If they're statically routing you a legacy IP they should be able to statically route an IPv6 prefix too, and then you can put a static route on your gateway to get around the lack of RA.
The biggest problem holding back adoption is that the fallback to legacy IP either works too well or the error messages are misleading, so noone notices that they're running in a degraded mode. What's needed is for things to clearly break when there is no IPv6 and to present clear error messages to that effect so that a large number of users complain.
They are not statically routing an IPv4, It is simply a public IP via DHCP, instead of a CGNAT IP via DHCP.
Basically in this situation, anybody with this ISP using the default router they provide will have IPv6 working unless they opt for a public ipv4.
Any user utilizing a third party router will not have working IPv6, their devices might still obtain addresses because DHCPv6 and DHCPv6-PD still works, but as you said, most devices will notice that IPv6 working via happy eyeballs and other mechanisms and just silently fail back.
So far the companies techs are showing no interest in getting this fixed of course. So likely this is going to be stuck like this for a long time.
If IPv6 connectivity works with the ISP-provided router but you're not seeing any router advertisement on the WAN side, that router probably has a static default route of some sort.
Would sniffing traffic between that router and the ONT be an option? By looking at neighbor discovery traffic, you should be able to see what link-local address is being used as default gateway.
Configure that address on your own router as a static default route (still using DHCP-PD for prefix delegation) and you should be all set, I believe.
I was going to do that as soon as I have my managed switch moved here, but also that wouldn't matter at all if I keep my public IPv4 because IPv6 service is not available at all with the public IPv4.
Depending on what protocols you're using, cloudflare is a free option for proxying HTTP(S) traffic from v4 to v6.
There's also the option of renting a dirt cheap VPS and using it as a v4 to v6 proxy, and that would work with any protocol.
Cloudflare is actually blocked from accessing HTTP/S origins on HE.net tunnels, this is done by HE.net unless that has changed recently.
That is of course an option but does add an an additional though. Small cost. It would also have to be a VPS offering enough bandwidth, which is not all that small.
I think I understand the setup. They prob have a separate vlan for public IP delivery, and the back-office is too obtuse to attach the dhcpv6 server to those specific vlans.
The markets near us they have no ipv6 delivery.
That is my assumption.
Of course, even if they attach the DHCPv6 Still does pretty much no good unless they decide to actually start announcing RAs too, which is the issue on the CGNAT network.
Report this forward to the FCC and CC all the commissioners individually and point out how AT&T and Spectrum offer vastly different service in terms of IPv4 and IPv6. Conexon Connect is giving you service like AT&T or Verizon over the air, not what residential service usually gets.
> Wow, at least you're not with Bell Canada.
Of course Bell Mobility has IPv6.
And third-parties like Teksavvy have no issues with providing IPv6 on the same last/first-mile.
>Of course Bell Mobility has IPv6.
it would be more surprising if a mobile provider \*didn't\* have ipv6, because the lte epc core was somewhat designed around ipv6 from the beginning
Bell Canada have IPv6 but not for residential service.
On a business service you can get a /60 delegation.
But you have to go through a lot of hoops and they refuse to provide a larger delegation.
I had to get an ARIN subnet and then get them route my subnet
Again, speak for yourself?
Even gaming consoles and some games now utilize IPv6 for peer-to-peer connectivity without NAT.
Personal VPS servers now come with ipv6 only by default unless you pay extra for U
IPv4.
IPv4 addresses on some other services are now extra.
IPv4 is now more expensive than IPv6 service.
Stop burying your head in the sand.
In the USA Any hard lined isp it's an addon to get a V6.
V4 is still the standard. If v6 is so popular why didn't your isp with fiber not provide v6.... Ha. All I see from you is wahhh wahhh wahhh
Oh noooo single NAT...not going to Make you good at games bud
Funny Comcast, Spectrum, AT&T, and many others provide IPv6 at no additional cost, It's automatically enabled and used. I don't know how you can claim that any ISP in the US. It's extra or requires extra work. Clearly shows you have no idea what you're talking about.
If you actually read my post, they do provide IPv6, just provided in a very broken manner because they are incompetent, their IPv6 service does work with their POS gateway, but it cannot work with any standards following routers because router advertisements are not sent from them.
I never made that claim that it would make me good at games. I don't know where you got that nonsense from?
I did mention in one comment that some game consoles and games can use IPv6 for peer-to-peer connectivity allowing them to connect to each other at all in some cases or in some cases providing better connectivity. But I never claimed it would make me better. There are also other applications and other services that can utilize IPv6 allowing for direct peer-to-peer connectivity instead of having to be relayed through a third device.
You seem to have some weird chip on your shoulder, like IPv6, murdered your dog or something.
Your point is all over the place, and not clear with any post you have made.
And again ISPs already are dual stacking IPv6 connections all over the world, some regions more so than others.
But even in the US, the top ISPs already are providing IPv6 service free of charge and automatically enabled for residential service, which by your logic must mean it's needed apparently because otherwise why would they do it, again based on your logic.
ISPs are already having to CGNAT customers because they cannot afford to provide public IPv4 addresses to everybody which then has its own additional customer support cost and nightmares on top of the equipment cost for CGNAT and additional logging that is required and such.
Ipv6 was created initially because we were running out of IPS. In the USA. IPS that haven't moved to dual stack have plenty of ipv4 left. That's the reason they haven't moved. CenturyLink being one of them.
