ipv6 for ccna

H A N O I C T T N E T W O R K I N G A C A D E M YBuilding Scalable Cisco Internetworks v5.0

ww

w.h

an

oic

tt.c

om

Chapter 8IPv6


ww

w.h

an

oic

tt.c

om

Objects

• Upon completion of this module, the student will be able tp perform task following:– Explaining IPv6– IPv6 Addressing– Dynamic IPv6 Addressing– IPv6 Routing– Implementing and Verifying OSPFv3– Using IPv6 and IPv4– IPv6 Lab Exercises

http://w

http://w


ww

w.h

an

oic

tt.c

om

Explaining IPv6


ww

w.h

an

oic

tt.c

om

Why Do We Need a Larger Address Space?• Internet population

– Approximately 973 million users in November 2005– Emerging population and geopolitical and address space

• Mobile users– PDA, pen-tablet, notepad, and so on – Approximately 20 million in 2004

• Mobile phones– Already 1 billion mobile phones delivered by the industry

• Transportation– 1 billion automobiles forecast for 2008– Internet access in planes – Example: Lufthansa

• Consumer devices– Sony mandated that all its products be IPv6-enabled by 2005– Billions of home and industrial appliances

Cisco Systems currently supports IPv6 in Cisco IOS Software Release 12.2(2)T and later.

http://w

http://w


ww

w.h

an

oic

tt.c

om

IPv6 Advanced Features

Larger address space• Global reachability and flexibility• Aggregation• Multihoming• Autoconfiguration• Plug-and-play (Neighbor

Discovery Protocol – NDP)• End to end without NAT• RenumberingMobility and security• Mobile IP RFC-compliant• IPsec mandatory

(or native) for IPv6

Simpler header• Routing efficiency• Performance and forwarding

rate scalability• No broadcasts• No checksums• Extension headers• Flow labels

Transition richness• Dual stack• 6to4 tunnels• Translation


ww

w.h

an

oic

tt.c

om

Larger Address Space

IPv4• 32 bits or 4 bytes long

– 4,200,000,000 possible addressable nodesIPv6• 128 bits or 16 bytes: four times the bits of IPv4

– 3.4 * 1038 possible addressable nodes– 340,282,366,920,938,463,374,607,432,768,211,456– 5 * 1028 addresses per person

~=~=~=

~=

http://w

http://w


ww

w.h

an

oic

tt.c

om

Larger Address Space Enables Address Aggregation

• Aggregation of prefixes announced in the global routing table• Efficient and scalable routing• Improved bandwidth and functionality for user traffic


ww

w.h

an

oic

tt.c

om

IPv6 Addressing

http://w

http://w


ww

w.h

an

oic

tt.c

om

Simple and Efficient Header

A simpler and more efficient header means:• 64-bit aligned fields and fewer fields• Hardware-based, efficient processing• Improved routing efficiency and performance• Faster forwarding rate with better scalability


ww

w.h

an

oic

tt.c

om

IPv4 and IPv6 Header Comparison

• The IPv6 header has 40 octets, in contrast to the 20 octets in IPv4. • IPv6 has a smaller number of fields, and the header is 64-bit aligned to enable

fast processing by current processors.

http://w

http://w


ww

w.h

an

oic

tt.c

om

IPv6 Extension Headers

Simpler and more efficient header means:• IPv6 has extension headers.• It handles the options more efficiently.• It enables faster forwarding rate and end nodes processing.


ww

w.h

an

oic

tt.c

om

IPv6 Address Representation

Format:• x:x:x:x:x:x:x:x, where x is a 16-bit hexadecimal field

– Case-insensitive for hexadecimal A, B, C, D, E, and F• Leading zeros in a field are optional:

– 2031:0:130F:0:0:9C0:876A:130B• Successive fields of 0 can be represented as ::, but only once per address.• Examples:

– 2031:0000:130F:0000:0000:09C0:876A:130B– 2031:0:130f::9c0:876a:130b– 2031:0:130f::9c:876a:130b – incorrect– 2031::130f::9c0:876a:130b – incorrect– FF01:0:0:0:0:0:0:1 FF01::1– 0:0:0:0:0:0:0:1 ::1– 0:0:0:0:0:0:0:0 ::

X16 Bit

X16 Bit

X16 Bit

X16 Bit

X16 Bit

X16 Bit

X16 Bit

X16 Bit

http://w

http://w


ww

w.h

an

oic

tt.c

om

IPv6 Address TypesIPv6 uses:• Unicast

– Identifies a single interface– One-to-one communication, packets addressed to a unicast address are delivered to a

single interface.– IPv6 has several types (for example, global and IPv4 mapped).

• Multicast (FF00/8):– Identifies multiple interfaces– One-to-many communication, packets addressed to a multicast address are delivered to all

interfaces that are identified by the address– Enables more efficient use of the network– Uses a larger address range

• Anycast– Allocated from global unicast address space.– Identifies multiple interfaces– One-to-one-of-many communication, packets addressed to an anycast address are

delivered to a single interface, the nearest interface that is identified by the address. The “nearest” interface is defined as being closest in terms of routing distance

– All anycast nodes should provide uniform service.– Source devices send packets to anycast address.– Routers decide on closest device to reach that destination.– Suitable for load balancing and content delivery services.

The IPv6 unicast address space encompasses the entire IPv6 address range, with the exception ofFF00::/8 (1111 1111), which is used for multicast addresses.

In all cases, IPv6 addresses identify interfaces, not nodes. A node is identified by any unicast address assigned to one of its interfaces.


ww

w.h

an

oic

tt.c

om

IPv6 Unicast Addressing• Unicast: One to one communication

– Global (2000::/3):• 2001::/16 is available for the production of the IPv6 Internet. Prefix 2002::/16 is reserved for

nodes using the 6to4 transition mechanism. 3FFE::/16 is the prefix used on the 6bone for testing purposes.

• Globally unique, so it can be routed globally with no modification. • A global address has an unlimited scope on the worldwide Internet. • Packets with global source and destination addresses are routed to their target destination

by the routers on the Internet.– Link local (FE80:/10):

• Scope is configured to single link. • The address is unique only on this link, and it is not routable off the link.• Equivalent to Automatic Private IP Addressing (APIPA) IPv4 addresses autoconfigured on

computers running current Microsoft Windows operating systems using the 169.254.0.0/16 prefix -> automatically configured.

– Site local (FEC0:/10):• The scope of a site-local address is the site: Printers, Intranet servers, Network switches,

bridges, gateways, wireless access points, and so on• Site-local addresses are equivalent to the IPv4 private address space (10.0.0.0/8,

172.16.0.0/12, and 192.168.0.0/16). • Must be assigned either through stateless or stateful address configuration processes• The IETF is currently working on removing or replacing site-local addresses.• are designed for devices that will never communicate with the global IPv6 Internet.

• A single interface may be assigned multiple IPv6 addresses of any type: unicast, anycast, or multicast.

http://w

http://w


ww

w.h

an

oic

tt.c

om

Special IPv6 Addresses

The multicast prefix is used for multicast addressesFf00::/8

The link-local prefix specifies that the address only is valid in the local physical link. This analogous to the AutoconfigurationIP address 169.254.0.0/16 in IPv4

Fe80:/10

This prefix is typically used as an example in documentation (RFC3849), anywhere an example IPv6 address is given

2001:db8::/32

The loopback address is a localhost address. If an application in a host sends packets to this address, the IPv6 stack will loop these packets back to the same host (corresponding to 127.0.0.1 in IPv4)

::1/128

The address with all zeros in unspecified address, and is to be used only on software

::/128

DescriptionSpecial IPv6 Addresses


ww

w.h

an

oic

tt.c

om

Global Unicast Addresses

• Fixed portion set to 001 –The current global unicast address assignment by the Internet Assigned Numbers Authority (IANA) uses the range of addresses that start with binary value 001 (2000::/3), which is one-eighth of the total IPv6 address space and is the largest block of assigned block addresses.

• Global Routing Prefix – Indicates the global routing prefix for a specific organization's site. The combination of the three fixed bits and the 45-bit Global Routing Prefix is used to create a 48-bit site prefix, which is assigned to an individual site of an organization. Once assigned, routers on the IPv6 Internet forward IPv6 traffic matching the 48-bit prefix to the routers of the organization's site.

• Subnet ID – The Subnet ID is used within an organization's site to identify subnets. The size of this field is 16 bits. The organization's site can use these 16 bits within its site to create 65,536 subnets or multiple levels of addressing hierarchy and an efficient routing infrastructure.

