cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
3021
Views
10
Helpful
8
Replies

How to break apart an IPv6 /56 6rd delegated prefix from ISP into multiple /64 VLANs for use with SLAAC EUI-64?

Sam Brynes
Level 1
Level 1

I have CenturyLink Internet service, and they have a 6RD IPv6 deployment where they hand out an IPv6 delegated prefix /56 block to me and allow me to use it as I wish. My Cisco ISR router receives the /56 delegated prefix.

 

I have multiple VLANs and IPv4 routing on a layer 3 switch (a 3750) and am running an IPv4 DHCP server on it currently to hand out v4 IPs to the end hosts.

 

I have IPv6 running on the 3750 switch and would like to have it send IPv6 router advertisement packets with prefixes of the /56 delegated prefix that is further subnetted.

 

For example, if the /56 delegated prefix on the router is 2602:35:AE19:5400::/56, I'd like the 3750 to send router advertisement packets with the following prefixes, one prefix per VLAN:

 

2602:35:AE19:5401::/64

2602:35:AE19:5402::/64

2602:35:AE19:5403::/64

... and so on.

 

My plan is to have each host on the VLANs use SLAAC and EUI-64 to generate their globally routable IPv6 address.

 

I know how to make this setup work if I send the router advertisement messages from the router:

 

ipv6 general-prefix PREFIX-CENTURYLINK 6rd Tunnel1

ipv6 unicast-routing

ipv6 multicast-routing

ipv6 cef

ipv6 route 2602::/24 Tunnel1

 

interface Tunnel1
description CENTURYLINK IPV6 6RD TUNNEL
no ip address
ip mtu 1452
ip tcp adjust-mss 1432
ipv6 enable
ipv6 mtu 1432
ipv6 tcp adjust-mss 1412
tunnel source Dialer1
tunnel mode ipv6ip 6rd
tunnel path-mtu-discovery
tunnel 6rd prefix 2602::/24
tunnel 6rd br <BR-IP-ADDRESS>
exit

 

interface GigabitEthernet0/0.1

ipv6 enable

ipv6 address autoconfig

ipv6 address PREFIX-CENTURYLINK 0:0:0:1::/64 eui-64

ipv6 nd autoconfig prefix

ipv6 nd autoconfig default-route

exit

 

interface GigabitEthernet0/0.2

ipv6 enable

ipv6 address autoconfig

ipv6 address PREFIX-CENTURYLINK 0:0:0:2::/64 eui-64

ipv6 nd autoconfig prefix

ipv6 nd autoconfig default-route

exit

 

interface GigabitEthernet0/0.3

ipv6 enable

ipv6 address autoconfig

ipv6 address PREFIX-CENTURYLINK 0:0:0:3::/64 eui-64

ipv6 nd autoconfig prefix

ipv6 nd autoconfig default-route

exit

 

 

Is there some combination of DHCPv6 relay, DHCPv6 client, DHCPv6 prefix delegation (separate but related to 6rd delegated prefixes) and IPv6 router advertisements to achieve what I'm trying to do?

8 Replies 8

Harold Ritter
Spotlight
Spotlight

Hi Sam,

 

I am not sure I understand what you are trying to achieve. You mentioned that "I know how to make this setup work if I send the router advertisement messages from the router:". Are you looking at getting the 6RD on the router via DHCP instead of static configuration? Could you please provide some additional information.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
MĆ©xico mĆ³vil: +52 1 55 8312 4915
Cisco MĆ©xico
Paseo de la Reforma 222
Piso 19
CuauhtƩmoc, JuƔrez
Ciudad de MĆ©xico, 06600
MĆ©xico

Hi Harold,

Thanks for your response. When I said "I know how to make this setup work if I send the router advertisement messages from the router:", I meant that if the router sends out the router advertisement messages, it will include the delegated prefix from Centurylink, plus the additional 8 bit user-defined portion.

 

For hosts on the same VLAN 3, they will receive router advertisements the 6RD CenturyLink delegated prefix, plus the additional 8 bits "03" in hex. The hosts will then concatenate their EUI-64 prefix to generate an IPv6 address.

 

For example, if the CenturyLink delegated prefix is:

 

2602:89:ae51:3400::/56

 

... then the hosts on VLAN 3 (the router's GigabitEthernet0/0.3 interface) will have:

 

2602:89:ae51:3403::/64

 

... for their starting prefix. The hosts can then use SLAAC to join their EUI-64 to create the entire IPv6 address.

 

I'd like to have the Cisco 3750 layer 3 switch send out the router advertisements with the CenturyLink base prefix and the 8 additional user-defined bits used for subnetting. The end hosts can still use SLAAC without DHCP.

 

I just brought up DHCPv6 as a possible tool to communicate the CenturyLink /56 delegated prefix from the Cisco router to the layer 3 switch.

 

Hope that adds clarity to the question.

Hi Sam,

 

I see exactly what you would like to achieve now. I am unfortunatly unaware of any technique you could use to pass the 6RD delegated prefix from the router to the switch. The best option is to let the router to act as your ipv6 router and to use the L3 switch as pure L2.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
MĆ©xico mĆ³vil: +52 1 55 8312 4915
Cisco MĆ©xico
Paseo de la Reforma 222
Piso 19
CuauhtƩmoc, JuƔrez
Ciudad de MĆ©xico, 06600
MĆ©xico

Thanks for your help. Yeah, I wanted to avoid doing that because I'd like routing to happen through the layer 3 switch first so that I can put my IPv4 / IPv6 ACLs on the switch SVI instead of having the router consume resources for non-routing functions.

Hi, I realise your last post was in 2018, I was wondering if you got this to work?

I'm ion the same boat, I've moved to a new ISP that via prefix-delegation hands me a dynamic /56 my last ISP handed out a static /56

On my downstream layer three switch I have several SVI's that I'd like to be able to distribute /64's from that delegated /56.

Hi @mikeyk ,

 

Can you please give us a bit more information about your topology so we can help.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
MĆ©xico mĆ³vil: +52 1 55 8312 4915
Cisco MĆ©xico
Paseo de la Reforma 222
Piso 19
CuauhtƩmoc, JuƔrez
Ciudad de MĆ©xico, 06600
MĆ©xico

Thanks @Harold Ritter 

 

ISP (Starlink) <--> Gi0/0 ISR Router1 Gi0/1 <--> L3 Switch  - Multiple SVI's 

 

On Router1 the ISP facing interface is;

interface GigabitEthernet0/0

 description Link to Starlink

 ip dhcp client default-router distance 1

 ip address dhcp

 no ip redirects

 no ip proxy-arp

 ip nat outside

 ip virtual-reassembly in

 load-interval 30

 duplex auto

 speed auto

 ipv6 address STARLINK-PD ::FF:0:0:0:1/64

 ipv6 address autoconfig default

 ipv6 enable

 ipv6 nd dad attempts 10

 ipv6 nd managed-config-flag

 ipv6 dhcp client pd STARLINK-PD rapid-commit

 ipv6 verify unicast reverse-path

 ipv6 traffic-filter INTERNET-IN-ACL6 in

 no keepalive

end

 

Router1 Interface facing L3Switch

interface GigabitEthernet0/1

 description Uplink to NSYLSW01

 ip address 10.255.31.249 255.255.255.248

 ip nat inside

 ip virtual-reassembly in

 duplex auto

 speed auto

 ipv6 address STARLINK-PD ::1/64

 ipv6 enable

 ipv6 nd other-config-flag

 ipv6 verify unicast reverse-path

 ipv6 ospf 1 area 0

 ipv6 traffic-filter DENY-ACL6 out

end

 

This is the VLAN interface facing Router1

NSYLSW01#sh run interface vlan 500 

interface Vlan500

 description link to Router01

 ip address 10.255.31.254 255.255.255.248

 ipv6 address autoconfig

 ipv6 enable

 ipv6 ospf 1 area 0

end

 

Router01 receives DP from ISP

router01#sh ipv6 general-prefix 

IPv6 Prefix STARLINK-PD, acquired via DHCP PD

  2406:2XXX:XXX:XXX::/56 Valid lifetime 271, preferred lifetime 121

   GigabitEthernet0/0 (Address command)

   GigabitEthernet0/1 (Address command)

 

I can manually split up the /56 in to /64's to place on the L3 Switch's SVI's but the /56 is dynamic and changes often.

I'm trying to work out the best way on the L3 switch to learn about the /56 from router1 and issue /64's from it to its own SVI's. I've been looking in to IPv6 DHCP relay or maybe an IPv6 specific method.

 

Cheers,

Michael

 

Hi @mikeyk ,

 

I do not know of any technique that would allow you to further delegate the delegated prefix from the router to the layer3 switch. The easiest way to get your setup working dynamically would be to handle all of the layer3 aspect on the router and leave the layer2 to the switch. 

 

You would need to configure a separate sub interface on router1 gi0/1 for each vlan that need a L3 subnet. You would then assign an IPv4 and IPv6 subnet to each subinterface on router 1. This would be completely automatic. The interface on the switch facing router 1 would be configured a trunk and would cary all VLANS that require Internet access.

 

Here's a sample config of what it would look like on router 1:

 

interface GigabitEthernet0/1.1

ipv6 address STARLINK-PD ::1:0:0:0:1/64

encapsulation dot1q 1

interface GigabitEthernet0/1.2

ipv6 address STARLINK-PD ::2:0:0:0:1/64

encapsulation dot1q 2

interface GigabitEthernet0/1.3

ipv6 address STARLINK-PD ::3:0:0:0:1/64

encapsulation dot1q 3

 

Regards, 

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
MĆ©xico mĆ³vil: +52 1 55 8312 4915
Cisco MĆ©xico
Paseo de la Reforma 222
Piso 19
CuauhtƩmoc, JuƔrez
Ciudad de MĆ©xico, 06600
MĆ©xico
Review Cisco Networking for a $25 gift card