In May I decided to address some internet connectivity problems. For a bit of context: I play a lot of Final Fantasy 14 which uses TCP for its netcode. This basically means lost packets quickly turn the game into an unplayable mess. (Things like the client being completely unresponsive for 10s of seconds, and then quickly fast-forwarding to “catch-up” to the current state of the world.) Due to these quirks in my primary entertainment: I started to dive into some packet loss between my router and its default gateway. I also noticed on the modem-side that two channels had a large number of corrected errors, and one channel had a large number of uncorrected errors. (On the order of a hundred million over a few hours of uptime.)

The before times

As someone who generally loathes dealing w/ tech support I put up with this for much longer than I should have. (Many months.) In no small part this is because the last time I called tech support I got transferred to some NETSEC department that told me very politely to stop pirating shit. I thought my slow speeds/packet loss may be the result of traffic shaping in a quarantine, but when the phony “cease and desist” never came I resigned myself to calling tier 1 support.

After an exchange of pleasantries and the usual modem reboot the agent changed something in my account which got rid of the one channel w/ a large number of uncorrected errors from my downstream channel group. This made my service more or less functional, but the agent suggested they have a tech come out to look for site-issues as my levels were apparently garbage.

The tech came out (arriving a few minutes ahead of the earliest scheduled time, actually) and ultimately what happened was a series of unfortunate events leading to the following conclusions:

  1. Apparently mice enjoy our drop ceiling.
  2. Technicians like having access to your wiring closet, and you(r roommates) shouldn’t impede access w/ a giant workbench that weighs like 2 tons.
  3. Some terminations were replaced on the outside wiring, but ultimately the drop from outside up to a critical splice were good.
  4. That segment of coax after the splice, where it goes up to the cable modem in my room, is damaged and needs to be replaced.

Unfortunately the damaged drop(4) is fucking stapled to the frame of the house and cannot easily be replaced without opening up the wall. I didn’t have the authority to do this, nor did I want to impose on the tech any further, so we agreed to relocate the modem to another drop, as the house was wired (presumably to have TVs, whatever those are) in many different rooms throughout the condo.

You would think the story ends here, but I’m an idiot.

The after times (aka bob finally upgrades to DOCSIS 3.1)

Emboldened by my newfound signal levels: I opened a support session via webchat and inquired to see what the newest and hottest package was. The answer: ~1Gbps down with (a rather depressing) 35Mbps up. Which in reality this seems to be roughly 960 Mbps/45 Mbps after overprovisioning / overhead / and my firewall packet processing; but I’m getting ahead of myself.

They rebooted my modem and confirmed something I already knew: my router cannot route gigabit traffic at line speed (1000BASE-T) and I suspected my aging DOCSIS 3.0 modem couldn’t hack it either. (Spoiler alert: it couldn’t.) I could push at most like 650 Mbit/s through my router with all my firewalling turned off, it’s more like 300-400 Mbit/s with moderate firewalling.

I settled on using pfSense CE again (which pfSense+ will be a topic for another blog post I’m sure), but I wasn’t sold on the idea of buying a SFF PC for it. (e.g: a Dell Optiplex.) I was just not prepared to part w/ that much desk space and additional heat. After some digging I found a review of a “no-name” (TOPTON) mini PC via ServeTheHome on YouTube.1 The appliance was roughly $200 and actually smaller in footprint than my old PCEngine APU2. (Author’s note: the 10W Celeron in this router is faster in virtually all metrics than [one of] the Xeon CPU in my venerable PowerEdge R610 which is serving you this blogpost as of this writing.)

After a quick consult with my ISP’s approved modems list I settled on an Arris SB8200 to get me on the D3.1 bandwagon. This, it turns out, would be a mistake. It would appear that as part of the DOCSIS provisioning process there is a message exchanged called the “MDD” (MAC Domain Descriptor) which tells the modem how to proceed w/ provisioning. The SB8200 will say something like:

“Honoring MDD; IP provisioning mode = IPv4”

It will then proceed to go into an IPv4 only mode where it just straight up ghosts the downstream router when it sends a DHCPv6-PD message. What a little asshole. After waiting several days (thinking it was a problem with my new router’s config, my new DUID, etc.) I decided I’d had enough and called Spectrum.

They gave me this party line, which I’ve heard from 3 separate sources now: being assigned an IPv6 address is dependent on IP availability at the time of provisioning. This, of course, makes no sense if you think about it critically for even a moment. Spectrum (formerly TWC), like most providers, has a dual-stack network. How exactly is assigning a globally routable IPv4 and IPv6 address supposed to alleviate their IPv4 address pressure?

Some things I tried while troubleshooting:

  1. Asking my roommate how to make my modem “dishonorable.” (This would be prescient, later.)
  2. Using my old router / resetting the modem to rule out some weird DUID-stickyness.
  3. Re-activating my old modem which, of course, immediately responded to my DHCPv6-PD solicit and gave me a prefix.

It was at this point I did some more searching and decided to take a gamble on another new modem, a Motorola MB8611. I justified it to myself by saying “it has a 2.5GigE port, so I don’t have to run a second cable for LAGG when they finally give me 2Gbit down.” This modem, when it boots up, will say that it’s overriding the MDD and performing IPv6 provisioning; it also immediately responded both to DHCP and DHCPv6 packets.

Also something I found interesting: I swear the MB8611 was not listed the first time I checked Spectrum’s approved modems page. In fact, despite being listed, it would not activate with their self-service tool; saying it was unsupported. (I had to call and CS activated it no questions asked.) – I’m stunned that this modem was approved for their network practically a few hours before I had need of it.

So, as it turns out, to have IPv6 on Spectrum you need a dishonorable modem.

(P.S: could someone at Spectrum please fix your MDD? Also maybe stop telling customers that IPv6 connectivity is somehow dependent on “random happenstance”?!?)