Contents

• Configuring IPv6 Client IP Address Learning
• Prerequisites for IPv6 Client Address Learning
• Information About IPv6 Client Address Learning
• SLAAC Address Assignment
• Stateful DHCPv6 Address Assignment
• Static IP Address Assignment
• Binding Table Manager
• RA Guard
• RA Throttling
• Neighbor Discovery
• Neighbor Solicitation
• How To Configure IPv6 Client Address Learning
• Configuring IPv6 Snooping (CLI)
• Configuring IPv6 on Switch
• Configuring DHCP Pool
• Configuring Stateless Auto Address Configuration (without DHCP)
• Configuring Stateless Auto Address Configuration (with DHCP)
• Configuring Stateful DHCP
• Verifying IPv6 Client Address Learning
• Verifying IPv6 Address Learning Configuration
• Debugging IPv6 Address Learning
• Monitoring Client Address Learning
• Viewing Interfaces Configured for IPv6 Address Learning
• Viewing IPv6 Address Learning
• Viewing RA Throttling and NS Suppression
• Configuration Example for IPv6 Client Address Learning
• Creating a DHCP Scope
• Enabling IPv6 on a Interface and Providing IPv6 Addresses to DHCP Clients

Configuring IPv6 Client IP Address Learning

---

Prerequisites for IPv6 Client Address Learning

Before configuring IPv6 client address learning, configure the wireless clients to support IPv6.

Information About IPv6 Client Address Learning

Client Address Learning is configured on switch to learn the wireless client's IPv4 and IPv6 address and clients transition state maintained by the switch on an association, re-association, de-authentication and timeout.

There are three ways for IPv6 client to acquire IPv6 addresses:

• Stateless Address Auto-Configuration (SLACC)
• Stateful DHCPv6
• Static Configuration

For all of these methods, the IPv6 client always sends neighbor solicitation DAD (Duplicate Address Detection) request to ensure there is no duplicate IP address on the network. The switch snoops the client's NDP and DHCPv6 packets to learn about its client IP addresses.

• SLAAC Address Assignment
• Stateful DHCPv6 Address Assignment
• Static IP Address Assignment
• Binding Table Manager
• RA Guard
• RA Throttling
• Neighbor Discovery
• Neighbor Solicitation

SLAAC Address Assignment

The most common method for IPv6 client address assignment is Stateless Address Auto-Configuration (SLAAC). SLAAC provides simple plug-and-play connectivity where clients self-assign an address based on the IPv6 prefix. This process is achieved when the IPv6 router sends out periodic Router Advertisement (RA) messages, which inform the client of the IPv6 prefix in use (the first 64 bits) and the IPv6 default gateway. From this point, clients can generate the remaining 64 bits of their IPv6 address based on two algorithms:

• EUI-64 which is based on the MAC address of the interface, or
• Private addresses that are randomly generated.

The choice of algorithm is up to the client and is often configurable. Duplicate Address Detection is performed by IPv6 clients in order to ensure that random addresses that are picked do not collide with other clients. The address of the router sending advertisements is used as the default gateway for the client.

Figure 1. SLAAC Address Assignment

The following Cisco IOS configuration commands from a Cisco-capable IPv6 router are used to enable SLAAC addressing and router advertisements:

ipv6 unicast-routing
ipv6 dhcp pool IPV6_DHCPPOOL
interface Vlan20
description IPv6-SLAAC
ip address 192.168.20.1 255.255.255.0
ipv6 address 2001:DB8:0:20::1/64
ipv6 enable
ipv6 nd other-config-flag
ipv6 dhcp server IPV6_DHCPPOOL
end

Stateful DHCPv6 Address Assignment

Figure 2. Stateful DHCPv6 Address Assignment

The use of DHCPv6 is not required for IPv6 client connectivity if SLAAC is already deployed. There are two modes of operation for DHCPv6 called Stateless and Stateful.

The DHCPv6 Stateless mode is used to provide clients with additional network information that is not available in the router advertisement, but not an IPv6 address as this is already provided by SLAAC. This information can include the DNS domain name, DNS server(s), and other DHCP vendor-specific options. This interface configuration is for a Cisco IOS IPv6 router implementing stateless DHCPv6 with SLAAC enabled:

ipv6 unicast-routing
ipv6 dhcp pool IPV6_DHCPPOOL
address prefix 2001:db8:5:10::/64
domain-name cisco.com
dns-server 2001:db8:6:6::1
interface Vlan20
description IPv6-DHCP-Stateless
ip address 192.168.20.1 255.255.255.0
ipv6 nd other-config-flag
ipv6 dhcp server IPV6_DHCPPOOL
ipv6 address 2001:DB8:0:20::1/64
end

The DHCPv6 Stateful option, also known as managed mode, operates similarly to DHCPv4 in that it assigns unique addresses to each client instead of the client generating the last 64 bits of the address as in SLAAC. This interface configuration is for a Cisco IOS IPv6 router implementing stateful DHCPv6 with SLAAC disabled:

ipv6 unicast-routing
ipv6 dhcp pool IPV6_DHCPPOOL
address prefix 2001:db8:5:10::/64
domain-name cisco.com
dns-server 2001:db8:6:6::1
interface Vlan20
description IPv6-DHCP-Stateful
ip address 192.168.20.1 255.255.255.0
ipv6 address 2001:DB8:0:20::1/64
ipv6 nd prefix 2001:DB8:0:20::/64 no-advertise
ipv6 nd managed-config-flag
ipv6 nd other-config-flag
ipv6 nd other-config-flag
ipv6 dhcp server IPV6_DHCPPOOL
end

Static IP Address Assignment

Statically configured address on a client.

Binding Table Manager

The binding-table manager used by the switch is responsible for managing the L2/L3 binding table. The entry life-cycle is driven by a finite state machine. An entry is created as INCOMPLETE, moves to REACHABLE when binding is known, moves back and forth from REACHABLE to VERIFY if tracking is enabled, at some point moves to STALE when the client stops talking, and finally the entry is deleted.

The important states in a binding table follow:

• Incomplete – An entry is set in this state when it does not have the L3/L2 binding yet
• Reachable – An entry is moved to REACHABLE state when L3 to L2 address mapping is obtained when snooping the RS, NS, NA or DHCP packets from a client
• Verify – An entry is moved into this state, when L3/L2 binding is known but must be verified. This state is reached when tracking is enabled
• Stale – An entry is moved into this state, when the binding table manager does not hear any packets from the client for the configured reachable timer
• Down – An entry is set in this state when the interface, from where the packet is received, goes down

RA Guard

IPv6 clients configure IPv6 addresses and populate their router tables based on IPv6 router advertisement (RA) packets. The RA guard feature is similar to the RA guard feature of wired networks. RA guard increases the security of the IPv6 network by dropping the unwanted or rogue RA packets that come from wireless clients. If this feature is not configured, malicious IPv6 clients could announce themselves as the router for the network often with high priority, which would take higher precedence over legitimate IPv6 routers.

RA-Guard also examines the incoming RA's and decides whether to switch or block them based solely on information found in the message or in the L2-device configuration. The information available in the frames received is useful for RA validation:

• Port on which the frame is received
• IP source address
• Prefix list

The following configuration information created on the L2-device is available to RA-Guard to validate against the information found in the received RA frame:

• Allowed/Disallowed ports for receiving RA-guard messages
• Allowed/Disallowed IP source addresses of RA-sender
• Allowed Prefix list and Prefix ranges
• Control Router Preference

RA guard occurs at the switch. You can configure the switch to drop RA messages at the access point or at the switch. All IPv6 RA messages are dropped, which protects other wireless clients and upstream wired network from malicious IPv6 clients.

RA Throttling

RA throttling allows the controller to enforce limits to RA packets headed toward the wireless network. By enabling RA throttling, routers that send many RA packets can be trimmed to a minimum frequency that will still maintain an IPv6 client connectivity. If a client sends an RS packet, an RA is sent back to the client. This RA is allowed through the controller and unicasted to the client. This process ensures that the new clients or roaming clients are not affected by the RA throttling.

Neighbor Discovery

IPv6 Neighbor Discovery is a set of messages and processes that determine relationships between neighboring nodes. Neighbor Discovery replaces ARP, ICMP Router Discovery, and ICMP Redirect used in IPv4.

IPv6 Neighbor Discovery inspection analyzes neighbor discovery messages in order to build a trusted binding table database, and IPv6 neighbor discovery packets that do not comply are dropped. The neighbor binding table in the switch tracks each IPv6 address and its associated MAC address. Clients are expired from the table according to Neighbor Binding timers.

Neighbor Solicitation

The IPv6 addresses of wireless clients are cached by the switch. If the switch receives an NS multicast looking for an IPv6 address, which belongs to any of the wireless clients of the switch, the switch acts as the proxy and replies with the NA.

Note	The switch acts like proxy and respond with NA, only when the ipv6 nd suppress command is configured

If the switch does not have the IPv6 address of a wireless client, the switch will not respond with NA and forward the NS packet to the wireless side. To resolve this, an NS Multicast Forwarding knob is provided. If this knob is enabled, the switch gets the NS packet for the IPv6 address that it does not have (cache miss) and forwards it to the wireless side. This packet reaches the intended wireless client and the client replies with NA.

This cache miss scenario occurs rarely, and only very few clients which do not implement complete IPv6 stack may not advertise their IPv6 address during NDP.

How To Configure IPv6 Client Address Learning

Configuring IPv6 Snooping (CLI)

IPv6 snooping must always be enabled on the switch and the controller.

Before You Begin

Enable IPv6 on the client machine.

SUMMARY STEPS

1.    vlan configuration 1


2.    ipv6 snooping


3.    ipv6 nd suppress


4.    exit

DETAILED STEPS

	Command or Action	Purpose
Step 1	vlan configuration 1 Example: Switch(config)# vlan configuration 1	Enters Vlan configuration mode.
Step 2	ipv6 snooping Example: Switch(config-vlan)# ipv6 snooping	Enables IPv6 snooping on the Vlan.
Step 3	ipv6 nd suppress Example: Switch(config-vlan-config)# ipv6 nd suppress	Enables the IPv6 ND suppress on the Vlan.
Step 4	exit Example: Switch(config-vlan-config)# exit	Saves the configuration and comes out of the Vlan configuration mode.

Configuring IPv6 on Switch

Use this configuration example to configure IPv6 on an interface.

Before You Begin

Enable IPv6 on the client and IPv6 support on the wired infrastructure.

SUMMARY STEPS

1.    interface vlan 1


2.    ip address fe80::1 link-local


3.    ipv6 enable


4.    end

DETAILED STEPS

	Command or Action	Purpose
Step 1	interface vlan 1 Example: Switch(config)# interface vlan 1	Creates a interface and enters interface configuration mode.
Step 2	ip address fe80::1 link-local Example: Switch(config-if)# ip address 198.51.100.1 255.255.255.0 Switch(config-if)# ipv6 address fe80::1 link-local Switch(config-if)# ipv6 address 2001:DB8:0:1:FFFF:1234::5/64 Switch(config-if)# ipv6 address 2001:DB8:0:0:E000::F/64	Configures IPv6 address on the interface using the link-local option.
Step 3	ipv6 enable Example: Switch(config)# ipv6 enable	(Optional) Enables IPv6 on the interface.
Step 4	end Example: Switch(config)# end	Exits from the interface mode.

Configuring DHCP Pool

SUMMARY STEPS

1.    ipv6 dhcp pool Vlan21


2.    address prefix 2001:DB8:0:1:FFFF:1234::/64 lifetime 300 10


3.    dns-server 2001:100:0:1::1


4.    domain-name example.com


5.    end

DETAILED STEPS

	Command or Action	Purpose
Step 1	ipv6 dhcp pool Vlan21 Example: Switch(config)# ipv6 dhcp pool vlan1	Enters the configuration mode and configures the IPv6 DHCP pool on the Vlan.
Step 2	address prefix 2001:DB8:0:1:FFFF:1234::/64 lifetime 300 10 Example: Switch(config-dhcpv6)# address prefix 2001:DB8:0:1:FFFF:1234::/64 lifetime 300 10	Enters the configuration-dhcp mode and configures the address pool and its lifetime on a Vlan.
Step 3	dns-server 2001:100:0:1::1 Example: Switch(config-dhcpv6)# dns-server 2001:20:21::1	Configures the DNS servers for the DHCP pool.
Step 4	domain-name example.com Example: Switch(config-dhcpv6)# domain-name example.com	Configures the domain name to complete unqualified host names.
Step 5	end Example: Switch(config)# end	Returns to privileged EXEC mode. Alternatively, you can also press Ctrl-z to exit global configuration mode.

Configuring Stateless Auto Address Configuration (without DHCP)

SUMMARY STEPS

1.    interface vlan 1


2.    ip address fe80::1 link-local


3.    ipv6 enable


4.    no ipv6 nd managed-config-flag


5.    no ipv6 nd other-config-flag


6.    end

DETAILED STEPS

	Command or Action	Purpose
Step 1	interface vlan 1 Example: Switch(config)# interface vlan 1	Creates a interface and enters interface configuration mode.
Step 2	ip address fe80::1 link-local Example: Switch(config-if)# ip address 198.51.100.1 255.255.255.0 Switch(config-if)# ipv6 address fe80::1 link-local Switch(config-if)# ipv6 address 2001:DB8:0:1:FFFF:1234::5/64 Switch(config-if)# ipv6 address 2001:DB8:0:0:E000::F/64	Configures IPv6 address on the interface using the link-local option.
Step 3	ipv6 enable Example: Switch(config)# ipv6 enable	(Optional) Enables IPv6 on the interface.
Step 4	no ipv6 nd managed-config-flag Example: Switch(config)#interface vlan 1 Switch(config-if)# no ipv6 nd managed-config-flag	Ensures the attached hosts do not use stateful autoconfiguration to obtain addresses.
Step 5	no ipv6 nd other-config-flag Example: Switch(config-if)# no ipv6 nd other-config-flag	Ensures the attached hosts do not use stateful autoconfiguration to obtain non-address options from DHCP (domain etc).
Step 6	end Example: Switch(config)# end	Returns to privileged EXEC mode. Alternatively, you can also press Ctrl-z to exit global configuration mode.

Configuring Stateless Auto Address Configuration (with DHCP)

SUMMARY STEPS

1.    interface vlan 1


2.    ip address fe80::1 link-local


3.    ipv6 enable


4.    no ipv6 nd managed-config-flag


5.    ipv6 nd other-config-flag


6.    end

DETAILED STEPS

	Command or Action	Purpose
Step 1	interface vlan 1 Example: Switch(config)# interface vlan 1	Creates a interface and enters interface configuration mode.
Step 2	ip address fe80::1 link-local Example: Switch(config-if)# ip address 198.51.100.1 255.255.255.0 Switch(config-if)# ipv6 address fe80::1 link-local Switch(config-if)# ipv6 address 2001:DB8:0:1:FFFF:1234::5/64 Switch(config-if)# ipv6 address 2001:DB8:0:0:E000::F/64	Configures IPv6 address on the interface using the link-local option.
Step 3	ipv6 enable Example: Switch(config)# ipv6 enable	(Optional) Enables IPv6 on the interface.
Step 4	no ipv6 nd managed-config-flag Example: Switch(config)#interface vlan 1 Switch(config-if)# no ipv6 nd managed-config-flag	Ensures the attached hosts do not use stateful autoconfiguration to obtain addresses.
Step 5	ipv6 nd other-config-flag Example: Switch(config-if)# no ipv6 nd other-config-flag	Ensures the attached hosts do not use stateful autoconfiguration to obtain non-address options from DHCP (domain etc).
Step 6	end Example: Switch(config)# end	Exits from the interface mode.

Configuring Stateful DHCP

SUMMARY STEPS

1.    configure terminal


2.    ipv6 dhcp pool IPv6_DHCPPOOL


3.    address prefix 2001:DB8:0:1:FFFF:1234::/64


4.    dns-server 2001:100:0:1::1


5.    domain-name example.com


6.    exit


7.    interface vlan1


8.    ipv6 nd prefix 2001:db8::/64 no-advertise


9.    ipv6 nd managed-config-flag


10.    ipv6 nd other-config-flag


11.    ipv6 dhcp server IPv6_DHCPPOOL

DETAILED STEPS

	Command or Action	Purpose
Step 1	configure terminal Example: Switch# configure terminal	Enters the global configuration mode.
Step 2	ipv6 dhcp pool IPv6_DHCPPOOL Example: Switch (config)# ipv6 dhcp pool IPv6_DHCPPOOL	Enters the configuration mode and configures the IPv6 DHCP pool on the VLAN.
Step 3	address prefix 2001:DB8:0:1:FFFF:1234::/64 Example: Switch (config-dhcpv6)# address prefix 2001:DB8:0:1:FFFF:1234::/64	Specifies the address range to provide in the pool.
Step 4	dns-server 2001:100:0:1::1 Example: Switch (config-dhcpv6)# dns-server 2001:100:0:1::1	Provides the DNS server option to DHCP clients.
Step 5	domain-name example.com Example: Switch (config-dhcpv6)# domain-name example.com	Provides the domain name option to DHCP clients.
Step 6	exit Example: Switch (config-dhcpv6)# exit	Returns to the previous mode.
Step 7	interface vlan1 Example: Switch (config)# interface vlan 1	Enters the interface mode to configure the stateful DHCP.
Step 8	ipv6 nd prefix 2001:db8::/64 no-advertise Example: Switch (config-if)# ipv6 nd prefix 2001:db8::/64 no-advertise	Configures the IPv6 routing prefix advertisement that must not be advertised.
Step 9	ipv6 nd managed-config-flag Example: Switch (config-if)# ipv6 nd managed-config-flag	Configures IPv6 interfaces neighbor discovery to allow the hosts to uses DHCP for address configuration.
Step 10	ipv6 nd other-config-flag Example: Switch (config-if)# ipv6 nd other-config-flag	Configures IPv6 interfaces neighbor discovery to allow the hosts to uses DHCP for non-address configuration.
Step 11	ipv6 dhcp server IPv6_DHCPPOOL Example: Switch (config-if)# ipv6 dhcp server IPv6_DHCPPOOL	Configures the DHCP server on the interface.

Verifying IPv6 Client Address Learning

Verifying IPv6 Address Learning Configuration

This example displays the output of the show ipv6 dhcp pool command. This command displays the IPv6 service configuration on the switch. The vlan 21 configured pool detail displays 6 clients that are currently using addresses from the pool.

SUMMARY STEPS

1.    show ipv6 dhcp pool

DETAILED STEPS

	Command or Action	Purpose
Step 1	show ipv6 dhcp pool Example: Switchshow ipv6 dhcp pool DHCPv6 pool: vlan21 Address allocation prefix: 2001:DB8:0:1:FFFF:1234::/64 valid 86400 preferred 86400 (6 in use, 0 conflicts) DNS server: 2001:100:0:1::1 Domain name: example.com Active clients: 6	Displays the IPv6 service configuration on the switch.

Debugging IPv6 Address Learning

Use the following CLI command to debug IPv6 in the switch.

