Chapter 2

avatar
Created by
ghassan

Cards (36)

  • IPv6 GUA

    IPv6 global unicast address
    View source
  • IPv6 host configuration
    1. Manually configure IPv6 GUA on router
    2. Manually configure IPv6 GUA on Windows host
    3. Dynamically acquire IPv6 GUA configuration
    View source
  • Manually entering an IPv6 GUA can be time consuming and somewhat error prone
    View source
  • IPv6 link-local address
    Automatically created by host when booting and Ethernet interface is active
    View source
  • The "%" and number at the end of the link-local address is known as a Zone ID or Scope ID and is used by the OS to associate the LLA with a specific interface
    View source
  • DHCPv6 is defined in RFC 3315
    View source
  • ICMPv6 RA message
    Sent by IPv6-enabled router to simplify how a host can dynamically create or acquire its IPv6 configuration
    View source
  • ICMPv6 RA message
    • Contains A flag to use SLAAC
    • Contains O flag to indicate additional information available from stateless DHCPv6 server
    • Contains M flag to use stateful DHCPv6 server to obtain IPv6 GUA
    View source
  • SLAAC
    Stateless Address Autoconfiguration - enables hosts to create their own unique IPv6 global unicast address without a DHCPv6 server
    View source
  • SLAAC
    • Stateless service - no server maintains network address information
    • Sends periodic ICMPv6 RA messages providing addressing and configuration information
    • Hosts can also send Router Solicitation (RS) messages requesting an RA
    • Can be deployed as SLAAC only or SLAAC with DHCPv6
    View source
  • Enabling SLAAC on router
    1. Configure IPv6 GUA and link-local addresses on interface
    2. Join IPv6 all-nodes multicast group
    3. Start sending RA messages to IPv6 all-nodes multicast address
    View source
  • The IPv6 all-routers group responds to the IPv6 multicast address ff02::2
    View source
  • SLAAC only method
    RA messages have A=1, O=0, M=0 - informs client to use IPv6 GUA prefix and dynamically create interface ID, and use additional RA info like DNS, MTU, default gateway
    View source
  • ICMPv6 RS messages
    1. IPv6 hosts send RS messages to IPv6 all-routers multicast address ff02::2 to request an RA
    2. Router responds by sending RA to IPv6 all-nodes multicast address ff02::1
    View source
  • Host process to generate interface ID in SLAAC
    • Randomly generated
    • EUI-64 using MAC address
    View source
  • Duplicate Address Detection (DAD)

    Process to ensure IPv6 GUA is unique - host sends NS message, if no NA response then address is unique
    View source
  • DAD is recommended by IETF but not really required due to 64-bit interface ID providing 18 quintillion possibilities
    View source
  • Stateful DHCPv6
    Does not require SLAAC
    View source
  • DHCPv6 operation steps
    1. Host sends RS message
    2. Router responds with RA message
    3. Host sends DHCPv6 SOLICIT message
    4. DHCPv6 server responds with ADVERTISE message
    5. Host responds to DHCPv6 server
    6. DHCPv6 server sends REPLY message
    View source
  • Stateless DHCPv6
    • Host uses information in RA message for addressing and contacts DHCPv6 server for additional information
    • DHCPv6 server only provides configuration parameters, does not maintain IPv6 address bindings
    View source
  • Enabling stateless DHCPv6 on interface
    Use ipv6 nd other-config-flag command to set O flag to 1 in RA
    View source
  • Stateless DHCPv6
    Router does not maintain a list of IPv6 address bindings (i.e. stateless)
    View source
  • Stateless DHCPv6 operation
    1. PC1 receives RA message with IPv6 GUA prefix and length
    2. A flag set to 1 for SLAAC
    3. O flag set to 1 for seeking additional config from DHCPv6 server
    4. M flag set to 0
    5. PC1 sends DHCPv6 SOLICIT message to stateless DHCPv6 server
    View source
  • Stateful DHCPv6
    Router maintains a list of IPv6 address bindings (i.e. stateful)
    View source
  • Stateful DHCPv6 operation
    1. PC1 receives RA message with IPv6 GUA prefix and length
    2. A flag set to 0 for no SLAAC
    3. O flag set to 0 for contacting DHCPv6 server
    4. M flag set to 1
    5. PC1 sends DHCPv6 SOLICIT message to stateful DHCPv6 server
    View source
  • Stateful DHCPv6 server
    Provides all IPv6 configuration information to clients
    View source
  • Stateless DHCPv6 server
    Provides additional configuration information to clients, clients use SLAAC for addressing
    View source
  • Configuring stateless DHCPv6 server
    1. Enable IPv6 routing
    2. Define DHCPv6 pool
    3. Configure pool options
    4. Bind interface to pool
    5. Manually set O flag to 1 on interface
    View source
  • Configuring stateful DHCPv6 server
    1. Enable IPv6 routing
    2. Define DHCPv6 pool
    3. Configure pool options
    4. Bind interface to pool
    5. Manually set M flag to 1 and A flag to 0 on interface
    View source
  • DHCPv6 client
    Router interface acquires IPv6 configuration from DHCPv6 server
    View source
  • Configuring stateless DHCPv6 client
    1. Enable IPv6 routing
    2. Configure LLA
    3. Use SLAAC
    4. Verify GUA assigned
    5. Verify other DHCP info received
    View source
  • Configuring stateful DHCPv6 client
    1. Enable IPv6 routing
    2. Configure LLA
    3. Use DHCPv6
    4. Verify GUA assigned
    5. Verify other DHCP info received
    View source
  • DHCPv6 relay agent

    Router provides DHCPv6 forwarding services when client and server are on different networks
    View source
  • Configuring DHCPv6 relay agent
    Configure interface facing clients with DHCPv6 server address and egress interface
    View source
  • The show ipv6 dhcp pool command verifies the name of the DHCPv6 pool and its parameters, and identifies the number of active clients
    View source
  • The show ipv6 dhcp binding command displays the IPv6 link-local address of the client and the global unicast address assigned by the stateful DHCPv6 server
    View source