[j-nsp] Anybody have an SRX working with Comcast DHCP v4 and v6?

[Aaron Dewell]

I attempted to make this work on an SRX210 running 12.1X46-D30 with TWC.  The inherent issue was that Junos will only accept multiples of 16 bit-boundaries as a dhcpv6 client, and /56 (as TWC assigns) is not accepted.

So it’s less about your settings and more about the known PR, assuming that Comcast is delegating a /56 as TWC does.

That known PR doesn’t mean that “prefix delegation is just broken”, it just means that it needs to be able to accept a /56 to operate on a residential cable network.  If they sent you a /48 or a /80, it would just work.  :)

> On Jul 1, 2016, at 10:17 PM, Chuck Cox <chuck at chezcox.net> wrote:
> 
> I have Comcast residential service at home terminating on an Arris
> SB6121 modem. The Ethernet side of the modem is cabled to fe-0/0/0 on
> an SRX-100B running 12.1X46-D40.2 (unfortunately the last code release
> that will run on an SRX-100B due to its limited RAM).
> 
> DHCPv4 works fine. Comcast assigns a public v4 address for fe-0/0/0/.0
> and I can access anything v4 by source NATing from my LAN
> (192.168.x.x) to the v4 interface IP on fe-0/0/0.0.
> 
> DHCPv6 just sits in the init state and never gets an address
> assignment, so the only v6 address on fe-0/0/0.0 is an fe80:: link
> local address. I've experimented with several combinations of DHCPv6
> settings but no joy.
> 
> I've done some Googling and saw several discussions about how prefix
> delegation on SRX had issues for a long time and might be fixed now,
> but I'm not even getting that far. If any body knows the magic
> combination of client-type, client-ia-type, client-identifier, etc. to
> get an SRX to play nice with Comcast, a little help would be greatly
> appreciated. Relevant details on my current setup are below.
> 
> Thanks,
> Chuck
> 
> 
> 
>> show configuration interfaces fe-0/0/0
> unit 0 {
>    family inet {
>        dhcp-client;
>    }
>    family inet6 {
>        dhcpv6-client {
>            client-type statefull;
>            client-ia-type ia-na;
>            client-identifier duid-type duid-ll;
>            retransmission-attempt 6;
>        }
>    }
> }
> 
>> show configuration security zones security-zone untrust
> screen untrust-screen;
> interfaces {
>    fe-0/0/0.0 {
>        host-inbound-traffic {
>            system-services {
>                ping;
>                dhcp;
>                dhcpv6;
>            }
>            protocols {
>                router-discovery;
>            }
>        }
>    }
> }
> 
>> show dhcpv6 client binding detail
> Client Interface: fe-0/0/0.0
>     Hardware Address:             50:c5:8d:2f:de:40
>     State:                        INIT(DHCPV6_CLIENT_STATE_INIT)
>     ClientType:                   STATEFUL
>     Bind Type:                    IA_NA
>     Client DUID:                  LL0x3-50:c5:8d:2f:de:40
>     Rapid Commit:                 Off
>     Server Ip Address:            ::/0
>     Client IP Address:            ::/0
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp