Dynamic Host Configuration Protocol for IPv6



Similar documents
Cisco IOS Public-Key Infrastructure: Deployment Benefits and Features

How To Get A New Phone System For Your Business

Cisco Conference Connection

CISCO CONTENT SWITCHING MODULE SOFTWARE VERSION 4.1(1) FOR THE CISCO CATALYST 6500 SERIES SWITCH AND CISCO 7600 SERIES ROUTER

Cisco Router and Security Device Manager Dial-Backup Solution

PUBLIC KEY INFRASTRUCTURE CERTIFICATE REVOCATION LIST VERSUS ONLINE CERTIFICATE STATUS PROTOCOL

CISCO METRO ETHERNET SERVICES AND SUPPORT

Cisco IT Data Center and Operations Control Center Tour

CISCO PIX SECURITY APPLIANCE LICENSING

CISCO IP PHONE SERVICES SOFTWARE DEVELOPMENT KIT (SDK)

Cisco CNS NetFlow Collection Engine Version 4.0

NetFlow Feature Acceleration

THE CISCO CRM COMMUNICATIONS CONNECTOR GIVES EMPLOYEES SECURE, RELIABLE, AND CONVENIENT ACCESS TO CUSTOMER INFORMATION

CISCO MDS 9000 FAMILY PERFORMANCE MANAGEMENT

Cisco CNS NetFlow Collection Engine Version 5.0

CISCO NETWORK CONNECTIVITY CENTER

Cisco Secure Access Control Server Solution Engine

Cisco 2-Port OC-3/STM-1 Packet-over-SONET Port Adapter

It looks like your regular telephone.

CISCO WIRELESS SECURITY SUITE

CISCO IOS IP SERVICE LEVEL AGREEMENT

Cisco Router and Security Device Manager File Management

CISCO IOS SOFTWARE FEATURE PACKS FOR THE CISCO 1700 SERIES MODULAR ACCESS ROUTERS AND CISCO 1800 SERIES (MODULAR) INTEGRATED SERVICES ROUTERS

Cisco GLBP Load Balancing Options

CISCO SMALL AND MEDIUM BUSINESS CLASS VOICE SOLUTIONS: CISCO CALLMANAGER EXPRESS BUNDLES

THE BUSINESS CASE FOR MANAGED SERVICES IN SMALL AND MEDIUM-SIZED BUSINESSES

E-Seminar. Financial Management Internet Business Solution Seminar

Cisco Blended Agent: Bringing Call Blending Capability to Your Enterprise

HIGH-DENSITY PACKET VOICE DIGITAL SIGNAL PROCESSOR MODULE FOR CISCO IP COMMUNICATIONS SOLUTION

IS YOUR OLD PHONE SYSTEM HANGING UP YOUR DISTRICT? CISCO K 12 DIRECT LINE SOLUTION FOR IP COMMUNICATIONS

CISCO IOS SOFTWARE RELEASES 12.4 MAINLINE AND 12.4T FEATURE SETS FOR THE CISCO 3800 SERIES ROUTERS

Figure 1. The Cisco Aironet Power Injectors Provide Inline Power to Cisco Aironet Access Points and Bridges

CISCO 7304 SERIES ROUTER PORT ADAPTER CARRIER CARD

Cisco 7200 and 7500 Series Routers

NETWORK AVAILABILITY IMPROVEMENT SUPPORT OPERATIONAL RISK MANAGEMENT ANALYSIS

Cisco IOS Telephony Services Survivable/Standby Remote Site Telephony

Cisco PBX Interoperability: Lucent/Avaya Definity G3si V7 PBX with CallManager using Analog FXS and FXO Interfaces as an MGCP Gateway

Combined voice and data solution supports Orange s ongoing success in the UK business market

CISCO IOS SOFTWARE RELEASES 12.4 MAINLINE AND 12.4T FEATURE SETS FOR THE CISCO 2800 SERIES ROUTERS

Cisco Solution Incentive Program Asia Pacific

Cisco Systems GigaStack Gigabit Interface Converter

Cisco SMB Class Solutions Your Next Phone System Purchase

Cisco WebEx Social Compatibility Guide

IP Networking and the Advantages of consolidation

Cisco Aironet 1130AG Series

CISCO AIRONET POWER INJECTOR

CISCO ATA 186 ANALOG TELEPHONE ADAPTOR

CISCO SFP OPTICS FOR PACKET-OVER-SONET/SDH AND ATM APPLICATIONS

CISCO CATALYST 3750 SERIES SWITCHES

Cisco Outbound Option

CISCO ISDN BRI S/T WIC FOR THE CISCO 1700, 1800, 2600, 2800, 3600, 3700, AND 3800 SERIES

CISCO NETWORK CONNECTIVITY CENTER MPLS MANAGER 1.0

CISCO MEETINGPLACE FOR OUTLOOK 5.3

CISCO ATA 188 ANALOG TELEPHONE ADAPTOR

Serial Connectivity Network Modules for the 2600, 3600, and 3700 Series (NM-1HSSI, NM-4T, NM-4A/S, NM-8A/S, NM-16A/S, NM-16A, NM-32A)

CISCO MEETINGPLACE MANAGED SERVICE

E-Seminar. E-Commerce Internet Business Solution Seminar

Internal IT Staff at a Serbian Children s Hospital Takes Innovative Approach to Outpatient Care

Cisco 7200 Series Enterprise WAN Aggregation Application

Cisco AVVID Network Enterprise Data Center Solution Overview

Cisco 2600XM DSL Router Bundles

CISCO IP PHONE EXPANSION MODULE 7914

Cisco IOS Firewall Intrusion Detection System

CISCO CATALYST 6500 SERIES CONTENT SWITCHING MODULE

CISCO CATALYST 6500 SUPERVISOR ENGINE 32

Cisco Catalyst 6500 Series/Cisco 7600 Series Supervisor Engine 720-3BXL

Cisco Intelligent Contact Management Enterprise Edition

Cisco Unified IP Conference Station 7936

CISCO 10GBASE X2 MODULES

Cisco IT Data Center and Operations Control Center Tour

How To Outtask Metro Ether To A Managed Service Provider

CISCO CALLMANAGER EXPRESS 3.2

Enabling High Availability for Voice Services in Cable Networks

CISCO SMARTNET SUPPORT AND CISCO SMARTNET ONSITE

World Consumer Income and Expenditure Patterns

IP Communications for Small Offices Using Cisco CallManager Express and Cisco Unity Express

Cisco Systems Brings World-Class Online Banking Solutions to State Bank of India

CISCO ISDN BRI S/T WIC FOR THE CISCO 1700, 1800, 2600, 2800, 3600, 3700, AND 3800 SERIES

Cisco PIX Device Manager v3.0

The Palace of Versailles Goes Digital, Increasing Revenue and Enhancing Overall Visitor Experience

How To Connect A Cisco Aironet 350 Series Wireless Bridge To A Network With A Wireless Bridge

CISCO 100BASE-X SFP FOR FAST ETHERNET SFP PORTS

PREVENTING WORM AND VIRUS OUTBREAKS WITH CISCO SELF-DEFENDING NETWORKS

Appendix 1: Full Country Rankings

CISCO 7609 ROUTER ENHANCED 9-SLOT CHASSIS

What is network convergence all about?

Enterprise Reporting

Configuring DHCP for ShoreTel IP Phones

BT Premium Event Call and Web Rate Card

CISCO DISTRIBUTED DENIAL OF SERVICE PROTECTION SOLUTION: LEADING DDOS PROTECTION FOR SERVICE PROVIDERS AND THEIR CUSTOMERS

SERIAL AND ASYNCHRONOUS HIGH-SPEED WAN INTERFACE CARDS FOR CISCO 1800, 2800, AND 3800 SERIES INTEGRATED SERVICES ROUTERS

Reporting practices for domestic and total debt securities

Optical Service Modules: OC-3/STM-1, OC-12/STM-4 and OC-48/STM-16 POS, OC-12/STM-4 ATM, Gigabit Ethernet WAN, Channelized T3 (CT3) and OC12/STM-4

DATA SHEET. GigaStack GBIC THE CISCO SYSTEMS GIGASTACK GIGABIT INTERFACE CONVERTER (GBIC) IS A VERSATILE, LOW-COST,

Foreign Taxes Paid and Foreign Source Income INTECH Global Income Managed Volatility Fund

Transcription:

Application Note Dynamic Host Configuration Protocol for IPv6 1 Introduction The current development of the IPv6 Internet and the IPv6 address allocation recommendation [RIPE267] has led to the need for Internet Service Providers (ISPs) to offer relatively large address blocks to an increasing number of customers. Every site with justification for more than one link is entitled to receive a /48 prefix allocation. IPv6 enables simple, automatic host configuration [RFC 2461]. Conversely, there was nothing in the initial specification to automatically delegate a prefix to a router; so manual configuration was the only option. Several proposals recently attempted to solve this issue [MIYAKAWA]. Service Providers who deploy IPv6 have Dynamic Host Configuration Protocol version 6 (DHCPv6) and its prefix delegation (PD) extension [PD]. DHCPv6 Prefix Delegation is deployed in a stateful fashion at the Service Provider border router and distributes relatively long-lived /48 prefixes to customers. DHCPv6 performs a similar function to DHCPv4, and can also offer parameters such as DNS server and default domain names in a stateless manner. This document will focus on Cisco IOS Software DHCPv6, which was introduced in Cisco IOS Software Release 12.3(4)T. The same level of functionality will be provided in a future release of the Cisco IOS Software Release 12.2S family. 2 Architecture The deployment and nature of IPv6 have highlighted operational requirements that differ from IPv4. That is particularly true for access technologies; for example, IPv6 enables long-lived address allocation, as there are much more IPv6 addresses available. Furthermore, this long-lived allocation encompasses not just one address but also an entire prefix. Static allocation is also a requirement resulting from the foreseen proliferation of servers, typically home appliances and game stations. Those servers must be accessed via a DNS entry, consequently preventing the usage of temporary addresses. This option was not possible with IPv4, because of the IPv4 address shortage. Furthermore IPCP suffered from the inability to deliver more than a single address to end-customers. 2.2 Offering a Prefix IPv6 brought a significant improvement to automatic host configuration. The router advertisements [RFC 2461] contain the /64 prefix used on a given link and, from there, the host can complete its IPv6 address [RFC2462]. 2.2 Numbering Sites Another challenge is to offer a prefix to a site with several links. The appropriate prefix is shorter than 64 bits (as it must number several links), is not temporary All contents are Copyright 1992 2003 All rights reserved. Important Notices and Privacy Statement. Page 1 of 13

