odd thing is that on a premium bussines account there is no such restriction. With such an account one has dual stack with the modem in bridge. So I don't think your theory is correct.
Do you see the WAN address of the router in the `traceroute -6`
output?
I do. I never checked this before... The line number 1 is the address
of my router. What did I win? :)
tommi@pyx:~$ traceroute6 dns.google
traceroute to dns.google (2001:4860:4860::8888) from 2001:14bb:1c6:e06f::15, 30 hops max, 16 byte packets 1 dyjdry78ccrbs--1pt5ty-4.rev.dnainternet.fi (2001:14bb:1c6:e06f:8213:82ff:feac:8660) 0.568 ms 0.437 ms 0.406 ms
2 * * *
3 * * *
4 2001:4860:1:1::2305 (2001:4860:1:1::2305) 23.58 ms 37.876 ms
23.834 ms 5 2001:4860:1:1::2304 (2001:4860:1:1::2304) 32.267 ms
28.794 ms * 6 2a00:1450:805f::1 (2a00:1450:805f::1) 32.423 ms *
27.819 ms 7 dns.google (2001:4860:4860::8888) 24.711 ms 17.996 ms 28.852 ms
>> Do you see the WAN address of the router in the `traceroute -6`
>> output?
TK> I do. I never checked this before... The line number 1 is the address
TK> of my router. What did I win? :)
Your router's WAN interface is probably not unnumbered. It's just fun to know.
Those of you lucky to have a *native* IPv6 connection from your
ISP, could you please share what network topology your ISP
offers. E.g.
Do you see the WAN address of the router in the `traceroute -6` output?
tracert -6 dns.google
2. A /64 on the internal interface of ISP-owned CPE
Additionally, I can ping my router's public IPv6 address from
the LAN side, don't know about the WAN side. I also can make
IPv6 connections to sites on the Internet, infact, macOS 11+
default to IPv6 first; and my Linux system has been updated to do
the same.
OK, so you have outgoing IPv6 capbility. But incoming is still a
problem. Can you expand a bit on what attempts you have made to
achieve incoming and why you think it didn't work?
Those of you lucky to have a native IPv6 connection from your ISP,
could you please share what network topology your ISP offers. E.g.
Very odd. A normal reboot would not do that, only a factoy reset. ISPs
can initiate both, and a reboot is not all that strange, but a factory reset would not normally be done by an ISP.
A modem/router that factory resets at power down?
What can I say? I thought the my ISP provided modem/router was crap, but this is worse than I ever thought could happen...
The box they provide her (which is also her wifi router) "factory[...]
resets" every time there is a power outage. When she first got the
Long story short: She's using the box from her ISP with the
settings imposed upon her from that horrible box that provides
fantastic speeds.
Very odd. A normal reboot would not do that, only a factoy reset.My Mom has a fiber-to-the-house connection with symmetrical gigabit
ISPs can initiate both, and a reboot is not all that strange, but
a factory reset would not normally be done by an ISP.
speeds at her house (which isn't available here, and I'm totally not jealous) from her local power company.
The box they provide her (which is also her wifi router) "factory
resets" every time there is a power outage. When she first got the connection she was using the default wifi SSID which was a prefix
and the mac-address of the router, along with a super long and
complicated password.
I made it more simple for them by making the wifi name more personal
to them and giving them a memorable passphrase instead of that
complicated password, sure enough the next time the power went out it reverted back to factory settings. "No big deal" I thought, I just
set their box to bridge mode and added my own wifi box and set her up
that way.
What can I say? I thought the my ISP provided modem/router was crap,Yeah, I didn't really believe it when my Mom told me that's what
but this is worse than I ever thought could happen...
it does, but sure enough, she was right. While he default SSID is
gnarly looking, at least the default password isn't insecure.
To help in that department I made a wifi QR code for her using https://qifi.org so that guests can just scan that QR code instead
of typing in that super long password.
2. A /64 on the internal interface of ISP-owned CPE
If appears that 2 is the closest.
Xfinity / Comcast of Dover, Delaware (USA)
I've got a dynamic IPv6 Address on my router WAN side reporting (via a FUGLY web interface):
WAN IP Address (IPv6): 2001:558:6027:19:c4e3:1bee:faf8:939d
WAN Default Gateway Address (IPv6): fe80::201:5cff:fe80:6846
Delegated prefix (IPv6): 2601:48:c500:9340::/64
Interally::
Mac worstation [ifconfig en0] [GbE]
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=50b<RXCSUM,TXCSUM,VLAN_HWTAGGING,AV,CHANNEL_IO>
ether 14:98:77:33:fb:b5
inet6 fe80::14ad:ef4c:c045:132f%en0 prefixlen 64 secured scopeid
0x6
inet6 2601:48:c500:9340::c0e3 prefixlen 60 dynamic
What can I say? I thought the my ISP provided modem/router was
crap, but this is worse than I ever thought could happen...
Yeah, I didn't really believe it when my Mom told me that's what
it does, but sure enough, she was right. While he default SSID is
gnarly looking, at least the default password isn't insecure.
To help in that department I made a wifi QR code for her using
https://qifi.org so that guests can just scan that QR code
instead of typing in that super long password.
Entering your WiFi prameters on an external resource is a very unwise idea.
echo 'WIFI:T:WPA;S:Muzenirres;P:ds4tN3oxUzku61WD;;' \
| qrencode -s 50 -l H -8 -d 600 -o my_wifi.png
inet6 2601:48:c500:9340::c0e3 prefixlen 60 dynamic
This is very interesting. Why "prefixlen 60" on the LAN?
inet6 2601:48:c500:9340::c0e3 prefixlen 60 dynamic
This is very interesting. Why "prefixlen 60" on the LAN?
Perhaps - an educated guess here - Comcast's provided gateway has, potentially, 4 internal LAN interfaces. It could be configured with a 5GHz WiFi subnet, a 2.4GHz one, the GbE ports, and a 'Xfinity Home'
port. I haven't investigated what the "Home" port is used for, but
that may explain the breaking down of the /64 to /60. Again, just a theory.
inet6 2601:48:c500:9340::c0e3 prefixlen 60 dynamic
This is very interesting. Why "prefixlen 60" on the LAN?
Whatever Comcast's intentions, are you sure that a LAN with a
prefixlen different from /64 will work properly? Will a non-standard prefix not break SLAAC and other things?
This is where my theoretical knowledge is lacking, but I've always
been warned against using anything different from /64 on a LAN
segment.
The gateway and my dozen+ devices do not seem to have any issues
getting dynamic IPv6 addresses, and since most are Apple, IPv6 is
the prefered connection method. As an "end-user", I don't know
why Comcast has chosen to give my network MORE address space;
like 1800000000000000000+ addresses wasn't enough; they've given
me 295000000000000000000+ addresses.
Actually compared to other ISP they are a bit miserly. They only give
you a /60. My ISP gives me a /56 and many others issue a /48.
WAN IP Address (IPv6): 2001:558:6027:19:c4e3:1bee:faf8:939d
WAN Default Gateway Address (IPv6): fe80::201:5cff:fe80:6846
Delegated prefix (IPv6): 2601:48:c500:9340::/64
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 293 |
Nodes: | 16 (2 / 14) |
Uptime: | 240:53:12 |
Calls: | 6,624 |
Files: | 12,173 |
Messages: | 5,320,079 |