Configuring IPv6 Unicast Routing

Information About Configuring IPv6 Unicast Routing

This chapter describes how to configure IPv6 unicast routing on the switch.


Note

To use all IPv6 features in this chapter, the switch or stack master must be running the IP services feature set. Switches running the IP base feature set support IPv6 static routing, RIP for IPv6, and OSPF. Switches running the LAN base feature set support only IPv6 host functionality.

Understanding IPv6

IPv4 users can move to IPv6 and receive services such as end-to-end security, quality of service (QoS), and globally unique addresses. The IPv6 address space reduces the need for private addresses and Network Address Translation (NAT) processing by border routers at network edges.

For information about how Cisco Systems implements IPv6, go to:

http://www.cisco.com/en/US/products/ps6553/products_ios_technology_home.html

For information about IPv6 and other features in this chapter

  • See the Cisco IOS IPv6 Configuration Library.

  • Use the Search field on Cisco.com to locate the Cisco IOS software documentation. For example, if you want information about static routes, you can enter Implementing Static Routes for IPv6 in the search field to learn about static routes.

IPv6 Addresses

The switch supports only IPv6 unicast addresses. It does not support site-local unicast addresses, or anycast addresses.

The IPv6 128-bit addresses are represented as a series of eight 16-bit hexadecimal fields separated by colons in the format: n:n:n:n:n:n:n:n. This is an example of an IPv6 address:

2031:0000:130F:0000:0000:09C0:080F:130B

For easier implementation, leading zeros in each field are optional. This is the same address without leading zeros:

2031:0:130F:0:0:9C0:80F:130B

You can also use two colons (::) to represent successive hexadecimal fields of zeros, but you can use this short version only once in each address:

2031:0:130F::09C0:080F:130B

For more information about IPv6 address formats, address types, and the IPv6 packet header, see the “Implementing IPv6 Addressing and Basic Connectivity” chapter of Cisco IOS IPv6 Configuration Library on Cisco.com.

In the “Information About Implementing Basic Connectivity for IPv6” chapter, these sections apply to the switch:

  • IPv6 Address Formats

  • IPv6 Address Type: Unicast

  • IPv6 Address Type: Multicast

  • IPv6 Address Output Display

  • Simplified IPv6 Packet Header

Supported IPv6 Unicast Routing Features

These sections describe the IPv6 protocol features supported by the switch:

The switch provides IPv6 routing capability over Routing Information Protocol (RIP) for IPv6, and Open Shortest Path First (OSPF) Version 3 Protocol. It supports up to 16 equal-cost routes and can simultaneously forward IPv4 and IPv6 frames at line rate.

128-Bit Wide Unicast Addresses

The switch supports aggregatable global unicast addresses and link-local unicast addresses. It does not support site-local unicast addresses.

  • Aggregatable global unicast addresses are IPv6 addresses from the aggregatable global unicast prefix. The address structure enables strict aggregation of routing prefixes and limits the number of routing table entries in the global routing table. These addresses are used on links that are aggregated through organizations and eventually to the Internet service provider.

    These addresses are defined by a global routing prefix, a subnet ID, and an interface ID. Current global unicast address allocation uses the range of addresses that start with binary value 001 (2000::/3). Addresses with a prefix of 2000::/3(001) through E000::/3(111) must have 64-bit interface identifiers in the extended unique identifier (EUI)-64 format.

  • Link local unicast addresses can be automatically configured on any interface by using the link-local prefix FE80::/10(1111 1110 10) and the interface identifier in the modified EUI format. Link-local addresses are used in the neighbor discovery protocol (NDP) and the stateless autoconfiguration process. Nodes on a local link use link-local addresses and do not require globally unique addresses to communicate. IPv6 routers do not forward packets with link-local source or destination addresses to other links.

For more information, see the section about IPv6 unicast addresses in the “Implementing IPv6 Addressing and Basic Connectivity” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

DNS for IPv6

IPv6 supports Domain Name System (DNS) record types in the DNS name-to-address and address-to-name lookup processes. The DNS AAAA resource record types support IPv6 addresses and are equivalent to an A address record in IPv4. The switch supports DNS resolution for IPv4 and IPv6.

Path MTU Discovery for IPv6 Unicast

The switch supports advertising the system maximum transmission unit (MTU) to IPv6 nodes and path MTU discovery. Path MTU discovery allows a host to dynamically discover and adjust to differences in the MTU size of every link along a given data path. In IPv6, if a link along the path is not large enough to accommodate the packet size, the source of the packet handles the fragmentation.

ICMPv6

The Internet Control Message Protocol (ICMP) in IPv6 generates error messages, such as ICMP destination unreachable messages, to report errors during processing and other diagnostic functions. In IPv6, ICMP packets are also used in the neighbor discovery protocol and path MTU discovery.

Neighbor Discovery

The switch supports NDP for IPv6, a protocol running on top of ICMPv6, and static neighbor entries for IPv6 stations that do not support NDP. The IPv6 neighbor discovery process uses ICMP messages and solicited-node multicast addresses to determine the link-layer address of a neighbor on the same network (local link), to verify the reachability of the neighbor, and to keep track of neighboring routers.

The switch supports ICMPv6 redirect for routes with mask lengths less than 64 bits. ICMP redirect is not supported for host routes or for summarized routes with mask lengths greater than 64 bits.

Neighbor discovery throttling ensures that the switch CPU is not unnecessarily burdened while it is in the process of obtaining the next hop forwarding information to route an IPv6 packet. The switch drops any additional IPv6 packets whose next hop is the same neighbor that the switch is actively trying to resolve. This drop avoids further load on the CPU.

Default Router Preference

The switch supports IPv6 default router preference (DRP), an extension in router advertisement messages. DRP improves the ability of a host to select an appropriate router, especially when the host is multihomed and the routers are on different links. The switch does not support the Route Information Option in RFC 4191.

An IPv6 host maintains a default router list from which it selects a router for traffic to offlink destinations. The selected router for a destination is then cached in the destination cache. NDP for IPv6 specifies that routers that are reachable or probably reachable are preferred over routers whose reachability is unknown or suspect. For reachable or probably reachable routers, NDP can either select the same router every time or cycle through the router list. By using DRP, you can configure an IPv6 host to prefer one router over another, provided both are reachable or probably reachable.

For more information about DRP for IPv6, see the Cisco IOS IPv6 Configuration Library on Cisco.com.

IPv6 Stateless Autoconfiguration and Duplicate Address Detection

The switch uses stateless autoconfiguration to manage link, subnet, and site addressing changes, such as management of host and mobile IP addresses. A host autonomously configures its own link-local address, and booting nodes send router solicitations to request router advertisements for configuring interfaces.

For more information about autoconfiguration and duplicate address detection, see the “Implementing IPv6 Addressing and Basic Connectivity” chapter of Cisco IOS IPv6 Configuration Library on Cisco.com.

IPv6 Applications

The switch has IPv6 support for these applications:

  • Ping, traceroute, Telnet, and TFTP

  • Secure Shell (SSH) over an IPv6 transport

  • HTTP server access over IPv6 transport

  • DNS resolver for AAAA over IPv4 transport

  • Cisco Discovery Protocol (CDP) support for IPv6 addresses

For more information about managing these applications, see the Cisco IOS IPv6 Configuration Library on Cisco.com.