• Interface ID – Indicates the interface on a specific subnet within the site. The size of this field is 64 bits.

http://w

http://w


ww

w.h

an

oic

tt.c

om

Global Unicast Addresses

• The public topology is the collection of larger and smaller ISPs that provide access to the IPv6 Internet.

• The site topology is the collection of subnets within an organization’s site. • The interface identifier identifies a specific interface on a subnet within an

organization’s site.


ww

w.h

an

oic

tt.c

om

IPv6 Global Unicast (and Anycast) Addresses

IPv6 has same address format for global unicast and for anycast.• Uses a global routing prefix—a structure that enables aggregation upward,

eventually to the ISP.• A single interface may be assigned multiple addresses of any type (unicast,

anycast, multicast).• Every IPv6-enabled interface must contain at least one loopback (::1/128) and one

link-local address.• Optionally, every interface can have multiple unique local and global addresses.• Anycast address is a global unicast address assigned to a set of interfaces

(typically on different nodes).• IPv6 anycast is used for a network multihomed to several ISPs that have multiple

connections to each other.

http://w

http://w


ww

w.h

an

oic

tt.c

om

Dynamic IPv6 Addresses


ww

w.h

an

oic

tt.c

om

Aggregatable Global Unicast Addresses

• An IPv6 address has two parts:– A subnet prefix representing the network to which the interface is

connected. The subnet prefix is a fixed 64-bit length for all current definitions.

– A local identifier, sometimes called a token, which uniquely identifies the host on the local network. The local identifier is always 64 bits and is dynamically created based on Layer 2 mediaand encapsulation. In the simple case of an Ethernet medium, thelocal identifier is usually derived from the EUI-48 MAC address.

• Cisco uses the extended universal identifier (EUI)-64 format to do stateless autoconfiguration.

• This format expands the 48-bit MAC address to 64 bits by inserting “FFFE” into the middle 16 bits.

• To make sure that the chosen address is from a unique Ethernet MAC address, the universal/local (U/L bit) is set to 1 for global scope (0 for local scope).

http://w

http://w


ww

w.h

an

oic

tt.c

om

IEEE 802 Addresses

• Universal/Local (U/L) – is used to indicate whether the address is universally or locally administered. If the U/L bit is set to 0, the IEEE (through the designation of a unique company ID) has administered the address. If the U/L bit is set to 1, the address is locally administered. The network administrator has overridden the manufactured address and specified a different address.

• Individual/Group (I/G) – is used to indicate whether the address is an individual address (unicast) or a group address (multicast). When set to 0, the address is a unicast address. When set to 1, the address is a multicast address.

• For a typical 802.x network adapter address, both the U/L and I/G bits are set to 0, corresponding to a universally administered, unicast MAC address.


ww

w.h

an

oic

tt.c

om

IEEE EUI-64 Addresses

• The IEEE EUI-64 address represents a new standard for network interface addressing.

• The company ID is still 24-bits long, but the extension ID is 40 bits, creating a much larger address space for a network adapter manufacturer.

• The EUI-64 address uses the U/L and I/G bits in the same way as the IEEE 802 address.

http://w

http://w


ww

w.h

an

oic

tt.c

om

Mapping IEEE 802 Addresses to EIU-64 Addresses

• To create an EUI-64 address from an IEEE 802 address, the 16 bits of 11111111 11111110 (0xFFFE) are inserted into the IEEE 802 address between the company ID and the extension ID


ww

w.h

an

oic

tt.c

om

Mapping EUI-64 Addresses to IPv6 Interface Identifiers

• To obtain the 64-bit interface identifier for IPv6 unicast addresses, the U/L bit in the EUI-64 address is complemented (if it is a 1, it is set to 0; and if it is a 0, it is set to 1).

• To obtain an IPv6 interface identifier from an IEEE 802 address, you must first map the IEEE 802 address to an EUI-64 address, and then complement the U/L bit.

http://w

http://w


ww

w.h

an

oic

tt.c

om

EUI-64 to IPv6 Identifier


ww

w.h

an

oic

tt.c

om

Link-Local Address

• Interface identifiers in IPv6 addresses identify interfaces on a link. Link-local addresses can also be thought of as the host portion of an IPv6 address.

• Its uniqueness is assured only on one link, and an identical address might exist on another link, so the address is not routable off its link

• Link-local addresses have a scope limited to the link and are dynamically created on all IPv6 interfaces by using a specific link-local prefix FE80::/10 and a 64-bit interface identifierin a process called stateless autoconfiguration.

• Link-local addresses are used for automatic address configuration, neighbor discovery, and router discovery. Link-local addresses are also used by many routing protocols.

• Link-local addresses can serve as a way to connect devices on the same local network without needing global addresses.

• When communicating with a link-local address, you must specify the outgoing interface because every interface is connected to FE80::/10.

EUI-64

54 bit

http://w

http://w


ww

w.h

an

oic

tt.c

om

Stateless Autoconfiguration

• Stateless autoconfiguration is a plug-and-play feature that enables devices to automatically connect to an IPv6 network without manual configuration and without any servers (like DHCP servers).

• DHCP and DHCPv6 are known as stateful protocols because they maintain tables within dedicated servers.

• Because the prefix length is fixed and well-known (FE80::/10), a system automatically builds a link-local address during the initialization phase of IPv6 NICs.

• After uniqueness verification, this system can communicate with other IPv6 hosts on that link without any other manual intervention.


ww

w.h

an

oic

tt.c

om

Phases of Stateless Autoconfiguration

• Phase 1: An identifier is generated, supposedly unique on the link.• Phase 2: A tentative address is built.• Phase 3: The uniqueness of this address on the link is verified.• Phase 4: If unique, the address from phase 2 is assigned to the

interface. If not unique, a manual operation is necessary.

http://w

http://w


ww

w.h

an

oic

tt.c

om

Phase 1: An Identifier is Generated, Supposedly Unique on The Link.

• Although manually configurable, the most common method to obtain a unique identifier on an Ethernet link is by using the EUI-48 MAC address and applying the modified IEEE EUI-64 standard algorithm.

• For example, transforming MAC address 00-0C-29-C2-52-FF using the EUI-64 standards leads to 00-0C-29-FF-FE-C2-52-FF. – If this address is to remain local, the IPv6 notation would be

000C:29FF:FEC2:52FF. – However, if the address is to be a global unicast address, the correct

format is 020C:29FF:FEC2:52FF.


ww

w.h

an

oic

tt.c

om

Phase 2: A Tentative Address is Built.

• The well-known link-local prefix fe80::/64 is prepended to the 64-bit identifier from phase one to create the 128-bit link-local address, for example, fe80::20c:29ff:fec2:52ff.

• This address is associated with the interface and tagged “tentative.”

http://w

http://w


ww

w.h

an

oic

tt.c

om

Phase 3: The Uniqueness of This Address on The Link is Verified.

• It is necessary to verify the address’s uniqueness on the link, called duplicate address detection (DAD).

• The probability of having a duplicate address on the same link is not null, because it is recognized that some vendors have shipped batches of cards with the same MAC addresses.

• The system sends ICMPv6 packets on the link where the detection has to occur. Those packets contain neighbor solicitation messages. Their source address is the undefined address “::”, and the target address is the tentative address. – A node already using this tentative address replies with a

neighbor advertisement message. In that case, the address cannot be assigned to the interface.

– If there is no response, it is assumed that the address is unique and can be assigned to the interface. If the address is not unique it must be manipulated manually.


ww

w.h

an

oic

tt.c

om

Phase 4: If Unique, The Address From Phase 2 is Assigned to The Interface. If Not Unique, a Manual Operation is Necessary.

• This phase removes the tentative tag and formally assigns the address to the network interface. The system can now communicatewith its neighbors on the link.

• To exchange information with arbitrary systems on the global Internet, it is necessary to obtain a global prefix. Usually, but not necessarily, the identifier built during the first phase of the automatic link-local autoconfiguration process is appended to this global prefix in Phase 2.

• Generally, global prefixes are distributed to the companies or to end users by ISPs.

http://w

http://w


ww

w.h

an

oic

tt.c

om

IPv6 over Data Link Layers• The data link layer defines how IPv6 interface identifiers are created and

how neighbor discovery deals with data link layer address resolution.• IPv6 is defined on most of the current data link layers, including the

following:– Ethernet* – PPP* – High-Level Data Link Control (HDLC)*– FDDI – Token Ring – Attached Resource Computer Network (ARCNET) – Nonbroadcast multiaccess (NBMA) – ATM**– Frame Relay***– IEEE 1394

* Cisco supports these data link layers.** Cisco supports only ATM permanent virtual circuit (PVC) and ATM LAN Emulation (LANE).*** Cisco supports only Frame Relay PVC.


ww

w.h

an

oic

tt.c

om

Multicasting

• Multicasting is extremely important to IPv6, because it is at the core of many IPv6 functions.

• Multicast is frequently used in IPv6 and replaces broadcast. There is no broadcast in IPv6. There is no Time to Live (TTL) in IPv6 multicast. The scoping is defined inside the address.

• IPv6 multicast addresses are defined by the prefix FF00::/8. The second octet defines the lifetime (flag) and the scope of the multicast address.

, well-known

http://w

http://w


ww

w.h

an

oic

tt.c

om

Examples of Permanent Multicast Addresses

• FF01:: through FF0F:: are reserved, well-known addresses


ww

w.h

an

oic

tt.c

om

Solicited-Node Address

• The solicited-node address facilitates the efficient querying of network nodes during address resolution. IPv6 uses the Neighbor Solicitation message to perform address resolution. However, instead of using the local-link scope all-nodes multicast address as the Neighbor Solicitation message destination, which would disturb all IPv6 nodes on the local link, the solicited-node multicast address is used.

• The solicited-node multicast address is comprised of the prefix FF02::1:FF00:0/104 and the last 24-bits of the IPv6 address that is being resolved

104 bits

http://w

http://w


ww

w.h

an

oic

tt.c

om

Addresses That Are Not Unique • In very rare cases, the rightmost 24 bits of the unicast address of the target is not unique

on the link. Solicited–node multicast addresses are used in IPv6 for address resolutionof an IPv6 address to a MAC address on a LAN segment.

• Node A has this characteristic:– Address 2001:DB8:200:300:400:500:1234:5678

• Node B has these characteristics:– Address 2001:DB8:200:300:500:AAAA:BBBB– Solicited-node multicast address FF02:0:0:0:0:1:FFAA:BBBB (the same as node C)

• Node C has these characteristics:– Address 2001:DB8:200:300:501:AAAA:BBBB– Solicited-node multicast address FF02:0:0:0:0:1:FFAA:BBBB (the same as node B)

1. Node A desires to exchange packets with node B. Node A sends a neighbor discovery packet to the solicited-node multicast address of B, FF02:0:0:0:0:1:FFAA:BBBB. Inside the packet, in addition to other data, is the full IPv6 address that node A is looking for (2001:DB8:200:300:500:AAAA:BBBB). This is called the target address.

2. Both node B and node C are listening to the same multicast address, so they both receive and process the packet.

3. Node B sees that the target address inside the packet is its own and responds.4. Node C sees that the target address inside the packet is not its own and does not

respond.


ww

w.h

an

oic

tt.c

om

Multicast IPv6 Addresses

• With 112 bits for the Group ID, it is possible to have 2112 group IDs. However, because of the way in which IPv6 multicast addresses are mapped to Ethernet multicast MAC addresses, RFC 3513 recommends assigning the Group ID from the low order 32 bits of the IPv6 multicast address and setting the remaining original group ID bits to 0. By using only the low-order 32 bits, each group ID maps to a unique Ethernet multicast MAC address.

http://w

http://w


ww

w.h

an

oic

tt.c

om

Anycast

• An IPv6 anycast address is a global unicast address that is assigned to more than one interface.

• When a packet is sent to an anycast address, it is routed to the “nearest”interface having that address. – In a WAN scope, the nearest interface is found according to the measure

of distance of the routing protocol. – In a LAN scope, the nearest interface is found according to the first

neighbor that is learned about.• The Subnet-Router anycast address is predefined and required. It is created

from the subnet prefix for a given interface. • To construct the Subnet-Router anycast address, the bits in the subnet prefix

are fixed at their appropriate values and the remaining bits are set to 0. • All router interfaces attached to a subnet are assigned the Subnet-Router

anycast address for that subnet. The Subnet-Router anycast address is used for communication with one of multiple routers attached to a remote subnet.


ww

w.h

an

oic

tt.c

om

Anycast

• The advantage of anycast addresses is that a router always routes to the "closest" or "lowest-cost" server. So servers providing some commonly used service can be spread across a large network and traffic can be localized or scoped to the nearest server, making traffic patterns in the network more efficient. And if one server becomes unavailable, the router routes to the next nearest server. In Figure above, for example, if server C becomes unavailable due to a network or server failure, the router chooses the path to server A as the next-lowest-cost route. From the router's viewpoint, it is just choosing the next-best route to the same destination.

An anycast address represents a service that might appear on multiple devices

http://w

http://w


ww

w.h

an

oic

tt.c

om

Required IPv6 Addresses for Nodes • As soon as the node is IPv6-enabled, it has one link-local address per interface,

one loopback address, and all-nodes multicast addresses FF01::1 and FF02::1. Also, it may have one-to-many assigned aggregatable global unicast addresses and the corresponding solicited-node multicast addresses. If the node is a member of another multicast group, it may have other multicast addresses.

FF00::/8Multicast addresses of all groups to which thehost belongs

FF02::1:FFxx:xxxx, where xx:xxxx is the low-order 24-bit of each unicast oranycast address

Solicited-node multicast address for eachunicast and anycast address used

2000::/3Assigned aggregatable global unicast address

FF01::1, FF02::1All-nodes multicast addresses

::1Loopback address

FE80::/10Link-local address for each network interface

Representations of These AddressesRequired Addresses


ww

w.h

an

oic

tt.c

om

Required IPv6 Addresses for Routers• Basically, routers have all required IPv6 addresses for nodes. Then, routers have

all-routers multicast addresses FF01::2, FF02::2, and FF05::2. One subnet-router anycast address and other anycast configured addresses are required addresses for routers.

2000::/3Other anycast configured addresses

UNICAST_PREFIX:0:0:0:0Subnet-router anycast address

FF01::1, FF02::1All-nodes multicast addresses

FF01::2, FF02::2, FF05::2All-routers multicast addresses

FE80::/10, ::1, FF01::1, FF02::1, 2000::/3, FF02::1:FFxx:xxxx, FF00::/8

All required IPv6 addresses for a node

Representations of These AddressesRequired Addresses

http://w

http://w


ww

w.h

an

oic

tt.c

om

IPv6 Mobility

• Mobile IP is an IETF standard available for both IPv4 and IPv6. • Mobile IP enables mobile devices to move without breaking current connections. • In IPv6, mobility is built in, which means that any IPv6 node can use it as needed.

However, in IPv4, mobility is a new function that must be added.


ww

w.h

an

oic

tt.c

om

IPv6 Routing

http://w

http://w


ww

w.h

an

oic

tt.c

om

Static IPv6 Address Configuration

Router(config-if)#ipv6 address ipv6-address/prefix-length [link-local]

• Specifies an IPv6 address and prefix length to be assigned to the network interface.

• By default, when a site-local or aggregatable global unicast address is specified with this command, the link-local address is automatically configured. The default prefix length is 64-bit.


ww

w.h

an

oic

tt.c

om

Static IPv6 Address Configuration Example

• RouterA(config-if)#ipv6 address 2001:0410:0:1:0:0:0:1/64– The aggregatable global unicast address 2001:0410:0:1:0:0:0:1/64 is

configured on the interface.– After the completion of this command, the link-local address is

automatically configured.• RouterA(config-if)#ipv6 address FEC0:0:0:1::1/64

– The site-local address FEC0:0:0:1::1/64 is configured on the interface. – After the completion of this command, the link-local address is

automatically configured.• RouterA(config-if)#ipv6 address

FE80:0:0:0:0123:0456:0789:0abc link-local– The link-local address FE80:0:0:0:0123:0456:0789:0abc is configured

here. – This command with the link-local argument can be used to override

the default link-local address assigned by the router.

http://w

http://w


ww

w.h

an

oic

tt.c

om

Configuring the Loopback Interface

RouterA(config)#interface loopback0RouterA(config-if)#ipv6 address fec0:0:0:9::1/128• You can configure site-local or aggregatable global unicast

addresses on the loopback interface using the ipv6 address command.


ww

w.h

an

oic

tt.c

om

Static Address Configuration Using EUI-64 FormatRouter(config-if)#ipv6 address ipv6-prefix/prefix-length eui-64

• With this method, using the ipv6 address command, you can configure addresses on interfaces using EUI-64 format.

• It is important to specify the address's high-order 64-bit (IPv6 prefix). Then the router automatically completes the low-order 64-bit using EUI-64 format.

RouterA(config-if)#ipv6 address 2001:0410:0:1::/64 eui-64

• The aggregatable global unicast prefix 2001:0410:0:1::/64 is used to configure the address. The aggregatable global unicast and link-local addresses are automatically configured

RouterA(config-if)#ipv6 address FEC0:0:0:1::/64 eui-64

• The site-local prefix FEC0:0:0:1::/64 is used to configure the address. The site-local and link-local addresses are automatically configured

NOTE: You can assign multiple site-local and aggregatable global unicast IPv6addresses using this command.

http://w

http://w


ww

w.h

an

oic

tt.c

om

Enabling Only IPv6 on a Network Interface

• You can also enable just IPv6 on an interface without specifyingan aggregatable global unicast or site-local address by using the ipv6 enable command, as shown here:

Router(config-if)#ipv6 enable

• This command also automatically configures the link-local address on the interface. By default, this command is disabled.


ww

w.h

an

oic

tt.c

om

IPv6 Routing Protocols

• IPv6 routing types– Static– RIPng (RFC 2080)– OSPFv3 (RFC 2740)– IS-IS for IPv6– MP-BGP4 (RFC 2545/2858)– EIGRP for IPv6

• The ipv6 unicast-routing global command is required to enable IPv6 before any routing protocol configured.

Cisco Systems currently supports IPv6 in Cisco IOS Software Release 12.2(2)T and later.

http://w

http://w


ww

w.h

an

oic

tt.c

om

Static Routing

• Static routing with IPv6 is used and configured in the same way as IPv4.

• There is an IPv6-specific requirement per RFC 2461: A router must be able to determine the link-local address of each of its neighboring routers to ensure that the target address of a redirect message identifies the neighbor router by its link-local address.

• This requirement basically means that using a global unicastaddress as a next-hop address with routing is not recommended.


ww

w.h

an

oic

tt.c

om

Simple IPv6 Static Route Example

• Configuring Honeypot's IPv6 static routes

ipv6 unicast-routinginterface serial 0/0.2 point-to-pointipv6 address fec0:0:0:3::/64 eui-64

ipv6 route fec0::1:0:0:0:0/64 fec0::3:204:c1ff:fe50:f1c0ipv6 route fec0::a:0:0:0:0/64 fec0::3:204:c1ff:fe50:f1c0ipv6 route fec0::8:0:0:0:0/64 fec0::3:204:c1ff:fe50:f1c0

Note: The last 64 bits of each of Honeybee's interface addresses are the same. The router uses its first encountered MAC address to form the last 64 bits of the EUI-64 formatted IPv6 addresses on each of its serial interfaces.

http://w

http://w


ww

w.h

an

oic

tt.c

om

Simple IPv6 Static Route Example

• Configuring IPv6 static routes for Honeytree.ipv6 route fec0::8:0:0:0:0/64 fec0::1:204:c1ff:fe50:f1c0ipv6 route fec0::3:0:0:0:0/64 fec0::1:204:c1ff:fe50:f1c0ipv6 route fec0::5:0:0:0:0/64 fec0::1:204:c1ff:fe50:f1c0• Configuring IPv6 static routes for Honeybee.ipv6 route fec0::a:0:0:0:0/64 fec0::1:2b0:64ff:fe30:1de0ipv6 route fec0::5:0:0:0:0/64 fec0::3:230:94ff:fe24:b780


ww

w.h

an

oic

tt.c

om

IPv6 Routing TableHoneypot#show ipv6 route

Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGPU - Per-user Static routeI1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summaryO - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2

L FE80::/10 [0/0]via ::, Null0

C FEC0:0:0:3::/64 [0/0]via ::, Serial0/0.2

L FEC0::3:230:94FF:FE24:B780/128 [0/0]via ::, Serial0/0.2

S FEC0:0:0:A::/64 [1/0]via FEC0::3:204:C1FF:FE50:F1C0

S FEC0:0:0:8::/64 [1/0]via FEC0::3:204:C1FF:FE50:F1C0

S FEC0:0:0:1::/64 [1/0]via FEC0::3:204:C1FF:FE50:F1C0

C FEC0:0:0:5::/64 [0/0]via ::, Ethernet0/0

L FEC0::5:230:94FF:FE24:B780/128 [0/0]via ::, Ethernet0/0

L FF00::/8 [0/0]via ::, Null0

The "::" means that the next hop is unspecified

http://w

http://w


ww

w.h

an

oic

tt.c

om

Alternative Static Route Configuration

• Alternative static route configuration for Honeypot.ipv6 route fec0::a:0:0:0:0/64 serial 0/0.2ipv6 route fec0::8:0:0:0:0/64 serial 0/0.2ipv6 route fec0::1:0:0:0:0/64 serial 0/0.2ipv6 route fec0::20:0:0:0:0/62 Ethernet0/0FE80::2B0:64FF:FE30:1DE0


ww

w.h

an

oic

tt.c

om

IPv6 Routing TableHoneypot#show ipv6 route staticS FEC0:0:0:A::/64 [1/0]

via ::, Serial0/0.2S FEC0:0:0:8::/64 [1/0]

via ::, Serial0/0.2S FEC0:0:0:1::/64 [1/0]

via ::, Serial0/0.2S FEC0:0:0:20::/62 [1/0]

via FE80::2B0:64FF:FE30:1DE0, Ethernet0/0

• On a broadcast interface, the router must find a neighbor to which to send the packet. The router multicasts a neighbor solicitation message on the Ethernet and waits for a neighbor advertisement from the next-hop device

• For this reason, when using an exit interface to configure a static route on a broadcast network, a next-hop address must also be specified. The recommended address to use as the next-hop address is the link-local address of the next-hop router.

– link-local address is not likely to change. A link-local address will only change if the interface card, or the entire router, is replaced

– to remain consistent with the addresses routers advertise in the router advertisement messages and so that processes using those addresses, such as ICMPv6 Redirect, will operate as expected.

http://w

http://w


ww

w.h

an

oic

tt.c

om

Summary Routes

• Honeypot summarizes IPv6 static routes.

ipv6 route fec0::8:0:0:0:0/62 fec0::3:204:c1ff:fe50:f1c0

• Honeypot's two static routes can be summarized into a group consisting of fec0:0:0:8:: through fec0:0:0:b:: by changing the prefix length from 64 to 62


ww

w.h

an

oic

tt.c

om

RIPng

• Same as IPv4– Distance vector, radius of 15 hops, split horizon, and poison

reverse– Based on RIPv2

• Updated features for IPv6– IPv6 prefix, next-hop IPv6 address– Uses the multicast group FF02::9, the all-rip-routers

multicast group, as the destination address for RIP updates– Uses IPv6 for transport– Named RIPng

http://w

http://w


ww

w.h

an

oic

tt.c

om

OSPF Version 3 (OSPFv3) (RFC 2740)

• Similar to IPv4– Same mechanisms, but a major rewrite of the

internals of the protocol• Updated features for IPv6

– Every IPv4-specific semantic removed– Carry IPv6 addresses– Link-local addresses used as source– IPv6 transport– OSPF for IPv6 currently an IETF proposed

standard


ww

w.h

an

oic

tt.c

om

Integrated Intermediate System-to-Intermediate System (IS-IS)

• Same as for IPv4• Extensions for IPv6:

– Two new Type, Length, Value (TLV) attributes:• IPv6 reachability (with 128-bit prefix)• IPv6 interface address (with 128 bits)

– New protocol identifier– Not yet an IETF standard

http://w

http://w


ww

w.h

an

oic

tt.c

om

EIGRP

• EIGRP for IPv4 and EIGRP for IPv6 are configured and managed separately. However, the configuration of EIGRP for IPv4 and IPv6 is similar and provides operational familiarity and continuity.


ww

w.h

an

oic

tt.c

om

Multiprotocol Border Gateway Protocol (MP-BGP) (RFC 2858)

• Multiprotocol extensions for BGP4: – Enables protocols other than IPv4– New identifier for the address family

• IPv6 specific extensions:– Scoped addresses: NEXT_HOP contains a global IPv6

address and potentially a link-local address (only when there is a link-local reachability with the peer).

– NEXT_HOP and Network Layer Reachability Information (NLRI) are expressed as IPv6 addresses and prefix in the multiprotocol attributes.

http://w

http://w


ww

w.h

an

oic

tt.c

om

Summary

• IPv6 has numerous features and functions that make it a superior alternative to IPv4.

• IPv6 provides a larger address space in a hexadecimal format.• The IPv6 addresses can be obtained by IPv6 hosts dynamically

utilizing autoconfiguration.• IPv6 will require new versions of RIP, EIGRP, IS-IS, BGP,

and OSPF.• IPv4-to-IPv6 transition methodologies will include dual stack

and tunneling, with 6to4 tunneling being prevalent.

http://w

ipv6 for ccna

Documents