08-30-2010 03:07 PM - edited 03-04-2019 09:36 AM
Hi,
While configuring an ipv6 static route, I see that if I specify the next hop ipv6 address then the traffic flows, however when I specify the outgoing interface instead of the next hop ipv6 address then the traffic doesn't flow thru, this is inspite the fact that in both cases traffic is supposed to flow out of the same interface. This is on latest CRS XR code.
Can you please explain why the interface option doesn't work? Do keep in mind that the destination network is located 2 hops away.
Works:
router static
address-family ipv6 unicast
2001:558:100:60::/64 2001:558:100:b::2
!
08-30-2010 05:40 PM
Hi Ankur,
According to documentation, in the problematic case you have a "directly attached static route", where only the output interface is specified. "The destination is assumed to be directly attached to this interface, so the packet destination is used as the next hop address." So, if the destination is not directly attached to the interface (2 hops away), then we have problems.
Please see:
IOS 12.4 documentation is similar:
http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-stat_routes.html#wp1049041
Static routes via a multiaccess interface (without specifying a next hop) were not a good idea in IPv4 anyway:
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800ef7b2.shtml#background
Note the following in the documentation for IPv6: "In a fully specified static route, both the output interface and next hop are specified. This form of static route is used when the output interface is multiaccess and it is necessary to explicitly identify the next hop. The next hop must be directly attached to the specified output interface."
"In a recursive static route, only the next hop is specified. The output interface is derived from the next hop." So, you can either use a "recursive" static for traffic to flow to a destination that is 2 hops away (as you do in the succesful case) or use a "fully specified static route" (with a directly attached next hop).
Kind Regards,
Maria
08-30-2010 07:46 PM
Hi Maria,
I've seen the static route link before, in the case of ipv4 I was able to find a workaround to make static connected route work (for a destination 2 hops away) by configuring "proxy-arp" on the next hop router interface. I was wondering if a similar workaround is available for ipv6 static connected route for a destination 2 hops away?
Thanks,
Ankur
08-30-2010 08:50 PM
Hi Ankur,
The short answer is that I'm not sure.
My understanding is that IPv6 is not a big fan of proxy ARP. It requires hosts to process RAs to find the default router that should be used for nonlocal traffic. It isn't theoretically impossible to have such a feature, but there is a risk for performance issues and I think it's not widely supported. So far I couldn't find something on the cisco website. I thought it would be called something like "Proxy Neighbor Discovery" or something (but you never know how cisco is going to name a feature, right? ). Also, I think the goal is for such a feature to be used in some specialized cases (e.g. wireless, mobile) and not generally.
Kind Regards,
Maria
08-30-2010 10:01 PM
Hello Ankur,
IPv6 doesn't use ARP at all, so it cannot use Proxy ARP!
the use of an ipv6 static route that has an outgoing interface is somewhat a conceptual error and the behaviour is the expected one: the static route cannot be used.
How could the router find the correct next-hop?
Does an IPv6 router listen to off wire prefixes in other router's Router Advertisements?
if yes, is the neighbor sending these RAs?
Do the RA contain the desired prefix?
and if all the above is true would the static route be still necessary?
a standard IPv6 host can take note of off wire prefixes building a table of next-hops and a table of destinations by listening to RAs, but I'm not sure a router does the same.
Otherwise ipv6 would have no need of dynamic routing protocols if we could afford very long convergence.
We could discuss if it is better to use a link local next-hop instead of a unicast address, but it is not a good choice to replicate bad ipv4 designs that were relying on proxy ARP.
Hope to help
Giuseppe
08-30-2010 10:39 PM
Hi Giuseppe,
According to the book "Deploying IPv6 Networks" (page 80, paragraph Proxy Neighbor Discovery) from cisco press, some proxy address resolution function is theoretically possible by setting the interface in promiscuous mode or all-multicast mode to receive all NSs, but not all systems support these modes and there are other drawbacks (bad design, performance/scalability). As the book says, it might prove useful for a router to act on behalf of nodes that are away from the link, but want neighbors to believe they are not (e.g. mobile node that moved off-link). To achieve this limited proxy address resolution function, the router just has to register to the solicited-node multicast addresses it wants to proxy and answer NSs on their behalf.
Kind Regards,
Maria
08-31-2010 08:29 AM
Maria/Giuseppe,
Thanks for your replies. I wanted to confirm about ipv6 connected static routes and from your replies it looks like they're not a good option in normal cases.
Now I tried to use a "fully qualified" ipv6 static route where I specify both the next hop address and an interface in the static route. However, with this also I don't see the traffic going thru for the destination address. If I specify just the next hop ipv6 address without the interface then the traffic goes thru fine. Is this expected behavior? I recall that when I specified a fully qualified ipv4 route without proxy arp, traffic was passing thru fine, not sure why the behavior is different for ipv6.
RP/0/RP0/CPU0:AR1#sh run router static
Tue Aug 31 11:32:16.236 EDT
router static
address-family ipv6 unicast
2001:558:100:d::/64 TenGigE0/2/0/1
2001:558:100:d::/64 2001:558:100:b::2
!
!
Thanks,
Ankur
08-31-2010 10:27 AM
Hi Ankur,
Please see how the "fully specified static" is configured:
Did you configure only one static route that contains both an outgoing interface and a directly connected next hop on the same line? Or did you configure 2 separate static routes? (So sad I don't have a CRS-1 to play with ). Is the next-hop directly connected?
Kind Regards,
Maria
08-31-2010 10:51 AM
my bad, Maria. After configuring correctly, it works -
router static
address-family ipv6 unicast
2001:558:100:d::/64 TenGigE0/2/0/1 2001:558:100:b::2
08-31-2010 12:20 PM
Hello Maria,
>> So sad I don't have a CRS-1 to play with
you wouldn't say so if I you had spent 4 hours in front of one CRS-1 installing several IOS XR patches. It is a noisy companion!
Ankur:
I have realized that I have been too rude in my first answer (early in the morning for me) and not totally correct as noted by Maria
I apologize.
I have seen the bad effects of proxy ARP in IPv4 ( mainly if someone changes configuration of neighbor disabling proxy ARP game over)
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide