IPv6
IP version 6 (IPv6) is a routing protocol which succeeds IPv4. With the expansion of the Internet and databases IPv6 addresses consist of 128 bits whose purpose is to allow networks to include a significantly higher number of nodes by increasing the pool of available unique IP addresses. IPv6 packets alleviate overhead and allow for future customizability.
Textual representations of IPv6 addresses consist of 128 bits made up from eight 16-bit hexadecimal numbers separated by colons. IPv6 addresses may be abbreviated as follows:
You may omit leading zeros in each 16-bit sequence
You may replace an entire sequence with a double colon if it equals zero
For example, these addresses represent the same IPv6 address:
af23:0000:0000:0000:1284:037d:35ce:2401
af23:0:0:0:1284:37d:35ce:2401
af23::1284:37d:35ce:2401
IPv6 addresses typically denote a 64-bit network prefix and a 64-bit host address.
The following are the features IPv6 is supported on:
Static Routes
ECMP
Neighbor Discovery
BGP
BFD for BGP (IPv6), and Static Routes
DHCPv6 Relay
Neighbor Discovery (ND) decides relationships between neighbors and replaces ARP, ICMP, and ICMP redirect in IPv4.
Five kinds of ICMPv6 packets are defined by ND:
Neighbor advertisement
Router advertisement
Neighbor solicitation
Router solicitation
Redirect
ND checks whether a neighboring node’s address has changed, whether the neighbor is still reachable, and also resolves the address of the neighbor which a packet is being forwarded to. ND is also useful for network nodes for discovering other nodes and performing basic link-layer configuration.
To configure Router1:
Enable IP routing. Run:
switch
(config)# ip routingEnable forwarding IPv6 unicast packets. Run:
switch
(config)# ipv6 routingConfigure the VLAN interfaces. Run:
switch
(config)#interface
vlan10
switch
(configinterface
vlan10
) # exitswitch
(config)#interface
vlan30
switch
(configinterface
vlan30
) # exitswitch
(config)#interface
vlan50
switch
(configinterface
vlan50
) # exitEnable IPv6 on the VLAN interfaces. Run:
switch
(config)#interface
vlan10
ipv6 enableswitch
(config)#interface
vlan30
ipv6 enableswitch
(config)#interface
vlan50
ipv6 enableConfigure IPv6 addresses for each one of the VLAN interfaces. Run:
switch
(config)#interface
vlan10
ipv6 address2101
:db01::1
/64
switch
(config)#interface
vlan30
ipv6 address2103
:db01::2
/64
switch
(config)#interface
vlan50
ipv6 address2105
:db01::1
/64
Configure IPv6 unicast on port 2. Run:
switch
(config)# ipv6 route2002
:db01:: /64
2101
:db01::2
Configure IPv6 unicast on port 8. Run:
switch
(config)# ipv6 route2002
:db01:: /64
2105
:db01::2
To configure Router2:
Disable prefix mode on the CLI. Run:
switch
(config)# no clidefault
prefix-mode enableEnable the VLANs on the system. Run:
switch
(config)# vlan10
switch
(config vlan10
) # exitswitch
(config)# vlan20
switch
(config vlan20
) # exitswitch
(config)# vlan50
switch
(config vlan50
) # exitConfigure the switch ports to accept the VLANs of which they are part only. Run:
switch
(config)#interface
ethernet1
/1
switchport access vlan10
// port2
switch
(config)#interface
ethernet1
/2
switchport access vlan50
// port8
switch
(config)#interface
ethernet1
/36
switchport access vlan20
// port5
Disable spanning tree. Run:
switch
(config)# no spanning-treeEnable forwarding IPv6 unicast packets. Run:
switch
(config)# ipv6 routingConfigure the VLAN interfaces. Run:
switch
(config)#interface
vlan10
switch
(configinterface
vlan10
) # exitswitch
(config)#interface
vlan20
switch
(configinterface
vlan20
) # exitswitch
(config)#interface
vlan50
switch
(configinterface
vlan50
) # exitConfigure IPv6 addresses for each one of the VLAN interfaces. Run:
switch
(config)#interface
vlan10
ipv6 address2101
:db01::2
/64
switch
(config)#interface
vlan20
ipv6 address2102
:db01::1
/64
switch
(config)#interface
vlan50
ipv6 address2105
:db01::2
/64
Configure IPv6 unicast on port 1. Run:
switch
(config)# ipv6 route2103
:db01:: /64
2101
:db01::1
Configure IPv6 unicast on port 7. Run:
switch
(config)# ipv6 route2103
:db01:: /64
2105
:db01::1
Ping neighbor to verify IPv6 configuration:
switch
(config)# ping6 2101
:db01::2
