IPv6 Global Unicast Address Configuration

Questions and Answers

Which command is used to manually configure an IPv6 global unicast address (GUA) on a router?

• `ip address ipv6-address subnet-mask`
• `ipv6 address ipv6-address/prefix-length` (correct)
• `ipv6 unicast-routing`
• `interface ipv6 address ipv6-address/prefix-length`

What is the primary reason most Windows hosts are configured to dynamically acquire an IPv6 GUA?

• To simplify network management and reduce errors. (correct)
• To ensure compatibility with older IPv4 networks.
• To improve network security by using temporary addresses.
• To reduce the load on DHCP servers.

What is the purpose of the zone ID or scope ID at the end of an IPv6 link-local address?

• To identify the specific network segment.
• To encrypt the link-local communication.
• To associate the LLA with a specific interface. (correct)
• To provide a unique identifier for the host within the network.

Which protocol do stateless and stateful IPv6 address assignment methods use to communicate configuration information?

ICMPv6 Router Advertisement (RA) (B)

Which statement accurately describes how a host determines its IPv6 configuration when using SLAAC?

The host uses RA messages exclusively for all addressing, including creating its own GUA. (D)

What is the role of the 'A' flag in an ICMPv6 RA message?

Signifies to use Stateless Address Autoconfiguration (SLAAC) to create an IPv6 GUA. (D)

What happens when the 'O' flag is set in an ICMPv6 Router Advertisement (RA) message?

The host uses SLAAC and also seeks additional information from a stateless DHCPv6 server. (B)

What is the significance of the 'M' flag in an ICMPv6 RA message?

It indicates that the host should use a stateful DHCPv6 server to obtain an IPv6 GUA. (C)

Which IPv6 multicast address is used by a host to send a Router Solicitation (RS) message?

ff02::2 (C)

What is the primary purpose of a Router Solicitation (RS) message in IPv6?

To request immediate IPv6 addressing information from a router. (A)

When using SLAAC, how does a host generate the interface ID portion of its IPv6 address?

It is generated randomly or based on the host's MAC address using EUI-64. (D)

Which method of interface ID generation is used by Windows 10 hosts by default?

Randomly generated (B)

What is the purpose of Duplicate Address Detection (DAD) in IPv6?

To ensure that an IPv6 address is unique before it is used. (B)

According to the Internet Engineering Task Force (IETF), which of the following is true regarding Duplicate Address Detection (DAD)?

DAD should always be used on IPv6 unicast addresses, regardless of how the address is configured. (B)

Which of the following is true regarding stateful DHCPv6?

Stateful DHCPv6 does not require SLAAC. (B)

For DHCPv6 messages, which UDP port is used by the server to communicate with the client?

546 (B)

For DHCPv6 messages, which UDP port is used by the client to communicate with the server?

547 (D)

In stateless DHCPv6, what information does the DHCPv6 server provide?

Only configuration parameters, without maintaining a list of IPv6 address bindings. (B)

Which command enables stateless DHCPv6 on an interface?

ipv6 nd other-config-flag (C)

In stateful DHCPv6, what is one key difference compared to stateless DHCPv6?

The DHCPv6 server maintains a list of IPv6 address bindings. (C)

What are the three possible roles a Cisco IOS router can be configured to provide DHCPv6 services?

Server, Client, Relay Agent (D)

Which command is required to enable IPv6 routing before configuring a router as a stateless DHCPv6 server?

ipv6 unicast-routing (C)

If a router is configured as a stateless DHCPv6 server, what is the next step after defining the DHCPv6 pool name?

Configure the DHCPv6 pool with options such as DNS server. (D)

To verify that clients have received IPv6 addressing information from a stateless DHCPv6 server, which command is used on the client?

ipconfig /all (C)

What command is used on a client router to use SLAAC to obtain an IPv6 address?

ipv6 address autoconfig (D)

What is the command used to display DHCP option information received by a client?

show ipv6 dhcp interface g0/0/1 (B)

For a router configured as a stateful DHCPv6 server, which command is used to inform clients not to use SLAAC?

ipv6 nd prefix default no-autoconfig (D)

Which command verifies the name and parameters of the DHCPv6 pool?

show ipv6 dhcp pool (D)

Which command is used to display the IPv6 link-local address of the client and the global unicast address assigned by a stateful DHCPv6 server?

show ipv6 dhcp binding (B)

If a DHCPv6 server is on a different network, what role must be configured to forward DHCPv6 messages?

DHCPv6 Relay Agent (D)

Which command is used to configure a DHCPv6 relay agent, specifying the DHCPv6 server address and egress interface?

ipv6 dhcp relay destination (B)

Which command verifies a DHCPv6 relay agent is operational?

show ipv6 dhcp interface (A)

Flashcards

IPv6 GUA Configuration (Router)

On a router, an IPv6 GUA is manually configured using the 'ipv6 address ipv6-address/prefix-length' command.

Automatic IPv6 Configuration

A host uses an ICMPv6 Router Advertisement (RA) message to automatically configure an IPv6 address.

IPv6 Link-Local Address

An IPv6 address automatically created by a host when it boots and the Ethernet interface is active.

Zone ID/Scope ID

The "%" and number at the end of the link-local address, which the OS uses to associate the LLA with a specific interface.

Dynamic IPv6 GUA Assignment

A method where a host can dynamically obtain a GUA using stateless and stateful services.

Stateless Address Autoconfiguration (SLAAC)

A method where a router sends Router Advertisement (RA) messages, providing all IPv6 addressing information.

SLAAC with Stateless DHCPv6

A method where Router Advertisements provide the IPv6 configuration information, and hosts are informed to then contact a stateless DHCPv6 server for additional configuration information.

Stateful DHCPv6

A method where Router Advertisement messages inform hosts to contact a stateful DHCPv6 server (or DHCPv6-enabled router) for all IPv6 configuration information, except the default gateway address.

ICMPv6 RA messages

These inform a host how to create or acquire its IPv6 configuration dynamically.

A flag (RA message)

The Address Autoconfiguration flag, which signifies to use Stateless Address Autoconfiguration (SLAAC) to create an IPv6 GUA.

O flag (RA message)

The Other Configuration flag, which signifies that additional information is available from a stateless DHCPv6 server.

M flag (RA message)

The Managed Address Configuration flag, that signifies to use a stateful DHCPv6 server to obtain an IPv6 GUA.

SLAAC (Stateless)

A stateless service where there is no server that maintains network address information.

Router Solicitation (RS) Message

A message sent by a host requesting a Router Advertisement.

ICMPv6 RA messages

A router sends these every 200 seconds, providing addressing and other configuration information for hosts.

Generate Interface ID

The process a host uses to create the last 64 bits of the IPv6 address from the Router Advertisement.

EUI-64

A method used to create the interface ID using the 48-bit MAC address address and inserting the hex value of fffe in the middle of the address.

Duplicate Address Detection (DAD)

The process a SLAAC host uses to ensure the IPv6 GUA is unique using ICMPv6 Neighbor Solicitation (NS) messages.

DAD Conflict Resolution

When a host sends an ICMPv6 Neighbor Solicitation (NS) message and receives an NA in return, the host must generate a new interface ID.

SLAAC and DHCPv6

An operation where stateful DHCPv6 is not required while stateless DHCPv6 is.

DHCPv6 operation

1. Host sends an RS message, 2. Router responds with an RA message, 3. Host sends a DHCPv6 SOLICIT message, 4. The DHCPv6 server responds with an ADVERTISE message, 5. Host responds to the DHCPv6 server, 6. The DHCPv6 server sends a REPLY message.

Stateless DHCPv6

The IPv6 address assignment method where the host uses the information in the RA message for addressing and contacts a DHCPv6 server for additional information.

ipv6 nd other-config-flag

An interface command used to enable stateless DHCPv6, setting the O flag to 1.

Stateful DHCPv6 Operation

The IPv6 address assignment method where the host contacts a DHCPv6 server for all configuration information.

ipv6 nd managed-config-flag

An interface commmand used to enable stateful DHCPv6, setting the M flag to 1.

DHCPv6 Server Role

This router provides stateless or stateful DHCPv6 services.

DHCPv6 Client Role

This router interface acquires an IPv6 IP configuration from a DHCPv6 server.

DHCPv6 Relay Agent Role

This router provides DHCPv6 forwarding services when client and server are located on different networks.

ipv6 unicast-routing

Command that enables IPv6 routing.

ipv6 dhcp pool POOL-NAME

Command that defines a DHCPv6 pool name.

ipv6 dhcp server POOL-NAME

The interface command is used for assigning the DHCPv6 pool to an interface.

show ipv6 dhcp pool

Command to show DHCPv6 pool parameters.

show ipv6 dhcp binding

Command to display IPv6 address bindings.

ipv6 dhcp relay destination

Command to setup a device to be a DHCP relay agent

show ipv6 dhcp interface

Command to verify that the router is in relay mode.

Study Notes

IPv6 Global Unicast Address (GUA) Assignment

• Manually configuring an IPv6 GUA on a router is done using the ipv6 address ipv6-address/prefix-length interface configuration command.
• It is possible to manually configure a Windows host with an IPv6 GUA address, but it can be time-consuming and prone to errors.
• Most Windows hosts are set up to automatically get an IPv6 GUA configuration.

IPv6 Host Link-Local Address

• When automatic IPv6 addressing is enabled, a host uses an Internet Control Message Protocol version 6 (ICMPv6) Router Advertisement (RA) message to configure itself.
• The IPv6 link-local address is automatically created when the host boots up and the Ethernet interface is active.
• The interface shown didn't create an IPv6 GUA because the network didn't have a router providing configuration instructions.
• The "%" and the number at the end of the link-local address is a Zone ID or Scope ID, used by the OS to link the LLA with a specific interface.
• DHCPv6 is defined in RFC 3315.

IPv6 GUA Assignment Methods

• By default, IPv6-enabled routers regularly send ICMPv6 RAs.
• This simplifies how a host can dynamically create or get its IPv6 configuration.
• A host can get a GUA through stateless and stateful services.
• All stateless and stateful methods in this module use ICMPv6 RA messages to suggest how to create/get an IPv6 configuration.
• While host OSs usually follow RA suggestions, the final decision is up to the host.

Router Advertisement (RA) Message Flags

• How a client gets an IPv6 GUA depends on the RA message settings.
• An ICMPv6 RA message has three flags:
• A flag (Address Autoconfiguration flag): signifies using Stateless Address Autoconfiguration (SLAAC) to create an IPv6 GUA.
• O flag (Other Configuration flag): indicates that more information is available from a stateless DHCPv6 server.
• M flag (Managed Address Configuration flag): signifies using a stateful DHCPv6 server to get an IPv6 GUA.
• Different combinations of the A, O, and M flags in RA messages inform the host about dynamic configuration options.

SLAAC Overview

• Since not every network can access a DHCPv6 server but every device in an IPv6 network needs a GUA, SLAAC enables hosts to create their own unique IPv6 global unicast address without a DHCPv6 server.
• SLAAC is a stateless service, meaning no server tracks network address information or which IPv6 addresses are in use.
• SLAAC sends periodic ICMPv6 RA messages (every 200 seconds) with addressing and configuration info for hosts to autoconfigure their IPv6 address based on the RA.
• A host can also send a Router Solicitation (RS) message to request an RA.
• SLAAC can be deployed alone or with DHCPv6.

Enabling SLAAC

• Router R1's G0/0/1 interface has been configured with the IPv6 GUA and link-local addresses fe80::1, 2001:db8:acad:1::1 and subnet 2001:db8:acad:1::/64.
• Router is configured to join the IPv6 all-nodes group ff02::1 to send RA messages with address configuration info to SLAAC hosts.
• The IPv6 all-routers group responds to the IPv6 multicast address ff02::2.
• The 'show ipv6 interface' command verifies that R1 has joined the IPv6 all-routers group.
• R1 sends RA messages every 200 seconds to the IPv6 all-nodes multicast address ff02::1.

SLAAC Only Method

• RA messages from the router have these flags set:
• A = 1: informs the client to use the IPv6 GUA prefix in the RA and dynamically create its own Interface ID.
• O = 0 and M = 0: informs the client to also use the additional information in the RA message (DNS server, MTU, and default gateway).
• The ipconfig command confirms that PC1 generated an IPv6 GUS using the router's RA.
• The default gateway address is the link-local address (LLA) of Router R1's G0/0/1 interface.

ICMPv6 Router Solicitation (RS) Messages

• A router sends RA messages every 200 seconds or when it gets an RS from a host.
• IPv6 enabled hosts send an RS message to the IPv6 all-routers multicast address of ff02::2 when they want to get IPv6 addressing information.
• A host (PC1) sends an RS message to the IPv6 all-routers multicast address of ff02::2 to request an RA.
• The router generates an RA, sends the RA message to the IPv6 all-nodes multicast address of ff02::1 and the host PC1 uses this info to create a unique IPv6 GUA.

Host Interface ID Generation

• Using SLAAC, a host uses its 64-bit IPv6 subnet information from the RA and generates the remaining 64-bit interface identifier (ID) using:
• Random generation: the 64-bit interface ID is randomly generated by the client OS (used by Windows 10).
• EUI-64: creates an interface ID using its 48-bit MAC address, inserting the hex value of “fffe” in the middle of the address.
• Some operating systems uses randomly generated interface for privacy concerns.
• Windows, Linux and Mac OS allows modifying the interface ID generation to either randomly generated or to use EUI-64.

Duplicate Address Detection (DAD)

• A SLAAC host uses the Duplicate Address Detection (DAD) process to ensure its IPv6 GUA is unique.
• The host sends an ICMPv6 Neighbor Solicitation (NS) message with a solicited-node multicast address containing the IPv6 address's last 24 bits.
• If no other devices respond with a Neighbor Advertisement (NA) message, the address is unique and can be used.
• If an NA is received, the address isn't unique, so the host must generate a new interface ID.
• DAD isn't always needed, as a 64-bit interface ID provides 18 quintillion possibilities, but the IETF recommends it.
• Most operating systems perform DAD on all IPv6 unicast addresses, no matter how the address is configured.

DHCPv6 Operation Steps

• Stateful DHCPv6 doesn't require SLAAC, but stateless DHCPv6 does.
• Regardless of whether an RA indicates DHCPv6 or stateful DHCPv6:
  1. The host sends an RS message.
  2. The router responds with an RA message.
  3. The host sends a DHCPv6 SOLICIT message.
  4. The DHCPv6 server responds with an ADVERTISE message.
  5. The host responds to the DHCPv6 server.
  6. The DHCPv6 server sends a REPLY message.
• Server-to-client DHCPv6 messages use UDP destination port 546; client-to-server DHCPv6 messages use UDP destination port 547.

Stateless DHCPv6 Operation

• When a Router Advertisment indicates stateless DHCPv6, the host uses the RA information for addressing then contacts a DHCPv6 server for additional information.
• The DHCPv6 server provides configuration parameters and does not maintain a list of IPv6 address bindings (stateless).
• PC1 receives a stateless RA message containing: the IPv6 GUA network prefix and prefix length, A flag set to 1 informing the host to use SLAAC, O flag set to 1 informing the host to seek additional configuration information from a DHCPv6 server and M flag set to default value of 0.
• PC1 sends a DHCPv6 SOLICIT message seeking additional information from a stateless DHCPv6 server.

Enabling Stateless DHCPv6

• Enable stateless DHCPv6 using the ipv6 nd other-config-flag interface configuration command, setting the O flag to 1.
• The output confirms the RA tells hosts to use stateless autoconfig (A flag = 1) and contact a DHCPv6 server for more configuration info (O flag = 1).
• The no ipv6 nd other-config-flag command resets the interface to SLAAC only (O flag = 0).

Stateful DHCPv6 Operation

• If an RA indicates stateful DHCPv6, the host contacts a DHCPv6 server for all configuration information.
• The DHCPv6 server is stateful and keeps track of IPv6 address bindings.
• For example, PC1 receives a stateful RA message containing the IPv6 GUA network prefix and prefix length, A and O flags set to 0 informing the host to contact a DHCPv6 server and the M flag set to 1. The PC1 sends a DHCPv6 SOLICIT message seeking more information from the DHCP server.

Enabling Stateful DHCPv6

• Enable stateful DHCPv6 by using the ipv6 nd managed-config-flag interface configuration command setting the M flag to 1.
• Highlighted output confirms the RA tells the host to get all IPv6 configuration information from a DHCPv6 server (M flag = 1).

DHCPv6 Router Roles

• Cisco IOS routers are powerful devices that can act as a DHCPv6 server, client, or relay agent in smaller networks.
• They can be configured as:
• DHCPv6 Server: Provides stateless or stateful DHCPv6 services.
• DHCPv6 Client: Router interface acquires an IPv6 IP configuration from a DHCPv6 server.
• DHCPv6 Relay Agent: Provides DHCPv6 forwarding services when the client and server are on different networks.

Configuring a Stateless DHCPv6 Server

• The router has to advertise the IPv6 network addressing information in RA messages.
• There are 5 steps:
  1. Enable IPv6 routing using the ipv6 unicast-routing command.
  2. Define a DHCPv6 pool name using the ipv6 dhcp pool POOL-NAME global configuration command.
  3. Configure the DHCPv6 pool with options, like dns-server X:X:X:X:X:X:X:X and domain-name name.
  4. Bind the interface to the pool using the ipv6 dhcp server POOL-NAME interface configuration command and manually change the O flag from 0 to 1 using the ipv6 nd other-config-flag interface command and the A flag is 1 by default.
  5. Verify that hosts received IPv6 addressing information using the ipconfig /all command.

Configuring a Stateless DHCPv6 Client

• A router can be both a DHCPv6 client and get its IPv6 config from a DHCPv6 server.
• Steps:
  1. Enable IPv6 routing using the ipv6 unicast-routing command.
  2. Configure the client router to create an LLA. An IPv6 link-local address is created on a router interface when a global unicast address is configured, or without a GUA using the ipv6 enable interface configuration command. Cisco IOS uses EUI-64 to create the Interface ID.
  3. Configure the client router to use SLAAC using the ipv6 address autoconfig command.
  4. Verify that the client router is assigned a GUA using the show ipv6 interface brief command.
  5. Verify that the client router received other necessary DHCPv6 information with the show ipv6 dhcp interface g0/0/1 command.

Configuring a Stateful DHCPv6 Server

• Requires that the IPv6 enabled router tells the host to contact a DHCPv6 server to obtain all necessary IPv6 network addressing information.
• The configuration and verification steps are:
  1. Enable IPv6 routing using the ipv6 unicast-routing command.
  2. Define a DHCPv6 pool name using the ipv6 dhcp pool POOL-NAME global config command.
  3. Configure the DHCPv6 pool with options like the address prefix command, domain name, DHS server IP address, etc.
  4. Bind the interface to the pool using the ipv6 dhcp server POOL-NAME interface config command and manually change the M flag from 0 to 1 using the interface command ipv6 nd managed-config-flag and manually change the A flag from 1 to 0 using the ipv6 nd prefix default no-autoconfig interface command.
  5. Verify that the hosts have received IPv6 addressing info using the ipconfig /all command.

Configuring a Stateful DHCPv6 Client

• A router can also be a DHCPv6 client, needing ipv6 unicast-routing enabled and an IPv6 link-local address to send/receive IPv6 messages.
• To configure/verify a router as a stateless DHCPv6 client:
  1. Enable IPv6 routing using the ipv6 unicast-routing command.
  2. Configure the client router to create an LLA using the ipv6 enable interface config command and the client router will use EUI-64 to create an Interface ID.
  3. Configure the client router to use DHCPv6 using the ipv6 address dhcp interface config command.
  4. Verify that the client router is assigned a GUA using the show ipv6 interface brief command.
  5. Verify received DHCPv6 info by using the show ipv6 dhcp interface g0/0/1 command.

DHCPv6 Server Verification

• The show ipv6 dhcp pool command is used to verify the name of the DHCPv6 pool, its parameters, and the number of active clients.
• The show ipv6 dhcp binding command displays the IPv6 link-local address of the client and the GUA assigned by the server. This information is maintained by a stateful DHCPv6 server only.

Configuring a DHCPv6 Relay Agent

• An IPv6 router can be a DHCPv6 relay agent for clients on different networks which is similar to an IPv4 router as a DHCPv4 relay.
• The relay agent points to the DHCPv6 server destination, with an optional egress interface if there is a next hop LLA.
• To verify that the relay agent is operational use the show ipv6 dhcp interface and show ipv6 dhcp binding commands.
• Use the Windows ipconfig /all command to verify and confirm the Windows hosts have received IPv6 addressing information.