Re: [pfSense] IPv6 with Comcast and two pfSense - invalid prefix length, XID mismatch
On Fri, May 20, 2016 at 1:31 PM, Moshe Katzwrote: > On Fri, May 20, 2016 at 12:19 PM, WebDawg wrote: > > > On Fri, May 20, 2016 at 11:06 AM, Moshe Katz > wrote: > > They will not let you bring your own modem if you have a static IP. > > I wrote the last message on my tablet, so I had to keep it short, but I can > explain further now. > > Basically, when you get static IPs from Comcast, they do not want to set up > the routing for them upstream in the central office (like most other ISPs > would do). > Instead, they assign your "Business IP Gateway" device (which is a > modem/router/firewall combination) a dynamic IP that is in the same block > of IPs that the entire rest of your neighborhood has. After the Business > IP Gateway has received its dynamic address, it advertises itself (I > believe using RIP) as the next hop to the IP addresses that have been > allocated to you. > > Additionally, the Gateway runs a DHCP server in the 10.x.x.x range. Any > computer on your network that requests an address on DHCP will receive a > private address from the Gateway and the Gateway will perform NAT. > > In effect, this allows you to have your public addresses and private > addresses on a single connection to the Internet, with the public addresses > routed and the private addresses NAT'ed. > > To make a long story short, not only will Comcast not allow you to use a > simple Arris Surfboard modem for static IPs, the way their system is set up > would not even work if you tried to use a plain modem, because your modem > wouldn't be able to claim the addresses. > In theory, Comcast could just allow you to set up your own RIP > advertisements from your own hardware. I'm guessing that the reason they > don't want to do that is because they'd rather have full control. > > Moshe > > -- > Moshe Katz > -- mo...@ymkatz.net > -- +1(301)867-3732 > > Hmm, That would be the solution then? Setup RIP. Has anyone asked? ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] IPv6 with Comcast and two pfSense - invalid prefix length, XID mismatch
On Fri, May 20, 2016 at 12:19 PM, WebDawgwrote: > On Fri, May 20, 2016 at 11:06 AM, Moshe Katz wrote: > > > If you have static IPs from Comcast, you cannot put the device in bridge > > mode. The way that Comcast static IPs work is that your Comcast device > > advertises itself to the rest of Comcast's network as the route to your > > static addresses. In effect, just pretend that this Comcast device is in > > Comcast's central office and that you can't change anything about it. > > > > Moshe > > > > Wow. > > No wonder there are issues. I have only seen a few good modems as of late > from any cable provider. > > Are there people having the same issues with the newer Arris Cable Modem? > I see the responses in the thread, will they issue static ip addresses with > just modems/Arris? > > Really, they will not let you bring your own device with a compatable Arris > modem? > > I hate the all in one devices that they give out. I had issues with one > until I put it into bridge mode. It would not NAT correctly. > > At another location, I demanded a modem. I was paying for their fastest > internet 100M down at the time and there was no way I was going to add all > that overhead to the connection and depend on garbage firmware. > > They will not let you bring your own modem if you have a static IP. I wrote the last message on my tablet, so I had to keep it short, but I can explain further now. Basically, when you get static IPs from Comcast, they do not want to set up the routing for them upstream in the central office (like most other ISPs would do). Instead, they assign your "Business IP Gateway" device (which is a modem/router/firewall combination) a dynamic IP that is in the same block of IPs that the entire rest of your neighborhood has. After the Business IP Gateway has received its dynamic address, it advertises itself (I believe using RIP) as the next hop to the IP addresses that have been allocated to you. Additionally, the Gateway runs a DHCP server in the 10.x.x.x range. Any computer on your network that requests an address on DHCP will receive a private address from the Gateway and the Gateway will perform NAT. In effect, this allows you to have your public addresses and private addresses on a single connection to the Internet, with the public addresses routed and the private addresses NAT'ed. To make a long story short, not only will Comcast not allow you to use a simple Arris Surfboard modem for static IPs, the way their system is set up would not even work if you tried to use a plain modem, because your modem wouldn't be able to claim the addresses. In theory, Comcast could just allow you to set up your own RIP advertisements from your own hardware. I'm guessing that the reason they don't want to do that is because they'd rather have full control. Moshe -- Moshe Katz -- mo...@ymkatz.net -- +1(301)867-3732 ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] IPv6 with Comcast and two pfSense - invalid prefix length, XID mismatch
On Fri, May 20, 2016 at 11:06 AM, Moshe Katzwrote: > If you have static IPs from Comcast, you cannot put the device in bridge > mode. The way that Comcast static IPs work is that your Comcast device > advertises itself to the rest of Comcast's network as the route to your > static addresses. In effect, just pretend that this Comcast device is in > Comcast's central office and that you can't change anything about it. > > Moshe > Wow. No wonder there are issues. I have only seen a few good modems as of late from any cable provider. Are there people having the same issues with the newer Arris Cable Modem? I see the responses in the thread, will they issue static ip addresses with just modems/Arris? Really, they will not let you bring your own device with a compatable Arris modem? I hate the all in one devices that they give out. I had issues with one until I put it into bridge mode. It would not NAT correctly. At another location, I demanded a modem. I was paying for their fastest internet 100M down at the time and there was no way I was going to add all that overhead to the connection and depend on garbage firmware. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] IPv6 with Comcast and two pfSense - invalid prefix length, XID mismatch
If you have static IPs from Comcast, you cannot put the device in bridge mode. The way that Comcast static IPs work is that your Comcast device advertises itself to the rest of Comcast's network as the route to your static addresses. In effect, just pretend that this Comcast device is in Comcast's central office and that you can't change anything about it. Moshe On May 20, 2016 11:54 AM, "WebDawg"wrote: > On Wed, May 18, 2016 at 6:14 PM, Steve Yates wrote: > > > We have an application with a Comcast-provided SMC router and two pfSense > > routers (Comcast <- building <- tenant). The building router (v2.3.0) > gets > > an IPv6 address and can ping out. However in its DHCP logs I see: > > > > dhcp6c invalid prefix length 64 + 4 + 64 > > dhcp6c XID mismatch (several of these) > > > > Am I correct that "invalid prefix length" means the Comcast router isn't > > delegating a /60 properly? I have it set: > > > > DHCPv6 Prefix Delegation size 60 > > Send IPv6 prefix hint checked > > > > If I as for a /56 I get "invalid prefix length 64 + 8 + 64." > > > > My second question was going to be about getting IPv6 to the PCs inside > > the tenant router but unless I'm mistaken I need a couple more /64 > networks > > for that (what a waste of IPs...I know there's a lot but still...). > > > > Thanks, > > > > Steve Yates > > ITS, Inc. > > > > ___ > > > > > Am I correct to assume that you are putting this device in bridge mode? > ___ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] IPv6 with Comcast and two pfSense - invalid prefix length, XID mismatch
On Wed, May 18, 2016 at 6:14 PM, Steve Yateswrote: > We have an application with a Comcast-provided SMC router and two pfSense > routers (Comcast <- building <- tenant). The building router (v2.3.0) gets > an IPv6 address and can ping out. However in its DHCP logs I see: > > dhcp6c invalid prefix length 64 + 4 + 64 > dhcp6c XID mismatch (several of these) > > Am I correct that "invalid prefix length" means the Comcast router isn't > delegating a /60 properly? I have it set: > > DHCPv6 Prefix Delegation size 60 > Send IPv6 prefix hint checked > > If I as for a /56 I get "invalid prefix length 64 + 8 + 64." > > My second question was going to be about getting IPv6 to the PCs inside > the tenant router but unless I'm mistaken I need a couple more /64 networks > for that (what a waste of IPs...I know there's a lot but still...). > > Thanks, > > Steve Yates > ITS, Inc. > > ___ > > Am I correct to assume that you are putting this device in bridge mode? ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] IPv6 with Comcast and two pfSense - invalid prefix length, XID mismatch
There's indeed no NAT concept in IPv6 but you can use NPt to assign globally routable IPs on WAN and have them match to a translated locally routable prefix. Say you have x:y:z:a::/64 on the WAN side which translate to fd01::/64 on the LAN side. -- Meilleures salutations, Met vriendelijke groeten, Best Regards, Olivier Mascia (from mobile device), integral.be/om > Le 19 mai 2016 à 21:59, Steve Yatesa écrit : > > Is there a way to force pfSense to do NAT for IPv6? If so then we could make > it work. I understand that's not the point of IPv6 but... ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] IPv6 with Comcast and two pfSense - invalid prefix length, XID mismatch
Is there a way to force pfSense to do NAT for IPv6? If so then we could make it work. I understand that's not the point of IPv6 but... -- Steve Yates ITS, Inc. -Original Message- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Moshe Katz Sent: Thursday, May 19, 2016 2:13 PM To: pfSense Support and Discussion Mailing List <list@lists.pfsense.org> Subject: Re: [pfSense] IPv6 with Comcast and two pfSense - invalid prefix length, XID mismatch I'm going to have to guess that you are out of luck for IPv6 then. If you find anyone at Comcast who is 1) capable of understanding technical feedback, 2) receptive to such feedback, and 3) high enough up the chain of command to make things happen, I'd be happy to join a campaign to convince that person to get this fixed. Moshe P. S. Something tells me that we will have moved on to IPv6 or IPv8 (or maybe even abandoned IP entirely for something else) by the time anything happens to get this fixed. This is Comcast we're talking about after all, a multi-year winner and runner-up of Consumerist's "Golden Poo Award" for worst company in America. -- Moshe Katz -- mo...@ymkatz.net -- +1(301)867-3732 On Thu, May 19, 2016 at 2:49 PM, Steve Yates <st...@teamits.com> wrote: > I neglected to mention it but I did find and read many > articles on Comcast modem support. As a whole the posts were rather > conflicting and confused so it seemed that it may or may not > work...older posts were more likely to say it wasn't working. > > We do have a static IPv4 block. Sadly a few years ago when we > tried to increase speeds we were down for a time because their other > non-SMC modem couldn't handle static IPs reliably and they had to > scrounge for an SMC box for us. I inferred the techs knew this but > Comcast was switching modems anyway. So, I'm hesitant to ask for a different > one. > :-/ Maybe it is different now. > > I don't see anything in the SMC interface about a firmware > update. It's Comcast branded so I assume their firmware. Maybe we'd > have to call. It has v 3.1.6.57 now. > > The SMC does show an IPv6 address, LAN DHCPv6 enabled with a > range, and has an "External Router Delegated Prefix" section that is > empty. The building router gets its IP from that range. The SMC has > a different WAN IPv6 address in 2001:558:...::/64. At the bottom of > its Gateway Summary/Network tab I see: > > LAN IPv6 Prefixs Delegations2601:249::::/64 > > ...with the LAN IP range. (yes, it is spelled "prefixs") > > -- > > Steve Yates > ITS, Inc. > > -Original Message- > From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Moshe > Katz > Sent: Wednesday, May 18, 2016 10:10 PM > To: pfSense Support and Discussion Mailing List > <list@lists.pfsense.org> > Subject: Re: [pfSense] IPv6 with Comcast and two pfSense - invalid > prefix length, XID mismatch > > On Wed, May 18, 2016 at 7:14 PM, Steve Yates <st...@teamits.com> wrote: > > > We have an application with a Comcast-provided SMC router and two > > pfSense routers (Comcast <- building <- tenant). The building > > router > > (v2.3.0) gets an IPv6 address and can ping out. However in its DHCP > logs I see: > > > > dhcp6c invalid prefix length 64 + 4 + 64 > > dhcp6c XID mismatch (several of these) > > > > Am I correct that "invalid prefix length" means the Comcast router > > isn't delegating a /60 properly? I have it set: > > > > DHCPv6 Prefix Delegation size 60 > > Send IPv6 prefix hint checked > > > > If I as for a /56 I get "invalid prefix length 64 + 8 + 64." > > > > My second question was going to be about getting IPv6 to the PCs > > inside the tenant router but unless I'm mistaken I need a couple > > more > > /64 networks for that (what a waste of IPs...I know there's a lot > > but > still...). > > > > Thanks, > > > > Steve Yates > > ITS, Inc. > > > > > > Comcast's support documents claim that "Business IP Gateway" devices > (a.k.a. your SMC modem/router) are allocated a /56. However, there > seem to be indications on Comcast's forums and other networking forums > that they aren't doing that properly on certain models with certain > firmware. (One example is > > http://forums.businesshelp.comcast.com/t5/IPV6/Dual-Stack-on-SMC-D3GCC > R-and-Cisco-DPC3939B/td-p/20504/page/2 > is from over a year ago, but that could still be an issue now given > the speed which these companies release firmware updates.) > > Can you check if there is a firmwar
Re: [pfSense] IPv6 with Comcast and two pfSense - invalid prefix length, XID mismatch
I'm going to have to guess that you are out of luck for IPv6 then. If you find anyone at Comcast who is 1) capable of understanding technical feedback, 2) receptive to such feedback, and 3) high enough up the chain of command to make things happen, I'd be happy to join a campaign to convince that person to get this fixed. Moshe P. S. Something tells me that we will have moved on to IPv6 or IPv8 (or maybe even abandoned IP entirely for something else) by the time anything happens to get this fixed. This is Comcast we're talking about after all, a multi-year winner and runner-up of Consumerist's "Golden Poo Award" for worst company in America. -- Moshe Katz -- mo...@ymkatz.net -- +1(301)867-3732 On Thu, May 19, 2016 at 2:49 PM, Steve Yates <st...@teamits.com> wrote: > I neglected to mention it but I did find and read many articles on > Comcast modem support. As a whole the posts were rather conflicting and > confused so it seemed that it may or may not work...older posts were more > likely to say it wasn't working. > > We do have a static IPv4 block. Sadly a few years ago when we > tried to increase speeds we were down for a time because their other > non-SMC modem couldn't handle static IPs reliably and they had to scrounge > for an SMC box for us. I inferred the techs knew this but Comcast was > switching modems anyway. So, I'm hesitant to ask for a different one. > :-/ Maybe it is different now. > > I don't see anything in the SMC interface about a firmware > update. It's Comcast branded so I assume their firmware. Maybe we'd have > to call. It has v 3.1.6.57 now. > > The SMC does show an IPv6 address, LAN DHCPv6 enabled with a > range, and has an "External Router Delegated Prefix" section that is > empty. The building router gets its IP from that range. The SMC has a > different WAN IPv6 address in 2001:558:...::/64. At the bottom of its > Gateway Summary/Network tab I see: > > LAN IPv6 Prefixs Delegations2601:249::::/64 > > ...with the LAN IP range. (yes, it is spelled "prefixs") > > -- > > Steve Yates > ITS, Inc. > > -Original Message- > From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Moshe Katz > Sent: Wednesday, May 18, 2016 10:10 PM > To: pfSense Support and Discussion Mailing List <list@lists.pfsense.org> > Subject: Re: [pfSense] IPv6 with Comcast and two pfSense - invalid prefix > length, XID mismatch > > On Wed, May 18, 2016 at 7:14 PM, Steve Yates <st...@teamits.com> wrote: > > > We have an application with a Comcast-provided SMC router and two > > pfSense routers (Comcast <- building <- tenant). The building router > > (v2.3.0) gets an IPv6 address and can ping out. However in its DHCP > logs I see: > > > > dhcp6c invalid prefix length 64 + 4 + 64 > > dhcp6c XID mismatch (several of these) > > > > Am I correct that "invalid prefix length" means the Comcast router > > isn't delegating a /60 properly? I have it set: > > > > DHCPv6 Prefix Delegation size 60 > > Send IPv6 prefix hint checked > > > > If I as for a /56 I get "invalid prefix length 64 + 8 + 64." > > > > My second question was going to be about getting IPv6 to the PCs > > inside the tenant router but unless I'm mistaken I need a couple more > > /64 networks for that (what a waste of IPs...I know there's a lot but > still...). > > > > Thanks, > > > > Steve Yates > > ITS, Inc. > > > > > > Comcast's support documents claim that "Business IP Gateway" devices > (a.k.a. your SMC modem/router) are allocated a /56. However, there seem to > be indications on Comcast's forums and other networking forums that they > aren't doing that properly on certain models with certain firmware. (One > example is > > http://forums.businesshelp.comcast.com/t5/IPV6/Dual-Stack-on-SMC-D3GCCR-and-Cisco-DPC3939B/td-p/20504/page/2 > is from over a year ago, but that could still be an issue now given the > speed which these companies release firmware updates.) > > Can you check if there is a firmware update for the SMC box? > > Is there any way to check in the settings of the SMC box to see what it > got from Comcast? None of my customers are using that model at the moment, > so I can't tell you where to look. > > If you do not have static IPs from Comcast, your best option is probably > to replace the Comcast-provided router with a Motorola/Arris Surfboard > modem and have the building pfSense talk directly to Comcast through that. > However, for some reason that defies all logical explanation, Comcast will > not let you BYOM if
Re: [pfSense] IPv6 with Comcast and two pfSense - invalid prefix length, XID mismatch
I neglected to mention it but I did find and read many articles on Comcast modem support. As a whole the posts were rather conflicting and confused so it seemed that it may or may not work...older posts were more likely to say it wasn't working. We do have a static IPv4 block. Sadly a few years ago when we tried to increase speeds we were down for a time because their other non-SMC modem couldn't handle static IPs reliably and they had to scrounge for an SMC box for us. I inferred the techs knew this but Comcast was switching modems anyway. So, I'm hesitant to ask for a different one. :-/ Maybe it is different now. I don't see anything in the SMC interface about a firmware update. It's Comcast branded so I assume their firmware. Maybe we'd have to call. It has v 3.1.6.57 now. The SMC does show an IPv6 address, LAN DHCPv6 enabled with a range, and has an "External Router Delegated Prefix" section that is empty. The building router gets its IP from that range. The SMC has a different WAN IPv6 address in 2001:558:...::/64. At the bottom of its Gateway Summary/Network tab I see: LAN IPv6 Prefixs Delegations2601:249::::/64 ...with the LAN IP range. (yes, it is spelled "prefixs") -- Steve Yates ITS, Inc. -Original Message- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Moshe Katz Sent: Wednesday, May 18, 2016 10:10 PM To: pfSense Support and Discussion Mailing List <list@lists.pfsense.org> Subject: Re: [pfSense] IPv6 with Comcast and two pfSense - invalid prefix length, XID mismatch On Wed, May 18, 2016 at 7:14 PM, Steve Yates <st...@teamits.com> wrote: > We have an application with a Comcast-provided SMC router and two > pfSense routers (Comcast <- building <- tenant). The building router > (v2.3.0) gets an IPv6 address and can ping out. However in its DHCP logs I > see: > > dhcp6c invalid prefix length 64 + 4 + 64 > dhcp6c XID mismatch (several of these) > > Am I correct that "invalid prefix length" means the Comcast router > isn't delegating a /60 properly? I have it set: > > DHCPv6 Prefix Delegation size 60 > Send IPv6 prefix hint checked > > If I as for a /56 I get "invalid prefix length 64 + 8 + 64." > > My second question was going to be about getting IPv6 to the PCs > inside the tenant router but unless I'm mistaken I need a couple more > /64 networks for that (what a waste of IPs...I know there's a lot but > still...). > > Thanks, > > Steve Yates > ITS, Inc. > > Comcast's support documents claim that "Business IP Gateway" devices (a.k.a. your SMC modem/router) are allocated a /56. However, there seem to be indications on Comcast's forums and other networking forums that they aren't doing that properly on certain models with certain firmware. (One example is http://forums.businesshelp.comcast.com/t5/IPV6/Dual-Stack-on-SMC-D3GCCR-and-Cisco-DPC3939B/td-p/20504/page/2 is from over a year ago, but that could still be an issue now given the speed which these companies release firmware updates.) Can you check if there is a firmware update for the SMC box? Is there any way to check in the settings of the SMC box to see what it got from Comcast? None of my customers are using that model at the moment, so I can't tell you where to look. If you do not have static IPs from Comcast, your best option is probably to replace the Comcast-provided router with a Motorola/Arris Surfboard modem and have the building pfSense talk directly to Comcast through that. However, for some reason that defies all logical explanation, Comcast will not let you BYOM if you use static IPs. Some people (also mentioned in the forum link above) have gotten prefix delegation to work by asking Comcast to switch their SMC router for a Netgear one. -- Moshe Katz -- mo...@ymkatz.net -- +1(301)867-3732 ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] IPv6 with Comcast and two pfSense - invalid prefix length, XID mismatch
On Wed, May 18, 2016 at 7:14 PM, Steve Yateswrote: > We have an application with a Comcast-provided SMC router and two pfSense > routers (Comcast <- building <- tenant). The building router (v2.3.0) gets > an IPv6 address and can ping out. However in its DHCP logs I see: > > dhcp6c invalid prefix length 64 + 4 + 64 > dhcp6c XID mismatch (several of these) > > Am I correct that "invalid prefix length" means the Comcast router isn't > delegating a /60 properly? I have it set: > > DHCPv6 Prefix Delegation size 60 > Send IPv6 prefix hint checked > > If I as for a /56 I get "invalid prefix length 64 + 8 + 64." > > My second question was going to be about getting IPv6 to the PCs inside > the tenant router but unless I'm mistaken I need a couple more /64 networks > for that (what a waste of IPs...I know there's a lot but still...). > > Thanks, > > Steve Yates > ITS, Inc. > > Comcast's support documents claim that "Business IP Gateway" devices (a.k.a. your SMC modem/router) are allocated a /56. However, there seem to be indications on Comcast's forums and other networking forums that they aren't doing that properly on certain models with certain firmware. (One example is http://forums.businesshelp.comcast.com/t5/IPV6/Dual-Stack-on-SMC-D3GCCR-and-Cisco-DPC3939B/td-p/20504/page/2 is from over a year ago, but that could still be an issue now given the speed which these companies release firmware updates.) Can you check if there is a firmware update for the SMC box? Is there any way to check in the settings of the SMC box to see what it got from Comcast? None of my customers are using that model at the moment, so I can't tell you where to look. If you do not have static IPs from Comcast, your best option is probably to replace the Comcast-provided router with a Motorola/Arris Surfboard modem and have the building pfSense talk directly to Comcast through that. However, for some reason that defies all logical explanation, Comcast will not let you BYOM if you use static IPs. Some people (also mentioned in the forum link above) have gotten prefix delegation to work by asking Comcast to switch their SMC router for a Netgear one. -- Moshe Katz -- mo...@ymkatz.net -- +1(301)867-3732 ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] IPv6 with Comcast and two pfSense - invalid prefix length, XID mismatch
We have an application with a Comcast-provided SMC router and two pfSense routers (Comcast <- building <- tenant). The building router (v2.3.0) gets an IPv6 address and can ping out. However in its DHCP logs I see: dhcp6c invalid prefix length 64 + 4 + 64 dhcp6c XID mismatch (several of these) Am I correct that "invalid prefix length" means the Comcast router isn't delegating a /60 properly? I have it set: DHCPv6 Prefix Delegation size 60 Send IPv6 prefix hint checked If I as for a /56 I get "invalid prefix length 64 + 8 + 64." My second question was going to be about getting IPv6 to the PCs inside the tenant router but unless I'm mistaken I need a couple more /64 networks for that (what a waste of IPs...I know there's a lot but still...). Thanks, Steve Yates ITS, Inc. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold