240 likes | 376 Views
Regional Cisco Networking Academy Conference 2014. Giving you the knowledge and confidence to teach IPv6. DHCPv6-PD (Prefix Delegation) IPv6 Address Allocation to the Home Rick Graziani CS/CIS Instructor Cabrillo College. The World of IPv4 – DHCPv4 and NAT. NAT.
E N D
Regional Cisco Networking Academy Conference 2014 Giving you the knowledge and confidence to teach IPv6 DHCPv6-PD (Prefix Delegation) IPv6 Address Allocation to the Home Rick Graziani CS/CIS Instructor Cabrillo College
The World of IPv4 – DHCPv4 and NAT NAT • ISP only has to deliver a public IPv4 address for Home router interface. • DHCPv4 and RFC 1918 private address space is used for home network. • NAT is used for translation – but has its drawbacks! • No NAT (like that… kind of) for IPv6 G0/1 HOME G0/1 G0/0 ISP Public IPv4 Address for the interface Private IPv4 Address DHCPv4 DHCPv4 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
The World of IPv6 – DHCPv6-PD (Prefix Delegation) Complete IPv6 Reachability • IPv6 End-to-end reachability: • Home network gets its own IPv6 prefix (public address) • No NAT • ISP router is known as the Delegating Router (DR) • HOME router is known as the Requesting Router (RR) Delegating Router (DR) Requesting Router (RR) G0/1 G0/1 G0/0 HOME-RR ISP-DR Global IPv6 Address Global IPv6 Address
The World of IPv6 – DHCPv6-PD (Prefix Delegation) Complete IPv6 Reachability After getting an IPv6 address on its ISP-facing interface, HOME-RR needs to: Step 1: Request a Prefix for its LAN(s) Step 2: Subnet the prefix for its LANs (optional) – Get a /48 but assign /64s Step 3: Assign an IPv6 address from the prefix to its LAN interface Step 4: Advertises the prefix in a Router Advertisement to devices on the LAN Delegating Router (DR) Requesting Router (RR) G0/1 G0/1 G0/0 HOME-RR ISP-DR Global IPv6 Address Global IPv6 Address
The World of IPv6 – DHCPv6-PD (Prefix Delegation) Complete IPv6 Reachability • First, HOME’s ISP facing interface needs an IPv6 address. • Similar to any IPv6 client it may dynamically get an address using: • SLAAC - Using prefix in RA • Stateless DHCPv6 – Using prefix in RA and perhaps DNS address from DHCPv6 server • Stateful DHCPv6 - Like DHCPv4 • What about the address for the HOME LAN? Delegating Router (DR) Requesting Router (RR) G0/1 G0/1 HOME-RR G0/0 ISP-DR ? • IPv6 Address for the interface: • SLAAC • DHCPv6 (Stateful or Stateless)
The World of IPv6 – DHCPv6-PD (Prefix Delegation) 3 RA with /64 prefix Delegating Router (DR) Requesting Router (RR) Step 1. HOME asks the ISP for an address to allocate for it’s LANs • DHCPv6-PD is initiated by the RR! Step 2. ISP delegates an IPv6 prefix for HOME • Example: ISP sends HOME a /48 prefix Step 3. HOME advertises prefix using SLAAC RA messages (currently only option) • HOME advertises the prefix out its interfaces using ICMPv6 Router Advertisement messages • HOME assigns the prefix or subnets of the prefix to one or more interfaces • Example: HOME interfaces are assigned /64 subnets from the /48 prefix G0/1 G0/1 G0/0 HOME-RR ISP-DR 3 1 G0/1 DHCPv6-PD REQUEST RA with /64 prefix 2 DHCPv6-PD REPLY with /48 prefix
