Quality of Service

Quality of Service

IPv6 QoS, like the acquisition protocols discussed in the two antecedent sections, has a abundant accord in

common with IPv4 QoS. This is a aftereffect of Cisco’s three-step, hierarchical action for QoS

implementation. The aforementioned above QoS methods are accessible for IPv6 as for IPv4, and configuring

them application the Modular QoS CLI (MQC) will additionally be familiar. Be abiding that you are accustomed and

comfortable with QoS agreement for IPv4 afore arrest this area of the chapter.

With account to the Cisco IOS version, abounding of the IPv6 QoS appearance in this area accept been

implemented for some time, some as aboriginal as adaptation 12.0. However, the IOS adaptation on which

this area is based is 12.4 Mainline.

Before accepting into details, amuse agenda that these appearance are not accessible in IPv6 QoS

implementation on Cisco routers:

■ Network Based Application Recognition (NBAR)

■ Compressed Real-Time Protocol (cRTP)

■ Committed admission amount (CAR)

■ Priority queuing (PQ)

■ Custom queuing (CQ)

As you can see from this list, three of the bristles items, CAR, PQ, and CQ, are bequest QoS features.

Supporting these appearance in a new accomplishing does not accomplish sense, because the MQC

handles the aforementioned functions. In IPv4, these technologies abide accurate to abstain banishment users

to drift to the agnate MQC-configured affection set. But because IPv6 is newer in Cisco IOS

than CAR, PQ, and CQ, there is no acumen to apparatus two methods of configuring these

features; thus, the MQC affection implementations are the ones deployed in Cisco IOS for IPv6.

QoS Implementation Strategy 833

QoS Implementation Strategy

QoS for IPv6 in Cisco IOS includes packet allocation and marking, queuing, cartage shaping,

weighted accidental aboriginal apprehension (WRED), and policing. Each of these appearance is accurate for

both action switching and CEF switching in IPv6 in Cisco IOS.

Classification, Marking, and Queuing

Just as in IPv4, you charge analyze the arrangement cartage you appetite to amusement with QoS afore configuring

it. Once you accept done that, the aboriginal footfall is to actuate how a router can analyze the cartage of

interest; this is the allocation phase, which is done through Cisco IOS chic maps. If your

network is active the aforementioned protocols on IPv4 and IPv6, it makes faculty to allocate cartage based

on IP antecedence and DSCP. If not, you can amusement them apart application bout agreement ip

and bout agreement ipv6 instead. Cisco IOS has an added bout belief for cartage specified

in an IPv6 admission list, bout access-group name.

After you accept configured chic maps to bout the adapted traffic, you can mark the cartage in a

policy map. The accustomed set dscp and set antecedence commands abutment both IPv4 and IPv6 in

Cisco IOS.

Cisco IOS supports class-based and flow-based queuing for IPv6 traffic. Once you accept configured

classification and marking, which is covered in detail in Chapter 12, “Classification and Marking,”

you can chain the cartage application the aforementioned queuing accoutrement accessible for IPv4 and declared in Chapters

13 (“Congestion Management and Avoidance”) and 14 (“Shaping and Policing”). Please accredit to

those capacity for added details.

Some IPv6 QoS affection agreement differs from IPv4, either because of IPv6’s basic

implementation differences from IPv4 or for added reasons, accurately the following:

■ Because IPv6 admission lists cannot be numbered, but rather charge be named, Cisco IOS does not

support the bout access-group xxx command. Instead it supports the bout access-group

name command.

■ The bout ip rtp command identifies alone IPv4 RTP carriage packets. There is no

equivalent for analogous RTP packets in IPv6.

■ The bout cos and set cos commands for 802.1Q interfaces abutment alone CEF-switched

packets. They do not abutment process-switched or router-originated packets.

■ The bout cos and set cos commands do not abutment ISL interfaces, alike for CEF-switched

packets.

Congestion Avoidance

Like queuing, IPv6 WRED is identical to WRED for IPv4 both conceptually and in agreement of the

implementation commands. Cisco WRED supports both class- and flow-based (using DSCP or

precedence) operation.

Configuring EIGRP for IPv6


Configuring EIGRP for IPv6

The basal accomplish adapted to configure IPv6 EIGRP are absolutely agnate to those for IPv4 EIGRP, with

several additions:

Step 1 Enable IPv6 unicast routing.

Step 2 Configure EIGRP on at atomic one router interface.

Step 3 In the EIGRP acquisition process, accredit a router ID.

Step 4 Affair the no abeyance command in the EIGRP acquisition action to activate

the protocol.

Step 5 Use the accordant appearance commands to analysis your configuration.

Next, let’s attending at a agreement archetype that includes IPv6 EIGRP acquisition amid two routers

connected beyond a Frame Relay cloud. Figure 20-6 shows the cartography for this example; Example

20-13 covers the agreement details. Features acclimatized in this archetype accommodate passive

interfaces and redistribution. Archetype 20-13 is commented abundantly to advice you understand

each affection actuality implemented. After the antecedent example, Archetype 20-13 adds route

summarization to appearance its aftereffect on the acquisition tables.

Figure 20-6 Cartography for Basal OSPFv3 Acquisition Agreement Archetype 20-13

Frame

Relay

EIGRP AS 100

Fa0/0

2001:0:4::/64

Lo3 (Passive)

3001:0:4:3::/64

3001:0:4:5::/64

Lo2

3001:04:2::/64

3001:0:4:4::/64

Lo0

3001:0:4::/64

Lo1

Autoconfig

Lo0

3001:0:3::/64

Fa0/0

2001:0:3::/64

Lo2 (Passive)

3001:0:3:2::/64

Lo3 (Redistributed)

3001:0:3:3::/64

Se0/0

2001::/64

Collins

Heath

DLCI 708

DLCI 807

Se0/0

2001::/64

EIGRP for IPv6 783

Example 20-13 IPv6 EIGRP Acquisition Archetype Amid Collins and Heath

! After basal IPv6 agreement and EIGRP agreement on the

! adapted interfaces, here’s the abject configuration:

Collins# appearance run

!

ipv6 unicast-routing

!

interface Loopback0

no ip address

ipv6 abode 3001:0:4::/64 eui-64

ipv6 eigrp 100

!

interface Loopback1

no ip address

ipv6 abode autoconfig

ipv6 eigrp 100

!

interface Loopback2

no ip address

ipv6 abode 3001:0:4:2::/64 eui-64

ipv6 abode 3001:0:4:4::/64 eui-64

ipv6 eigrp 100

!

interface Loopback3

no ip address

ipv6 abode 3001:0:4:3::/64 eui-64

ipv6 abode 3001:0:4:5::/64 eui-64

ipv6 eigrp 100

!

interface FastEthernet0/0

no ip address

speed 100

full-duplex

ipv6 abode 2001:0:4::/64 eui-64

ipv6 eigrp 100

!

interface Serial0/0

bandwidth 768

no ip address

encapsulation frame-relay

ipv6 abode 2001::/64 eui-64

ipv6 eigrp 100

clock amount 128000

no fair-queue

cdp enable

frame-relay map ipv6 FE80::207:85FF:FE80:7208 708 broadcast

frame-relay map ipv6 2001::207:85FF:FE80:7208 708

! Note that Inverse ARP additionally would assignment here, back it is enabled by default.

continues

784 Chapter 20: IP Version 6

!

! Now, in IPv6 EIGRP agreement mode, set the router ID, configure a

! acquiescent interface, and affair a no abeyance on the acquisition action to begin

! EIGRP acquisition on Collins:

ipv6 router eigrp 100

router-id 192.10.10.101

no shutdown

passive-interface Loopback3

!

! Already this is done, beam the after-effects by examination the IPv6 protocols running

! on Collins. Note the absence metrics, which are the aforementioned as for IPv4 EIGRP, and

! how the Loopback 3 passive-interface agreement is indicated:

Collins# appearance ipv6 protocols

IPv6 Acquisition Agreement is "connected"

IPv6 Acquisition Agreement is "static"

IPv6 Acquisition Agreement is "eigrp 100"

EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0

EIGRP best hopcount 100

EIGRP best metric about-face 1

Interfaces:

FastEthernet0/0

Serial0/0

Loopback0

Loopback1

Loopback2

Loopback3 (passive)

Redistribution:

None

Maximum path: 16

Distance: centralized 90 alien 170

Collins#

! Now about-face to Heath and analysis the basal EIGRP interface commands.

Heath# appearance run

! (output bare for brevity)

ipv6 unicast-routing

!

interface Loopback0

no ip address

ipv6 abode 3001:0:3::/64 eui-64

ipv6 eigrp 100

!

! Note that EIGRP is not configured on Loopback 2 or Loopback 3:

interface Loopback2

no ip address

ipv6 abode 3001:0:3:2::/64 eui-64

!

interface Loopback3

Example 20-13 IPv6 EIGRP Acquisition Archetype Amid Collins and Heath (Continued)

EIGRP for IPv6 785

no ip address

ipv6 abode 3001:0:3:3::/64 eui-64

!

interface FastEthernet0/0

no ip address

speed auto

ipv6 abode 2001:0:3::/64 eui-64

ipv6 eigrp 100

!

interface Serial0/0

bandwidth 128

no ip address

encapsulation frame-relay

ipv6 abode 2001::/64 eui-64

ipv6 eigrp 100

clock amount 128000

no fair-queue

cdp enable

frame-relay map ipv6 2001::207:85FF:FE80:71B8 807

frame-relay map ipv6 FE80::207:85FF:FE80:71B8 807 broadcast

!

! Next, configure the IPv6 EIGRP acquisition action and add a avenue map to

! baddest which affiliated interface to redistribute into EIGRP on Heath:

Heath(config)# ipv6 router eigrp 100

Heath(config-rtr)# router-id 192.10.10.1

Heath(config-rtr)# no shutdown

Heath(config-rtr)# passive-interface Loopback2

Heath(config-rtr)# redistribute affiliated metric 100000 100 255 10 1500

route-map Con2EIGRP100

Heath(config-rtr)# exit

Heath(config)# route-map Con2EIGRP100 admittance 10

Heath(config-route-map)# bout interface Loopback3

Heath(config-route-map)# end

Heath#

! The adapted appearance command provides a acceptable high-level appearance of Heath’s EIGRP

! settings:

Heath# appearance ipv6 protocols

IPv6 Acquisition Agreement is "connected"

IPv6 Acquisition Agreement is "static"

IPv6 Acquisition Agreement is "eigrp 100"

EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0

EIGRP best hopcount 100

EIGRP best metric about-face 1

Interfaces:

FastEthernet0/0

Serial0/0

Loopback0

Example 20-13 IPv6 EIGRP Acquisition Archetype Amid Collins and Heath (Continued)

continues

786 Chapter 20: IP Version 6

Loopback2 (passive)

Redistribution:

Redistributing agreement affiliated with metric 0 route-map Con2EIGRP100

Maximum path: 16

Distance: centralized 90 alien 170

Heath#

! On Collins, appearance commands affectation EIGRP neighbors and interfaces now that both

! neighbors are configured and up:

Collins# appearance ipv6 eigrp neighbor

IPv6-EIGRP neighbors for action 100

H Abode Interface Hold Uptime SRTT RTO Q Seq

(sec) (ms) Cnt Num

0 Link-local address: Se0/0 163 00:01:16 76 456 0 12

FE80::207:85FF:FE80:7208

Collins# appearance ipv6 eigrp interface

IPv6-EIGRP interfaces for action 100

Xmit Queue Mean Pacing Time Multicast Pending

Interface Peers Un/Reliable SRTT Un/Reliable Flow Timer Routes

Fa0/0 0 0/0 0 0/10 0 0

Se0/0 1 0/0 76 1/31 50 0

Lo0 0 0/0 0 0/10 0 0

Lo1 0 0/0 0 0/10 0 0

Lo2 0 0/0 0 0/10 0 0

! The acquisition table on Collins shows that we’re acquirements four routes from Heath.

! Two are centralized routes and one is Heath’s redistributed loopback (EX).

! Note the altered authoritative distances and metrics:

Collins# appearance ipv6 avenue eigrp

IPv6 Acquisition Table - 19 entries

Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP

U - Per-user Static route

I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary

O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2

ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2

D - EIGRP, EX - EIGRP external

D 2001:0:3::/64 [90/3847680]

via FE80::207:85FF:FE80:7208, Serial0/0

D 3001:0:3::/64 [90/3973120]

via FE80::207:85FF:FE80:7208, Serial0/0

D 3001:0:3:2::/64 [90/3973120]

via FE80::207:85FF:FE80:7208, Serial0/0

EX 3001:0:3:3::/64 [170/3870720]

via FE80::207:85FF:FE80:7208, Serial0/0

Collins#

! On Heath, the acquisition table is added extensive:

Heath# appearance ipv6 avenue eigrp

IPv6 Acquisition Table - 18 entries

Example 20-13 IPv6 EIGRP Acquisition Archetype Amid Collins and Heath (Continued)

EIGRP for IPv6 787

Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP

U - Per-user Static route

I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary

O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2

ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2

D - EIGRP, EX - EIGRP external

D 2001:0:4::/64 [90/20514560]

via FE80::207:85FF:FE80:71B8, Serial0/0

D 3001:0:4::/64 [90/20640000]

via FE80::207:85FF:FE80:71B8, Serial0/0

D 3001:0:4:2::/64 [90/20640000]

via FE80::207:85FF:FE80:71B8, Serial0/0

D 3001:0:4:3::/64 [90/20640000]

via FE80::207:85FF:FE80:71B8, Serial0/0

D 3001:0:4:4::/64 [90/20640000]

via FE80::207:85FF:FE80:71B8, Serial0/0

D 3001:0:4:5::/64 [90/20640000]

via FE80::207:85FF:FE80:71B8, Serial0/0

Heath#

! Verify reachability to the networks application ping. Only one ping analysis is shown

! for brevity, but hosts on all prefixes in the acquisition table are reachable.

Heath# ping 3001:0:4:5:207:85FF:FE80:71B8

Type escape arrangement to abort.

Sending 5, 100-byte ICMP Echos to 3001:0:4:5:207:85FF:FE80:71B8,

timeout is 2 seconds:

!!!!!

Success amount is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms

Heath#

! Now summarizing the two loopback addresses into one arbitrary avenue on

! Collins’s Serial 0/0 interface:

Collins# conf term

Enter agreement commands, one per line. End with CNTL/Z.

Collins(config)# int s0/0

Collins(config-if)# ipv summary-address eigrp 100 3001:0:4:4::/63

Collins(config-if)# end

Collins# appearance ipv6 protocols

IPv6 Acquisition Agreement is "connected"

IPv6 Acquisition Agreement is "static"

IPv6 Acquisition Agreement is "eigrp 100"

EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0

EIGRP best hopcount 100

EIGRP best metric about-face 1

Interfaces:

FastEthernet0/0

Serial0/0

Loopback0

Loopback1

Example 20-13 IPv6 EIGRP Acquisition Archetype Amid Collins and Heath (Continued)

continues

788 Chapter 20: IP Version 6

Loopback2

Loopback3 (passive)

Redistribution:

None

Address Summarization:

3001:0:4:4::/63 for Serial0/0

Summarizing with metric 128256

Maximum path: 16

Distance: centralized 90 alien 170

Collins#

! Heath’s acquisition table reflects the difference, with one arbitrary avenue instead

! of two abstracted acquisition table entries:

Heath# appearance ipv6 avenue eigrp

IPv6 Acquisition Table - 17 entries

Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP

U - Per-user Static route

I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary

O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2

ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2

D - EIGRP, EX - EIGRP external

D 2001:0:4::/64 [90/20514560]

via FE80::207:85FF:FE80:71B8, Serial0/0

D 3001:0:4::/64 [90/20640000]

via FE80::207:85FF:FE80:71B8, Serial0/0

D 3001:0:4:2::/64 [90/20640000]

via FE80::207:85FF:FE80:71B8, Serial0/0

D 3001:0:4:3::/64 [90/20640000]

via FE80::207:85FF:FE80:71B8, Serial0/0

D 3001:0:4:4::/63 [90/20640000]

via FE80::207:85FF:FE80:71B8, Serial0/0

Heath#

! Hosts on both abbreviated prefixes are still reachable:

Heath# ping 3001:0:4:4:207:85FF:FE80:71B8

Type escape arrangement to abort.

Sending 5, 100-byte ICMP Echos to 3001:0:4:4:207:85FF:FE80:71B8,

timeout is 2 seconds:

!!!!!

Success amount is 100 percent (5/5), round-trip min/avg/max = 28/30/32 ms

Heath# ping 3001:0:4:5:207:85FF:FE80:71B8

Type escape arrangement to abort.

Sending 5, 100-byte ICMP Echos to 3001:0:4:5:207:85FF:FE80:71B8,

timeout is 2 seconds:

!!!!!

Success amount is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms

Heath#

Example 20-13 IPv6 EIGRP Acquisition Archetype Amid Collins and Heath (Continued)

To abridge this section, you can see that IPv6 EIGRP is actual agnate to EIGRP for IPv4. You

should acquisition configuring it to be almost accessible already you accept a acceptable command of both IPv4

EIGRP and the basics of IPv6 addressing. Focus on the key differences amid the two

implementations and abstraction the agreement examples in your pre-exam review.

Route Filtering

Route Filtering
IPv6 EIGRP uses prefix lists for route filtering. To filter routes from EIGRP updates, configure an
IPv6 prefix list that permits or denies the desired prefixes. Then apply it to the EIGRP routing
process using the distribute-list prefix-list name command.

Authentication and Encryption

Authentication and Encryption

One breadth in which OSPFv3 is simpler than OSPFv2, at the agreement operation level, is that it uses

IPv6’s built-in affidavit abutment rather than implementing its own affidavit mechanisms.

OSPFv3 uses Affidavit Header (AH), alpha with Cisco IOS Release 12.3(4)T, and

Encapsulating Aegis Payload (ESP) protocols for authentication, alpha with Cisco IOS

Release 12.4(9)T. Both of these appearance crave a Crypto affection set in the router.

To accredit IPv6 OSPF affidavit application AH, affair the command ipv6 ospf authentication. To

enable encryption application ESP, affair the command ipv6 ospf encryption. These are interface

configuration commands. Note that ESP provides both encryption and authentication. Additionally note

that because AH and ESP are allotment of the IPsec protocol, you charge additionally configure IPsec security

policies to use them. The agreement capacity of IPsec are alfresco the ambit of this book, but you

can acquisition accompanying advice on Cisco.com at http://www.cisco.com/en/US/products/sw/iosswrel/

ps5187/products_configuration_guide_chapter09186a0080573b9c.html.

Here are three key things to apperceive about OSPFv3 affidavit and encryption:

■ OSPFv3 can use AH for authentication.

■ OSPFv3 can use ESP for affidavit and encryption.

■ OSPFv3 affidavit and encryption can be activated per breadth or per articulation (interface); per-link

configuration is added defended because it creates added layers of security.

Authentication and Encryption

Authentication and Encryption

One breadth in which OSPFv3 is simpler than OSPFv2, at the agreement operation level, is that it uses

IPv6’s built-in affidavit abutment rather than implementing its own affidavit mechanisms.

OSPFv3 uses Affidavit Header (AH), alpha with Cisco IOS Release 12.3(4)T, and

Encapsulating Aegis Payload (ESP) protocols for authentication, alpha with Cisco IOS

Release 12.4(9)T. Both of these appearance crave a Crypto affection set in the router.

To accredit IPv6 OSPF affidavit application AH, affair the command ipv6 ospf authentication. To

enable encryption application ESP, affair the command ipv6 ospf encryption. These are interface

configuration commands. Note that ESP provides both encryption and authentication. Additionally note

that because AH and ESP are allotment of the IPsec protocol, you charge additionally configure IPsec security

policies to use them. The agreement capacity of IPsec are alfresco the ambit of this book, but you

can acquisition accompanying advice on Cisco.com at http://www.cisco.com/en/US/products/sw/iosswrel/

ps5187/products_configuration_guide_chapter09186a0080573b9c.html.

Here are three key things to apperceive about OSPFv3 affidavit and encryption:

■ OSPFv3 can use AH for authentication.

■ OSPFv3 can use ESP for affidavit and encryption.

■ OSPFv3 affidavit and encryption can be activated per breadth or per articulation (interface); per-link

configuration is added defended because it creates added layers of security.

EIGRP for IPv6

EIGRP for IPv6

Like OSPFv3 compared to OSPFv2, EIGRP for IPv6 has a abundant accord in accepted with EIGRP for

IPv4. In fact, EIGRP for IPv6 is actual agnate to EIGRP for IPv4. Of course, some differences exist,

so this area covers the key differences afore affective on to configuration.

Differences Amid EIGRP for IPv4 and for IPv6

IPv6 EIGRP requires a acquisition activity to be authentic and enabled (no shutdown) and a router ID

(in 32-bit IPv4 abode format) to be manually assigned application the router-id command, both of

which charge be done in IPv6 router agreement approach afore the IPv6 EIGRP acquisition activity can

start. These are two of the differences amid EIGRP for IPv4 and IPv6. Some others board the

following:

■ Configured on the interface—As with OSPFv3 (and RIPng), EIGRP advertises networks

based on interface commands rather than acquisition activity arrangement commands. For example,

the command to accredit IPv6 EIGRP AS 100 on an interface is ipv6 eigrp 100.

■ Charge no shut the acquisition process—When EIGRP for IPv6 is aboriginal configured on an interface,

this activity creates the IPv6 EIGRP acquisition activity on the router. However, the acquisition process

is initially placed in the abeyance state, and requires a no abeyance command in router

configuration approach to become active.

■ Router ID—EIGRP for IPv6 requires a 32-bit router ID (a dotted-decimal IPv4 address) to

be configured afore it starts. A router does not accuse about the abridgement of an EIGRP RID,

however, so bethink to configure one statically back accomplishing a no abeyance in the routing

process.

■ Acquiescent interfaces—IPv6 EIGRP, acquiescent interfaces are configured in the acquisition process

only. That is, no accompanying agreement commands are appropriate on the interface.

■ Avenue filtering—IPv6 EIGRP performs avenue clarification application alone the distribute-list prefixlist

command. IPv6 EIGRP does not abutment avenue clarification through avenue maps that call

distribute lists.

■ Automatic summarization—IPv6 EIGRP has no agnate to the IPv4 (no) auto-summary

command, because there is no abstraction of classful acquisition in IPv6.

■ Cisco IOS support—EIGRP for IPv6 is accurate in Cisco IOS alpha with

Release 12.4(6)T.

Unchanged Features

All of the afterward EIGRP appearance assignment the aforementioned way in IPv6 as they do in IPv4. The only

exceptions are the commands themselves, with ipv6 instead of ip in interface commands:

■ Metric weights

■ Authentication

■ Link bandwidth percentage

■ Split horizon

■ Next-hop setting, configured via the interface-level ipv6 next-hop-self eigrp as command

■ Hello breach and holdtime configuration

■ Abode summarization (syntax differs hardly to board IPv6 abode format)

■ Stub networks (syntax and options alter slightly)

■ Variance

■ Most added features

IPv6 EIGRP uses affidavit keys configured absolutely as they are for IPv4 EIGRP.

Enabling and Configuring OSPFv3

Enabling and Configuring OSPFv3
Enabling OSPFv3 on a Cisco router is straightforward if you have a good grasp of OSPFv2. Once
basic IPv6 addressing and reachability are configured and working, the OSPFv3 configuration
process includes these steps:
Step 1 Identify the desired links connected to each OSPFv3 router.
Step 2 Determine the OSPF area design and the area to which each router link
(interface) should belong.
Step 3 Identify any special OSPF routing requirements, such as stub areas, address
summarization, LSA filtering, and virtual links.
Step 4 Configure OSPF on the interfaces.
Step 5 Configure routing process commands, including a router ID on IPv6-only routers.
Step 6 Verify OSPF configuration, routing tables, and reachability.
Figure 20-5 shows the network layout for this basic OSPFv3 routing example. Configuration
details follow in Example 20-9 and Example 20-10.
Figure 20-5 Topology for Basic OSPFv3 Routing Configuration Examples 20-9 Through 20-12
Example 20-9 Configuring OSPFv3 on Router R3
R3# show run
Building configuration...
! Lines omitted for brevity
!
! IPv6 unicast routing must be enabled to configure IPv6 features:
ipv6 unicast-routing
ipv6 cef
!
interface Loopback0
Frame
Relay
Lo0
3001:0:4:0::/64
Lo0
3001:0:3:0::/64
Lo2
3001:0:4:2::/64
Se0/0
2001::/64
Se0/0
2001::/64 Lo2
3001:0:3:2::/64
Lo4
3001:0:3:4::/64
Fa0/0
2001:0:4:0::/64
Fa0/0
R3
Area 77
R4C
DLCI 708
DLCI 807
Area 66
Area 704
Area 0
OSPFv3 773
no ip address
! IPv6 addresses are assigned to each OSPFv3 interface:
ipv6 address 3001:0:3::/64 eui-64
! Next OSPFv3 is enabled on the interface and the interface is assigned to an area:
ipv6 ospf 1 area 704
! IPv6 OSPFv3 draws its router ID from the IPv4 loopback address on
! interface Loopback 1:
interface Loopback1
ip address 10.3.3.6 255.255.255.0
!
interface Loopback2
no ip address
ipv6 address 3001:0:3:2::/64 eui-64
! Like IPv4, setting the network type of a loopback address to point-to-point
! makes the route to this loopback appear in R4C’s routing table as a /64
! network rather than as a /128 network (a host route):
ipv6 ospf network point-to-point
ipv6 ospf 1 area 0
! Note that interface Loopback 4 will be added later. Its use will be covered
! in another example later in this chapter.
!
interface FastEthernet0/0
no ip address
speed auto
! Assign an IPv6 address and perform OSPFv3 configuration on
! the interface:
ipv6 address 2001:0:3::/64 eui-64
ipv6 ospf 1 area 704
!
interface Serial0/0
bandwidth 128
no ip address
encapsulation frame-relay
! On the serial interface, first configure the IPv6 address:
ipv6 address 2001::/64 eui-64
! Next must specify a neighbor, because the interface is
! NBMA (frame relay in this case).
! Like OSPFv2, OSPFv3 in Cisco IOS requires a neighbor statement at
! only one end of the link:
ipv6 ospf neighbor FE80::207:85FF:FE80:71B8
ipv6 ospf 1 area 0
clock rate 128000
no fair-queue
cdp enable
! Because this is a frame-relay interface, map the link-local address of
! the next hop. This allows OSPFv3 neighbors to form:
frame-relay map ipv6 FE80::207:85FF:FE80:71B8 807 broadcast
Example 20-9 Configuring OSPFv3 on Router R3 (Continued)
continues
774 Chapter 20: IP Version 6
! Next, add a frame-relay map statement to the unicast address of
! the next hop on the serial link so that unicast IPv6 packets will
! reach their destination:
frame-relay map ipv6 2001::207:85FF:FE80:71B8 807
! The ipv6 router ospf 1 global commands are created when OSPFv3 is
! enabled on the first interface:
ipv6 router ospf 1
log-adjacency-changes
!
! Lines omitted for brevity
R3#
Example 20-10 Configuring OSPFv3 on Router R4C
R4C# show run
Building configuration...
! Lines omitted for brevity
!
ipv6 unicast-routing
ipv6 cef
!
!
interface Loopback0
no ip address
ipv6 address 3001:0:4::/64 eui-64
ipv6 ospf 1 area 66
!
interface Loopback2
no ip address
ipv6 address 3001:0:4:2::/64 eui-64
! Like IPv4, setting the network type of a loopback address to point-to-point
! makes the route to this loopback appear in R3’s routing table as a /64
! network rather than as a /128 network (a host route):
ipv6 ospf network point-to-point
ipv6 ospf 1 area 0
!
interface FastEthernet0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:0:4::/64 eui-64
ipv6 ospf 1 area 77
!
interface Serial0/0
bandwidth 128
no ip address
encapsulation frame-relay
Example 20-9 Configuring OSPFv3 on Router R3 (Continued)
OSPFv3 775
Note that this example configures several OSPF areas, so both intra-area and inter-area routes
appear in the OSPFv3 routing tables. Routes with different network sizes and metrics will also be
present. Example 20-11 confirms the OSPFv3 routing configuration by using show commands
and ping tests.
! Because the other neighbor has the neighbor statement, this side doesn’t need one.
ipv6 address 2001::/64 eui-64
ipv6 ospf 1 area 0
clock rate 128000
no fair-queue
cdp enable
! Here again, two frame-relay map statements are required:
frame-relay map ipv6 FE80::207:85FF:FE80:7208 708 broadcast
frame-relay map ipv6 2001::207:85FF:FE80:7208 708
!
ipv6 router ospf 1
! Here, we must specify the OSPFv3 router ID, because
! this router has no IPv4 interfaces:
router-id 99.99.99.99
log-adjacency-changes
!
! Lines omitted for brevity
R4C#
Example 20-11 Verifying OSPFv3 Configuration and Reachability
! The show ipv6 interface brief command displays both
! the unicast and link-local addresses,
! which is useful during ping and traceroute testing:
R3# show ipv6 interface brief
FastEthernet0/0 [up/up]
FE80::207:85FF:FE80:7208
2001:0:3:0:207:85FF:FE80:7208
Serial0/0 [up/up]
FE80::207:85FF:FE80:7208
2001::207:85FF:FE80:7208
Loopback0 [up/up]
FE80::207:85FF:FE80:7208
3001:0:3:0:207:85FF:FE80:7208
Loopback1 [up/up]
Loopback2 [up/up]
FE80::207:85FF:FE80:7208
3001:0:3:2:207:85FF:FE80:7208
Loopback4 [up/up]
FE80::207:85FF:FE80:7208
3001:0:3:4:207:85FF:FE80:7208
Example 20-10 Configuring OSPFv3 on Router R4C (Continued)
continues
776 Chapter 20: IP Version 6
R3#
! The show ipv6 protocols command gives the best summary of
! OSPFv3 configuration by interface and OSPF area:
R3# show ipv6 protocols
IPv6 Routing Protocol is "connected"
IPv6 Routing Protocol is "static"
IPv6 Routing Protocol is "ospf 1"
Interfaces (Area 0):
Loopback2
Serial0/0
Interfaces (Area 704):
Loopback0
FastEthernet0/0
R3#
! Next we’ll look at the OSPFv3 interfaces in more
! detail to view the corresponding settings:
R3# show ipv6 ospf interface
Loopback2 is up, line protocol is up
Link Local Address FE80::207:85FF:FE80:7208, Interface ID 10
Area 0, Process ID 1, Instance ID 0, Router ID 10.3.3.6
Network Type POINT_TO_POINT, Cost: 1
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Index 1/1/4, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 0, maximum is 0
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 0, Adjacent neighbor count is 0
Suppress hello for 0 neighbor(s)
Serial0/0 is up, line protocol is up
Link Local Address FE80::207:85FF:FE80:7208, Interface ID 3
Area 0, Process ID 1, Instance ID 0, Router ID 10.3.3.6
Network Type NON_BROADCAST, Cost: 781
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 10.3.3.6, local address FE80::207:85FF:FE80:7208
Backup Designated router (ID) 99.99.99.99, local address
FE80::207:85FF:FE80:71B8
Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5
Hello due in 00:00:05
Index 1/3/3, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 6
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 99.99.99.99 (Backup Designated Router)
Suppress hello for 0 neighbor(s)
Loopback0 is up, line protocol is up
Example 20-11 Verifying OSPFv3 Configuration and Reachability (Continued)
OSPFv3 777
Link Local Address FE80::207:85FF:FE80:7208, Interface ID 8
Area 704, Process ID 1, Instance ID 0, Router ID 10.3.3.6
Network Type LOOPBACK, Cost: 1
Loopback interface is treated as a stub Host
FastEthernet0/0 is up, line protocol is up
Link Local Address FE80::207:85FF:FE80:7208, Interface ID 2
Area 704, Process ID 1, Instance ID 0, Router ID 10.3.3.6
Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 10.3.3.6, local address FE80::207:85FF:FE80:7208
No backup designated router on this network
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:06
Index 1/1/1, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 0, maximum is 0
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 0, Adjacent neighbor count is 0
Suppress hello for 0 neighbor(s)
R3#
! Now let’s take a look at the IPv6 routing table’s OSPF routes.
! Note the presence of two inter-area routes and one intra-area route.
! The intra-area route points to Loopback 0 on R4C, which is a /128 (host)
! route because LO0 has the default network type for a loopback interface.
! The others are /64 routes because of their network types.
R3# show ipv6 route ospf
IPv6 Routing Table - 15 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
D - EIGRP, EX - EIGRP external
OI 2001:0:4::/64 [110/782]
via FE80::207:85FF:FE80:71B8, Serial0/0
OI 3001:0:4::/64 [110/782]
via FE80::207:85FF:FE80:71B8, Serial0/0
O 3001:0:4:2:207:85FF:FE80:71B8/128 [110/781]
via FE80::207:85FF:FE80:71B8, Serial0/0
R3#
! A ping test proves reachability to an address on an inter-area route:
R3# ping 3001:0:4:2:207:85FF:FE80:71B8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3001:0:4:2:207:85FF:FE80:71B8,
timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms
R3#
Example 20-11 Verifying OSPFv3 Configuration and Reachability (Continued)
778 Chapter 20: IP Version 6
Next, Example 20-12 shows redistributing a new loopback interface into OSPFv3 on R3, filtered
through a route map, to see the effect on R4C’s routing table. Note the similarity in command
syntax and output to OSPFv2.
Example 20-12 Redistributing a Connected Interface into OSPFv3
! First create the Loopback 4 interface on R3:
R3# conf t
R3(config)# interface Loopback4
R3(config-if)# ipv6 address 3001:0:3:4::/64 eui-64
! Next, create a route map to select only this new
! loopback interface for redistribution:
R3(config-if)# route-map Con2OSPFv3
R3(config-route-map)# route-map Con2OSPFv3 permit 10
R3(config-route-map)# match interface loopback 4
R3(config-route-map)# exit
R3(config)# ipv6 router ospf 1
R3(config-rtr)# redistribute connected route-map Con2OSPFv3
R3(config-rtr)# end
R3# show ipv6 protocols
IPv6 Routing Protocol is "connected"
IPv6 Routing Protocol is "static"
IPv6 Routing Protocol is "ospf 1"
Interfaces (Area 0):
Loopback2
Serial0/0
Interfaces (Area 704):
Loopback0
FastEthernet0/0
Redistribution:
Redistributing protocol connected route-map Con2OSPFv3
R3#
! On R4 the new redistributed route on R3 appears as an OE2 route, because
! type E2 is the default for redistributed routes, and the default
! metric is 20, as in OSPFv2.
R4C# show ipv6 route ospf
IPv6 Routing Table - 14 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
D - EIGRP, EX - EIGRP external
OI 2001:0:3::/64 [110/782]
via FE80::207:85FF:FE80:7208, Serial0/0
OI 3001:0:3:0:207:85FF:FE80:7208/128 [110/781]
via FE80::207:85FF:FE80:7208, Serial0/0
O 3001:0:3:2::/64 [110/782]
via FE80::207:85FF:FE80:7208, Serial0/0
OE2 3001:0:3:4::/64 [110/20]
via FE80::207:85FF:FE80:7208, Serial0/0
R4C#
! Finally, verify reachability to the redistributed loopback interface:
R4C# ping 3001:0:3:4:207:85FF:FE80:7208
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 30
001:0:3:4:207:85FF:FE80:7208,
timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/33 ms
R4C#

Configuring OSPFv3 over Frame Relay

Configuring OSPFv3 over Frame Relay

In IPv4 Frame Relay networks, you are acceptable to be accustomed with mapping IP addresses to DLCI numbers.

The agreement of frame-relay map statements is abundant the aforementioned in IPv6, but there is a twist: It requires

two map statements instead of aloof one. One map account credibility to the link-local address, and the other

points to the unicast abode of the next-hop interface. Alone the link-local mapping account requires the

broadcast keyword (which absolutely permits multicast, as there is no such affair as advertisement in IPv6). In

Example 20-8, the far-end interface’s IPv6 unicast abode is 2001::207:85FF:FE80:7208 and its linklocal

address is FE80::207:85FF:FE80:7208. The DLCI cardinal is 708.

If you configure alone the link-local mapping, OSPFv3 will be happy; the neighbors will appear up,

the routers will become absolutely adjacent, and their acquisition tables will absolutely populate. However, when

you try to accelerate IPv6 cartage to a arrangement beyond the Frame Relay cloud, it will abort because of Frame

Relay encapsulation failures.

Example 20-8 Frame Relay Mapping for IPv6

frame-relay map ipv6 FE80::207:85FF:FE80:7208 708 broadcast

frame-relay map ipv6 2001::207:85FF:FE80:7208 708

Of course, if you are able to use Inverse ARP, this affair does not appulse your configuration. Inverse

ARP works for IPv6 as it does for IPv4 and supports all configured IPv6 addresses on an interface.

OSPFv3 in NBMA Networks

OSPFv3 in NBMA Networks
OSPFv3 operates in NBMA networks almost exactly like OSPFv2. In particular, each interface
has an OSPF network type, with that network type dictating whether OSPFv3 needs to use a
DR/BDR and whether at least one router needs to have an OSPF neighbor command configured.
For example, when configuring Frame Relay with the IPv6 address on a physical interface or
multipoint subinterface, the OSPF network type defaults to “nonbroadcast,” which requires the use
of a neighbor command:
Jackson(config-if)# ipv6 ospf neighbor 3003::1
OSPFv3 neighbor relationships over NBMA networks take a relatively long time to form (a
minute or two), even on high-speed media, as they do in OSPFv2. This delay can lead to confusion
and may cause you to spend time troubleshooting a nonproblem.
Invariably, at some point in your studies (or lab exams), you will configure OSPFv2 or v3 over an
NBMA network and forget to include a neighbor statement. As a result, neighbors will not form and
you will have to troubleshoot the problem. A useful crutch you can use to help you remember that
NBMA OSPF peers require neighbor statements is the saying, “nonbroadcast needs neighbors.”
For completeness, you should be aware that it is possible to get OSPF neighbors to form over an
NBMA network without neighbor statements, if you change the interfaces’ network types from
their defaults. This is done using the ipv6 ospf network interface command, as it is in IPv4. The
same rules apply for IPv6, as explained in the Chapter 9 section “Designated Routers on WANs
and OSPF Network Types.”

OSPFv3 LSA Types

OSPFv3 LSA Types
Most LSA functionality in OSPFv3 is the same as that in OSPFv2, with a few changes in the LSA
names. In addition, OSPFv3 has two additional LSA types. Table 20-5 briefly describes each of
the LSA types in OSPFv3. Compare this table to Table 9-4 for a better perspective on how OSPFv2
and OSPFv3 LSA types are similar to and different from each other. Note that OSPFv3 LSA types
are basically the same as OSPFv2 LSAs, except for their slightly different names and the additions
of type 8 and 9 LSAs to OSPFv3.
Table 20-5 OSPFv3 LSA types
LSA
Type Common Name Description
Flooding
Scope
1 Router LSA Describes a router’s link states and costs of its links to one area. Area
2 Network LSA Generated by a DR to describe the aggregated link state and costs
for all routers attached to an area.
Area
3 Inter-Area Prefix LSA
for ABRs
Originated by ABRs to describe interarea networks to routers in
other areas.
Area
4 Inter-Area Router LSA
for ASBRs
Originated by ASBRs to advertise the ASBR location. Area
5 Autonomous System
External LSA
Originated by an ASBR to describe networks learned from other
protocols (redistributed routes).
Autonomous
System
8 Link LSA Advertises link-local address and prefix(es) of a router to all other
routers on the link, as well as option information. Sent only if
more than one router is present on a link.
Link
9 Intra-Area Prefix LSA • Performs one of two functions:
— Associates a list of IPv6 prefixes with a transit network by
pointing to a Network LSA.
— Associates a list of IPv6 prefixes with a router by pointing
to a Router LSA.
Area

OSPFv3

OSPFv3

The acceptable account about OSPFv3 is that OSPFv2 was a complete acquisition agreement back development

began on OSPFv3. The bad account about OSPFv3 is that it is added circuitous in some means than

OSPFv2. But mostly the two protocols are artlessly altered because of the differences in the

underlying Layer 3 protocol. Fortunately, RFC 2740, which defines OSPFv3, goes into absolutely a bit

of detail in anecdotic these differences. (And this RFC is able-bodied account a apprehend to accretion a better

understanding of OSPFv3 than this affiliate can provide.)

Differences Amid OSPFv2 and OSPFv3

OSPFv2 and OSPFv3 allotment abounding key concepts, including best of their basal operations and the

concepts of acquaintance relationships, areas, interface types, basal links, metric calculations, and

many others. However, you should accept the cogent differences as well.

Key differences amid OSPFv2 and OSPFv3 accommodate these:

■ Configured application interface commands—Cisco IOS enables OSPFv3 application interface

subcommands, instead of application the OSPFv2 adjustment (using the arrangement command in router

configuration mode). To accredit OSPFv3 action ID (PID) 1 and breadth 2 on a accustomed interface,

the basal command is artlessly ipv6 ospf 1 breadth 2. Issuing this command additionally creates the ipv6

router ospf 1 command in all-around agreement mode.

■ Announcement assorted networks on an interface—If assorted IPv6 addresses are configured

on an interface, OSPFv3 advertises all of the agnate networks.

OSPFv3 769

■ OSPFv3 RID charge be set—OSPFv3 can automatically set its 32-bit RID based on the

configured IPv4 addresses, application the aforementioned rules for OSPFv2. However, if no IPv4 addresses

are configured, OSPFv3 cannot automatically accept its router ID. You charge manually

configure the RID afore OSPFv3 will start. By comparison, an OSPFv2 router ID is created

automatically if any IP interfaces are configured on a router.

■ Calamity scope—The ambit for calamity LSAs is one of three specific types in OSPFv3:

— Link-local scope—Used by the new LSA type, Articulation LSA.

— Breadth scope—For LSAs abounding throughout a distinct OSPFv3 area. Used by Router,

Network, Inter-Area Prefix, Inter-Area Router, and Intra-Area Prefix LSA types.

— AS scope—LSAs of this blazon are abounding throughout the acquisition domain; this is

used for AS External LSAs.

■ Assorted instances per link—OSPFv3 supports assorted instances on a link. For example,

suppose you accept four routers on an Ethernet segment: routers A, B, 1, and 2. You want

routers A and B to anatomy adjacencies (become neighbors), and routers 1 and 2 to become

neighbors, but you do not appetite routers A and B to anatomy neighborships with routers 1 and 2.

OSPFv3 supports this blazon of adjacency scoping. The ambit of instance numbers is 0–255,

and the command architecture on the interface is, for example, ipv6 ospf 1 breadth 0 instance 33. The

instance charge bout on all routers that are to become adjoining on a link.

■ Terminology—OSPFv3 uses the appellation articulation for what OSPFv2 calls a network.

■ Sources packets from link-local addresses—With the barring of basal links, OSPFv3 uses

link-local addresses for all communications amid neighbors and sources packets from linklocal

addresses. On basal links, OSPFv3 sources packets from a globally scoped IPv6 address.

■ Authentication—OSPFv2 natively supports three affidavit types: null, simple

password, and MD5. OSPFv3, however, does not itself accommodate authentication, because IPv6

covers this claim with its centralized abutment for AH and ESP protocols, as declared in

more detail after in this chapter.

■ Networks in LSAs—Whereas OSPFv2 expresses networks in LSAs as [address, mask],

OSPFv3 expresses networks in LSAs as [prefix, prefix length]. The absence router is expressed

with a prefix breadth of 0.

