Ease out your IPv6 gateway!

Networking

One of very cool features of IPv6 is link-local address which stays local to a given link. For this fe80::/10 is reserved. A /10 is a huge amount of address space in IPv6 (and in IPv4 too :) ). This means from fe80:0000:0000:0000:0000:0000:0000:0000 to febf:ffff:ffff:ffff:ffff:ffff:ffff:ffff.

Since by design link-local address stays local, the address configured on the upstream/gateway router can be kept same for ease of use and comfort. This wasn’t the case of IPv4 where each VLAN/layer 2 domain had it’s own gateway.   So e.g if you have two VLANs or interfaces say: Gi1/0 and Gi2/0. You decide to use 10.100.100.0/30 on Gi1/0 and 10.100.100.4/30 on Gi2/0.

Thus usual configuration in IPv4 world goes as:

Link 1 10.100.100.1 - Uplink/gateway router 10.100.100.2 - User/downstream device

Link 2 10.100.100.5 - Uplink/gateway router 10.100.100.6 - User/downstream device   Thus link 1 user has to use gateway different from link 2 user.  


Traditional IPv4 networking

  IPv4 network setup     In case of IPv6 since each interface has unique global address as well as link local address, we can give any cool/easy-to-remember link local like fe80::1 on multiple interfaces and hence gateway can remain same across multiple end machines. Say we have got a pool:  2a04:ec40:e01a::/48. Now we grab two /64 slices out of it (for each interface) -  2a04:ec40:e01a:100::/64 and 2a04:ec40:e01a:200::/64. Link 1 2a04:ec40:e01a:100::1 - Uplink/gateway router 2a04:ec40:e01a:100::2 - User/downstream device Link 2 2a04:ec40:e01a:200::1 - Uplink/gateway router 2a04:ec40:e01a:100::2 - User/downstream device    


IPv6 networking

Link Local IPv6

Config of GW

GW#sh run
Building configuration...
Current configuration : 955 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname GW
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex half
!
interface GigabitEthernet1/0
 description Link to user1
 no ip address
 negotiation auto
 ipv6 address 2A04:EC40:E01A:100::1/64
 ipv6 address FE80::1 link-local
!
interface GigabitEthernet2/0
 description Link to user2
 no ip address
 negotiation auto
 ipv6 address 2A04:EC40:E01A:200::1/64
 ipv6 address FE80::1 link-local
!
interface GigabitEthernet3/0
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet4/0
 no ip address
 shutdown
 negotiation auto
!
!
no ip http server
no ip http secure-server
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
 shutdown
!
!
line con 0
 stopbits 1
line aux 0
line vty 0 4
!
!
end
GW#

User 1

User1#sh run
Building configuration...
Current configuration : 878 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname User1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
ip cef
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex half
!
interface GigabitEthernet1/0
 description "Link to GW"
 no ip address
 negotiation auto
 ipv6 address 2A04:EC40:E01A:100::2/64
!
interface GigabitEthernet2/0
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet3/0
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet4/0
 no ip address
 shutdown
 negotiation auto
!
!
no ip http server
no ip http secure-server
!
!
ipv6 route ::/0 GigabitEthernet1/0 FE80::1
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
 shutdown
!
!
line con 0
 stopbits 1
line aux 0
line vty 0 4
!
!
end
User1#

User 2

User2#sh run
Building configuration...
Current configuration : 879 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname User2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
ip cef
!
!

!
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex half
!
interface GigabitEthernet1/0
 description "Link to GW"
 no ip address
 negotiation auto
 ipv6 address 2A04:EC40:E01A:200::2/64
!
interface GigabitEthernet2/0
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet3/0
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet4/0
 no ip address
 shutdown
 negotiation auto
!
!
no ip http server
no ip http secure-server
!
!
ipv6 route ::/0 GigabitEthernet1/0 FE80::1
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
 shutdown
!
!
line con 0
 stopbits 1
line aux 0
line vty 0 4
!
!
end
User2#

Quick connectivity tests

User1#ping  2A04:EC40:E01A:100::1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2A04:EC40:E01A:100::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/32 ms
User1#
User1#
User1#ping fe80::1
Output Interface: GigabitEthernet1/0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to FE80::1, timeout is 2 seconds:
Packet sent with a source address of FE80::C802:26FF:FE39:1C
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms
User1#

Example of a Linux interface config file (assuming user 1 is a Linux server)

iface eth0 inet6 static
    address 2A04:EC40:E01A:100::2
    netmask 64
    gateway fe80::1
    accept\_ra 0
    autoconf 0
    privext 0

I hope you enjoyed it. With hope to see more IPv6, time for me to get some sleep! :)