	Command or Action	Purpose
Step 1	debug wcdb ipv6 Example: Switch# debug wcdb ipv6 IPv6 address all debugging is on ....... ....... ....... *Jan 3 20:06:38.096: %IOSXE-7-PLATFORM: 1 process wcm: 8853.2EDC.68EC apChanged 0 mscb ipAddr 10.10.19.121, apf RadiusOverride 0x0, numIPv6Addr=2001:db8::25:6 ....... ....... ....... *Jan 3 20:06:38.096: %IOSXE-7-PLATFORM: 1 process wcm: 8853.2EDC.68EC Applying site-specific IPv6 override for station 8853.2EDC.68EC - vapId 6, site 'default-group', interface 'VLAN0019' ....... ....... .......	This command is used to debug the switch related IPv6 details, errors, events and packets.

Monitoring Client Address Learning

Viewing Interfaces Configured for IPv6 Address Learning

Use this command to see the interfaces configured for IPv6 address learning.

SUMMARY STEPS

1.    show ipv6 dhcp interface

DETAILED STEPS

	Command or Action	Purpose
Step 1	show ipv6 dhcp interface Example: Switch (config)# show ipv6 dhcp interface Vlan21 is in server mode Using pool: vlan21 Preference value: 0 Hint from client: ignored Rapid-Commit: disabled

Viewing IPv6 Address Learning

Use this command to monitor the IPv6 address learning and neighbor discovery.

	Command or Action	Purpose
Step 1	show ipv6 dhcp binding Example: Switch# show ipv6 dhcp binding	Displays the IPv6 dhcp binding details.
Step 2	show ipv6 dhcp relay binding Example: Switch# show ipv6 dhcp relay binding	Displays the IPv6 dhcp relay binding details.

Switch (config)# show ipv6 dhcp binding
Client: FE80::99BC:7B03:D2FB:C301 (Vlan19)
DUID: 000100011864E60700188BBF6407
IA NA: IA ID 0x0F88532E, T1 43200, T2 69120
Address: FC00:19:1:0:48DB:C050:B209:83EC
preferred lifetime 86400, valid lifetime 172800
expires at Jan 06 2013 01:37 PM (172747 seconds)


Switch (config)# show ipv6 dhcp relay binding  
Summary:
Total number of Relay bindings = 0
Total number of Relay bindings added by Bulk lease = 0

Viewing RA Throttling and NS Suppression

Use this command to see the iRA throttling and NS suppression details.

SUMMARY STEPS

1.    show ipv6 nd raguard Mypolicy


2.    show ipv6 nd ra-throttler policy Mythrottle

DETAILED STEPS

	Command or Action	Purpose
Step 1	show ipv6 nd raguard Mypolicy Example: Switch (config)# show ipv6 nd raguard Mypolicy	Shows the IPv6 neighbor discovery RA details.
Step 2	show ipv6 nd ra-throttler policy Mythrottle Example: Switch (config)# show ipv6 nd ra-throttler policy Mythrottler	Shows the IPv6 neighbor RA throttle details.

Switch (config)# show ipv6 nd raguard Mypolicy
Policy Mypolicy configuration: 
trusted-port
device-role router
Policy Mypolicy is applied on the following targets: 
Target               Type  Policy               Feature        Target range
Te1/0/3              PORT  Mypolicy             RA guard       vlan all
vlan 19              VLAN  Mypolicy             RA guard       vlan all
vlan 20              VLAN  Mypolicy             RA guard       vlan all
vlan 21              VLAN  Mypolicy             RA guard       vlan all
vlan 23              VLAN  Mypolicy             RA guard       vlan all


Switch (config)# show ipv6 nd ra-throttler policy Mythrottler
Policy Mythrottle configuration: 
The throttle period is set to 20 seconds
Capped at no more than 5 unthrottled RAs per throttle period
The policy allows at least 3 and at most 5 RAs per router
The behaviour upon RAs with an RFC 3775 interval option is inherited and defaults to passthrough
Policy Mythrottle is applied on the following targets: 
Target               Type  Policy               Feature        Target range
vlan 19              VLAN  Mythrottle           RA throttler   vlan all
vlan 20              VLAN  Mythrottle           RA throttler   vlan all
vlan 21              VLAN  Mythrottle           RA throttler   vlan all
vlan 23              VLAN  Mythrottle           RA throttler   vlan all

Configuration Example for IPv6 Client Address Learning

Creating a DHCP Scope

This example configures an IPv6 DHCP scope named vlan21. This DHCP scope provides IPv6 addresses in the 2001:DB8:0:1:FFFF:1234::/64 subnet. The validity and preferred validity of each IPv6 address provided is set to one day (86400 seconds, or 24 hours). The DHCP scope also provide a dns-server IPv6 address option (2001:100:0:1::1), and the domain name for the scope.

SUMMARY STEPS

1.    configure terminal


2.    ipv6 dhcp pool vlan21


3.    address prefix 2001:DB8:0:1:FFFF:1234::/64 lifetime 86400 86400


4.    dns-server2001:100:0:1::1


5.    domain-name example.com


6.    exit

DETAILED STEPS

	Command or Action	Purpose
Step 1	configure terminal Example: Switch# configure terminal	Enters the global configuration mode.
Step 2	ipv6 dhcp pool vlan21 Example: Switch (config)# ipv6 dhcp pool Vlan21	Enters the configuration mode and configures the IPv6 DHCP pool on the VLAN.
Step 3	address prefix 2001:DB8:0:1:FFFF:1234::/64 lifetime 86400 86400 Example: Switch (config-dhcp)# address prefix 2001:DB8:0:1:FFFF:1234::/64 lifetime 86400 86400	Enters the configuration-dhcp mode and configures the address pool and its lifetime on a VLAN.
Step 4	dns-server2001:100:0:1::1 Example: Switch (config-dhcp)# dns-server 2001:100:0:1::1	Configures the DNS servers for the DHCP pool.
Step 5	domain-name example.com Example: Switch (config-dhcp)# domain-name example.com	Configures the domain name to complete unqualified host names.
Step 6	exit Example: Switch (config-dhcp)# exit	Returns to the previous mode.

Enabling IPv6 on a Interface and Providing IPv6 Addresses to DHCP Clients

This example configures IPv6 on interface VLAN 21. The first address (fe80::1) is a link local address, the second address (2001:db8:0:1:ffff:1234::1/64) is a global unicast address. IPv6 DHCP clients requesting for address in VLAN 21 are directed to the DHCP pool vlan21. The switch informs IPv6 hosts in VLAN 21 that the DHCP scope provided supports stateful auto-configuration (nd managed-config-flag), and can also provide non-address options, such as domain name or dns server (nd other-config-flag).

SUMMARY STEPS

1.    interface vlan 21


2.    ipv6 address fe80::1 link-local


3.    ipv6 address 2001:db8:0:1:ffff:1234::1/64


4.    ipv6 dhcp server vlan 21


5.    ipv6 nd managed-config-flag


6.    ipv6 nd other-config-flag

DETAILED STEPS

	Command or Action	Purpose
Step 1	interface vlan 21 Example: Switch(config)# interface vlan 21	Enters the configuration mode and configures the IPv6 DHCP pool on the VLAN 21.
Step 2	ipv6 address fe80::1 link-local Example: Switch (config-if)# ip address fe80::1 link-local	Configures the IPv6 link local address on VLAN 21.
Step 3	ipv6 address 2001:db8:0:1:ffff:1234::1/64 Example: Switch (config-if)# ipv6 address 2001:db8:0:1:ffff:1234::1/64	Configures the IPv6 global unicast address on VLAN 21.
Step 4	ipv6 dhcp server vlan 21 Example: Switch(config-if)# ipv6 dhcp server vlan21	Directs the IPv6 clients requesting for an address in VLAN 21 to the DHCP pool vlan21.
Step 5	ipv6 nd managed-config-flag Example: Switch (config-if)# ipv6 nd managed-config-flag	Informs the IPv6 hosts in VLAN 21 about the DHCP scope supports stateful auto-configuration.
Step 6	ipv6 nd other-config-flag Example: Switch(config-if)# ipv6 nd other-config-flag	Provides for non-address options, such as domain name or dns server.