IPv6 Prefix Delegation with AT&T BGW320

Fri Sep 16 09:21:45 EDT 2022

Home routers such as Ubiquiti UniFi USG and EdgeMax EdgeRouter can be configured with IPv6 addresses behind an AT&T Residential Gateway such as the BGW320-500.

The Ubiquiti products (as well as pfSense products) use the dhcp6c daemon to request prefix delegation from the BGW. Many threads exist describing the methods to get this to work. No threads have been found describing the limitations of the AT&T delegations. This page is theories about the limitations.

AT&T delegates a /48 but reserves 8 of those /64 networks for use internal to the BGW. The customer's can request up to 8 /64 networks but the BGW determines the prefix and the order it delivers them. AT&T uses networks 0 through 7 leaving 8 through f for the customer. AT&T appears to always deliver f first and then decrementing from f down to 8 for repeated prefix delegration requests.

For instance, multiple ia-pd requests will return prefixes similar to this. AT&T always returns a /64 even if something larger was requested.
2600:1700:1f60:df9f
2600:1700:1f60:df9e
2600:1700:1f60:df9d
2600:1700:1f60:df9c
2600:1700:1f60:df9b
2600:1700:1f60:df9a
2600:1700:1f60:df99
2600:1700:1f60:df98

Anomolies were observed where a particular interface such as eth0 was assigned a different prefix after a reboot or restart. Further testing shows that the f prefix is always delivered to the first prefix delegation request. The dhcp6c daemon has configuration to assign particular prefix ids to a delivered prefix but that appears to only work if a large prefix such as /60 can be requested. The BGW does not permit any requests other than /64. Some threads indicate that Comcast and Cox Internet will deliver the larger prefixes and then the sla-id option in the dhcp6c.conf file can be used to control the value of the prefix assigned to an interface. The conclusion here is the customer's router has to depend on the BGW to always deliver the prefixes in the same descending order.

Attempts to use the prefix-id in VyOS or the sla-id in dhcp6c.conf will fail with this error: prefix-id must be less than :: for prefix /64. Using the prefix-id only works if the prefix delegation is a larger network (smaller /number) than the desired network which in this case is a /64. Providers like Comcast and Cox apparently offer access to the larger network and therefore the sla-id can be used.

References

• dhcp6c.conf man page
• dhcp6c.conf sample
• Enabling IPv6 on AT&T Internet – Part 1
• Forum Thread: Multiple IPv6 Prefix Delegation over AT&T Residential Gateway for pfSense 2.4.5
• prefix-id must be less than :: for prefix /64
• tinslwc: IPv6 WAN address