Maybe it was just a bad modem. Something may have been overheating, causing a failure after a period of time. I think the problem now is that you've probably lost 802.11ac capability for the wifi networks, which will affect your wifi throughput rates. If that's important I'd exchange the CGN3ROG, (which is the first Roger's Hitron Puma 6 modem) for another CGN3ACSMR or CGNM-3552. The CGN3ACSMR is a 24 channel downstream modem, the 3552 is a 32 channel downstream modem. Both of those are Intel Puma 6 modems.
Thank you. Ya, I noticed that about AC, but my Rogers store when I called, the employee said they only have CGN3ROG or the Gigabit modems. I didn't want to argue because I have to switch my bundle in January anyway, so I will try this modem for now.
I have a bit different problem. I recently lost IPv6 to my LAN, though my I do get proper IPv6 addresses. I have the Hitron modem in bridge mode and pfSense firewall/router. I can ping www.yahoo.com, using IPv6, from my firewall, but not any computer behind it. When running Wireshark, between the modem and firewall, I can see the pings and replies, when I ping from the firewall, but only the outgoing pings from a computer behind the firewall. The only significant difference between pinging from the firewall and computer behind it is the prefix portion of the address. This would seem to indicate a routing problem, in that the replies are not making it back to my network. Has anyone else experienced this? I called support today, but even the supervisor didn't seem to know what to do with this, even though I told him it would have to be handled by someone in the Network Operations Centre (NOC). I'm on the Wolfedale NOC in Mississauga.
Also, this problem happens with both Linux & Windows and two different computers, so that rules out the computers as being the cause of this problem.
I have noticed another issue with this. When I do a host lookup for my WAN host name (the one that ends with cpe.net6.cable.rogers.com) , I get 2 IPv6 addresses, when there should only be one. The correct one starts with xxxx:xxxx:xxx:93: and the wrong one starts with xxxx:xxxx:xxx:90:
(Removed IP addresses - RogersTony)
I can understand the concern as well as the limitations here, it does sound like the issue may be coming from the IPv6 settings within pfsense, assuming no issues on the gateway side. It's admittedly been a little while for me since I've set up pfsense but there's potential for issue in a few areas. Can you list out the pfsense settings for your IPv6? (Be sure to block out any personal IP's).
From a more specific standpoint, are you using RA or DHCP6 to assign IPv6 to your LAN?
What have you set as your prefix delegation size?
Have you selected "Only request an IPv6 prefix"?
With this information perhaps someone within the community may have some insight :).
Regarding the additional IPv6 address, it's been edited out for privacy reasons but if you'd like to confirm the specifics you're seeing you're welcome to send me a PM @CommunityHelps.
Actually, it has nothing to do with pfSense. I have been using it for almost 3 years and this is a very recent problem. Also, the symptoms have nothing to do with pfSense. Fore example, the host lookup result comes from a DNS server that seems to think my firewall has 2 addresses. There is nothing in pfSense that can do that. As for the ping problem. I used Wireshark, a network analyzer app, between my modem and firewall. It showed the pings from the computer going out, but not getting a response. The pings that failed originate on a computer behind the firewall and I tried on 2 different computers, with both Linux and Windows 10. All failed. Pings from the firewall computer did receive a reply. This sort of problem is generally a problem with the return routing. The main difference between the firewall and computer pings is the network prefix, so there could be a routing error that affects one prefix, but not the other. I don't know if the two issues are related, but it seems suspicious. I had not seen either prior to this. Another thing I tried was to tether my notebook computer to my cell phone, so that it would not pass through my network. I then ran a traceroute to both my firewall and a computer behind the fireall. While not all the hops showed an address, the two traceroutes appeared to differ. A trace route to a computer must pass through the route to my firewall, which means the two traceroutes should not be so different. Also, I tried that host lookup, while tethered and got the same results as before, that is two addresses for my firewall.
BTW, I am a Cisco CCNA and have very good knowledge of networks and how they work.
Also, you changed the wrong part of the address for privacy concerns. Those addresses only identify that it's part of Rogers address space. The part I omitted, that could be used to identify me, contains 2^64 or 18.4 billion, billion addresses, so someone would have to do a lot of guessing to find me.
I just noticed something very disturbing. I called Rogers support yesterday and it appears someone reset the modem to gateway mode. They shouldn't be doing that without letting the customer know.
Hi, I know this thread is old but is there any chance of a follow-up? Was the issue ever discovered, and if so, what was the cause?.. solution?
