1. Stateful DHCP:
- Dynamic
- Prefix and length learned from: DHCP Server
- Host learned from: DHCP Server
- Default router learned from: Router, using NDP
- DNS addresses learned from: Stateful DHCP Server
2. Stateless autoconfig:
- Dynamic
- Prefix and length learned from: Router, using NDP
- Host learned from: Derived from MAC
- Default router learned from: Router, using NDP
- DNS addresses learned from: Stateless DHCP Server
3. Static configuration:
- Static
- Prefix and length learned from: Local config
- Host learned from: Local config
- Default router learned from: Router, using NDP
- DNS addresses learned from: Stateless DHCP Server
4. Static configuration with EUI-64:
- Static
- Prefix and length learned from: Local config
- Host learned from: Derived from MAC
- Default router learned from: Router, using NDP
- DNS addresses learned from: Stateless DHCP Server
Note: Although the DHCP server function for IPv4 does not explicitly use the word “stateful” in its name, IPv4 DHCP servers keep state information about DHCP clients. The server keeps a record of the leased IP addresses, and when the lease expires.
The IPv6 stateful DHCP server follows the same general idea. However, for IPv6, this server’s name includes the word stateful, to contrast it with the stateless DHCP server function in IPv6.
The stateless DHCP server function in IPv6 solves one particular problem: It supplies the DNS server IPv6 address(es) to clients.
Because all hosts typically use the same small number of DNS servers, the stateless DHCP server does not need to keep track of any state information.
Note: To automatically create a guaranteed-unique interface ID, IPv6 defines a method to calculate a 64-bit interface ID derived from that host’s MAC address.
The EUI-64 process takes the 6-byte (48-bit) MAC address and expands it into a 64-bit value. To do so, IPv6 fills in 2 more bytes into the middle of the MAC address.
IPv6 separates the original MAC address into two 3-byte halves and inserts hex FFFE in between the halves to form the Interface ID field of the IPv6 address.
The conversion also requires flipping the seventh bit inside the IPv6 address, resulting in a 64-bit number that conforms to a convention called the EUI-64 format.
IPv6 Address Types
1. Global unicast: Unicast packets sent through the public Internet, Prefix 2000::/3
2. Unique local: Unicast packets inside one organization, Prefix FD00::/8
3. Link local: Packets sent in the local subnet, Prefix FE80::/10
4. Loopback: Used for software testing, like IPv4’s 127.0.0.1, Prefix ::1/128
Multicast and Other Special IPv6 Addresses
All IPv6 nodes on the link - FF02::1
All IPv6 routers on the link - FF02::2
OSPF messages - FF02::5, FF02::6
RIP-2 messages - FF02::9
EIGRP messages - FF02::A
DHCP relay agents - FF02:1:2
Configuring IPv6 Addresses
Router IOS IPv6 Configuration Commands:
ipv6 address address/length - Static configuration of the entire IPv6 unicast address.
ipv6 address prefix/length eui-64 - Static configuration of the first 64 address bits; the router derives the last 64 bits with EUI-64.
ipv6 address autoconfig - Router uses stateless autoconfig to find address.
ipv6 address dhcp - Router uses stateful DHCP to find address.
ipv6 address address link-local - Overrides the automatically created link local address. The configured value must conform to the FE80::/10 prefix.
ipv6 address address/length anycast - Designates that the unicast address is an anycast.
ipv6 enable - Enables IPv6 on the interface, but results in only a link local address.
ipv6 unicast-routing - Enables the router to route IPv6 traffic.
In our lab, we will use a combination of static configuration and static configuration with EUI-64, as shown in the network topology.
The states and IPv6 addresses of the interfaces can be verified with the following commands:
R1#show ipv6 interface brief
R1#show interfaces fastEthernet 0/0
R1#show ipv6 interface fastEthernet 0/0
R1#show ipv6 route
R1#show ipv6 neighbors
R1#show ipv6 router
1. Static IPv6 configuration
Let's start by configuring R1, R2 and R3 with static IPv6 addresses:
R1:
!
ipv6 unicast-routing
!
interface FastEthernet0/0
ip address 131.0.0.1 255.255.255.252
duplex auto
speed auto
ipv6 address 2000:0:0:2::1/64
!
interface Serial0/0
ip address 121.0.0.1 255.255.255.252
ipv6 address 2000:0:0:1::1/64
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
ip address 142.0.0.1 255.255.255.252
ipv6 address 2002::1/64
clock rate 2000000
!
