Solved: Re: Unable to ping ipv6 address until router has initiated a ping itself

calluuml · ‎07-14-2020

We have a Cisco ISR 4321 with the Gigabitethernet0 (management) port in a seperate VRF (Mgmt-intf).

It has been assigned an IPv6 address which cannot be reached until the router itself initiates a ping.

The Mgmt-intf VRF has been setup with a default route.

When testing connectivity from a directly connected switch on the same subnet in the same VLAN the pings fail unless the ISR starts a ping itself from then the ping from the switch to the ISR begin working.

I thought it may have been a bug but after not using the device for a few days the connectivity is lost again and some entries must have timed out.

I may be overlooking in regards to how IPv6 NDP works compared with ARP but I assume the directly connected switch should be able to find the switchport of a device on its own subnet?

Thanks

Georg Pauwen · ‎07-14-2020

Hello,

use the 'distributed' option...

View solution in original post

Georg Pauwen · ‎07-14-2020

Hello,

post the full running configuration of your ISR 4321...

calluuml · ‎07-14-2020

show run
Building configuration...

Current configuration : 2191 bytes
!
! Last configuration change at 11:12:44 UTC Fri Jul 10 2020 by admin
!
version 16.6
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname xxxxxxxx
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
enable secret 5 xxxxxxxxxx
!
no aaa new-model
!
ip name-server x.x.x.x x.x.x.x
ip name-server vrf Mgmt-intf x.x.x.x x.x.x.x
ip domain name xxx.org.uk
!
!
!
!
!
!
!
!
!
!
subscriber templating
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
license udi pid ISR4321/K9 sn xxxxxxxxxxxxx
diagnostic bootup level minimal
spanning-tree extend system-id
!
!
!
username xxxxx secret 5 xxxxxxxxxxxxxxx
!
redundancy
mode none
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0/0
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/0/1
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0
vrf forwarding Mgmt-intf
ip address x.x.x.x 255.255.0.0
negotiation auto
ipv6 address xxxx:xxxx:xxxx:10::95:4/64
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip tftp source-interface GigabitEthernet0
ip route vrf Mgmt-intf 0.0.0.0 0.0.0.0 x.x.x.x
!
!
ipv6 route vrf Mgmt-intf xxxx:xxxx:xxxx::/56 GigabitEthernet0 xxxx:xxxx:xxxx:10::3
!
!
!
!
control-plane
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
banner login ^C
xxxx
^C
banner motd ^C
xxxxxx
^C
!
line con 0
exec-timeout 5 0
logging synchronous
transport input none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login local
!
ntp server xxx.org.uk
wsma agent exec
!
wsma agent config
!
wsma agent filesys
!
wsma agent notify
!
!
end

Georg Pauwen · ‎07-14-2020

Hello,

not sure if that should be visible in the running config, but try and configure:

ipv6 cef

calluuml · ‎07-14-2020

Hi,

These are the options;

xxx(config)#ipv6 cef ?
accounting Enable CEF accounting
distributed Distributed Cisco Express Forwarding for IPv6
load-sharing Load sharing
optimize Optimizations
traffic-statistics Enable collection of traffic statistics

Georg Pauwen · ‎07-14-2020

Hello,

use the 'distributed' option...

calluuml · ‎07-14-2020

working now thank you