12-13-2017 11:13 AM - edited 03-01-2019 05:54 PM
We wish to do stateful v6 addressing for tracking purposes, so we have a Windows v6 DHCP server set up. the router SVI for the subnet is configured like this:
ipv6 unicast-routing
ipv6 multicast-routing
ipv6 nd prefix X:64 0 0 no-autoconfig
ipv6 nd managed-config-flag
ipv6 dhcp relay destination MYIPV6IP-ADDRESS
I haven't configured an ra guard policy on the router or switches yet.
The issue is this-our hosts are getting DHCP just fine, but there are no neighbors on the host, there is no ipv6 dns setting on the host and the default gateway is set to an fe80 address. Our hosts are actually sending same-subnet traffic to the MAC address of the router and hitting ACLs, which is not the behavior we want. The DHCP server doesn't have a setting for default gateway settings, so how do I set things up so that addresses and gateway are retrieved via DHCP? Or maybe the question is how do I set it up so that my hosts are using DHCP, but get the correct default gateway and the ipv6 neighbors work? We don't want hosts to self-assign IP's. We will have a few hosts that might be static, but those seem to be working just fine.
Solved! Go to Solution.
12-13-2017 03:07 PM
Hi Jessica,
1. You should add the "ipv6 nd other-config-flag" in order for the host to obtain the additional DHCP parameters (domain name, dns server address, etc) via DHCPv6.
2. Unlike DHCPv4, DHCPv6 does not provide a default gateway to the hosts. This is done by the router advertisement.
3. The reason the traffic between hosts on the same subnet goes to the router is that the on-link information provided by the router advertisement is not used by the hosts due to the valid lifetime being set to 0, as per the following command:
ipv6 nd prefix X:64 0 0 no-autoconfig
Here's what RFC5942 says about this:
The reception of a Prefix Information Option (PIO) with the L-bit set [RFC4861] and a non-zero valid lifetime creates (or updates) an entry in the Prefix List. All prefixes on a host's Prefix List (i.e., those prefixes that have not yet timed out) are considered to be on-link by that host.
Regards,
12-14-2017 01:04 PM
Hi Jessica,
Glad to know I could help. As far as prefix timers are concerned, I think it would be safe to go with the default values:
valid lifetime of 2,592,000 seconds (30 days)
preferred lifetime of 604,800 seconds (7 days)
Regards,
12-13-2017 03:07 PM
Hi Jessica,
1. You should add the "ipv6 nd other-config-flag" in order for the host to obtain the additional DHCP parameters (domain name, dns server address, etc) via DHCPv6.
2. Unlike DHCPv4, DHCPv6 does not provide a default gateway to the hosts. This is done by the router advertisement.
3. The reason the traffic between hosts on the same subnet goes to the router is that the on-link information provided by the router advertisement is not used by the hosts due to the valid lifetime being set to 0, as per the following command:
ipv6 nd prefix X:64 0 0 no-autoconfig
Here's what RFC5942 says about this:
The reception of a Prefix Information Option (PIO) with the L-bit set [RFC4861] and a non-zero valid lifetime creates (or updates) an entry in the Prefix List. All prefixes on a host's Prefix List (i.e., those prefixes that have not yet timed out) are considered to be on-link by that host.
Regards,
12-14-2017 12:39 PM
12-14-2017 01:04 PM
Hi Jessica,
Glad to know I could help. As far as prefix timers are concerned, I think it would be safe to go with the default values:
valid lifetime of 2,592,000 seconds (30 days)
preferred lifetime of 604,800 seconds (7 days)
Regards,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide