ME 3800x and ME 3600x Switches Software Configuration Guide, Release 15.2(2)S
Configuring IPv6 Unicast Routing
Downloads: This chapterpdf (PDF - 282.0KB) The complete bookPDF (PDF - 12.03MB) | Feedback

Table of Contents

Configuring IPv6 Unicast Routing

Understanding IPv6

IPv6 Addresses

Supported IPv6 Unicast Routing Features

Path MTU Discovery for IPv6 Unicast

ICMPv6

Neighbor D iscovery

Default Router Preference

IPv6 Stateless Auto-configuration and Duplicate Address Detection

IPv6 Applications

Dual IPv4 and IPv6 Protocol Stacks

DHCP for IPv6 Address Assignment

DHCP for IPv6 Server, Client, and Relay

Static Routes for IPv6

O SPF for IPv6

H TTP(S) Over IPv6

BGP over IPv6

Unsupported IPv6 Unicast Routing Features

Configuring IPv6

Default IPv6 Configuration

Configuring IPv6 Addressing and Enabling IPv6 Routing

Configuration Examples

Configuring Default Router Preference

Configuring IPv4 and IPv6 Protocol Stacks

Configuring DHCP for IPv6 Address Assignment

Default DHCPv6 Address Assignment Configuration

DHCPv6 Address Assignment Configuration Guidelines

Enabling the DHCPv6 Server Address-Assignment

Enabling the DHCPv6 Client Address Assignment

Configuring DHCP Client, Server and Relay Functions

C onfiguring IPv6 ICMP Rate Limiting

Configuring CEF for IPv6

Configuring Static Routing for IPv6

C onfiguring OSPF for IPv6

C onfiguring IS-IS for IPv6

Displaying IPv6

Configuration Example

Configuring IPv6 Unicast Routing

This chapter describes how to configure IPv6 unicast routing on the Cisco ME 3600 and ME 3800 Ethernet Access switch.

For information about configuring IPv4 unicast routing, see Configuring IP Unicast Routing

To use this feature, the switch must be running the metro IP access image. To enable IPv6 routing, you must configure the switch to use a dual IPv4 and IPv6 switch database management (SDM) template. See the Dual IPv4 and IPv6 Protocol Stacks.


Note For complete syntax and usage information for the commands used in this chapter, see the Cisco IOS documentation referenced in the procedures


Understanding IPv6

The primary reason for using IPv6 is to increase Internet global address space to accommodate the rapidly increasing number of users and applications that require unique global IP addresses. IPv4 uses 32-bit addresses to provide approximately 4 billion available addresses. Large blocks of these addresses are allocated to government agencies and large organizations, and the number of available IP addresses is rapidly decreasing. IPv6 incorporates 128-bit source and destination addresses and can provide significantly more globally unique IP addresses than IPv4.

IPv4 users can move to IPv6 and receive services such as end-to-end security, quality of service (QoS), and globally unique addresses. The IPv6 address space reduces the need for private addresses and Network Address Translation (NAT) processing by border routers at network edges.

For information about how Cisco Systems implements IPv6, go to this URL:

http://www.cisco.com/en/US/products/ps6553/products_ios_technology_home.html

For information about IPv6 and other features in this chapter

  • See the Cisco IOS IPv6 Configuration Guide at this URL:

http://www.cisco.com/en/US/docs/ios-xml/ios/ipv6/configuration/12-4t/ipv6-12-4t-book.html

  • Use the Search field on Cisco.com to locate Cisco IOS software documentation. For example, if you want information about static routes, you can enter Implementing Static Routes for IPv6 in the search field to get see links to multiple documents about static routes

This section describes IPv6 implementation on the switch. It includes the following topics:

IPv6 Addresses

IPv6 Addresses

The ME 3600 and ME 3800 switches support only IPv6 unicast addresses. It does not support local-site unicast addresses, anycast addresses, or multicast addresses.

The IPv6 128-bit addresses are represented as a series of eight 16-bit hexadecimal fields separated by colons in the format: n:n:n:n:n:n:n:n. This is an example of an IPv6 address:

2031:0000:130F:0000:0000:09C0:080F:130B

For easier implementation, leading zeros in each field are optional. This is an example of the same address without leading zeros:

2031:0:130F:0:0:9C0:80F:130B

You can also use two colons (::) to represent successive hexadecimal fields of zeros, but you can use this short version only once in each address. This is an example:

2031:0:130F::09C0:080F:130B

For more information about IPv6 address formats, address types, and the IPv6 packet header, see the “Implementing IPv6 Addressing and Basic Connectivity” chapter of Cisco IOS IPv6 Configuration Library on Cisco.com.

In the “Information About Implementing Basic Connectivity for IPv6” chapter, these sections apply to the switch:

  • IPv6 Address Formats
  • IPv6 Address Type: Unicast
  • IPv6 Address Output Display
  • Simplified IPv6 Packet Header

Supported IPv6 Unicast Routing Features

Support for the switch includes expanded address capability, header format simplification, improved support for extensions and options, and hardware parsing of the extension header. The switch supports hop-by-hop extension header packets, which are routed or bridged in software.

The ME 3600 and ME 3800 switches provide IPv6 routing capability over 802.1Q trunk ports for static routes, and Open Shortest Path First (OSPF) Version 3 Protocol. It supports up to 16 equal-cost routes and can simultaneously forward IPv4 and IPv6 frames at line rate.

Path MTU Discovery for IPv6 Unicast

The switch supports advertising the system maximum transmission unit (MTU) to IPv6 nodes and path MTU discovery. Path MTU discovery allows a host to dynamically discover and adjust to differences in the MTU size of every link along a given data path. In IPv6, if a link along the path is not large enough to accommodate the packet size, the source of the packet handles the fragmentation. The switch does not support path MTU discovery for multicast packets.

ICMPv6

The Internet Control Message Protocol (ICMP) in IPv6 generates error messages, such as ICMP destination unreachable messages, to report errors during processing and other diagnostic functions. In IPv6, ICMP packets are also used in the neighbor discovery protocol and path MTU discovery.

Neighbor Discovery

The switch supports neighbor discovery protocol (NDP) for IPv6, a protocol running on top of ICMPv6, and static neighbor entries for IPv6 stations that do not support NDP. The IPv6 neighbor discovery process uses ICMP messages and solicited-node multicast addresses to determine the link-layer address of a neighbor on the same network (local link), to verify the reachability of the neighbor, and to keep track of neighboring routers.

The switch supports ICMPv6 redirect for routes with mask lengths less than 64 bits. ICMP redirect is not supported for host routes or for summarized routes with mask lengths greater than 64 bits.

Neighbor discovery throttling ensures that the switch CPU is not unnecessarily burdened while it obtains the next hop forwarding information to route an IPv6 packet. The switch drops any additional IPv6 packets whose next hop is the same neighbor that the switch is actively trying to resolve. This drop avoids further load on the CPU.

Default Router Preference

The switch supports IPv6 default router preference (DRP), an extension in router advertisement messages. DRP improves the ability of a host to select an appropriate router, especially when the host is multi-homed and the routers are on different links. The switch does not support the route information option in RFC 4191.

An IPv6 host maintains a default router list from which it selects a router for traffic to offlink destinations. The selected router for a destination is then cached in the destination cache. NDP for IPv6 specifies that routers that are reachable or probably reachable are preferred over routers whose reachability is unknown or suspect. For reachable or probably reachable routers, NDP can either select the same router every time or cycle through the router list. By using DRP, you can configure an IPv6 host to prefer one router over another, provided both are reachable or probably reachable.

For more information about DRP for IPv6, see the “Implementing IPv6 Addresses and Basic Connectivity” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

IPv6 Stateless Auto-configuration and Duplicate Address Detection

The switch uses stateless autoconfiguration to manage link, subnet, and site addressing changes, such as management of host and mobile IP addresses. A host autonomously configures its own link-local address, and booting nodes send router solicitations to request router advertisements for configuring interfaces.

For more information about autoconfiguration and duplicate address detection, see the “Implementing IPv6 Addressing and Basic Connectivity” chapter of Cisco IOS IPv6 Configuration Library on Cisco.com.

IPv6 Applications

The switch has IPv6 support for the following applications:

• Ping, traceroute, Telnet, TFTP, and FTP

  • Secure Shell (SSH) over an IPv6 transport
  • HTTP server access over IPv6 transport
  • DNS resolver for AAAA record types over IPv4 transport
  • Cisco Discovery Protocol (CDP) support for IPv6 addresses

For more information about managing these applications, see the “Managing Cisco IOS Applications over IPv6” chapter and the “Implementing IPv6 Addressing and Basic Connectivity” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

Dual IPv4 and IPv6 Protocol Stacks

You must use the dual IPv4 and IPv6 template to allocate hardware memory usage to both IPv4 and IPv6 protocols.

Dual IPv4 and IPv6 Support on an Interface shows a router forwarding both IPv4 and IPv6 traffic through the same interface, based on the IP packet and destination addresses.

Figure 36-1 Dual IPv4 and IPv6 Support on an Interface

 

Use the dual IPv4 and IPv6 switch database management (SDM) template to enable IPv6 routing dual stack environments (supporting both IPv4 and IPv6). For more information about the dual IPv4 and IPv6 SDM template, see Configuring SDM Templates

  • If you try to configure IPv6 without first selecting a dual IPv4 and IPv6 template, a warning message appears.
  • In IPv4-only environments, the switch routes IPv4 packets and applies IPv4 QoS and ACLs in hardware. IPv6 packets are not supported.
  • In dual IPv4 and IPv6 environments, the switch routes both IPv4 and IPv6 packets and applies IPv4 QoS in hardware.
  • IPv6 QoS is supported on the ME3600X switch.
  • If you do not use IPv6, do not use the dual stack template because it results in less hardware memory availability for each resource.

For more information about IPv4 and IPv6 protocol stacks, see the “Implementing IPv6 Addressing and Basic Connectivity” chapter of Cisco IOS IPv6 Configuration Library on Cisco.com.

DHCP for IPv6 Address Assignment

DHCPv6 enables DHCP servers to pass configuration parameters, such as IPv6 network addresses, to IPv6 clients. The address assignment feature manages nonduplicate address assignment in the correct prefix based on the network where the host is connected. Assigned addresses can be from one or multiple prefix pools. Additional options, such as default domain and DNS name-server address, can be passed back to the client. Address pools can be assigned for use on a specific interface, on multiple interfaces, or the server can automatically find the appropriate pool.

Beginning with Cisco IOS Release 15.2(2)S, switches running the metro IP access image support these features:

  • DHCPv6 Bulk Lease Query

DHCPv6 bulk-lease query allows a client to request information about DHCPv6 bindings. This functionality adds new query types and allows the bulk transfer of DHCPv6 binding data through TCP. Bulk transfer of DHCPv6 binding data is useful when the relay server switch is rebooted and the relay server has lost all the binding information because after the reboot, the relay server automatically generates a Bulk Lease Query to get the binding information from DHCP server.

  • DHCPv6 Relay Source Configuration

The DHCPv6 server replies to the source address of the DHCP relay agent. Typically, messages from a DHCPv6 relay agent show the source address of the interface from which they are sent. However, in some networks, it may be desirable to configure a more stable address (such as a loopback interface) as the source address for messages from the relay agent. The DHCPv6 Relay Source Configuration feature provides this capability.

For more information and to configure these features, see the Cisco IOS IPv6 Configuration Guide, Release 12.4 .

This document describes only the DHCPv6 address assignment. For more information about configuring the DHCPv6 client, server, or relay agent functions, see the “Implementing DHCP for IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

DHCP for IPv6 Server, Client, and Relay

Beginning with Cisco IOS Release 15.2(2)S, the switch supports IPv6 DHCP in a VRF environment with limited VRF flexibility.

For more information about configuring the DHCPv6 client, server, or relay agent functions, see the “Implementing DHCP for IPv6” chapter in the Cisco IOS IPv6 Configuration Guide on Cisco.com.

Static Routes for IPv6

Static routes are manually configured and define an explicit route between two networking devices. Static routes are useful for smaller networks with only one path to an outside network or to provide security for certain types of traffic in a larger network.

For more information about static routes, see the “Implementing Static Routes for IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

OSPF for IPv6

The switch supports Open Shortest Path First (OSPF) for IPv6, a link-state protocol for IP. For more information, see the “Implementing OSFP for IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

HTTP(S) Over IPv6

The HTTP client sends requests to both IPv4 and IPv6 HTTP servers, which respond to requests from both IPv4 and IPv6 HTTP clients. URLs with literal IPv6 addresses must be specified in hexadecimal using 16-bit values between colons.

The accept socket call chooses an IPv4 or IPv6 address family. The accept socket is either an IPv4 or IPv6 socket. The listening socket waits for both IPv4 and IPv6 signals that indicate a connection. The IPv6 listening socket is bound to an IPv6 wildcard address.

The underlying TCP/IP stack supports a dual-stack environment. HTTP relies on the TCP/IP stack and the sockets for processing network-layer interactions.

Basic network connectivity (ping) must exist between the client and the server hosts before HTTP connections can be made.

For more information, see the “Managing Cisco IOS Applications over IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

BGP over IPv6

The IPv6 address family is used to identify routing sessions for protocols such as BGP that use standard IPv6 address prefixes. Unicast or multicast address prefixes can be specified within the IPv6 address family.


Note Routing information for address family IPv4 unicast is advertised by default when you configure a BGP peer unless you explicitly turn off the advertisement of unicast IPv4 information.


Unsupported IPv6 Unicast Routing Features

  • IPv6 policy-based routing
  • IPv6 virtual private network (VPN) routing and forwarding (VRF) table support
  • IPv6 packets destined to site-local addresses
  • Tunneling protocols, such as IPv4-to-IPv6 or IPv6-to-IPv4
  • The switch as a tunnel endpoint supporting IPv4-to-IPv6 or IPv6-to-IPv4 tunneling protocols

• IPv6 unicast reverse-path forwarding

  • IPv6 general prefixes
  • HSRP for IPv6
  • SNMP and Syslog over IPv6
  • MPLS for IPv6
  • ACL for IPv6
  • BFD for IPv6
  • VRF and VRF-lite for IPv6
  • IPv6 Multicast
  • RIP for IPv6
  • EIGRP IPv6

Configuring IPv6

Default IPv6 Configuration

Table 36-1 shows the default IPv6 configuration.

 

Table 36-1 Default IPv6 Configuration

Feature
Default Setting

SDM template

Default.

IPv6 routing

Disabled globally and on all interfaces.

CEFv6

Disabled (IPv4 CEF is enabled by default).

Note When IPv6 routing is enabled, CEFv6 is automatically enabled.

IPv6 addresses

None configured.

Configuring IPv6 Addressing and Enabling IPv6 Routing

Follow these rules or limitations when configuring IPv6 on the switch:

• Be sure to select a dual IPv4 and IPv6 SDM template.

  • Not all features discussed in this chapter are supported by the switch. See the “Unsupported IPv6 Unicast Routing Features” section.
  • In the ipv6 address interface configuration command, enter the ipv6-address and ipv6-prefix variables with the address specified in hexadecimal using 16-bit values between colons. The prefix-length variable (preceded by a slash [/]) is a decimal value that shows how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address).

To forward IPv6 traffic on an interface, configure a global IPv6 address on that interface. Configuring an IPv6 address on an interface automatically configures a link-local address and activates IPv6 for the interface. The configured interface automatically joins these required multicast groups for that link:

• solicited-node multicast group FF02:0:0:0:0:1:ff00::/104 for each unicast address assigned to the interface (the address for the neighbor discovery process.)

  • all-nodes link-local multicast group FF02::1
  • all-routers link-local multicast group FF02::2

For more information about configuring IPv6 routing, see the “Implementing Addressing and Basic Connectivity for IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com .

Complete these steps in privileged EXEC mode, to assign an IPv6 address to a Layer 3 interface and enable IPv6 routing:

 

Command
Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

sdm prefer dual-ipv4-and-ipv6 { default | routing | vlan }

Select an SDM template that supports IPv4 and IPv6.

  • default —Set the switch to the default template to balance system resources.
  • routing —Set the switch to the routing template to support IPv4 and IPv6 routing, including IPv4 policy-based routing.
  • vlan —Maximize VLAN configuration on the switch with no routing supported in hardware.

Step 3

end

Return to privileged EXEC mode.

Step 4

reload

Reload the operating system.

Step 5

configure terminal

Enter global configuration mode.

Step 6

interface interface-id

Enter interface configuration mode, and specify the Layer 3 interface to configure. The interface can be a physical interface, a switch virtual interface (SVI), or a Layer 3 EtherChannel.

Step 7

no switchport

Remove the interface from Layer 2 configuration mode (if it is a physical interface).

Step 8

ipv6 address ipv6-prefix/prefix length eui-64

or

ipv6 address ipv6-address link-local
or

ipv6 enable

Specify a global IPv6 address with an extended unique identifier (EUI) in the low-order 64 bits of the IPv6 address. Specify only the network prefix; the last 64 bits are automatically computed from the switch MAC address. This enables IPv6 processing on the interface.

Specify a link-local address on the interface to be used instead of the link-local address that is automatically configured when IPv6 is enabled on the interface. This command enables IPv6 processing on the interface.

Automatically configure an IPv6 link-local address on the interface, and enable the interface for IPv6 processing. The link-local address can only be used to communicate with nodes on the same link.

Step 9

exit

Return to global configuration mode.

Step 10

ip routing

Enable IP routing on the switch.

Step 11

ipv6 unicast-routing

Enable forwarding of IPv6 unicast data packets.

Step 12

end

Return to privileged EXEC mode.

Step 13

show ipv6 interface interface-id

Verify your entries.

Step 14

copy running-config startup-config

(Optional) Save your entries in the configuration file.

To remove an IPv6 address from an interface, use the no ipv6 address ipv6-prefix/prefix length eui-64 or no ipv6 address ipv6-address link-local interface configuration command. To remove all manually configured IPv6 addresses from an interface, use the no ipv6 address interface configuration command without arguments. To disable IPv6 processing on an interface that has not been explicitly configured with an IPv6 address, use the no ipv6 enable interface configuration command. To globally disable IPv6 routing, use the no ipv6 unicast-routing global configuration command.

Configuration Examples

This example shows how to enable IPv6 with both a link-local address and a global address based on the IPv6 prefix 2001:0DB8:c18:1::/64. The EUI-64 interface ID is used in the low-order 64 bits of both addresses. Output from the show ipv6 interface EXEC command is included to show how the interface ID (20B:46FF:FE2F:D940) is appended to the link-local prefix FE80::/64 of the interface.

Switch(config)# sdm prefer dual-ipv4-and-ipv6 default
Switch(config)# ipv6 unicast-routing
Switch(config)# interface gigabitethernet0/2
Switch(config-if)# no switchport
Switch(config-if)# ipv6 address 2001:0DB8:c18:1::/64 eui 64
Switch(config-if)# end
Switch# show ipv6 interface gigabitethernet0/11
GigabitEthernet0/2 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::20B:46FF:FE2F:D940
Global unicast address(es):
2001:0DB8:c18:1:20B:46FF:FE2F:D940, subnet is 2001:0DB8:c18:1::/64 [EUI]
Joined group address(es):
FF02::1
FF02::2
FF02::1:FF2F:D940
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds
ND advertised reachable time is 0 milliseconds
ND advertised retransmit interval is 0 milliseconds
ND router advertisements are sent every 200 seconds
ND router advertisements live for 1800 seconds
Hosts use stateless autoconfig for addresses.

Configuring Default Router Preference

Router advertisement messages are sent with the default router preference (DRP) configured by the ipv6 nd router-preference interface configuration command. If no DRP is configured, router advertisements are sent with a medium preference.

A DRP is useful when two routers on a link might provide equivalent, but not equal-cost routing, and policy might dictate that hosts should prefer one of the routers.

Complete these steps in privileged EXEC mode, to configure a DRP for a router on an interface.

 

Command
Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

interface interface-id

Enter interface configuration mode, and enter the Layer 3 interface on which you want to specify the DRP.

Step 3

ipv6 nd router-preference { high | medium | low }

Specify a DRP for the router on the switch interface.

Step 4

end

Return to privileged EXEC mode.

Step 5

show ipv6 interface

Verify the configuration.

Step 6

copy running-config startup-config

(Optional) Save your entries in the configuration file.

Use the no ipv6 nd router-preference interface configuration command to disable an IPv6 DRP.

This example shows how to configure a DRP of high for the router on an interface.

Switch# configure terminal
Switch(config)# interface gigabitethernet0/1
Switch(config-if)# ipv6 nd router-preference high
Switch(config-if)# end
 

For more information about configuring DRP for IPv6, see the “Implementing IPv6 Addresses and Basic Connectivity” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

Configuring IPv4 and IPv6 Protocol Stacks

Before configuring IPv6 routing, you must select an SDM template that supports IPv4 and IPv6. If not already configured, use the sdm prefer dual-ipv4-and-ipv6 { default | routing | vlan} global configuration command to configure a template that supports IPv6. When you select a new template, you must reload the switch by using the reload privileged EXEC command so that the template takes effect.

Complete these steps in privileged EXEC mode, to configure a Layer 3 interface to support both IPv4 and IPv6 and to enable IPv6 routing.

 

Command
Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

sdm prefer dual-ipv4-and-ipv6 { default | routing | vlan }

Select an SDM template that supports IPv4 and IPv6.

  • default —Set the switch to the default template to balance system resources.
  • routing —Set the switch to the routing template to support IPv4 and IPv6 routing, including IPv4 policy-based routing.
  • vlan —Maximize VLAN configuration on the switch with no routing supported in hardware.

Step 3

end

Return to privileged EXEC mode.

Step 4

reload

Reload the operating system.

Step 5

configure terminal

Enter global configuration mode.

Step 6

ip routing

Enable IPv4 routing on the switch.

Step 7

ipv6 unicast-routing

Enable forwarding of IPv6 data packets on the switch.

Step 8

interface interface-id

Enter interface configuration mode, and specify the Layer 3 interface to configure.

Step 9

no switchport

Remove the interface from Layer 2 configuration mode (if it is a physical interface).

Step 10

ip address ip-address mask [ secondary ]

Specify a primary or secondary IPv4 address for the interface.

Step 11

ipv6 address ipv6-prefix/prefix length eui-64

or

ipv6 address ipv6-address link-local

or

ipv6 enable

Specify a global IPv6 address. Specify only the network prefix; the last 64 bits are automatically computed from the switch MAC address.

Specify a link-local address on the interface to be used instead of the automatically configured link-local address when IPv6 is enabled on the interface.

Automatically configure an IPv6 link-local address on the interface, and enable the interface for IPv6 processing. The link-local address can only be used to communicate with nodes on the same link.

Step 12

end

Return to privileged EXEC mode.

Step 13

show interface interface-id

show ip interface interface-id

show ipv6 interface interface-id

Verify your entries.

Step 14

copy running-config startup-config

(Optional) Save your entries in the configuration file.

To disable IPv4 routing, use the no ip routing global configuration command. To disable IPv6 routing, use the no ipv6 unicast-routing global configuration command. To remove an IPv4 address from an interface, use the no ip address ip-address mask interface configuration command. To remove an IPv6 address from an interface, use the no ipv6 address ipv6-prefix/prefix length eui-64 or no ipv6 address ipv6-address link-local interface configuration command. To remove all manually configured IPv6 addresses from an interface, use the no ipv6 address interface configuration command without arguments. To disable IPv6 processing on an interface that has not been explicitly configured with an IPv6 address, use the no ipv6 enable interface configuration command.

This example shows how to enable IPv4 and IPv6 routing on an interface.

Switch(config)# sdm prefer dual-ipv4-and-ipv6 default
Switch(config)# ip routing
Switch(config)# ipv6 unicast-routing
Switch(config)# interface gigabitethernet0/2
Switch(config-if)# no switchport
Switch(config-if)# ip address 192.168.99.1 244.244.244.0
Switch(config-if)# ipv6 address 2001:0DB8:c18:1::/64 eui 64
Switch(config-if)# end

Default DHCPv6 Address Assignment Configuration

By default, no Dynamic Host Configuration Protocol for IPv6 (DHCPv6) features are configured on the switch.

DHCPv6 Address Assignment Configuration Guidelines

When configuring a DHCPv6 address assignment, consider these guidelines:

  • In the procedures, the specified interface must be one of these Layer 3 interfaces:

DHCPv6 IPv6 routing must be enabled on a Layer 3 interface.

SVI: a VLAN interface created by using the interface vlan vlan_id command.

EtherChannel port channel in Layer 3 mode: a port-channel logical interface created by using the interface port-channel port-channel-number command.

  • Before configuring DHCPv6, you must select a Switch Database Management (SDM) template that supports IPv4 and IPv6.
  • The switch can act as a DHCPv6 client, server, or relay agent. The DHCPv6 client, server, and relay function are mutually exclusive on an interface.

Enabling the DHCPv6 Server Address-Assignment

Beginning in privileged EXEC mode, follow these steps to enable the DHCPv6 server function on an interface.

 

Command
Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

ipv6 dhcp pool poolname

Enter DHCP pool configuration mode, and define the name for the IPv6 DHCP pool. The pool name can be a symbolic string (such as Engineering) or an integer (such as 0).

Step 3

address prefix IPv6-prefix lifetime {t1 t1 | infinite }

(Optional) Specify an address prefix for address assignment.

This address must be in hexadecimal, using 16-bit values between colons.

lifetime t1 t1 —Specify a time interval (in seconds) that an IPv6 address prefix remains in the valid state. The range is 5 to 4294967295 seconds. Specify infinite for no time interval.

Step 4

link-address IPv6-prefix

(Optional) Specify a link-address IPv6 prefix.

When an address on the incoming interface or a link-address in the packet matches the specified IPv6 prefix, the server uses the configuration information pool.

This address must be in hexadecimal, using 16-bit values between colons.

Step 5

vendor-specific vendor-id

(Optional) Enter vendor-specific configuration mode, and enter a vendor-specific identification number. This number is the vendor IANA Private Enterprise Number. The range is 1 to 4294967295.

Step 6

suboption number { address IPv6-address | ascii ASCII-string | hex hex-string}

(Optional) Enter a vendor-specific suboption number. The range is 1 to 65535. Enter an IPv6 address, ASCII text, or a hex string as defined by the suboption parameters.

Step 7

exit

Return to DHCP pool configuration mode.

Step 8

exit

Return to global configuration mode.

Step 9

interface interface-id

Enter interface configuration mode, and specify the interface to configure.

Step 10

ipv6 dhcp server [ poolname | automatic ] [ rapid-commit ] [ preference value] [ allow-hint ]

Enable the DHCPv6 server function on an interface.

  • poolname —(Optional) User-defined name for the IPv6 DHCP pool. The pool name can be a symbolic string (such as Engineering) or an integer (such as 0).
  • automatic —(Optional) Enables the system to automatically determine which pool to use when allocating addresses for a client.
  • rapid-commit —(Optional) Allow two-message exchange method.
  • preference value —(Optional) The preference value carried in the preference option in the advertise message sent by the server. The range is from 0 to 255. The preference value default is 0.
  • allow-hint —(Optional) Specifies whether the server should consider client suggestions in the SOLICIT message. By default, the server ignores client hints.

Step 11

end

Return to privileged EXEC mode.

Step 12

show ipv6 dhcp pool

or

show ipv6 dhcp interface

Verify DHCPv6 pool configuration.

Verify that the DHCPv6 server function is enabled on an interface.

Step 13

copy running-config startup-config

(Optional) Save your entries in the configuration file.

To delete a DHCPv6 pool, use the no ipv6 dhcp pool poolname global configuration command. Use the no form of the DHCP pool configuration mode commands to change the DHCPv6 pool characteristics. To disable the DHCPv6 server function on an interface, use the no ipv6 dhcp server interface configuration command.

This example shows how to configure a pool called engineering with an IPv6 address prefix:

Switch# configure terminal
Switch(config)# ipv6 dhcp pool engineering
Switch(config-dhcpv6)#address prefix 2001:1000::0/64
Switch(config-dhcpv6)# end
 

This example shows how to configure a pool called testgroup with three link-addresses and an IPv6 address prefix:

Switch# configure terminal
Switch(config)# ipv6 dhcp pool testgroup
Switch(config-dhcpv6)# link-address 2001:1001::0/64
Switch(config-dhcpv6)# link-address 2001:1002::0/64
Switch(config-dhcpv6)# link-address 2001:2000::0/48
Switch(config-dhcpv6)# address prefix 2001:1003::0/64
Switch(config-dhcpv6)# end
 

This example shows how to configure a pool called 350 with vendor-specific options:

Switch# configure terminal
Switch(config)# ipv6 dhcp pool 350
Switch(config-dhcpv6)# address prefix 2001:1005::0/48
Switch(config-dhcpv6)# vendor-specific 9
Switch(config-dhcpv6-vs)# suboption 1 address 1000:235D::1
Switch(config-dhcpv6-vs)# suboption 2 ascii "IP-Phone"
Switch(config-dhcpv6-vs)# end

Enabling the DHCPv6 Client Address Assignment

Beginning in privileged EXEC mode, follow these steps to enable the DHCPv6 client function on an interface.

 

Command
Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

interface interface-id

Enter interface configuration mode, and specify the interface to configure.

Step 3

ipv6 address dhcp [ rapid-commit ]

Enable the interface to acquire an IPv6 address from the DHCPv6 server.

rapid-commit—(Optional) Allow two-message exchange method for address assignment.

Step 4

ipv6 dhcp client request [ vendor-specific ]

(Optional) Enable the interface to request the vendor-specific option.

Step 5

end

Return to privileged EXEC mode.

Step 6

show ipv6 dhcp interface

Verify that the DHCPv6 client is enabled on an interface.

To disable the DHCPv6 client function, use the no ipv6 address dhcp interface configuration command. To remove the DHCPv6 client request, use the no ipv6 address dhcp client request interface configuration command.

This example shows how to acquire an IPv6 address and to enable the rapid-commit option:

Switch(config)# interface gigabitethernet0/1
Switch(config-if)# ipv6 address dhcp rapid-commit
 

This document describes only the DHCPv6 address assignment. For more information about configuring the DHCPv6 client, server, or relay agent functions, see the “Implementing DHCP for IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

Configuring DHCP Client, Server and Relay Functions

For more information about configuring the DHCPv6 client, server, and relay agent functions, see the “Implementing DHCP for IPv6” chapter in the Cisco IOS IPv6 Configuration Guide on Cisco.com.

http://www.cisco.com/en/US/docs/ios-xml/ios/ipv6/configuration/12-4t/ip6-dhcp.html

Configuring IPv6 ICMP Rate Limiting

ICMP rate limiting is enabled by default with a default interval between error messages of 100 milliseconds and a bucket size (maximum number of tokens to be stored in a bucket) of 10.

Complete these steps in privileged EXEC mode, to change the ICMP rate-limiting parameters:

 

Command
Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

ipv6 icmp error-interval interval [ bucketsize ]

Configure the interval and bucket size for IPv6 ICMP error messages:

  • interval— The interval (in milliseconds) between tokens being added to the bucket. The range is from 0 to 2147483647 milliseconds.
  • bucketsize —(Optional) The maximum number of tokens stored in the bucket. The range is from 1 to 200.

Step 3

end

Return to privileged EXEC mode.

Step 4

show ipv6 interface [ interface-id ]

Verify your entries.

Step 5

copy running-config startup-config

(Optional) Save your entries in the configuration file.

To return to the default configuration, use the no ipv6 icmp error-interval global configuration command.

This example shows how to configure an IPv6 ICMP error message interval of 50 milliseconds and a bucket size of 20 tokens.

Switch(config)#ipv6 icmp error-interval 50 20

Configuring CEF for IPv6

Cisco Express Forwarding (CEF) is a Layer 3 IP switching technology, allowing more CPU processing power to be dedicated to packet forwarding. IPv4 CEF is enabled by default. IPv6 CEF is disabled by default, but automatically enabled when you configure IPv6 routing.

To route IPv6 unicast packets, first globally configure forwarding of IPv6 unicast packets by using the ipv6 unicast-routing global configuration command. You must also configure an IPv6 address and IPv6 processing on an interface by using the ipv6 address interface configuration command.

To disable IPv6 CEF, use the no ipv6 cef global configuration command. To reenable IPv6 CEF, use the ipv6 cef global configuration command. You can verify the IPv6 state by using the show ipv6 cef privileged EXEC command.

For more information about configuring CEF, see the “Implementing IPv6 Addressing and Basic Connectivity” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

Configuring Static Routing for IPv6

Before configuring a static IPv6 route, you must:

  • Enable routing by using the ip routing global configuration command.
  • Enable the forwarding of IPv6 packets by using the ipv6 unicast-routing global configuration command.
  • Enable IPv6 on at least one Layer 3 interface by configuring an IPv6 address on the interface.

Complete these steps in privileged EXEC mode, to configure an IPv6 static route:

 

Command
Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

ipv6 route ipv6-prefix/prefix length { ipv6-address | interface-id [ ipv6-address ]} [ administrative distance ]

Configure a static IPv6 route.

  • ipv6-prefix— The IPv6 network that is the destination of the static route. It can also be a hostname when static host routes are configured.
  • /prefix length— The length of the IPv6 prefix. A decimal value that shows how many of the high-order contiguous bits comprise the prefix (the network portion of the address). A slash mark must precede the decimal value.
  • ipv6-address The IPv6 address of the next hop that can be used to reach the specified network. The next hop does not need to be directly connected; recursion finds the IPv6 address of the directly connected next hop. The address must be specified in hexadecimal using 16-bit values between colons.
  • interface-id —Specify direct static routes from point-to-point and broadcast interfaces. On point-to-point interfaces, you do not need to specify the IPv6 address of the next hop. On broadcast interfaces, you should always specify the IPv6 address of the next hop, or ensure that the specified prefix is assigned to the link, specifying a link-local address as the next hop. You can optionally specify the IPv6 address of the next hop to which packets are sent.
Note You must specify an interface ID when using a link-local address as the next hop. The link-local next hop must be an adjacent router.

  • administrative distance— (Optional) An administrative distance. The range is 1 to 254; the default value is 1, which gives static routes precedence over all but connected routes. To configure a floating static route, use an administrative distance greater than that of the dynamic routing protocol.

Step 3

end

Return to privileged EXEC mode.

Step 4

show ipv6 static [ ipv6-address | ipv6-prefix/prefix length ] [ interface interface-id ] [ recursive ] [ detail ]

or

show ipv6 route static [ updated ]

Verify your entries by displaying the IPv6 routing table.

  • interface interface-id— (Optional) Display only those static routes with the specified interface as an egress interface.
  • recursive—(Optional) Display only recursive static routes. The recursive keyword is mutually exclusive with the interface keyword, but it can be used with or without the IPv6 prefix in the command syntax.
  • detail—(Optional) Display this additional information:

For valid recursive routes, the output path set, and maximum resolution depth.

For invalid routes, the reason why the route is not valid.

Step 5

copy running-config startup-config

(Optional) Save your entries in the configuration file.

To remove a configured static route, use the no ipv6 route ipv6-prefix/prefix length { ipv6-address | interface-id [ ipv6-address ]} [ administrative distance ] global configuration command.

This example shows how to configure a floating static route to an interface. The route has an administrative distance of 130:

Switch(config)# ipv6 route 2001:0DB8::/32 gigabitethernet0/1 130
 

For more information about configuring static IPv6 routing, see the “Implementing Static Routes for IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

Configuring OSPF for IPv6

You can customize OSPF for IPv6 for your network. However, the defaults are set to meet the requirements of most customers and features.

Follow these guidelines:

  • Be careful when changing the defaults for IPv6 commands. Doing so might adversely affect OSPF for the IPv6 network.
  • Before you enable IPv6 OSPF on an interface, you must:

Enable routing by using the ip routing global configuration command.

Enable the forwarding of IPv6 packets by using the ipv6 unicast-routing global configuration command.

Enable IPv6 on Layer 3 interfaces on which you are enabling IPv6 OSPF.

Complete these required and optional steps in privileged EXEC mode, to configure IPv6 OSPF:

 

Command
Purpose

Step 1

configure terminal

Enters global configuration mode.

Step 2

ipv6 router ospf process-id

Enable OSPF router configuration mode for the process. The process ID is the number assigned administratively when enabling the OSPF for IPv6 routing process. It is locally assigned and can be a positive integer from 1 to 65535.

Step 3

area area-id range { ipv6-prefix/prefix length } [ advertise | not-advertise ] [ cost cost ]

(Optional) Consolidate and summarize routes at an area boundary.

  • area-id— Identifier of the area about which routes are to be summarized. It can be specified as either a decimal value or as an IPv6 prefix.
  • ipv6-prefix/prefix length The destination IPv6 network and a decimal value that shows how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address). A slash mark (/) must precede the decimal value.
  • advertise —(Optional) Set the address range status to advertise and to generate a Type 3 summary link-state advertisement (LSA).
  • not-advertise —(Optional) Set the address range status to DoNotAdvertise. The Type 3 summary LSA is suppressed, and component networks remain hidden from other networks.
  • cost cost —(Optional) Metric or cost for this summary route, which is used during OSPF SPF calculation to determine the shortest paths to the destination. The value can be 0 to 16777215.

Step 4

maximum paths number-paths

(Optional) Define the maximum number of equal-cost routes to the same destination that IPv6 OSPF should enter in the routing table. The range is from 1 to 64, and the default is 16 paths.

Step 5

exit

Return to global configuration mode.

Step 6

interface interface-id

Enter interface configuration mode, and specify the Layer 3 interface to configure.

Step 7

ipv6 ospf process-id area area-id [ instance instance-id ]

Enable OSPF for IPv6 on the interface.

  • instance instance-id— (Optional) Instance identifier.

Step 8

end

Return to privileged EXEC mode.

Step 9

show ipv6 ospf [ process-id ] [ area-id ] interface [ interface-id ]

or

show ipv6 ospf [ process-id ] [ area-id ]

Display information about OSPF interfaces.


 

Display general information about OSPF routing processes.

Step 10

copy running-config startup-config

(Optional) Save your entries in the configuration file.

To disable an OSPF routing process, use the no ipv6 router ospf process-id global configuration command. To disable the OSPF routing process for an interface, use the no ipv6 ospf process-id area area-id interface configuration command.

For more information about configuring OSPF routing for IPv6, see the “Implementing OSPF for IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

Configuring IS-IS for IPv6

Integrated Intermediate System-to-Intermediate System (IS-IS) for IPV6 is an Interior Gateway Protocol (IGP) that advertises link-state information throughout the network to create a picture of the network topology. IS-IS is an Open Systems Interconnection (OSI) hierarchical routing protocol that designates an intermediate system as a Level 1 or Level 2 device. Level 2 devices route between Level 1 areas to create an intradomain routing backbone. Integrated IS-IS uses a single routing algorithm to support several network address families, such as IPv6, Ipv4, and OSI.

For information on configuration procedures, see the “Implementing IS-IS for IPv6” at the following link http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-is-is.html

Displaying IPv6

For complete syntax and usage information on these commands, see the Cisco IOS command reference publications.

 

Table 36-2 Commands for Monitoring IPv6

Command
Purpose

show ipv6 access-list

Display IPv6 access lists.

show ipv6 cef

Display Cisco Express Forwarding for IPv6.

show ipv6 interface interface-id

Display IPv6 interface status and configuration.

show ipv6 mtu

Display IPv6 MTU per destination cache.

show ipv6 neighbors

Display IPv6 neighbor cache entries.

show ipv6 ospf

Display IPv6 OSPF information.

show ipv6 prefix-list

Display IPv6 prefix lists.

show ipv6 protocols

Display IPv6 routing protocols on the switch.

show ipv6 route

Display IPv6 route table entries.

show ipv6 routers

Display local IPv6 routers.

show ipv6 static

Display IPv6 static routes.

show ipv6 traffic

Display IPv6 traffic statistics.

 

Table 36-3 Commands for Displaying IPv4 and IPv6 Address Types

Command
Purpose

show ip http server history

Display the previous 20 connections to the HTTP server, including the IP address accessed and the time when the connection was closed.

show ip http server connection

Display the current connections to the HTTP server, including the local and remote IP addresses being accessed.

show ip http client connection

Display the configuration values for HTTP client connections to HTTP servers.

show ip http client history

Display a list of the last 20 requests made by the HTTP client to the server.

Configuration Example

This is sample output from the show ipv6 interface privileged EXEC command:

Switch# show ipv6 interface
Vlan1 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::20B:46FF:FE2F:D940
Global unicast address(es):
3FFE:C000:0:1:20B:46FF:FE2F:D940, subnet is 3FFE:C000:0:1::/64 [EUI]
Joined group address(es):
FF02::1
FF02::2
FF02::1:FF2F:D940
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds
ND advertised reachable time is 0 milliseconds
ND advertised retransmit interval is 0 milliseconds
ND router advertisements are sent every 200 seconds
ND router advertisements live for 1800 seconds
<output truncated>
 

This is an example of the output from the show ipv6 cef privileged EXEC command:

Switch# show ipv6 cef
::/0
nexthop 3FFE:C000:0:7::777 Vlan7
3FFE:C000:0:1::/64
attached to Vlan1
3FFE:C000:0:1:20B:46FF:FE2F:D940/128
receive
3FFE:C000:0:7::/64
attached to Vlan7
3FFE:C000:0:7::777/128
attached to Vlan7
3FFE:C000:0:7:20B:46FF:FE2F:D97F/128
receive
3FFE:C000:111:1::/64
attached to GigabitEthernet0/11
3FFE:C000:111:1:20B:46FF:FE2F:D945/128
receive
3FFE:C000:168:1::/64
attached to GigabitEthernet0/43
3FFE:C000:168:1:20B:46FF:FE2F:D94B/128
receive
3FFE:C000:16A:1::/64
attached to Loopback10
3FFE:C000:16A:1:20B:46FF:FE2F:D900/128
receive
 
<output truncated>
 

This is an example of the output from the show ipv6 protocols privileged EXEC command:

Switch# show ipv6 protocols
IPv6 Routing Protocol is “connected”
IPv6 Routing Protocol is “static”
IPv6 Routing Protocol is “rip fer”
Interfaces:
Vlan6
GigabitEthernet0/4
GigabitEthernet0/11
GigabitEthernet0/12
Redistribution:
None
 

This is an example of the output from the show ipv6 neighbor privileged EXEC command:

Switch# show ipv6 neighbors
IPv6 Address Age Link-layer Addr State Interface
3FFE:C000:0:7::777 - 0007.0007.0007 REACH Vl7
3FFE:C101:113:1::33 - 0000.0000.0033 REACH Gi0/13
 

This is an example of the output from the show ipv6 static privileged EXEC command:

Switch# show ipv6 static
IPv6 Static routes
Code: * - installed in RIB
* ::/0 via nexthop 3FFE:C000:0:7::777, distance 1
 

This is an example of the output from the show ipv6 route privileged EXEC command:

Switch# show ipv6 route
IPv6 Routing Table - 21 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
S ::/0 [1/0]
via 3FFE:C000:0:7::777
C 3FFE:C000:0:1::/64 [0/0]
via ::, Vlan1
L 3FFE:C000:0:1:20B:46FF:FE2F:D940/128 [0/0]
via ::, Vlan1
C 3FFE:C000:0:7::/64 [0/0]
via ::, Vlan7
L 3FFE:C000:0:7:20B:46FF:FE2F:D97F/128 [0/0]
via ::, Vlan7
C 3FFE:C000:111:1::/64 [0/0]
via ::, GigabitEthernet0/11
L 3FFE:C000:111:1:20B:46FF:FE2F:D945/128 [0/0]
C 3FFE:C000:168:1::/64 [0/0]
via ::, GigabitEthernet0/4
L 3FFE:C000:168:1:20B:46FF:FE2F:D94B/128 [0/0]
via ::, GigabitEthernet0/4
C 3FFE:C000:16A:1::/64 [0/0]
via ::, Loopback10
L 3FFE:C000:16A:1:20B:46FF:FE2F:D900/128 [0/0]
via ::, Loopback10
 
<output truncated>
 

This is an example of the output from the show ipv6 traffic privileged EXEC command.

Switch# show ipv6 traffic
IPv6 statistics:
Rcvd: 1 total, 1 local destination
0 source-routed, 0 truncated
0 format errors, 0 hop count exceeded
0 bad header, 0 unknown option, 0 bad source
0 unknown protocol, 0 not a router
0 fragments, 0 total reassembled
0 reassembly timeouts, 0 reassembly failures
Sent: 36861 generated, 0 forwarded
0 fragmented into 0 fragments, 0 failed
0 encapsulation failed, 0 no route, 0 too big
0 RPF drops, 0 RPF suppressed drops
Mcast: 1 received, 36861 sent
 
ICMP statistics:
Rcvd: 1 input, 0 checksum errors, 0 too short
0 unknown info type, 0 unknown error type
unreach: 0 routing, 0 admin, 0 neighbor, 0 address, 0 port
parameter: 0 error, 0 header, 0 option
0 hopcount expired, 0 reassembly timeout,0 too big
0 echo request, 0 echo reply
0 group query, 0 group report, 0 group reduce
1 router solicit, 0 router advert, 0 redirects
0 neighbor solicit, 0 neighbor advert
Sent: 10112 output, 0 rate-limited
unreach: 0 routing, 0 admin, 0 neighbor, 0 address, 0 port
parameter: 0 error, 0 header, 0 option
0 hopcount expired, 0 reassembly timeout,0 too big
0 echo request, 0 echo reply
0 group query, 0 group report, 0 group reduce
0 router solicit, 9944 router advert, 0 redirects
84 neighbor solicit, 84 neighbor advert
 
UDP statistics:
Rcvd: 0 input, 0 checksum errors, 0 length errors
0 no port, 0 dropped
Sent: 26749 output
 
TCP statistics:
Rcvd: 0 input, 0 checksum errors
Sent: 0 output, 0 retransmitted