R2:
!
ipv6 unicast-routing
!
interface FastEthernet0/0
ip address 152.0.0.1 255.255.255.252
duplex auto
speed auto
ipv6 address 2001::1/64
!
interface Serial0/0
ip address 121.0.0.2 255.255.255.252
ipv6 address 2000:0:0:1::2/64
clock rate 2000000
!
interface FastEthernet0/1
ip address 132.0.0.1 255.255.255.252
duplex auto
speed auto
ipv6 address 2000:0:0:3::1/64
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
R3:
!
ipv6 unicast-routing
!
interface FastEthernet0/0
ip address 132.0.0.2 255.255.255.252
duplex auto
speed auto
ipv6 address 2000:0:0:3::2/64
!
interface Serial0/0
ip address 163.0.0.1 255.255.255.252
ipv6 address 2003::1/64
clock rate 2000000
!
interface FastEthernet0/1
ip address 131.0.0.2 255.255.255.252
duplex auto
speed auto
ipv6 address 2000:0:0:2::2/64
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
The results:
R1#show ipv6 interface brief
FastEthernet0/0 [up/up]
FE80::C201:2EFF:FEF4:0
2000:0:0:2::1
Serial0/0 [up/up]
FE80::C201:2EFF:FEF4:0
2000:0:0:1::1
FastEthernet0/1 [administratively down/down]
Serial0/1 [up/up]
FE80::C201:2EFF:FEF4:0
2002::1
R2#show ipv6 interface brief
FastEthernet0/0 [up/up]
FE80::C202:2EFF:FEF4:0
2001::1
Serial0/0 [up/up]
FE80::C202:2EFF:FEF4:0
2000:0:0:1::2
FastEthernet0/1 [up/up]
FE80::C202:2EFF:FEF4:1
2000:0:0:3::1
Serial0/1 [administratively down/down]
R3#show ipv6 interface brief
FastEthernet0/0 [up/up]
FE80::C203:2EFF:FEF4:0
2000:0:0:3::2
Serial0/0 [up/up]
FE80::C203:2EFF:FEF4:0
2003::1
FastEthernet0/1 [up/up]
FE80::C203:2EFF:FEF4:1
2000:0:0:2::2
Serial0/1 [administratively down/down]
Let's configure the rest of the routers using static configuration with EUI-64.
R4:
!
ipv6 unicast-routing
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 142.0.0.2 255.255.255.252
ipv6 address 2002::/64 eui-64
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
R5:
!
ipv6 unicast-routing
!
interface FastEthernet0/0
ip address 152.0.0.2 255.255.255.252
duplex auto
speed auto
ipv6 address 2001::/64 eui-64
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
R6:
!
ipv6 unicast-routing
!
interface FastEthernet0/0
ip address 10.0.0.1 255.255.255.252
duplex auto
speed auto
ipv6 address 2003:0:0:1::/64 eui-64
!
interface Serial0/0
ip address 163.0.0.2 255.255.255.252
ipv6 address 2003::/64 eui-64
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
R7:
!
ipv6 unicast-routing
!
interface FastEthernet0/0
ip address 10.0.0.2 255.255.255.252
duplex auto
speed auto
ipv6 address 2003:0:0:1::/64 eui-64
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
Note: All the interfaces now have link local addresses that begin FE80.
The results:
R4#show ipv6 interface brief
FastEthernet0/0 [administratively down/down]
Serial0/0 [up/up]
FE80::C200:2EFF:FEF4:0
2002::C200:2EFF:FEF4:0
FastEthernet0/1 [administratively down/down]
Serial0/1 [administratively down/down]
R5#show ipv6 interface brief
FastEthernet0/0 [up/up]
FE80::C204:20FF:FED4:0
2001::C204:20FF:FED4:0
FastEthernet0/1 [administratively down/down]
R6#show ipv6 interface brief
FastEthernet0/0 [up/up]
FE80::C205:20FF:FED4:0
2003::1:C205:20FF:FED4:0
Serial0/0 [up/up]
FE80::C205:20FF:FED4:0
2003::C205:20FF:FED4:0
FastEthernet0/1 [administratively down/down]
Serial0/1 [administratively down/down]
R7#show ipv6 interface brief
FastEthernet0/0 [up/up]
FE80::C206:20FF:FED4:0
2003::1:C206:20FF:FED4:0
FastEthernet0/1 [administratively down/down]
To better illustrate the role of eui-64 parameter and operation, let's consider R7's Fa0/0 IPv6 address.
