Posted: Mon Aug 06, 2018 19:07 Post subject: Comcast Business and IPv6 DNS issue
I have a Comcast Business Gateway (DPC3941B) with a static private IP address of 192.168.0.89. A TP Link Archer C9 running DDWRT is plugged into the Comcast gateway and has an IP address of 192.168.0.94; I am not currently using the WAN port on Archer C9, the ethernet cable runs from the LAN port on the C9 to one of four ethernet ports on the Comcast Gateway. The TP Link has it's Gateway under "Network Setup" set to 192.168.0.89 (the Comcast Gateway). I currently have IPv6 disabled on tab in the the DDWRT device.
Also plugged into one of the ethernet ports on the Comcast Gateway is a Windows Server, running DHCP and DNS services. The Windows Server has static addresses set as follows: IPv4 of 192.168.0.110, IPv6 address of fd::110. For IPv6 I have set the DNS option to fd::110.
From what I have read, the Comcast Gateway is using SLAAC route advertisements to configure IPv6. These SLAAC route advertisements contain DNS severs for Comcast's DNS (2001:558:feed::1 and 2001:558:feed::2). I don't want to use these DNS servers (I want to use mine), but so far have been unsucessful in overriding them. When for example an Android Phone connects to the WiFi via the Archer C9, it gets assigned an IPv6 Address and also the Comcast DNS servers.
Is there someway to configure the DDRWT device's firewall to block SLAAC on the LAN interfaces or the DNS configuration of the SLAAC advertisment? There is *not* a way to override the IPv6 DNS on the Concast Gateway.
I'm also open to other ideas and suggestions. I want to use *my* own IPv6 DNS servers.
Thanks for the info, but I don't think bridged mode is an option for me. I have some static v4 IPs and from what I understand there is no way for me to assign those once I toggle the Comcast gateway to bridge mode.
Is there any way I can block the route advertisements? I realize this would in essence disable IPv6, but I have my own DNS and being forced to use Comcast's breaks accessibility on my local network.
The use of filters is possible but that has its problems too. I will tell you that doing this has too many complications. The best advice I can give is to apply addressing to the dd-wrt box so that it is a passthrough device. You'll have to know the scheme of the Comcast router to do that. The eth0,1.. device
vlan device, sp device, or st device, and the lo device too. match the addressing in the dd-wrt box then you can make it passthrough. If you can't match it(conflict) then add a lot of extra addressing to the devs on the dd-wrt box. This will help make things static.
In your gateway go to the dhcp binding for that dd-wrt box. If it has DNS settings remove them. If there is no dhcp settings for the dd-wrt in the gateway box, make them. But without DNS bindings.
Thanks for all of your help so far in this issue. The Comcast Cisco router actually runs custom Comcast firmware, so the official manual is of limited help. The device does have DNS Server options, but the Comcast rep has confirmed that custom DNS server values are not currently supported and ignored.
As it stands, I am kind of stuck. I am forced to use their DNS servers since i can't find a way to override them (other than manually assigning static IPs to all of my devices and specifying DNS Servers).