Sunday, 10 January 2016

IPv6 autoconfiguration

IPv6 Address Autoconfiguration and Stateless DHCPv6

 

We always hear much excitement regarding the stateless address autoconfiguration capability in IPv6, but we never seem to get to see it in action. And also, we realize that one router can provide another with the address information it needs, but what about things like DNS server information? In this demonstration I will show how the stateless autoconfiguration can be setup, as well as a nifty stateless DHCPv6 implementation that can assist with the other configuration information.

For this demonstration, I just fired up two routers in Dynamips (R1 and R2) and connected them via their respective Fa0/0 interfaces. R1 will be our “server” and R2 will be our dependent little “client”. Let us start at the server and ensure it is configured for the IPv6 stateless address autoconfiguration part.
R1# conf t
R1(config)# ipv6 unicast-routing
R1(config)# int fa0/0
R1(config-if)# no shut
R1(config-if)# ipv6 address 2001:1212::/64 eui-64
R1(config-if)# ipv6 nd prefix 2001:1212::/64
R1(config-if)# no ipv6 nd suppress-ra
Simple stuff – notice that we are leveraging the Neighbor Discovery process of IPv6 in order to provide the prefix for autoconfiguration to the link. Notice also how we have to unsuppress the sending of Router Advertisements on the link.
Now we head over to the client device:

R2# conf t
R2(config)# int fa0/0
R2(config-if)# no shut
R2(config-if)# ipv6 address autoconfig
R2(config-if)# do show ipv6 int fa0/0
FastEthernet0/0 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::C001:7FF:FEDA:0
  Global unicast address(es):
    2001:1212::C001:7FF:FEDA:0, subnet is 2001:1212::/64 [PRE]
      valid lifetime 2591911 preferred lifetime 604711
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:FFDA:0
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds
  Default router is FE80::C000:7FF:FEDA:0 on FastEthernet0/0
 
How about that! One command – ipv6 address autoconfig – and the client autoconfigures its link-local and global unicast addresses. But now we want to have R1 provide R2 with its DNS server address and domain name. To do this, we will configure stateless DHCPv6.

R1# conf t
R1(config)# ipv6 dhcp pool DHCP_POOL
R1(config-dhcp)# dns-server 2001:1212::100
R1(config-dhcp)# domain-name test.com
R1(config-dhcp)# int fa0/0
R1(config-if)# ipv6 dhcp server DHCP_POOL
R1(config-if)# ipv6 nd other-config-flag
 
Notice the key ND command here instructing that autoconfiguration process that there is additional configuration to obtain. What is there to do on the client device? Nothing! That is the whole point.  Let’s verify this actually worked at the client, however:
R2# show ipv6 dhcp int fa0/0
FastEthernet0/0 is in client mode
  State is IDLE
  List of known servers:
    Reachable via address: 2001:1212::C000:7FF:FEDA:0
    DUID: 00030001C20007DA0000
    Preference: 0
    Configuration parameters:
      DNS server: 2001:1212::100
      Domain name: test.com
  Rapid-Commit: disabled
 
I hope you enjoyed this.

Note: there are codes that  does not support “no ipv6 nd suppress-ra” even without this command things worked just fine.  Debug on client side showed RA advertisements and RA requests from Server were being sent.
Also its quite interesting to note that “ipv6 nd prefix xxxx” command can help us to force client side to accept ipv6 address xxxx (provided by ipv6 nd prefix xxxx) along with server side interface address. Now client will have two IPv6 address, auto configured.

The “ipv6 nd other-config-flag” command on the server side of the configuration sets a flag in the Router Advertisements (RAs) sent from the router. This flag setting instructs the clients how they can obtain the non-IPv6 address information they need. In our example, this was the DNS Server address and Domain Name. What is a bit confusing about this is the fact that the flag that is being set is the “other stateful configuration” flag per the documentation. We realize, of course, that the way we implemented things here, it is really all stateless. The IPv6 address information is going to the client stateless via autoconfiguration, and the DNS information is going stateless via a stateless DHCPv6 implementation.