The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter describes how to configure IPv6 unicast routing on the Cisco Industrial Ethernet 2000U Series (IE 2000U) and Connected Grid Switches, hereafter referred to as switch.
For information about configuring IPv4 unicast routing, see Chapter2, “Configuring IP Unicast Routing” For information on configuring IPv6 access control lists (ACLs) see the “Configuring IPv6 ACLs” chapter in the Security Software Configuration Guide for Cisco IE 2000U and Connected Grid Switches .
To use this feature, the switch must be running the IP services image. To enable IPv6 routing, you must configure the switch to use a dual IPv4 and IPv6 switch database management (SDM) template. See the “Dual IPv4 and IPv6 Protocol Stacks” section.
NoteFor complete syntax and usage information for the commands used in this chapter, see the Cisco IOS documentation listed in the“Related Documents” section.
IPv4 users can move to IPv6 and receive services such as end-to-end security, quality of service (QoS), and globally unique addresses. The IPv6 address space reduces the need for private addresses and Network Address Translation (NAT) processing by border routers at network edges.
This section describes IPv6 implementation on the switch and includes the following topics:
The switch supports only IPv6 unicast addresses. It does not support site-local unicast addresses, anycast addresses, or multicast addresses.
The IPv6 128-bit addresses are represented as a series of eight 16-bit hexadecimal fields separated by colons in the format: n:n:n:n:n:n:n:n. This is an example of an IPv6 address:
2031:0000:130F:0000:0000:09C0:080F:130B
For easier implementation, leading zeros in each field are optional. This is the same address without leading zeros:
You can also use two colons (::) to represent successive hexadecimal fields of zeros, but you can use this short version only once in each address:
For more information about IPv6 address formats, address types, and the IPv6 packet header, see the IPv6 Addressing and Basic Connectivity Configuration Guide, Cisco IOS Release 15M&T in the IPv6 Configuration Library, Cisco IOS Release 15M&T.
In the “Information About Implementing Basic Connectivity for IPv6” chapter, these sections apply to the switch:
Support on the switch includes expanded address capability, header format simplification, improved support of extensions and options, and hardware parsing of the extension header. The switch supports hop-by-hop extension header packets, which are routed or bridged in software.
The switch provides IPv6 routing capability over 802.1Q trunk ports for static routes, Routing Information Protocol (RIP) for IPv6, and Open Shortest Path First (OSPF) Version 3 Protocol. It supports up to 16 equal-cost routes and can simultaneously forward IPv4 and IPv6 frames at line rate.
NoteFor more information about the IPv6 unicast routing features described in this section, see theIPv6 Configuration Library, Cisco IOS Release 15M&T and IPv6 Implementation Guide, Cisco IOS Release 15.2M&T.
The switch supports aggregatable global unicast addresses and link-local unicast addresses. It does not support site-local unicast addresses.
These addresses are defined by a global routing prefix, a subnet ID, and an interface ID. Current global unicast address allocation uses the range of addresses that start with binary value 001 (2000::/3). Addresses with a prefix of 2000::/3(001) through E000::/3(111) must have 64-bit interface identifiers in the extended unique identifier (EUI)-64 format.
IPv6 supports Domain Name System (DNS) record types in the DNS name-to-address and address-to-name lookup processes. The DNS AAAA resource record types support IPv6 addresses and are equivalent to an A address record in IPv4. The switch supports DNS resolution for IPv4 and IPv6.
The switch supports advertising the system maximum transmission unit (MTU) to IPv6 nodes and path MTU discovery. Path MTU discovery allows a host to dynamically discover and adjust to differences in the MTU size of every link along a given data path. In IPv6, if a link along the path is not large enough to accommodate the packet size, the source of the packet handles the fragmentation. The switch does not support path MTU discovery for multicast packets.
The Internet Control Message Protocol (ICMP) in IPv6 generates error messages, such as ICMP destination unreachable messages, to report errors during processing and other diagnostic functions. In IPv6, ICMP packets are also used in the neighbor discovery protocol and path MTU discovery.
