Table of Contents

Enabling IPv6 Processing Globally on the Router
Configuring IPv6 Addresses
Verifying IPv6 Operation and Address Configuration
IPv6 Routing and IPv6 Address Configuration Example

Enabling CEFv6 or dCEFv6
Configuring Network Accounting for CEFv6 and dCEFv6
Verifying the CEFv6 and dCEFv6 Configuration
CEFv6 and dCEFv6 Configuration Examples

Configuring the Rate Limiting Interval and Token Bucket
Verifying IPv6 ICMP Rate Limiting Configuration
IPv6 ICMP Rate Limiting Configuration Example

Configuring a Static Cache Entry
Verifying the Static Cache Entry Configuration
Static Cache Entry for IPv6 Neighbor Discovery Configuration Example

Configuring Duplicate Address Detection Neighbor Solicitation Messages
Verifying the Duplicate Address Detection Neighbor Solicitation Messages Configuration
IPv6 Duplicate Address Detection Configuration Example

IPv6 Redirect Messages Configuration Example

Assigning Host Names to IPv6 Addresses
Specifying a Default Domain Name
Specifying a Name Server
Enabling the DNS
Verifying the Host Name-to-Address Mappings Configuration
Host Name-to-Address Mappings Configuration Example

Mapping an IPv6 Address to an ATM PVC
Mapping an IPv6 Address to a Frame Relay PVC
Verifying the IPv6 Address to ATM and Frame Relay PVC Mapping
IPv6 Address to ATM and Frame Relay PVC Mapping Configuration Examples

IPv6 ATM PVC Mapping Configuration Example—Point-to-Point Interface
IPv6 ATM PVC Mapping Configuration Example—Point-to-Multipoint Interface
IPv6 Frame Relay PVC Mapping Configuration Example—Point-to-Point Interface
IPv6 Frame Relay PVC Mapping Configuration Example—Point-to-Multipoint Interface

Creating and Applying an IPv6 ACL
Verifying the IPv6 ACL Configuration
IPv6 ACL Configuration Examples

Enabling IPv6 RIP
Customizing IPv6 RIP
Originating a Default IPv6 Route into an IPv6 RIP Routing Process
Setting Route Tags and Redistributing Routes into an IPv6 RIP Routing Process
Filtering IPv6 RIP Routing Updates
Verifying IPv6 RIP Configuration and Operation
IPv6 RIP Configuration Example

Configuring IS-IS
Assigning an IPv6 IS-IS Routing Process to an Interface
Configuring Administrative Distance for IPv6 IS-IS
Configuring the Maximum Number of Parallel Routes for IPv6 IS-IS
Configuring Summary Prefixes for IPv6 IS-IS
Disabling IPv6 Protocol-Support Consistency Checks
Originating a Default IPv6 Route
Redistributing Routes into an IPv6 IS-IS Routing Process
Redistributing IPv6 IS-IS Routes Between IS-IS Levels
Verifying IPv6 IS-IS
IPv6 IS-IS Configuration Examples

IS-IS Interface Configuration Example
IPv6 IS-IS Interface Configuration Example
IPv6 IS-IS Administrative Distance Configuration Example
IPv6 IS-IS Maximum Parallel Routes Configuration Example
IPv6 IS-IS Summary Prefix Configuration Example
Disabling IPv6 Protocol-Support Consistency Checks Configuration Example
IPv6 IS-IS Default Route Origination Configuration Example
Redistributing IPv6 Routes Example
Redistributing IPv6 Routes Between IS-IS Levels Example

Configuring an IPv6 BGP Routing Process
Configuring an IPv6 Multiprotocol BGP Peer
Configuring an IPv6 Multiprotocol BGP Peer Using a Link-Local Address
Configuring an IPv6 Multiprotocol BGP Peer Group
Advertising Routes into IPv6 Multiprotocol BGP
Configuring Route Maps for IPv6 Multiprotocol BGP Prefixes
Redistributing Prefixes into IPv6 Multiprotocol BGP
Configuring a BGP Router ID
Verifying IPv6 Multiprotocol BGP Configuration
IPv6 Multiprotocol BGP Configuration Examples

IPv6 Multiprotocol BGP Peer Example
IPv6 Multiprotocol BGP Peer Using Link-Local Addresses Example
IPv6 Multiprotocol BGP Peer Group Example
IPv6 Multiprotocol BGP Network Advertisement Example
IPv6 Multiprotocol BGP Route Map Example
IPv6 Multiprotocol BGP Route Redistribution Example

