cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5442
Views
5
Helpful
10
Replies

PPP IPv6 with SLAAC not working (lab)

insideshell
Level 1
Level 1

Hello,

I'm trying to get familiar with PPP IPv6 using SLAAC (and later DHCPv6).
So I set up a very simple GNS3 lab with two C2691 IOS images (old but it should be enough):

lab.png

I'm using a serial link so that I do not need the PPPoE configuration items (BBA group, virtual template, dialer — but actually the same problem occurs on a PPPoE link).

Here are my configurations:


R1#show run
!
ipv6 unicast-routing
!
interface Loopback0
 no ip address
 ipv6 address 2001:DB8:12FF::1/128
!
interface Serial1/0
 no ip address
 encapsulation ppp
 ipv6 unnumbered Loopback0
 ipv6 enable
 no ipv6 nd ra suppress
 peer default ipv6 pool IPV6-POOL
!
ipv6 local pool IPV6-POOL 2001:DB8:5AB:10::/60 64
!
R1#show ipv6 interface brief
Serial1/0 [up/up]
FE80::C201:51FF:FE6A:0


R2#show run
!
ipv6 unicast-routing
!
interface Serial1/0
 no ip address
 encapsulation ppp
 ipv6 address autoconfig
 ipv6 enable
!
From the Cisco guide: "The ipv6 address autoconfig command causes the device to perform IPv6 stateless address auto-configuration to discover prefixes on the link and then to add the EUI-64 based addresses to the interface. Addresses are configured depending on the prefixes received in Router Advertisement (RA) messages."


Problem is: my RA messages from R1 to R2 do NOT contain the prefix option (see below, full capture attached). It seems R1 does not allocate a /64 IPv6 prefix from the IPV6-POOL.

icmpv6-ra.png

As you can see, there is only the MTU option but not the Prefix Information option used for SLAAC (RFC 4861).
I also tried this from the official guide without luck.

Any help would be appreciated!

Thanks.

1 Accepted Solution

Accepted Solutions

Hi,

 

Can you change the following in your configuration.

 

1. Enable chap authentication between the client and the server.

 

2.. Change your pool as follow:

 

from ipv6 local pool pool1 2001:DB8:1200::/40 48 to ipv6 local pool pool1 2001:DB8:1200::/40 64

 

This should fix it.

 

Regards,

 

 

 

I tried

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

10 Replies 10

insideshell
Level 1
Level 1

Be noted it works by forcing the prefix to advertise:


R1#sho run int s1/0
!
interface Serial1/0
 no ip address
 encapsulation ppp
 ipv6 unnumbered Loopback0
 ipv6 enable
 peer default ipv6 pool IPV6-POOL
 ipv6 nd prefix 2001:DB8:5AB:10::/64

 no ipv6 nd ra suppress
!
ipv6 local pool IPV6-POOL 2001:DB8:5AB:10::/60 64
!


Now, the RA message contains the prefix option:

ra-prefix.pngAnd in R2:


R2#sho ipv6 int br
Serial1/0 [up/up]
FE80::C202:51FF:FE79:0
2001:DB8:5AB:10:C202:51FF:FE79:0


As expected, R2 performed the SLAAC based on the RA prefix.
But still no way to get it working using my IPV6-POOL, if someone has a clue.

Thanks.

Actually I have the same issue on a real CISCO1941/K9.
So I think I'm missing some configurations items.
This time I did exactly as per Configuring PPPoE on IPv6 guide.
Here are my configurations (now using PPPoE):


R1#show run
!

ipv6 unicast-routing
!
bba-group pppoe GROUPA
 virtual-template 1
!
interface Loopback1
 no ip address
 ipv6 address 2001:DB8:2::1/40
!
interface GigabitEthernet0/0
 no ip address
 pppoe enable group GROUPA
!
interface Virtual-Template1
 no ip address
 peer default ipv6 pool pool1
 ipv6 unnumbered Loopback1
 ipv6 enable
 no ipv6 nd ra suppress
!
ipv6 local pool pool1 2001:DB8:1200::/40 48
!


R2#show run
!
interface FastEthernet0/0
 no ip address
 pppoe enable group global
 pppoe-client dial-pool-number 1
!
interface Dialer1
 no ip address
 encapsulation ppp
 dialer pool 1
 ipv6 address autoconfig default
 ipv6 enable
!


But again, no Prefix in the RA messages.
Any thoughts?
Thanks!

It looks like you and the original poster might be hitting this bug. Could you please upgrade to a fixed version, as indicated in the following link and see if it fixes the issue.

 

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCtl17505

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Unfortunately, it looks like I didn't have the permission to view the bug report:

Insufficient Permissions to View Bug
This bug contains proprietary information and is not yet publicly available.
You may find useful information within theCisco Community

I am logged in with my Cisco account which is associated with my company contract.
Thanks for your answer.

It looks like it is not externally available. What version of IOS are you running?

 

Could you also provide a "show ipv6 interface Virtual-Access <interface and subinterface number>".

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

I'm using C1941 C1900-UNIVERSALK9-M, Version 15.2(4)M3, RELEASE SOFTWARE (fc2)

Here is the output:

Router#show ipv6 interface virtual-access 1.1
Virtual-Access1.1 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::B2FA:EBFF:FED6:4320
No Virtual link-local address(es):
Interface is unnumbered. Using address of Loopback0
No global unicast address is configured
Joined group address(es):
FF02::1
FF02::2
FF02::1:FFD6:4320
MTU is 1492 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds (using 30000)
ND advertised reachable time is 0 (unspecified)
ND advertised retransmit interval is 0 (unspecified)
ND router advertisements are sent every 200 seconds
ND router advertisements live for 1800 seconds
ND advertised default router preference is Medium
Hosts use stateless autoconfig for addresses.

Thanks.

This seems to be the bug you hit. Could you please upgrade to some more recent IOS version and see that it fixes the issue.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

I cannot upgrade, it seems we don't have a newer image for this model.
But we have VIRL and I tested with an IOSv Software (VIOS-ADVENTERPRISEK9-M), Version 15.7(3)M3.
I am encountering the same issue: no IPv6 allocation from the pool.
That's why I'm starting to think maybe I missed some configuration items...

Hi,

 

Can you change the following in your configuration.

 

1. Enable chap authentication between the client and the server.

 

2.. Change your pool as follow:

 

from ipv6 local pool pool1 2001:DB8:1200::/40 48 to ipv6 local pool pool1 2001:DB8:1200::/40 64

 

This should fix it.

 

Regards,

 

 

 

I tried

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

It worked with the CHAP authentication enabled!
I also tried with the PAP authentication and it worked as well!
I don't really understand why authentication is mandatory for IPv6 (that's why I didn't enable it before).
For an IPv4 pool, it works without any authentication method.
Actually, it worked without changing the pool (even if I read in one of your posts that SLAAC supports only /64, but /64 was my original need).

EDIT: about the pool, it is indeed needed to allocate a /64 and not a /48, otherwise SLAAC does not work on the client side.

Many thanks Sir!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: