Resolution of NetGear CMD31T Device Issue

NetGear provided Comcast with new firmware for emergency testing and certification. This process has completed and the critical IPv6 defect is resolved. We identified one open but non-blocking IPv6-related issue that we anticipate will be fixed in a firmware update from NetGear in the near future. This new firmware is in the process of being deployed to all of these devices operating on our network. In any areas where we had temporarily rolled back IPv6, we have turned IPv6 back on again. We have also resumed our national IPv6 deployment.

Xfinity, XfinityTV, and Customer Support Forum Web Sites Go Native Dual Stack

Our Xfinity and XfinityTV web portals, as well as our customer support forum have begun the move to IPv6 by enabling support for Native Dual Stack. The first part to move was our customer support forum, at forums.comcast.com, which went live in December 2011. This was in partnership with our support forum vendor, Lithium. The newest part today moves two of our major portal sites to IPv6, including Xfinity and XfinityTV. This critical move was made possible via close cooperation with Akamai, our CDN vendor. Over time, we will introduce support for native IPv6 for all of our other key websites.

Statement Regarding NetGear CMD31T Devices

Comcast is in the process of deploying IPv6 nationally, as noted on this site in great detail. We recently identified that the retail NetGear CMD31T device ships with and runs an uncertified version of firmware that exacerbates a critical IPv6-related defect. To ensure Comcast customers with these devices will continue to have uninterrupted Internet service, we have rolled back IPv6 temporarily in some parts of our network to give NetGear more time to address the issue. Comcast anticipates NetGear will soon address the issue for their retail devices, which we will test and deploy on an emergency basis.

Comcast 6RD Configuration Instructions for IPv6

6RD Configuration Instructions

IMPORTANT NOTE: On June 30, 2010, we activated 6RD border relays in our network as part of our testing of “Phase 1” of the expected transition to IPv6. On the one year anniversary of this activation, June 30, 2011, these 6RD border relays will be turned off, as they are no longer needed given the advanced state of our IPv6 testing and our Native Dual Stack strategy. Trial users testing 6RD can find directions on what to do next on our trial web forum. This date will of course enable our 6RD trial users to participate in World IPv6 Day on June 8, 2011.

As part of Comcast's IPv6 trials, we tested 6RD. On October 1, 2010, we announced the release of open source software for home gateway devices which supports 6RD, available here on SourceForge. This software is an extension of OpenWrt. While we have only tested it using the Linksys 160NL device, theoretically any device which is OpenWrt-capable, and with sufficient memory, should be able to run this software if you follow the configuration instructions below (until June 30, 2011). In addition, if your home gateway device already have 6RD support, you should also be able to follow these instructions and be able to use 6RD (until June 30, 2011).

 
General 6RD Configuration Settings

6RD Linksys 160NL Installation and Configuration
Additional FAQs:
General 6RD Configuration Settings
If you are using your own device or software to configure 6RD (other than our OpenWrt-based software), you can use this configuration:
  1. 6rd Prefix = 2001:55c
  2. 6rd prefix length = 32
  3. 6rd BR FQDN = 6rd.comcast.net
  4. IPv4 mask length = 0
6RD Linksys 160NL Installation and Configuration
The binary image for the 6RD client was developed on the OpenWRT 10.3 (Backfire) stream. Download it now here. This image includes the LuCI package, so you can use the web interface to setup all the necessary configuration parameters listed below. Note: We also provide the prebuilt binary for those who don’t want to compile the source tree. The binary is available here.

Prerequisites
  1. You need a Cisco Linksys 160NL router (HW Version 1.0) running the original Cisco software image.
  2. You must have a public IPv4 address.
Flashing the Firmware
To start, connect to the device's website at http://192.168.1.1. Once there, go to the administration screen, and then firmware upgrade. Here you will upload the ".bin" file that you have compiled or downloaded (see this note).
NOTE: The factory 160NL username is typically blank (i.e. no username), and the factory password is typically "admin".
Once the upgrade is completed, reboot the device, then follow the directions below.

Configuring the 6RD Tunnel
  1. Login using the administrative GUI (http://192.168.1.1 is the default address) and verify the version number at top right of the web page. It should show OpenWRT Backfire 10.03.
  2. On the login screen, type the username/password for the router and click the LOGIN button. The factory 160NL username is typically blank (i.e. no username), and the factory password is typically "admin".
  3. Click on Administrator tab in the right-hand corner. A 6RD tab will be displayed on the menu.
  4. Click on the 6RD tab.
  5. In Tunnel Type menu, select 6RD.
  6. You can choose between DHCP and Static options to set the 6RD parameters. We recommend you select Static.
  7. If you choose DHCP, you must configure your DHCP server to pass down the 6RD Option. Since IANA has yet allocated the DCHP option number for 6RD, we use 150, which will work fine until the reserved option number has been assigned by IANA.
  8. If you choose Static, you must enter the following parameters: IPv4 Mask Length (set to: 0), 6RD BR (set to: 6rd.comcast.net), 6RD Prefix (set to: 2001:55c) and 6RD Prefix Length (set to: 32).
  9. After parameters are filled, click Save & Apply. You may lose connectivity for few seconds as the router resets itself.
  10. The device will then automatically check the 6RD BR's health by pinging it. The tunnel will be setup only if the 6RD BR is reachable.
  11. If you want to know the 6RD Delegate Prefix, you can click on 6RDPrefixCalc. For this image, it doesn't support Prefix Delegation and so will always advertise a /64 to LAN.
  12. If you experience any IPv6 connectivity issues, please check the Tunnel Status section of the 6RD page to see if it is working. If you want to re-establish the tunnel, you can click the Reconnect button. This will tear down and re-create the 6RD tunnel.
Additional Configuration Notes
  • You should secure the device by setting a password. Click on System ---> Admin Password to set the password.
  • This image includes the wireless module and supports both 802.11g and 802.11n. This image also supports WPA/WPA2 encryption. You need to turn on wireless because it is off by default. You can configure wireless by clicking Administration to get to the Network menu. In Network, click the WiFi submenu and select RADIO0.
  • If you want to use a different DNS server from those learned from DHCP, you can goto Network ---> Interfaces ---> WAN menu. On the WAN page, goto Additional Field and choose DNS-Server. Hit Add button and a new field will be created. Enter the DNS server in the field and click Save & Apply.
  • This image supports UPnP and we have tested it successfully on many applications. You can enable UPnP by clicking Administration to access the Services menu. Under Services, there is UPNP submenu.
  • We tested this software with Xbox 360 Live (we're gamers). It worked when UPnP was enabled. You must also disable enable secure mode to get UPnP working for Xbox 360 Live. However, we couldn't connect to the PS3 Network. This seems to be a common issue for the OpenWRT base image.
Notes Concerning MTU Size
  1. Since 6RD is an encapsulation technology, it reduces the effective MTU size by the size of the encapsulated IPv4 header. We implemented the MSS option manipulation to increase the success rate for TCP connections. You can disable it by de-selecting MSS Option Rewrite
  2. Sometimes you may experience IPv6 connectivity issues even after enabling MSS Option Write. This can sometimes occur if the remote TCP server did not acknowledge the MSS Option. In this case, you may want to reduce the MTU size in your host to a lower value, which may mitigate the problem.
  3. We only recommend that advanced users configure the 6RD MTU size.
FAQs:
Is this built on OpenWrt?
This is built on OpenWrt "Backfire" code stream. It was fully integrated in the OpenWrt standard built process.

What does this software do?
This is an extension of OpenWrt, and it offers two different types of tunneling support. The first is where the user only has an IPv4 address and tunnels IPv6, using 6RD. The second is where the user only has an IPv6 address and tunnels IPv4, using Dual-Stack Lite.

What hardware was this tested on? Will it run on other hardware?
We have only tested this on the Linksys 160NL. However, the software should theoretically work on any device which is OpenWrt-capable, and with sufficient memory.