Configuring IPv4 and IPv6 Protocol Stacks
Configuring IPv6 Overlay Tunnels

Configuring a Manual IPv6 Tunnel
Configuring an Automatic IPv6 Tunnel
Configuring a 6to4 Tunnel

Verifying Dual Protocol Stack and IPv6 Overlay Tunnel Configuration
Dual Protocol Stack and IPv6 Overlay Tunnel Configuration Examples

Dual Protocol Stack Configuration Example
Manually Configured IPv6 Tunnel Configuration Example
Automatic IPv6 Tunnel Configuration Example
6to4 Tunnel Configuration Example

Specifying the Source Address Interface on a 6PE Router
Binding and Advertising the 6PE Label
Verifying 6PE Configuration

6PE Configuration Examples

IPv6 for Cisco IOS Software,
File 2 of 3: Configuring

This document provides configuration tasks for the Cisco implementation of IP version 6 (IPv6) in the Cisco IOS software and includes the following sections:

Documentation Specifics

IPv6 features are supported only in the 12.0 ST, 12.0 S, and 12.2 T Cisco IOS software release trains, starting at Cisco IOS Release 12.0(21)ST, 12.0(22)S, and 12.2(2)T, respectively. The 12.0 ST Cisco IOS software release train was merged with the 12.0 S Cisco IOS software release train starting at Cisco IOS Release 12.0(22)S; therefore, subsequent releases of only the 12.0 S and 12.2 T Cisco IOS software release trains support additional IPv6 features. This document, along with the following IPv6 for Cisco IOS Software feature documentation is updated with information about additional IPv6 features at each subsequent release of the applicable Cisco IOS software release trains:

The other IPv6 for Cisco IOS Software feature documentation provides IPv6 overview, configuration, and command reference information for IPv6 features in each release of the 12.0 ST, 12.0 S, and 12.2 T Cisco IOS software trains.

Enabling IPv6 Routing and Configuring IPv6 Addressing

By default, IPv6 routing is disabled in the Cisco IOS software. To enable IPv6 routing, you must first enable the forwarding of IPv6 traffic globally on the router and then you must assign IPv6 addresses to individual interfaces in the router.

The tasks described in the following sections explain how to enable IPv6 routing on a Cisco router. Each task in the list is identified as either required or optional:

See the "IPv6 Routing and IPv6 Address Configuration Example" section for a configuration example.

Enabling IPv6 Processing Globally on the Router

To enable the forwarding of IPv6 traffic globally on the router, use the following command in global configuration mode:

Configuring IPv6 Addresses

An IPv6 address must be configured on an interface for the interface to forward IPv6 traffic. Configuring a site-local or global IPv6 address on an interface automatically configures a link-local address and activates IPv6 for that interface. Additionally, the configured interface automatically joins the following required multicast groups for that link:

---

Note    The solicited-node multicast address is used in the neighbor discovery process.

---

To configure an IPv6 address on an interface, use the following commands beginning in global configuration mode:

Note   The ipv6-address argument in the ipv6 address command must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons. The ipv6-prefix argument in the ipv6 address command must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons. The /prefix-length argument in the ipv6 address command is a decimal value that indicates how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address) A slash mark must precede the decimal value.

Note   In Cisco IOS Release 12.2(4)T or later releases, Cisco IOS Release 12.0(21)ST, and Cisco IOS Release 12.0(22)S or later releases, the ipv6 address or ipv6 address eui-64 command can be used to configure multiple IPv6 global and site-local addresses within the same prefix on an interface. Multiple IPv6 link-local addresses on an interface are not supported. Prior to Cisco IOS Releases 12.2(4)T, 12.0(21)ST, and 12.0(22)S, the Cisco IOS command-line interface (CLI) displays the following error message when multiple IPv6 addresses within the same prefix on an interface are configured: Prefix <prefix-number> already assigned to <interface-type> See the "IPv6 Routing and IPv6 Address Configuration Example"section for a configuration example of multiple IPv6 global and site-local addresses within the same prefix on an interface.

Verifying IPv6 Operation and Address Configuration

To verify that IPv6 processing of packets is enabled globally on the router and on applicable interfaces, and that an IPv6 address is configured on applicable interfaces, enter the show running-config EXEC command:

Note   Display text was omitted from the example.

