Having come this far in your CCNA studies, you should be well familiar with the concepts of static and dynamic IPv4 addresses. Static IPv4 addresses are permanently assigned to devices like servers and routers that need to have persistent addresses. Other devices like PCs can live with IPv4 addresses assigned dynamically by DHCP (Dynamic Host Configuration Protocol). IPv6 uses the same general scheme, with devices like servers and routers using pre-configured IPv6 addresses, while user devices making use of dynamically learned IPv6 addresses. In this section, we will configure different types of IPv6 addresses used by routers to participate in different protocols.
Enterprise networks have been using IPv4 as the exclusive protocol for quite some time now. In other words, TCP/IP has been the only protocol stack in use in company networks. IPv6 is the new protocol that is supposed to replace IPv4 over time, requiring end-user hosts, servers, routers, and all other networked devices to implement IPv6. You probably can understand that the world cannot migrate all IPv4 devices to IPv6 in a week or month. The migration will rather be a process that will occur gradually, and one that has already started. Most companies will gradually migrate from IPv4 to IPv6 and the process may span years. In the mean time, most enterprise networks will be a mix of IPv4 and IPv6 protocol stacks. Our guess is that the process will be quite slow and you will still have to deal with IPv4 for the rest of your working life.
You will hear a lot about dual-stack strategy for implementing IPv6 in enterprise networks. The strategy offers a gradual migration path from IPv4 to IPv6 letting IPv4 and IPv6 to coexist. The routers are configured with IPv6 addresses on their interfaces, and they router IPv6 packets just like they route IPv4 packets. The hosts can implement IPv6 when ready, running dual stack or running both IPv4 and IPv6.
IPv6 Static Address Configuration
There are two methods of configuring static IPv6 addresses on Cisco routers:
- Configuring the full 128-bit address
- Configuring a 64-bit prefix only, and letting the router derive the rest of address
You can use the ipv6 address address/prefix-length command to configure the full 128-bit global unicast and unique local addresses. You can use the full 32-digit hex address as well as the abbreviated address in the ipv6 address address/prefix-length command.
Figure 14-4 IPv6 Address Configuration
We are going to configure 128-bit IPv6 addresses on R1 and R2 and you will see the configuration is quite simple.
We have used the unabbreviated address format in the configuration for R1 while using the abbreviated address format on R2.
We used an easily forgotten command while configuring IPv6 addresses on R1 and R2 and that is ipv6 unicast-routing. We are used to configuring IPv4 addresses on routers and you don’t have to enable IPv4 processing on routers as it is enabled by default. That’s not the case with IPv6 yet and you must enable IPv6 routing using the single ipv6 unicast-routing command. If you configure IPv6 addresses on router interfaces but leave out the ipv6 unicast-routing command, the router can still be configured with interface IPv6 addresses, but it acts more like a host and cannot route IPv6 packets.
You can use the show ipv6 interface brief or show ipv6 interface commands to verify IPv6 addresses configured on router interfaces. The router always displays IPv6 addresses in the abbreviated format even if you had configured them in the unabbreviated format. The output of show ipv6 interface brief command executed on R1 and R2 demonstrates the fact, as shown below.
You can also use the show ipv6 interface command that provides more detailed information.
The router automatically adds IPv6 connected routes to the IPv6 routing table. The connected routes are kept in the IPv6 routing table only when the interface is in an up/up state.
We have covered configuration of static IPv6 addresses using the full 128-bit address. However, you can also configure IPv6 prefixes only letting the router deduce the rest of the IPv6 address. We are going to cover this second type of IPv6 static address configuration next.
In the IPv6 world, end-user devices use DHCP (Dynamic Host Configuration Protocol) or SLAAC (Stateless Address Auto Configuration) to dynamically learn IPv6 addresses, while routers use static IPv6 addresses. There is just one way to configuration static IPv4 addresses where the complete address is hard-coded in router configuration. IPv6 is a little different and there are actually two options to configure static IPv6 addresses on router interfaces.
The first method that uses the ipv6 address command to define the entire 128-bit address has already been discussed in this chapter. The second method uses the same ipv6 address command to configure only the 64-bit IPv6 prefix for the interface letting the router automatically generate a unique interface ID. This second method uses a mechanism called EUI-64 (extended unique identifier). The configuration includes the eui-64 keyword to inform the router it has to use EUI-64 rules to create the interface ID portion of IPv6 address.
- Split the 12-hex-digit (6-byte/48-bit) MAC address into two halves of 6 hex digits each.
- Insert hexadecimal FFFE in between the two halves making a total of 16 hex digits or 8 bytes/64 bits.
- Invert seventh bit of the first byte in the 64-bit string, reading from left to right.
The following graphic elaborates these concepts for a router interface that has C200.1B2C.0000 as its MAC address.
Figure 14-5 EUI-64 Interface ID Calculation
The final step in the EUI-64 process requires you to convert the first byte (two hex digits) from hex to binary, invert the seventh bit, and convert the bits back to hex. Inverting the bit means making it a 1 if it’s 0 and making it a 0 if it’s 1.
The best way to master these EIU-64 interface IDs is to calculate some yourself. You may find out the burned-in address of a router interface using the show ipv6 interface command.
You can then calculate the EUI-64 interface ID yourself using the MAC address of an interface. You may proceed to assign an EUI-64 address to the interface and verify if the interface ID calculated by the router matches the one you calculated. It can be a fun way to learn EUI-64 addressing for your CCNA exams. We will show you shortly how to assign EUI-64 addresses to router interfaces.
In this example, we are going to assign EUI-64 address to FastEthernet0/0 of R1 using 2001:DB8:1:1::/64 as the 64-bit prefix.
You may list the EUI-64 address using the show ipv6 interface brief command and compare the interface ID portion C000:1BFF:FE2C:0 calculated by the router to the one you calculated yourself from the burned-in address (C200.1B2C.0000).
The example shows EUI-64 address being assigned to a serial interface as well. Now, we know that serial interfaces do not have MAC addresses but the serial interface not only accepted the EUI-64 configuration but also got an EUI-64 address assigned. So, what’s really going on here. Cisco routers actually use the MAC address of the lowest-numbered router interface that does have a MAC to provide MAC address to serial and other interfaces that do not have MAC addresses of their own. In this example, R1 uses the MAC address of its FastEthernet0/0 interface to form the EUI-64 interface ID of the serial interface.
IPv6 Dynamic Address Configuration
IPv6 addresses configured statically are the more natural choice for router interfaces. However, routers can also be configured to use dynamically learned IPv6 addresses. Cisco routers can dynamically learn IPv6 addresses using:
- Stateful DHCP (Dynamic Host Configuration Protocol)
- SLAAC (Stateless Address Autoconfiguration)
Both of these methods use the usual ipv6 address command with the appropriate keyword, though none of these two methods configures the actual IPv6 address.
IPv6 Link-Local Address Configuration
IPv6 link-local addresses are a special kind of unicast addresses. These addresses are not used for regular user traffic flows. These addresses are rather used by other protocols as well as for routing. Each IPv6 host including routers uses an additional unicast address called a link-local address. The most important fact to remember about link-local addresses is that routers do not forward packets that have a link-local address as its destination address. Many IPv6 protocols function between directly connected routers and need to send messages on a single subnet only. These IPv6 protocols such as NDP (Neighbor Discovery Prtocol) use link-local addresses.
IPv6 routers also use link-local addresses as the next-hop address in IPv6 routes. IPv6 hosts have the concept of a default gateway (router) similar to IPv4, but hosts refer to the link-local address of the gateway instead of the router address in the same subnet. The show ipv6 route command lists the link-local address of the next hop router and not the global unicast or unique local unicast address.
The following list summarizes important information about link-local addresses:
- Unicast: Link-local addresses are unicast and packets sent to a link-local address reach a single IPv6 host.
- Forwarding Scope: Packets sent to a link-local address never leave the local data link as routers never forward packets sent to a link-local address.
- Automatic: These addresses are available for use even before hosts can dynamically learn a global unicast address. Every interface on an IPv6 router automatically generates its own link-local address.
- Uses: IPv6 link-local addresses are use by several overhead protocols and as next-hop address of IPv6 routes.
IPv6 hosts and routers can autonomously calculate their own link-local addresses, for each interface. There are two parts of a link-local address: a prefix and the interface ID. The first ten bits of a link-local address, by definition, are FE80::/10 while the next 56 bits should be binary 0. As a result, a link-local address should always start with FE80:0000:0000:0000 that covers the first 64 bits of the address. The second half of a link-local address, can be formed with different rules depending on the platform. Cisco routers use EUI-64 for interface ID part of link-local addresses. Host operating systems have their own way of generating interface IDs. For example, Microsoft Windows variants use a random process to choose the interface ID and change it over time as well.
The Cisco IOS Software automatically configures a link-local address for any interface that has at least one unicast address configured using the ipv6 address command. So, there is no configuration separately needed for link-local addresses. The usual show ipv6 interface and show ipv6 interface brief can be used to display link-local addresses as well.
You can see in the output above that R1 has configured highlighted link-local addresses on FastEthernet0/0 and Serial0/0. Please note that the two mentioned interfaces are already configured with global unicast addresses. The router uses the EUI-64 rules for automatic calculation of link-local addresses even if the interface unicast address does not use EUI-64.
You can also use the ipv6 address address link-local command in interface configuration mode to configure link-local addresses. The configured link-local address must be from the permissible range of link-local addresses from the FE80::/10 prefix. In other words, the address must begin with FE8, FE9, FEA, or FEB.
IPv6 Multicast Address Configuration
IPv6 has the concept of multicast addresses that are used for a variety of purposes. Overhead protocols often use multicast addresses to simultaneously send multicast packets to multiple IPv6 hosts. Application programs also use multicast addresses to send IPv6 packets to multiple hosts at a time saving bandwidth on intermediate network links.
IPv6 multicast addresses can have either a link-local scope or an organizational-local scope. The addresses with link-local scope imply that a packet sent to that address should be confined to the local link. The addresses with organization-local scope can be routed to other subnets inside the organization.
IANA (Internet Assigned Numbers Agency) reserves the bulk of IPv6 addresses from the prefix FF00::/8 for IPv6 multicast. Further, the multicast address from the sub-range FF02::/16 are reserved by IANA for link-local scope. The following table lists some of the most commonly used IPv6 multicast addresses with link-local scope.
Table 14-3 IPv6 Multicast Addresses with Link-Local Scope
|FF02::1||All IPv6 nodes||All interfaces with IPv6 addresses that are present on the local data link|
|FF02::2||All IPv6 routers||All IPv6 router interfaces on the localdata link|
|FF02::5,FF02::6||All OSPFv6 routers,All OSPFv6 DRs||All OSPFv6 routers, and all OSPFv6 designated routers, respectively|
|FF02::A||All EIGRPv6 routers||All EIGRPv6 speaking routers on the local data link|
The output of show ipv6 interface command lists the multicast addresses used by the router on the interface. In this case, the highlighted multicast addresses include FF02::1 (all nodes), FF02::2 (all routers), and FF02::A (EIGRPv6).
We will briefly discuss solicited-node multicast addresses to round off the coverage of IPv6 addressing in this chapter. These addresses provide a destination address so that one packet can be sent in an IPv6 subnet with link-local scope to all hosts whose unicast addresses have the same value in the last six hexadecimal digits. In other words, the solicited-node multicast address for a particular host is a multicast address with link-local scope based on only the last six hex digits of the unicast IPv6 address of the same host. All host having the same value in the last six hex digits of their IPv6 unicast addresses, will have the same solicited-node multicast address. Each host must listen for IPv6 packets sent to its solicited-node multicast address.
Let’s have another look at the output of show ipv6 interface command shown earlier as well. The last two multicast addresses highlighted below are solicited-node multicast addresses!
All routers in a network must learn routes to all subnets in the network to make sure a host in one part of the network can reach hosts in all other parts of the network. The logic just described applies to IPv6 just like it applies to IPv4. Any router running IPv6 maintains an IPv6 routing table and adds IPv6 routes to it based on the following:
- Connected and Local Routes: These routes are added as a consequence of configuration of IPv6 addresses on interfaces.
- Static Routes: These routes are added by manual configuration.
- Dynamic Routes: These routes are added by dynamic routing protocols like OSPFv3 and EIGRP for IPv6.
Connected and Local Routes
The most efficient and scalable way to achieve end-to-end connectivity is to use a dynamic IPv6 routing protocol, like OSPFv3 (Open Shortest Path First version 3) and EIGRP (Enhanced Interior Gateway Routing Protocol) for IPv6. These dynamic routing protocols for IPv6 are good at what they do but they are complex to understand and configure. There are other simpler ways that routers can add IPv6 routes to their routing tables namely, connected, local, and static routes.
IPv6 makes use of connected and local routes in a way similar to IPv4. IPv6 static routes are configured using the ipv6 route command instead of ip route command used for IPv4.
IPv6 makes use of dynamic routing protocols like OSPFv3 and EIGRPv6 to dynamically propagate IPv6 routing information across a routing domain. The routes learned by IPv6 routers via dynamic routing protocols are dynamic routes. We will cover both OSPFv3 and EIGRPv6 in details just shortly in this chapter. You will see how similar these two protocols really are to their IPv4 counterparts.