I have a Cisco DPC3939B modem/router from Comcast, and am trying to get the IPv6 support working.
I would like to have it delegate me a /64 from the /56 the website lists, but can only get it to hand out single IP addresses. The PD request appears to be ignored. To get IPv6 working I've had to set up a tunnel through Hurricane Electric, which is a ridiculous thing to do in 2020.
I see a bunch of people here with the same issue, and never see a response, just "contact me directly". I'll do that if needed, but I'd rather a FAQ or searchable document be in place so I didn't have to struggle with what appears to be a normal configuration.
I am trying to do the DHCP6-PD because that sounds like the "right" answer, but I'd be happy to configure static IPs as well, but when I do, the device won't route them and they never leave my local LAN.
I have static IPv4 addresses, so apparently have to leave the device in router mode and can't just use bridge mode and get it to stop "helping".
Why is this so difficult, and what do I need to do to get it resolved?
Hello, I will be happy to investigate and make sure your Comcast Business service is working ideally. Are you able to send a private message so I can take a closer look at your service and equipment? If you can include your first and last name, your full-service address, and your account number? (or phone number) this would be great! Do you use the Comcast Business app? From the app, if you select the three lines in the left corner and go to Account Details, you can view your account number.
You are correct, you need to make a dhcpv6-pd request from your equipment. How you request and apply the PD reply will be largely dependent on what your gear is. However, there appears to be a lingering issue with static IPv4 addresses and functional IPv6, at least with the Cisco/Technicolor modems that are required for static addressing.
If you want to test how it all works, you can place the DPC3939B into advanced bridge mode and use DHCP for v4 and dhcpv6-pd for v6 and it will work. I wrote a few guides on how to make this work on here, but it's a bit dated. Another reasonable guide can be found here, but again, the router-lite / "passthrough" mode required by static address seem to break IPv6 functionality completely in any usable manner (detailed all over this forum).
That's not good news. I depend on the fixed IPs, and therefore must leave the router out of the bridge mode.
Does one of the other devices work better? If so, maybe I can get Comcast to swap it out.
Since they've started sending ipv6, a bunch of my stuff is getting AAAA records from DNS queries and thinks they should work, and everything hangs. Keeping those AAAA records out is a flaky work-around and harder than it sounds, because things keep falling back to 18.104.22.168, which sends them.
Hey, Comcast, what do you intend to do about this? You've screwed me, again!
And after what you did with SecurityEdge, I am NOT a happy customer.
BTW, thanks for the concrete information. I've been trying to get pfsense to request a dhcp-pd block for some time, and when it looks like it works ti gives the weirdest and unusuable results.
I may try the raw "bridge mode" briefly to see if it behaves better, but can't leave it there as my ipv4 addresses are critical.
I'd be happy to configure static routes on my devices and let them to the dhcp6 for everything, but without getting the blocks delegated the modem doesn't seem to route them. It's very frustrating.
Bridge mode definitely works better and is what I have been on for 10 days now. I only paid for the static v4 addressed to get static v6, and since I need v6 more than v4, I have resorted to using dynamic just to have end to end v6. I may just cancel my statics and get my own cable modem at this point. 10 days of no useful response and I have re-worked everything to do what I want with dynamic means I can save $600 a year on modem rental fees and addressing costs.
Lou-Erickson what you are seeing with pfSense and DHCP-PD 'oddities' are well documented on this forum. It just won't work. I have tried 2 different modems from Comcast and it does not appear to be a device issue but a firmware issue.
I have at least 2 posts here on the forum detailing my journey before giving up, multiple 'escalations', multiple 'tech dispatches' and multiple Comcast techs telling me they do not support DHCP-PD. I require IPv4 static addresses so bridge mode will not work for me. I have given up on all IPv6 with my Comcast line...
Maybe in the future Comcast will push a firmware update that fixes the broken DHCPv6-PD problems, based on my experience the first few tiers of support have no idea what DCHPv6-PD is or how routing with IPv6 works. Their escalations to the engineers in charge of firmware fail to convey the problem... hence it not being fixed.
This is very frustrating. I would be happy to just shut off IPv6 but have to manage that at each device, when possible. Otherwise we get AAAA addresses that devices think they should be able to use and can't. If I set up an HE tunnel, a bunch of services (hello, Netflix!) block me because it messes up their geoip.
So I have bad IPv6 that I can't use and can't easily get rid of.
I guess my next question is what other provider can do this and not screw it up.
Good morning, we are truly sorry for the delayed response and so sorry to see that you are having issues with your modem as we do understand that this can be very frustrating for your business. Do not worry, you have reached an amazing team to help! Can you please send us a private message with your name, the full address, and the phone or account number?
I've pretty much given up on them.
A week after I posted my last update, I got another private message from Comcast asking, "Are you using any other routers with your modem?"
Of course I am, there's no point in DHCP-PD without that. And they're required for me, because the limited features of this router won't handle my firewall requirements.
I was out of town and missed their reply so have only just replied just now. I will see if they reply.
I can guess at the response of ‘we don’t support anything on the other side of the modem’ or something similar.
Or the fun of ‘we can ping the IPv6 WAN interface, case closed’.
Hello, there, I am sorry we have not been able to get connected on forums. This is always a great place to talk and get support because we are a dedicated team that will always do all we can to help. It does not look like every received a private message with your account information. Are you able to send a private message that includes your name exactly as it appears on your account, your full-service address, and your account number? (or phone number) This will allow us to take a closer look at your modem and IPv6.
Were you able to get this working? I have been trying to get help on this for a few months and my ticket went cold:
Hi there, thanks so much for taking the time out to reach out to the Digital Care Team here through the forums and I am so sorry to see that we have not yet updated you on this issue. I understand how frustrating this can be and you have reached the right team to help. Can you please send us a private message with your name, the full address, and the phone or account number?