PING 2101
:db01::2
(2101
:db01::2
) 56
data bytes
64
bytes from 2101
:db01::2
: icmp_seq=1
ttl=64
time=0.371
ms
64
bytes from 2101
:db01::2
: icmp_seq=2
ttl=64
time=0.620
ms
64
bytes from 2101
:db01::2
: icmp_seq=3
ttl=64
time=0.192
ms
64
bytes from 2101
:db01::2
: icmp_seq=4
ttl=64
time=0.277
ms
64
bytes from 2101
:db01::2
: icmp_seq=5
ttl=64
time=0.231
ms
ipv6 enable
ipv6 enable Assigns automatic link-local IPv6 address to the interface. | ||
Syntax Description | N/A | |
Default | Unassigned | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Updated notes and command description | |
Example | switch (config vlan 10) # ipv6 enable | |
Related Commands | ||
Notes | Assigning an IPv6 address to an interface also enables IPv6 processing on the interface. |
ipv6 address
ipv6 address <ipv6-address> /<length> Enables IPv6 processing and assigns an IPv6 address to the interface. | ||
Syntax Description | ipv6-address | IPv6 address |
length | Mask length for the associated address space | |
Default | N/A | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Updated syntax description and example output | |
Example | switch (config vlan 10) # ipv6 address 2001::1 /120 | |
Related Commands | ||
Notes | An interface may have up to 16 IPv6 address assignments |
ipv6 nd managed-config-flag
ipv6 nd managed-config-flag Sets the managed address configuration flag in IPv6 router advertisements. | ||
Syntax Description | N/A | |
Default | Managed address configuration flag is not set | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Updated configuration mode | |
Example | switch (config vlan 10) # ipv6 nd managed-config-flag | |
Related Commands | ||
Notes |
ipv6 nd ns-interval
ipv6 nd ns-interval <period> Configures the interval between IPv6 neighbor solicitation (NS) transmissions. | ||
Syntax Description | period | Time in milliseconds |
Default | 1000 | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Updated configuration mode | |
Example | switch (config vlan 10) # ipv6 nd ns-interval 1500 | |
Related Commands | ||
Notes |
ipv6 nd other-config-flag
ipv6 nd other-config-flag Indicates that other configuration information is available via DHCPv6. | ||
Syntax Description | N/A | |
Default | Not set | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Updated configuration mode | |
Example | switch (config vlan 10) # ipv6 nd other-config-flag | |
Related Commands | ||
Notes |
ipv6 nd prefix
ipv6 nd prefix <ipv6-address> /<length> [no-autoconfig] [no-onlink] [valid-time {<time> | infinite}] [preferred-time {<time> | infinite}] Configures inclusion for router advertisements (RAs) for neighbor. | ||
Syntax Description | ipv6-address | IPv6 address |
length | Prefix length for the associated address space | |
no-advertise | Prevents advertising of the specified default prefix | |
valid-time | Time in seconds | |
preferred-time | Time in seconds | |
no-autoconfig | Indicates that the prefix cannot be used for stateless address configuration | |
no-onlink | Indicates that the prefix cannot be used for on-link determination | |
Default | valid-time: 2592000 seconds | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Updated syntax description, configuration mode and default values | |
Example | switch (config vlan 10) # ipv6 nd prefix 2001::1 /120 | |
Related Commands | ||
Notes |
|
ipv6 nd ra dns-servers lifetime
ipv6 nd ra dns-servers lifetime {<time> | infinite} Advertises a lifetime of a Recursive DNS Server (RDNSS). | ||
Syntax Description | time | Possible values:
|
infinite | A value of all one bits (0xffffffff) and “infinite” represents infinity | |
Default | If no lifetime period is configured on the interface, the default value is 1.5 times the Router Advertisement (RA) interval set by the command “ipv6 nd ra interval” | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Updated command and syntax description, configuration mode and default values | |
Example | switch (config vlan 10) # ipv6 nd ra dns-servers lifetime infinite | |
Related Commands | ||
Notes |
|
ipv6 nd ra dns-server