To verify that IPv6 addresses are configured correctly, enter the show ipv6 interface EXEC command. The following example shows the IPv6 addresses configured for Ethernet interface 0:

Note   For a description of each output display field, refer to the show ipv6 interface command in the IPv6 for Cisco IOS Software, File 3 of 3: Commands document.

IPv6 Routing and IPv6 Address Configuration Example

In the following example, IPv6 is enabled on the router with both a link-local address and a global address based on the IPv6 prefix 3ffe:c00:c18:1::/64. The EUI-64 interface ID is used in the low-order 64 bits of both addresses. Output from the show ipv6 interface EXEC command is included to show how the interface ID (260:3EFF:FE47:1530) is appended to the link-local prefix FE80::/64 of Ethernet interface 0.

In the following example, multiple IPv6 global addresses within the prefix 3000::/64 are configured on Ethernet interface 0:

Note   All site-local addresses must be within the same site.

Configuring CEF and Distributed CEF Switching for IPv6

This section describes how to configure Cisco Express Forwarding (CEF) for IPv6 (CEFv6) and distributed CEF for IPv6 (dCEFv6). For a complete description of the CEFv6 and dCEFv6 commands that appear in this section, refer to the IPv6 for Cisco IOS Software, File 3 of 3: Commands document. For a complete description of the CEF for IPv4 (CEFv4) and distributed CEF for IPv4 (dCEFv4) commands available in the Cisco IOS software, refer to the Release 12.2 Cisco IOS Switching Services Command Reference publication. To locate documentation for all other IPv4 commands, use the command reference master index or search online.

dCEFv6 and CEFv6 function the same and offer the same benefits as CEFv4 and dCEFv4. In Cisco IOS Release 12.0(22)S or later releases, IPv6 enhancements to CEFv6 and dCEFv6 include support for separate FIBs for IPv6 global, site-local, and link-local addresses. Prior to Cisco IOS Releases 12.0(22)S—in Cisco IOS Release 12.0(21)ST—IPv6 enhancements to dCEFv6 consisted of support for IPv6 addresses and prefixes.

Note   CEFv6 and dCEFv6 switching of IPv6 link-local addresses is planned for a later release of the Cisco IOS software; therefore, in Cisco IOS Release 12.0(22)S, IPv6 router interfaces do not use the IPv6 link-local FIB.

Note   The following sections describe the configuration tasks for enabling CEFv6 and dCEFv6, and for configuring CEFv6 network accounting. The following sections do not provide in-depth information on customizing CEFv6 because CEF switching functions the same in IPv6 as it does in IPv4. Refer to the "Configuring Cisco Express Forwarding" chapter of the Release 12.2 Cisco IOS Switching Services Configuration Guide publication for information on customizing CEF switching. Wherever applicable, the "Usage Guidelines" section of each command page in the IPv6 for Cisco IOS Software, File 3 of 3: Commands document lists the equivalent CEFv4 command for each new CEFv6 command. Refer to the "Configuring Cisco Express Forwarding" chapter of the Release 12.2 Cisco IOS Switching Services Configuration Guide publication as you customize your CEFv6 configuration.

The tasks in the following sections explain how to configure CEFv6 and dCEFv6. Each task in the list is identified as either required or optional:

See the "IPv6 Routing and IPv6 Address Configuration Example" section for a configuration example.

Enabling CEFv6 or dCEFv6

To enable CEFv6 globally on a nondistributed architecture platform, such as the Cisco 7200 series routers, or a distributed architecture platform, such as the Cisco 7500 series routers, use the following command in global configuration mode:

Note   Some distributed architecture platforms, such as the Cisco 7500 series routers, support both CEFv6 and dCEFv6. When CEFv6 is configured on distributed platforms, CEF switching is performed by the Route Processor (RP). By default, the Cisco 12000 series Internet routers, a distributed architecture platform, support only dCEFv6 (CEF switching is performed by the line cards). In the 12.2 T Cisco IOS software release train, IPv6 supports only process switching for packet forwarding. Support for CEFv6 and dCEFv6 by the Cisco 7200 series routers and Cisco 7500 series routers is planned for a later release of the 12.2 T Cisco IOS software release train.

Note   To forward CEFv6 traffic, the forwarding of IPv6 unicast datagrams must be configured globally on the router by using the ipv6 unicast-routing global configuration command, and an IPv6 address and IPv6 processing must be configured on an interface by using the ipv6 address interface configuration command.

To enable dCEFv6 globally on a distributed architecture platform, such as the Cisco 7500 series routers, use the following command in global configuration mode:

Note   When dCEFv6 is configured on distributed platforms, CEF switching is performed by the line cards. dCEFv6 is enabled by default on the Cisco 12000 series Internet routers and disabled by default on the Cisco 7500 series routers.

Note   To forward dCEFv6 traffic, the forwarding of IPv6 unicast datagrams must be configured globally on the router by using the ipv6 unicast-routing global configuration command, and an IPv6 address and IPv6 processing must be configured on an interface by using the ipv6 address interface configuration command.

Configuring Network Accounting for CEFv6 and dCEFv6

Network accounting for CEFv6 and dCEFv6 enables you to better understand CEFv6 traffic patterns within your network by collecting statistics specific to CEFv6 and dCEFv6 traffic. For example, network accounting for CEFv6 and dCEFv6 enables you to collect information such as the number of packets and bytes switched to a destination or the number of packets switched through a destination.

To configure network accounting for CEFv6 and dCEFv6, use the following command in global configuration mode:

Verifying the CEFv6 and dCEFv6 Configuration

To verify that CEFv6 and network accounting for CEFv6 have been enabled globally on a nondistributed architecture platform, and that CEFv6 has been enabled on an IPv6 interface, enter the show running-config EXEC command. The following output shows that both that CEFv6 and network accounting for CEFv6 have been enabled globally on the router, and that CEFv6 has also been enabled on Ethernet interface 0.

Note   Configure the forwarding of IPv6 unicast datagrams globally on the router by using the ipv6 unicast-routing global configuration command, an IPv6 address on the interface by using the ipv6 address interface configuration command, and CEFv4 globally on the router by using the ip cef global configuration command before you can configure CEFv6 and network accounting for CEFv6.

Note   Display text was omitted from the output.

To verify that dCEFv6 and network accounting for dCEFv6 have been enabled globally on a distributed architecture platform, such as the Cisco 7500 series routers, use the show running-config EXEC command. The following example shows that both dCEFv6 and network accounting for CEFv6 have been enabled globally on the router.

Note   Configure the forwarding of IPv6 unicast datagrams globally on the router by using the ipv6 unicast-routing global configuration command and configure dCEFv4 globally on the router by using the ip cef distributed global configuration command before you can configure dCEFv6 and network accounting for CEFv6.

Note   dCEFv6 is enabled by default on the Cisco 12000 series Internet routers and disabled by default on the Cisco 7500 series routers. Therefore, output from the show running-config EXEC command on the Cisco 12000 series does not show whether dCEFv6 is configured globally on the router. The following output is from a Cisco 7500 series router.

Note   Display text was omitted from the output.

CEFv6 and dCEFv6 Configuration Examples

In the following example, both CEFv6 and network accounting for CEFv6 have been enabled globally on a nondistributed architecture router, and CEFv6 has been enabled on Ethernet interface 0. The example also shows that the forwarding of IPv6 unicast datagrams has been configured globally on the router with the ipv6 unicast-routing global configuration command, an IPv6 address has been configured on Ethernet interface 0 with the ipv6 address interface configuration command, and CEFv4 has been configured globally on the router with the ip cef global configuration command.

In the following example, both dCEFv6 and network accounting for dCEFv6 have been enabled globally on a distributed architecture router. The example also shows that the forwarding of IPv6 unicast datagrams has been configured globally on the router with the ipv6 unicast-routing global configuration command and that dCEFv4 has been configured globally on the router with the ip cef distributed global configuration command.

Configuring IPv6 ICMP Rate Limiting

In Cisco IOS release 12.2(8)T or later releases, IPv6 Internet Control Message Protocol (ICMP) Rate Limiting implements a token bucket algorithm for limiting the rate at which IPv6 ICMP error messages are sent out on the network. The initial implementation of IPv6 ICMP rate limiting defined a fixed interval between error messages, but some applications, such as traceroute, often require replies to a group of requests sent in rapid succession. The fixed interval between error messages is not flexible enough to work with applications such as traceroute and can cause the application to fail. Implementing a token bucket scheme allows a number of tokens—representing the ability to send one error message each—to be stored in a virtual bucket. The maximum number of tokens allowed in the bucket can be specified, and for every error message to be sent, one token is removed from the bucket. If a series of error messages is generated, error messages can be sent until the bucket is empty. When the bucket is empty of tokens, IPv6 ICMP error messages are not sent until a new token is placed in the bucket. The token bucket algorithm does not increase the average rate limiting time interval, and it is more flexible than the fixed time interval scheme.

The following sections explain how to configure the IPv6 ICMP Rate Limiting feature. Each task in the list is identified as either required or optional.

See the "IPv6 ICMP Rate Limiting Configuration Example" section for a configuration example.

Configuring the Rate Limiting Interval and Token Bucket

To configure the interval and bucket size for IPv6 ICMP error messages, use the following command in global configuration mode:

Verifying IPv6 ICMP Rate Limiting Configuration

Enter the show ipv6 traffic EXEC command to display ICMP rate-limited counters:

Note   For a description of each output display field, refer to the show ipv6 traffic command in the IPv6 for Cisco IOS Software, File 3 of 3: Commands document.

IPv6 ICMP Rate Limiting Configuration Example

The following example shows an interval of 50 milliseconds and a bucket size of 20 tokens being configured for IPv6 ICMP error messages:

Configuring Static Cache Entries for IPv6 Neighbor Discovery

The tasks in the following sections explain how to configure the Static Cache Entry for IPv6 Neighbor Discovery feature. Each task in the list is identified as either required or optional:

See the "Static Cache Entry for IPv6 Neighbor Discovery Configuration Example" section for a configuration example.

Note   Refer to the Start Here: Cisco IOS Software Release Specifics for IPv6 Features document for Cisco IOS software release specifics for supported IPv6 features.

Configuring a Static Cache Entry

The Cisco IOS software uses static entries in the IPv6 neighbor discovery cache to translate 128-bit IPv6 addresses into 48-bit hardware addresses (functionality in IPv6 that is equivalent to static Address Resolution Protocol (ARP) entries in IPv4, which are used to translate 32-bit IP addresses into 48-bit hardware addresses).

To configure a static entry in the IPv6 neighbor discovery cache, use the following command in global configuration mode:

Verifying the Static Cache Entry Configuration

To display IPv6 neighbor discovery cache information, use the show ipv6 neighbors EXEC command. A hyphen (-) in the Age field of the command output indicates a static entry. The following example displays IPv6 neighbor discovery cache information for Ethernet interface 2:

Note   For a description of each output display field, refer to the show ipv6 neighbors command in the IPv6 for Cisco IOS Software, File 3 of 3: Commands document.

Static Cache Entry for IPv6 Neighbor Discovery Configuration Example

The following example configures a static entry in the IPv6 neighbor discovery cache for a neighbor with the IPv6 address 3001:001::45a and link-layer address 0002.7d1a.9472 on Ethernet interface 1:

Configuring IPv6 Duplicate Address Detection

The IPv6 Duplicate Address Detection feature verifies the uniqueness of new unicast IPv6 addresses before assigning the addresses to interfaces (the new addresses remain in a tentative state while duplicate address detection is performed). Duplicate address detection uses neighbor solicitation messages to verify the uniqueness of unicast IPv6 addresses.

There are no required configuration tasks for the IPv6 Duplicate Address Detection feature; duplicate address detection on tentative unicast IPv6 addresses and the automatic sending of consecutive neighbor solicitation messages during duplicate address detection are enabled by default. However, the number of consecutive neighbor solicitation messages that are sent on an interface while duplicate address detection is performed on tentative unicast IPv6 addresses can be configured.

The tasks in the following sections explain how to configure the number of consecutive neighbor solicitation messages that are sent on an interface while duplicate address detection is performed on tentative unicast IPv6 addresses. Each task in the list is identified as either required or optional:

See the "IPv6 Duplicate Address Detection Configuration Example" section for a configuration example.

Note   Refer to the Start Here: Cisco IOS Software Release Specifics for IPv6 Features document for Cisco IOS software release specifics for supported IPv6 features.

Configuring Duplicate Address Detection Neighbor Solicitation Messages

To configure the number of consecutive neighbor solicitation messages that are sent on an interface while duplicate address detection is performed on tentative unicast IPv6 addresses, use the following command in interface configuration mode:

Verifying the Duplicate Address Detection Neighbor Solicitation Messages Configuration

To view the state (OK, TENTATIVE, or DUPLICATE) of the unicast IPv6 addresses configured for an interface, to verify whether duplicate address detection is enabled on the interface, and to verify the number of consecutive duplicate address detection, neighbor solicitation messages that are being sent on the interface, enter the show ipv6 interface EXEC command. The following example shows duplicate address detection specifics for Ethernet interface 0: