03-06-2018 05:52 AM - edited 03-01-2019 05:55 PM
I finally figured out how to get IPv6 on my outside and inside interfaces of my router (Cisco 2821) and on the uplink port on my switch (Cisco 3750). All three IPv6 addresses are pingable from the outside world. The switch and router are connected with OSPF. I am not able to add the eui-64 prefix to my VLAN. What do I need to do to add IPv6 to my VLANs?
Router interfaces:
interface GigabitEthernet0/0
description OUTSIDE
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
ipv6 address dhcp
ipv6 address autoconfig
ipv6 enable
ipv6 nd dad attempts 0
ipv6 nd autoconfig default-route
ipv6 dhcp client pd hint ::/64
ipv6 dhcp client pd COX
!
interface GigabitEthernet0/1
description INSIDE
ip address 10.0.0.9 255.255.255.252
ip nat inside
ip virtual-reassembly in
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 7 0702364F1F514A51
ip ospf 10 area 0
duplex auto
speed auto
ipv6 address 2600:8807:8500:419::/64 eui-64
ipv6 address autoconfig
ipv6 enable
ipv6 nd autoconfig default-route
ipv6 ospf 10 area 0
Switch interfaces:
interface GigabitEthernet1/0/4
description LINK TO MIKEROUTER
no switchport
ip address 10.0.0.10 255.255.255.252
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 7 10431E1A544F415F
ip ospf 10 area 0
ipv6 address autoconfig
ipv6 ospf 10 area 0
interface Vlan10
description MIKERO
ip address 10.10.17.1 255.255.255.0
ip ospf 10 area 0
ipv6 address autoconfig default
ipv6 enable
ipv6 ospf 10 area 0
Solved! Go to Solution.
03-06-2018 01:50 PM
For dns and domain name information you need to configure the following on the C2821.
ipv6 dhcp pool dns-info
import dns-server
import domain-name
int <subinterface>
ipv6 nd other-config-flag
ipv6 dhcp server dns-info
This should provide your workstations with the required information.
Regards,
03-06-2018 08:24 AM
Hi Mike,
I'm glad you got the prefix delegation from Cox to work. If all you get from them is a /64, that is enough to assign an IPv6 prefix to you inside interface (GigabitEthernet0/1), but not enough to address the res of your internal network.
Could you please post de output of a "show ipv6 dhcp int"to verify the prefix size you get from them.
Regards,
03-06-2018 08:29 AM
Doesn't a /64 have 18,446,744,073,709,551,616 addresses? I don't even know how to say that number.
GigabitEthernet0/0 is in client mode
Prefix State is OPEN (0)
Information refresh timer expires in 23:14:53
Renew will be sent in 11:14:53
Address State is OPEN
Renew for address will be sent in 11:14:26
List of known servers:
Reachable via address: FE80::A64C:11FF:FE8A:DADA
DUID: 000100015567324DF8BC123EDDA4
Preference: 0
Configuration parameters:
IA PD: IA ID 0x00030001, T1 43200, T2 69120
Prefix: 2600:8807:8500:419::/64
preferred lifetime 86400, valid lifetime 86400
expires at Mar 07 2018 09:41 AM (83694 seconds)
IA NA: IA ID 0x00030001, T1 43200, T2 69120
Address: 2600:8807:9F02:1:B943:EACC:9C61:BC25/128
preferred lifetime 86400, valid lifetime 86400
expires at Mar 07 2018 09:40 AM (83667 seconds)
DNS server: 2001:578:3F::30
DNS server: 2001:578:3F:1::30
Information refresh time: 0
Prefix name: COX
Prefix Rapid-Commit: disabled
Address Rapid-Commit: enabled
Prefixes sent as hint:
::/64
03-06-2018 08:43 AM
A /64 is indeed lost of addresses, but it is what gets assigned to a interface. You basically need one /64 per interface where you want to enable IPv6.
Regards,
03-06-2018 08:44 AM
I got a /56 now. Now what?
GigabitEthernet0/0 is in client mode
Prefix State is SOLICIT (1)
Information refresh timer expires in 23:59:34
Address State is OPEN
Renew for address will be sent in 11:59:34
List of known servers:
Reachable via address: FE80::A64C:11FF:FE8A:DADA
DUID: 000100015567324DF8BC123EDDA4
Preference: 0
Configuration parameters:
IA PD: IA ID 0x00030001, T1 43200, T2 69120
Prefix: 2600:8807:8502:ED00::/56
preferred lifetime 86400, valid lifetime 86400, expired
IA NA: IA ID 0x00030001, T1 43200, T2 69120
Address: 2600:8807:9F02:1:B943:EACC:9C61:BC25/128
preferred lifetime 86400, valid lifetime 86400
expires at Mar 07 2018 10:37 AM (86375 seconds)
DNS server: 2001:578:3F::30
DNS server: 2001:578:3F:1::30
Information refresh time: 0
Prefix name: COX
Prefix Rapid-Commit: disabled
Address Rapid-Commit: enabled
Prefixes sent as hint:
::/56
03-06-2018 09:00 AM - edited 03-06-2018 09:03 AM
It's great that you got a /56. That should give you lots of address space to work with (256 x /64). Generally, you would receive the PD prefix on the WAN interface and assign a /64 on the various LAN interface as I indicated before:
int e0/0
description WAN Interface
ipv6 dhcp client pd COX
int e0/1
description LAN Interface 1
ipv6 address COX ::1/64
int e0/2
description LAN Interface 2
ipv6 address COX ::1:0:0:0:1/64
int e0/3
description LAN Interface 3
ipv6 address COX ::2:0:0:0:1/64
Using this automated configuration is a way to ensure that you do not need to reconfigure anything if you get a new /56 from Cox, which is not the case if you manually configure your ipv6 prefixes.
Regards,
03-06-2018 09:07 AM
When I use that on the inside interface I do not get an IPv6 address.
interface GigabitEthernet0/0
description OUTSIDE
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
ipv6 address dhcp rapid-commit
ipv6 address autoconfig
ipv6 enable
ipv6 nd dad attempts 0
ipv6 nd autoconfig default-route
ipv6 dhcp client pd hint ::/56
ipv6 dhcp client pd COX
interface GigabitEthernet0/1
description INSIDE
ip address 10.0.0.9 255.255.255.252
ip nat inside
ip virtual-reassembly in
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 7 0702364F1F514A51
ip ospf 10 area 0
duplex auto
speed auto
ipv6 address COX ::1/64
ipv6 address autoconfig
ipv6 enable
ipv6 ospf 10 area 0
03-06-2018 09:58 AM - edited 03-06-2018 09:59 AM
You mean that you do not get an IPv6 assigned to GigabitEthernet0/1?
It should look like something like this:
interface Ethernet0/1
ipv6 address COX ::1/64
end
pe2#do sh ipv6 int e0/1
Ethernet0/1 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::A8BB:CCFF:FE00:310
No Virtual link-local address(es):
General-prefix in use for addressing
Global unicast address(es):
2600:8807:8502:ED00::1, subnet is 2600:8807:8502:ED00::/64 [CAL/PRE]
valid lifetime 2591412 preferred lifetime 604212
03-06-2018 10:02 AM
03-06-2018 10:09 AM
You should remove "ipv6 address autoconfig" from interface Gi0/1, as it is not needed.
Can you provide the output from the following commands so we can see what is going on:
show ipv6 dhcp interface
show ipv6 general-prefix
show ipv6 int gi0/1
Regards,
03-06-2018 10:40 AM
Ok. I removed the auto config.
MikeroRouter#sho ipv6 dhcp int
GigabitEthernet0/0 is in client mode
Prefix State is SOLICIT (1)
Information refresh timer expires in 21:57:59
Address State is OPEN
Renew for address will be sent in 09:57:59
List of known servers:
Reachable via address: FE80::A64C:11FF:FE8A:DADA
DUID: 000100015567324DF8BC123EDDA4
Preference: 0
Configuration parameters:
IA PD: IA ID 0x00030001, T1 43200, T2 69120
Prefix: 2600:8807:8502:ED00::/56
preferred lifetime 86400, valid lifetime 86400, expired
IA NA: IA ID 0x00030001, T1 43200, T2 69120
Address: 2600:8807:9F02:1:B943:EACC:9C61:BC25/128
preferred lifetime 86400, valid lifetime 86400
expires at Mar 07 2018 10:37 AM (79081 seconds)
DNS server: 2001:578:3F::30
DNS server: 2001:578:3F:1::30
Information refresh time: 0
Prefix name: COX
Prefix Rapid-Commit: disabled
Address Rapid-Commit: enabled
Prefixes sent as hint:
::/56
GigabitEthernet0/1 is in client mode
Prefix State is IDLE
Address State is SOLICIT (56)
Retransmission timer expires in 00:01:57
Prefix Rapid-Commit: disabled
Address Rapid-Commit: enabled
MikeroRouter#sho ipv6 gen
MikeroRouter#sho ipv6 general-prefix
IPv6 Prefix COX, acquired via DHCP PD
GigabitEthernet0/1 (Address command)
MikeroRouter#sho ipv6 int gig0/1
GigabitEthernet0/1 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::21B:D4FF:FE80:A651
No Virtual link-local address(es):
Description: INSIDE
General-prefix in use for addressing
No global unicast address is configured
Joined group address(es):
FF02::1
FF02::2
FF02::5
FF02::6
FF02::1:FF80:A651
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds (using 30000)
ND advertised reachable time is 0 (unspecified)
ND advertised retransmit interval is 0 (unspecified)
ND router advertisements are sent every 200 seconds
ND router advertisements live for 1800 seconds
ND advertised default router preference is Medium
Hosts use stateless autoconfig for addresses.