Sample IPv6 Network
The 3 ways for assigning an IPv6 address to a node are manual configuration (static), stateless autoconfiguration (dynamic), and stateful DHCPv6 (dynamic).
The ipv6 unicast-routing global configuration command globally enables the forwarding of IPv6 packets (IPv6 routing) for interfaces configured with an IPv6 address. This command also enables Neighbor Discovery Protocol for LAN interface types, eg: Ethernet. RT1 and RT2 must be configured with this command in order to forward IPv6 packets between physical interfaces.
The ipv6 enable interface subcommand configures an IPv6 link-local address and enables IPv6 processing for an interface and on the interface. The link-local address can be used only for communication with nodes reside on the same link or network.
Note: This command does not enable the Neighbor Discovery Protocol.
The ipv6 address {ipv6-addr/prefix-length [eui-64] | {ipv6-addr link-local} interface subcommand configures a global IPv6 address on an interface and enables IPv6 processing on the interface. The eui-64 keyword configures an IPv6 address with the last 64 bits of the IPv6 address in EUI-64 format. The link-local keyword configures a specific link-local IPv6 address on an interface instead of using the automatically generated Interface ID in EUI-64 format.
Note: This command does not enable the Neighbor Discovery Protocol.
Basic IPv6 addressing configuration on RT1:
RT1#conf t Enter configuration commands, one per line. End with CNTL/Z. RT1(config)#ipv6 unicast-routing RT1(config)#int fa1/0 RT1(config-if)#ipv6 address 2345:6789:AAAA:1::/64 eui-64 RT1(config-if)#no shut RT1(config-if)#exit RT1(config)#int s0/0 RT1(config-if)#ipv6 address 2345:6789:AAAA:2::1/64 RT1(config-if)#no shut RT1(config-if)#^Z RT1# RT1#sh int fa1/0 | in bia Hardware is AmdFE, address is 0004.4e11.1111 (bia 0004.4e11.1111) RT1# RT1#sh ipv6 int | in is up|link-local Serial0/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::204:4EFF:FE11:1111 FastEthernet1/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::204:4EFF:FE11:1111 RT1# RT1#sh ipv6 int fa1/0 FastEthernet1/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::204:4EFF:FE11:1111 Global unicast address(es): 2345:6789:AAAA:1:204:4EFF:FE11:1111, subnet is 2345:6789:AAAA:1::/64 Joined group address(es): FF02::1 ! All IPv6 nodes within the link-local scope FF02::2 ! All IPv6 routers within the link-local scope FF02::1:FF11:1111 ! Solicited-node multicast address (link-local scope) MTU is 1500 bytes ICMP error messages limited to one every 100 milliseconds ICMP redirects are enabled ND DAD is enabled, number of DAD attempts: 1 ND reachable time is 30000 milliseconds ND advertised reachable time is 0 milliseconds ND advertised retransmit interval is 0 milliseconds ND router advertisements are sent every 200 seconds ND router advertisements live for 1800 seconds Hosts use stateless autoconfig for addresses. RT1# RT1#sh ipv6 int s0/0 Serial0/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::204:4EFF:FE11:1111 Global unicast address(es): 2345:6789:AAAA:2::1, subnet is 2345:6789:AAAA:2::/64 Joined group address(es): FF02::1 FF02::2 FF02::1:FF00:1 FF02::1:FF11:1111 MTU is 1500 bytes ICMP error messages limited to one every 100 milliseconds ICMP redirects are enabled ND DAD is enabled, number of DAD attempts: 1 ND reachable time is 30000 milliseconds Hosts use stateless autoconfig for addresses. RT1# RT1#ping 2345:6789:AAAA:2::1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2345:6789:AAAA:2::1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms RT1# RT1#ping 2345:6789:AAAA:1:204:4EFF:FE11:1111 ! OMG!!! Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2345:6789:AAAA:1:204:4EFF:FE11:1111, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms RT1#
Basic IPv6 addressing configuration on RT2:
RT2#conf t Enter configuration commands, one per line. End with CNTL/Z. RT2(config)#ipv6 unicast-routing RT2(config)#int s0/0 RT2(config-if)#ipv6 address 2345:6789:AAAA:2::2/64 RT2(config-if)#no shut RT2(config-if)#exit RT2(config)#int fa1/0 RT2(config-if)#ipv6 address 2345:6789:AAAA:3::1/64 RT2(config-if)#no shut RT2(config-if)#^Z RT2# RT2#sh ipv6 int brief s0/0 Serial0/0 [up/up] FE80::204:4EFF:FE22:2211 2345:6789:AAAA:2::2 RT2# RT2#sh ipv6 int brief fa1/0 FastEthernet1/0 [up/up] FE80::204:4EFF:FE22:2211 2345:6789:AAAA:3::1 RT2#
Basic IPv6 addressing configuration on PC1 and PC2:
PC1(config)#int fa0/0 PC1(config-if)#ipv6 address autoconfig PC1(config-if)#no shut PC1(config-if)#^Z PC1# PC1#sh ipv6 int brief FastEthernet0/0 [up/up] FE80::204:4EFF:FE33:3301 2345:6789:AAAA:1:204:4EFF:FE33:3301 PC1# PC1#sh ipv6 neighbors IPv6 Address Age Link-layer Addr State Interface FE80::204:4EFF:FE11:1111 3 0004.4e11.1111 STALE Fa0/0 2345:6789:AAAA:1:204:4EFF:FE11:1111 3 0004.4e11.1111 STALE Fa0/0 PC1# PC1#sh ipv6 routers Router FE80::204:4EFF:FE11:1111 on FastEthernet0/0, last update 1 min Hops 64, Lifetime 1800 sec, AddrFlag=0, OtherFlag=0, MTU=1500 Reachable time 0 msec, Retransmit time 0 msec Prefix 2345:6789:AAAA:1::/64 onlink autoconfig Valid lifetime 2592000, preferred lifetime 604800 PC1# ====================================================================== PC2(config)#int fa0/0 PC2(config-if)#ipv6 address autoconfig PC2(config-if)#ipv6 address FE80::2222 link-local PC2(config-if)#no shut PC2(config-if)#^Z PC2# PC2#sh ipv6 int brief FastEthernet0/0 [up/up] FE80::2222 2345:6789:AAAA:3::2222 PC2# PC2#sh ipv6 neighbors IPv6 Address Age Link-layer Addr State Interface FE80::204:4EFF:FE22:2211 0 0004.4e22.2211 STALE Fa0/0 2345:6789:AAAA:3::1 4 0004.4e22.2211 STALE Fa0/0 PC2# PC2#sh ipv6 routers Router FE80::204:4EFF:FE22:2211 on FastEthernet0/0, last update 1 min Hops 64, Lifetime 1800 sec, AddrFlag=0, OtherFlag=0, MTU=1500 Reachable time 0 msec, Retransmit time 0 msec Prefix 2345:6789:AAAA:3::/64 onlink autoconfig Valid lifetime 2592000, preferred lifetime 604800 PC2#
Network engineers often use easier-to-remember values like ::1 instead of the automatically generated Interface ID in EUI-64 format when assigning link-local and global unicast addresses.
IPv6 Static Routing and Default Routing Configuration
Static Routing configuration on RT1 and Default Routing configuration on RT2:
RT1(config)#ipv6 route 2345:6789:AAAA:3::/64 2345:6789:AAAA:2::2 RT1(config)#^Z RT1# RT1#sh ipv6 route IPv6 Routing Table - 7 entries Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP U - Per-user Static route I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 C 2345:6789:AAAA:1::/64 [0/0] via ::, FastEthernet1/0 L 2345:6789:AAAA:1:204:4EFF:FE11:1111/128 [0/0] via ::, FastEthernet1/0 C 2345:6789:AAAA:2::/64 [0/0] via ::, Serial0/0 L 2345:6789:AAAA:2::1/128 [0/0] via ::, Serial0/0 S 2345:6789:AAAA:3::/64 [1/0] via 2345:6789:AAAA:2::2 L FE80::/10 [0/0] via ::, Null0 L FF00::/8 [0/0] via ::, Null0 RT1# ====================================================================== RT2(config)#ipv6 route ::/0 s0/0 RT2(config)#^Z RT2# RT2#sh ipv6 route IPv6 Routing Table - 7 entries Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP U - Per-user Static route I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 S ::/0 [1/0] via ::, Serial0/0 C 2345:6789:AAAA:2::/64 [0/0] via ::, Serial0/0 L 2345:6789:AAAA:2::2/128 [0/0] via ::, Serial0/0 C 2345:6789:AAAA:3::/64 [0/0] via ::, FastEthernet1/0 L 2345:6789:AAAA:3::1/128 [0/0] via ::, FastEthernet1/0 L FE80::/10 [0/0] via ::, Null0 L FF00::/8 [0/0] via ::, Null0 RT2#
The link-local address of a neighbor can be specified as the next-hop address for a static route. If using a link-local address as the next-hop address, then both the outgoing interface and link-local address and must be specified in the static route configuration.