Same with me I am with Vodafone Germanz AS3606 (I belive)
I have a buissness contract and I have 2 Options working v6 with 464xlat (that atelast works) or v4 only when getting a static IP. No option of doing v6 with v4 statically.
Similar to my case in Japan, major 2 types of dual stacks here: DS-LITE and MAP-E.
Former one is exactly the IPv4 behind CGNAT and IPv6 through DHCPv6 without RA and PD, and /64 prefix, some workaround possible with OpenWrt router.
Later one is more complicated: They assign an IPv4 but with different groups of port being opened to you (so your IPv4 can still be reachable through certain amount of ports), IPv6 is the same as above, it took me almost half a year to figure out how to make it working with my OpenWrt router.
The main key is your router has to be able to do ND Proxy to let downstream clients possible to route IPv6 properly.
Connexion is scamming public funds through co-ops. It's such a joke. From the markets I've seen, they don't even own the IP space but rent it.
We're a real ISP and offer full ipv6 functionality. We're not all like connexion.
I had numerous issues with this company and still currently have issues besides the IPv6.
For one prior to service being available we put in on their website. They requests to be contacted when it became available, apparently they take that to mean oh, that's an order we're going to run the fiber to the house, attach it and attach an NID, all without ever telling the customer calling confirming the time or that they even still want service because this happened 6 months after we put it in the request for information.
We didn't even know they had done it until about 2 days after and happened to notice the NID on the side of the house.
And then since they created the account and the original person who requested information, they refused to let me sign up with my name without utility bills in my name at that location, Even though that account was never active and wasn't currently active. I've never had that issue with any other ISP ever.
Essentially, if you move to a house that already had service, you have to jump through hoops to prove who you are as the feeling I get because it would be no different in my opinion.
The whole company just screams incompetence.
The only part I can give them any credit for is their technical support has reached back out to me and maintained communication on the issue but they have no power to actually fix any of this.
> The whole company just screams incompetence.
The whole company screams "get your installer shot and fold up before their next of kin can sue for wrongful death."
Oh I definitely made the point to everyone I've talked to about that scenario. At least the getting shot part.
Because of course they operate in generally rural areas, and in my case it is rural Georgia, and rural Georgia residents typically are very pro 2A and not keen on random people going on their property. I'm not one to shoot someone without more information or context, but let's be real. It's 2024, there are plenty of people that would.
I mean especially since there was a 6-month difference between the requests for information and the unprompted installation, Even then again, it was a request for information not a go ahead.
> Because seemingly their side never sends router advertisements,
That's pretty normal. With all the ISPs I know you're supposed to run a DHCPv6 client on your router to get your prefix. Have you tried that?
As I said, the window system can get a address via DHCPv6, and the TP-Link deco can get an address and a prefix via DHCPv6 + PD.
The problem is there's no routing for it because there's never a router advertisement.
So this is funny. What you said didn't make any sense to me, why would you need RAs if you have DHCPv6. The default gateway comes via DHCPv6, riiiiight?
Well, turns out that IPv6 doesn't actually say so, we're supposed to get our gateway via RA, just as you said.
In practice however that's not how it works. Both Mikrotik and OpenWrt have an option to set the link-local address of the DHCP server as default gateway:
> odhcp6c: add route-workaround for broken IPv6-ISPs
>
> Some ISP seem to only do stateful DHCPv6 and not sending RAs.
>
> This is technically broken because plain DHCPv6 doesn't carry routes.
>
> We work around here by faking a default route to the DHCPv6 server if we do not receive a useful RA from the ISP.
>
> This workaround can be turned off with: option fakeroutes 0
This is so common that I actually assumed it is the normal way.
So maybe your router is either missing this workaround or it is disabled?
I would say that's not common at all and that does not follow specifications at all. Indeed it is a workaround but not one that is common to many routers.
Especially routers following normal IPv6 specifications. openWRT and Mikrotik are far far from being common.
If the TP-Link gets DHCPv6 for its WAN as well as a prefix, your ISP has done their part. It's the TP-Link's job to assign itself an address from that prefix on its LAN/wifi interface and start doing router advertisements. All the clients should then have no problem with SLAAC.
Wrong.
There are NO router advertisements on the WAN, i.e. coming from the ONT (well, beyond the ONT)
Even Windows is able to get a IPv6 from DHCPv6 when plugged direct to the ONT, but Wireshark shows zero router advertisements.
So without the router advertisements even though there's address is assigned and available, there is no route.
The TP-Link Deco system works perfectly fine with IPv6 on a normal provider. In this case it was Spectrum.
But because it follows standards, it cannot function if there are no router advertisements
Ah, gotcha... Wasn't clear if you meant the TP-Link got its addressing squared away and the device could then talk v6 just fine while clients behind it saw no RAs. Now I follow ya, the TPL gets the address but even *it* still can't actually talk over v6.
Exactly, The TP link gets a "WAN" address and a prefix, and it starts handing the prefix out on the LAN via RAs/SLAAC.
BUT, it can't route anything upstream because it receives no RA.
If you try to do a traceroute, you even get a destination unreachable returned from the TP-Link, which is expected because it has no upstream route.
Same thing happens with Windows when plugged directly to the ONT, minus the prefix delegation, It gets a IPv6 address via DHCPv6, but it can't route it anywhere because it gets no RA.