Where can I download the software?
You can download it here from SourceForge

What open source license did you use?
GPLv2

Why was this developed?
IPv6 transition technologies like 6RD are new, so when we started our IPv6 trials there was no commercially available home gateway available in retail with 6RD support. As a result, this software was developed for use in our IPv6 trials. The software is actively being used by customers in our network today, and is one of two different 6RD devices we are testing. The other device in our trial uses software developed by Cisco (which is not yet commercially released or supported).

Will Comcast continue to update this software?
In the near-term, yes. We may have one or two minor updates to resolve any bugs we uncover in our IPv6 trials. In the long-term we hope that others in the open source community will use and maintain the code, or that at least it will serve to assist other developers.

Do you offer technical support for 6RD?
No we do not. 6RD is part of our IPv6 trials. On or before the conclusion of these trials we will decide whether or not we will continue to maintain 6RD Border Relays, and if we do so, whether and what type of technical support may be offered.

When will the 6RD trial end?
The trial will conclude on June 30, 2011, exactly one year after it started.

Why is the 6RD trial ending?
Comcast's primary IPv6 strategy is Native Dual Stack and this is where we have chosen to focus our efforts moving forward after June 30, 2011. With this approach, native IPv6 addressing is available and there is no need to use 6RD.

Comcast 6to4 Configuration Instructions for IPv6

6to4 Configuration Instructions

As part of Comcast's IPv6 trials, we are testing 6to4. On August 17, 2010, we activated the first or our 6to4 relays, which are now deployed in a total of five locations around the network. These 6to4 relays are available via the standard 6to4 Anycast IP address, according to RFC 3068, which is 192.88.99.1. Devices attempting to use 6to4 within our network should automatically discover and utilize these 6to4 relays, without end user intervention or configuration. More information can be found below, including what home gateway devices offer 6to4 support and how to activate that function.

 

6to4 FAQs:

What is the IP address of the 6to4 relay?
These 6to4 relays are available via the standard 6to4 Anycast IP address, according to RFC 3068, which is 192.88.99.1. You should not need to configure this in your home gateway device; if you have 6to4 turned on it should simply use the closest 6to4 relay in our network.

What devices support 6to4?
A current list can be found here on Wikipedia. As of October 2010, that includes the Apple Airport Express and Extreme, Linksys WRT610N, and several other devices.

How do I configure 6to4 on the Apple Airport Express, Extreme, or Time Capsule?

  • You can refer to your manual online here
  • Open the Airport Utility application
  • Select your device, then click Manual Setup
  • Click the Advanced icon (the gray gear)
  • Click the IPv6 tab
  • For IPv6 Mode, select Tunnel
  • Make sure Configure IPv6 is set to Automatically

How do I configure 6to4 on the D-Link DIR-825 or DIR-615?

  • You can refer to your manual online for the DIR-825 here and the DIR-615 here
  • Select the Advanced tab at the top
  • Select IPv6 at the bottom of the left panel
  • From My IPv6 Connection is: select 6to4
  • In LAN IPv6 Address: enter your desired network number
  • Make sure Enable Auto-configuration is checked
  • Auto-configuration Type should be Stateless

How do I configure 6to4 on the Linksys WRT610N?

  • You can refer to your manual online here
  • No configuration is required, as 6to4 is on by default (and also cannot be disabled from the web configuration interface)

Do you offer technical support for 6to4?
No we do not. 6to4 is part of our IPv6 trials. On or before the conclusion of these trials we will decide whether or not we will continue to maintain 6to4 Relays, and if we do so, whether and what type of technical support may be offered.

Volunteer

We're No Longer Recruiting New IPv6 Trial Volunteers

Thank you for your interest in Comcast's IPv6 trials. Unfortunately, we already have over 7,000 volunteers, and do not need additional volunteers at the current time. However, please do keep an eye on our IPv6 information center at http://www.comcast6.net for IPv6 news and announcements. Thank you for your interest!

 

6rd-config.php

Comcast 6RD Configuration Instructions for IPv6

6RD Configuration Instructions

IMPORTANT NOTE: On June 30, 2010, we activated 6RD border relays in our network as part of our testing of “Phase 1” of the expected transition to IPv6. On the one year anniversary of this activation, June 30, 2011, these 6RD border relays will be turned off, as they are no longer needed given the advanced state of our IPv6 testing and our Native Dual Stack strategy. Trial users testing 6RD can find directions on what to do next on our trial web forum. This date will of course enable our 6RD trial users to participate in World IPv6 Day on June 8, 2011.

As part of Comcast's IPv6 trials, we tested 6RD. On October 1, 2010, we announced the release of open source software for home gateway devices which supports 6RD, available here on SourceForge. This software is an extension of OpenWrt. While we have only tested it using the Linksys 160NL device, theoretically any device which is OpenWrt-capable, and with sufficient memory, should be able to run this software if you follow the configuration instructions below (until June 30, 2011). In addition, if your home gateway device already have 6RD support, you should also be able to follow these instructions and be able to use 6RD (until June 30, 2011).

 
General 6RD Configuration Settings

6RD Linksys 160NL Installation and Configuration
Additional FAQs:
General 6RD Configuration Settings
If you are using your own device or software to configure 6RD (other than our OpenWrt-based software), you can use this configuration:
  1. 6rd Prefix = 2001:55c
  2. 6rd prefix length = 32
  3. 6rd BR FQDN = 6rd.comcast.net
  4. IPv4 mask length = 0
6RD Linksys 160NL Installation and Configuration
The binary image for the 6RD client was developed on the OpenWRT 10.3 (Backfire) stream. Download it now here. This image includes the LuCI package, so you can use the web interface to setup all the necessary configuration parameters listed below. Note: We also provide the prebuilt binary for those who don’t want to compile the source tree. The binary is available here.

Prerequisites
  1. You need a Cisco Linksys 160NL router (HW Version 1.0) running the original Cisco software image.
  2. You must have a public IPv4 address.
Flashing the Firmware
To start, connect to the device's website at http://192.168.1.1. Once there, go to the administration screen, and then firmware upgrade. Here you will upload the ".bin" file that you have compiled or downloaded (see this note).
NOTE: The factory 160NL username is typically blank (i.e. no username), and the factory password is typically "admin".
Once the upgrade is completed, reboot the device, then follow the directions below.

Configuring the 6RD Tunnel
  1. Login using the administrative GUI (http://192.168.1.1 is the default address) and verify the version number at top right of the web page. It should show OpenWRT Backfire 10.03.
  2. On the login screen, type the username/password for the router and click the LOGIN button. The factory 160NL username is typically blank (i.e. no username), and the factory password is typically "admin".
  3. Click on Administrator tab in the right-hand corner. A 6RD tab will be displayed on the menu.
  4. Click on the 6RD tab.
  5. In Tunnel Type menu, select 6RD.
  6. You can choose between DHCP and Static options to set the 6RD parameters. We recommend you select Static.
  7. If you choose DHCP, you must configure your DHCP server to pass down the 6RD Option. Since IANA has yet allocated the DCHP option number for 6RD, we use 150, which will work fine until the reserved option number has been assigned by IANA.
  8. If you choose Static, you must enter the following parameters: IPv4 Mask Length (set to: 0), 6RD BR (set to: 6rd.comcast.net), 6RD Prefix (set to: 2001:55c) and 6RD Prefix Length (set to: 32).
  9. After parameters are filled, click Save & Apply. You may lose connectivity for few seconds as the router resets itself.
  10. The device will then automatically check the 6RD BR's health by pinging it. The tunnel will be setup only if the 6RD BR is reachable.
  11. If you want to know the 6RD Delegate Prefix, you can click on 6RDPrefixCalc. For this image, it doesn't support Prefix Delegation and so will always advertise a /64 to LAN.
  12. If you experience any IPv6 connectivity issues, please check the Tunnel Status section of the 6RD page to see if it is working. If you want to re-establish the tunnel, you can click the Reconnect button. This will tear down and re-create the 6RD tunnel.
Additional Configuration Notes
  • You should secure the device by setting a password. Click on System ---> Admin Password to set the password.
  • This image includes the wireless module and supports both 802.11g and 802.11n. This image also supports WPA/WPA2 encryption. You need to turn on wireless because it is off by default. You can configure wireless by clicking Administration to get to the Network menu. In Network, click the WiFi submenu and select RADIO0.
  • If you want to use a different DNS server from those learned from DHCP, you can goto Network ---> Interfaces ---> WAN menu. On the WAN page, goto Additional Field and choose DNS-Server. Hit Add button and a new field will be created. Enter the DNS server in the field and click Save & Apply.
  • This image supports UPnP and we have tested it successfully on many applications. You can enable UPnP by clicking Administration to access the Services menu. Under Services, there is UPNP submenu.
  • We tested this software with Xbox 360 Live (we're gamers). It worked when UPnP was enabled. You must also disable enable secure mode to get UPnP working for Xbox 360 Live. However, we couldn't connect to the PS3 Network. This seems to be a common issue for the OpenWRT base image.
Notes Concerning MTU Size
  1. Since 6RD is an encapsulation technology, it reduces the effective MTU size by the size of the encapsulated IPv4 header. We implemented the MSS option manipulation to increase the success rate for TCP connections. You can disable it by de-selecting MSS Option Rewrite
  2. Sometimes you may experience IPv6 connectivity issues even after enabling MSS Option Write. This can sometimes occur if the remote TCP server did not acknowledge the MSS Option. In this case, you may want to reduce the MTU size in your host to a lower value, which may mitigate the problem.
  3. We only recommend that advanced users configure the 6RD MTU size.
FAQs:
Is this built on OpenWrt?
This is built on OpenWrt "Backfire" code stream. It was fully integrated in the OpenWrt standard built process.

What does this software do?
This is an extension of OpenWrt, and it offers two different types of tunneling support. The first is where the user only has an IPv4 address and tunnels IPv6, using 6RD. The second is where the user only has an IPv6 address and tunnels IPv4, using Dual-Stack Lite.

What hardware was this tested on? Will it run on other hardware?
We have only tested this on the Linksys 160NL. However, the software should theoretically work on any device which is OpenWrt-capable, and with sufficient memory.

Where can I download the software?
You can download it here from SourceForge

What open source license did you use?
GPLv2

Why was this developed?
IPv6 transition technologies like 6RD are new, so when we started our IPv6 trials there was no commercially available home gateway available in retail with 6RD support. As a result, this software was developed for use in our IPv6 trials. The software is actively being used by customers in our network today, and is one of two different 6RD devices we are testing. The other device in our trial uses software developed by Cisco (which is not yet commercially released or supported).

Will Comcast continue to update this software?
In the near-term, yes. We may have one or two minor updates to resolve any bugs we uncover in our IPv6 trials. In the long-term we hope that others in the open source community will use and maintain the code, or that at least it will serve to assist other developers.

Do you offer technical support for 6RD?
No we do not. 6RD is part of our IPv6 trials. On or before the conclusion of these trials we will decide whether or not we will continue to maintain 6RD Border Relays, and if we do so, whether and what type of technical support may be offered.

When will the 6RD trial end?
The trial will conclude on June 30, 2011, exactly one year after it started.

Why is the 6RD trial ending?
Comcast's primary IPv6 strategy is Native Dual Stack and this is where we have chosen to focus our efforts moving forward after June 30, 2011. With this approach, native IPv6 addressing is available and there is no need to use 6RD.

Comcast6.net Deprecated IPv6 Trial FAQ

IPv6 Trial FAQs - Historical Information

 

IMPORTANT NOTE: Beginning in 2010 we began conducting several IPv6 technical trials in our production network, with customers, in order to prepare for the IPv6 transition. These FAQs were developed at that time and are retained here for historical information only. We have now started the first phase of deployment, which is a pilot market launch. You can see the new FAQs related to that latest phase here.

 

 
What is this?
How will you select trial areas?
How will you select customers to participate in these trials?
What are the details for each trial?
How do you see transition to IPv6 evolving long term?
Will customers need to make changes to their computers or home equipment to support IPv6? How seamless is this going to be for customers?
How are you planning on handling the transition of DNS services? What are the challenges here?
Do you expect significant adoption of IPv6 in 2010?
Do you expect these trials to be seamless and error-free?

What is this?
We are announcing our plan to conduct IPv6-related technical trials with customers in 2010.

How will you select trial areas?
Some of our trials will not be geographically-bound, meaning a customer from anywhere in our network could participate, while other trials will be bound to particular areas.

How will you select customers to participate in these trials?
Customers can volunteer to participate in a trial by completing an online form at the Comcast IPv6 Information Center, at http://68.87.26.84/comcast6/index.php/volunteer. Once we're ready to start a trial, we will search for customers meeting any applicable criteria for participation (geographic area, home computer OS or equipment, etc.) and invite them to participate in a specific trial.

What are the details for each trial?
Please see our main information page at http://www.comcast6.net.

How do you see transition to IPv6 evolving long term?
We hope to help further catalyze IPv6 transition preparation and technology development in the Internet community, as well as to do advance work in order to ensure our customers and services are ready for the transition and can make that transition as seamlessly as possible. We envision the transition to IPv6 within ISP networks to generally occur in three phases:
- Phase 1: The ISP network or CPE does not support IPv6, only IPv4 addresses are issued, and in order to access IPv6 resources a user must tunnel IPv6 traffic over IPv4. In our network, this may be a very short time or may be skipped altogether, but it is important to explore cases where portions of the ISP network or CPE cannot transition to native IPv6 support for whatever reason. Trial #1 focuses on this phase using 6RD technology.
- Phase 2: Native IPv4 and IPv6, also known as dual-stack, supported in CPE, where both IPv4 and IPv6 addresses are issued. This is an important phase to evaluate and it will likely persist in ISP networks for an extended period of time, probably several years, until IPv4 addresses are severely constrained or are no longer available. While we hope to have a solution for each transition phase, this one is the most important for us and our customers. Trials #2 and #4 focus on this phase, for residential and business services, respectively.
- Phase 3: IPv6-only service, when only IPv6 addresses are issued by the ISP network and new IPv4 addresses are no longer available. This is probably some time off in the future, though when it occurs it is likely that access to IPv4-only resources may involve tunneling IPv4 traffic over IPv6. Trial #3 focuses on this phase using the DS-Lite technology.

Will customers need to make changes to their computers or home equipment to support IPv6? How seamless is this going to be for customers?
That's one of the things we're hoping to learn from the trials. We'll be exploring some solutions that don't require end-user changes, as well as others that do require some changes. This will help us determine the best user experience for our customers.

How are you planning on handling the transition of DNS services? What are the challenges here?
Our DNS servers, both authoritative and caching, support IPv6 today in our network, so they are fully IPv6-ready. However, when our caching servers respond to user queries for domain names, we will depend on authoritative servers on the Internet providing an IPv6 response (such as an AAAA record) in order to provide an IPv6 response. Some in the industry have proposed whitelisting DNS caches, such that an authoritative server operator must add the IP addresses of IPv6-capable DNS resolvers (caches) to a list for which IPv6 responses are enabled. We do not believe this scales well in the long-term, but we can see why it may be useful in short-term. As a result, we will share our DNS server IP addresses with any domains that operate such whitelists. Since the IP addresses of our servers are publicly known, any group that implemented such a whitelist could add our servers. Those groups need not contact us or seek our permission to do so. Our authoritative servers will operate without a whitelist initially, just as they do for IPv4 queries today, unless we experience problems that require a change in that policy.

Do you expect significant adoption of IPv6 in 2010?
We do not expect significant, widespread adoption of IPv6 in 2010. We believe that IPv6 deployment will begin at scale when IPv4 exhaustion is more of a concern, potentially in 2011 or 2012. However, in order for 2011 to represent the start of widespread adoption, critical work such as our trials must be conducted in 2010.

Do you expect these trials to be seamless and error-free?
No - that's why we conduct trials. Our objective is to end up with an approach to the IPv6 transition which is seamless to our customers, conducting trials lets us identify and fix issues sooner.