Verify that PC1 is able to reach PC2:
PC1#ping 2345:6789:AAAA:3::2222
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2345:6789:AAAA:3::2222, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 92/107/128 ms
PC1#
RIPng Configuration
RIPng configuration on RT1 and RT2:
RT1(config)#no ipv6 route 2345:6789:AAAA:3::/64 RT1(config)#int s0/0 RT1(config-if)#ipv6 rip ? WORD User selected string identifying this RIP process RT1(config-if)#ipv6 rip 1 enable RT1(config-if)#int fa1/0 RT1(config-if)#ipv6 rip 1 enable RT1(config-if)#exit RT1(config)#ipv6 router rip ? WORD User selected string identifying this process RT1(config)#ipv6 router rip 1 RT1(config-rtr)#^Z RT1# RT1#sh ipv6 protocols IPv6 Routing Protocol is "connected" IPv6 Routing Protocol is "static" IPv6 Routing Protocol is "rip 1" Interfaces: FastEthernet1/0 Serial0/0 Redistribution: None RT1# ====================================================================== RT2(config)#no ipv6 route ::/0 RT2(config)#int s0/0 RT2(config-if)#ipv6 rip 1 enable RT2(config-if)#int fa1/0 RT2(config-if)#ipv6 rip 1 enable RT2(config-if)#^Z RT2# RT2#sh run | in ipv6 router rip ipv6 router rip 1 RT2#Note: The ipv6 rip {rip-proc-name} enable interface subcommand will start a RIPng process with the defined tag. The ipv6 router rip {rip-proc-name} global configuration which enters the router configuration mode is optional and is not required to enable a RIPng process. The tag name is local significant and does not have to match between RIPng routers.
Verify the RIPng operation on RT1:
RT1#sh ipv6 route IPv6 Routing Table - 7 entries Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP U - Per-user Static route I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 C 2345:6789:AAAA:1::/64 [0/0] via ::, FastEthernet1/0 L 2345:6789:AAAA:1:204:4EFF:FE11:1111/128 [0/0] via ::, FastEthernet1/0 C 2345:6789:AAAA:2::/64 [0/0] via ::, Serial0/0 L 2345:6789:AAAA:2::1/128 [0/0] via ::, Serial0/0 R 2345:6789:AAAA:3::/64 [120/2] via FE80::204:4EFF:FE22:2211, Serial0/0 L FE80::/10 [0/0] via ::, Null0 L FF00::/8 [0/0] via ::, Null0 RT1# RT1#sh ipv6 rip RIP process "1", port 521, multicast-group FF02::9, pid 102 Administrative distance is 120. Maximum paths is 16 Updates every 30 seconds, expire after 180 Holddown lasts 0 seconds, garbage collect after 120 Split horizon is on; poison reverse is off Default routes are not generated Periodic updates 53, trigger updates 2 Interfaces: FastEthernet1/0 Serial0/0 Redistribution: None RT1# RT1#sh ipv6 rip next-hops RIP process "1", Next Hops FE80::204:4EFF:FE22:2211/Serial0/0 [2 paths] RT1# ====================================================================== RT2#sh ipv6 int brief s0/0 Serial0/0 [up/up] FE80::204:4EFF:FE22:2211 2345:6789:AAAA:2::2 RT2#
Note that the next-hop address to reach 2345:6789:AAAA:3::/64 is the link-local address instead of global unicast address of RT2 Serial0/0. The show ipv6 rip next-hops EXEC command confirms that RIPng indeed uses link-local addresses as next-hop addresses.
RIPng no longer performs automatic summarization as with RIPv2. It still sends out periodic full Update multicast packets every 30 seconds.
Since IPv6 supports native authentication using the IPsec Authentication Header (AH), RIPng does not natively support authentication, instead rely on IPv6’s inherent IPsec capabilities.
No comments:
Post a Comment