Our Example - DHCPv6-PD 2001:DB8:FEED:6::/64 2001:DB8:AB00:1::/64 G0/1 :1 G0/0 :1 G0/1 :EUI-64 • ISP will deliver an IPv6 address for HOME’s G0/1 interface usingSLAAC • ISP will delegate the 2001:DB8:AB00::/48 prefix to HOME to allocate to its LANs • HOME will use the 2001:DB8:AB00:1::/64 subnet for its G0/0 interface. • Assign :1 to the G0/0 interface • G0/0 LAN will receive the 2001:DB8:AB00:1::/64 prefix and other information using SLAAC (RA). HOME-RR ISP-DR Router Advertisement 2001:DB8:FEED:6::/64 SLAAC SLAAC Prefix Delegation for the HOME 2001:DB8:AB00:/48 Router Advertisement 2001:DB8:AB00:1::/64 DHCPv6 Prefix Delegation
Note: If instead of SLAAC, HOME uses DHCPv6 for its G0/1 address, a separate set of DHCPv6 messages will be exchanged between the two routers. RA and DHCPv6-PD Messages ICMPv6 Router Solicitation SLAAC ICMPv6 Router Advertisement ISP DR G0/1 HOME RR G0/1 G0/0 SOLICIT: Prefix Delegation request The RR must be enabled with the PD option ADVERTISE In the case where the RR only has one DR the rapid commit option omits these two steps. DHCPv6-PD REQUEST REPLY: Include Prefix ICMPv6 Router Advertisement (RA) SLAAC
HOME-RR Configuration 2001:DB8:FEED:6::/64 2001:DB8:AB00:1::/64 G0/1 :1 G0/1 :EUI-64 G0/0 :1 ISP-DR HOME-RR Router Solicitation 1 2 Router Advertisement 2001:DB8:FEED:6::/48 DHCPv6 PD Request 3 HOME-RR(config)# ipv6 unicast-routing ! Required to send RA HOME-RR(config)# interface gig 0/1 HOME-RR(config-if)# ipv6 address autoconfigdefault ! Use RA & add default HOME-RR(config-if)# ipv6 dhcp client pdDHCPV6-PREFIX-FROM-ISP ! Request DHCPv6-PD. ! rapid-commit option ! can be used. HOME-RR(config)# interface gig 0/0 HOME-RR(config-if)# ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64 ! RA /48 from PD
HOME-RR Configuration 2001:DB8:FEED:6::/64 2001:DB8:AB00:1::/64 G0/1 :1 G0/1 :EUI-64 G0/0 :1 ISP-DR HOME-RR 3 2001:DB8:AB00:1::1/64 DHCPv6 PD Request 1 DHCPv6 PD Reply Router Advertisement 2001:DB8:AB00::/48 2001:DB8:AB00:1::/64 2 3 HOME-RR(config)# interface gig 0/1 HOME-RR(config-if)# ipv6 address autoconfigdefault HOME-RR(config-if)# ipv6 dhcp client pdDHCPV6-PREFIX-FROM-ISP HOME-RR(config)# interface gig 0/0 HOME-RR(config-if)# ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64 ! For G0/0 & RA Interface ID First 48 bits replaced by the prefix received by DHCPv6-PD 2001:DB8:AB00:: Subnet-ID
ISP-DR Configuration 2001:DB8:FEED:6::/64 2001:DB8:AB00:1::/64 G0/1 :1 G0/1 :EUI-64 G0/0 :1 ISP-DR HOME-RR Router Advertisement 2001:DB8:FEED:6::/64 For G0/1 interface SLAAC Prefix Delegation for the HOME 2001:DB8:AB00:/64 DHCPv6-PD For HOME LANs ISP-DR(config)# ipv6 unicast-routing ISP-DR(config)# interface gig 0/1 ISP-DR(config-if)# ipv6 address 2001:db8:feed:6::1/64 ISP-DR(config-if)# ipv6 address fe80::feed:1 link-local ISP-DR(config-if)# ipv6 dhcp server DHCPV6-CLIENT-ADDRESS ! Also a DHCPv6 server ISP-DR(config)# ipv6 dhcp pool DHCPV6-CLIENT-ADDRESS ISP-DR(config-dhcpv6)# prefix-delegation pool DHCPV6-PD-POOL ISP-DR(config-dhcpv6)# dns-server 2001:DB8:AAAA::1 ISP-DR(config)# ipv6 local pool DHCPV6-PD-POOL 2001:DB8:AB00::/40 48 Pool can include address prefix command if stateful DHCPv6 is used instead of SLAAC.
ISP-DR Configuration 2001:DB8:FEED:6::/64 2001:DB8:AB00:1::/64 G0/1 :1 G0/1 :EUI-64 G0/0 :1 ISP-DR HOME-RR 2001:DB8:AB00::/40 DHCPv6 PD Reply Router Advertisement 2001:DB8:AB00::/48 2001:DB8:AB01::/48 2001:DB8:AB02::/48 … 2001:DB8:ABFF::/48 2001:DB8:AB00:1::/64 ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64 ISP-DR(config)# ipv6 dhcp pool DHCPV6-CLIENT-ADDRESS ISP-DR(config-dhcpv6)# prefix-delegation pool DHCPV6-PD-POOL! DHCPv6 address pool ISP-DR(config-dhcpv6)# dns-server 2001:DB8:AAAA::1 ! DNS address for DHCPv6-PD ISP-DR(config)# ipv6 local pool DHCPV6-PD-POOL 2001:DB8:AB00::/40 48! PD pool Reserve a /40 to allocate addresses for ISP’s DHCPv6-PD clients 2001:DB8:ABxx::/40 From the /40 each DHCPv6-PD client will get a /48
Verifying DHCPv6-PD 2001:DB8:FEED:6::/64 2001:DB8:AB00:1::/64 G0/1 :1 G0/0 :1 G0/1 :EUI-64 HOME-RR ISP-DR Router Advertisement 2001:DB8:FEED:6::/64 SLAAC SLAAC Prefix Delegation for the HOME 2001:DB8:AB00:/48 Router Advertisement 2001:DB8:AB00:1::/64 DHCPv6 Prefix Delegation
ISP-DR Verification 2001:DB8:FEED:6::/64 2001:DB8:AB00:1::/64 G0/1 :1 G0/1 :EUI-64 G0/0 :1 ISP-DR HOME-RR ISP-DR# show ipv6 dhcp interface gig 0/1 GigabitEthernet0/1 is in server mode Using pool: DHCPV6-CLIENT-ADDRESS Preference value: 0 Hint from client: ignored Rapid-Commit: disabled ISP-DR# ISP-DR(config)# interface gig 0/1 ISP-DR(config-if)# ipv6 dhcp server DHCPV6-CLIENT-ADDRESS ISP-DR(config)# ipv6 dhcp pool DHCPV6-CLIENT-ADDRESS ISP-DR(config-dhcpv6)# prefix-delegation pool DHCPV6-PD-POOL ISP-DR(config-dhcpv6)# dns-server 2001:DB8:AAAA::1 ISP-DR(config)# ipv6 local pool DHCPV6-PD-POOL 2001:DB8:AB00::/40 48 rapid-commit option not included
ISP-DR Verification 2001:DB8:FEED:6::/64 2001:DB8:AB00:1::/64 G0/1 :1 G0/1 :EUI-64 G0/0 :1 ISP-DR HOME-RR ISP-DR# show ipv6 local pool DHCPV6-PD-POOL Prefix is 2001:DB8:AB00::/40 assign /48 prefix 1 entries in use, 255 available, 0 rejected 0 entries cached, 1000 maximum User Prefix Interface 00030001885A923B29E000040001 2001:DB8:AB00::/48 ISP-DR# ISP-DR(config)# interface gig 0/1 ISP-DR(config-if)# ipv6 dhcp server DHCPV6-CLIENT-ADDRESS ISP-DR(config)# ipv6 dhcp pool DHCPV6-CLIENT-ADDRESS ISP-DR(config-dhcpv6)# prefix-delegation pool DHCPV6-PD-POOL ISP-DR(config-dhcpv6)# dns-server 2001:DB8:AAAA::1 ISP-DR(config)# ipv6 local pool DHCPV6-PD-POOL 2001:DB8:AB00::/40 48 • Other verification commands: • show ipv6 dhcp binding • show ipv6 dhcp interface
HOME-RR Verification 2001:DB8:FEED:6::/64 2001:DB8:AB00:1::/64 G0/1 :1 G0/1 :EUI-64 G0/0 :1 ISP-DR HOME-RR HOME-RR# show ipv6 inter brief GigabitEthernet0/0 [up/up] FE80::1 2001:DB8:AB00:1::1 GigabitEthernet0/1 [up/up] FE80::8A5A:92FF:FE3B:29E1 2001:DB8:FEED:6:8A5A:92FF:FE3B:29E1 HOME-RR# SLAAC HOME-RR(config)# ipv6 unicast-routing HOME-RR(config)# interface gig 0/1 HOME-RR(config-if)# ipv6 address autoconfigdefault HOME-RR(config-if)# ipv6 dhcp client pdDHCPV6-PREFIX-FROM-ISP HOME-RR(config)# interface gig 0/0 HOME-RR(config-if)# ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64
HOME-RR Verification 2001:DB8:FEED:6::/64 2001:DB8:AB00:1::/64 G0/1 :1 G0/1 :EUI-64 G0/0 :1 ISP-DR HOME-RR Router Advertisement 2001:DB8:AB00:1::/64 HOME-RR# show ipv6 interface gig 0/0 GigabitEthernet0/0 is up, line protocol is up General-prefix in use for addressing Global unicast address(es): 2001:DB8:AB00:1::1, subnet is 2001:DB8:AB00:1::/64 [CAL/PRE] <Output ommited> Hosts use stateless autoconfig for addresses. HOME-RR# HOME-RR(config)# ipv6 unicast-routing HOME-RR(config)# interface gig 0/1 HOME-RR(config-if)# ipv6 address autoconfigdefault HOME-RR(config-if)# ipv6 dhcp client pdDHCPV6-PREFIX-FROM-ISP HOME-RR(config)# interface gig 0/0 HOME-RR(config-if)# ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64
