Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1872
Views
0
Helpful
0
Replies

Internal IPv6 problems

Roman Samoylov
Level 1
Level 1

‎11-18-2016 04:49 AM - edited ‎03-01-2019 05:51 PM

Hi all

Previously I've used vrf-lite only for IPv4. Now I'm testing it for IPv6 and got strange issue.
Two vrfs, vpn_20 (subnet fc00:192:168:20::/64, vlan 20, for routing out) and vpn_test (subnet fc00:192:168:85::/64, vlan 85, some internal clients). Leaking routes achieved via BGP.
If I connect a laptop to vlan85, I can ping things behind my own subnet (fc00:192:168:20::12, test server). But at same time I can't ping it from Catalyst itself. It worked with ipv4. Have no idea how to make it work, putting this in production is a weird idea.

cat-temp-gw#ping vrf vpn_test ipv6 fc00:192:168:20::12 source vlan 85
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to FC00:192:168:20::12, timeout is 2 seconds:
Packet sent with a source address of FC00:192:168:85::1%vpn_test
.....
Success rate is 0 percent (0/5)

Hardware WS-C3560X-24T-S, system image c3560e-universalk9-mz.152-1.E2.bin. Config is attached. Some debug is below:
cat-temp-gw#show ipv6 route vrf vpn_test
IPv6 Routing Table - vpn_test - 4 entries
B   FC00:192:168:20::/64 [20/0]
     via Vlan20%vpn_20, directly connected
C   FC00:192:168:85::/64 [0/0]
     via Vlan85, directly connected
L   FC00:192:168:85::1/128 [0/0]
     via Vlan85, receive
L   FF00::/8 [0/0]
     via Null0, receive
cat-temp-gw#show ipv6 route vrf vpn_20
IPv6 Routing Table - vpn_20 - 5 entries
S   ::/0 [1/0]
     via FC00:192:168:20::12
C   FC00:192:168:20::/64 [0/0]
     via Vlan20, directly connected
L   FC00:192:168:20::3/128 [0/0]
     via Vlan20, receive
B   FC00:192:168:85::/64 [20/0]
     via Vlan85%vpn_test, directly connected
L   FF00::/8 [0/0]
     via Null0, receive
cat-temp-gw#show ip bgp ipv6 unicast
BGP table version is 7, local router ID is 192.168.51.78
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *>  FC00:192:168:20::/64
                       ::                       0         32768 ?
 *>  FC00:192:168:85::/64
                       ::                       0         32768 ?

2 people had this problem
Labels:
Preview file
4 KB
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card