R7 was configured with the following command:
R7(config-if)#ipv6 address 2003:0:0:1::/64 eui-64
Interface Fa0/0 has the following MAC address:
R7#show interfaces fastEthernet 0/0 | i bia
Hardware is Gt96k FE, address is c006.20d4.0000 (bia c006.20d4.0000)
As seen from the newly created address on the interface, eui-64 inserted FFFE between the two halves of the MAC address and flipped the 7th most significant bit of the MAC:
The process appended the modified MAC address to the manually configured network subnet (portion):
2003::1:C206:20FF:FED4:0
If we take the first 4 hex digits (c006) from the MAC address and convert them to binary:
1100 0000 0000 0110
Now, flipping the 7th most significant bit from 0 to 1:
1100 0010 0000 0110
The result (converted back to hex) is C206, which is exactly what the router calculated for this EUI-64 IPv6 address.
Other considerations:
A) Multicast Groups Joined by IPv6 Router Interfaces
R7#show ipv6 interface fastEthernet 0/0
FastEthernet0/0 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::C206:20FF:FED4:0
Global unicast address(es):
2003::1:C206:20FF:FED4:0, subnet is 2003:0:0:1::/64 [EUI]
Joined group address(es):
FF02::1
FF02::2
FF02::1:FFD4:0
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds
ND advertised reachable time is 0 milliseconds
ND advertised retransmit interval is 0 milliseconds
ND router advertisements are sent every 200 seconds
ND router advertisements live for 1800 seconds
Hosts use stateless autoconfig for addresses.
The first multicast, FF02::1, represents all IPv6 devices, so router interfaces must listen for packets sent to this address.
FF02::2 represents all IPv6 routers, so again, R2 must listen for packets sent to this address.
Finally, the FF02::1:FF beginning value is the range for an address’ solicited node multicast address, used by several functions, including the duplicate address detection (DAD) and neighbor discovery (ND).
B) Connected Routes and Neighbors
R7#show ipv6 route
IPv6 Routing Table - 4 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
C 2003:0:0:1::/64 [0/0]
via ::, FastEthernet0/0
L 2003::1:C206:20FF:FED4:0/128 [0/0]
via ::, FastEthernet0/0
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
First, the IPv6 routing table lists the expected connected routes, but a new type of route – a “local” route – designated by an L in the output of the show ipv6 route command.
The connected routes occur for any unicast IPv6 addresses on the interface that happen to have more than link local scope.
The Local routes, all /128 routes, are essentially host routes for the router’s unicast IPv6 addresses.
These local routes allow the router to more efficiently process packets directed to the router itself, rather than for packets directed toward connected subnets.
2. Stateless IPv6 autoconfiguration
Let's consider routers R6 and R7 and the link between them.
They are both configured with static addresses using eui-64.
R7’s Fa0/0 configuration will be changed, using the ipv6 address autoconfig subcommand on that interface.
This tells R7 to use stateless autoconfig process, with R7 learning its prefix from Router R6.
R7 then builds the rest of its IPv6 address using EUI-64.
Before configuration:
R7#show ipv6 interface fastEthernet 0/0
FastEthernet0/0 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::C206:20FF:FED4:0
Global unicast address(es):
2003::1:C206:20FF:FED4:0, subnet is 2003:0:0:1::/64 [EUI]
R7#ping 2003::1:C205:20FF:FED4:0 (ping to R6)
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2003::1:C205:20FF:FED4:0, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/16/20 ms
R7(config)#interface fastEthernet 0/0
R7(config-if)#no ipv6 address
R7(config-if)#ipv6 address autoconfig
After configuration:
R7#show ipv6 interface fastEthernet 0/0
FastEthernet0/0 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::C206:20FF:FED4:0
Global unicast address(es):
2003::1:C206:20FF:FED4:0, subnet is 2003:0:0:1::/64 [PRE]
R7#ping 2003::1:C205:20FF:FED4:0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2003::1:C205:20FF:FED4:0, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/25/64 ms
R7#show ipv6 router
Router FE80::C205:20FF:FED4:0 on FastEthernet0/0, last update 1 min
Hops 64, Lifetime 1800 sec, AddrFlag=0, OtherFlag=0, MTU=1500
HomeAgentFlag=0, Preference=Medium
Reachable time 0 msec, Retransmit time 0 msec
Prefix 2003:0:0:1::/64 onlink autoconfig
Valid lifetime 2592000, preferred lifetime 604800
Note:
Starting with the configuration, the no ipv6 address command actually removes all configured IPv6 addresses from the interface and also disables IPv6 on interface Fa0/0.
Then, the ipv6 address autoconfig command again enables IPv6 on Fa0/0 and tells R7 to use stateless autoconfig.
The show ipv6 router command, which lists the cached contents of any received RA messages, lists the information received from R6’s RA message, including R6’s link local address (used to identify the routers) and R6’s advertised prefix.
Note: You do not need to use the ipv6 enable command if you enter any other ipv6 address commands on an interface; IPv6 support is automatically enabled as soon as you assign an IPv6 address to the interface.
No comments:
Post a Comment