Virtual Links, Abode Summarization, and Other OSPFv3 Features

Many OSPFv3 appearance are conceptually identical to OSPFv2 and alter alone hardly in their

configuration. Some of these appearance accommodate the following:

■ Basal links (which point to router IDs)

■ Abode summarization by area

■ Abode summarization in the acquisition process

■ Stub breadth configuration

■ NSSA configuration

■ Advertising, or not advertising, a arbitrary application the breadth ambit [advertise | not-advertise]

command

■ OSPF arrangement types and interface configuration

■ Router antecedence agreement for multiaccess networks, to access DR and BDR elections

■ Best OSPF appearance commands

IPv6 Unicast Routing Protocols

IPv6 Unicast Routing Protocols
The next two major sections of this chapter explore the details of the two IPv6 unicast routing
protocols covered in the CCIE Routing and Switching qualification exam blueprint: OSPFv3 and
EIGRP for IPv6. These routing protocols have a lot in common in terms of their Cisco IOS
configuration. It is worth mention here that RIPng, which was removed from the CCIE Routing
and Switching qualification exam blueprint at version 3, also shares many of these common
configuration concepts.
Although OSPFv3 and IPv6 EIGRP operate quite differently, here are a few key aspects of
configuring them that are helpful to understand as you study how these protocols work:
■ In each of these IPv6 unicast routing protocols, enabling the protocol for a particular network
in Cisco IOS is performed by issuing the appropriate ipv6 interface configuration command.
The command format, detailed in the “Foundation Summary” section at the end of the
chapter, is ipv6 {eigrp | ospf | rip} followed by the necessary keywords and arguments.
■ In router configuration mode, where the bulk of configuration is done for IPv4 routing
protocols, IPv6 routing protocols require less configuration. The global configuration is also
more intuitive because most of the configuration that is interface- or network-specific is done
in interface configuration mode.
The next two major sections build heavily on the corresponding IPv4 protocol concepts, so it is
important to study the EIGRP and OSPFv2 routing protocols in Chapters 8, “EIGRP,” and 9,
“OSPF,” respectively, before working through the following sections of this chapter.

IPv6 Static Routes

IPv6 Static Routes
Now that we have laid the foundation for IPv6 addressing and basic services, the next section of
this chapter focuses on routing. This section begins with static routes and then covers the two IPv6
routing protocols on the CCIE Routing and Switching qualifying exam blueprint, OSPFv3 and
IPv6 EIGRP.
Static routing in IPv6 works almost exactly as it does in IPv4, but with several twists:
■ An IPv6 static route to an interface has a metric of 1, not 0 as in IPv4.
■ An IPv6 static route to a next-hop IP address also has a metric of 1, like IPv4.
■ Floating static routes work the same way in IPv4 and IPv6.
■ An IPv6 static route to a broadcast interface type, such as Ethernet, must also specify a nexthop
IPv6 address, for reasons covered next.
As mentioned in the preceding list, IPv6 static routes that point to a broadcast interface must also
specify a next-hop IP address. This is because, as you will recall from earlier in this chapter, IPv6
does not use ARP, and, therefore, there is no concept of proxy ARP for IPv6. A next-hop router
will not proxy for a destination that is off the subnet. Therefore, static routes must specify the nexthop
IP address in situations where you specify a broadcast interface as a next hop.
One valuable tip for real-life configuration work, especially where time is of the essence (as it is
in the CCIE lab exam): Before you begin configuring routing processes or static routes, enable
IPv6 routing debugging using the debug ipv6 routing command. This has the benefit of showing
you all changes to the IPv6 routing table, including any that you may not intend!
Example 20-7 shows the configuration of a sample IPv6 static route and how it looks in the routing
table.
Example 20-7 IPv6 Static Route Configuration and show Commands
Martin(config)# ipv6 route 2001:129::/64 2001::207:85FF:FE80:7208
Martin(config)# end
Martin#
Apr 2 19:22:30.191: %SYS-5-CONFIG_I: Configured from console by console
Martin# show ipv6 route
IPv6 Routing Table - 9 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
D - EIGRP, EX - EIGRP external
C 2001::/64 [0/0]
via ::, Serial0/0
L 2001::207:85FF:FE80:71B8/128 [0/0]
via ::, Serial0/0
C 2001:128::/64 [0/0]
via ::, Loopback0
L 2001:128::1/128 [0/0]
via ::, Loopback0
C 2001:128:1F:633::/64 [0/0]
via ::, FastEthernet0/0
L 2001:128:1F:633:207:85FF:FE80:71B8/128 [0/0]
via ::, FastEthernet0/0
S 2001:129::/64 [1/0]
via 2001::207:85FF:FE80:7208
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
Martin# ping 2001:129::1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:129::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/32 ms
Martin#
Note in the output in Example 20-7 that the router automatically generates a /128 route in the IPv6
routing table, classified as Local, for each of its own interfaces.
A floating static route is configured in the same way as shown in Example 20-7, but floating static
routes also include the administrative distance after the next hop. The full syntax of the ipv6 route
command is included in the Cisco IOS command table at the end of this chapter. Additionally, you
will find more detail on IPv6 static routing in the multicast coverage at the end of this chapter.

Access Lists and Traffic Filtering

Access Lists and Traffic Filtering
Cisco IOS has the same traffic filtering and related concepts for IPv6 as for IPv4. Access lists serve
the same purposes in IPv6 as in IPv4, including traffic filtering and access control for interface
logins. You should be aware of a few key differences between access-list behavior for the two
network layer protocols, however:
■ Because Neighbor Discovery is such a key protocol in IPv6, access lists implicitly permit ND
traffic. This is necessary to avoid breaking ND’s ARP-like functionality. You can override this
implicit-permit behavior using deny statements in IPv6 access lists.
■ When IPv6 access lists are used for traffic filtering, the command syntax differs from that for
IPv4. To configure an interface to filter traffic using an access list, use the ipv6 traffic-filter
access-list-name {in | out} command.
■ IPv6 access lists are always named; they cannot be numbered (unless you use a number as a
name).
■ IPv6 access lists are configured in named access-list configuration mode, which is like IPv4
named access-list configuration mode. However, you can also enter IPv4-like commands that
specify an entire access-list entry on one line. The router will convert it to the correct
configuration commands for named access-list configuration mode.
With these exceptions, access-list applications, behavior, and configuration are generally similar
for IPv6 and IPv4.
Example 20-6 shows an access list that permits all Telnet traffic to a particular subnet and also
matches on a DSCP setting of CS1. In addition, this entry logs ACL hits (and denies, for the second
entry) for tracking purposes. The show access-list command is also shown to illustrate how
similar IPv6 ACL behavior is to IPv4 ACLs.
Example 20-6 IPv6 Access Lists
cano(config)# ipv6 access-list restrict-telnet
cano(config-ipv6-acl)# permit tcp any 2001:1:2:3::/64 eq telnet dscp cs1 log
cano(config-ipv6-acl)# deny tcp any any log-input
cano(config-ipv6-acl)# line vty 0 4
! Next, the access list is applied inbound on VTY lines 0-4.
cano(config-line)# access-class restrict-telnet in
cano(config-line)# end
cano# show access-lists
IPv6 access list restrict-telnet
permit tcp any 2001:1:2:3::/64 eq telnet dscp cs1 log (1 match) sequence 10
deny ipv6 any any log-input (2 matches) sequence 20
cano#

Unicast Reverse Path Forwarding


Unicast Reverse Path Forwarding

In IPv6, unicast RPF helps assure a router from DoS attacks from spoofed IPv6 host addresses.

When you configure IPv6 unicast RPF by arising the ipv6 verify unicast reverse-path command

on an interface, the router performs a recursive lookup in the IPv6 acquisition table to verify that the

packet came in on the actual interface. If this analysis passes, the packet in catechism is allowed

through; if not, the router drops it.

Cisco IOS Software gives you the advantage of defining a array of assurance boundary. This way, a router

can verify alone called antecedent IPv6 addresses in the unicast RPF check. To do this, configure an

access account on the router and alarm it with the ipv6 verify unicast reverse-path command.

In Example 20-4, the router will accomplish the RPF analysis on all IPv6 packets that access the router’s

Fast Ethernet 0/0 interface. The router will again bead packets that accommodated both of these conditions:

1. The RPF analysis fails.

2. The antecedent abode is aural the 2007::/64 range.

If either of these altitude is not met, the packet will be routed. If both altitude are met, the

router drops the packet.

Example 20-4 Unicast Reverse-Path Forwarding Configuration

HiramMaxim(config)# ipv6 access-list urpf

HiramMaxim(config-ipv6-acl)# abjure ipv6 2007::/64 any

HiramMaxim(config-ipv6-acl)# admittance ipv6 any any

HiramMaxim(config-ipv6-acl)# interface fa0/0

HiramMaxim(config-if)# ipv6 verify unicast reverse-path urpf

HiramMaxim(config-if)# end

HiramMaxim# ipv6 interface fa0/0

FastEthernet0/0 is up, band agreement is up

IPv6 is enabled, link-local abode is FE80::207:85FF:FE80:7208

No Virtual link-local address(es):

Global unicast address(es):

2002:192:168:1::1, subnet is 2002:192:168:1::/64

2002:192:168:2::1, subnet is 2002:192:168:2::/64 [ANY]

Joined accumulation address(es):

FF02::1

FF02::2

FF02::A

FF02::D

FF02::16

FF02::1:FF00:1

FF02::1:FF80:7208

MTU is 1500 bytes

ICMP absurdity letters bound to one every 100 milliseconds

ICMP redirects are enabled

Basic IPv6 Functionality Protocols 763

For added advice about how RPF checks work, see Chapter 16, “Introduction to IP

Multicasting.”

DNS

DNS for IPv6 is absolutely agnate to DNS for IPv4; it provides resolution of area names to IPv6

addresses. One key aberration is the name acclimated for DNS annal for IPv6 addresses. In IPv4, these

are accepted as A records; in IPv6, RFC 1886 cleverly agreement them AAAA records, because IPv6

addresses are four times best (in bits) than IPv4 addresses. RFC 1886 and RFC 2874 are both

IPv6 DNS extensions. RFC 2874 calls IPv6 abode annal A6 records. Today, RFC 1886 is most

commonly used; however, RFC 2874 expects to eventually anachronistic RFC 1886.

IPv6 DNS extensions additionally accommodate the changed lookup action of PTR records, which maps IPv6

addresses to host names.

CDP

Cisco Discovery Agreement provides all-encompassing advice about the agreement and

functionality of Cisco devices. Because of its extensibility, it should be no abruptness to you that

CDP additionally provides advice about Cisco IPv6 host configuration. To see IPv6 information

ICMP unreachables are sent

Input features: RPF

Unicast RPF access-list urpf

Process Switching:

0 analysis drops

0 suppressed analysis drops

CEF Switching:

0 analysis drops

0 suppressed analysis drops

ND DAD is enabled, cardinal of DAD attempts: 1

ND attainable time is 30000 milliseconds

ND advertised attainable time is 0 milliseconds

ND advertised retransmit breach is 0 milliseconds

ND router advertisements are beatific every 200 seconds

ND router advertisements alive for 1800 seconds

ND advertised absence router another is Medium

Hosts use stateless autoconfig for addresses.

Example 20-4 Unicast Reverse-Path Forwarding Agreement (Continued)

764 Chapter 20: IP Version 6

transmitted in CDP frames, you charge use the detail keyword for the appearance cdp neighbor

command, as apparent in Example 20-5.

DHCP

One another to changeless IPv6 addressing, namely stateless autoconfiguration, was covered earlier.

Another another additionally exists: stateful autoconfiguration. This is area DHCPv6 comes in.

DHCPv6 is defined in RFC 3315.

Two altitude can account a host to use DHCPv6:

■ The host is absolutely configured to use DHCPv6 based on an implementation-specific setting.

■ An IPv6 router advertises in its RA letters that it wants hosts to use DHCPv6 for

addressing. Routers do this by ambience the M banderole (Managed Abode Configuration) in RAs.

To use stateful autoconfiguration, a host sends a DHCP appeal to one of two acclaimed IPv6

multicast addresses on UDP anchorage 547:

■ FF02::1:2, all DHCP broadcast agents and servers

■ FF05::1:3, all DHCP servers

The DHCP server again provides the all-important agreement advice in acknowledgment to the host on

UDP anchorage 546. This advice can accommodate the aforementioned types of advice acclimated in an IPv4

network, but additionally it can accommodate advice for assorted subnets, depending on how the

DHCP server is configured.

To configure a Cisco router as a DHCPv6 server, you aboriginal configure a DHCP pool, aloof as in IPv4

DHCP. Then, you charge accurately accredit the DHCPv6 account application the ipv6 dhcp server poolname

interface command.

Example 20-5 IPv6 Advice Available from CDP Output

Rivers# appearance cdp neighbors detail

-------------------------

Device ID: Mantle

Entry address(es):

IP address: 10.7.7.6

IPv6 address: FE80::207:85FF:FE80:7208 (link-local)

IPv6 address: 2001::207:85FF:FE80:7208 (global unicast)

Platform: Cisco 1760, Capabilities: Router Switch

Interface: Serial0/0, Anchorage ID (outgoing port): Serial0/0

Holdtime : 159 sec

(output bare for brevity)


Like ICMP for IPv4, ICMPv6 provides messaging

ICMPv6
Like ICMP for IPv4, ICMPv6 provides messaging support for IPv6. As you learned in the previous
section, ICMPv6 provides all the underlying services for neighbor discovery, but it also provides
many functions in error reporting and echo requests.
ICMPv6 is standardized in RFC 2463, which broadly classifies ICMPv6 messages into two
groups: error reporting messages and informational messages. To conserve bandwidth, RFC 2463
mandates configurable rate limiting of ICMPv6 error messages. The RFC suggests that ICMPv6
may limit its message rate by means of timers or based on bandwidth. No matter which methods
are used, each implementation must support configurable settings for these limits. To that end,
Cisco IOS Software implements ICMP rate limiting by setting the minimum interval between
error messages and allows credit to build using a token bucket.
To limit ICMPv6 error messages, use the ipv6 icmp error-interval command, in global
configuration mode. The default interval is 100 ms, and the default token-bucket size is 10 tokens.
With this configuration, a new token (up to a total of 10) is added to the bucket every 100 ms.
Beginning when the token bucket is full, a maximum of 10 ICMPv6 error messages can be sent in
rapid succession. Once the token bucket empties, the router cannot send any additional ICMPv6
error messages until at least one token is added to the bucket.

Basic IPv6 Functionality Protocols


Basic IPv6 Functionality Protocols

IPv6 uses a cardinal of protocols to abutment it. Because IPv6 is fundamentally agnate to IPv4,

some of these protocols will be accustomed to you and are covered in added genitalia of this book—for

example, ICMP, CDP, and DHCP. However, some aspects of IPv6 operation, and absolutely some of

its greatest strengths, crave anatomic abutment from protocols not included in the IPv4 protocol

suite. Key amid them is Acquaintance Analysis Protocol, which provides abounding functions critical

in IPv6 networks. Added protocols, such as CDP, DNS, and ICMP, will be absolutely familiar.

Because acquaintance analysis is such a analytical action in IPv6 networks, this allotment of the chapter

starts with that and again moves on to the added accustomed protocols.

Neighbor Discovery

A above aberration amid IPv4 and IPv6 involves how IPv6 hosts apprentice their own addresses and

learn about their neighbors, including added hosts and routers. Acquaintance Analysis Protocol, also

Basic IPv6 Functionality Protocols 757

known as ND or NDP, facilitates this and added key functions. ND is authentic in RFC 2461. The

remainder of this area introduces ND functionality, lists its capital features, and again lists the

related ICMPv6 messages, which are above the ambit of the assay but are advantageous for abstraction and

reference.

In IPv6 networks, ND Agreement uses ICMPv6 letters and solicited-node multicast addresses for

its amount functions, which centermost on advertent and tracking added IPv6 hosts on connected

interfaces. ND is additionally acclimated for abode autoconfiguration.

Major roles of IPv6 ND accommodate the following:

■ Stateless abode autoconfiguration (detailed in RFC 2462)

■ Duplicate abode apprehension (DAD)

■ Router discovery

■ Prefix discovery

■ Parameter analysis (link MTU, hop limits)

■ Acquaintance discovery

■ Acquaintance abode resolution (replaces ARP, both activating and static)

■ Acquaintance and router reachability verification

ND uses bristles types of ICMPv6 letters to do its work. Table 20-4 defines those functions and

summarizes their goals.

Table 20-4 ND Functions in IPv6

Message

Type

Information Sought

or Sent Antecedent Abode Destination Address

ICMP

Type, Code

Router

Advertisement

(RA)

Routers acquaint their

presence and link

prefixes, MTU, and hop

limits.

Router’s link-local

address

FF02::1 for periodic

broadcasts; abode of

querying host for responses

to an RS

134, 0

Router

Solicitation

(RS)

Hosts concern for the

presence of routers on the

link.

Address assigned to

querying interface, if

assigned, or :: if not

assigned

FF02::2 133, 0

758 Chapter 20: IP Version 6

Neighbor Advertisements

IPv6 nodes accelerate Acquaintance Advertisement (NA) letters periodically to acquaint added hosts on the

same arrangement of their attendance and link-layer addresses.

Neighbor Solicitation

IPv6 nodes accelerate NS letters to acquisition the link-layer abode of a specific neighbor. This message

is acclimated in three operations:

■ Duplicate abode detection

■ Acquaintance reachability verification

■ Layer 3 to Layer 2 abode resolution (as a backup for ARP)

IPv6 does not accommodate ARP as a agreement but rather integrates the aforementioned functionality into ICMP as

part of acquaintance discovery. The acknowledgment to an NS bulletin is an NA message.

Figure 20-3 shows how acquaintance analysis enables advice amid two IPv6 hosts.

Message

Type

Information Sought

or Sent Antecedent Abode Destination Address

ICMP

Type, Code

Neighbor

Solicitation

(NS)

Hosts concern for other

nodes’ link-layer

addresses. Acclimated for

duplicate address

detection and to verify

neighbor reachability.

Address assigned to

querying interface, if

assigned, or :: if not

assigned

Solicited-node multicast

address or the ambition node’s

address, if known

135, 0

Neighbor

Advertisement

(NA)

Sent in acknowledgment to NS

messages and

periodically to provide

information to neighbors.

Configured or

automatically

assigned abode of

originating interface

Address of bulge requesting

the NA or FF02::1 for

periodic advertisements

136, 0

Redirect Sent by routers to inform

nodes of bigger next-hop

routers.

Link-local abode of

originating node

Source abode of

requesting node

137, 0

Table 20-4 ND Functions in IPv6 (Continued)

Basic IPv6 Functionality Protocols 759

Figure 20-3 Acquaintance Analysis Amid Two Hosts

Router Advertisement and Router Solicitation

A Cisco IPv6 router begins sending RA letters for anniversary of its configured interface prefixes

when the ipv6 unicast-routing command is configured. You can change the absence RA interval

(200 seconds) application the command ipv6 nd ra-interval. Router advertisements on a accustomed interface

include all of the 64-bit IPv6 prefixes configured on that interface. This allows for stateless address

autoconfiguration application EUI-64 to assignment properly. RAs additionally accommodate the articulation MTU, hop limits, and

whether a router is a applicant absence router.

IPv6 routers accelerate alternate RA letters to acquaint hosts about the IPv6 prefixes acclimated on the link

and to acquaint hosts that the router is accessible to be acclimated as a absence gateway. By default, a Cisco

router active IPv6 on an interface advertises itself as a applicant absence router. If you do not

want a router to acquaint itself as a absence candidate, use the command ipv6 nd ra-lifetime 0. By

sending RAs with a lifetime of 0, a router still informs affiliated hosts of its presence, but tells

connected hosts not to use it to ability hosts off the subnet.

If, for some reason, you capital to adumbrate the attendance of a router absolutely in agreement of router

advertisements, you can attenuate router advertisements on that router by arising the ipv6 nd

suppress-ra command.

NOTE Figures 20-3 and 20-4 were redrawn from Figures 12 and 13, respectively, in

“Implementing IPv6 Addressing and Basic Connectivity” at http://www.cisco.com/en/US/

products/sw/iosswrel/ps5187/products_configuration_guide_chapter09186a00806f3a6a.html.

Host A Host B

Src = A

Dst = Solicited-node multicast of B

Data = Link-layer abode of A

Query = What is your articulation address?

Neighbor Solicitation

Src = B

Dst = A

Data = Link-Layer Abode of B

Neighbor Advertisement

A and B can now exchange

packets on this link.

760 Chapter 20: IP Version 6

Figure 20-4 shows how ND enables advice amid two IPv6 hosts.

Figure 20-4 Router Advertisements Make Hosts Aware of a Router’s Attendance and Provide Information

IPv6 acclamation compared to IPv4 follows:


You charge apperceive IPv4 acclamation carefully to alike ability this point in your CCIE abstraction efforts.

This affiliate takes advantage of that actuality to advice you bigger apprentice about IPv6 acclamation by making

comparisons amid IPv4 and IPv6. But first, you charge to briefly analyze why we charge IPv6 or,

more absolutely perhaps, why we will charge it in the future.

IPv6 was created to accommodated the charge for added host addresses than IPv4 can accommodate—a lot

more. In the aboriginal 1990s, back the cardinal of Internet-connected hosts began to appearance signs of

massive growth, article of a crisis was brewing amid the standards bodies about how to deal

with that advance in a way that would calibration not aloof to the concise need, but continued appellation as well.

It takes a lot of assay and time to actualize a new acclamation accepted that meets those goals.

Internet advance appropriate faster solutions than a absolute new acclamation accepted could support.

Two methods were bound implemented to accommodated the concise need: RFC 1918 clandestine IP

addresses and NAT/PAT. In a way, these techniques accept been so acknowledged at abridgement the growth

of Internet acquisition tables that they accept pushed out the charge for IPv6 by at atomic a decade, but that

need still exists. The day is advancing back the apple will artlessly accept to move to IPv6 for reasons

of appliance requirements, if not for near-term burnout of IPv4 addresses. One disciplinarian in this

progression is peer-to-peer applications, which accept developed abundantly in acceptance and are complex

to abutment with NAT/PAT. Addition is that the amoebic advance of the Internet about IPv4 has led

to suboptimal and bare abode allocation amid the busy areas of the world,

especially because the billow in Internet advance in awful busy countries that were not part

of the aboriginal Internet explosion.

IPv6 gives us a adventitious to admeasure abode ranges in a added alive way, which will ultimately

optimize Internet acquisition tables. At the aforementioned time, IPv6 provides an about unimaginably vast

pool of host IP addresses. At some point, NAT may become a abroad anamnesis of an ancient age.

Let’s appraise what makes IPv6 what it is and how it differs from IPv4. The key differences in

IPv6 acclamation compared to IPv4 follows:

■ IPv6 addresses are 128 $.25 long, compared to 32 $.25 continued for IPv4. In added words, IPv6

addresses are 296 times added abundant than IPv4 addresses.

■ IPv6 addresses are represented in hexadecimal rather than decimal and use colon-separated

fields of 16 $.25 each, rather than decimal credibility amid 8-bit fields, as in IPv4.

746 Affiliate 20: IP Version 6

■ In a Cisco IOS router, you can configure assorted IPv6 addresses on an interface (logical or

physical), all of them with according antecedence in agreement of the interface’s behavior. By

comparison, you can configure alone one primary IPv4 abode per interface with optional

secondary addresses.

■ Globally altered IPv6 addresses can be configured automatically by a router appliance the builtin

autoconfiguration action afterwards the abetment of protocols such as DHCP.

■ IPv6 uses congenital acquaintance discovery, by which an IPv6 bulge can ascertain its neighbors and

any IPv6 routers on a segment, as able-bodied as whether any routers present are accommodating to serve as

a absence aperture for hosts.

■ The concepts of clandestine IPv4 acclamation in RFC 1918 do not administer to IPv6; however, several

different types of IPv6 addresses abide to accommodate agnate functionality.

The above-mentioned account provides several key differences amid IPv4 and IPv6; the abutting section

explores the capacity of these concepts and provides an accession to IPv6 agreement in

Cisco IOS.

IPv6 Acclamation and Abode Types

This area covers the basics of IPv6 addressing, starting with how IPv6 addresses are

represented and again exploring the altered types of IPv6 addresses. Afterwards laying that foundation,

the “Basic IPv6 Functionality Protocols” area gets into the ancestors of protocols that enables

IPv6 to absolutely action as a arrangement band protocol.

IPv6 Abode Notation

Because of the breadth of IPv6 addresses, it is abstract to represent them the aforementioned way as IPv4

addresses. At 128 bits, IPv6 addresses are four times the breadth of IPv4 addresses, so a more

efficient way of apery them is alleged for. As a result, anniversary of the eight groups of 16 $.25 in

an IPv6 abode is represented in hex, and these groups are afar by colons, as follows:

1234:5678:9ACB:DEF0:1234:5678:9ABC:DEF0

In IPv6, as in IPv4, unicast addresses accept a two-level network:host bureaucracy (known in IPv6 as

the prefix and interface ID) that can be afar into these two genitalia on any bit abuttals in the

address. The prefix allocation of the abode includes a brace of components, including a global

routing prefix and a subnet. However, the two-level bureaucracy separates the prefix from the

interface ID abundant like it divides the arrangement and host portions of an IPv4 address. Instead of using

a decimal or hex subnet mask, though, IPv6 subnets use carve characters to announce the network

portion of the address, as follows:

1234:5678:9ABC:DEF0:1234:5678:9ABC:DEF0/64

IPv6 Acclamation and Abode Types 747

An IPv6 abode with a prefix breadth of 64 bits, frequently alleged a /64 abode in this context, sets

aside the aboriginal bisected of the abode amplitude for the prefix and the aftermost bisected for the interface ID. After

more advantage of the arena rules for IPv6 addressing, this affiliate covers the agency that prefixes

and interface IDs are developed for unicast addresses, as able-bodied as the added abode types used

in IPv6 networks.

Address Abridgement Rules

Even in the almost able architecture apparent earlier, the antecedent IPv6 addresses can be

cumbersome because of their arduous length. As a result, a brace of abridgement methods are used

to accomplish it easier for us to assignment with them. These methods accommodate the following:

■ Whenever one or added alternating 16-bit groups in an IPv6 abode abide of all 0s, that

portion of the abode can be bare and represented by two colons (::). The two-colon

abbreviation can be acclimated alone already in an address, to annihilate ambiguity.

■ Back a 16-bit accumulation in an IPv6 abode begins with one or added 0s, the arch 0s can be

omitted. This advantage applies behindhand of whether the double-colon abridgement adjustment is

used anywhere in the address.

Here are some examples of the above-mentioned techniques, accustomed an IPv6 abode of

2001:0001:0000:0000:00A1:0CC0:01AB:397A. Accurate agency of abridgement this abode appliance the

preceding rules accommodate these:

2001:1:0:0:A1:CC0:1AB:397A

2001:0001::00A1:0CC0:0174AB:397A

2001:1::A1:CC0:1AB:397A

All of these abbreviated examples actually represent the accustomed abode and can be

independently interpreted by any IPv6 host as the aforementioned address.

IPv6 Abode Types

Like IPv4 addresses, several types of IPv6 addresses are appropriate for the assorted applications of

IPv6 as a Band 3 protocol. In IPv4, the abode types are unicast, multicast, and broadcast. IPv6

differs hardly in that advertisement acclamation is not used; appropriate multicast addresses booty the place

of IPv4 advertisement addresses. However, three abode types abide in IPv6: unicast, multicast, and

anycast. This area of the affiliate discusses anniversary one. Table 20-2 summarizes the IPv6 address

types.

748 Affiliate 20: IP Version 6

Many of the agreement in Table 20-2 are absolute to IPv6. The afterward sections appraise anniversary of the

address types listed in the table.

Unicast

Unicast IPv6 addresses accept abundant the aforementioned functionality as unicast IPv4 addresses, but because

IPv6’s 128-bit abode amplitude provides so abounding added addresses to use, we accept abundant more

flexibility in allotment them globally. Because one of the intents for IPv6 acclamation in public

networks is to acquiesce advanced use of globally altered addresses, aggregatable all-around unicast IPv6

addresses are allocated in a way in which they can be calmly abbreviated to analytic accommodate the

size of all-around IPv6 acquisition tables in account provider networks.

In accession to aggregatable all-around unicast addresses, several added aspects of IPv6 unicast

addressing deserve acknowledgment actuality and chase in the abutting few sections.

Aggregatable All-around Addresses

In accepted usage, aggregatable all-around addresses are assigned from the IPv6 addresses that begin

with bifold 001. This amount can be accounting in prefix characters as 2000::/3, which agency “all IPv6

addresses whose aboriginal 3 $.25 are according to the aboriginal 3 $.25 of hex 2000." In practice, this includes IPv6

addresses that activate with hex 2 or 3. (Note that RFC 3587 afterwards removed the brake to only

allocate aggregatable all-around unicast addresses from the 2000::/3, but in practice, these addresses

are still allocated from this range.) To ensure that IPv6 addresses can be abbreviated efficiently

when advertised against Internet routers, several all-around organizations admeasure these addresses to

service providers and added users. See RFC 3587 and RFC 3177 for added details.

Table 20-2 IPv6 Abode Types

Address Blazon Ambit Application

Aggregatable global

unicast

2000::/3 Host-to-host communication; aforementioned as IPv4

unicast.

Multicast FF00::/8 One-to-many and many-to-many

communication; aforementioned as IPv4 multicast.

Anycast Aforementioned as Unicast Application-based, including amount balancing,

optimizing cartage for a accurate service, and

redundancy. Relies on acquisition metrics to

determine the best destination for a particular

host.

Link-local unicast FE80::/10 Connected-link communications.

Solicited-node multicast FF02::1:FF00:0/104 Acquaintance solicitation.

IPv6 Acclamation and Abode Types 749

Aggregatable all-around abode prefixes are structured so that they can be carefully abbreviated and

aggregated through a bureaucracy consisting of a clandestine arrangement and a alternation of account providers.

Here is how that works, based on RFC 3177, starting afterwards the aboriginal 3 $.25 in the prefix:

■ The abutting 45 $.25 represent the all-around acquisition prefix.

■ The aftermost 16 $.25 in the prefix, anon above-mentioned the Interface ID allocation of the address,

are Site Level Aggregator (SLA), bits. These $.25 are acclimated by an alignment for its own

internal acclamation hierarchy. This acreage is additionally accepted as the Subnet ID.

■ The aftermost 64 $.25 accomplish up the interface ID.

Figure 20-1 shows the aggregatable all-around unicast IPv6 abode format.

Figure 20-1 IPv6 Abode Format

The interface ID allocation of an aggregatable all-around IPv6 abode can be absolutely assigned in Cisco

IOS or acquired appliance a cardinal of methods explored afterwards in this affiliate in the “IPv6 Address

Autoconfiguration” section. These addresses should use an Interface ID in the adapted EUI-64

format, discussed afterwards in this chapter. Depending on how these addresses are assigned, however,

the Universal/Local bit, which is the 7th bit in the Interface ID acreage of an IPv6 address, can be set

to 0 (locally administered) or 1 (globally unique) to announce the attributes of the Interface ID portion

of the address.

Link-Local Addresses

As the appellation implies, link-local addresses are acclimated on a abstracts articulation or multiaccess network, such as

a consecutive articulation or an Ethernet network. Because these addresses are link-local in scope, they are

guaranteed to be altered alone on that articulation or multiaccess network. Anniversary interface type, regardless

of whether it is serial, PPP, ATM, Frame Relay, Ethernet, or article else, gets a link-local

address back IPv6 is enabled on that interface.

64 Bits

16 Bits

SLA or

Subnet ID

45 Bits

48 Bits

Global Prefix

3 Bits

001

Interface

Prefix ID

750 Affiliate 20: IP Version 6

Link-local addresses consistently activate with FE80::/10. The Interface ID allocation of the abode is

derived appliance the adapted EUI-64 format, discussed afterwards in this chapter. The actual 54 bits

of the prefix are consistently set to 0.

On Ethernet interfaces, the IEEE 802 MAC abode is the base for the Interface ID. For other

interface types, routers draw from a basin of basic MAC addresses to accomplish the Interface IDs.

An archetype of a absolutely formed link-local abode follows:

FE80::207:85FF:FE80:71B8

As you ability accumulate from the name, link-local addresses are acclimated for advice between

hosts that do not charge to leave the bounded segment. By definition, routers do not advanced link-local

traffic to added segments. As you will see afterwards in this chapter, link-local addresses are acclimated for

operations such as acquisition agreement acquaintance communications, which are by their attributes linklocal.

IPv4-Compatible IPv6 Addresses

Many alteration strategies accept been developed for IPv4 networks to drift to IPv6 account and

for IPv6 networks to intercommunicate over IPv4 networks. Most of these strategies involve

tunneling. Similarly, a apparatus exists for creating IPv6 addresses that are accordant with

IPv4. These addresses use 0s in the aboriginal 96 $.25 of the abode and one of the two formats for the

remaining allocation of the address. Booty a attending at an example, accustomed the IPv4 abode 10.10.100.16.

The afterward are accurate IPv4-compatible IPv6 addresses that accord to this IPv4 abode (all

of these are in hexadecimal, as IPv6 addresses are universally represented):

0:0:0:0:0:10:10:100:16

::10:10:100:16

::A:A:64:10

IPv4-compatible IPv6 addresses are not broadly acclimated and do not represent a architecture best practice,

but you should be accustomed with their format. See the area “Tunneling,” afterwards in this affiliate for

more detail on IPv4-compatible abode acceptance in the agnate adit blazon and on the

deprecation of this tunneling blazon in Cisco IOS.

Assigning an IPv6 Unicast Abode to a Router Interface

To configure any IPv6 abode or added IPv6 feature, you charge aboriginal globally accredit IPv6 on the

router or switch:

Stengel(config)# ipv6 unicast-routing

IPv6 Acclamation and Abode Types 751

Next, configure a all-around unicast address:

Stengel(config-if)# ipv6 abode 2001:128:ab2e:1a::1/64

Routers automatically configure a articulation bounded IPv6 abode on all IPv6-enabled interfaces. However,

you can configure the articulation bounded abode with the afterward command. (Note the the link-local

keyword to baptize the abode type.)

Stengel(config-if)# ipv6 abode fe80::1 link-local

Unlike IPv4, IPv6 allows you to accredit abounding addresses to an interface. All IPv6 addresses

configured on an interface get according antecedence in agreement of IP acquisition behavior.

