IPV6 Setup with Comcast & Unifi

Greetings!

This past weekend I deployed IPv6 in my network at home. I’ve used IPv6 in the past, but I’ve never set it up from scratch.

What do we need to do to set it up from scratch? Lets dive in.

1. Get an IPV6 Address from your ISP

First, atleast with comcast, you need to make sure you WAN interface is configured to receive an IPv6 address via DHCPv6. Comcast does not support SLAAC at the time of writing this (hopefully they do at some point, SLAAC is way cooler).

Comcast expects a request of a /60 prefix request. Other sizes of prefixes may not work. This is 2^68 addresses which is around 18,446,744,073,709,551,616 addresses.  Good enough for me.

2. Configure your internal networks to use sub prefixes of your IPv6 Address subnet

First, you’ll want to go to your Networks section, and click the network you want to edit. Then, find the IPv6 section:

Next, you’ll want to use the interface type of prefix delegation. This will pull a network prefix, in our case a /64 automatically with the automatic prefix delegation ID setting.

This will automatically generate a gateway / subnet ID, and generate a link local IP. Link local IPs are for any local subnet traffic, and the gateway IP subnet is for any external subnet / global traffic. Remember that IPv6 does not NAT, and your computer has a direct connection to the internet with its IPv6 address

Lastly, SLAAC. We’ll use SLAAC as its the more modern way to use IPv6. We’ll get into what SLAAC is and how it works next.

3. What is SLAAC & How Does SLAAC Work?

SLAAC, or Stateless Address Autoconfiguration, is a client driven address configuration method. DHCPv6 is a more classic DHCP experience like IPv4.

Well, how does SLAAC work?

Step 1: Link-Local Address Generation

• When a device connects to a network, it automatically generates a link-local address.
• This address starts with the prefix fe80::/10 and is used for communication on the local link only.
• The device appends a 64-bit interface identifier (often derived from the MAC address or randomly generated).

Step 2: Duplicate Address Detection (DAD)

• The device performs DAD to ensure the link-local address is unique.
• It sends a Neighbor Solicitation (NS) message to the address it wants to use.
• If no response is received, the address is considered unique and is assigned.

Step 3: Router Solicitation (RS)

• The device sends a Router Solicitation message to discover routers on the network.
• This message is sent to the multicast address ff02::2 (all routers on the local link).

Step 4: Router Advertisement (RA)

• A router responds with a Router Advertisement message.
• This message includes:
  • One or more IPv6 prefixes (e.g., 2601:206:8101:df92::/64)
  • Flags indicating whether SLAAC or DHCPv6 should be used
  • Optional information like DNS servers

Step 5: Global Address Configuration

• The device uses the advertised prefix and appends its own interface identifier to form a global unicast address.
• Example:Prefix:
2601:206:8101:df92::/64
Interface ID: 583c:435:9eb6:8a60
Result: 2601:206:8101:df92:583c:435:9eb6:8a60

Step 6: DAD (Again)

If no conflict is found, the address is assigned and ready for use.

The device performs DAD again, this time for the global address.

Step 7: Success!

Once all the steps above are completed, your device should now have an address:

4. IPv6 Local Address vs Temporary IPv6 Address vs Global Unicast Address

You can see from the screenshot above that I have an IPv6 Address, a Temporary IPv6 Address, and a Link Local IPv6 Address. What’s the difference between them?

---

IPv6 Address – Global Unicast Address

• This is your main IPv6 address used for internet communication.
• It’s globally routable and assigned via SLAAC or DHCPv6.
• It’s often stable and tied to your device’s interface.

Temporary IPv6 Address

• A randomized address used for outgoing connections to enhance privacy.
• Prevents tracking based on your stable IPv6 address.
• Rotates periodically.

Link Local IPv6 Address

• An address that only works within the local network segment (link-local).
• Always starts with fe80::/10.
• Automatically generated by every IPv6-enabled interface.

Conclusion

Thats it! Once that all has been configured your network should be IPv6 enabled. In my next blog post I’ll be setting up Active Directory DNS to support IPv6.