Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2549
Views
0
Helpful
2
Replies

IPv6 ND/RS from client does not reach router through a switch with sdm profile dual-ipv4-and-ipv6

roger.aas
Level 1
Level 1

‎06-04-2020 04:57 AM

I had a strange discovery recently that I have tested a little today. Is this a bug or do I need more configuration to make this work?

 

I have a client connected to a switch (IE2000) that is again connected to a router with a trunk, and this router has dual stack ipv4 and ipv6. This client does not get IPv6 with SLAAC like I expected.

 

This is an IR829 router with switchports so when I connect the client directly to a port on the router it works.

 

I captured packets and did not see the RS packet from the client reach the router, so it seems like the switch was not forwarding this packet to the router.

 

I tested with another switch (3560) with the same configuration and it did not work on this one either.

 

We use IPv6 in as many places as possible now, including on the switches, so both switches used the sdm template dual-ipv4-and-ipv6. So as a test I set both of the switches back to the default template, and then it worked like it should, and the client got an IPv6 address with SLAAC.

 

So is there some extra configuration I need on a switch with the ipv6 template to make NDs pass through the switch? Or have I stepped on a bug in the template implementation of the switches?

 

Router and switches have the latest images so this is something new - or I need to learn more about forwarding of NDs on switches with an IPv6 template. The switches are L2, no routing configured.

 

I have other switches like 2960 and 3850 where I do not see this, but they use a default template that have both ip4 and ipv6.

 

Best regards,

Roger

 

Labels:
0 Helpful
2 Replies 2

Harold Ritter
Cisco Employee
Cisco Employee

‎06-06-2020 11:40 AM

Can you try disabling IPv6 MLD snooping (no ipv6 mld snooping) in global mode and see if it fixes the issue.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

roger.aas
Level 1
Level 1
In response to Harold Ritter

‎06-07-2020 05:57 AM

Hello Harold, thank you for the reply.

 

OK, I checked this. As suspected it was off by default. I enabled it globally and disabled it on this VLAN, but with the same result.

 

Default on this IE2000 switch:

 

sh run all | in mld
ipv6 mld snooping listener-message-suppression
no ipv6 mld snooping tcn query solicit
no ipv6 mld snooping tcn flood portfast
ipv6 mld snooping tcn flood query count 2
ipv6 mld snooping robustness-variable 2
ipv6 mld snooping last-listener-query-count 2
ipv6 mld snooping last-listener-query-interval 1000
no ipv6 mld snooping

interface FastEthernet1/1 - 8 , gi1/1 - 2
ipv6 mld snooping tcn flood

exit

 

I do not see anything in the IPv6 MLD or IPv6 ND detault configuration on the switch that I react to. But it still does not work with this sdm template.

 

Regards,

Roger

 

0 Helpful
Customers Also Viewed These Support Documents