Professional Documents
Culture Documents
Rick Graziani
Cabrillo College
Rick.Graziani@cabrillo.edu
Got
IPv6?
STEAL MY
STUFF!
Shameless plug:
www.cabrillo.edu/~rgraziani/ipv6.html
By Rick Graziani
ISBN-10: 1-58714-313-5
Username = cisco
Password = perlman
By Rick Graziani
ISBN-10: 1-58720-457-6
Stateful vs Stateless
DHCPv6
Server
STATEFUL: I need
an IPv6 address
from someone who
is keeping track of
who has what
address.
STATELESS: I will
come up with my own
IPv6 address. No
one will keep track of
what address I have.
IHey!
mightI can
not even
do that!
be
needed.
Manual
Dynamic
Stateless
Static
Static + EUI 64
IPv6
unnumbered
Stateful
SLAAC
DHCPv6
SLAAC +
DHCPv6
DHCPv6-PD
DHCP Server
DHCP Client
Here is your IPv4
address, subnet mask,
default gateway and
DNS server addresses.
ICMPv6
ICMPv6 Router
Router Advertisement
Advertisement
ICMPv6
ICMPv6 Router
Router Solicitation
Solicitation
Multicast: To all
IPv6 routers, I need
IPv6 address
information
DHCPv6
Server
Multicast: To all
IPv6 devices,
I might not even be
let me tell you how
needed.
to do this
An ICMPv6 Router Advertisement (RA) suggests to all IPv6 devices on the
link how it will receive IPv6 Address Information.
Sent periodically by an IPv6 router or
when the router receives a Router Solicitation message from a host.
Routers can be configured with IPv6 addresses without being an IPv6 router.
2001:DB8:CAFE:1::1/64
FE80::1
Router
2001:DB8:CAFE:1::1/64
FE80::1
IPv6 Router
ICMPv6
ICMPv6 Router
Router
Advertisement
Advertisement
RIPng
RIPng OSPFv3
OSPFv3
EIGRP
EIGRP for
for IPv6
IPv6
Forward
Forward IPv6
IPv6 Packets
Packets
DHCPv6
DHCPv6 Server
RA
RA
RA Message Options
ICMPv6
ICMPv6 Router
Router Advertisement
Advertisement
Option
Option 1,
1, 2,
2, or
or 3
3
DHCPv6
Server
Other Configuration
(O) Flag
Managed Configuration
(M) Flag
2001:DB8:CAFE:1::/64
1
2
RA
Prefix: 2001:DB8:CAFE:1::
Prefix-length: /64
Default Gateway: FE80::1
Prefix-length: /64
Note: Domain name and DNS server list
may be included if router (and end system)
support RFC 6106 IPv6 RA Options for
DNS Configuration.
DHCPv6 Server
3 EUI-64 Process or
Random 64-bit value
SLAAC: Interface ID
/64
/48
16-bit
Global Routing Prefix
Subnet ID
Operating
System
Windows XP,
Server 2003
EUI-64
Linux
64-bit Interface ID
Random
64-bit
SLAAC
Windows Vista
and newer
MAC OSX
DHCPv6 Server
EUI-64 Process
2001:DB8:CAFE:1::/64
1
2
RA
Prefix: 2001:DB8:CAFE:1::
Prefix-length: /64
Default Gateway: FE80::1
Prefix-length: /64
Note: Domain name and DNS server list
may be included if router (and end system)
support RFC 6106 IPv6 RA Options for
DNS Configuration.