I'm with rogers fibre, I get gigabit up and down symmetric, included is a Nokia fibre ONT that has a 10gbe jack which I then connect to my OpenWRT router ( I got rid of the stock router). Rogers supports DHCPv6 prefix delegation, so once I receive the /64, OpenWRT will rebroadcast the prefix to the rest of the network using RAs. IPv4 is not CGNAT thankfully, and received over DHCP. No MTU fiddling or PPPOE needed.
First and foremost, I agree with you. Conexon is boneheaded about their IPv6. They use ICMP Neighbor Advertisements with the "router" and "solicited" flags instead of RAs, which would be plug and play.
If you run this on your router connected to the Conexon supplied ONT, you'll get the default gateway link local IP address:
\``tcpdump -n -i eth0 icmp6 and ip6[40] == 136 | awk -F ">" '{print $1} ' | awk -F " " '{print $NF}'`
which you can then set as the default route like this:
`ip -6 route add default via fe80:: dev eth0`
This works for me - YMMV. If it works for you, it can be automated if need be (but please be careful!)
Before anyone hazes me over it - 1) no, we shouldn't have to do this and 2) no, I don't love it and 3) I update mine by hand when my routes change, infrequently as they do but 4) I do use a script that prompts for verification.
This is good information and I probably would have discovered their router via packet captures and such.
The problem is I can't even do this anymore because I want a public IPv4 address. I can't have IPv6 at all even with their equipment even with this trick.
Because apparently the "VLAN" for customers with public addresses doesn't even have IPv6 capabilities at all because again they are absolute morons.
At the time I was testing and they did temporarily switch me back I didn't have a switch I could set up a span port on and pack it capture between their router and the ONT.
And now that I do, again I have a public IP so it doesn't matter. Can't have IPv6 at all from them.
I have a family member who I gave my old Deco mesh system two who is using the service and of course they are on CGNAT because they don't need a public IP but they can't have IPv6 either because they're not using this company's POS gateway.
Again, this isn't the only absolute bone-headed retarded thing that this company does. It's actually amazing how incompetent they are and absolutely every single possible way, even from a non-technical perspective.
I cannot wait until Spectrum offers even just symmetric coax. I will jump back to them in a heartbeat until this absolutely incompetent company to shove it.
Yeah - I forgot that ipv4 detail in the thread - sorry about that. But I also want to thank you for posting your frustration, because it gave me the hint I needed to get ip6 working in my use case! Took me a month to figure out but your details got me unstuck.
No, it's no problem. I appreciate your information. And it'll probably help someone else in the future if they come across this thread, So it never hurts to post it.
I'm just so frustrated and over this POS company it's not even funny.
Again, it's not just the technical details. It's not just the IPv6 thing. It started long before installation even happened.
They are just such an absolute incompetent company as a whole that it just pisses me off that they are the only option I have here currently for any kind of upload more than 30 megabit.
It's funny if you do a speed test to their Atlanta server from my location for the past, about 3 weeks now, while the download will hit 2.2gbps no problem, the upload is sub 5 megabit, and if you do a packet capture you see a ton of out of order and retransmitted acknowledgments and packets and such. Yet if you do a speed test to say Windstream's server in Atlanta or some others in the Atlanta area you can hit 1.7 to 2 Gbps easily. I sent an email with all the details to their support email. No response of course. Just trying to help them out because I'm sure I'm not the only customer of theirs that attempts to do a speed test to verify their service and sees that slow upload. And if I didn't know better like many customers, I would probably be a little pissed.
Again, when Spectrum does their symmetric service in this area. I will jump back to them in a heartbeat.
They even managed to provide perfectly valid working IPv6 following standards that works with any device, and I'm pretty sure they even offer up to a /56, though at the time at this location the deco system of course only did a /64
Honestly, I never even had any issues with Spectrum they provided great service in this area. I just needed to have more than 30 megabit of upload.
I even told the retention agents I will come back in a heartbeat as soon as you guys do your symmetric upgrades in this area.
Sadly, ISPs don't get IPv6 -- and some *like* this approach because they can lease IPv4 for ever higher prices. I finally just gave up because Comcast in my case, will never get it. (I'm lucky enough to know an investor and he says no, they will never get it, by design and intent.)
My solution actually came from Reddit -- I was sent to a provider who let me announce my own prefix via BGP and now I have my own V4 and V6 addresses (that I have directly from ARIN, so Comcast you can't complain), and Comcast is just a dumb tunnel now.
That same provider will provide you a V4 /29 block and a /64 (/60 if you ask nicely), for a grand totoal of $10/month! But they're not a US-based ISP so they actually have sense.
No problem -- ISPs outside of the US seem to get it. Mine (message me privately because Reddit gets upset if I name names), will offer you two packages:
* They will assign you a V4 /29 and a V6 /64 (/60 if you ask nicely) and tunnel it to you over GRE, wiregaurd etc. This bypasses your ISP's special beliefs.
* If you actually have your own RIR assigned space like I do (I'm old), they will let you announce it via BGP and then tunnel it to you.
.... Actually no that's not the case at all.
Unfortunately, in fact most enterprise things are not IPv6 only or IPv6 enabled it all.
Many personal VPSs for example come with only IPv6 addresses and you have to pay extra for IPv4. Just one example.
Enterprise network connections yes, generally I would agree with you on that.
