Ch.8 Dynamic IPv6 Address Allocation CIS 116 IPv6 Fundamentals Rick Graziani Cabrillo College Rick.Graziani@cabrillo.edu
Dynamic IPv6 Address Allocation
DHCPv4 Ack DHCPv4 Discover 1 DHCPv4 Offer 2 DHCPv4 Request 3 4 DHCPv4 Server IPv4 Client DHCPv4 Discover Broadcast 1 DHCPv4 Offer Unicast 2 DHCPv4 Request Broadcast 3 DHCPv4 Ack Unicast 4
Internet Control Message Protocol for IPv6 ICMPv6 Internet Control Message Protocol for IPv6 Described in RFC 4443 Much more robust than ICMP for IPv4 Contains new functionality and improvements. More than just “messaging” but “how IPv6 conducts business”. Including ICMPv6 Neighbor Discovery (RFC 4861) – used in dynamic address allocation. Note: ICMPv6 is discussed in detail in Lesson 9, ICMPv6 ND in later chapters. More in lesson 4
“Introducing” ICMPv6 Neighbor Discovery ICMPv6 informational messages used by Neighbor Discovery (RFC 4861): Router Solicitation Message Router Advertisement Message Used for dynamic address allocation. Neighbor Solicitation Message Neighbor Advertisement Message Used with address resolution (IPv4 ARP) and with DAD Redirect Message (Similar to ICMPv4) Router-Device Messaging Device-Device Messaging
It Begins with the RA Message Multicast: To all IPv6 routers, I need IPv6 address information ICMPv6 Router Advertisement ICMPv6 Router Solicitation DHCPv6 Server Multicast: To all IPv6 devices, let me suggest to you how to do this … I might not even be needed. An ICMPv6 Router Advertisement (RA) suggests to all IPv6 devices on the link how it will receive IPv6 Address Information. Sent periodically by an IPv6 router or… … when the router receives a Router Solicitation message from a host.
It Begins with the RA Message ICMPv6 Router Advertisement DHCPv6 Server Router(config)# ipv6 unicast-routing Router Advertisement (RA) Message Part of ICMPv6 (Internet Control Message Protocol for IPv6) RA messages are sent by an “IPv6 router” An IPv6 router (ipv6 unicast-routing command): Forwards IPv6 Packets Enables IPv6 static and dynamic routing Sends ICMPv6 Router Advertisements Note: Routers can be configured with IPv6 addresses without being an IPv6 router.
Router Advertisement: 3 Options Option 1 and 2: Stateless Address Autoconfiguration DHCPv6 Server does not maintain state of addresses Option 3: Stateful Address Configuration Address received from DHCPv6 Server DHCPv6 Router(config)# ipv6 unicast-routing DHCPv6 Server Option 1: SLAAC – No DHCPv6 (Default on Cisco routers) “I’m everything you need (Prefix, Prefix-length, Default Gateway)” Option 2: SLAAC + Stateless DHCPv6 for DNS address “Here is my information but you need to get other information such as DNS addresses from a DHCPv6 server.” (DNS can be in RA) Option 3: All addressing except default gateway use DHCPv6 “I can’t help you. Ask a DHCPv6 server for all your information.” RA Option 1 technically isn’t everything as there’s no DNS server or domain name info (RFC 6106). Need both the router to support the sending of the info and the end system to know what to do w/ it. For option 3, you still need to control the SLAAC process w/ the RA’s (e.g. how the prefix in the RA should be used) otherwise the end system will end up a DHCP and SLAAC address
Global Unicast Address Manual Dynamic Chapter 8 Static IPv6 unnumbered Stateless Stateful SLAAC Chapter 9 DHCPv6 Chapter 11 Static + EUI 64 SLAAC + DHCPv6 Chapter 10 Three methods of IPv6 Address Allocation Method 1: Stateless Address Autoconfiguration (SLAAC) Method 2: SLAAC and a stateless DHCPv6 server Method 3: Stateful DHCPv6 server DHCPv6-PD Chapter 11
Client Configuration
R1(config)# ipv6 unicast-routing 2001:db8:cafe:1::/64 R1 G0/0 GUA ::1 LLA fe80::1 I need an RA message to know how to obtain my addressing information dynamically. WinPC LLA fe80::d0f8:9ff6:4201:7086 1 Here is my suggestion on how to get your GUA address and other information. ICMPv6 Router Solicitation Message Source IPv6 Address: fe80::d0f8:9ff6:4201:7086 (LLA) Destination IPv6 Address: ff02::2 (All IPv6 Routers) 2 ICMPv6 Router Advertisement Message Source IPv6 Address: fe80::1 (LLA) Destination IPv6 Address: ff02::1 (All IPv6 devices)
Router Advertisement Flags RA Address Allocation Method A Flag (SLAAC) Default: On O Flag (Stateless DHCPv6) Default: Off M Flag (Stateful DHCPv6) Method 1: SLAAC (default) 1 (on) 0 (off) Method 2: SLAAC and stateless DHCPv6 Method 3: Stateful DHCPv6 N/A RA message contains three flags to tell a device how to obtain or create its global unicast address: Address Autoconfiguration flag (A flag): When set to 1 (on), this flag tells the receiving host to use SLAAC to create its global unicast address. Other Configuration flag (O flag): When set to 1 (on), this flag tells the host to get other addressing information, other than its global unicast address, from a stateless DHCPv6 server. Managed Address Configuration flag (M flag): When set to 1 (on), this flag tells the host to use a stateful DHCPv6 server for its global unicast address and all other addressing information.
Changing the defaults (more later) The Address Autoconfiguration flag (A flag) has a default setting of 1. To set the A flag to 0, use the following syntax: Router(config)# interface interface-type/interface-number Router(config-if)# ipv6 nd prefix prefix/prefix-length no-autconfig The Other Configuration flag (O flag) has a default setting of 0. To set to the O flag to 1, use the following syntax: Router(config-if)# ipv6 nd other-config-flag The Managed Address Configuration flag (M flag) has a default setting of 0. To set the M flag to 1, use the following syntax: Router(config-if)# ipv6 nd managed-config-flag
Method 1: SLAAC Only 2001:db8:cafe:1::/64 R1 WinPC 1 ICMPv6 RS Message R1(config)# ipv6 unicast-routing 2001:db8:cafe:1::/64 GUA ::1 G0/0 LLA fe80::1 R1 WinPC LLA fe80::d0f8:9ff6:4201:7086 1 ICMPv6 RS Message ICMPv6 RA Message Method 1: SLAAC Only A Flag = 1 (On) O Flag = 0 (Off) M Flag = 0 (Off) 2 3 Use RA message to create GUA address and for all other information.
Method 2: SLAAC with Stateless DHCPv6 R1(config)# ipv6 unicast-routing 2001:db8:cafe:1::/64 GUA ::1 G0/0 LLA fe80::1 R1 R1(config)# interface g 0/0 R1(config-if)# ipv6 nd other-config-flag WinPC LLA fe80::d0f8:9ff6:4201:7086 Stateless DHCPv6 Server 1 ICMPv6 RS Message ICMPv6 RA Message Method 2: SLAAC and Stateless DHCPv6 A Flag = 1 (On) O Flag = 1 (On) M Flag = 0 (Off) 2 3 Use RA message to create GUA address and for other information Get additional information from stateless DHCPv6 server. 4
Method 3: Stateful DHCPv6 R1(config)# ipv6 unicast-routing 2001:db8:cafe:1::/64 GUA ::1 G0/0 LLA fe80::1 R1 R1(config)# interface g 0/0 R1(config-if)# ipv6 nd prefix 2001:db8:cafe:1::/64 no-autoconfig R1(config-if)# ipv6 nd managed-config-flag WinPC LLA fe80::d0f8:9ff6:4201:7086 Stateful DHCPv6 Server 1 ICMPv6 RS Message 2 ICMPv6 RA Message Method 3: Stateful DHCPv6 A Flag = 0 (Off) O Flag = 0 (Off) M Flag = 1 (On) 3 Only use the source IPv6 address of the RA message for the default gateway address. A global unicast address and all other information is available from a stateful DHCPv6 server. 4
Server Relay Agent Client :1 G0/1 :1 2001:DB8:CAFE:2/64 RELAY-FORWARD DHCPv6 DHCPv6 Server 2001:DB8:CAFE:9::55 Three DHCPv6 terms are identical to their counterparts in DHCPv4: DHCPv6 client: A DHCPv6 client initiates the process by sending a request to obtain its configuration parameters from one or more DHCPv6 servers. DHCPv6 server: Responds to the DHCPv6 requests from DHCPv6 clients. DHCPv6 relay agent: An intermediary device—typically a router—that receives the client’s request and forwards it to one or more DHCPv6 servers on another network.
Other terminology to be discuss in later chapters DUID (DHCP Unique Identifier): Every DHCPv6 participant, client, and server has a DUID that uniquely identifies the device. Each DHCPv6 server and client has exactly one DUID. IA (Identity Association): An IA is a collection of addresses assigned to a client. A client has at least one IA assigned for each interface using the services of DHCPv6. Each IA has an IAID (Identity Association Identifier) that is used to uniquely identify the ID and is assigned by the client. IAID (Identity Association Identifier): Each IA has an IAID that is chosen by the client and is unique among all IAIDs belonging to that client. The IAID identifies a specific interface on the device. Each interface on the DHCPv6 client or server is identified using an IAID.
DUID (DHCP Unique Identifier) Every DHCPv6 participant has one DUID that uniquely identifies the device IAID (Identity Association Identifier) Identifies a specific interface on the device IAID IA (Identity Association) collection of addresses assigned to a client IAID IAID