Tag Archives: Link-local

03 Aug

Ease out your IPv6 gateway!

One of very cool features of IPv6 is link-local address which stays local to a given link. For this fe80::/10 is reserved. A /10 is a huge amount of address space in IPv6 (and in IPv4 too šŸ™‚ ). This means fromĀ fe80:0000:0000:0000:0000:0000:0000:0000 to
febf:ffff:ffff:ffff:ffff:ffff:ffff:ffff.
 
Since by design link-local address stays local, the address configured on the upstream/gateway router can be kept same for ease of use and comfort. This wasn’t the case of IPv4 where each VLAN/layer 2 domain had it’s own gateway.
 
So e.g if you have two VLANs or interfaces say: Gi1/0Ā and Gi2/0. You decide to use 10.100.100.0/30 on Gi1/0 and 10.100.100.4/30 on Gi2/0. Thus usual configuration in IPv4 world goes as:
 
Link 1
10.100.100.1 – Uplink/gateway router
10.100.100.2 – User/downstream device
 
Link 2
10.100.100.5 –Ā Uplink/gateway router
10.100.100.6 – User/downstream device
 
Thus linkĀ 1 user has to use gateway different from link 2 user.
 

Traditional IPv4 networking

 
IPv4 network setup
 
 
In case of IPv6 since each interface has unique global address as well as link local address, we can give any cool/easy-to-remember link local like fe80::1 on multiple interfaces and hence gateway can remainĀ same across multiple end machines.
Say we have got a pool:Ā  2a04:ec40:e01a::/48. Now we grab two /64 slices out of it (for each interface) –Ā  2a04:ec40:e01a:100::/64 andĀ 2a04:ec40:e01a:200::/64.
Link 1
2a04:ec40:e01a:100::1 – Uplink/gateway router
2a04:ec40:e01a:100::2 – User/downstream device
Link 2
2a04:ec40:e01a:200::1 –Ā Uplink/gateway router
2a04:ec40:e01a:100::2 – User/downstream device
 
 

IPv6 networking

 
Link Local IPv6
 
 
 
Config of GW

GW#sh run
Building configuration...
Current configuration : 955 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname GW
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex half
!
interface GigabitEthernet1/0
 description Link to user1
 no ip address
 negotiation auto
 ipv6 address 2A04:EC40:E01A:100::1/64
 ipv6 address FE80::1 link-local
!
interface GigabitEthernet2/0
 description Link to user2
 no ip address
 negotiation auto
 ipv6 address 2A04:EC40:E01A:200::1/64
 ipv6 address FE80::1 link-local
!
interface GigabitEthernet3/0
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet4/0
 no ip address
 shutdown
 negotiation auto
!
!
no ip http server
no ip http secure-server
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
 shutdown
!
!
line con 0
 stopbits 1
line aux 0
line vty 0 4
!
!
end
GW#

 
User 1

User1#sh run
Building configuration...
Current configuration : 878 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname User1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex half
!
interface GigabitEthernet1/0
 description "Link to GW"
 no ip address
 negotiation auto
 ipv6 address 2A04:EC40:E01A:100::2/64
!
interface GigabitEthernet2/0
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet3/0
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet4/0
 no ip address
 shutdown
 negotiation auto
!
!
no ip http server
no ip http secure-server
!
!
ipv6 route ::/0 GigabitEthernet1/0 FE80::1
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
 shutdown
!
!
line con 0
 stopbits 1
line aux 0
line vty 0 4
!
!
end
User1#

 
User 2

User2#sh run
Building configuration...
Current configuration : 879 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname User2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex half
!
interface GigabitEthernet1/0
 description "Link to GW"
 no ip address
 negotiation auto
 ipv6 address 2A04:EC40:E01A:200::2/64
!
interface GigabitEthernet2/0
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet3/0
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet4/0
 no ip address
 shutdown
 negotiation auto
!
!
no ip http server
no ip http secure-server
!
!
ipv6 route ::/0 GigabitEthernet1/0 FE80::1
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
 shutdown
!
!
line con 0
 stopbits 1
line aux 0
line vty 0 4
!
!
end
User2#

 
 
Quick connectivity tests

User1#ping  2A04:EC40:E01A:100::1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2A04:EC40:E01A:100::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/32 ms
User1#
User1#
User1#ping fe80::1
Output Interface: GigabitEthernet1/0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to FE80::1, timeout is 2 seconds:
Packet sent with a source address of FE80::C802:26FF:FE39:1C
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms
User1#

 
Example of a Linux interface config file (assuming user 1 is a Linux server)

iface eth0 inet6 static
    address 2A04:EC40:E01A:100::2
    netmask 64
    gateway fe80::1
    accept_ra 0
    autoconf 0
    privext 0

 
 
I hope you enjoyed it. With hope to see more IPv6, time for me to get some sleep! šŸ™‚