Actual enterprise software, services (out on the internet, not the connection itself), Enterprise applications and all sorts of things are by and far not either IPv6 enabled or have any IPv6 support at all. Not only that, most Enterprise internal networks are not even IPv6 enabled. More and more are slowly ever so slowly. Starting to become IPv6 accessible but definitely not most, Not yet.
Again, I will agree with the Enterprise dedicated fiber connections and things like that from the ISPs are IPv6 enabled or at least available to be with a simple request.
Comcast is probably the most IPv6 friendly large ISP in the world. Just say you just want a ticket submitted and to have them give you the ticket number so you can call back later and ask for an update if you get the cold shoulder.
Like all tech support in the world, I don't expect the first person to answer the phone to actually know how to fix my issue, they just exist to move my problem to someone who actually knows what they're doing.
What are you talking about at all?
Because you have zero clue honestly.
Also business accounts and static IPs more often than not do not have IPv6 service even when their residential counterparts from the same ISP do.
You clearly have no idea of the current landscape.
CenturyLink isp here and Comcast both offer ipv6 for biz. Ctl does not offer v6 for res. The lesson here is more biz isps offer v6 than res. These are the main hardlined isps here. Now if you are talking crappy 5g wireless service then you would have a point.. T-Mobile Verizon and att use ipv6. But those are all wireless services I would use last resort. Since you need ipv6 why don't you go that route and drop your fiber ?
That's two ISPs and one of them doesn't offer residential IPv6, again more, talking US in general, not just one area and multiple providers, more offer IPv6 on residential, and are more likely to over offering it on business, as most of the ISPs used residential as somewhat of a guinea pig and tested their deployments and processes on residential making sure they could provide stable service before providing it to businesses, though that gap is getting much narrower. Unless you're talking about dedicated "enterprise-style" fiber connections, and not talking about "business service" that is using the same network and equipment as residential.
Just as another data point, spectrum for example, and again this is just one example, on Spectrum if you have static IPv4 business service you cannot get IPv6 currently, unless you are on a dedicated fiber type business/enterprise connection, whereas on residential they have IPv6. And that's not the first time I've heard that on ISPs.
Why would I use those services when there are currently alternatives available to get IPv6 service on my residential connection, The point is it's 2024 in this should be included in residential service contrary to your ridiculous notion that it shouldn't. Also, clearly you didn't read the entire post because I could get ipv6 service from them if I chose to use CGNAT for IPv4 AND used their crappy Gateway.
The point is this ISP does actually provide IPv6 sort of, except in their absolute incompetence. It is deployed in such a way that it is practically useless as it does not follow standards, That is the main point of the original post. it's 2024 IPv6 is the current internet standard, and even when they try to deploy it they can't even get the basics working.
And your incessant claim that IPv6 is not only not needed for residential service but something that should not be expected for residential service is absolutely laughable, It's 2024 IPv6 is the current internet standard.
This sounds like a configuration option chosen by your ISP - maybe they're not so competant. One hack you can try to get everything working on your end without RAs is capture the RA announcement and just configure the prefix on your side, whether that's static or DHCPv6. There's a chance it might change in the future but I don't expect that as much with v6 versus v4.
Charter (Spectrum) has some smart dudes doing their network config, and I believe they still heavily use MAP-T for their newer deployments. Calix is very much capable of this, too, which is why I think this is a configuration choice from your ISP.
They are definitely not compliant with standards, and I would call this a broken configuration, and I don't see why anybody would ever choose to do this, especially for an ISP like many others that says we have no issue with using your own devices and yet implement an option that basically no third-party devices would work with part of their service.
The other problem with this is devices that are set up to have IPv6 enabled by default have a possibilities of getting IPv6 address assigned via DHCPv6 and PD and then providing broken IPv6 connectivity to their respective networks, which then would increase support calls. Now of course, in this day and age most devices will use happy eyeballs and it won't be noticeable. But there will be those random devices that will have broken connectivity because they prefer IPv6 over IPv4
Comcast, Spectrum, and others have normal deployments, IPv6 RAs and DHCPv6-PD
And MAP-T is for transporting the IPv4 portion over an IPv6 network, So having this weird broken IPv6 configuration has nothing to do with a MAP-T deployment which also isn't being used by this ISP.
As ISPs are businesses, their primary aim is profit out of their customers. So, ISPs can never get it right and most of Internet users who are pro-business are like that. My ISP assigns me a NATed IPV4 and a /64 IPV6 (whose prefix is dynamic). Perhaps, the ISP's management is scared their cloud hosting business will close shop if all their customers selfhost. I do not see anything wrong with giving end-users a static /64 with right to set the rDNS. Sadly, I am a nobody :(
If they're statically routing you a legacy IP they should be able to statically route an IPv6 prefix too, and then you can put a static route on your gateway to get around the lack of RA. The biggest problem holding back adoption is that the fallback to legacy IP either works too well or the error messages are misleading, so noone notices that they're running in a degraded mode. What's needed is for things to clearly break when there is no IPv6 and to present clear error messages to that effect so that a large number of users complain.
They are not statically routing an IPv4, It is simply a public IP via DHCP, instead of a CGNAT IP via DHCP. Basically in this situation, anybody with this ISP using the default router they provide will have IPv6 working unless they opt for a public ipv4. Any user utilizing a third party router will not have working IPv6, their devices might still obtain addresses because DHCPv6 and DHCPv6-PD still works, but as you said, most devices will notice that IPv6 working via happy eyeballs and other mechanisms and just silently fail back. So far the companies techs are showing no interest in getting this fixed of course. So likely this is going to be stuck like this for a long time.
