Information About IPv6 Unicast Routing
This chapter describes how to configure IPv6 host functions on the Cisco Catalyst 2960-L Series Switches.
For information about configuring IPv6 Multicast Listener Discovery (MLD) snooping, see Configuring MLD Snooping.
Understanding IPv6
IPv4 users can move to IPv6 and receive services such as end-to-end security, quality of service (QoS), and globally unique addresses. The IPv6 address space reduces the need for private addresses and Network Address Translation (NAT) processing by border routers at network edges.
For information about how Cisco Systems implements IPv6, go to: http://www.cisco.com/en/US/products/ps6553/products_ios_technology_home.html
IPv6 Addresses
The switch supports only IPv6 unicast addresses. It does not support site-local unicast addresses, or anycast addresses.
The IPv6 128-bit addresses are represented as a series of eight 16-bit hexadecimal fields separated by colons in the format: n:n:n:n:n:n:n:n. This is an example of an IPv6 address:
2031:0000:130F:0000:0000:09C0:080F:130B
For easier implementation, leading zeros in each field are optional. This is the same address without leading zeros:
2031:0:130F:0:0:9C0:80F:130B
You can also use two colons (::) to represent successive hexadecimal fields of zeros, but you can use this short version only once in each address:
2031:0:130F::09C0:080F:130B
For more information about IPv6 address formats, address types, and the IPv6 packet header, see the http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6_basic/configuration/xe-3e/ip6b-xe-3e-book.html of Cisco IOS IPv6 Configuration Library on Cisco.com.
Supported IPv6 Unicast Routing Features
The following sections describe the IPv6 protocol features supported by the switch:
128-Bit Wide Unicast Addresses
The switch supports aggregatable global unicast addresses and link-local unicast addresses. It does not support site-local unicast addresses.
-
Aggregatable global unicast addresses are IPv6 addresses from the aggregatable global unicast prefix. The address structure enables strict aggregation of routing prefixes and limits the number of routing table entries in the global routing table. These addresses are used on links that are aggregated through organizations and eventually to the Internet service provider.
These addresses are defined by a global routing prefix, a subnet ID, and an interface ID. Current global unicast address allocation uses the range of addresses that start with binary value 001 (2000::/3). Addresses with a prefix of 2000::/3(001) through E000::/3(111) must have 64-bit interface identifiers in the extended unique identifier (EUI)-64 format.
-
Link local unicast addresses can be automatically configured on any interface by using the link-local prefix FE80::/10(1111 1110 10) and the interface identifier in the modified EUI format. Link-local addresses are used in the neighbor discovery protocol (NDP) and the stateless autoconfiguration process. Nodes on a local link use link-local addresses and do not require globally unique addresses to communicate. IPv6 routers do not forward packets with link-local source or destination addresses to other links.
DNS for IPv6
IPv6 supports Domain Name System (DNS) record types in the DNS name-to-address and address-to-name lookup processes. The DNS AAAA resource record types support IPv6 addresses and are equivalent to an A address record in IPv4. The switch supports DNS resolution for IPv4 and IPv6.
ICMPv6
The Internet Control Message Protocol (ICMP) in IPv6 generates error messages, such as ICMP destination unreachable messages, to report errors during processing and other diagnostic functions. In IPv6, ICMP packets are also used in the neighbor discovery protocol and path MTU discovery.
Neighbor Discovery
The switch supports Neighbor Discovery Protocol (NDP) for IPv6, a protocol running on top of ICMPv6, and static neighbor entries for IPv6 stations that do not support NDP. The IPv6 neighbor discovery process uses ICMP messages and solicited-node multicast addresses to determine the link-layer address of a neighbor on the same network (local link), to verify the reachability of the neighbor, and to keep track of neighboring routers.
The switch supports ICMPv6 redirect for routes with mask lengths less than 64 bits. ICMP redirect is not supported for host routes or for summarized routes with mask lengths greater than 64 bits.
Neighbor discovery throttling ensures that the switch CPU is not unnecessarily burdened while it is in the process of obtaining the next hop forwarding information to route an IPv6 packet. The switch drops any additional IPv6 packets whose next hop is the same neighbor that the switch is actively trying to resolve. This drop avoids further load on the CPU.
Note |
IPv6 next hop security features are not supported in Cisco IOS Release 15.2(5)E. |
IPv6 Stateless Autoconfiguration and Duplicate Address Detection
The switch uses stateless autoconfiguration to manage link, subnet, and site addressing changes, such as management of host and mobile IP addresses. A host autonomously configures its own link-local address, and booting nodes send router solicitations to request router advertisements for configuring interfaces.
IPv6 Applications
The switch has IPv6 support for these applications:
-
Ping, traceroute, Telnet
-
Secure Shell (SSH) over an IPv6 transport
-
HTTP server access over IPv6 transport
-
DNS resolver for AAAA over IPv4 transport
-
Cisco Discovery Protocol (CDP) support for IPv6 addresses
Static Routes for IPv6
Static routes are manually configured and define an explicit route between two networking devices. Static routes are useful for smaller networks with only one path to an outside network or to provide security for certain types of traffic in a larger network.
RIP for IPv6
Routing Information Protocol (RIP) for IPv6 is a distance-vector protocol that uses hop count as a routing metric. It includes support for IPv6 addresses and prefixes and the all-RIP-routers multicast group address FF02::9 as the destination address for RIP update messages.
SNMP and Syslog Over IPv6
To support both IPv4 and IPv6, IPv6 network management requires both IPv6 and IPv4 transports. Syslog over IPv6 supports address data types for these transports.
Simple Network Management Protocol (SNMP) and syslog over IPv6 provide these features:
-
Support for both IPv4 and IPv6
-
IPv6 transport for SNMP and to modify the SNMP agent to support traps for an IPv6 host
-
SNMP- and syslog-related MIBs to support IPv6 addressing
-
Configuration of IPv6 hosts as trap receivers
For support over IPv6, SNMP modifies the existing IP transport mapping to simultaneously support IPv4 and IPv6. These SNMP actions support IPv6 transport management:
-
Opens User Datagram Protocol (UDP) SNMP socket with default settings
-
Provides a new transport mechanism called SR_IPV6_TRANSPORT
-
Sends SNMP notifications over IPv6 transport
-
Supports SNMP-named access lists for IPv6 transport
-
Supports SNMP proxy forwarding using IPv6 transport
-
Verifies SNMP Manager feature works with IPv6 transport
HTTP(S) Over IPv6
The HTTP client sends requests to both IPv4 and IPv6 HTTP servers, which respond to requests from both IPv4 and IPv6 HTTP clients. URLs with literal IPv6 addresses must be specified in hexadecimal using 16-bit values between colons.
The accept socket call chooses an IPv4 or IPv6 address family. The accept socket is either an IPv4 or IPv6 socket. The listening socket continues to listen for both IPv4 and IPv6 signals that indicate a connection. The IPv6 listening socket is bound to an IPv6 wildcard address.
The underlying TCP/IP stack supports a dual-stack environment. HTTP relies on the TCP/IP stack and the sockets for processing network-layer interactions.
Basic network connectivity (ping ) must exist between the client and the server hosts before HTTP connections can be made.
Default IPv6 Configuration
Feature |
Default Setting |
---|---|
IPv6 addresses |
None configured |