(as the customer is not willing to renumber frequently), and is administratively assigned in the Service Provider database to a particular customer. Delegating a prefix to an entire site is commonly a stateful operation, as the Service Provider routing scheme must always know where a site topologically resides; a packet targeted to a site must be routed back to the site. This topological information is used to insert a route in a routing table and make the site reachable. DHCPv6 PD fulfils the aforementioned requirements and offers a mechanism to delegate prefixes shorter than /64 to remote sites. The Cisco IOS Software DHCPv6 function runs in routers. It is based on RFC3315 DHCPv6 specification. Prefix Delegation [PD] and DNS [DNS] DHCPv6 options are supported and allow distribution of a prefix, as well as a list of DNS servers and domain names. The Cisco IOS Software DHCPv6 client and server are specifically intended as a PD solution and do not implement the entire DHCPv6 protocol. Cisco IOS Software DHCPv6 currently implements PD, the rapid-commit mechanism, stateless DHCPv6 ("DHCPv6-lite"), and the following: Client Identifier option Server Identifier option Option Request option Preference option Status Code Option Rapid Commit option Identity Association for Prefix Delegation option (IA_PD option) IA_PD Prefix option Domain Name Server option Domain Search List option 3 Deploying DHCPv6 PD A Service Provider that offers connectivity to remote sites is likely to deploy its network in a topology depicted in figure 1. Figure 1 generically describes the access part of the Service Provider network and does not assume the use of a particular link-layer or technique. This typical scenario needs solutions to be found in different areas: 1. Numbering of the PE-CPE link with global addresses (link-local addresses can be used but does not help network management) 2. Authentication of connecting CPE 3. CPE Prefixes database 4. Injection of the downstream link network and delegated customer prefixes in the ISP routing 5. Delegation of a shorter than /64 prefix to the CPE router 6. Auto-configuration of hosts on links attached to the CPE router: IPv6 addresses, Internet parameters All contents are Copyright 1992 2003 All rights reserved. Important Notices and Privacy Statement. Page 2 of 13

Figure 1 Key Problems In a Service Provider Edge Network Host ISP Radius Server ISP PE 1 CPE Host 2 3, 4 5 6 DHCPv6 PD (stateful DHCPv6) is the solution to aforementioned problems 3, 4, and 5. DHCPv6 PD delegates prefixes from the PE to the CPE and operates on the PE-CPE link. Cisco IOS Software currently requires the PE router to store the DHCPv6 delegated prefixes. A local database is maintained on the PE for all the connecting CPEs. The stored DHCP Unique Identifier (DUID) of the CPE indexes the binding between a given prefix and the corresponding CPE. The ISP-maintained Radius database performed CPE (user) authentication. This Radius database contains username/ password couples, as well as corresponding /64 prefixes numbering the PE-CPE link (see section 3.1.3 for details). This provides a solution to problems 1 and 2. Standard auto-configuration mechanisms as well as stateless DHCPv6 solve problem 6. This is covered in section 4 of this document. Figure 2 Proposed Solution For Prefix Delegation in a Service Provider Edge Network ISP Radius Server 2 3, 4 PE ISP 1 CPE 7, 8 Host 5, 6 9, 10 AAA DHCPv6 ND/DHCPv6 The tasks to complete in order to implement the proposed solution are as follows: 1. A PPP link is established over a Layer 1 link between the CPE and the PE routers. The CPE router authenticates itself by username in the PPP authentication phase of the negotiation. PPP is not mandatory (Ethernet could also be used), but it does offer client authentication. 2. From the username contained in the PPP negotiation, a Radius request [RFC3162] is sent to the Service Provider Radius server. In the case of a valid username/password pair, the result of this request returns a /64 prefix to the PE. This prefix is then included in RA messages sent on the link connected to the CPE. The corresponding /64 prefix route is injected into the Service Provider routing system. 3. When the link between the CPE and the PE comes up, the CPE issues a DHCPv6 SOLICIT message to discover DHCPv6 servers on the link. 4. The PE router, acting as a DHCPv6 server, sends a DHCPv6 OFFER message. All contents are Copyright 1992 2003 All rights reserved. Important Notices and Privacy Statement. Page 3 of 13

5. The CPE router uses this piece of information to issue a DHCPv6 REQUEST message to acquire a /48 prefix from the PE router. Note that this sequence of messages may vary. Other options are possible (section 3.1.4). 6. The PE responds with a DHCPv6 REPLY message, including the /48 prefix assigned to this particular CPE. This response may include Internet configuration items (i.e.: DNS servers addresses, domain list). A /48 static route is automatically inserted in the PE routing table for the duration of the PPP connection. The DHCPv6 bindings (between CPE identifiers and prefixes) are stored locally on the PE. 7. The received prefix is used by the CPE as a general prefix. From this /48 prefix, the CPE derives (by configuration) /64 prefixes to assign to connected interfaces. 8. The CPE interfaces configured as above start sending Router Advertisement messages on the corresponding links. Hosts on the links auto-configure their respective IPv6 interface addresses accordingly. 9. The O-bit may be set in the Router Advertisement messages sent by the CPE, so hosts on the link will know that other configuration parameters should be retrieved statelessly. They can then issue a DHCPv6 INFORMATION-REQUEST message to retrieve Internet parameters (i.e.: DNS servers addresses, domain list) 10. The CPE or an external DHCPv6 server on the same link builds a DHCPv6 REPLY message with the responses to the parameters requested by the hosts. 3.1 Configuration The Cisco IOS Software Command Line Interface (CLI) allows each interface to be independently configured to run as a DHCPv6 PD server or client. The stateful DHCPv6 PD scenario involves at least two routers: PE and CPE routers (see Figure 1). Typically the PE is the server and the CPE plays the client role. Prefixes can be delegated to a client through a manually configured binding for the client or dynamically from a pool of available prefixes (section 3.1.1 shows static bindings). The scenario described here is a Fiber To The Home (FTTH) environment, in which connectivity is delivered to the users via Ethernet. 3.1.1 Provider Edge Router The PE router is responsible for distributing prefixes to CPE routers. In the case in which the CPE is the gateway of a site of more than one link, the allocated prefix is typically a /48 to follow current recommendation [RIPE267]. The configuration below describes the most common case, in which a /48 prefix is assigned individually to a specific client (router). A DHCPv6 pool is created (foo). Two different /48 prefixes (2001:7:7::/48 and 2001:8:8::/48) are assigned to two different clients indexed by they DHCPv6 Unique Identifier (DUID). DNS server and domain name are also configured as part of the pool. Authentication of each end-user is provided with PPPoE. All contents are Copyright 1992 2003 All rights reserved. Important Notices and Privacy Statement. Page 4 of 13

Interface Virtual-template1 is configured to offer prefixes from the DHCPv6 pool foo. vpdn enable vpdn-group pppoe accept-dialin protocol pppoe virtual-template 1 ipv6 dhcp pool foo prefix-delegation 2001:7:7::/48 0003000100055FAF2C08 prefix-delegation 2001:8:8::/48 0003000100055FAC1808 The DUID for a client is discovered with the show ipv6 dhcp command. dns-server 2001:4::1 domain-name cisco.com interface Virtual-Template1 ipv6 enable no ipv6 nd suppress-ra ipv6 dhcp server foo ppp authentication chap interface FastEthernet1/0 pppoe enable Cisco IOS Software also enables the creation of a pool of prefixes attached to a DHCPv6 pool. In this case, the prefixes are distributed independently of client identity, so each client does not get a permanent prefix but a prefix subject to change at connection time. This is not the preferred method to take full advantage of the IPv6 permanent large address allocations. 3.1.2 Customer Premise Equipment Router The CPE router is configured to send DHCPv6 SOLLICIT messages on interface Dialer1. This interface is configured to accept Router Advertisements from the PE to configure its own IPv6 address. All contents are Copyright 1992 2003 All rights reserved. Important Notices and Privacy Statement. Page 5 of 13

Through the use of the general-prefix concept, prefix DH-PREFIX is used to number interface FastEthernet 0/1: the first 48 bits are coming from prefix DH-PREFIX, the last 16 bits are specified under the interface itself to build a complete /64 prefix. vpdn enable vpdn-group 1 request-dialin protocol pppoe interface FastEthernet0/1 ipv6 address DH-PREFIX 0:0:0:1::/64 eui-64 interface FastEthernet0/0 pppoe enable pppoe-client dial-pool-number 1 interface Dialer1 no ip address encapsulation ppp dialer pool 1 dialer-group 1 ipv6 address autoconfig ipv6 dhcp client pd DH-PREFIX ppp authentication chap callin ppp chap hostname dhcp ppp chap password 7 0300530816 ipv6 route ::/0 Dialer1 The prefix delegated to the client is used as the base for prefix assignments to other downstream interfaces. For example, if a CPE is delegated 2001:7:7::/48, it can assign 2001:7:7:0::/64, 2001:7:7:1::/64, to interfaces on links within the customer premises. The DHCPv6 messages exchange is listed here, by enabling DHCPv6 debugs. Sending SOLICIT: CPE#debug ipv6 dhcp detail *Mar 1 06:49:40.565: IPv6 DHCP: DHCPv6 changes state from IDLE to SOLICIT (START) on Dialer1 *Mar 1 06:49:41.539: IPv6 DHCP: Sending SOLICIT to FF02::1:2 on Dialer1 *Mar 1 06:49:41.539: IPv6 DHCP: detailed packet contents *Mar 1 06:49:41.539: src FE80::204:C1FF:FEDB:2E41 *Mar 1 06:49:41.539: dst FF02::1:2 (Dialer1) *Mar 1 06:49:41.539: type SOLICIT(1), xid 3730720 *Mar 1 06:49:41.539: option ELAPSED-TIME(8), len 2 *Mar 1 06:49:41.539: elapsed-time 0 *Mar 1 06:49:41.539: option CLIENTID(1), len 10 *Mar 1 06:49:41.539: 000300010004C1DB2E40 *Mar 1 06:49:41.539: option ORO(6), len 6 *Mar 1 06:49:41.539: IA-PD,DNS-SERVERS,DOMAIN-LIST *Mar 1 06:49:41.539: option IA-PD(33), len 12 *Mar 1 06:49:41.539: IAID 0x00040001, T1 0, T2 0 All contents are Copyright 1992 2003 All rights reserved. Important Notices and Privacy Statement. Page 6 of 13

Received ADVERTISE: *Mar 1 06:49:41.543: IPv6 DHCP: Received ADVERTISE from FE80::200:87FF:FE68:3155 on Dialer1 *Mar 1 06:49:41.543: IPv6 DHCP: detailed packet contents *Mar 1 06:49:41.543: src FE80::200:87FF:FE68:3155 (Dialer1) *Mar 1 06:49:41.543: dst FE80::204:C1FF:FEDB:2E41 *Mar 1 06:49:41.543: type ADVERTISE(2), xid 3730720 *Mar 1 06:49:41.543: option CLIENTID(1), len 10 *Mar 1 06:49:41.543: 000300010004C1DB2E40 *Mar 1 06:49:41.543: option SERVERID(2), len 14 *Mar 1 06:49:41.547: 0001000106A50960000087683154 *Mar 1 06:49:41.547: option DNS-SERVERS(25), len 16 *Mar 1 06:49:41.547: 2001:4::1 *Mar 1 06:49:41.547: option IA-PD(33), len 41 *Mar 1 06:49:41.547: IAID 0x00040001, T1 900, T2 1440 *Mar 1 06:49:41.547: option IAPREFIX(34), len 25 *Mar 1 06:49:41.547: preferred 1800, valid 3600, prefix 2001:DB8:AA00::/48 *Mar 1 06:49:41.547: option DOMAIN-LIST(26), len 20 *Mar 1 06:49:41.547: cisco.com Sending REQUEST: *Mar 1 06:49:42.545: IPv6 DHCP: Sending REQUEST to FF02::1:2 on Dialer1 *Mar 1 06:49:42.545: IPv6 DHCP: detailed packet contents *Mar 1 06:49:42.545: src FE80::204:C1FF:FEDB:2E41 *Mar 1 06:49:42.545: dst FF02::1:2 (Dialer1) *Mar 1 06:49:42.545: type REQUEST(3), xid 3732700 *Mar 1 06:49:42.545: option ELAPSED-TIME(8), len 2 *Mar 1 06:49:42.545: elapsed-time 0 *Mar 1 06:49:42.545: option CLIENTID(1), len 10 *Mar 1 06:49:42.545: 000300010004C1DB2E40 *Mar 1 06:49:42.545: option ORO(6), len 6 *Mar 1 06:49:42.545: IA-PD,DNS-SERVERS,DOMAIN-LIST *Mar 1 06:49:42.545: option SERVERID(2), len 14 *Mar 1 06:49:42.545: 0001000106A50960000087683154 *Mar 1 06:49:42.545: option IA-PD(33), len 12 *Mar 1 06:49:42.545: IAID 0x00040001, T1 0, T2 0 *Mar 1 06:49:42.549: IPv6 DHCP: DHCPv6 changes state from SOLICIT to REQUEST (ADVERTISE_RECEIVED) on Dialer1 All contents are Copyright 1992 2003 All rights reserved. Important Notices and Privacy Statement. Page 7 of 13

Received REPLY: *Mar 1 06:49:42.553: IPv6 DHCP: Received REPLY from FE80::200:87FF:FE68:3155 on Dialer1 *Mar 1 06:49:42.553: IPv6 DHCP: detailed packet contents *Mar 1 06:49:42.553: src FE80::200:87FF:FE68:3155 (Dialer1) *Mar 1 06:49:42.553: dst FE80::204:C1FF:FEDB:2E41 *Mar 1 06:49:42.553: type REPLY(7), xid 3732700 *Mar 1 06:49:42.553: option CLIENTID(1), len 10 *Mar 1 06:49:42.553: 000300010004C1DB2E40 *Mar 1 06:49:42.553: option SERVERID(2), len 14 *Mar 1 06:49:42.553: 0001000106A50960000087683154 *Mar 1 06:49:42.557: option DNS-SERVERS(25), len 16 *Mar 1 06:49:42.557: 2001:4::1 *Mar 1 06:49:42.557: option IA-PD(33), len 41 *Mar 1 06:49:42.557: IAID 0x00040001, T1 900, T2 1440 *Mar 1 06:49:42.557: option IAPREFIX(34), len 25 *Mar 1 06:49:42.557: preferred 1800, valid 3600, prefix 2001:7:7::/48 *Mar 1 06:49:42.557: option DOMAIN-LIST(26), len 20 *Mar 1 06:49:42.557: cisco.com *Mar 1 06:49:42.557: option UNKNOWN(27), len 16 *Mar 1 06:49:42.557: IPv6 DHCP: Option UNKNOWN(27) is not processed *Mar 1 06:49:42.557: IPv6 DHCP: Processing options *Mar 1 06:49:42.557: IPv6 DHCP: Adding prefix 2001:7:7::/48 to DH-PREFIX *Mar 1 06:49:42.557: IPv6 DHCP: T1 set to expire in 900 seconds *Mar 1 06:49:42.557: IPv6 DHCP: T2 set to expire in 1440 seconds *Mar 1 06:49:42.557: IPv6 DHCP: Configuring DNS server 2001:4::1 *Mar 1 06:49:42.561: IPv6 DHCP: Configuring domain name cisco.com *Mar 1 06:49:42.561: IPv6 DHCP: DHCPv6 changes state from REQUEST to OPEN (REPLY_RECEIVED) on Dialer1 Once the DHCPv6 process is completed, the CPE interfaces are configured this way: CPE#show ipv6 dhcp interface Dialer1 is in client mode State is OPEN Renew will be sent in 3d11h List of known servers: Address: FE80::200:87FF:FE68:3155 DUID: 000300010002FC3CA408 Preference: 0 Configuration parameters: IA PD: IA ID 0x00020001, T1 302400, T2 483840 Prefix: 2001:7:7::/48 preferred lifetime 604800, valid lifetime 2592000 expires at Sep 10 2002 01:30 AM (2591993 seconds) DNS server: 2001:4::1 Domain name: cisco.com Prefix name: DH-PREFIX Rapid-Commit: disabled CPE#show ipv6 interface FastEthernet0/1 Dialer1 is up, line protocol is up IPv6 is enabled, link-local address is FE80::205:5FFF:FEAF:2C38 Global unicast address(es): 2001:7:7:1::, subnet is 2001:7:7:1::/64 [PRE] valid lifetime 2591934 preferred lifetime 604734 All contents are Copyright 1992 2003 All rights reserved. Important Notices and Privacy Statement. Page 8 of 13

3.1.3 ISP Radius server For the case described in Section 3, the Radius profile for the CPE user contains a /64 prefix to assign to the PE-CPE link. dhcp@isp.net Password = secret Service-Type = Framed, Framed-Protocol = PPP, Cisco-AVpair = "ipv6:prefix#1=3ffe:ffff:5:5::/64", 3.1.4 Rapid Commit for Prefix Delegation Section 3 describes the basic method of requesting and delegating a prefix through DHCPv6. However DHCPv6 offers a certain level of flexibility and some tuning is possible. The message exchange between client and server can be simplified. By including the rapid-commit option in the SOLICIT message, the client requests the server to send a REPLY message immediately. The server has the possibility to deny the rapid-commit option and to send an ADVERTISE message as usual. The configurations shown in section 3.1 are modified as follows: 3.1.4.1 PE Router In this configuration, the DHCPv6 server is configured to accept the rapid-commit option from the client. interface Virtual-Template1 ipv6 dhcp server foo rapid-commit 3.1.4.2 CPE Router The client sets the rapid-commit option in its SOLLICIT message. interface Dialer1 ipv6 dhcp client pd DH-PREFIX rapid-commit The DHCPv6 message exchange is now the following if the DHCPv6 server accepts the rapid-commit option: Sending SOLICIT with rapid-commit option: *Mar 1 06:56:47.553: IPv6 DHCP: Sending SOLICIT to FF02::1:2 on Dialer1 *Mar 1 06:56:47.553: IPv6 DHCP: detailed packet contents *Mar 1 06:56:47.553: src FE80::204:C1FF:FEDB:2E41 *Mar 1 06:56:47.553: dst FF02::1:2 (Dialer1) *Mar 1 06:56:47.553: type SOLICIT(1), xid 4156744 *Mar 1 06:56:47.553: option ELAPSED-TIME(8), len 2 *Mar 1 06:56:47.553: elapsed-time 0 *Mar 1 06:56:47.553: option CLIENTID(1), len 10 *Mar 1 06:56:47.553: 000300010004C1DB2E40 *Mar 1 06:56:47.553: option RAPID-COMMIT(14), len 0 *Mar 1 06:56:47.553: option ORO(6), len 6 *Mar 1 06:56:47.553: IA-PD,DNS-SERVERS,DOMAIN-LIST *Mar 1 06:56:47.553: option IA-PD(33), len 12 *Mar 1 06:56:47.553: IAID 0x00040001, T1 0, T2 0 All contents are Copyright 1992 2003 All rights reserved. Important Notices and Privacy Statement. Page 9 of 13

Received REPLY: *Mar 1 06:56:47.577: IPv6 DHCP: Received REPLY from FE80::200:87FF:FE68:3155 on Dialer1 *Mar 1 06:56:47.577: IPv6 DHCP: detailed packet contents *Mar 1 06:56:47.577: src FE80::200:87FF:FE68:3155 (Dialer1) *Mar 1 06:56:47.577: dst FE80::204:C1FF:FEDB:2E41 *Mar 1 06:56:47.577: type REPLY(7), xid 4156744 *Mar 1 06:56:47.577: option CLIENTID(1), len 10 *Mar 1 06:56:47.577: 000300010004C1DB2E40 *Mar 1 06:56:47.581: option SERVERID(2), len 14 *Mar 1 06:56:47.581: 0001000106A50960000087683154 *Mar 1 06:56:47.581: option RAPID-COMMIT(14), len 0 *Mar 1 06:56:47.581: option DNS-SERVERS(25), len 16 *Mar 1 06:56:47.581: 2001:4::1 *Mar 1 06:56:47.581: option IA-PD(33), len 41 *Mar 1 06:56:47.581: IAID 0x00040001, T1 900, T2 1440 *Mar 1 06:56:47.581: option IAPREFIX(34), len 25 *Mar 1 06:56:47.581: preferred 1800, valid 3600, prefix 2001:7:7::/48 *Mar 1 06:56:47.581: option DOMAIN-LIST(26), len 20 *Mar 1 06:56:47.581: cisco.com *Mar 1 06:56:47.581: IPv6 DHCP: Adding server FE80::200:87FF:FE68:3155 *Mar 1 06:56:47.581: IPv6 DHCP: Processing options *Mar 1 06:56:47.581: IPv6 DHCP: Adding prefix 2001:7:7::/48 to DH-PREFIX *Mar 1 06:56:47.585: IPv6 DHCP: T1 set to expire in 900 seconds *Mar 1 06:56:47.585: IPv6 DHCP: T2 set to expire in 1440 seconds *Mar 1 06:56:47.585: IPv6 DHCP: Configuring DNS server 2001:4::1 *Mar 1 06:56:47.585: IPv6 DHCP: Configuring domain name cisco.com *Mar 1 06:56:47.585: IPv6 DHCP: DHCPv6 changes state from SOLICIT to OPEN (REPLY_RECEIVED) on Dialer1 4 Stateless DHCPv6 DHCPv6 PD is the key element of an easy IPv6 deployment. However, to have a fully functional IPv6 service, the hosts behind the CPE need to be configured with DNS server addresses and possibly other parameters (i.e.: domain lists). This configuration should be automated. It is taken for granted that RA messages are sent along by the CPE to provide the hosts with the /64 prefix to use. Continuing with the scenario depicted on Figure 2, once the CPE has received its /48 prefix and assigned /64 prefixes to its interfaces, it begins to send RAs with the corresponding prefixes. This way hosts on the link can auto-configure their addresses. DHCPv6 can be used to provide other parameters in a stateless manner. If the Router Advertisement messages sent by the CPE router have the O-bit set indicating that other parameters can be retrieved in a stateless manner, the hosts supporting DHCPv6 send a DHCPv6 INFORMATION-REQUEST message including the parameters it needs. If a DHCPv6 server is present on the link (it can be the CPE router), a DHCPv6 REPLY message with the requested parameters is received. All contents are Copyright 1992 2003 All rights reserved. Important Notices and Privacy Statement. Page 10 of 13

Figure 3 Stateless DHCPv6 Message Exchange CPE RA with O-bit set REPLY Options: ClientId DNS-server:2001:4::1 Domain-list: cisco.com INFORMATION-REQUEST Options: ClientID ORO = DNS, DOMAIN-LIST 4.1 Configuration The CPE router interface (FastEthernet0/1) toward the hosts is configured to have the O-bit set on RA messages. This way the host on the LAN will issues DHCPv6 INFORMATION-REQUEST messages. In this example, in order to simplify the customer LAN deployment, the CPE is also configured as a DHCPv6 server for hosts on the LAN. The CPE will responds to hosts INFORMATION-REQUEST message with a relevant REPLY message. ipv6 dhcp pool foo dns-server 2001:4::1 domain-name cisco.com interface FastEthernet0/1 ipv6 address DH-PREFIX 0:0:0:1::/64 eui-64 ipv6 nd other-config-flag ipv6 dhcp server foo 4.2 Traces The host sends an INFORMATION-REQUEST message, the router replies with a REPLY message. The REPLY message contains DNS addresses and a domain-list. Auto-configuration of the host: *Mar 1 07:10:34.285: ICMPv6-ND: Sending NS for FE80::204:C1FF:FEDB:2E40 on FastEthernet0/ 1 *Mar 1 07:10:35.286:ICMPv6-ND: DAD: FE80::204:C1FF:FEDB:2E40 is unique. *Mar 1 07:10:35.286: ICMPv6-ND: Sending NA for FE80::204:C1FF:FEDB:2E40 on FastEthernet0/ 1 *Mar 1 07:10:37.285: ICMPv6-ND: Sending RS on FastEthernet0/1 *Mar 1 07:10:37.285: ICMPv6-ND: Received RA from FE80::204:C1FF:FEDB:2FA0 on FastEthernet0/1 *Mar 1 07:10:37.285: ICMPv6-ND: Sending NS for 2001:3::204:C1FF:FEDB:2E40 on FastEthernet0/1 *Mar 1 07:10:37.285: ICMPv6-ND: Autoconfiguring 2001:3::204:C1FF:FEDB:2E40 on FastEthernet0/1 *Mar 1 07:10:37.289: ICMPv6-ND: O bit set; checking stateless DHCP All contents are Copyright 1992 2003 All rights reserved. Important Notices and Privacy Statement. Page 11 of 13

The host sends an INFORMATION-REQUEST message: *Mar 1 07:10:37.289: IPv6 DHCP: Sending INFORMATION-REQUEST to FF02::1:2 on FastEthernet0/ 1 *Mar 1 07:10:37.289: IPv6 DHCP: detailed packet contents *Mar 1 07:10:37.289: src FE80::204:C1FF:FEDB:2E40 *Mar 1 07:10:37.289: dst FF02::1:2 (FastEthernet0/1) *Mar 1 07:10:37.289: type INFORMATION-REQUEST(11), xid 4987463 *Mar 1 07:10:37.289: option ELAPSED-TIME(8), len 2 *Mar 1 07:10:37.289: elapsed-time 0 *Mar 1 07:10:37.289: option CLIENTID(1), len 10 *Mar 1 07:10:37.289: 000300010004C1DB2E40 *Mar 1 07:10:37.289: option ORO(6), len 4 *Mar 1 07:10:37.289: DNS-SERVERS,DOMAIN-LIST *Mar 1 07:10:37.289: IPv6 DHCP: DHCPv6 changes state from IDLE to INFORMATION-REQUEST (STATELESS) on FastEthernet0/1 The host receives a REPLY message: *Mar1 07:10:37.293: IPv6 DHCP: Received REPLY from FE80::200:87FF:FE68:3155 on FastEthernet0/1 *Mar 1 07:10:37.293: IPv6 DHCP: detailed packet contents *Mar 1 07:10:37.293: src FE80::200:87FF:FE68:3155 (FastEthernet0/1) *Mar 1 07:10:37.293: dst FE80::204:C1FF:FEDB:2E40 *Mar 1 07:10:37.293: type REPLY(7), xid 4987463 *Mar 1 07:10:37.293: option CLIENTID(1), len 10 *Mar 1 07:10:37.293: 000300010004C1DB2E40 *Mar 1 07:10:37.293: option SERVERID(2), len 14 *Mar 1 07:10:37.298: 0001000106A50960000087683154 *Mar 1 07:10:37.298: option DNS-SERVERS(25), len 16 *Mar 1 07:10:37.298: 2001:4::1 *Mar 1 07:10:37.298: option DOMAIN-LIST(26), len 20 *Mar 1 07:10:37.298: cisco.com *Mar 1 07:10:37.298: option UNKNOWN(27), len 16 *Mar 1 07:10:37.298: IPv6 DHCP: Adding server FE80::200:87FF:FE68:3155 *Mar 1 07:10:37.298: IPv6 DHCP: Processing options *Mar 1 07:10:37.298: IPv6 DHCP: Configuring DNS server 2001:4::1 *Mar 1 07:10:37.298: IPv6 DHCP: Configuring domain name cisco.com *Mar 1 07:10:37.298: IPv6 DHCP: DHCPv6 changes state from INFORMATION-REQUEST to IDLE (REPLY_RECEIVED) on FastEthernet0/1 5 Conclusion DHCPv6 offers an elegant deployment solution in several key IPv6 scenarios: site automatic numbering via Prefix Delegation and Internet parameters acquisition through a stateless approach similar to that already deployed in IPv4 DHCP solutions. The introduction of DHCPv6 in Cisco IOS Software Release 12.3(4)T is another milestone in the broad adoption of IPv6. More tools are provided to Service Providers to simplify the deployment of value-added IPv6 features and the basic needs of all Internet deployment are fulfilled. Again, DHCPv6 unleashes the power of IPv6, which offers an abundance of addresses. DHCPv6 makes this potential easily accessible to end-users previously suffering from the scarcity of IPv4 address allocation. All contents are Copyright 1992 2003 All rights reserved. Important Notices and Privacy Statement. Page 12 of 13

6 References [RIPE267] APNIC, ARIN, RIPE NCC, "IPv6 Address Allocation and Assignment Policy", January 2003. [RFC 2461] T. Narten, E. Nordmark, W. Simpson, Neighbor Discovery for IP Version 6, December 1998. [MIYAKAWA] S. Miyakawa, draft-miyakawa-ipv6-prefix-delegation-requirement-03, work in progress, August 2003. [RFC3315] R. Droms and al. Dynamic Host Configuration Protocol for IPv6 (DHCPv6), July 2003. [PD] O. Troan, R.Droms, draft-ietf-dhc-dhcpv6-opt-prefix-delegation-05, work in progress, October 2003. [DNS] R.Droms, draft-ietf-dhc-dhcpv6-opt-dnsconfig-04, work in progress, August 2003 [RFC 2462] W. Simpson, T. Narten, W. Simpson, IPv6 Stateless Address Autoconfiguration, December 1998. [RFC 3162] B. Aboba, G. Zorn, D. Mitton, RADIUS and IPv6, August 2001. Corporate Headquarters 170 West Tasman Drive San Jose, CA 95134-1706 USA www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 European Headquarters Cisco Systems International BV Haarlerbergpark Haarlerbergweg 13-19 1101 CH Amsterdam The Netherlands www-europe.cisco.com Tel: 31 0 20 357 1000 Fax: 31 0 20 357 1100 Americas Headquarters 170 West Tasman Drive San Jose, CA 95134-1706 USA www.cisco.com Tel: 408 526-7660 Fax: 408 527-0883 Asia Pacific Headquarters Capital Tower 168 Robinson Road #22-01 to #29-01 Singapore 068912 www.cisco.com Tel: +65 6317 7777 Fax: +65 6317 7799 Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed on the Cisco Web site at www.cisco.com/go/offices Argentina Australia Austria Belgium Brazil Bulgaria Canada Chile China PRC Colombia Costa Rica Croatia Czech Republic Denmark Dubai, UAE Finland France Germany Greece Hong Kong SAR Hungary India Indonesia Ireland Israel Italy Japan Korea Luxembourg Malaysia Mexico The Netherlands New Zealand Norway Peru Philippines Poland Portugal Puerto Rico Romania Russia Saudi Arabia Scotland Singapore Slovakia Slovenia South Africa Spain Sweden Switzerland Taiwan Thailand Turkey Ukraine United Kingdom United States Venezuela Vietnam Zimbabwe All contents are Copyright 1992 2003 All rights reserved. Cisco, Cisco IOS, Cisco Systems, and the Cisco Systems logo are registered trademarks of and/or its affiliates in the U.S. and certain other countries. All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0304R) ETMG 203152 SH 12.03

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information