The switch supports NDP for IPv6, a protocol running on top of ICMPv6, and static neighbor entries for IPv6 stations that do not support NDP. The IPv6 neighbor discovery process uses ICMP messages and solicited-node multicast addresses to determine the link-layer address of a neighbor on the same network (local link), to verify the reachability of the neighbor, and to keep track of neighboring routers.
The switch supports ICMPv6 redirect for routes with mask lengths less than 64 bits. ICMP redirect is not supported for host routes or for summarized routes with mask lengths greater than 64 bits.
Neighbor discovery throttling ensures that the switch CPU is not unnecessarily burdened while it is in the process of obtaining the next hop forwarding information to route an IPv6 packet. The switch drops any additional IPv6 packets whose next hop is the same neighbor that the switch is actively trying to resolve. This drop avoids further load on the CPU.
The switch supports IPv6 default router preference (DRP), an extension in router advertisement messages. DRP improves the ability of a host to select an appropriate router, especially when the host is multihomed and the routers are on different links. The switch does not support the Route Information Option in RFC 4191.
An IPv6 host maintains a default router list from which it selects a router for traffic to offlink destinations. The selected router for a destination is then cached in the destination cache. NDP for IPv6 specifies that routers that are reachable or probably reachable are preferred over routers whose reachability is unknown or suspect. For reachable or probably reachable routers, NDP can either select the same router every time or cycle through the router list. By using DRP, you can configure an IPv6 host to prefer one router over another, provided both are reachable or probably reachable.
The switch uses stateless autoconfiguration to manage link, subnet, and site addressing changes, such as management of host and mobile IP addresses. A host autonomously configures its own link-local address, and booting nodes send router solicitations to request router advertisements for configuring interfaces.
You must use the dual IPv4 and IPv6 template to allocate hardware memory usage to both IPv4 and IPv6 protocols.
Dual IPv4 and IPv6 Support on an Interface shows a router forwarding both IPv4 and IPv6 traffic through the same interface, based on the IP packet and destination addresses.
Figure 3-1 Dual IPv4 and IPv6 Support on an Interface
Use the dual IPv4 and IPv6 switch database management (SDM) template to enable IPv6 routing dual stack environments (supporting both IPv4 and IPv6). For more information about the dual IPv4 and IPv6 SDM template, see the “Configuring SMD Templates” chapter in the System Management Software Configuration Guide for Cisco IE 2000U and Connected Grid Switches .
DHCPv6 enables DHCP servers to pass configuration parameters, such as IPv6 network addresses, to IPv6 clients. The address assignment feature manages nonduplicate address assignment in the correct prefix based on the network where the host is connected. Assigned addresses can be from one or multiple prefix pools. Additional options, such as default domain and DNS name-server address, can be passed back to the client. Address pools can be assigned for use on a specific interface, on multiple interfaces, or the server can automatically find the appropriate pool.
Static routes are manually configured and define an explicit route between two networking devices. Static routes are useful for smaller networks with only one path to an outside network or to provide security for certain types of traffic in a larger network.
Routing Information Protocol (RIP) for IPv6 is a distance-vector protocol that uses hop count as a routing metric. It includes support for IPv6 addresses and prefixes and the all-RIP-routers multicast group address FF02::9 as the destination address for RIP update messages.
The switch supports Open Shortest Path First (OSPF) for IPv6, a link-state protocol for IP.
The switch supports Enhanced Interior Gateway Routing Protocol (EIGRP) for IPv6. It is configured on the interfaces on which it runs and does not require a global IPv6 address.
Before running, an instance of EIGRP IPv6 requires an implicit or explicit router ID. An implicit router ID is derived from a local IPv4 address, so any IPv4 node always has an available router ID. However, EIGRP IPv6 might be running in a network with only IPv6 nodes and therefore might not have an available IPv4 router ID.
Multiprotocol Border Gateway Protocol (BGP) is the supported exterior gateway protocol for IPv6. Multiprotocol BGP extensions for IPv6 support the same features and functionality as IPv4 BGP. IPv6 enhancements to multiprotocol BGP include support for IPv6 address family and network layer reachability information (NLRI) and next-hop (the next router in the path to the destination) attributes that use IPv6 addresses.
The switch does not support multicast BGP or non-stop forwarding (NSF) for IPv6 or for BGP IPv6.
To support both IPv4 and IPv6, IPv6 network management requires both IPv6 and IPv4 transports. Syslog over IPv6 supports address data types for these transports.
SNMP and syslog over IPv6 provide these features:
For support over IPv6, SNMP modifies the existing IP transport mapping to simultaneously support IPv4 and IPv6. These SNMP actions support IPv6 transport management:
The HTTP client sends requests to both IPv4 and IPv6 HTTP servers, which respond to requests from both IPv4 and IPv6 HTTP clients. URLs with literal IPv6 addresses must be specified in hexadecimal using 16-bit values between colons.
The accept socket call chooses an IPv4 or IPv6 address family. The accept socket is either an IPv4 or IPv6 socket. The listening socket waits for both IPv4 and IPv6 signals that indicate a connection. The IPv6 listening socket is bound to an IPv6 wildcard address.
The underlying TCP/IP stack supports a dual-stack environment. HTTP relies on the TCP/IP stack and the sockets for processing network-layer interactions.
Basic network connectivity (ping) must exist between the client and the server hosts before HTTP connections can be made.
Select a dual IPv4 and IPv6 template as described in the “Dual IPv4 and IPv6 Protocol Stacks” section.
Because IPv6 is implemented in switch hardware, some limitations occur due to the IPv6 compressed addresses in the hardware memory. This results in some loss of functionality and some feature limitations.
Note There is a similar limitation for IPv4 SNAP-encapsulated packets, but the packets are dropped at the switch.
– When you send RSPAN IPv6-routed packets, the source MAC address in the SPAN output packet might be incorrect.
– When you send RSPAN IPv6-routed packets, the destination MAC address might be incorrect. Normal traffic is not affected.
|
|
---|---|
Disabled (IPv4 CEF is enabled by default). Note When IPv6 routing is enabled, CEFv6 is automatically enabled. |
|
To forward IPv6 traffic on an interface, you must configure a global IPv6 address on that interface. Configuring an IPv6 address on an interface automatically configures a link-local address and activates IPv6 for the interface. The configured interface automatically joins these required multicast groups for that link:
For more information about configuring IPv6 routing, see the “Implementing Addressing and Basic Connectivity for IPv6” chapter in the IPv6 Implementation Guide, Cisco IOS Release 15.2M&T .
To remove an IPv6 address from an interface, use the no ipv6 address ipv6-prefix/prefix length eui-64 or no ipv6 address ipv6-address link-local interface configuration command. To remove all manually configured IPv6 addresses from an interface, use the no ipv6 address interface configuration command without arguments. To disable IPv6 processing on an interface that has not been explicitly configured with an IPv6 address, use the no ipv6 enable interface configuration command. To globally disable IPv6 routing, use the no ipv6 unicast-routing global configuration command.
This example shows how to enable IPv6 with both a link-local address and a global address based on the IPv6 prefix 2001:0DB8:c18:1::/64. The EUI-64 interface ID is used in the low-order 64 bits of both addresses. Output from the show ipv6 interface EXEC command is included to show how the interface ID (20B:46FF:FE2F:D940) is appended to the link-local prefix FE80::/64 of the interface.
Router advertisement messages are sent with the default router preference (DRP) configured by the ipv6 nd router-preference interface configuration command. If no DRP is configured, router advertisements are sent with a medium preference.
A DRP is useful when two routers on a link might provide equivalent, but not equal-cost routing, and policy might dictate that hosts should prefer one of the routers.
Complete the Configuring IPv6 Addressing and Enabling IPv6 Routing.
|
|
|
---|---|---|
Enter interface configuration mode, and enter the Layer 3 interface on which you want to specify the DRP. |
||
Use the no ipv6 nd router-preference interface configuration command to disable an IPv6 DRP.
This example shows how to configure a DRP of high for the router on an interface:
Follow this procedure to configure a Layer 3 interface to support both IPv4 and IPv6 and to enable IPv6 routing.
Before configuring IPv6 routing, you must select an SDM template that supports IPv4 and IPv6. If not already configured, use the sdm prefer dual-ipv4-and-ipv6 { default | routing | vlan} global configuration command to configure a template that supports IPv6. When you select a new template, you must reload the switch by using the reload privileged EXEC command so that the template takes effect.
To disable IPv4 routing, use the no ip routing global configuration command. To disable IPv6 routing, use the no ipv6 unicast-routing global configuration command. To remove an IPv4 address from an interface, use the no ip address ip-address mask interface configuration command. To remove an IPv6 address from an interface, use the no ipv6 address ipv6-prefix/prefix length eui-64 or no ipv6 address ipv6-address link-local interface configuration command. To remove all manually configured IPv6 addresses from an interface, use the no ipv6 address interface configuration command without arguments. To disable IPv6 processing on an interface that has not been explicitly configured with an IPv6 address, use the no ipv6 enable interface configuration command.
This example shows how to enable IPv4 and IPv6 routing on an interface:
This document describes only the DHCPv6 address assignment. For more information about configuring the DHCPv6 client, server, or relay agent functions, see the “Implementing DHCP for IPv6” chapter in the IPv6 Implementation Guide, Cisco IOS Release 15.2M&T .
By default, no Dynamic Host Configuration Protocol for IPv6 (DHCPv6) features are configured on the switch.
When configuring a DHCPv6 address assignment, consider these guidelines:
– DHCPv6 IPv6 routing must be enabled on a Layer 3 interface.
– SVI: a VLAN interface created by using the interface vlan vlan_id command.
– EtherChannel port channel in Layer 3 mode: a port-channel logical interface created by using the interface port-channel port-channel-number command.
See the “DHCPv6 Address Assignment Configuration Guidelines” section.
To delete a DHCPv6 pool, use the no ipv6 dhcp pool poolname global configuration command. Use the no form of the DHCP pool configuration mode commands to change the DHCPv6 pool characteristics. To disable the DHCPv6 server function on an interface, use the no ipv6 dhcp server interface configuration command.
This example shows how to configure a pool called engineering with an IPv6 address prefix:
This example shows how to configure a pool called testgroup with three link-addresses and an IPv6 address prefix:
This example shows how to configure a pool called 350 with vendor-specific options:
See the “DHCPv6 Address Assignment Configuration Guidelines” section.
To disable the DHCPv6 client function, use the no ipv6 address dhcp interface configuration command. To remove the DHCPv6 client request, use the no ipv6 address dhcp client request interface configuration command.
This example shows how to acquire an IPv6 address and to enable the rapid-commit option:
ICMP rate limiting is enabled by default with a default interval between error messages of 100 milliseconds and a bucket size (maximum number of tokens to be stored in a bucket) of 10.
Complete the Configuring IPv6 Addressing and Enabling IPv6 Routing.
|
|
|
---|---|---|
Configure the interval and bucket size for IPv6 ICMP error messages: |
||
To return to the default configuration, use the no ipv6 icmp error-interval global configuration command.
This example shows how to configure an IPv6 ICMP error message interval of 50 milliseconds and a bucket size of 20 tokens:
Cisco Express Forwarding (CEF) is a Layer 3 IP switching technology, allowing more CPU processing power to be dedicated to packet forwarding. IPv4 CEF is enabled by default. IPv6 CEF is disabled by default, but automatically enabled when you configure IPv6 routing.
To route IPv6 unicast packets, first globally configure forwarding of IPv6 unicast packets by using the ipv6 unicast-routing global configuration command. You must also configure an IPv6 address and IPv6 processing on an interface by using the ipv6 address interface configuration command.
To disable IPv6 CEF, use the no ipv6 cef global configuration command. To reenable IPv6 CEF, use the ipv6 cef global configuration command. You can verify the IPv6 state by entering the show ipv6 cef privileged EXEC command.
