Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4847
Views
0
Helpful
11
Replies

Getting IPv6 working on cable networks

calejaycolony
Level 1
Level 1

‎07-31-2012 01:44 PM - edited ‎03-01-2019 05:36 PM

Looking to get a router in my lab working on a comcast cable modem.  I am recieving RAs from the ISP router, however my router will not generate its global unicast from the prefixes, regardless of ipv6 address autoconfig

General config:

!

ipv6 unicast-routing

ipv6 cef

!

ipv6 multicast-routing

!

Interface config:

interface FastEthernet0/0

description $FW_OUTSIDE$

ip address dhcp

ip nat outside

ip inspect WANInbound in

ip virtual-reassembly

duplex auto

speed auto

ipv6 address autoconfig default

ipv6 enable

ipv6 nd ra suppress

!

Debug output:

1w3d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

1w3d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

1w3d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

1w3d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

1w3d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

1w3d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

1w3d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

1w3d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

Show Output:

UC520#show ipv6 routers

Router FE80::201:5CFF:FE23:A441 on FastEthernet0/0, last update 0 min

  Hops 0, Lifetime 1800 sec, AddrFlag=1, OtherFlag=1

  HomeAgentFlag=0, Preference=Medium

  Reachable time 30000 msec, Retransmit time 1000 msec

  Prefix 2001:558:4020:2F::/64

    Valid lifetime 604800, preferred lifetime 302400

  Prefix 2001:558:6007:2E::/64

    Valid lifetime 604800, preferred lifetime 302400

UC520#

In addition, if a computer is plugged directly into the cable modem, it picks up an IPv6 address no problem, and it works wonderfully.

Any ideas?

C

Labels:
0 Helpful
11 Replies 11

Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎08-02-2012 06:41 AM

hey Cale,

Can you post 

debug ipv6 icmp
debug ipv6 nd
show ipv6 int 

My config:

interface FastEthernet8
 ip address 10.2.2.1 255.255.255.0
 duplex auto
 speed auto
 ipv6 address autoconfig
 ipv6 enable
 ipv6 nd ra suppress
 crypto ipsec client ezvpn EZ

Debugs:

bsns-892-2#sh ipv6 routers
Router FE80::32E4:DBFF:FEB3:B924 on FastEthernet8, last update 0 min
  Hops 64, Lifetime 1800 sec, AddrFlag=0, OtherFlag=0, MTU=1500
  HomeAgentFlag=0, Preference=Medium
  Reachable time 0 (unspecified), Retransmit time 0 (unspecified)
  Prefix 2001:DB8::/64 onlink autoconfig
    Valid lifetime 2592000, preferred lifetime 604800
bsns-892-2#
bsns-892-2#
bsns-892-2#
*Aug  2 13:34:30.083: ICMPv6: Received R-Advert, Src=FE80::32E4:DBFF:FEB3:B924, Dst=FF02::1
*Aug  2 13:34:30.083: ICMPv6-ND: Received RA from FE80::32E4:DBFF:FEB3:B924 on FastEthernet8
*Aug  2 13:34:30.083: ICMPv6-ND: Prefix : 2001:DB8::, Length: 64, Vld Lifetime: 2592000, Prf Lifetime: 604800, PI Flags: C0
*Aug  2 13:34:30.083: ICMPv6-ND: Update on-link prefix 2001:DB8::/64 on FastEthernet8/FE80::32E4:DBFF:FEB3:B924, lifetime 2592000
*Aug  2 13:34:30.083: ICMPv6-ND: %FastEthernet8: OK: IPv6 Address Autoconfig 2001:DB8::/64 eui-64, 2001:DB8::32E4:DBFF:FEB3:B8E2 2001:DB8::32E4:DBFF:FEB3:B8E2/64 is existing
*Aug  2 13:34:30.083: ICMPv6: Received R-Advert, Src=FE80::32E4:DBFF:FEB3:B924, Dst=FF02::1
*Aug  2 13:34:30.083: ICMPv6-ND: Received RA from FE80::32E4:DBFF:FEB3:B924 on FastEthernet8
*Aug  2 13:34:30.083: ICMPv6-ND: Prefix : 2001:DB8::, Length: 64, Vld Lifetime: 2592000, Prf Lifetime: 604800, PI Flags: C0
*Aug  2 13:34:30.083: ICMPv6-ND: Update on-link prefix 2001:DB8::/64 on FastEthernet8/FE80::32E4:DBFF:FEB3:B924, lifetime 2592000
*Aug  2 13:34:30.083: ICMPv6-ND: %FastEthernet8: OK: IPv6 Address Autoconfig 2001:DB8::/64 eui-64, 2001:DB8::32E4:DBFF:FEB3:B8E2 2001:DB8::32E4:DBFF:FEB3:B8E2/64 is existing

this leads to:

bsns-892-2#sh ipv6 interface fa8
FastEthernet8 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::32E4:DBFF:FEB3:B8E2
  No Virtual link-local address(es):
  Stateless address autoconfig enabled
  Global unicast address(es):
    2001:DB8::32E4:DBFF:FEB3:B8E2, subnet is 2001:DB8::/64 [EUI/CAL/PRE]
      valid lifetime 2591988 preferred lifetime 604788
  Joined group address(es):
    FF02::1
    FF02::1:FFB3:B8E2
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ICMP unreachables are sent
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds (using 30000)
  ND NS retransmit interval is 1000 milliseconds
  Default router is FE80::32E4:DBFF:FEB3:B924 on FastEthernet8

Tested on 15.2(3)T on 892 router.

M.

0 Helpful

calejaycolony
Level 1
Level 1
In response to Marcin Latosiewicz

‎08-02-2012 09:46 PM

The debugs:

1w6d: ICMPv6: Received R-Advert, Src=FE80::201:5CFF:FE23:A441, Dst=FF02::1

1w6d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

1w6d: ICMPv6: Received R-Advert, Src=FE80::201:5CFF:FE23:A441, Dst=FF02::1

1w6d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

1w6d: ICMPv6: Received R-Advert, Src=FE80::201:5CFF:FE23:A441, Dst=FF02::1

1w6d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

1w6d: ICMPv6: Received R-Advert, Src=FE80::201:5CFF:FE23:A441, Dst=FF02::1

1w6d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

1w6d: ICMPv6: Received R-Advert, Src=FE80::201:5CFF:FE23:A441, Dst=FF02::1

1w6d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

1w6d: ICMPv6: Received R-Advert, Src=FE80::201:5CFF:FE23:A441, Dst=FF02::1

1w6d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

1w6d: ICMPv6: Received R-Advert, Src=FE80::201:5CFF:FE23:A441, Dst=FF02::1

1w6d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

The show:

UC520#show ipv6 interface fastEthernet 0/0

FastEthernet0/0 is up, line protocol is up

  IPv6 is enabled, link-local address is FE80::21E:13FF:FE27:4456

  No Virtual link-local address(es):

  Description: $FW_OUTSIDE$

  General-prefix in use for addressing

  No global unicast address is configured

  Joined group address(es):

    FF02::1

    FF02::2

    FF02::D

    FF02::16

    FF02::1:FF27:4456

  MTU is 1500 bytes

  ICMP error messages limited to one every 100 milliseconds

  ICMP redirects are enabled

  ICMP unreachables are sent

  ND DAD is enabled, number of DAD attempts: 1

  ND reachable time is 30000 milliseconds (using 25242)

  Hosts use stateless autoconfig for addresses.

UC520#show ipv6 neighbors

IPv6 Address                              Age Link-layer Addr State Interface

FE80::201:5CFF:FE23:A441                    3 0001.5c23.a441  STALE Fa0/0

On the readdition of ipv6 address autoconfig default to the interface:

1w6d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

1w6d: ICMPv6: Received R-Advert, Src=FE80::201:5CFF:FE23:A441, Dst=FF02::1

1w6d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

1w6d: IPv6-Address: Adding operating owner autoconfigured on FastEthernet0/0

1w6d: ICMPv6-ND: Selected new default router FE80::201:5CFF:FE23:A441 on FastEthernet0/0

1w6d: IPv6RT[Default]: static, Route add ::/0 [owner]

1w6d: IPv6RT[Default]: static, Adding next-hop FE80::201:5CFF:FE23:A441 over FastEthernet0/0 for ::/0, [1/0]

1w6d: ICMPv6-ND: Installed default to FE80::201:5CFF:FE23:A441 on FastEthernet0/0

1w6d: IPv6RT[Default]: Event: ::/0, Path, owner static, previous None

1w6d: ICMPv6: Received R-Advert, Src=FE80::201:5CFF:FE23:A441, Dst=FF02::1

1w6d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

1w6d: ICMPv6-ND: O bit set; checking stateless DHCP

1w6d: ICMPv6: Received R-Advert, Src=FE80::201:5CFF:FE23:A441, Dst=FF02::1

1w6d: ICMPv6-ND: Received RA from FE80::201:5CFF:FE23:A441 on FastEthernet0/0

Results in:

UC520#show ipv6 address

IPv6 Address Database for Table Default

Code: * - administratively active

UC520#show ipv6 route

IPv6 Routing Table - Default - 3 entries

Codes: C - Connected, L - Local, S - Static, U - Per-user Static route

       M - MIPv6, R - RIP

S   ::/0 [1/0]

     via 2601:4:2CC0:40:201:5CFF:FE23:A441

     via FE80::201:5CFF:FE23:A441, FastEthernet0/0

S   2601:4:2CC0:40::/64 [1/0]

     via Null0, directly connected

L   FF00::/8 [0/0]

     via Null0, receive

Thanks for your input!

0 Helpful

calejaycolony
Level 1
Level 1
In response to calejaycolony

‎08-02-2012 09:56 PM

Also,

UC520#show ipv6 routers

Router FE80::201:5CFF:FE23:A441 on FastEthernet0/0, last update 0 min

  Hops 0, Lifetime 1800 sec, AddrFlag=1, OtherFlag=1

  HomeAgentFlag=0, Preference=Medium

  Reachable time 30000 msec, Retransmit time 1000 msec

  Prefix 2001:558:4020:2F::/64

    Valid lifetime 604800, preferred lifetime 302400

  Prefix 2001:558:6007:2E::/64

    Valid lifetime 604800, preferred lifetime 302400

0 Helpful

Marcin Latosiewicz
Cisco Employee
Cisco Employee
In response to calejaycolony

‎08-03-2012 01:16 AM

Heh. That's interesting:

Unicast route to null0 ....

S   2601:4:2CC0:40::/64 [1/0]

     via Null0, directly connected

What SW version is this?

With the two debugs I mentioned above I would have expected way more info displayed - maybe you need to let it run a bit longer or do an upgrade to something more recent?

M.

0 Helpful

calejaycolony
Level 1
Level 1
In response to calejaycolony

‎08-03-2012 01:21 AM

UC520#show ver

Cisco IOS Software, UC500 Software (UC500-ADVIPSERVICESK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2008 by Cisco Systems, Inc.

Compiled Fri 11-Jul-08 08:44 by prod_rel_team

ROM: System Bootstrap, Version 12.4(11r)XW3, RELEASE SOFTWARE (fc1)

UC520 uptime is 1 week, 6 days, 8 hours, 55 minutes

System returned to ROM by power-on

System restarted at 19:24:01 EDT Fri Jul 20 2012

System image file is "flash:/uc500-advipservicesk9-mz.124-20.T.bin"

This product contains cryptographic features and is subject to United

States and local country laws governing import, export, transfer and

use. Delivery of Cisco cryptographic products does not imply

third-party authority to import, export, distribute or use encryption.

Importers, exporters, distributors and users are responsible for

compliance with U.S. and local country laws. By using this product you

agree to comply with applicable laws and regulations. If you are unable

to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to

export@cisco.com.

Cisco UC520W-8U-4FXO-K9 (MPC8358) processor (revision 0x202) with 249856K/12288K bytes of memory.

Processor board ID FTX1219Z029

MPC8358 CPU Rev: Part Number 0x804A, Revision ID 0x20

14 User Licenses

10 FastEthernet interfaces

2 terminal lines

4 Voice FXO interfaces

4 Voice FXS interfaces

1 Voice MoH interface

1 802.11 Radio

1 cisco service engine(s)

128K bytes of non-volatile configuration memory.

125440K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2102

UC520#

0 Helpful

Marcin Latosiewicz
Cisco Employee
Cisco Employee
In response to calejaycolony

‎08-03-2012 01:26 AM

Come on, have mercy! 12.4(20)T? 

I would say (if you can) give it a try with 12.4(24)T-latest

and post show tech/running config.

But if you want to get it done faster - TAC case.

0 Helpful

calejaycolony
Level 1
Level 1
In response to Marcin Latosiewicz

‎08-03-2012 01:34 AM

No contract, old equipment. Bummer I guess.. Will post a scrubbed config.

Sent from Cisco Technical Support iPad App

0 Helpful

ROBERTO TACCON
Level 4
Level 4

‎08-02-2012 07:27 AM

Have you try to remove the inspection and check if it works ...

"

ip inspect WANInbound in

"

0 Helpful

calejaycolony
Level 1
Level 1
In response to ROBERTO TACCON

‎08-02-2012 09:53 PM

I may be mistaken, but the ip inspection engine is seperate from ipv6 inspect.  IP inspect would only process packets if the ethertype is 0x0800, not 0x86DD.  Also, the router is recieving the RAs as noted in the OP.

On the likely hood I was mistaken, I removed it to no avail.

Thanks for the post though!

0 Helpful

Andrew Yourtchenko
Cisco Employee
Cisco Employee

‎08-21-2012 01:48 PM

Router FE80::201:5CFF:FE23:A441 on FastEthernet0/0, last update 0 min

Hops 0, Lifetime 1800 sec, AddrFlag=1, OtherFlag=1

AddrFlag=1 means the sender sets managed config flag thus they want you to use DHCPv6, not SLAAC. The behavior is correct. If you configure your CPE router to run DHCP-PD client to populate a general prefix, you can use that general prefix for LAN facing interface and then use it to do SLAAC for your clients. IIRC they delegate a single /64 via PD by default, but you could ask for more.

Spoiler: http://www.dslreports.com/forum/remark,27192895 has the config

See if this helps.

Maybe counterintuitively to v4 wisdom, you do not really need the global address outside to route - the next hops are link locals.

Sent from Cisco Technical Support iPhone App

0 Helpful

calejaycolony
Level 1
Level 1
In response to Andrew Yourtchenko

‎08-21-2012 06:52 PM

It was an incomplete implementation in the iOS build. Ended up using a 1941w upgraded to 1.4 and it worked like a charm, although I needed to activate the data eval license to enable the dhcp client pd command on the wan interface. Frustrated that you need to purchase high end feature licenses to emulate the functionality of consumer grade equipment at available at Walmart, but such is Cisco I guess...

Thanks again though!

Sent from Cisco Technical Support iPad App

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card