Regional Cisco Networking Academy Conference 2014 Giving you the knowledge and confidence to teach IPv6 DHCPv6-PD (Prefix Delegation) IPv6 Address Allocation to the Home Rick Graziani CS/CIS Instructor Cabrillo College Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 1 The World of IPv4 – DHCPv4 and NAT NAT ISP G0/1 G0/1 DHCPv4 Public IPv4 Address for the interface HOME DHCPv4 G0/0 Private IPv4 Address 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 • ISP only has to deliver a public IPv4 address for Home router interface. • DHCPv4 and RFC 1918 private address space is used for home network. • NAT is used for translation – but has its drawbacks! • No NAT (like that… kind of) for IPv6 Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 2 The World of IPv6 – DHCPv6-PD (Prefix Delegation) Complete IPv6 Reachability Delegating Router (DR) ISP-DR Requesting Router (RR) G0/1 G0/1 HOME-RR G0/0 Global IPv6 Address Global IPv6 Address • IPv6 End-to-end reachability: • Home network gets its own IPv6 prefix (public address) • No NAT • ISP router is known as the Delegating Router (DR) • HOME router is known as the Requesting Router (RR) Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 3 The World of IPv6 – DHCPv6-PD (Prefix Delegation) Complete IPv6 Reachability Delegating Router (DR) ISP-DR G0/1 Requesting Router (RR) G0/1 HOME-RR G0/0 Global IPv6 Address Global IPv6 Address After getting an IPv6 address on its ISP-facing interface, HOME-RR needs to: Step 1: Request a Prefix for its LAN(s) Step 2: Subnet the prefix for its LANs (optional) – Get a /48 but assign /64s Step 3: Assign an IPv6 address from the prefix to its LAN interface Step 4: Advertises the prefix in a Router Advertisement to devices on the LAN Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 4 The World of IPv6 – DHCPv6-PD (Prefix Delegation) Complete IPv6 Reachability Delegating Router (DR) ISP-DR Requesting Router (RR) G0/1 G0/1 HOME-RR IPv6 Address for the interface: • SLAAC • DHCPv6 (Stateful or Stateless) G0/0 ? • First, HOME’s ISP facing interface needs an IPv6 address. • Similar to any IPv6 client it may dynamically get an address using: • SLAAC - Using prefix in RA • Stateless DHCPv6 – Using prefix in RA and perhaps DNS address from DHCPv6 server • Stateful DHCPv6 - Like DHCPv4 • What about the address for the HOME LAN? Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 5 The World of IPv6 – DHCPv6-PD (Prefix Delegation) Delegating Router (DR) ISP-DR 3 Requesting Router (RR) G0/1 G0/1 DHCPv6-PD REQUEST RA with /64 prefix HOME-RR G0/0 3 1 G0/1 2 DHCPv6-PD REPLY with /48 prefix Step 1. HOME asks the ISP for an address to allocate for it’s LANs • DHCPv6-PD is initiated by the RR! Step 2. ISP delegates an IPv6 prefix for HOME • Example: ISP sends HOME a /48 prefix Step 3. HOME advertises prefix using SLAAC RA messages (currently only option) • HOME advertises the prefix out its interfaces using ICMPv6 Router Advertisement messages • HOME assigns the prefix or subnets of the prefix to one or more interfaces © 2013 Cisco Systems, Inc. All rights reserved. • Example: HOME interfaces are assigned /64 subnets from Cisco theconfidential. /48 prefix Cisco Networking Academy, U.S./Canada 6 Our Example - DHCPv6-PD 2001:DB8:FEED:6::/64 ISP-DR G0/1 :1 SLAAC 2001:DB8:AB00:1::/64 G0/0 G0/1 :EUI-64 HOME-RR :1 Router Advertisement 2001:DB8:FEED:6::/64 SLAAC DHCPv6 Prefix Delegation Prefix Delegation for the HOME 2001:DB8:AB00:/48 Router Advertisement 2001:DB8:AB00:1::/64 • ISP will deliver an IPv6 address for HOME’s G0/1 interface using SLAAC • ISP will delegate the 2001:DB8:AB00::/48 prefix to HOME to allocate to its LANs • HOME will use the 2001:DB8:AB00:1::/64 subnet for its G0/0 interface. • Assign :1 to the G0/0 interface • G0/0 LAN will receive the 2001:DB8:AB00:1::/64 prefix and other information using SLAAC (RA). Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 7 RA and DHCPv6-PD Messages Note: If instead of SLAAC, HOME uses SLAAC ICMPv6 Router Solicitation ICMPv6 Router Advertisement ISP DR G0/1 G0/1 SOLICIT: Prefix Delegation request DHCPv6-PD ADVERTISE REQUEST DHCPv6 for its G0/1 address, a separate set of DHCPv6 messages will be exchanged between the two routers. HOME RR G0/0 The RR must be enabled with the PD option In the case where the RR only has one DR the rapid commit option omits these two steps. REPLY: Include Prefix ICMPv6 Router Advertisement (RA) SLAAC Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 8 HOME-RR Configuration 2001:DB8:FEED:6::/64 ISP-DR G0/1 :1 2 2001:DB8:FEED:6::/48 2001:DB8:AB00:1::/64 G0/1 G0/0 :EUI-64 HOME-RR :1 1 Router Solicitation Router Advertisement DHCPv6 PD Request 3 HOME-RR(config)# ipv6 unicast-routing HOME-RR(config)# interface gig 0/1 HOME-RR(config-if)# ipv6 address autoconfig default HOME-RR(config-if)# ipv6 dhcp client pd DHCPV6-PREFIX-FROM-ISP ! Required to send RA ! ! ! ! Use RA & add default Request DHCPv6-PD. rapid-commit option can be used. HOME-RR(config)# interface gig 0/0 HOME-RR(config-if)# ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64 Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. ! RA /48 from PD 9 HOME-RR Configuration 2001:DB8:FEED:6::/64 ISP-DR G0/1 :1 2001:DB8:AB00:1::/64 G0/1 G0/0 :EUI-64 HOME-RR :1 3 DHCPv6 PD Request 2001:DB8:AB00::/48 DHCPv6 PD Reply 1 2001:DB8:AB00:1::1/64 2001:DB8:AB00:1::/64 Router Advertisement 2 3 HOME-RR(config)# interface gig 0/1 HOME-RR(config-if)# ipv6 address autoconfig default HOME-RR(config-if)# ipv6 dhcp client pd DHCPV6-PREFIX-FROM-ISP HOME-RR(config)# interface gig 0/0 HOME-RR(config-if)# ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64 First 48 bits replaced by the prefix received by DHCPv6-PD Subnet-ID 2001:DB8:AB00:: Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. ! For G0/0 & RA Interface ID 10 ISP-DR Configuration 2001:DB8:FEED:6::/64 ISP-DR SLAAC DHCPv6-PD G0/1 :1 Router Advertisement 2001:DB8:FEED:6::/64 2001:DB8:AB00:1::/64 G0/1 G0/0 :EUI-64 HOME-RR :1 For G0/1 interface Prefix Delegation for the HOME 2001:DB8:AB00:/64 For HOME LANs ISP-DR(config)# ipv6 unicast-routing ISP-DR(config)# interface gig 0/1 ISP-DR(config-if)# ipv6 address 2001:db8:feed:6::1/64 ISP-DR(config-if)# ipv6 address fe80::feed:1 link-local ISP-DR(config-if)# ipv6 dhcp server DHCPV6-CLIENT-ADDRESS ISP-DR(config)# ipv6 dhcp pool DHCPV6-CLIENT-ADDRESS ISP-DR(config-dhcpv6)# prefix-delegation pool DHCPV6-PD-POOL ISP-DR(config-dhcpv6)# dns-server 2001:DB8:AAAA::1 ! Also a DHCPv6 server Pool can include address prefix command if stateful DHCPv6 is used instead of SLAAC. ISP-DR(config)# ipv6 local pool ©DHCPV6-PD-POOL 2001:DB8:AB00::/40 48 Cisco Networking Academy, U.S./Canada 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 11 ISP-DR Configuration 2001:DB8:FEED:6::/64 ISP-DR G0/1 :1 2001:DB8:AB00:1::/64 G0/1 G0/0 :EUI-64 HOME-RR :1 2001:DB8:AB00::/40 2001:DB8:AB00::/48 2001:DB8:AB01::/48 2001:DB8:AB02::/48 … 2001:DB8:ABFF::/48 DHCPv6 PD Reply 2001:DB8:AB00:1::/64 Router Advertisement ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64 ISP-DR(config)# ipv6 dhcp pool DHCPV6-CLIENT-ADDRESS ISP-DR(config-dhcpv6)# prefix-delegation pool DHCPV6-PD-POOL ! DHCPv6 address pool ISP-DR(config-dhcpv6)# dns-server 2001:DB8:AAAA::1 ! DNS address for DHCPv6-PD ISP-DR(config)# ipv6 local pool DHCPV6-PD-POOL 2001:DB8:AB00::/40 48 ! PD pool Reserve a /40 to allocate addresses for ISP’s DHCPv6-PD clients 2001:DB8:ABxx::/40 From the /40 each DHCPv6-PD client will get a /48 Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 12 Verifying DHCPv6-PD 2001:DB8:FEED:6::/64 ISP-DR G0/1 :1 SLAAC 2001:DB8:AB00:1::/64 G0/0 G0/1 :EUI-64 HOME-RR :1 Router Advertisement 2001:DB8:FEED:6::/64 SLAAC DHCPv6 Prefix Delegation Cisco Networking Academy, U.S./Canada Prefix Delegation for the HOME 2001:DB8:AB00:/48 Router Advertisement 2001:DB8:AB00:1::/64 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 13 ISP-DR Verification 2001:DB8:FEED:6::/64 ISP-DR G0/1 :1 2001:DB8:AB00:1::/64 G0/1 G0/0 :EUI-64 HOME-RR :1 ISP-DR# show ipv6 dhcp interface gig 0/1 GigabitEthernet0/1 is in server mode Using pool: DHCPV6-CLIENT-ADDRESS Preference value: 0 Hint from client: ignored ISP-DR(config)# interface gig 0/1 Rapid-Commit: disabled ISP-DR(config-if)# ipv6 dhcp server ISP-DR# rapid-commit option not included DHCPV6-CLIENT-ADDRESS ISP-DR(config)# ipv6 dhcp pool DHCPV6-CLIENT-ADDRESS ISP-DR(config-dhcpv6)# prefix-delegation pool DHCPV6-PD-POOL ISP-DR(config-dhcpv6)# dns-server 2001:DB8:AAAA::1 ISP-DR(config)# ipv6 local pool DHCPV6-PD-POOL 2001:DB8:AB00::/40 48 Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 14 ISP-DR Verification 2001:DB8:FEED:6::/64 ISP-DR G0/1 :1 2001:DB8:AB00:1::/64 G0/1 G0/0 :EUI-64 HOME-RR :1 ISP-DR# show ipv6 local pool DHCPV6-PD-POOL Prefix is 2001:DB8:AB00::/40 assign /48 prefix 1 entries in use, 255 available, 0 rejected 0 entries cached, 1000 maximum User Prefix Interface 00030001885A923B29E000040001 2001:DB8:AB00::/48 ISP-DR# ISP-DR(config)# interface gig 0/1 ISP-DR(config-if)# ipv6 dhcp server DHCPV6-CLIENT-ADDRESS Other verification commands: • show ipv6 dhcp binding • show ipv6 dhcp interface ISP-DR(config)# ipv6 dhcp pool DHCPV6-CLIENT-ADDRESS ISP-DR(config-dhcpv6)# prefix-delegation pool DHCPV6-PD-POOL ISP-DR(config-dhcpv6)# dns-server 2001:DB8:AAAA::1 ISP-DR(config)# ipv6 local pool DHCPV6-PD-POOL 2001:DB8:AB00::/40 48 Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 15 HOME-RR Verification 2001:DB8:FEED:6::/64 ISP-DR G0/1 :1 2001:DB8:AB00:1::/64 G0/1 G0/0 :EUI-64 HOME-RR :1 HOME-RR# show ipv6 inter brief GigabitEthernet0/0 [up/up] FE80::1 2001:DB8:AB00:1::1 GigabitEthernet0/1 [up/up] FE80::8A5A:92FF:FE3B:29E1 2001:DB8:FEED:6:8A5A:92FF:FE3B:29E1 HOME-RR# SLAAC HOME-RR(config)# ipv6 unicast-routing HOME-RR(config)# interface gig 0/1 HOME-RR(config-if)# ipv6 address autoconfig default HOME-RR(config-if)# ipv6 dhcp client pd DHCPV6-PREFIX-FROM-ISP HOME-RR(config)# interface gig 0/0 HOME-RR(config-if)# ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64 Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 16 HOME-RR Verification 2001:DB8:FEED:6::/64 ISP-DR G0/1 :1 2001:DB8:AB00:1::/64 G0/1 G0/0 :EUI-64 HOME-RR :1 Router Advertisement HOME-RR# show ipv6 interface gig 0/0 2001:DB8:AB00:1::/64 GigabitEthernet0/0 is up, line protocol is up General-prefix in use for addressing Global unicast address(es): 2001:DB8:AB00:1::1, subnet is 2001:DB8:AB00:1::/64 [CAL/PRE] <Output ommited> Hosts use stateless autoconfig for addresses. HOME-RR# HOME-RR(config)# ipv6 unicast-routing HOME-RR(config)# interface gig 0/1 HOME-RR(config-if)# ipv6 address autoconfig default HOME-RR(config-if)# ipv6 dhcp client pd DHCPV6-PREFIX-FROM-ISP HOME-RR(config)# interface gig 0/0 HOME-RR(config-if)# ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64 Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 17 HOME-RR Verification 2001:DB8:FEED:6::/64 ISP-DR G0/1 :1 Default Route 2001:DB8:AB00:1::/64 G0/1 G0/0 :EUI-64 HOME-RR :1 X2001:DB8:AB00::/48 HOME-RR# show ipv6 route IPv6 Routing Table - default - 7 entries Codes: ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr – Redirect ND ::/0 [2/0] via FE80::FEED:1, GigabitEthernet0/1 S 2001:DB8:AB00::/48 [1/0] via Null0, directly connected Discard route <Output omitted> HOME-RR# HOME-RR(config)# ipv6 unicast-routing HOME-RR(config)# interface gig 0/1 HOME-RR(config-if)# ipv6 address autoconfig default HOME-RR(config-if)# ipv6 dhcp client pd DHCPV6-PREFIX-FROM-ISP HOME-RR(config)# interface gig 0/0 HOME-RR(config-if)# ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64 Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 19 HOME-RR Verification 2001:DB8:FEED:6::/64 ISP-DR G0/1 :1 2001:DB8:AB00:1::/64 G0/1 G0/0 :EUI-64 HOME-RR :1 Router Advertisement 2001:DB8:AB00:1::/64 PC> ipconfig HOME-RR(config)# interface gig 0/0 HOME-RR(config-if)# ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64 HOME-RR(config-if)# ipv6 address fe80::1 link-local For a recognizable default gateway address Windows IP Configuration Ethernet adapter Local Area Connection: IPv6 Address . . . . . . . . . . 2001:db8:ab00:1:1005:b37e:7e61:7ceb Link-local IPv6 Address. . . . . fe80::1005:b37e:7e61:7ceb Default Gateway. . . . . . . . . fe80::1 Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 20 SLAAC Router(config)# ipv6 unicast-routing Router(config-if)# no ipv6 nd suppress-ra ! This is the default Stateless DHCPv6 Router(config-if)# ipv6 nd other-config-flag Router(config-if)# ipv6 dhcp server POOL-NAME Client Server Router Advertisement Router Advertisement M=1 O=1 Router(config)# ipv6 dhcp pool POOL-NAME Router(config-dhcpv6)# dns-server dns-address Router(config-dhcpv6)# domain-name domain-name Stateful DHCPv6 Router(config-if)# ipv6 nd managed-config-flag Router(config-if)# ipv6 dhcp server POOL-NAME To all DHCPv6 Servers Router(config)# ipv6 dhcp pool POOL-NAME Router(config-dhcpv6)# address prefix ipv6-prefix/prefix-length Router(config-dhcpv6)# dns-server dns-address Router(config-dhcpv6)# domain-name domain-name DHCPv6-PD option Router(config-dhcpv6)# prefix-delegation pool ipv6-prefix/prefix-length ! Add to POOL-NAME Router(config)# ipv6 local pool POOL-NAME ipv6-address-block/prefix-length subnet-prefix-length Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 21 Server Client Router as SLAAC client SLAAC Client(config-if)# ipv6 address autoconfig [default] ! default option used for DHCPv6-PD Router as a DHCPv6 Client (Stateless or Stateful) DHCPv6 Client(config-if)# ipv6 enable ! IPv6 link-local required to send DHCPv6 messages Client(config-if)# ipv6 address dhcp Router as a DHCPv6-PD Client DR-facing Interface using SLAAC or DHCPv6 Client(config-if)# ipv6 dhcp client pd POOL-NAME ! Request DHCPv6-PD LAN-facing Interface Client(config)# ipv6 address POOL-NAME ::subnet-interfaceid-address/prefix-length Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 22 • DHCPv4 – Remember IPv4? • ICMPv6 – Used more than ICMPv4 • SLAACers – IPv6 Addressing without DHCPv6 • Stateless DHCPv6 – I have my address but need some other stuff • Stateful DHCPv6 – Just like DHCPv4 (only different) • DHCPv6-PD (Prefix Delegation) – IPv6 Prefix for the “home” Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 23 Shameless plug! • Rick Graziani - graziani@cabrillo.edu • PowerPoints for CCNA, CCNP, IPv6 • www.cabrillo.edu/~rgraziani • Username = cisco • Password = perlman Quality time with my two nieces… Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 24 Rick Graziani - graziani@cabrillo.edu www.cabrillo.edu/~rgraziani Username = cisco Password = perlman Cisco Networking Academy, U.S./Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 25
© Copyright 2024