IPv6 Static Routes

image

This just a simple setup to show static routes in IPv6,

R1

ipv6 unicast-routing

interface FastEthernet0/0
ipv6 address FC00:1:12:12::1/64

R2

ipv6 unicast-routing

interface FastEthernet0/0
ipv6 address FC00:1:12:12::1/64
interface lo0
ipv6 address 2001:2:22:22::2/64
 

We will then configure IPv6 default static route from R1 to R2 to reach the loopback of R2 but instead of pointing it to the IPv6 address of R2 f0/0 we will use f0/0 of R1

on R1

R1(config)#ipv6 route ::/0 FastEthernet0/0

now let’s try to ping R2 loopback interface

R1(config)#do p 2001:2:22:22::2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:2:22:22::2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

As we can see ping is failing, let’s debug IPv6 packets on R1

R1#debug ipv6 packet
IPv6 unicast packet debugging is on
R1#p 2001:2:22:22::2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:2:22:22::2, timeout is 2 seconds:

*Mar  1 07:12:47.494: IPv6: SAS picked source FC00:1:12:12::1 for 2001:2:22:22::2 (FastEthernet0/0)
*Mar  1 07:12:47.494: IPV6: source FC00:1:12:12::1 (local)
*Mar  1 07:12:47.494:       dest 2001:2:22:22::2 (FastEthernet0/0)
*Mar  1 07:12:47.498:       traffic class 0, flow 0x0, len 100+0, prot 58, hops 64, originating
*Mar  1 07:12:47.498: IPV6: source FC00:1:12:12::1 (local)
*Mar  1 07:12:47.498:       dest FF02::1:FF00:2 (FastEthernet0/0)
*Mar  1 07:12:47.502:       traffic class 224, flow 0x0, len 72+8, prot 58, hops 255, originating
*Mar  1 07:12:47.502: IPv6: Sending on FastEthernet0/0
*Mar  1 07:12:47.502: IPv6: Encapsulation failed

As we can see encapsulation failed, this means that R1 couldn’t construct resolve the mac address of the IPv6 address that it need to send traffic to

To further verify this we will replicate the setup using IPv4

R1(config)#interf f0/1
R1(config-if)#ip address 10.1.12.1 255.255.255.0

R1(config)# ip route 0.0.0.0 0.0.0.0 f0/0

and R2

R2(config)#interf f0/1
R2(config-if)#ip address 10.1.12.2 255.255.255.0

R2(config)#interf lo0
R2(config-if)#ip address 2.2.2.2 255.255.255.255

R2# debug arp

now let’s try to ping from R1 to R2 loopback

R1(config-if)#do p 2.2.2.2 

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 20/28/40 ms

and the debug output on R2

R2(config-if)#
*Mar  1 08:29:15.061: IP ARP: rcvd req src 10.1.12.1 c200.2790.0000, dst 2.2.2.2 FastEthernet0/0
*Mar  1 08:29:15.065: IP ARP: sent rep src 2.2.2.2 c205.2790.0000,
                 dst 10.1.12.1 c200.2790.0000 FastEthernet0/0

we see how R2 received an arp request for 2.2.2.2 and it replied with F0/0 interface, this is called proxy-arp

since 2.2.2.2 is one of R2 interfaces, and when it received an arp request on different interface for that IP address it replied back with the mac address of the interface it received the arp request on

R2(config-if)#
*Mar  1 08:29:15.061: IP ARP: rcvd req src 10.1.12.1 c200.2790.0000, dst 2.2.2.2 FastEthernet0/0
*Mar  1 08:29:15.065: IP ARP: sent rep src 2.2.2.2 c205.2790.0000,
                 dst 10.1.12.1 c200.2790.0000 FastEthernet0/0

We can change this by disabling proxy-arp under R2 interface f0/0

R2(config)#interface f0/0
R2(config-if)#no ip proxy-arp

if we ping again

R1(config-if)#do p 2.2.2.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

because IPv6 doesn’t have this feature, R1 fails to reach R2 loopback address

If we to add a static IPv6 neighbor to R1 (which is equivalent to static arp in IPv4)

we can get this to work

R1(config)#ipv6 neighbo 2001:2:22:2::2  f0/0 c205.2790.0000  

R1(config)#do p ipv6 2001:2:22:2::2                                   

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:2:22:2::2, timeout is 2 seconds:
!!!!!

remember that we will need to do that for every single IP address, the easiest way is just to point the default route to a next-hop IPv6 address

Comments

Post a Comment

Popular posts from this blog

BPDU Filter vs BPDU Guard

        Today we will try to explore the difference between these 2 options, BPDU guard and BPDU filter We know that BPDU are used to communicate between switches in L2 networks  to ensure loop free topology. BPDU Guard is used to protect our access (or trunks incase of servers) ports from receiving undesired BPDU packets, this feature is helpful in enforcing your network boundary in access layer BPDU Guard can be enabled on global configuration as well as under the interface configuration BPDU Filter on the other hand is used to filter BPDU packets outbound when configured  in global configuration (after sending 11 BPDU out ) and will filter BPDU inbound/outbound when configured under the interface level To better understand these two features, let’s use this simple topology R1 is connected to SW1 through F0/0 to have R1 send and receive BPDU we will simple configure bridging group 1 on the router and we will join the bridge group when desired to test our configuration BPDU
Read more

BGP Weight Attribute

Image
Before we start the lab let's see the BGP path selection process If the path specifies a next hop that is inaccessible, drop the update. •Prefer the path with the highest weight. •If the weights are the same, prefer the path with the largest local preference. •If the local preferences are the same, prefer the path that was originated by BGP running on this router. •If no route was originated, prefer the route that has the shortest AS_path. •If all paths have the same AS_path length, prefer the path with the lowest origin code (where IGP is lower than EGP, and EGP is lower than incomplete). •If the origin codes are the same, prefer the path with the lowest MED attribute. •If the paths have the same MED, prefer the external path over the internal path. •If the paths are still the same, prefer the path through the closest IGP neighbor. •Prefer the path with the lowest IP address, as specified by the BGP router ID. I read this on CCIE Pursuit blog We Love Oranges As O
Read more

OSPF–Point To Multipoint Non-Broadcast

Image
Using same setup that we have been using in the last 3 posts, we will change the network type to point-to-multipoint Non-Broadcast we will also add a Ethernet link between R2 and R3 and enable OSPF on it Our final configuration should be something like this R1 interface Serial0/0   no ip address   encapsulation frame-relay   no frame-relay inverse-arp ! interface Serial0/0.123 multipoint   ip address 10.1.123.1 255.255.255.0   ip ospf network point-to-multipoint non-broadcast   ip ospf 1 area 0   frame-relay map ip 10.1.123.2 102   frame-relay map ip 10.1.123.3 103 !          router ospf 1   router-id 1.1.1.1   log-adjacency-changes   neighbor 10.1.123.2   neighbor 10.1.123.3 R2 interface Serial0/0   no ip address   encapsulation frame-relay   no frame-relay inverse-arp ! interface Serial0/0.123 multipoint   ip address 10.1.123.2 255.255.255.0   ip ospf network point-to-multipoint non-broadcast   ip ospf 1 area 0   frame-relay map ip 10.1.123.1 201 R3 interface
Read more