DHCP for IPv6 Address Assignment

DHCPv6 enables DHCP servers to pass configuration parameters, such as IPv6 network addresses, to IPv6 clients. The address assignment feature manages non-duplicate address assignment in the correct prefix based on the network where the host is connected. Assigned addresses can be from one or multiple prefix pools. Additional options, such as default domain and DNS name-server address, can be passed back to the client. Address pools can be assigned for use on a specific interface, on multiple interfaces, or the server can automatically find the appropriate pool.

For more information and to configure these features, see the Cisco IOS IPv6 Configuration Guide.

This document describes only the DHCPv6 address assignment. For more information about configuring the DHCPv6 client, server, or relay agent functions, see the “Implementing DHCP for IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

Static Routes for IPv6

Static routes are manually configured and define an explicit route between two networking devices. Static routes are useful for smaller networks with only one path to an outside network or to provide security for certain types of traffic in a larger network.

For more information about static routes, see the “Implementing Static Routes for IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

Policy-Based Routing for IPv6

Policy-based routing (PBR) gives you a flexible means of routing packets by allowing you to configure a defined policy for traffic flows, which lessens reliance on routes derived from routing protocols. Therefore, PBR gives you more control over routing by extending and complementing the existing mechanisms provided by routing protocols. PBR allows you to set the IPv6 precedence. For a simple policy, you can use any one of these tasks; for a complex policy, you can use all of them. It also allows you to specify a path for certain traffic, such as priority traffic over a high-cost link.

PBR for IPv6 may be applied to both forwarded and originated IPv6 packets. For forwarded packets, PBR for IPv6 will be implemented as an IPv6 input interface feature, supported in the following forwarding paths:

  • Process

  • Cisco Express Forwarding (formerly known as CEF)

  • Distributed Cisco Express Forwarding

Policies can be based on the IPv6 address, port numbers, protocols, or packet size.

PBR allows you to perform the following tasks:

  • Classify traffic based on extended access list criteria. Access lists, then, establish the match criteria.

  • Set IPv6 precedence bits, giving the network the ability to enable differentiated classes of service.

  • Route packets to specific traffic-engineered paths; you might need to route them to allow a specific quality of service (QoS) through the network.

PBR allows you to classify and mark packets at the edge of the network. PBR marks a packet by setting precedence value. The precedence value can be used directly by devices in the network core to apply the appropriate QoS to a packet, which keeps packet classification at your network edge.

For enabling PBR for IPv6, see the Enabling Local PBR for IPv6 section.

For enabling IPv6 PBR for an interface, see the Enabling IPv6 PBR on an Interface section.

RIP for IPv6

Routing Information Protocol (RIP) for IPv6 is a distance-vector protocol that uses hop count as a routing metric. It includes support for IPv6 addresses and prefixes and the all-RIP-routers multicast group address FF02::9 as the destination address for RIP update messages.

For more information about RIP for IPv6, see the “Implementing RIP for IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

OSPF for IPv6

The switch running the IP Base feature set supports Open Shortest Path First (OSPF) for IPv6, a link-state protocol for IP. For more information, seeCisco IOS IPv6 Configuration Library on Cisco.com.

Configuring HSRP for IPv6

HSRP provides routing redundancy for routing IPv6 traffic not dependent on the availability of any single router. IPv6 hosts learn of available routers through IPv6 neighbor discovery router advertisement messages. These messages are multicast periodically or are solicited by hosts.

An HSRP IPv6 group has a virtual MAC address that is derived from the HSRP group number and a virtual IPv6 link-local address that is, by default, derived from the HSRP virtual MAC address. Periodic messages are sent for the HSRP virtual IPv6 link-local address when the HSRP group is active. These messages stop after a final one is sent when the group leaves the active state.


Note

When configuring HSRP for IPv6, you must enable HSRP version 2 (HSRPv2) on the interface.


EIGRP IPv6

Switches support the Enhanced Interior Gateway Routing Protocol (EIGRP) for IPv6. It is configured on the interfaces on which it runs and does not require a global IPv6 address. Switches running IP Lite only support EIGRPv6 stub routing.

Before running, an instance of EIGRP IPv6 requires an implicit or explicit router ID. An implicit router ID is derived from a local IPv6 address, so any IPv6 node always has an available router ID. However, EIGRP IPv6 might be running in a network with only IPv6 nodes and therefore might not have an available IPv6 router ID.

For more information about EIGRP for IPv6, see the “Implementing EIGRP for IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

EIGRPv6 Stub Routing

The EIGRPv6 stub routing feature, reduces resource utilization by moving routed traffic closer to the end user.

In a network using EIGRPv6 stub routing, the only allowable route for IPv6 traffic to the user is through a switch that is configured with EIGRPv6 stub routing. The switch sends the routed traffic to interfaces that are configured as user interfaces or are connected to other devices.

When using EIGRPv6 stub routing, you need to configure the distribution and remote routers to use EIGRPv6 and to configure only the switch as a stub. Only specified routes are propagated from the switch. The switch responds to all queries for summaries, connected routes, and routing updates.

Any neighbor that receives a packet informing it of the stub status does not query the stub router for any routes, and a router that has a stub peer does not query that peer. The stub router depends on the distribution router to send the proper updates to all peers.

In the figure given below, switch B is configured as an EIGRPv6 stub router. Switches A and C are connected to the rest of the WAN. Switch B advertises connected, static, redistribution, and summary routes to switch A and C. Switch B does not advertise any routes learned from switch A (and the reverse).

Figure 1. EIGRP Stub Router Configuration

For more information about EIGRPv6 stub routing, see “Implementing EIGRP for IPv6” section of the Cisco IOS IP Configuration Guide, Volume 2 of 3: Routing Protocols, Release 12.4.

SNMP and Syslog Over IPv6

To support both IPv4 and IPv6, IPv6 network management requires both IPv6 and IPv4 transports. Syslog over IPv6 supports address data types for these transports.

SNMP and syslog over IPv6 provide these features:

  • Support for both IPv4 and IPv6

  • IPv6 transport for SNMP and to modify the SNMP agent to support traps for an IPv6 host

  • SNMP- and syslog-related MIBs to support IPv6 addressing

  • Configuration of IPv6 hosts as trap receivers

For support over IPv6, SNMP modifies the existing IP transport mapping to simultaneously support IPv4 and IPv6. These SNMP actions support IPv6 transport management:

  • Opens User Datagram Protocol (UDP) SNMP socket with default settings

  • Provides a new transport mechanism called SR_IPV6_TRANSPORT

  • Sends SNMP notifications over IPv6 transport

  • Supports SNMP-named access lists for IPv6 transport

  • Supports SNMP proxy forwarding using IPv6 transport

  • Verifies SNMP Manager feature works with IPv6 transport

For information on SNMP over IPv6, including configuration procedures, see the “Managing Cisco IOS Applications over IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

For information about syslog over IPv6, including configuration procedures, see the “Implementing IPv6 Addressing and Basic Connectivity” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

HTTP(S) Over IPv6

The HTTP client sends requests to both IPv4 and IPv6 HTTP servers, which respond to requests from both IPv4 and IPv6 HTTP clients. URLs with literal IPv6 addresses must be specified in hexadecimal using 16-bit values between colons.

The accept socket call chooses an IPv4 or IPv6 address family. The accept socket is either an IPv4 or IPv6 socket. The listening socket continues to listen for both IPv4 and IPv6 signals that indicate a connection. The IPv6 listening socket is bound to an IPv6 wildcard address.

The underlying TCP/IP stack supports a dual-stack environment. HTTP relies on the TCP/IP stack and the sockets for processing network-layer interactions.

Basic network connectivity (ping ) must exist between the client and the server hosts before HTTP connections can be made.

For more information, see the “Managing Cisco IOS Applications over IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

Unsupported IPv6 Unicast Routing Features

The switch does not support these IPv6 features:

  • IPv6 virtual private network (VPN) routing and forwarding (VRF) table support

  • IPv6 packets destined to site-local addresses

  • Tunneling protocols, such as IPv4-to-IPv6 or IPv6-to-IPv4

  • The switch as a tunnel endpoint supporting IPv4-to-IPv6 or IPv6-to-IPv4 tunneling protocols

  • IPv6 unicast reverse-path forwarding

  • IPv6 Web Cache Communication Protocol (WCCP)

IPv6 Feature Limitations

Because IPv6 is implemented in switch hardware, some limitations occur due to the IPv6 compressed addresses in the hardware memory. These hardware limitations result in some loss of functionality and limits some features.

These are feature limitations.

  • The switch cannot forward SNAP-encapsulated IPv6 packets in hardware. They are forwarded in software.

  • The switch cannot apply QoS classification on source-routed IPv6 packets in hardware.

IPv6 and Switch Stacks

The switch supports IPv6 forwarding across the stack and IPv6 host functionality on the stack master. The stack master runs the IPv6 unicast routing protocols and computes the routing tables. They receive the tables and create hardware IPv6 routes for forwarding. The stack master also runs all IPv6 applications.


Note

To route IPv6 packets in a stack, all switches in the stack should be running the IP Base feature set.


If a new switch becomes the stack master, it recomputes the IPv6 routing tables and distributes them to the member switches. While the new stack master is being elected and is resetting, the switch stack does not forward IPv6 packets. The stack MAC address changes, which also changes the IPv6 address. When you specify the stack IPv6 address with an extended unique identifier (EUI) by using the ipv6 address ipv6-prefix/prefix length eui-64 interface configuration command, the address is based on the interface MAC address. See the Configuring IPv6 Addressing and Enabling IPv6 Routing (CLI).

If you configure the persistent MAC address feature on the stack and the stack master changes, the stack MAC address does not change for approximately 4 minutes.

These are the functions of IPv6 stack master and members:

  • Stack master:
    • runs IPv6 routing protocols

    • generates routing tables

    • distributes routing tables to stack members that use dCEFv6

    • runs IPv6 host functionality and IPv6 applications

  • Stack member (must be running the IP services feature set):
    • receives CEFv6 routing tables from the stack master

    • programs the routes into hardware


    Note

    IPv6 packets are routed in hardware across the stack if the packet does not have exceptions (IPv6 Options) and the switches in the stack have not run out of hardware resources.


    • flushes the CEFv6 tables on master re-election

Default IPv6 Configuration

Table 1. Default IPv6 Configuration

Feature

Default Setting

SDM template

Advance desktop. Default is advanced template

IPv6 routing

Disabled globally and on all interfaces

CEFv6 or dCEFv6

Disabled (IPv4 CEF and dCEF are enabled by default)

Note 

When IPv6 routing is enabled, CEFv6 and dCEF6 are automatically enabled.

IPv6 addresses

None configured

Configuring IPv6 Addressing and Enabling IPv6 Routing (CLI)

This section describes how to assign IPv6 addresses to individual Layer 3 interfaces and to globally forward IPv6 traffic on the switch.

Before configuring IPv6 on the switch, consider these guidelines:

  • Not all features discussed in this chapter are supported by the switch. See the Unsupported IPv6 Unicast Routing Features.

  • In the ipv6 address interface configuration command, you must enter the ipv6-address and ipv6-prefix variables with the address specified in hexadecimal using 16-bit values between colons. The prefix-length variable (preceded by a slash [/]) is a decimal value that shows how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address).

To forward IPv6 traffic on an interface, you must configure a global IPv6 address on that interface. Configuring an IPv6 address on an interface automatically configures a link-local address and activates IPv6 for the interface. The configured interface automatically joins these required multicast groups for that link:

  • solicited-node multicast group FF02:0:0:0:0:1:ff00::/104 for each unicast address assigned to the interface (this address is used in the neighbor discovery process.)

  • all-nodes link-local multicast group FF02::1

  • all-routers link-local multicast group FF02::2

To remove an IPv6 address from an interface, use the no ipv6 address ipv6-prefix/prefix length eui-64 or no ipv6 address ipv6-address link-local interface configuration command. To remove all manually configured IPv6 addresses from an interface, use the no ipv6 address interface configuration command without arguments. To disable IPv6 processing on an interface that has not been explicitly configured with an IPv6 address, use the no ipv6 enable interface configuration command. To globally disable IPv6 routing, use the no ipv6 unicast-routing global configuration command.

For more information about configuring IPv6 routing, see the “Implementing Addressing and Basic Connectivity for IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

Beginning in privileged EXEC mode, follow these steps to assign an IPv6 address to a Layer 3 interface and enable IPv6 routing:

Procedure

  Command or Action Purpose
Step 1

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 2

sdm prefer dual-ipv4-and-ipv6 { advanced | vlan}

Example:


Device(config)# sdm prefer dual-ipv4-and-ipv6 default

Selects an SDM template that supports IPv4 and IPv6.

  • advanced —Sets the switch to the default template to balance system resources.

  • vlan —Maximizes VLAN configuration on the switch with no routing supported in hardware.

Note 
Advanced is available at all license levels. VLAN template is available only in LAN Base license.
Step 3

end

Example:


Device(config)# end

Returns to privileged EXEC mode.

Step 4

reload

Example:


Device# reload

Reloads the operating system.

Step 5

configure terminal

Example:


Device# configure terminal

Enters global configuration mode after the switch reloads.

Step 6

interface interface-id

Example:


Device(config)# interface gigabitethernet 1/0/1

Enters interface configuration mode, and specifies the Layer 3 interface to configure. The interface can be a physical interface, a switch virtual interface (SVI), or a Layer 3 EtherChannel.

Step 7

no switchport

Example:


Device(config-if)# no switchport

Removes the interface from Layer 2 configuration mode (if it is a physical interface).

Step 8

Use one of the following:

  • ipv6 address ipv6-prefix/prefix length eui-64
  • ipv6 address ipv6-address/prefix length
  • ipv6 address ipv6-address link-local
  • ipv6 enable
  • ipv6 addressWORD
  • ipv6 addressautoconfig
  • ipv6 addressdhcp

Example:

Device(config-if)# ipv6 address 2001:0DB8:c18:1::/64 eui 64

Device(config-if)# ipv6 address 2001:0DB8:c18:1::/64

Device(config-if)# ipv6 address 2001:0DB8:c18:1:: link-local

Device(config-if)# ipv6 enable

  • Specifies a global IPv6 address with an extended unique identifier (EUI) in the low-order 64 bits of the IPv6 address. Specify only the network prefix; the last 64 bits are automatically computed from the switch MAC address. This enables IPv6 processing on the interface.

  • Manually configures an IPv6 address on the interface.

  • Specifies a link-local address on the interface to be used instead of the link-local address that is automatically configured when IPv6 is enabled on the interface. This command enables IPv6 processing on the interface.

  • Automatically configures an IPv6 link-local address on the interface, and enables the interface for IPv6 processing. The link-local address can only be used to communicate with nodes on the same link.

Step 9

exit

Example:


Device(config-if)# exit

Returns to global configuration mode.

Step 10

ip routing

Example:


Device(config)# ip routing

Enables IP routing on the switch.

Step 11

ipv6 unicast-routing

Example:


Device(config)# ipv6 unicast-routing

Enables forwarding of IPv6 unicast data packets.

Step 12

end

Example:


Device(config)# end

Returns to privileged EXEC mode.

Step 13

show ipv6 interface interface-id

Example:


Device# show ipv6 interface gigabitethernet 1/0/1

Verifies your entries.

Step 14

copy running-config startup-config

Example:

Device# copy running-config startup-config

(Optional) Saves your entries in the configuration file.

Configuring IPv4 and IPv6 Protocol Stacks (CLI)

Beginning in privileged EXEC mode, follow these steps to configure a Layer 3 interface to support both IPv4 and IPv6 and to enable IPv6 routing.


Note

To disable IPv6 processing on an interface that has not been configured with an IPv6 address, use the no ipv6 enable interface configuration command.


SUMMARY STEPS

  1. configure terminal
  2. ip routing
  3. ipv6 unicast-routing
  4. interface interface-id
  5. no switchport
  6. ip address ip-address mask [secondary]
  7. Use one of the following:
    • ipv6 address ipv6-prefix/prefix length eui-64
    • ipv6 address ipv6-address/prefix length
    • ipv6 address ipv6-address link-local
    • ipv6 enable
    • ipv6 addressWORD
    • ipv6 addressautoconfig
    • ipv6 addressdhcp
  8. end
  9. Use one of the following:
    • show interface interface-id
    • show ip interface interface-id
    • show ipv6 interface interface-id
  10. copy running-config startup-config

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:


Switch# configure terminal

Enters global configuration mode.

Step 2

ip routing

Example:


Switch(config)# ip routing

Enables routing on the switch.

Step 3

ipv6 unicast-routing

Example:


Switch(config)# ipv6 unicast-routing

Enables forwarding of IPv6 data packets on the switch.

Step 4

interface interface-id

Example:


Switch(config)# interface gigabitethernet 1/0/1

Enters interface configuration mode, and specifies the Layer 3 interface to configure.

Step 5

no switchport

Example:


Switch(config-if)# no switchport

Removes the interface from Layer 2 configuration mode (if it is a physical interface).

Step 6

ip address ip-address mask [secondary]

Example:


Switch(config-if)# ip address 10.1.2.3 255.255.255

Specifies a primary or secondary IPv4 address for the interface.

Step 7

Use one of the following:

  • ipv6 address ipv6-prefix/prefix length eui-64
  • ipv6 address ipv6-address/prefix length
  • ipv6 address ipv6-address link-local
  • ipv6 enable
  • ipv6 addressWORD
  • ipv6 addressautoconfig
  • ipv6 addressdhcp
  • Specifies a global IPv6 address. Specify only the network prefix; the last 64 bits are automatically computed from the switch MAC address.

  • Specifies a link-local address on the interface to be used instead of the automatically configured link-local address when IPv6 is enabled on the interface.

  • Automatically configures an IPv6 link-local address on the interface, and enables the interface for IPv6 processing. The link-local address can only be used to communicate with nodes on the same link.

Note 

To remove all manually configured IPv6 addresses from an interface, use the no ipv6 address interface configuration command without arguments.

Step 8

end

Example:


Switch(config)# end

Returns to privileged EXEC mode.

Step 9

Use one of the following:

  • show interface interface-id
  • show ip interface interface-id
  • show ipv6 interface interface-id

Verifies your entries.

Step 10

copy running-config startup-config

Example:


Switch# copy running-config startup-config

(Optional) Saves your entries in the configuration file.

Configuring Default Router Preference (CLI)

Router advertisement messages are sent with the default router preference (DRP) configured by the ipv6 nd router-preference interface configuration command. If no DRP is configured, RAs are sent with a medium preference.

A DRP is useful when two routers on a link might provide equivalent, but not equal-cost routing, and policy might dictate that hosts should prefer one of the routers.

For more information about configuring DRP for IPv6, see the “Implementing IPv6 Addresses and Basic Connectivity” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

Beginning in privileged EXEC mode, follow these steps to configure a DRP for a router on an interface.

Procedure

  Command or Action Purpose
Step 1

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 2

interface interface-id

Example:


Device(config)# interface gigabitethernet 1/0/1

Enters interface configuration mode and identifies the Layer 3 interface on which you want to specify the DRP.

Step 3

ipv6 nd router-preference {high | medium | low}

Example:


Device(config-if)# ipv6 nd router-preference medium

Specifies a DRP for the router on the switch interface.

Step 4

end

Example:


Device(config)# end

Returns to privileged EXEC mode.

Step 5

show ipv6 interface

Example:


Device# show ipv6 interface

Verifies the configuration.

Step 6

copy running-config startup-config

Example:


Device# copy running-config startup-config

(Optional) Saves your entries in the configuration file.

Configuring IPv6 ICMP Rate Limiting (CLI)

ICMP rate limiting is enabled by default with a default interval between error messages of 100 milliseconds and a bucket size (maximum number of tokens to be stored in a bucket) of 10.

Beginning in privileged EXEC mode, follow these steps to change the ICMP rate-limiting parameters:

Procedure

  Command or Action Purpose
Step 1

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 2

ipv6 icmp error-interval interval [bucketsize]

Example:


Device(config)# ipv6 icmp error-interval 50 20

Configures the interval and bucket size for IPv6 ICMP error messages:

  • interval —The interval (in milliseconds) between tokens being added to the bucket. The range is from 0 to 2147483647 milliseconds.

  • bucketsize —(Optional) The maximum number of tokens stored in the bucket. The range is from 1 to 200.

Step 3

end

Example:


Device(config)# end 

Returns to privileged EXEC mode.

Step 4

show ipv6 interface [interface-id]

Example:


Device# show ipv6 interface gigabitethernet 1/0/1

Verifies your entries.

Step 5

copy running-config startup-config

Example:


Device# copy running-config startup-config

(Optional) Saves your entries in the configuration file.

Configuring CEF and dCEF for IPv6

Cisco Express Forwarding (CEF) is a Layer 3 IP switching technology to improve network performance. CEF implements an advanced IP look-up and forwarding algorithm to deliver maximum Layer 3 switching performance. It is less CPU-intensive than fast-switching route-caching, allowing more CPU processing power to be dedicated to packet forwarding. In a switch stack, the hardware uses distributed CEF (dCEF) in the stack. IPv4 CEF and dCEF are enabled by default. IPv6 CEF and dCEF are disabled by default, but automatically enabled when you configure IPv6 routing.

IPv6 CEF and dCEF are automatically disabled when IPv6 routing is unconfigured. IPv6 CEF and dCEF cannot disabled through configuration. You can verify the IPv6 state by entering the show ipv6 cef privileged EXEC command.

To route IPv6 unicast packets, you must first globally configure forwarding of IPv6 unicast packets by using the ipv6 unicast-routing global configuration command, and you must configure an IPv6 address and IPv6 processing on an interface by using the ipv6 address interface configuration command.

For more information about configuring CEF and dCEF, see Cisco IOS IPv6 Configuration Library on Cisco.com.

Configuring Static Routing for IPv6 (CLI)

Before configuring a static IPv6 route, you must enable routing by using the ip routing global configuration command, enable the forwarding of IPv6 packets by using the ipv6 unicast-routing global configuration command, and enable IPv6 on at least one Layer 3 interface by configuring an IPv6 address on the interface.

For more information about configuring static IPv6 routing, see the “Implementing Static Routes for IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

Procedure

  Command or Action Purpose
Step 1

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 2

ipv6 route ipv6-prefix/prefix length {ipv6-address | interface-id [ipv6-address]} [administrative distance]

Example:


Device(config)# ipv6 route 2001:0DB8::/32 gigabitethernet2/0/1 130

Configures a static IPv6 route.

  • ipv6-prefix —The IPv6 network that is the destination of the static route. It can also be a hostname when static host routes are configured.

  • /prefix lengthThe length of the IPv6 prefix. A decimal value that shows how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address). A slash mark must precede the decimal value.

  • ipv6-address —The IPv6 address of the next hop that can be used to reach the specified network. The IPv6 address of the next hop need not be directly connected; recursion is done to find the IPv6 address of the directly connected next hop. The address must be in the form documented in RFC 2373, specified in hexadecimal using 16-bit values between colons.

  • interface-id —Specifies direct static routes from point-to-point and broadcast interfaces. With point-to-point interfaces, there is no need to specify the IPv6 address of the next hop. With broadcast interfaces, you should always specify the IPv6 address of the next hop, or ensure that the specified prefix is assigned to the link, specifying a link-local address as the next hop. You can optionally specify the IPv6 address of the next hop to which packets are sent.

Note 

You must specify an interface-id when using a link-local address as the next hop (the link-local next hop must also be an adjacent router).

  • administrative distance —(Optional) An administrative distance. The range is 1 to 254; the default value is 1, which gives static routes precedence over any other type of route except connected routes. To configure a floating static route, use an administrative distance greater than that of the dynamic routing protocol.

Step 3

end

Example:


Device(config)# end

Returns to privileged EXEC mode.

Step 4

Use one of the following:

  • show ipv6 static [ ipv6-address | ipv6-prefix/prefix length ] [interface interface-id ] [detail]][recursive] [detail]
  • show ipv6 route static [updated]

Example:

Device# show ipv6 static 2001:0DB8::/32 interface gigabitethernet2/0/1

or

Device# show ipv6 route static

Verifies your entries by displaying the contents of the IPv6 routing table.

  • interface interface-id —(Optional) Displays only those static routes with the specified interface as an egress interface.

  • recursive —(Optional) Displays only recursive static routes. The recursive keyword is mutually exclusive with the interface keyword, but it can be used with or without the IPv6 prefix included in the command syntax.

  • detail —(Optional) Displays this additional information:
    • For valid recursive routes, the output path set, and maximum resolution depth.

    • For invalid routes, the reason why the route is not valid.

Step 5

copy running-config startup-config

Example:


Device# copy running-config startup-config

(Optional) Saves your entries in the configuration file.

Enabling IPv6 PBR on an Interface

To enable Policy-Based Routing (PBR) for IPv6, you must create a route map that specifies the packet match criteria and desired policy-route action. Then you associate the route map on the required interface. All packets arriving on the specified interface that match the match clauses will be subject to PBR.

In PBR, the set vrf command decouples the virtual routing and forwarding (VRF) instance and interface association and allows the selection of a VRF based on access control list (ACL)-based classification using existing PBR or route-map configurations. It provides a single router with multiple routing tables and the ability to select routes based on ACL classification. The router classifies packets based on ACL, selects a routing table, looks up the destination address, and then routes the packet.

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. route-map map-tag [permit | deny ] [sequence-number ]
  4. Do one of the following:
    • match length minimum-length maximum-length
    • match ipv6 address {prefix-list prefix-list-name | access-list-name }
  5. Do one of the following:
    • set ipv6 precedence precedence-value
    • set ipv6 next-hop global-ipv6-address [global-ipv6-address... ]
    • set interface type number [...type number]
    • set ipv6 default next-hop global-ipv6-address [global-ipv6-address... ]
    • set default interface type number [...type number]
    • set vrf vrf-name
  6. exit
  7. interface type number
  8. ipv6 policy route-map route-map-name
  9. end

DETAILED STEPS

  Command or Action Purpose
Step 1

enable

Example:


Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

route-map map-tag [permit | deny ] [sequence-number ]

Example:


Device(config)# route-map rip-to-ospf permit

Defines the conditions for redistributing routes from one routing protocol into another, or enables policy routing, and enters route-map configuration mode.

Step 4

Do one of the following:

  • match length minimum-length maximum-length
  • match ipv6 address {prefix-list prefix-list-name | access-list-name }

Example:


Device(config-route-map)# match length 3 200

Example:


Device(config-route-map)# match ipv6 address marketing

Specifies the match criteria.

  • You can specify any or all of the following:
    • Matches the Level 3 length of the packet.
    • Matches a specified IPv6 access list.
    • If you do not specify a match command, the route map applies to all packets.
Step 5

Do one of the following:

  • set ipv6 precedence precedence-value
  • set ipv6 next-hop global-ipv6-address [global-ipv6-address... ]
  • set interface type number [...type number]
  • set ipv6 default next-hop global-ipv6-address [global-ipv6-address... ]
  • set default interface type number [...type number]
  • set vrf vrf-name

Example:


Device(config-route-map)# set ipv6 precedence 1

Example:


Device(config-route-map)# set ipv6 next-hop 2001:DB8:2003:1::95

Example:


Device(config-route-map)# set interface GigabitEthernet 0/0/1

Example:


Device(config-route-map)# set ipv6 default next-hop 2001:DB8:2003:1::95

Example:


Device(config-route-map)# set default interface GigabitEthernet 0/0/0

Example:


Device(config-route-map)# set vrf vrfname 

Specifies the action or actions to take on the packets that match the criteria.

  • You can specify any or all of the following:
    • Sets precedence value in the IPv6 header.
    • Sets next hop to which to route the packet (the next hop must be adjacent).
    • Sets output interface for the packet.
    • Sets next hop to which to route the packet, if there is no explicit route for this destination.
    • Sets output interface for the packet, if there is no explicit route for this destination.
    • Sets VRF instance selection within a route map for a policy-based routing VRF selection.
Step 6

exit

Example:


Device(config-route-map)# exit

Exits route-map configuration mode and returns to global configuration mode.

Step 7

interface type number

Example:


Device(config)# interface FastEthernet 1/0

Specifies an interface type and number, and places the router in interface configuration mode.

Step 8

ipv6 policy route-map route-map-name

Example:


Device(config-if)# ipv6 policy-route-map interactive

Identifies a route map to use for IPv6 PBR on an interface.

Step 9

end

Example:


Device(config-if)# end

Exits interface configuration mode and returns to privileged EXEC mode.

Enabling Local PBR for IPv6

Packets that are generated by the device are not normally policy routed. Perform this task to enable local IPv6 policy-based routing (PBR) for such packets, indicating which route map the device should use.

To enable Local PBR for IPv6, perform this procedure:

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. ipv6 local policy route-map route-map-name
  4. end

DETAILED STEPS

  Command or Action Purpose
Step 1

enable

Example:

Device> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

ipv6 local policy route-map route-map-name

Example:

Device(config)# ipv6 local policy route-map pbr-src-90

Configures IPv6 PBR for packets generated by the device.

Step 4

end

Example:

Device(config)# end

Returns to privileged EXEC mode.

Configuring RIP for IPv6 (CLI)

Before configuring the switch to run IPv6 RIP, you must enable routing by using the ip routing global configuration command, enable the forwarding of IPv6 packets by using the ipv6 unicast-routing global configuration command, and enable IPv6 on any Layer 3 interfaces on which IPv6 RIP is to be enabled.

For more information about configuring RIP routing for IPv6, see the “Implementing RIP for IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com,

Procedure

  Command or Action Purpose
Step 1

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 2

ipv6 router rip name

Example:


Device(config)# ipv6 router rip cisco

Configures an IPv6 RIP routing process, and enters router configuration mode for the process.

Step 3

maximum-paths number-paths

Example:


Device(config-router)# maximum-paths 6

(Optional) Define the maximum number of equal-cost routes that IPv6 RIP can support. The range is from 1 to 32, and the default is 16 routes.

Step 4

exit

Example:


Device(config-router)# exit

Returns to global configuration mode.

Step 5

interface interface-id

Example:


Device(config)# interface gigabitethernet 1/0/1

Enters interface configuration mode, and specifies the Layer 3 interface to configure.

Step 6

ipv6 rip name enable

Example:


Device(config-if)# ipv6 rip cisco enable

Enables the specified IPv6 RIP routing process on the interface.

Step 7

ipv6 rip name default-information {only | originate}

Example:


Device(config-if)# ipv6 rip cisco default-information only

(Optional) Originates the IPv6 default route (::/0) into the RIP routing process updates sent from the specified interface.

Note 

To avoid routing loops after the IPv6 default route (::/0) is originated from any interface, the routing process ignores all default routes received on any interface.

  • only —Select to originate the default route, but suppress all other routes in the updates sent on this interface.

  • originate —Select to originate the default route in addition to all other routes in the updates sent on this interface.

Step 8

end

Example:


Device(config)# end

Returns to privileged EXEC mode.

Step 9

Use one of the following:

  • show ipv6 rip [name] [ interfaceinterface-id] [ database ] [ next-hops ]
  • show ipv6 rip

Example:

Device# show ipv6 rip cisco interface gigabitethernet2/0/1 

or

Device# show ipv6 rip

  • Displays information about current IPv6 RIP processes.

  • Displays the current contents of the IPv6 routing table.

Step 10

copy running-config startup-config

Example:


Device# copy running-config startup-config

(Optional) Saves your entries in the configuration file.

Configuring OSPF for IPv6 (CLI)

You can customize OSPF for IPv6 for your network. However, the defaults for OSPF in IPv6 are set to meet the requirements of most customers and features.

Follow these guidelines:

  • Be careful when changing the defaults for IPv6 commands. Changing the defaults might adversely affect OSPF for the IPv6 network.

  • Before you enable IPv6 OSPF on an interface, you must enable routing by using the ip routing global configuration command, enable the forwarding of IPv6 packets by using the ipv6 unicast-routing global configuration command, and enable IPv6 on Layer 3 interfaces on which you are enabling IPv6 OSPF.

For more information about configuring OSPF routing for IPv6, see the “Implementing OSPF for IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

Procedure

  Command or Action Purpose
Step 1

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 2

ipv6 router ospf process-id

Example:


Device(config)# ipv6 router ospf 21

Enables OSPF router configuration mode for the process. The process ID is the number assigned administratively when enabling the OSPF for IPv6 routing process. It is locally assigned and can be a positive integer from 1 to 65535.

Step 3

area area-id range {ipv6-prefix/prefix length} [advertise | not-advertise] [cost cost]

Example:


Device(config)# area .3 range 2001:0DB8::/32 not-advertise

(Optional) Consolidates and summarizes routes at an area boundary.

  • area-id —Identifier of the area about which routes are to be summarized. It can be specified as either a decimal value or as an IPv6 prefix.

  • ipv6-prefix/prefix length —The destination IPv6 network and a decimal value that shows how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address). A slash mark (/) must precede the decimal value.

  • advertise —(Optional) Sets the address range status to advertise and generate a Type 3 summary link-state advertisement (LSA).

  • not-advertise —(Optional) Sets the address range status to DoNotAdvertise. The Type 3 summary LSA is suppressed, and component networks remain hidden from other networks.

  • cost cost —(Optional) Sets the metric or cost for this summary route, which is used during OSPF SPF calculation to determine the shortest paths to the destination. The value can be 0 to 16777215.

Step 4

maximum paths number-paths

Example:


Device(config)# maximum paths 16

(Optional) Defines the maximum number of equal-cost routes to the same destination that IPv6 OSPF should enter in the routing table. The range is from 1 to 32, and the default is 16 paths.

Step 5

exit

Example:


Device(config-if)# exit

Returns to global configuration mode.

Step 6

interface interface-id

Example:


Device(config)# interface gigabitethernet 1/0/1

Enters interface configuration mode, and specifies the Layer 3 interface to configure.

Step 7

ipv6 ospf process-id area area-id [instance instance-id]

Example:


Device(config-if)# ipv6 ospf 21 area .3

Enables OSPF for IPv6 on the interface.

  • instance instance-id —(Optional) Instance identifier.

Step 8

end

Example:


Device(config)# end

Returns to privileged EXEC mode.

Step 9

Use one of the following:

  • show ipv6 ospf [ process-id ] [ area-id ] interface [ interface-id ]
  • show ipv6 ospf [ process-id ] [ area-id ]

Example:

Device# show ipv6 ospf 21 interface gigabitethernet2/0/1

or

Device# show ipv6 ospf 21

  • Displays information about OSPF interfaces.

  • Displays general information about OSPF routing processes.

Step 10

copy running-config startup-config

Example:


Device# copy running-config startup-config

(Optional) Saves your entries in the configuration file.

Configuring EIGRP for IPv6

Before configuring the switch to run IPv6 EIGRP, enable routing by entering the ip routing global configuration command, enable the forwarding of IPv6 packets by entering the ipv6 unicast-routing global configuration command, and enable IPv6 on any Layer 3 interfaces on which you want to enable IPv6 EIGRP.

To set an explicit router ID, use the show ipv6 eigrp command to see the configured router IDs, and then use the router-id command.

As with EIGRP IPv4, you can use EIGRPv6 to specify your EIGRP IPv6 interfaces and to select a subset of those as passive interfaces. Use the passive-interface command to make an interface passive, and then use the no passive-interface command on selected interfaces to make them active. EIGRP IPv6 does not need to be configured on a passive interface.

For more configuration procedures, see the “Implementing EIGRP for IPv6” chapter in the Cisco IOS IPv6 Configuration Library on Cisco.com.

Configuring IPv6 Unicast Reverse Path Forwarding

The unicast Reverse Path Forwarding (unicast RPF) feature helps to mitigate problems that are caused by the introduction of malformed or forged (spoofed) IP source addresses into a network by discarding IP packets that lack a verifiable IP source address. For example, a number of common types of denial-of-service (DoS) attacks, including Smurf and Tribal Flood Network (TFN), can take advantage of forged or rapidly changing source IP addresses to allow attackers to thwart efforts to locate or filter the attacks. For Internet service providers (ISPs) that provide public access, Unicast RPF deflects such attacks by forwarding only packets that have source addresses that are valid and consistent with the IP routing table. This action protects the network of the ISP, its customer, and the rest of the Internet.

  • Unicast RPF is supported only in IP services.
  • Do not configure Unicast RPF if the switch is in a mixed hardware stack combining more than one switch type.

For detailed IP unicast RPF configuration information, see the Other Security Features chapter in the Cisco IOS Security Configuration Guide, Release 12.4.

Displaying IPv6

For complete syntax and usage information on these commands, see the Cisco IOS command reference publications.

Table 2. Command for Monitoring IPv6

Command

Purpose

show ipv6 access-list

Displays a summary of access lists.

show ipv6 cef

Displays Cisco Express Forwarding for IPv6.

show ipv6 interfaceinterface-id

Displays IPv6 interface status and configuration.

show ipv6 mtu

Displays IPv6 MTU per destination cache.

show ipv6 neighbors

Displays IPv6 neighbor cache entries.

show ipv6 ospf

Displays IPv6 OSPF information.

show ipv6 prefix-list

Displays a list of IPv6 prefix lists.

show ipv6 protocols

Displays a list of IPv6 routing protocols on the switch.

show ipv6 rip

Displays IPv6 RIP routing protocol status.

show ipv6 rip

Displays IPv6 RIP routing protocol status.

show ipv6 route

Displays IPv6 route table entries.

show ipv6 routers

Displays the local IPv6 routers.

show ipv6 static

Displays IPv6 static routes.

show ipv6 traffic

Displays IPv6 traffic statistics.

Table 3. Command for Displaying EIGRP IPv6 Information

Command

Purpose

show ipv6 eigrp [as-number] interface

Displays information about interfaces configured for EIGRP IPv6.

show ipv6 eigrp [as-number] neighbor

Displays the neighbors discovered by EIGRP IPv6.

show ipv6 interface[as-number] traffic

Displays the number of EIGRP IPv6 packets sent and received.

show ipv6 eigrptopology [as-number | ipv6-address] [active | all-links | detail-links | pending | summary | zero-successors | Base]

Displays EIGRP entries in the IPv6 topology table.

Configuring DHCP for IPv6 Address Assignment

Default DHCPv6 Address Assignment Configuration

By default, no DHCPv6 features are configured on the switch.

DHCPv6 Address Assignment Configuration Guidelines

When configuring DHCPv6 address assignment, consider these guidelines:

  • In the procedures, the specified interface must be one of these Layer 3 interfaces:
    • DHCPv6 IPv6 routing must be enabled on a Layer 3 interface.

    • SVI: a VLAN interface created by using the interface vlan vlan_id command.

    • EtherChannel port channel in Layer 3 mode: a port-channel logical interface created by using the interface port-channel port-channel-number command.

  • The switch can act as a DHCPv6 client, server, or relay agent. The DHCPv6 client, server, and relay function are mutually exclusive on an interface.

  • The DHCPv6 client, server, or relay agent runs only on the master switch. When there is a stack master re-election, the new master switch retains the DHCPv6 configuration. However, the local RAM copy of the DHCP server database lease information is not retained.

Enabling DHCPv6 Server Function (CLI)

Use the no form of the DHCP pool configuration mode commands to change the DHCPv6 pool characteristics. To disable the DHCPv6 server function on an interface, use the no ipv6 dhcp server interface configuration command.

Beginning in privileged EXEC mode, follow these steps to enable the DHCPv6 server function on an interface.

Procedure

  Command or Action Purpose
Step 1

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 2

ipv6 dhcp pool poolname

Example:


Device(config)# ipv6 dhcp pool 7

Enters DHCP pool configuration mode, and define the name for the IPv6 DHCP pool. The pool name can be a symbolic string (such as Engineering) or an integer (such as 0).

Step 3

address prefix IPv6-prefix {lifetime} {t1 t1 | infinite}

Example:


Device(config-dhcpv6)# address prefix 2001:1000::0/64 lifetime 3600

(Optional) Specifies an address prefix for address assignment.

This address must be in hexadecimal, using 16-bit values between colons.

lifetime t1 t1 —Specifies a time interval (in seconds) that an IPv6 address prefix remains in the valid state. The range is 5 to 4294967295 seconds. Specify infinite for no time interval.

Step 4

link-address IPv6-prefix

Example:


Device(config-dhcpv6)# link-address 2001:1002::0/64

(Optional) Specifies a link-address IPv6 prefix.

When an address on the incoming interface or a link-address in the packet matches the specified IPv6 prefix, the server uses the configuration information pool.

This address must be in hexadecimal, using 16-bit values between colons.

Step 5

vendor-specific vendor-id

Example:


Device(config-dhcpv6)# vendor-specific 9

(Optional) Enters vendor-specific configuration mode and specifies a vendor-specific identification number. This number is the vendor IANA Private Enterprise Number. The range is 1 to 4294967295.

Step 6

suboption number {address IPv6-address | ascii ASCII-string | hex hex-string}

Example:


Device(config-dhcpv6-vs)# suboption 1 address 1000:235D::

(Optional) Enters a vendor-specific suboption number. The range is 1 to 65535. Enter an IPv6 address, ASCII text, or a hex string as defined by the suboption parameters.

Step 7

exit

Example:


Device(config-dhcpv6-vs)# exit

Returns to DHCP pool configuration mode.

Step 8

exit

Example:


Device(config-dhcpv6)# exit

Returns to global configuration mode.

Step 9

interface interface-id

Example:


Device(config)# interface gigabitethernet 1/0/1

Enters interface configuration mode, and specifies the interface to configure.

Step 10

ipv6 dhcp server [poolname | automatic] [rapid-commit] [preference value] [allow-hint]

Example:


Device(config-if)# ipv6 dhcp server automatic

Enables DHCPv6 server function on an interface.

  • poolname —(Optional) User-defined name for the IPv6 DHCP pool. The pool name can be a symbolic string (such as Engineering) or an integer (such as 0).

  • automatic —(Optional) Enables the system to automatically determine which pool to use when allocating addresses for a client.

  • rapid-commit —(Optional) Allows two-message exchange method.

  • preference value —(Optional) Configures the preference value carried in the preference option in the advertise message sent by the server. The range is from 0 to 255. The preference value default is 0.

  • allow-hint —(Optional) Specifies whether the server should consider client suggestions in the SOLICIT message. By default, the server ignores client hints.

Step 11

end

Example:


Device(config)# end

Returns to privileged EXEC mode.

Step 12

Do one of the following:

  • show ipv6 dhcp pool
  • show ipv6 dhcp interface

Example:

Device# show ipv6 dhcp pool

or

Device# show ipv6 dhcp interface

  • Verifies DHCPv6 pool configuration.