Yes, I did get it resolved, but it took about 3 months, because the people responsible for maintaining the network refused to work on it because I had my own router/firewall, even though it also failed with my modem in gateway mode. I already knew, from my own testing, that the problem wasn't on my network, before I even called support. I spoke to tier 2 support and told them what to check and they agreed the problem was somewhere in the Rogers network. Despite this, the responsible people still refused to act. You'd think that if tier 2 support says the problem was within Rogers they'd do something. I did some more testing on my own and also discovered my next door neighbour had the same problem. He only has a single computer, connected to the modem, which was in gateway mode. They still wouldn't work on the problem. By this time I had escalated to the Office of the President. With further testing with Wireshark, I was able to capture an error message from the CMTS that said there was a problem there. It even identified the failing CMTS. They still wouldn't do anything. Eventually, a senior tech showed up and I demonstrated the problem to him. He tried with his own modem and experienced the same problem. He then took his modem to the Rogers head end, on Wolfedale Rd. in Mississauga, where he tested with 4 different CMTS. Only the one I was connected to failed. This was finally enough to show those responsible that the problem was within Rogers and had absolutely nothing to do with my own router. It was then fixed.
I was able to get this fixed only because of my expertise and determination. A customer without my expertise wouldn't have had a hope of getting it resolved. Also, I found I had to teach both tier 2 support and the senior tech some of the finer details about IPv6 and DHCPv6-PD. They simply didn't know until I told them.
I was also given a 3 month credit for my service.
BTW, my experience includes decades working in the telecom industry and with computer networks. I have even done work in the Rogers head ends and also for their cell sites, so I'm not exactly a newcomer to this business. Had I been able to get into that head end at that time, I could have walked right up to that CMTS and touched it.
Thank you for the reply. I appreciate the information you have provided. It took me a while to wiki a few of the terms you used but I get it now. It does sound awfully like my situation. I'll request that the next tech who visits be a senior technician and I plan to show him this thread. Wireshark is a bit beyond my comprehension (for the most part). I've always wanted to learn how to use more it's features and I think this would be a great time to do that. Thanks for the inspiration. It'll be a good day if/when I'm able to figure out my issue and show Rogers the proof!
I can provide the Wireshark capture file, which shows the error. However, here is the relevant packet contents:
Status Message: No prefix available on Link 'CMTS89.WLFDLE-BNDL1-GRP3' Frame 29: 214 bytes on wire (1712 bits), 214 bytes captured (1712 bits) on interface 0 Ethernet II, Src: Casa_9a:a1:99 (00:17:10:9a:a1:99), Dst: Trendnet_2b:ed:ea (00:14:d1:2b:ed:ea) Internet Protocol Version 6, Src: fe80::217:10ff:fe9a:a199, Dst: fe80::214:d1ff:fe2b:edea User Datagram Protocol, Src Port: 547, Dst Port: 546 DHCPv6 Message type: Reply (7) Transaction ID: 0x18a8e9 Client Identifier Option: Client Identifier (1) Length: 14 Value: 0001000123eb5e12001617a7f2d3 DUID: 0001000123eb5e12001617a7f2d3 DUID Type: link-layer address plus time (1) Hardware type: Ethernet (1) DUID Time: Feb 4, 2019 15:33:22.000000000 EST Link-layer address: 00:16:17:a7:f2:d3 Server Identifier Option: Server Identifier (2) Length: 14 Value: 00010001159bb6e50021285fd2b7 DUID: 00010001159bb6e50021285fd2b7 DUID Type: link-layer address plus time (1) Hardware type: Ethernet (1) DUID Time: Jun 27, 2011 17:47:17.000000000 EDT Link-layer address: 00:21:28:5f:d2:b7 Identity Association for Prefix Delegation Option: Identity Association for Prefix Delegation (25) Length: 72 Value: 000000000000000000000000000d003800064e6f20707265... IAID: 00000000 T1: 0 T2: 0 Status code Option: Status code (13) Length: 56 Value: 00064e6f2070726566697820617661696c61626c65206f6e... Status Code: NoPrefixAvail (6) Status Message: No prefix available on Link 'CMTS89.WLFDLE-BNDL1-GRP3' DNS recursive name server Option: DNS recursive name server (23) Length: 32 Value: 2607f7980018001000000640712552042607f79800180010... 1 DNS server address: 2607:f798:18:10:0:640:7125:5204 2 DNS server address: 2607:f798:18:10:0:640:7125:5198
Here's the relevant info:
Status Code: NoPrefixAvail (6)
Status Message: No prefix available on Link
I don't have the ticket number, but hopefully Rogers still has the record.