not find ipv6 route entry when I configure prefix for cisco ASA interface

wenca · ‎01-22-2019

Hi, dear:

I have met an issue when I enable ipv6 feature on ASA 5512.

I created prefix 2001:100:101::/64 for interface gi0/0.169.

caowen-asa5512(config)# show run int gi0/0.169
!
interface GigabitEthernet0/0.169
 vlan 169
 nameif inter_vlan169
 security-level 100
 ip address 100.101.0.253 255.255.255.224
 ipv6 enable
 ipv6 nd prefix 2001:100:101::/64
 ipv6 nd suppress-ra
 ipv6 nd managed-config-flag
 ipv6 nd other-config-flag

However I can not find route entry related 2001:100:101::/64

caowen-asa5512(config)# show ipv6 route
IPv6 Routing Table - 2 entries
Codes: C - Connected, L - Local, S - Static
       O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
            ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
L   fe80::/10 [0/0]
     via ::, inter_vlan38
     via ::, inter_vlan169
L   ff00::/8 [0/0]
     via ::, inter_vlan38
     via ::, inter_vlan169

Did I mis-configure anything ?

Seb Rupik · ‎01-23-2019

Hi there,

You want see a Local entry in the route table as you have not confifgured an IPv6 address for the interface. The purpose of usig the ipv6 nd prefix command is to advertise other prefixes other than that which would be sent via RA from the interface.

Try adding:

!
int vlan 169
  ipv6 address 2001:100:100::1/64
  ipv6 nd prefix 2001:100:101::/64
!

Cheers,

Seb.

wenca · ‎01-23-2019

Hello, Seb:

Thanks for your replying.

I do not want to add a global address for this interface, link-local address is good enough. I think global address is for endpoints and servers, not for network devices. The point of ipv6 is different from ipv4.

When I did the same progress on cisco router 2911, it worked.

I just configure ipv6 prefix, not ipv6 global address.

caowen_2911#show run interface gigabitEthernet 0/1.169
Building configuration...

Current configuration : 295 bytes
!
interface GigabitEthernet0/1.169
 encapsulation dot1Q 169
 ip address 100.101.0.254 255.255.255.224
 ipv6 enable
 ipv6 nd prefix 2001:100:101::/64
 ipv6 nd managed-config-flag
 ipv6 nd other-config-flag
 ipv6 nd router-preference High
 ipv6 nd ra interval 30
 ipv6 dhcp server vlan169_v6
end

I can find the route entry.

caowen_2911#show ipv6 route
IPv6 Routing Table - default - 3 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
       B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP
       H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
       IS - ISIS summary, D - EIGRP, EX - EIGRP external, NM - NEMO
       ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr - Redirect
       O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
       ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2, la - LISP alt
       lr - LISP site-registrations, ld - LISP dyn-eid, a - Application
C   2001:10:74:97::/64 [0/0]
     via GigabitEthernet0/1.38, directly connected
C   2001:100:101::/64 [0/0]
     via GigabitEthernet0/1.169, directly connected
L   FF00::/8 [0/0]
     via Null0, receive

I can find the prefix I configured in ICMPv6 packet, but not find the route entry on ASA.