ipv6 nd ra dns-server <ipv6 address> [lifetime [<time> | infinite]] Configures the IPv6 address of a Recursive DNS Server (RDNSS) to include in the neighbor-discovery router advertisements (RAs). | ||
Syntax Description | ipv6 address | IPv6 address of RDNSS |
lifetime | Maximum lifetime value for the specified RDNSS entry. Possible values:
| |
infinite | A value of all one bits (0xffffffff) and “infinite” represents infinity | |
Default | If no lifetime period is configured on the interface, the default value is 1.5 times the Router Advertisement (RA) interval set by the command “ipv6 nd ra interval” | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Updated command, example and syntax description, configuration mode and default values | |
Example | switch (config vlan 10) # ipv6 nd ra dns-server 2001::1 lifetime infinite | |
Related Commands | ||
Notes |
|
ipv6 nd ra dns-suffixes lifetime
ipv6 nd ra dns-suffixes <domain-name> lifetime {<time> | infinite} Advertises a lifetime of a DNS Search List (DNSSL). | ||
Syntax Description | time | Possible values:
|
infinite | A value of all one bits (0xffffffff) and “infinite” represents infinity | |
Default | If no lifetime period is configured on the interface, the default value is 1.5 times the Router Advertisement (RA) interval set by the command “ipv6 nd ra interval” | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Updated command, example and syntax description, configuration mode and default values | |
Example | switch (config vlan 10) # ipv6 nd ra dns-suffix domain.com lifetime infinite | |
Related Commands | ||
Notes | The DNSSL contains the domain names of DNS suffixes for IPv6 hosts to append to short, unqualified domain names for DNS queries |
ipv6 nd ra dns-suffix
ipv6 nd ra dns-suffix <domain-name> [lifetime {<time> | infinite}] Creates a DNS search list (DNSSL) to include in the neighbor-discovery Router Advertisements (RAs). | ||
Syntax Description | domain-name | Domain suffix for IPv6 hosts to append to short unqualified domain names for DNS queries |
lifetime | Maximum lifetime value for the specified DNSSL entry | |
time | Possible values:
| |
infinite | A value of all one bits (0xffffffff) and “infinite” represents infinity | |
Default | If no lifetime period is configured on the interface, the default value is 1.5 times the Router Advertisement (RA) interval set by the command “ipv6 nd ra interval” | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Updated command, example and syntax description, configuration mode and default values | |
Role | admin | |
Example | switch (config vlan 10) # ipv6 nd ra dns-suffix domain.com lifetime infinite | |
Related Commands | ||
Notes |
|
ipv6 nd ra hop-limit
ipv6 nd ra hop-limit <limit> Sets a suggested hop-limit value to be included in route advertisement (RA) packets. | ||
Syntax Description | limit | The hop-limit value to be included by attached hosts in outgoing packets.
|
Default | Limit value is 64 | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Updated configuration modes | |
Example | switch (config vlan 10) # ipv6 nd ra hop-limit 70 | |
Related Commands | ||
Notes |
ipv6 nd ra interval max-period
ipv6 nd ra interval max-period <time> [min-period <time>] Configures the interval between IPv6 router advertisement (RA) transmissions. | ||
Syntax Description | time | Maximum interval between successive IPv6 router advertisement transmissions |
min-period | Minimum interval between successive IPv6 router advertisement transmissions:
| |
Default | max-period: 600 seconds | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Updated syntax description, configuration modes and notes | |
Example | switch (config vlan 10) # ipv6 nd ra interval max-period 600 | |
Related Commands | ||
Notes |
|
ipv6 nd ra lifetime
ipv6 nd ra lifetime <time> Router lifetime is associated with a router’s usefulness as default route, it does not apply to information contained in other message fields or options. Options that need time limits for their information include their own lifetime fields. | ||
Syntax Description | time | The router lifetime specifies the period that the router can be considered as a default router by RA recipients in seconds.