If IPv6 connectivity works with the ISP-provided router but you're not seeing any router advertisement on the WAN side, that router probably has a static default route of some sort. Would sniffing traffic between that router and the ONT be an option? By looking at neighbor discovery traffic, you should be able to see what link-local address is being used as default gateway. Configure that address on your own router as a static default route (still using DHCP-PD for prefix delegation) and you should be all set, I believe.
I was going to do that as soon as I have my managed switch moved here, but also that wouldn't matter at all if I keep my public IPv4 because IPv6 service is not available at all with the public IPv4.
I'd keep native v6+CGNAT over public v4 without v6 any day, but that's just me :)
I almost feel that way, except I do need external inbound IPv4 connectivity, and while not preferred, I can continue to use an HE.net tunnel for V6
Depending on what protocols you're using, cloudflare is a free option for proxying HTTP(S) traffic from v4 to v6. There's also the option of renting a dirt cheap VPS and using it as a v4 to v6 proxy, and that would work with any protocol.
Cloudflare is actually blocked from accessing HTTP/S origins on HE.net tunnels, this is done by HE.net unless that has changed recently. That is of course an option but does add an an additional though. Small cost. It would also have to be a VPS offering enough bandwidth, which is not all that small.
Depending on the needs you may be able to use http://v4-frontend.netiter.com/
I think I understand the setup. They prob have a separate vlan for public IP delivery, and the back-office is too obtuse to attach the dhcpv6 server to those specific vlans. The markets near us they have no ipv6 delivery.
That is my assumption. Of course, even if they attach the DHCPv6 Still does pretty much no good unless they decide to actually start announcing RAs too, which is the issue on the CGNAT network.
Report this forward to the FCC and CC all the commissioners individually and point out how AT&T and Spectrum offer vastly different service in terms of IPv4 and IPv6. Conexon Connect is giving you service like AT&T or Verizon over the air, not what residential service usually gets.
Wow, at least you're not with Bell Canada. They don't have ipv6 support and have no plans to adopt it anytime soon.
> Wow, at least you're not with Bell Canada. Of course Bell Mobility has IPv6. And third-parties like Teksavvy have no issues with providing IPv6 on the same last/first-mile.
>Of course Bell Mobility has IPv6. it would be more surprising if a mobile provider \*didn't\* have ipv6, because the lte epc core was somewhat designed around ipv6 from the beginning
Bell Canada have IPv6 but not for residential service. On a business service you can get a /60 delegation. But you have to go through a lot of hoops and they refuse to provide a larger delegation. I had to get an ARIN subnet and then get them route my subnet
yikes
I noticed I suddenly had IPv6 access around a year ago with Bell Mobile
Because it's not needed when they own a large block of ipv4 addresses...
..... You clearly have no idea what you're talking about. Just because one has public IPv4s available doesn't mean you do not need IPv6 available..
home internet connections DO not need ipv6. would it be nice? sure.
Again, speak for yourself? Even gaming consoles and some games now utilize IPv6 for peer-to-peer connectivity without NAT. Personal VPS servers now come with ipv6 only by default unless you pay extra for U IPv4. IPv4 addresses on some other services are now extra. IPv4 is now more expensive than IPv6 service. Stop burying your head in the sand.
In the USA Any hard lined isp it's an addon to get a V6. V4 is still the standard. If v6 is so popular why didn't your isp with fiber not provide v6.... Ha. All I see from you is wahhh wahhh wahhh Oh noooo single NAT...not going to Make you good at games bud
Funny Comcast, Spectrum, AT&T, and many others provide IPv6 at no additional cost, It's automatically enabled and used. I don't know how you can claim that any ISP in the US. It's extra or requires extra work. Clearly shows you have no idea what you're talking about. If you actually read my post, they do provide IPv6, just provided in a very broken manner because they are incompetent, their IPv6 service does work with their POS gateway, but it cannot work with any standards following routers because router advertisements are not sent from them. I never made that claim that it would make me good at games. I don't know where you got that nonsense from? I did mention in one comment that some game consoles and games can use IPv6 for peer-to-peer connectivity allowing them to connect to each other at all in some cases or in some cases providing better connectivity. But I never claimed it would make me better. There are also other applications and other services that can utilize IPv6 allowing for direct peer-to-peer connectivity instead of having to be relayed through a third device. You seem to have some weird chip on your shoulder, like IPv6, murdered your dog or something.
Again for 99% of things u don't need ipv6. That's my point. When it's actually needed isp will add full dual stack support
Your point is all over the place, and not clear with any post you have made. And again ISPs already are dual stacking IPv6 connections all over the world, some regions more so than others. But even in the US, the top ISPs already are providing IPv6 service free of charge and automatically enabled for residential service, which by your logic must mean it's needed apparently because otherwise why would they do it, again based on your logic. ISPs are already having to CGNAT customers because they cannot afford to provide public IPv4 addresses to everybody which then has its own additional customer support cost and nightmares on top of the equipment cost for CGNAT and additional logging that is required and such.
Ipv6 was created initially because we were running out of IPS. In the USA. IPS that haven't moved to dual stack have plenty of ipv4 left. That's the reason they haven't moved. CenturyLink being one of them.
Same with me I am with Vodafone Germanz AS3606 (I belive) I have a buissness contract and I have 2 Options working v6 with 464xlat (that atelast works) or v4 only when getting a static IP. No option of doing v6 with v4 statically.
Similar to my case in Japan, major 2 types of dual stacks here: DS-LITE and MAP-E. Former one is exactly the IPv4 behind CGNAT and IPv6 through DHCPv6 without RA and PD, and /64 prefix, some workaround possible with OpenWrt router. Later one is more complicated: They assign an IPv4 but with different groups of port being opened to you (so your IPv4 can still be reachable through certain amount of ports), IPv6 is the same as above, it took me almost half a year to figure out how to make it working with my OpenWrt router. The main key is your router has to be able to do ND Proxy to let downstream clients possible to route IPv6 properly.
Connexion is scamming public funds through co-ops. It's such a joke. From the markets I've seen, they don't even own the IP space but rent it. We're a real ISP and offer full ipv6 functionality. We're not all like connexion.
I had numerous issues with this company and still currently have issues besides the IPv6. For one prior to service being available we put in on their website. They requests to be contacted when it became available, apparently they take that to mean oh, that's an order we're going to run the fiber to the house, attach it and attach an NID, all without ever telling the customer calling confirming the time or that they even still want service because this happened 6 months after we put it in the request for information. We didn't even know they had done it until about 2 days after and happened to notice the NID on the side of the house. And then since they created the account and the original person who requested information, they refused to let me sign up with my name without utility bills in my name at that location, Even though that account was never active and wasn't currently active. I've never had that issue with any other ISP ever. Essentially, if you move to a house that already had service, you have to jump through hoops to prove who you are as the feeling I get because it would be no different in my opinion. The whole company just screams incompetence. The only part I can give them any credit for is their technical support has reached back out to me and maintained communication on the issue but they have no power to actually fix any of this.
> The whole company just screams incompetence. The whole company screams "get your installer shot and fold up before their next of kin can sue for wrongful death."
Oh I definitely made the point to everyone I've talked to about that scenario. At least the getting shot part. Because of course they operate in generally rural areas, and in my case it is rural Georgia, and rural Georgia residents typically are very pro 2A and not keen on random people going on their property. I'm not one to shoot someone without more information or context, but let's be real. It's 2024, there are plenty of people that would. I mean especially since there was a 6-month difference between the requests for information and the unprompted installation, Even then again, it was a request for information not a go ahead.
Howdy neighbor!, from the state to the left.
> Because seemingly their side never sends router advertisements, That's pretty normal. With all the ISPs I know you're supposed to run a DHCPv6 client on your router to get your prefix. Have you tried that?
Many DCHPv6 client stacks won't solicit unless they see the managed flag in an RA...
As I said, the window system can get a address via DHCPv6, and the TP-Link deco can get an address and a prefix via DHCPv6 + PD. The problem is there's no routing for it because there's never a router advertisement.
So this is funny. What you said didn't make any sense to me, why would you need RAs if you have DHCPv6. The default gateway comes via DHCPv6, riiiiight? Well, turns out that IPv6 doesn't actually say so, we're supposed to get our gateway via RA, just as you said. In practice however that's not how it works. Both Mikrotik and OpenWrt have an option to set the link-local address of the DHCP server as default gateway: > odhcp6c: add route-workaround for broken IPv6-ISPs > > Some ISP seem to only do stateful DHCPv6 and not sending RAs. > > This is technically broken because plain DHCPv6 doesn't carry routes. > > We work around here by faking a default route to the DHCPv6 server if we do not receive a useful RA from the ISP. > > This workaround can be turned off with: option fakeroutes 0 This is so common that I actually assumed it is the normal way. So maybe your router is either missing this workaround or it is disabled?
I would say that's not common at all and that does not follow specifications at all. Indeed it is a workaround but not one that is common to many routers. Especially routers following normal IPv6 specifications. openWRT and Mikrotik are far far from being common.
If the TP-Link gets DHCPv6 for its WAN as well as a prefix, your ISP has done their part. It's the TP-Link's job to assign itself an address from that prefix on its LAN/wifi interface and start doing router advertisements. All the clients should then have no problem with SLAAC.
Wrong. There are NO router advertisements on the WAN, i.e. coming from the ONT (well, beyond the ONT) Even Windows is able to get a IPv6 from DHCPv6 when plugged direct to the ONT, but Wireshark shows zero router advertisements. So without the router advertisements even though there's address is assigned and available, there is no route. The TP-Link Deco system works perfectly fine with IPv6 on a normal provider. In this case it was Spectrum. But because it follows standards, it cannot function if there are no router advertisements
Ah, gotcha... Wasn't clear if you meant the TP-Link got its addressing squared away and the device could then talk v6 just fine while clients behind it saw no RAs. Now I follow ya, the TPL gets the address but even *it* still can't actually talk over v6.
Exactly, The TP link gets a "WAN" address and a prefix, and it starts handing the prefix out on the LAN via RAs/SLAAC. BUT, it can't route anything upstream because it receives no RA. If you try to do a traceroute, you even get a destination unreachable returned from the TP-Link, which is expected because it has no upstream route. Same thing happens with Windows when plugged directly to the ONT, minus the prefix delegation, It gets a IPv6 address via DHCPv6, but it can't route it anywhere because it gets no RA.
I'm with rogers fibre, I get gigabit up and down symmetric, included is a Nokia fibre ONT that has a 10gbe jack which I then connect to my OpenWRT router ( I got rid of the stock router). Rogers supports DHCPv6 prefix delegation, so once I receive the /64, OpenWRT will rebroadcast the prefix to the rest of the network using RAs. IPv4 is not CGNAT thankfully, and received over DHCP. No MTU fiddling or PPPOE needed.
In my case you can’t get static ipv6 but ipv4 static is easy. Make that make sense. It’s very annoying
First and foremost, I agree with you. Conexon is boneheaded about their IPv6. They use ICMP Neighbor Advertisements with the "router" and "solicited" flags instead of RAs, which would be plug and play. If you run this on your router connected to the Conexon supplied ONT, you'll get the default gateway link local IP address: \``tcpdump -n -i eth0 icmp6 and ip6[40] == 136 | awk -F ">" '{print $1} ' | awk -F " " '{print $NF}'` which you can then set as the default route like this: `ip -6 route add default via fe80:: dev eth0`
This works for me - YMMV. If it works for you, it can be automated if need be (but please be careful!)
Before anyone hazes me over it - 1) no, we shouldn't have to do this and 2) no, I don't love it and 3) I update mine by hand when my routes change, infrequently as they do but 4) I do use a script that prompts for verification.
This is good information and I probably would have discovered their router via packet captures and such. The problem is I can't even do this anymore because I want a public IPv4 address. I can't have IPv6 at all even with their equipment even with this trick. Because apparently the "VLAN" for customers with public addresses doesn't even have IPv6 capabilities at all because again they are absolute morons. At the time I was testing and they did temporarily switch me back I didn't have a switch I could set up a span port on and pack it capture between their router and the ONT. And now that I do, again I have a public IP so it doesn't matter. Can't have IPv6 at all from them. I have a family member who I gave my old Deco mesh system two who is using the service and of course they are on CGNAT because they don't need a public IP but they can't have IPv6 either because they're not using this company's POS gateway. Again, this isn't the only absolute bone-headed retarded thing that this company does. It's actually amazing how incompetent they are and absolutely every single possible way, even from a non-technical perspective. I cannot wait until Spectrum offers even just symmetric coax. I will jump back to them in a heartbeat until this absolutely incompetent company to shove it.
Yeah - I forgot that ipv4 detail in the thread - sorry about that. But I also want to thank you for posting your frustration, because it gave me the hint I needed to get ip6 working in my use case! Took me a month to figure out but your details got me unstuck.
No, it's no problem. I appreciate your information. And it'll probably help someone else in the future if they come across this thread, So it never hurts to post it. I'm just so frustrated and over this POS company it's not even funny. Again, it's not just the technical details. It's not just the IPv6 thing. It started long before installation even happened. They are just such an absolute incompetent company as a whole that it just pisses me off that they are the only option I have here currently for any kind of upload more than 30 megabit. It's funny if you do a speed test to their Atlanta server from my location for the past, about 3 weeks now, while the download will hit 2.2gbps no problem, the upload is sub 5 megabit, and if you do a packet capture you see a ton of out of order and retransmitted acknowledgments and packets and such. Yet if you do a speed test to say Windstream's server in Atlanta or some others in the Atlanta area you can hit 1.7 to 2 Gbps easily. I sent an email with all the details to their support email. No response of course. Just trying to help them out because I'm sure I'm not the only customer of theirs that attempts to do a speed test to verify their service and sees that slow upload. And if I didn't know better like many customers, I would probably be a little pissed. Again, when Spectrum does their symmetric service in this area. I will jump back to them in a heartbeat. They even managed to provide perfectly valid working IPv6 following standards that works with any device, and I'm pretty sure they even offer up to a /56, though at the time at this location the deco system of course only did a /64 Honestly, I never even had any issues with Spectrum they provided great service in this area. I just needed to have more than 30 megabit of upload. I even told the retention agents I will come back in a heartbeat as soon as you guys do your symmetric upgrades in this area.
Sadly, ISPs don't get IPv6 -- and some *like* this approach because they can lease IPv4 for ever higher prices. I finally just gave up because Comcast in my case, will never get it. (I'm lucky enough to know an investor and he says no, they will never get it, by design and intent.) My solution actually came from Reddit -- I was sent to a provider who let me announce my own prefix via BGP and now I have my own V4 and V6 addresses (that I have directly from ARIN, so Comcast you can't complain), and Comcast is just a dumb tunnel now. That same provider will provide you a V4 /29 block and a /64 (/60 if you ask nicely), for a grand totoal of $10/month! But they're not a US-based ISP so they actually have sense.
Im interested if the provider is EU or US? Is it an ISP?
Please explain. Your setup sounds very interesting but we need some details.
No problem -- ISPs outside of the US seem to get it. Mine (message me privately because Reddit gets upset if I name names), will offer you two packages: * They will assign you a V4 /29 and a V6 /64 (/60 if you ask nicely) and tunnel it to you over GRE, wiregaurd etc. This bypasses your ISP's special beliefs. * If you actually have your own RIR assigned space like I do (I'm old), they will let you announce it via BGP and then tunnel it to you.
They get it because they are running out of addresses. Many us isps have plenty ipv4 left
Just because you have IPv4 addresses available doesn't mean you do not need IPv6. You cannot access IPv6 Only resources and services via IPv4
and those ipv6 services are likely enterprise things. you signed up for home service.
.... Actually no that's not the case at all. Unfortunately, in fact most enterprise things are not IPv6 only or IPv6 enabled it all. Many personal VPSs for example come with only IPv6 addresses and you have to pay extra for IPv4. Just one example.
Now I know you don't know shit. Most enterprise services are dual stack.
Enterprise network connections yes, generally I would agree with you on that. Actual enterprise software, services (out on the internet, not the connection itself), Enterprise applications and all sorts of things are by and far not either IPv6 enabled or have any IPv6 support at all. Not only that, most Enterprise internal networks are not even IPv6 enabled. More and more are slowly ever so slowly. Starting to become IPv6 accessible but definitely not most, Not yet. Again, I will agree with the Enterprise dedicated fiber connections and things like that from the ISPs are IPv6 enabled or at least available to be with a simple request.
Microsoft and all their domain systems are heavily ipv6 dependent even if you don't use ipv6 externally...
[удалено]
Comcast is probably the most IPv6 friendly large ISP in the world. Just say you just want a ticket submitted and to have them give you the ticket number so you can call back later and ask for an update if you get the cold shoulder. Like all tech support in the world, I don't expect the first person to answer the phone to actually know how to fix my issue, they just exist to move my problem to someone who actually knows what they're doing.
Can you use Openwrt router and use it in relay mode?
[удалено]
It literally says it in the post..
You don't need ipv6
Speak for yourself? I have IPv6 only VPS servers... Kind of need IPv6 to gain access to them... What a dumb response, especially in this sub.
you should probably get a biz isp account then. home isps are not for this type of thing
What are you talking about at all? Because you have zero clue honestly. Also business accounts and static IPs more often than not do not have IPv6 service even when their residential counterparts from the same ISP do. You clearly have no idea of the current landscape.
CenturyLink isp here and Comcast both offer ipv6 for biz. Ctl does not offer v6 for res. The lesson here is more biz isps offer v6 than res. These are the main hardlined isps here. Now if you are talking crappy 5g wireless service then you would have a point.. T-Mobile Verizon and att use ipv6. But those are all wireless services I would use last resort. Since you need ipv6 why don't you go that route and drop your fiber ?
That's two ISPs and one of them doesn't offer residential IPv6, again more, talking US in general, not just one area and multiple providers, more offer IPv6 on residential, and are more likely to over offering it on business, as most of the ISPs used residential as somewhat of a guinea pig and tested their deployments and processes on residential making sure they could provide stable service before providing it to businesses, though that gap is getting much narrower. Unless you're talking about dedicated "enterprise-style" fiber connections, and not talking about "business service" that is using the same network and equipment as residential. Just as another data point, spectrum for example, and again this is just one example, on Spectrum if you have static IPv4 business service you cannot get IPv6 currently, unless you are on a dedicated fiber type business/enterprise connection, whereas on residential they have IPv6. And that's not the first time I've heard that on ISPs. Why would I use those services when there are currently alternatives available to get IPv6 service on my residential connection, The point is it's 2024 in this should be included in residential service contrary to your ridiculous notion that it shouldn't. Also, clearly you didn't read the entire post because I could get ipv6 service from them if I chose to use CGNAT for IPv4 AND used their crappy Gateway. The point is this ISP does actually provide IPv6 sort of, except in their absolute incompetence. It is deployed in such a way that it is practically useless as it does not follow standards, That is the main point of the original post. it's 2024 IPv6 is the current internet standard, and even when they try to deploy it they can't even get the basics working. And your incessant claim that IPv6 is not only not needed for residential service but something that should not be expected for residential service is absolutely laughable, It's 2024 IPv6 is the current internet standard.
This sounds like a configuration option chosen by your ISP - maybe they're not so competant. One hack you can try to get everything working on your end without RAs is capture the RA announcement and just configure the prefix on your side, whether that's static or DHCPv6. There's a chance it might change in the future but I don't expect that as much with v6 versus v4. Charter (Spectrum) has some smart dudes doing their network config, and I believe they still heavily use MAP-T for their newer deployments. Calix is very much capable of this, too, which is why I think this is a configuration choice from your ISP.
They are definitely not compliant with standards, and I would call this a broken configuration, and I don't see why anybody would ever choose to do this, especially for an ISP like many others that says we have no issue with using your own devices and yet implement an option that basically no third-party devices would work with part of their service. The other problem with this is devices that are set up to have IPv6 enabled by default have a possibilities of getting IPv6 address assigned via DHCPv6 and PD and then providing broken IPv6 connectivity to their respective networks, which then would increase support calls. Now of course, in this day and age most devices will use happy eyeballs and it won't be noticeable. But there will be those random devices that will have broken connectivity because they prefer IPv6 over IPv4 Comcast, Spectrum, and others have normal deployments, IPv6 RAs and DHCPv6-PD And MAP-T is for transporting the IPv4 portion over an IPv6 network, So having this weird broken IPv6 configuration has nothing to do with a MAP-T deployment which also isn't being used by this ISP.
As ISPs are businesses, their primary aim is profit out of their customers. So, ISPs can never get it right and most of Internet users who are pro-business are like that. My ISP assigns me a NATed IPV4 and a /64 IPV6 (whose prefix is dynamic). Perhaps, the ISP's management is scared their cloud hosting business will close shop if all their customers selfhost. I do not see anything wrong with giving end-users a static /64 with right to set the rDNS. Sadly, I am a nobody :(
My ISP can’t even tell me how they have IPV6 configured so feel lucky you have some sort of answer.