Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3417
Views
0
Helpful
0
Replies

Problem: IPv6 w/ PPPoE on Cisco 2901

hyshen
Level 1
Level 1

‎03-28-2012 07:21 PM - edited ‎03-01-2019 05:33 PM

Folks: I have this Cisco 2901 configured with PPPoE and IPv6 and connect it through a CO (DSLAM) to an Actiontec xDSL router. PPPoE connections are on FE0/0/0, through virtual template.

The Actiontec router gets NA and PD addresses succesfully and LAN PC connected to Actiontec router can surf the IPv6 Internet w/ no problem. However, Cisco 2901 can't reach the Actiontec router by its NA or TA public IPv6 address. A 'stupid' workaround is to manually add a route w/ the virtual access. It is stupid cuz each new connection will bring up a different virtual acess.

I guess this is a bug on 2901, but want to confirm with you guys first. Now the whole config:

version 15.2

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname AEI_SV_Cisco_2091

!

boot-start-marker

boot-end-marker

!

!

logging buffered 51200 warnings

!

no aaa new-model

!

ipv6 unicast-routing

ipv6 dhcp pool HE

prefix-delegation pool HE-48

address prefix 2001:470:1F05:7A::/64

!

ipv6 cef

!

!

!

!

ip dhcp pool default

network 10.10.10.0 255.255.255.0

default-router 10.10.10.1

dns-server 10.10.10.1

!

ip dhcp pool dslam1

network 10.11.11.0 255.255.255.0

default-router 10.11.11.1

dns-server 10.11.11.1

!

!

ip domain name yourdomain.com

ip name-server 8.8.8.8

ip name-server 8.8.4.4

ip cef

multilink bundle-name authenticated

!        

vpdn enable

!

!

crypto pki token default removal timeout 0

!

crypto pki trustpoint TP-self-signed-3962993046

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-3962993046

revocation-check none

rsakeypair TP-self-signed-3962993046

!

!

crypto pki certificate chain TP-self-signed-3962993046

certificate self-signed 01

  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030

  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

  69666963 6174652D 33393632 39393330 3436301E 170D3131 31313232 31363132

  31335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 39363239

  39333034 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

  8100E6AF 1640A998 F13E9F8B EB9E404C F0D6E105 8DE05E45 9C9C525A 5AAEAF59

  456A4578 1C0E283C 39B3751D 3F362D64 13FACD69 A92C31BA 6D2EEFBE 52BCC70C

  73359968 2F76B830 A978BD5F 9A86903F C12BB00B C35C47D1 BADBE727 773E205D

  A839969D FE3854B3 26E93F21 63DC4E57 D4C44821 FBE88BAA 4A1D5565 DA416138

  3A7D0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603

  551D2304 18301680 14BA6DEA 79E4742D 4878C88E D014C7A3 8022546A FE301D06

  03551D0E 04160414 BA6DEA79 E4742D48 78C88ED0 14C7A380 22546AFE 300D0609

  2A864886 F70D0101 05050003 818100CE C6732F7E 6AB385C5 5BF4E241 BE179F5D

  E7C5CC78 2BFB33EC 3181D4D2 90981D2B 1106205F A3C5FEE8 E78A013B ABF3F5E0

  52772A22 F3A0A24C C4F62DDB E2E6A21D AC75772B 6FEC9323 3DFC4165 CC645E62

  5C8F5842 18B8DF5B C3E3C39C EBB60D3E E7ADA89B A72FB468 92F77F0A A33B5591

  F5048271 F074C64E 38291F93 848F09

            quit

license udi pid CISCO2901/K9 sn FCZ15489123

!

!

username admin privilege 15 secret 5 $1$.CdN$d0DXERD9PqUtu6XPilTv/.

username chap password 0 chap

!

!

!

!

!

bba-group pppoe global

virtual-template 1

sessions max limit 256

!        

!

interface Tunnel0

description Hurricane Electric IPv6 Tunnel Broker

no ip address

ipv6 address 2001:470:1F04:7A::2/64

ipv6 enable

tunnel source 173.13.177.215

tunnel mode ipv6ip

tunnel destination 72.52.104.74

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

!

interface GigabitEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip nat allow-static-host

ip nat enable

ip virtual-reassembly in

shutdown

duplex auto

speed auto

ipv6 enable

ipv6 dhcp server HE1

!

interface GigabitEthernet0/1

ip address 173.13.177.215 255.255.255.240

ip nat outside

ip nat enable

ip virtual-reassembly in

duplex auto

speed auto

!

interface FastEthernet0/0/0

ip address 10.11.11.1 255.255.255.0

ip nat inside

ip nat enable

ip virtual-reassembly in

duplex auto

speed auto

ipv6 address 2001:470:1F05:7A::1/64

ipv6 enable

ipv6 nd managed-config-flag

ipv6 nd other-config-flag

ipv6 dhcp server HE

pppoe enable group global

!

interface FastEthernet0/0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Virtual-Template1

mtu 1492

ip unnumbered FastEthernet0/0/0

ip nat inside

ip nat enable

ip virtual-reassembly in

ipv6 enable

ipv6 nd managed-config-flag

ipv6 nd other-config-flag

no ipv6 nd ra suppress

ipv6 dhcp server HE

peer default ip address dhcp-pool dslam1

peer default ipv6 pool HE

ppp authentication chap

no routing dynamic

!

ip forward-protocol nd

!

no ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip dns server

ip nat source list 1 interface GigabitEthernet0/1 overload

ip route 0.0.0.0 0.0.0.0 173.13.177.222

!

access-list 1 permit any

ipv6 route ::/0 Tunnel0

ipv6 local pool test 2001:470:7007::/48 64

ipv6 local pool HE-48 2001:470:8008::/48 64

!

!

!

control-plane

!

!

!

line con 0

login local

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line vty 0 4

privilege level 15

login local

transport preferred none

transport input all

transport output all

line vty 5 15

privilege level 15

login local

transport preferred none

transport input all

transport output all

!

scheduler allocate 20000 1000

end

See both IPv4 and IPv6 are using virtual template to get PPPoE work. Everything's working fairly well on IPv4. I can ping from cisco to the 10.11.11.x address on Actiontec router. But with IPv6, I can't ping 2001:470:1f05:7a:: address on Actiontec router. The correct route through virtual-access is not installed, or the F0/0/0 interface doesn't pass the IPv6 traffic to the corresponding virtual access interface:

AEI_SV_Cisco_2091#sh ipv6 route

IPv6 Routing Table - default - 7 entries

Codes: C - Connected, L - Local, S - Static, U - Per-user Static route

       B - BGP, R - RIP, I1 - ISIS L1, I2 - ISIS L2

       IA - ISIS interarea, IS - ISIS summary, D - EIGRP, EX - EIGRP external

       ND - Neighbor Discovery, l - LISP

       O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2

       ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2

S   ::/0 [1/0]

     via Tunnel0, directly connected

C   2001:470:1F04:7A::/64 [0/0]

     via Tunnel0, directly connected

L   2001:470:1F04:7A::2/128 [0/0]

     via Tunnel0, receive

C   2001:470:1F05:7A::/64 [0/0]

     via FastEthernet0/0/0, directly connected (this sounds correct, but I'm not able to reach client from this interface)

L   2001:470:1F05:7A::1/128 [0/0]

     via FastEthernet0/0/0, receive

S   2001:470:8008::/64 [1/0]

     via FE80::21F6:88C4:497E:6F9C, Virtual-Access2.2

L   FF00::/8 [0/0]

     via Null0, receive

Can some help? Thanks!

Henry

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card