DHCPv6 Server
3 EUI-64 Process or
Random 64-bit value
00
19
D2
8C
E0
4C
Insert FF-FE
00
19
D2
FF
FE
8C
E0
4C
00
19
D2
FF
FE
8C
E0
4C
FF
FE
8C
E0
4C
0000 0010
0000
02
19
D2
Verifying SLAAC
on the PC Using
EUI-64
Router Advertisement
EUI-64
PC> ipconfig
Windows IP Configuration
Ethernet adapter Local Area Connection:
IPv6 Address. . . . . . . . : 2001:db8:cafe:1:0219:d2ff:fe8c:e04c
Link-local IPv6 Address . . : fe80::0219:d2ff:fe8c:e04c
Default Gateway
. . . . . : fe80::1
EUI-64
Windows Vista
and newer
MAC OSX
Linux
Random
64-bit
DHCPv6 Server
64-bit Interface ID
SLAAC
EUI-64 Process
Verifying SLAAC
on the PC Using
Privacy Extension
Router Advertisement
EUI-64
PC-Windows7> ipconfig
Windows IP Configuration
Ethernet adapter Local Area Connection:
No FF-FE
IPv6 Address. . . . . . . . : 2001:db8:cafe:1:50a5:8a35:a5bb:66e1
Link-local IPv6 Address . . : fe80::50a5:8a35:a5bb:66e1
Default Gateway
. . . . . : fe80::1
G0/1
2001:DB8:CAFE:1::/64
ICMPv6
ICMPv6 Router
Router Advertisement
Advertisement
Prefix
Prefix and
and other
other information
information
DNS Server
2001:DB8:CAFE:1::99
Neighbor
Neighbor Solicitation
Solicitation
Not received = unique address
Received = duplicate address
Neighbor
Neighbor Advertisement?
Advertisement?
RS
IPv4
IPv6
R1
Here is an
IPv6 prefix
and
gateway
Rogue
RA
IPv4
IPv6
I need an
IPv6 prefix
DHCPv6
Global Unicast
Manual
Dynamic
Stateless
Static
IPv6
unnumbered
Similar to IPv4 unnumbered
Static + EUI 64
Stateful
SLAAC
DHCPv6
SLAAC +
DHCPv6
DHCPv6-PD
Stateless DHCPv6
RA Message
DHCPv6
DHCPv6 Server
RA
RA
RA Message Options
ICMPv6
ICMPv6 Router
Router Advertisement
Advertisement
Option
Option 1,
1, 2,
2, or
or 3
3
Option
Other Configuration
(O) Flag
DHCPv6
Server
Managed Configuration
(M) Flag
Stateless
DHCP
Server
ICMPv6
ICMPv6 Router
Router Advertisement
Advertisement
Option 2: Stateless DHCPv6
O Flag = 1, M Flag = 0
Stateless
DHCPv6
2001:DB8:CAFE:1::/64
1
2
Prefix: 2001:DB8:CAFE:1::
RA
Prefix-length: /64
Prefix-length: /64
DHCPv6
For DNS
EUI-64 Process or
Random 64-bit value
G0/0
:1
2001:DB8:CAFE:1/64
RA
RA
O
O=
=1
1
DHCPv6
Router(config)#ipv6unicastrouting
Router(config)#ipv6dhcppoolIPV6STATELESS
Router(configdhcpv6)#dnsserver2001:DB8:CAFE:9::99
Router(configdhcpv6)#domainnamewww.example.com
Router(config)#interfaceGigabitEthernet0/0
Router(configif)#ipv6address2001:DB8:CAFE:1::1/64
Router(configif)#ipv6addressFE80::1linklocal
Router(configif)#ipv6ndotherconfigflag
Router(configif)#ipv6dhcpserverIPV6STATELESS
G0/0
:1
2001:DB8:CAFE:1/64
RA
RA
O
O=
=1
1
DHCPv6
PC>ipconfig/all
PhysicalAddress....:00219B880E40
Random 64 bits
IPv6Address......:2001:db8:cafe:1:6909:cb1c:36a0:a595
DefaultGateway....:fe80::1
DNSServers......:2001:db8:cafe:9::99
ConnectionspecificDNSSuffixSearchList:www.example.com
G0/0
:1
2001:DB8:CAFE:1/64
RA
RA
O
O=
=1
1
DHCPv6
Router#showipv6interfacegigabitethernet0/0
GigabitEthernet0/0isup,lineprotocolisup
IPv6isenabled,linklocaladdressisFE80::1
Globalunicastaddress(es):
2001:DB8:CAFE:1::1,subnetis2001:DB8:CAFE:1::/64
<Outputomitted>
Hostsusestatelessautoconfigforaddresses.
HostsuseDHCPtoobtainotherconfiguration.
Router#
Stateful DHCPv6
RA Message
DHCPv6
DHCPv6 Server
RA
RA
RA Message Options
ICMPv6
ICMPv6 Router
Router Advertisement
Advertisement
Option
Option 1,
1, 2,
2, or
or 3
3
Option
Other Configuration
(O) Flag
DHCPv6
Server
Managed Configuration
(M) Flag
ICMPv6
ICMPv6 Router
Router Advertisement
Advertisement
Stateful
DHCP Server
Stateless
DHCPv6
ICMPv6
ICMPv6 RA
RA
M
M Flag
Flag =
=1
1
A
A Flag
Flag =
=1
10
DHCPv6
DHCPv6 Server
Option
Managed
Configuration
(M) Flag
Address
Autoconfiguration
(A) Flag
1 (default)
Prefix in RA can
be used for
SLAAC
Yes
DHCPv6
DHCPv
6
Server
DHCPv6
DHCPv
6
Server
no-autoconfig (Optional) Indicates to hosts on the local link that the specified
prefix cannot be used for IPv6 autoconfiguration (SLAAC).
The prefix will be advertised with the A-bit clear (autonomous addressconfiguration flag).
Stateful DHCPv6
2001:DB8:CAFE:2::/64
1
2
RA
Prefix-length: /64
Managed Configuration Flag: 1
Autonomous Address Flag: 0
DHCPv6
G0/1
:1
2001:DB8:CAFE:2/64
RA
RA
M
=1
Router(config)#ipv6unicastroutingM = 1
DHCPv6
Can be a /64
Router(config)#ipv6dhcppoolIPV6STATEFUL
Router(configdhcpv6)#addressprefix2001:DB8:CAFE:2:DEED::/80
Router(configdhcpv6)#dnsserver2001:DB8:CAFE:9::99
Router(configdhcpv6)#domainnamewww.example.com
Router(config)#interfaceGigabitEthernet0/1
Router(configif)#ipv6address2001:DB8:CAFE:2::1/64
Router(configif)#ipv6addressFE80::1linklocal
Router(configif)#ipv6ndmanagedconfigflag
Router(configif)#ipv6dhcpserverIPV6STATEFUL
2001:DB8:CAFE:2::/64
2001:DB8:CAFE:2:0:0:0:0
2001:DB8:CAFE:2:FFFF:FFFF:FFFF:FFFF
/64
Available
addresses for this
network
/80
2001:DB8:CAFE:2:DEED::/80
INCLUDED assigned
addresses will have
2001:DB8:CAFE:2:DEED:0:0:0
these 80 bits.
2001:DB8:CAFE:2:DEED:0:0:1
All other addresses
2001:DB8:CAFE:2:DEED:0:0:2...are EXCLUDED
G0/1
:1
2001:DB8:CAFE:2/64
RA
RA
M
M=
=1
1
DHCPv6
PC>ipconfig/all
PhysicalAddress....:00219B880E40
IPv6Address......:2001:db8:cafe:2:deed:2de8:cfd8:5
DefaultGateway....:fe80::1
DNSServers......:2001:db8:cafe:9::99
ConnectionspecificDNSSuffixSearchList:www.example.com
G0/1
:1
2001:DB8:CAFE:2/64
RA
RA
M
M=
=1
1
DHCPv6
Router#showipv6interfacegigabitethernet0/1
GigabitEthernet0/1isup,lineprotocolisup
IPv6isenabled,linklocaladdressisFE80::1
Globalunicastaddress(es):
2001:DB8:CAFE:2::1,subnetis2001:DB8:CAFE:2::/64
<outputomitted>
HostsuseDHCPtoobtainroutableaddresses.
Router#
ISP
DHCPv4
G0/1
Public IPv4 Address
for the interface
G0/1
HOME
DHCPv4
G0/0
Private IPv4 Address
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
ISP only has to deliver a public IPv4 address for Home router interface.
DHCPv4 and RFC 1918 private address space is used for home
network.
NAT is used for translation but has its drawbacks!
No NAT between private-public IPv6 (always in debate)
Requesting
Router (RR)
G0/1
DHCPv6-PD
DHCPv6-PD REQUEST
REQUEST
2
2
1
1
3
3
RA
RA with
with prefix
prefix
DHCPv6-PD
DHCPv6-PD REPLY
REPLY
www.cabrillo.edu/~rgraziani/ipv6.html