For more information about configuring CEF, see the “Implementing IPv6 Addressing and Basic Connectivity” chapter in the IPv6 Implementation Guide, Cisco IOS Release 15.2M&T .
To remove a configured static route, use the no ipv6 route ipv6-prefix/prefix length { ipv6-address | interface-id [ ipv6-address ]} [ administrative distance ] global configuration command.
For more information about configuring static IPv6 routing, see the “Implementing Static Routes for IPv6” chapter in the IPv6 Implementation Guide, Cisco IOS Release 15.2M&T .
This example shows how to configure a floating static route to an interface. The route has an administrative distance of 130:
To disable a RIP routing process, use the no ipv6 router rip name global configuration command. To disable the RIP routing process for an interface, use the no ipv6 rip name interface configuration command.
For more information about configuring RIP routing for IPv6, see the “Implementing RIP for IPv6” chapter in the IPv6 Implementation Guide, Cisco IOS Release 15.2M&T .
This example shows how to enable the RIP routing process cisco with a maximum of eight equal-cost routes and to enable it on an interface:
You can customize OSPF for IPv6 for your network. However, the defaults are set to meet the requirements of most customers and features.
Be careful when changing the defaults for IPv6 commands. Doing so might adversely affect OSPF for the IPv6 network.
To disable an OSPF routing process, use the no ipv6 router ospf process-id global configuration command. To disable the OSPF routing process for an interface, use the no ipv6 ospf process-id area area-id interface configuration command.
For more information about configuring OSPF routing for IPv6, see the “Implementing OSPF for IPv6” chapter in the IPv6 Implementation Guide, Cisco IOS Release 15.2M&T .
By default, EIGRP for IPv6 is disabled. You can configure EIGRP for IPv6 on an interface. After configuring the router and the interface for EIGRP, enter the no shutdown privileged EXEC command to start EIGRP.
NoteIf EIGRP for IPv6 is not in shutdown mode, EIGRP might start running before you enter the EIRGP router-mode commands to configure the router and the interface.
To set an explicit router ID, use the show ipv6 eigrp command to see the configured router IDs, and then use the router-id command.
As with EIGRP IPv4, you can use EIGRPv6 to specify your EIGRP IPv4 interfaces and to select a subset of those as passive interfaces. Use the passive-interface default command to make all interfaces passive, and then use the no passive-interface command on selected interfaces to make them active. EIGRP IPv6 does not need to be configured on a passive interface.
For more configuration procedures, see the “Implementing EIGRP for IPv6” chapter in the IPv6 Implementation Guide, Cisco IOS Release 15.2M&T .
When configuring multiprotocol BGP extensions for IPv6, you must create the BGP routing process, configure peering relationships, and customize BGP for your particular network. Note that BGP functions the same in IPv6 as in IPv4.
Before configuring the router to run BGP for IPv6, you must use the ipv6 unicast-routing command to globally enable IPv6 routing.
For more configuration procedures, see the “Implementing Multiprotocol BGP for IPv6” chapter in the IPv6 Implementation Guide, Cisco IOS Release 15.2M&T .
The switch does not support multicast IPv6 BGP, nonstop forwarding (NSF) for IPv6 BGP, 6PE multipath (EoMPLS), or IPv6 VRF.
|
|
---|---|
This is an example of the output from the show ipv6 interface privileged EXEC command:
This is an example of the output from the show ipv6 cef privileged EXEC command:
This is an example of the output from the show ipv6 protocols privileged EXEC command:
This is an example of the output from the show ipv6 rip privileged EXEC command:
This is an example of the output from the show ipv6 neighbor privileged EXEC command:
This is an example of the output from the show ipv6 static privileged EXEC command:
This is an example of the output from the show ipv6 route privileged EXEC command:
This is an example of the output from the show ipv6 traffic privileged EXEC command.
For information about how Cisco Systems implements IPv6:
For information about IPv6 and other features in this chapter:
|
|
---|---|