Monday 26 March 2012

IPv6 SLAAC - Stateless Address Auto Config


The stateless approach is used when a site is not particularly concerned with the exact addresses hosts use, so long as they are unique and properly routable. On the other hand, Dynamic Host Configuration Protocol for IPv6 (DHCPv6) [RFC3315] is used when a site requires tighter control over exact address assignments. Both stateless address autoconfiguration and DHCPv6 may be used simultaneously.

Additionally the stateless configuration does not have the capability provide DNS configuration. This can only be provided by DHCP. The stateless address allocation can only assign IPv6 address with a 64 bit prefix length (subnet mask). DHCPv6 however can assign a variable length address.

To ensure that all configured addresses are likely to be unique on a given link, nodes run a "duplicate address detection" algorithm on addresses before assigning them to an interface. The Duplicate Address Detection algorithm is performed on all addresses, independently of whether they are obtained via stateless autoconfiguration or DHCPv6.


64 bit Prefix

Router R1 (simulating a host on the subnet) config

ipv6 unicast-routing
!
interface Ethernet0/0
 no ip address
 ipv6 address autoconfig
!





Router R2 config


ipv6 unicast-routing

!
interface Ethernet0/0
 no ip address
 ipv6 address 2001:2002::1/64
!

The debug output from R1 below shows that it autoconfigures an ipv6 address one it receives R2 Router Advertisement (RA). Additionally it performs a duplicate address detection for both the link local and autoconfigured address.

*Mar 19 17:51:08.122: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up
*Mar 19 17:51:09.122: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to up
*Mar 19 17:51:09.602: ICMPv6-ND: Received RA from FE80::A8BB:CCFF:FE00:6600 on Ethernet0/0
*Mar 19 17:51:09.602: ICMPv6-ND: Autoconfiguring 2001:2002::A8BB:CCFF:FE00:6500 on Ethernet0/0
*Mar 19 17:51:10.122: IPv6-Addrmgr-ND: DAD: FE80::A8BB:CCFF:FE00:6500 is unique.
*Mar 19 17:51:10.122: ICMPv6-ND: Sending NA for FE80::A8BB:CCFF:FE00:6500 on Ethernet0/0
*Mar 19 17:51:10.122: ICMPv6-ND: L3 came up on Ethernet0/0
*Mar 19 17:51:10.122: IPv6-Addrmgr-ND: DAD request for 2001:2002::A8BB:CCFF:FE00:6500 on Ethernet0/0
*Mar 19 17:51:10.122: ICMPv6-ND: Sending NS for 2001:2002::A8BB:CCFF:FE00:6500 on Ethernet0/0
*Mar 19 17:51:10.122: ICMPv6-ND: Linklocal FE80::A8BB:CCFF:FE00:6500 on Ethernet0/0, Up




Non 64 bit Prefix
Repeating this with a prefix length other than /64 on R2 shows that the RA is ignored. The new R2 config is

ipv6 unicast-routing

!
interface Ethernet0/0
 no ip address
 ipv6 address 2001:2002::1/63
!

The debug shows the following:

*Mar 19 18:04:51.822: ICMPv6-ND: Received RA from FE80::A8BB:CCFF:FE00:6600 on Ethernet0/0
*Mar 19 18:04:52.350: IPv6-Addrmgr-ND: DAD: FE80::A8BB:CCFF:FE00:6500 is unique.
*Mar 19 18:04:52.350: ICMPv6-ND: Sending NA for FE80::A8BB:CCFF:FE00:6500 on Ethernet0/0
*Mar 19 18:04:52.350: ICMPv6-ND: L3 came up on Ethernet0/0
*Mar 19 18:04:52.350: ICMPv6-ND: Linklocal FE80::A8BB:CCFF:FE00:6500 on Ethernet0/0, Up
*Mar 19 18:04:52.350: ICMPv6-ND: Created RA context for FE80::A8BB:CCFF:FE00:6500
*Mar 19 18:04:52.350: ICMPv6-ND: Request to send RA for FE80::A8BB:CCFF:FE00:6500
*Mar 19 18:04:52.350: ICMPv6-ND: Sending RA from FE80::A8BB:CCFF:FE00:6500 to FF02::1 on Ethernet0/0


64 bit Prefix (with default route)


 Router R1 config

ipv6 unicast-routing
!
interface Ethernet0/0
 no ip address
 ipv6 address autoconfig default
!



The debug output from R1 below the route is automatically installed.


shows that it autoconfigures an ipv6 address one it receives R2 Router Advertisement (RA). Additionally it performs a duplicate address detection for both the link local and autoconfigured address.


*Mar 19 20:25:33.541: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to up
*Mar 19 20:25:33.541: ICMPv6-ND: L2 came up on Ethernet0/0
*Mar 19 20:25:33.541: IPv6-Addrmgr-ND: DAD request for FE80::A8BB:CCFF:FE00:6500 on Ethernet0/0
*Mar 19 20:25:33.541: ICMPv6-ND: Sending NS for FE80::A8BB:CCFF:FE00:6500 on Ethernet0/0
*Mar 19 20:25:33.581: ICMPv6-ND: ND output feature SEND executed on 3 - rc=0
*Mar 19 20:25:33.581: ICMPv6: Sent N-Solicit, Src=::, Dst=FF02::1:FF00:6500
*Mar 19 20:25:33.861: ICMPv6-ND: Sending RS on Ethernet0/0
*Mar 19 20:25:33.901: ICMPv6-ND: ND output feature SEND executed on 3 - rc=0
*Mar 19 20:25:33.901: ICMPv6: Sent R-Solicit, Src=::, Dst=FF02::2
*Mar 19 20:25:33.941: ICMPv6: Received R-Advert, Src=FE80::A8BB:CCFF:FE00:6600, Dst=FF02::1
*Mar 19 20:25:33.941: ICMPv6-ND: ND input feature SEND executed on 3 - rc=0
*Mar 19 20:25:33.941: ICMPv6-ND: Received RA from FE80::A8BB:CCFF:FE00:6600 on Ethernet0/0
*Mar 19 20:25:33.941: ICMPv6-ND: Glean FE80::A8BB:CCFF:FE00:6600 on Ethernet0/0
*Mar 19 20:25:33.941: ICMPv6-ND: Neighbour FE80::A8BB:CCFF:FE00:6600 on Ethernet0/0 : LLA aabb.cc00.6600
*Mar 19 20:25:33.941: ICMPv6-ND: INCMP -> STALE: FE80::A8BB:CCFF:FE00:6600
*Mar 19 20:25:33.941: ICMPv6-ND: Selected new default router FE80::A8BB:CCFF:FE00:6600 on Ethernet0/0
*Mar 19 20:25:33.941: ICMPv6-ND: Installed default to FE80::A8BB:CCFF:FE00:6600 on Ethernet0/0
*Mar 19 20:25:33.941: ICMPv6-ND: Autoconfiguring 2001:2002::A8BB:CCFF:FE00:6500 on Ethernet0/0
*Mar 19 20:25:34.561: IPv6-Addrmgr-ND: DAD: FE80::A8BB:CCFF:FE00:6500 is unique.
*Mar 19 20:25:34.561: ICMPv6-ND: Sending NA for FE80::A8BB:CCFF:FE00:6500 on Ethernet0/0
*Mar 19 20:25:34.561: ICMPv6-ND: L3 came up on Ethernet0/0
*Mar 19 20:25:34.561: IPv6-Addrmgr-ND: DAD request for 2001:2002::A8BB:CCFF:FE00:6500 on Ethernet0/0



64 bit Prefix (with default route & DNS)
Router R1 config

ipv6 unicast-routing
!
interface Ethernet0/0
 no ip address
 ipv6 address autoconfig default
!



Router R2 Config

ipv6 unicast-routing
!
ipv6 dhcp pool myp
 dns-server 2001:1::1
 domain-name ipv6test.net
!
 ipv6 address 2001:2002::1/64
 ipv6 nd other-config-flag
 ipv6 dhcp server myp




The debug output is


*Mar 19 20:38:41.221: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up
<snip --> output as above>
*Mar 19 20:38:43.869: IPv6 DHCP: Sending INFORMATION-REQUEST to FF02::1:2 on Ethernet0/0
*Mar 19 20:38:43.869: IPv6 DHCP: Received REPLY from FE80::A8BB:CCFF:FE00:6600 on Ethernet0/0
*Mar 19 20:38:43.869: IPv6 DHCP: Adding server FE80::A8BB:CCFF:FE00:6600
*Mar 19 20:38:43.869: IPv6 DHCP: Processing options
R1#
*Mar 19 20:38:43.869: IPv6 DHCP: Configuring DNS server 2001:1::1
*Mar 19 20:38:43.869: IPv6 DHCP: Configuring domain name ipv6test.net
*Mar 19 20:38:43.869: IPv6 DHCP: DHCPv6 changes state from INFORMATION-REQUEST to IDLE (REPLY_RECEIVED) on Ethernet0/0


R1#show run | i domain
ip domain list ipv6test.net


R1#ping test.net
Translating "test.net"...domain server (2001:1::1)
% Unrecognized host or address, or protocol not running.

I cant find any other way of checking these settings? Do you have any ideas?
















No comments:

Post a Comment