Is the IPv6 Hop limit is getting set to 0 by Comcast for Advterisements during the DHCPv6 shaking. My firewall is dropping the DHCPv6 Advertise packets.
Further investigation shows the problem doesn't appear to be the firewall, but the Advertisement XIDs getting dropped when they hit the firewall. The reason is that the hop limit is 0 when Comcast sends the Advertisement XID. My syslog shows this:
7 Feb 20 2017 21:11:34 fe80::201:5cff:fe62:a246 547 fe80::f60f:1bff:fe76:fa57 546 UDP request discarded from fe80::201:5cff:fe62:a246/547 to outside:fe80::f60f:1bff:fe76:fa57/546
When doing a packet dump to see what is what, I find this in the Advertisement XID in the IPv6 Header:
Hop limit: 0
As per RFC 2460 for IPv6, it states "The packet is discarded if Hop Limit is decremented to zero." Hence it appears that my firewall/router is doing exactly what it is supposed to do as per spec/RFC.
Comcast appears to be sending Advterisment XIDs via DHCPv6 with hop limit = 0. Other dumps of other ISPs around the net, etc shows a hop limit set at 10 to 64.
I have contacted the telephone support to no avail (they all think resetting your modem is the magic bullet) and getting to tier 3 support (or beyond) is nearly impossible. I have reached out directly to John Brzozowski and also one of the Comcast representatives who had frequented this forum. No response. I miss the days of Comcast/Arris/NetDog/Tuska.
If anyone else has seen this or if someone from Comcast can verify if perhaps its just my account or whatever, this would be very helpful. I really want to get IPv6 going, but it has been difficult at best.
I finally got to Tier 3 support and spoke to someone who initially replied that I am using a fancy router and they don't think they can fix the issue *he must have spoke to a middle manager who doesn't get the de[th of the problem). I tried to explain to him this violates the RFC 2460 in the following manner (from RFC 2460 - https://tools.ietf.org/html/rfc2460):
Section 3 (p. 4):
Hop Limit 8-bit unsigned integer. Decremented by 1 by each node that forwards the packet. The packet is discarded if Hop Limit is decremented to zero.
and Section 8.2 (p. 27):
8.2 Maximum Packet Lifetime Unlike IPv4, IPv6 nodes are not required to enforce maximum packet lifetime. That is the reason the IPv4 "Time to Live" field was renamed "Hop Limit" in IPv6. In practice, very few, if any, IPv4 implementations conform to the requirement that they limit packet lifetime, so this is not a change in practice. Any upper-layer protocol that relies on the internet layer (whether IPv4 or IPv6) to limit packet lifetime ought to be upgraded to provide its own mechanisms for detecting and discarding obsolete packets.
His final response is this needs to go to engineering and will get back to me. The thing is, its not looking good because Comcast is ok with the low/cheap routers that don't conform to spec. Comcast needs to support the spec and as per 8.2, eventually they will have no choice. Their best bet is to validate it's an issue, own it, and fix it. Its not that hard... fill in the Hop limit with 1 or more!