HOME-RR Verification 2001:DB8:FEED:6::/64 2001:DB8:AB00:1::/64 Default Route G0/1 :1 G0/1 :EUI-64 G0/0 :1 ISP-DR HOME-RR X 2001:DB8:AB00::/48 HOME-RR# show ipv6 route IPv6 Routing Table - default - 7 entries Codes: ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr– Redirect ND ::/0 [2/0] via FE80::FEED:1, GigabitEthernet0/1 S 2001:DB8:AB00::/48 [1/0] via Null0, directly connected <Output omitted> HOME-RR# Discard route HOME-RR(config)# ipv6 unicast-routing HOME-RR(config)# interface gig 0/1 HOME-RR(config-if)# ipv6 address autoconfigdefault HOME-RR(config-if)# ipv6 dhcp client pdDHCPV6-PREFIX-FROM-ISP HOME-RR(config)# interface gig 0/0 HOME-RR(config-if)# ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64
HOME-RR Verification 2001:DB8:FEED:6::/64 2001:DB8:AB00:1::/64 G0/1 :1 G0/1 :EUI-64 G0/0 :1 ISP-DR HOME-RR Router Advertisement 2001:DB8:AB00:1::/64 HOME-RR(config)# interface gig 0/0 HOME-RR(config-if)# ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64 HOME-RR(config-if)# ipv6 address fe80::1 link-local PC> ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: IPv6 Address . . . . . . . . . . 2001:db8:ab00:1:1005:b37e:7e61:7ceb Link-local IPv6 Address. . . . . fe80::1005:b37e:7e61:7ceb Default Gateway. . . . . . . . . fe80::1 For a recognizable default gateway address
SLAAC Router(config)# ipv6 unicast-routing Router(config-if)# no ipv6 nd suppress-ra ! This is the default Stateless DHCPv6 Router(config-if)# ipv6 nd other-config-flag Router(config-if)# ipv6 dhcp server POOL-NAME Router(config)# ipv6 dhcp pool POOL-NAME Router(config-dhcpv6)# dns-server dns-address Router(config-dhcpv6)# domain-name domain-name Stateful DHCPv6 Router(config-if)# ipv6 nd managed-config-flag Router(config-if)# ipv6 dhcp server POOL-NAME Router(config)# ipv6 dhcp pool POOL-NAME Router(config-dhcpv6)# address prefix ipv6-prefix/prefix-length Router(config-dhcpv6)# dns-server dns-address Router(config-dhcpv6)# domain-name domain-name DHCPv6-PD option Router(config-dhcpv6)# prefix-delegation pool ipv6-prefix/prefix-length ! Add to POOL-NAME Router(config)# ipv6 local pool POOL-NAME ipv6-address-block/prefix-length subnet-prefix-length Client Server Router Advertisement Router Advertisement M=1 Router Advertisement O=1 To all DHCPv6 Servers
Client Server Router as SLAAC client SLAAC Client(config-if)# ipv6 address autoconfig [default] ! default option used for DHCPv6-PD Router as a DHCPv6 Client (Stateless or Stateful) DHCPv6 Client(config-if)# ipv6 enable ! IPv6 link-local required to send DHCPv6 messages Client(config-if)# ipv6 address dhcp Router as a DHCPv6-PD Client DR-facing Interface using SLAAC or DHCPv6 Client(config-if)# ipv6 dhcp client pdPOOL-NAME ! Request DHCPv6-PD LAN-facing Interface Client(config)# ipv6 address POOL-NAME ::subnet-interfaceid-address/prefix-length
What we covered… • DHCPv4 – Remember IPv4? • ICMPv6 – Used more than ICMPv4 • SLAACers – IPv6 Addressing without DHCPv6 • Stateless DHCPv6 – I have my address but need some other stuff • Stateful DHCPv6 – Just like DHCPv4 (only different) • DHCPv6-PD (Prefix Delegation) – IPv6 Prefix for the “home”
Shameless plug! Web Site, Book, Etc. • Rick Graziani - graziani@cabrillo.edu • PowerPoints for CCNA, CCNP, IPv6 • www.cabrillo.edu/~rgraziani • Username = cisco • Password = perlman Quality time with my two nieces…
And…… Thank you very much! Rick Graziani - graziani@cabrillo.edu www.cabrillo.edu/~rgraziani Username = cisco Password = perlman