Skip to content
tmittelstaedt's profile

Problem solver


326 Messages

Sunday, October 17th, 2021 6:12 AM

Part #3 of 3 Guide to Copper business static IPv6 setup from Comcast and DHCP-PD on the Comcast CBR-T.

​This uses Cisco IOS router commands for configuring the Cisco 2800 and I've included the relevant parts of the Cisco configuration at the bottom.  You will have to translate this to whatever configuration commands are used for your brand of User Router.  Start from the CBR-T router online, passing IPv4 traffic, and you are able to surf the web using IPv4 from a PC plugged into the CBR-T.​

​1) After logging in and changing the password, turn off the wifi networks.  (these are just CPU wasters)  Click Connection, Status and click on the edit buttons for each network and shut them off​

​2) Record the following information from the Connection, Status page:​

​Link Local Gateway Address (IPv6) fe80:0bad:beef:dead:beef​
​Global Gateway Address (IPv6)  2603:3004:273:f900:0bad:beef:dead:beef​
​Delegated prefix  2603:3004:273:f900::/56​

​Note that it is not necessary to tick the Stateless (Auto Config) checkbox on the router​
​web interface - it will do it anyway whether that box is ticked or not.  In fact it's best​
​NOT to change much else from the defaults although you can turn off the firewall on the​

​3) Configure the Cisco 2800 to obtain a dhcp-pd address.  Assuming the WAN port on the Cisco is named FastEthernet0/0 here's the portion of the IPv6 config snippet (ipv4 and access list commands are removed):​

​interface FastEthernet0/0​
​ description Comcast-Link​
​ no ip redirects​
​ no ip unreachables​
​ ip nbar protocol-discovery​
​ ip nat outside​
​ ip virtual-reassembly​
​ duplex auto​
​ speed auto​
​ ipv6 address autoconfig default​
​ ipv6 enable​
​ ipv6 dhcp client pd comcast-prefix​
​ random-detect dscp-based​
​ no cdp enable​

​4) Now issue the command:​

​#sh ipv6 general-prefix​

​You should get back something like the following:​

​IPv6 Prefix comcast-prefix, acquired via DHCP PD​
​  2603:3004:273:F960::/59 Valid lifetime 265472, preferred lifetime 265472​

​5) Now find out the IPv6 address of your Cisco 2800 with the command​

​#sh ipv6 interface fastethernet0/0​

​FastEthernet0/0 is up, line protocol is up​
​  IPv6 is enabled, link-local address is FE80::21B:CFF:FE3C:3FA0​
​  Description: Comcast-Link​
​  Global unicast address(es):​
​    2603:3004:273:F900:21B:CFF:FE3C:3FA0, subnet is 2603:3004:273:F900::/64 [PRE]​
​      valid lifetime 299 preferred lifetime 299​
​  Joined group address(es):​
​    FF02::1​
​    FF02::2​
​    FF02::1:FF3C:3FA0​
​  MTU is 1500 bytes​
​  ICMP error messages limited to one every 100 milliseconds​
​  ICMP redirects are enabled​
​  ND DAD is enabled, number of DAD attempts: 1​
​  ND reachable time is 30000 milliseconds​
​  ND advertised reachable time is 0 milliseconds​
​  ND advertised retransmit interval is 0 milliseconds​
​  ND router advertisements are sent every 200 seconds​
​  ND router advertisements live for 1800 seconds​
​  Hosts use stateless autoconfig for addresses.​

​Make sure it's a legitimate address of the first /64 of the 2603:3004:273:F900::/56 prefix delegated to the CBR-T​

​6) Check that the Cisco 2800 has the correct default gateway​

​#sh ipv6 route​

​IPv6 Routing Table - 8 entries​
​Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP​
​       U - Per-user Static route​
​       I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary​
​       O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2​
​       ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2​
​S   ::/0 [1/0]​
​     via FE80::0BAD:BEEF:DEAD:BEEF, FastEthernet0/0​
​C   2603:3004:273:F900::/64 [0/0]​
​     via ::, FastEthernet0/0​
​L   2603:3004:273:F900:21B:CFF:FE3C:3FA0/128 [0/0]​
​     via ::, FastEthernet0/0​
​S   2603:3004:273:F960::/59 [1/0]​
​     via ::, Null0​
​C   2603:3004:273:F960::/64 [0/0]​
​     via ::, FastEthernet0/1​
​L   2603:3004:273:F960:21B:CFF:FE3C:3FA1/128 [0/0]​
​     via ::, FastEthernet0/1​
​L   FE80::/10 [0/0]​
​     via ::, Null0​
​L   FF00::/8 [0/0]​
​     via ::, Null0​

​6) Now make sure you can ping out from the FastEthernet0/0 address 2603:3004:273:F900:21B:CFF:FE3C:3FA0 with the command:​

​#ping ipv6 repeat 5​

​Translating ""...domain server ( [OK]​

​Type escape sequence to abort.​
​Sending 5, 100-byte ICMP Echos to 2600:1405:1800:181::356E, timeout is 2 seconds:​
​Success rate is 100 percent (5/5), round-trip min/avg/max = 12/13/16 ms​

​7) Next, subnet the /59 into a /64 and apply the /64 to the LAN interface of your router.  Use the first /64 of the 2603:3004:273:F960::/59 prefix handed to you by the CBR-T  with the commands:​

​interface FastEthernet0/1​
​ description LAN Interface​
​ ip address​
​ ip nat inside​
​ ip virtual-reassembly​
​ duplex auto​
​ speed auto​
​ ipv6 address 2603:3004:273:F960::/64 eui-64​
​ ipv6 enable​

​8)  Now, issue a ping using that address to make sure the CBR-T is routing​

​Protocol [ip]: ipv6​
​Target IPv6 address:​
​Translating ""...domain server ( [OK]​

​Repeat count [5]:​
​Datagram size [100]:​
​Timeout in seconds [2]:​
​Extended commands? [no]: yes​
​Source address or interface: fastethernet0/1​
​UDP protocol? [no]:​
​Verbose? [no]:​
​Precedence [0]:​
​DSCP [0]:​
​Include hop by hop option? [no]:​
​Include destination option? [no]:​
​Sweep range of sizes? [no]:​
​Type escape sequence to abort.​
​Sending 5, 100-byte ICMP Echos to 2600:1405:1800:18B::356E, timeout is 2 seconds:​
​Packet sent with a source address of 2603:3004:273:F960:21B:CFF:FE3C:3FA1​
​Success rate is 100 percent (5/5), round-trip min/avg/max = 12/12/12 ms​

​9) If none of this works test an IPv6 ping from a host plugged into the CBR-T.  Since that will get IP addressing via SLAAC from the first /64 subnet of the /56 assigned to it.  If that doesen't work power-cycle the modem and call Comcast if you still can't get out on the IPv6 network.  If pings from the router WAN interface work but pings from the router internal interface do not work then power-cycle the CBR-T and try again.​

​10) At this point your hosts plugged into the inside LAN network of the Cisco 2800 will start getting SLAAC addresses and default gateways from the Cisco 2800 and should be able to ping out.​

​11) Install IPv6 firewalls and IPv6 access lists on the router and hosts with IPv6 addresses​

​12) Add static routes to your hosts on the PublicLAN network pointing to the Cisco 2800.​

​Here are some examples:​

​For the Linux boxes:​

​To show routes​

​ route -A inet6​
​ route -C -A inet6​

​To add a route​

​# route -A inet6 add 2603:3004:273:F960::/59 gw FE80::21B:CFF:FE3C:3FA0 enp4s0f0​

​For FreeBSD:​

​To show routes​

​netstat -r​

​To add a route​

​#route add -inet6 2603:3004:273:F960::/59 FE80::21B:CFF:FE3C:3FA0%bce0  ​

​For Windows​

​To show the routes:​

​netsh interface ipv6 show route store=persistent​

​To add a route​

​netsh interface ipv6 set route 2603:3004:273:F960::/59 "Internet" FE80::21B:CFF:FE3C:3FA0 1 0 2 yes 5000 5000 store=persistent​

​Windows IPv6 info​

No Responses!