Multicast

Multicast for IPv6 functions abundant like IPv4 multicast. It allows assorted hosts to become

members of (that is, accept cartage beatific to) a multicast accumulation afterwards attention to their area or

number. A multicast receiver is accepted as a accumulation member, because it joins the multicast accumulation to

receive traffic. Multicast addresses in IPv6 accept a specific format, which is covered in the next

section.

Because IPv6 has no advertisement acclamation concept, multicast takes the abode of all functions that

would use advertisement in an IPv4 network. For example, the IPv6 DHCP action uses multicast for

sending cartage to an alien host on a bounded network.

As in IPv4, IPv6 multicast addresses are consistently destinations; a multicast abode cannot be used

as a antecedent of any IPv6 traffic.

IPv6 multicast is covered in added detail in the aftermost area of this chapter.

IPv6 Multicast Abode Format

Multicast addresses in IPv6 consistently activate with FF as the aboriginal octet in the address, or FF00::/8. The

second octet specifies the lifetime and ambit of the multicast group. Lifetime can be abiding or

temporary. Ambit can be bounded to any of the following:

■ Node

■ Link

■ Site

■ Organization

■ Global

752 Affiliate 20: IP Version 6

The multicast abode architecture is apparent in Figure 20-2.

Figure 20-2 IPv6 Multicast Abode Format

Table 20-3 shows several acclaimed IPv6 multicast accumulation addresses and their functions.

In an IPv6 network, as in IPv4, there is an all-nodes multicast accumulation (FF02::1), of which all IPv6

hosts are members. All routers charge accompany the all-routers multicast abode (FF02::2). In addition,

IPv6 multicast uses a solicited-node accumulation that anniversary router charge accompany for all of its unicast and

anycast addresses. The architecture for solicited-node multicast addresses is

FF02::1:FF00:0000/104

Table 20-3 IPv6 Multicast Well-Known Addresses

Function Multicast Accumulation IPv4 Equivalent

All hosts FF02::1 Subnet advertisement address

All Routers FF02::2 224.0.0.2

OSPFv3 routers FF02::5 224.0.0.5

OSPFv3 appointed routers FF02::6 224.0.0.6

EIGRP routers FF02::A 224.0.0.10

PIM routers FF02::D 224.0.0.13

Interface ID

64 Bits

All 0s

8 Bits

FF

8 Bits

Lifetime Scope

4 $.25 4 Bits

16 Bits

0000 = Permanent

0001 = Temporary

0001 = Node

0010 = Link

0101 = Site

1000 = Organization

1110 = Global

Scope

IPv6 Acclamation and Abode Types 753

Note that all but the aftermost 24 $.25 of the abode are defined by the /104 prefix. Solicited-node

addresses are congenital from this prefix concatenated with the low-order 24 $.25 (128 – 104 = 24) of

the agnate unicast or anycast address. For example, a unicast abode of

2001:1AB:2003:1::CBAC:DF01

has a agnate solicited-node multicast abode of

FF02::1:FFAC:DF01

Solicited-node addresses are acclimated in the Acquaintance Analysis (ND) process, covered afterwards in this

chapter.

Multicast in IPv6 relies on a cardinal of protocols with which you are already familiar, including

PIM. Multicast Listener Analysis is addition key allotment of IPv6 multicast. These capacity and other

related multicast capacity are covered afterwards in this affiliate in the “IPv6 Multicast” section.

Anycast

In some applications, decidedly server farms or provider environments, it may be adorable to

pool a cardinal of servers to accommodate redundancy, amount balancing, or both. Several protocols can

provide this functionality in IPv4 networks.

IPv6 has congenital abutment for this appliance in the anatomy of anycast addressing. Anycast addresses

can be assigned to any cardinal of hosts that accommodate the aforementioned service; back added hosts admission this

service, the specific server they hit is bent by the unicast acquisition metrics on the aisle to that

particular accumulation of servers. This provides geographic differentiation, added availability, and

load acclimation for the service.

Anycast addresses are fatigued from the IPv6 unicast abode basin and, therefore, are not

distinguishable from unicast addresses. RFC 2526 recommends a ambit of addresses for use by

anycast applications. Already an abode is assigned to added than one host, it becomes an anycast

address by definition. Because anycast addresses cannot be acclimated to antecedent traffic, however, a

router charge apperceive if one of its interface IPv6 addresses is an anycast address. Therefore, Cisco IOS

Software requires the anycast keyword to be activated back an anycast abode is configured, as in

this example:

Mariano(config-if)# ipv6 abode 3001:fffe::104/64 anycast

All IPv6 routers additionally charge abutment the subnet router anycast address. This anycast address

is a prefix followed by all 0s in the interface ID allocation of the address. Hosts can use a subnet

router anycast abode to ability a accurate router on the articulation articular by the prefix accustomed in the

subnet router anycast address.

The Bearding Address

One added blazon of IPv6 abode deserves acknowledgment in this section, as it is acclimated for a cardinal of

functions in IPv6 communications. This address, which is acclimated for some types of requests covered

later in this chapter, is represented artlessly by ::. The bearding abode is consistently a antecedent address

used by an interface that has not yet abstruse its unicast address. The bearding abode cannot be

assigned to an interface, and it cannot be acclimated as a destination address.

IP Version 6

IP Version 6
This chapter begins with coverage of fundamental topics of IPv6, then progresses into IPv6
routing protocols and other key related technologies. As you will see, IPv6 has a great deal in
common with IPv4. Once you understand the IPv6 addressing format and basic configuration
commands, you should begin to feel comfortable with IPv6 as a Layer 3 protocol because it shares
so many of IPv4’s characteristics. IPv6 and IPv4 also have similar basic configuration options and
show commands.
■ IPv6 Addressing and Types
■ IPv6 Neighbor Discovery
■ Basic IPv6 Functionality Protocols
■ IPv6 Multicast and Related Multicast
Protocols
■ Tunneling Techniques
■ OSPFv3
■ EIGRP for IPv6

IPv6 Abode Autoconfiguration

IPv6 Abode Autoconfiguration

One of the goals of IPv6 is to accomplish activity easier for arrangement administrators, abnormally in dealing

with the about unimaginably all-inclusive abode amplitude that IPv6 provides compared to IPv4. Automatic

address configuration, or artlessly autoconfiguration, was created to accommodated that need.

An IPv6 host can automatically configure its complete address, or aloof the interface ID allocation of

its address, depending on which of the several methods for autoconfiguration it uses. Those

methods include

■ Stateful autoconfiguration

■ Stateless autoconfiguration

■ EUI-64

One method, stateful autoconfiguration, assigns a host or router its absolute 128-bit IPv6 address

using DHCP. Addition method, stateless autoconfiguration, dynamically assigns the host or router

interface a 64-bit prefix, and again the host or router derives the aftermost 64 $.25 of its abode application the

EUI-64 action declared in this section.

Because the EUI-64 architecture is apparent so frequently, it is important to awning those capacity now.

However, decidedly for those who accept not abstruse abundant about IPv6 afore account this chapter,

it is bigger to adjourn the blow of the capacity about autoconfiguration until the area blue-blooded “IPv6

Address Autoconfiguration” afterwards in this chapter.

EUI-64 Abode Format

One key aspect of IPv6 acclamation is automated configuration, but how does an IPv6 host ensure

that autoconfigured addresses are globally unique?

The acknowledgment to this catechism comes in two parts. The aboriginal allotment is to set abreast a ambit and structure

for aggregatable all-around addresses, as declared earlier. Once a arrangement ambassador has set the

prefix for a accustomed network, the additional allotment takes over. That additional footfall is abode autoconfiguration,

but what architecture should a host use for these addresses to ensure that they are globally

unique? That architecture is EUI-64

IPv6 Acclamation and Abode Types 755

With EUI-64, the interface ID is configured locally by the host to be globally unique. To do that,

the host needs a globally different allotment of advice that it already knows. That allotment of

information cannot be added than 64 $.25 long, because EUI-64 by analogue requires a 64-bit

prefix and a 64-bit interface ID. But it needs to be both continued abundant and from a antecedent that is

known to be globally unique.

To accommodated this need, Ethernet hosts and Cisco routers with Ethernet interfaces use their 48-bit MAC

addresses as a berry for EUI-64 addressing. But because the MAC abode is 48 $.25 continued and the

EUI-64 action makes up the aftermost 64 $.25 of an IPv6 address, the host needs to acquire the other

16 $.25 from addition source. The IEEE EUI-64 accepted places the hex amount FFFE into the center

of the MAC abode for this purpose. Finally, EUI-64 sets the universal/local bit, which is the 7th

bit in the Interface ID acreage of the address, to announce all-around scope.

Here is an example. Accustomed the IPv6 prefix 2001:128:1F:633 and a MAC abode of

00:07:85:80:71:B8, the consistent EUI-64 abode is

2001:128:1F:633:207:85FF:FE80:71B8/64

The adventurous allotment of the abode is the complete interface ID. Note how the accent characters

indicate the ambience of the U/L bit and the admittance of FFFE afterwards the OUI in the MAC address.

Configure this abode on a router’s Fast Ethernet interface, as apparent in Archetype 20-1.

To appearance the result, use the accordant appearance commands. Archetype 20-2 shows a sample of the show

ipv6 interface abrupt command. This shows both the all-around unicast addresses and link-local

address assigned to this interface. The archetype shows interface Fa0/0 with the aggregatable global

unicast abode configured in Archetype 20-1, and the link-local unicast abode automatically

created by the router.

The black area of the unicast abode in Archetype 20-2 shows the EUI-64-derived allocation of

the address. To see the abounding output, omit the abrupt keyword and specify the interface, as apparent in

Example 20-1 Configuring an EUI-64 IPv6 Address

Matsui(config)# int fa0/0

Matsui(config-if)# ipv6 abode 2001:128:1f:633::/64 eui-64

Example 20-2 Checking an IPv6 Interface’s Configured Addresses

Matsui# appearance ipv6 interface brief

FastEthernet0/0 [up/up]

FE80::207:85FF:FE80:71B8

2001:128:1F:633:207:85FF:FE80:71B8

Example 20-3. In this example, the router absolutely informs you that the abode was acquired by

EUI-64 by the “[EUI]” at the end of the all-around unicast address.

Detailed Interface Agreement Output

Matsui# appearance ipv6 interface fa0/0

FastEthernet0/0 is up, band agreement is up

IPv6 is enabled, link-local abode is FE80::207:85FF:FE80:71B8

No Virtual link-local address(es):

Global unicast address(es):

2001:128:1F:633:207:85FF:FE80:71B8, subnet is 2001:128:1F:633::/64 [EUI]

Joined accumulation address(es):

FF02::1

FF02::2

FF02::A

FF02::1:FF80:71B8

MTU is 1500 bytes

ICMP absurdity letters bound to one every 100 milliseconds

ICMP redirects are enabled

ICMP unreachables are sent

ND DAD is enabled, cardinal of DAD attempts: 1

ND attainable time is 30000 milliseconds

ND advertised attainable time is 0 milliseconds

ND advertised retransmit breach is 0 milliseconds

ND router advertisements are beatific every 200 seconds

ND router advertisements alive for 1800 seconds

ND advertised absence router alternative is Medium

Hosts use stateless autoconfig for addresses. IPv6 addressing:EUI-64;EUI-64 address