|
Default | 3*<router advertisement interval> | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Added support for IPv6 | |
Example | switch (config vlan 10) # ipv6 nd ra lifetime 300 | |
Related Commands | ||
Notes |
ipv6 nd ra mtu suppress
ipv6 nd ra mtu suppress Suppresses advertisement (RA) MTU option sent to router. | ||
Syntax Description | N/A | |
Default | Suppressed | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Updated command Syntax and configuration mode | |
Example | switch (config vlan 10) # ipv6 nd ra mtu suppress | |
Related Commands | ||
Notes | If not suppressed, MTU of the interface is advertised. |
ipv6 nd ra suppress
ipv6 nd ra suppress [all] Suppresses periodic and solicited IPv6 router advertisement (RA) transmissions. | ||
Syntax Description | all | Configures the switch to suppress all RAs, including those responding to a router solicitation. |
Default | Only unsolicited RAs transmitted periodically are suppressed | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Updated command syntax and configuration mode | |
Example | switch (config vlan 10) # ipv6 nd ra suppress all | |
Related Commands | ||
Notes |
ipv6 nd reachable-time
ipv6 nd reachable-time <time> Sets the time period the switch includes in the reachable time field of outgoing advertisements (RAs). | ||
Syntax Description | time | In milliseconds; the reachable time defines the period that a node assumes a neighbor is reachable after having received a reachability confirmation. Values:
|
Default | 0 (unspecified) | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Updated command syntax, configuration mode and notes | |
Example | switch (config vlan 10) # ipv6 nd reachable-time 30000 | |
Related Commands | ||
Notes | RAs that advertise zero seconds indicate that the router does not specify a reachable time |
ipv6 nd router-preference
ipv6 nd router-preference {high | medium | low} Sets the value the switch enters in the default router preference (DRP) field of router advertisements (RAs) it sends. | ||
Syntax Description | N/A | |
Default | Medium | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Updated configuration modes | |
Example | switch (config vlan 10) # ipv6 nd router-preference high | |
Related Commands | ||
Notes |
|
ipv6 nd retrans-timer
ipv6 nd retrans-timer <time> Advertises the time between consecutive neighbor solicitation (NS) messages. | ||
Syntax Description | time | In milliseconds; the time between retransmitted neighbor solicitation messages. Possible values:
|
Default | 0 (unspecified) | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Updated command syntax, configuration mode and example output | |
Example | switch (config vlan 10) # ipv6 nd retrans-timer 1000 | |
Related Commands | ||
Notes |
ipv6 nd redirects
ipv6 nd redirects Enables sending ICMPv6 redirect messages. | ||
Syntax Description | N/A | |
Default | Disabled | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
Example | switch (config interface vlan 10) # ipv6 nd redirects | |
Related Commands | ||
Notes |
ipv6 nd dad attempts
ipv6 nd dad attempts <number> Sets the number of consecutive neighbor solicitation messages sent for duplicate address detection (DAD) validation. | ||
Syntax Description | number | Number of attempts:
|
Default | 1 | |
Configuration Mode | config interface vlan | |
History | 3.4.1100 | |
3.6.4110 | Updated configuration mode | |
Role | admin | |
Example | switch (config vlan 10) # ipv6 nd dad attempts 10 | |
Related Commands | ||
Notes |
clear ipv6 neighbors
clear ipv6 neighbors {ethernet <slot> /<port> | port-channel <port-channel> | vlan <vlan-id>} [<ipv6-addr>] Removes the specified dynamic IPv6 neighbor discovery cache entries. | ||
Syntax Description | ethernet | Ethernet port (<slot>/<port>) |
vlan | VLAN interface | |
ipv6-addr | IPv6 address | |
Default | N/A | |
Configuration Mode | config | |
History | 3.4.1100 | |
3.6.4110 | Updated command | |
Example | switch (config) # clear ipv6 neighbors ethernet 1/4 | |
Related Commands | ||
Notes |
|
ipv6 route
Creates an IPv6 static route. | ||
Syntax Description | ipv6-address | IPv6 address |
ipv6-prefix | IPv6 address + mask length without space (e.g. a1:a2::33/64) | |
length | Prefix length for the associated address space | |
next-hop-ipv6-address | IPv6 address of the next-hop | |
distance | Administrative distance assigned to route.
| |
null0 | Creates a black hole route with action DROP | |
Default | No distance parameter indicated: Administrative distance of 1 | |
Configuration Mode | config | |
History | 3.4.1100 | |
3.6.4110 | Updated command | |
3.9.1600 | Removed ethernet, port-channel, and vlan options | |
Example | switch (config) # ipv6 route 3003:db01:: /64 2001:db01::1 | |
Related Commands | ||
Notes |
|
ipv6 routing
ipv6 routing Enables forwarding IPv6 unicast packets. | ||
Syntax Description | N/A | |
Default | Disabled | |
Configuration Mode | config | |
History | 3.4.1100 | |
Example | switch (config) # ipv6 routing | |
Related Commands | ||
Notes | When routing is enabled, the switch attempts to deliver inbound packets to destination addresses by forwarding them to interfaces or next hop addresses specified by the IPv6 routing table |
ipv6 routing disable-discard-counter
ipv6 routing disable-discard-counter Disables router discard counters. | ||
Syntax Description | N/A | |
Default | Disabled | |
Configuration Mode | config | |
History | 3.9.2100 | |
Example | switch (config) # ipv6 routing disable-discard-counter | |
Related Commands | ||
Notes | A reboot is required for the feature to take effect. |
show ipv6 interfaces
show ipv6 interfaces [{{ethernet <port> | port-channel <port-channel> | vlan <vlan-id>}}| brief] Displays the status of specified routed interfaces that are configured for IPv6. | ||
Syntax Description | ethernet <port> | Displays output pertaining to the specified Ethernet interface |
port-channel <port-channel> | Displays output pertaining to the specified LAG interface | |
vlan <vlan-id> | Displays output pertaining to the specified VLAN interface | |
brief | Shows basic IPv6 information regarding all IPv6 interfaces | |
Default | N/A | |
Configuration Mode | Any command mode | |
History | 3.6.4110 | |
Example | ||
switch (config) # show ipv6 interface Vlan10 is Enabled , line protocol is UP | ||
Related Commands | ||
Notes |
show ipv6 interfaces brief
show ipv6 interfaces [<type> <id>] brief Displays basic IPv6 information regarding all IPv6 interfaces | ||
Syntax Description | <type> <id> | Specifies the interface for which to display data |
Default | N/A | |
Configuration Mode | Any command mode | |
History | 3.6.4110 | |
3.6.8008 | Updated Example | |
Example | ||
switch (config) # show ipv6 interface brief ------------------------------------------------------------------------------------------------------------- | ||
Related Commands | ||
Notes |
show interfaces null0
show interfaces null0 [vrf <vrf-name>] Displays blackhole route byte and packet counters. | ||
Syntax Description | N/A | |
Default | N/A | |
Configuration Mode | Any command mode | |
History | 3.6.4110 | |
Example | switch (config) # show interfaces null0 | |
Related Commands | ||
Notes |
show ipv6 neighbors
show ipv6 neighbors [{ethernet <port> | port-channel <port-channel> | vlan <vlan-id>} | <ipv6 address> | summary] Displays IPv6 neighbor discovery (ND) cache information. | ||
Syntax Description | ethernet <port> | Displays output pertaining to the specified Ethernet interface. |
vlan <vlan-id> | Displays output pertaining to the specified VLAN interface. | |
ipv6 address | IPv6 address of individual neighbor | |
Default | N/A | |
Configuration Mode | Any command mode | |
History | 3.4.1100 | |
3.6.4110 | Updated command syntax and Example | |
Example | ||
switch (config) # show ipv6 neighbors IPv6 Address MAC Address State Interf | ||
Related Commands | ||
Notes |
show ipv6 route
show ipv6 route [vrf <vrf-name] {[<ipv6-address> <ipv6-address>/<length> [longer-prefixes]] [connected | bgp | static]} Displays IPv6 neighbor discovery (ND) cache information. | ||
Syntax Description | ipv6-addr | Filters routes by IPv6 address or prefix |
longer-prefixes | Displays output for longer prefix entries | |
connected | Displays entries for routes to networks directly connected to the switch | |
static | Displays entries added through CLI commands | |
summary | Displays the current contents of the IPv6 routing table in summary format | |
Default | N/A | |
Configuration Mode | Any command mode | |
History | 3.4.1100 | |
3.6.4110 | Updated Example | |
3.6.8008 | Updated Example | |
Example | ||
| ||
Related Commands | ||
Note |