  • Verifies that the DHCPv6 server function is enabled on an interface.

Step 13

copy running-config startup-config

Example:


Device# copy running-config startup-config

(Optional) Saves your entries in the configuration file.

Enabling DHCPv6 Client Function (CLI)

This task explains how to enable the DHCPv6 client on an interface.

Procedure

  Command or Action Purpose
Step 1

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 2

interface interface-id

Example:


Device(config)# interface gigabitethernet 1/0/1

Enters interface configuration mode, and specifies the interface to configure.

Step 3

ipv6 address dhcp [rapid-commit]

Example:


Device(config-if)# ipv6 address dhcp rapid-commit

Enables the interface to acquire an IPv6 address from the DHCPv6 server.

rapid-commit —(Optional) Allow two-message exchange method for address assignment.

Step 4

ipv6 dhcp client request [vendor-specific]

Example:


Device(config-if)# ipv6 dhcp client request vendor-specific

(Optional) Enables the interface to request the vendor-specific option.

Step 5

end

Example:


Device(config)# end

Returns to privileged EXEC mode.

Step 6

show ipv6 dhcp interface

Example:


Device# show ipv6 dhcp interface

Verifies that the DHCPv6 client is enabled on an interface.

Configuration Examples for IPv6 Unicast Routing

Configuring IPv6 Addressing and Enabling IPv6 Routing: Example

This example shows how to enable IPv6 with both a link-local address and a global address based on the IPv6 prefix 2001:0DB8:c18:1::/64. The EUI-64 interface ID is used in the low-order 64 bits of both addresses. Output from the show ipv6 interface EXEC command is included to show how the interface ID (20B:46FF:FE2F:D940) is appended to the link-local prefix FE80::/64 of the interface.


Device(config)# ipv6 unicast-routing
Device(config)# interface gigabitethernet1/0/11
Device(config-if)# no switchport
Device(config-if)# ipv6 address 2001:0DB8:c18:1::/64 eui 64
Device(config-if)# end
Device# show ipv6 interface gigabitethernet1/0/11
GigabitEthernet1/0/11 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::20B:46FF:FE2F:D940
  Global unicast address(es):
  2001:0DB8:c18:1:20B:46FF:FE2F:D940, subnet is 2001:0DB8:c18:1::/64 [EUI]
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:FF2F:D940
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds
  ND advertised reachable time is 0 milliseconds
  ND advertised retransmit interval is 0 milliseconds
  ND router advertisements are sent every 200 seconds
  ND router advertisements live for 1800 seconds
  Hosts use stateless autoconfig for addresses.

Configuring Default Router Preference: Example

This example shows how to configure a DRP of high for the router on an interface.


Device# configure terminal
Device(config)# interface gigabitethernet1/0/1
Device(config-if)# ipv6 nd router-preference high
Device(config-if)# end

Configuring IPv4 and IPv6 Protocol Stacks: Example

This example shows how to enable IPv4 and IPv6 routing on an interface.



Device(config)# ip routing
Device(config)# ipv6 unicast-routing
Device(config)# interface fastethernet1/0/11
Device(config-if)# no switchport
Device(config-if)# ip address 192.168.99.1 255.255.255.0
Device(config-if)# ipv6 address 2001:0DB8:c18:1::/64 eui 64
Device(config-if)# end

Enabling DHCPv6 Server Function: Example

This example shows how to configure a pool called engineering with an IPv6 address prefix:


Device# configure terminal
Device(config)# ipv6 dhcp pool engineering
Device(config-dhcpv6)#address prefix 2001:1000::0/64
Device(config-dhcpv6)# end

This example shows how to configure a pool called testgroup with three link-addresses and an IPv6 address prefix:


Device# configure terminal
Device(config)# ipv6 dhcp pool testgroup
Device(config-dhcpv6)# link-address 2001:1001::0/64
Device(config-dhcpv6)# link-address 2001:1002::0/64
Device(config-dhcpv6)# link-address 2001:2000::0/48
Device(config-dhcpv6)# address prefix 2001:1003::0/64
Device(config-dhcpv6)# end

This example shows how to configure a pool called 350 with vendor-specific options:


Device# configure terminal
Device(config)# ipv6 dhcp pool 350
Device(config-dhcpv6)# address prefix 2001:1005::0/48
Device(config-dhcpv6)# vendor-specific 9
Device(config-dhcpv6-vs)# suboption 1 address 1000:235D::1
Device(config-dhcpv6-vs)# suboption 2 ascii "IP-Phone"
Device(config-dhcpv6-vs)# end

Enabling DHCPv6 Client Function: Example

This example shows how to acquire an IPv6 address and to enable the rapid-commit option:


Device(config)# interface gigabitethernet2/0/1
Device(config-if)# ipv6 address dhcp rapid-commit

Configuring IPv6 ICMP Rate Limiting: Example

This example shows how to configure an IPv6 ICMP error message interval of 50 milliseconds and a bucket size of 20 tokens.


Device(config)#ipv6 icmp error-interval 50 20

Configuring Static Routing for IPv6: Example

This example shows how to configure a floating static route to an interface with an administrative distance of 130:


Device(config)# ipv6 route 2001:0DB8::/32 gigabitethernet2/0/1 130

Example: Enabling PBR on an Interface

In the following example, a route map named pbr-dest-1 is created and configured, specifying packet match criteria and desired policy-route action. PBR is then enabled on GigabitEthernet interface 0/0/1.


ipv6 access-list match-dest-1
  permit ipv6 any 2001:DB8:2001:1760::/32
route-map pbr-dest-1 permit 10
  match ipv6 address match-dest-1
  set interface GigabitEthernet 0/0/0
interface GigabitEthernet0/0/1
  ipv6 policy-route-map interactive

Example: Enabling Local PBR for IPv6

In the following example, packets with a destination IPv6 address that match the IPv6 address range allowed by access list pbr-src-90 are sent to the device at IPv6 address 2001:DB8:2003:1::95:


ipv6 access-list src-90
  permit ipv6 host 2001:DB8:2003::90 2001:DB8:2001:1000::/64
route-map pbr-src-90 permit 10
  match ipv6 address src-90
  set ipv6 next-hop 2001:DB8:2003:1::95
ipv6 local policy route-map pbr-src-90

Configuring RIP for IPv6: Example

This example shows how to enable the RIP routing process cisco with a maximum of eight equal-cost routes and to enable it on an interface:


Device(config)# ipv6 router rip cisco
Device(config-router)# maximum-paths 8
Device(config)# exit
Device(config)# interface gigabitethernet2/0/11
Device(config-if)# ipv6 rip cisco enable

Displaying IPv6: Example

This is an example of the output from the show ipv6 interface privileged EXEC command:


Device# show ipv6 interface
Vlan1 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::20B:46FF:FE2F:D940
  Global unicast address(es):
    3FFE:C000:0:1:20B:46FF:FE2F:D940, subnet is 3FFE:C000:0:1::/64 [EUI]
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:FF2F:D940
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds
  ND advertised reachable time is 0 milliseconds
  ND advertised retransmit interval is 0 milliseconds
  ND router advertisements are sent every 200 seconds
  ND router advertisements live for 1800 seconds
<output truncated>