Ease out your IPv6 gateway!
One of very cool features of IPv6 is link-local address which stays local to a given link. For this fe80::/10 is reserved. A /10 is a huge amount of address space in IPv6 (and in IPv4 too š ). This means fromĀ fe80:0000:0000:0000:0000:0000:0000:0000 to
febf:ffff:ffff:ffff:ffff:ffff:ffff:ffff.
Since by design link-local address stays local, the address configured on the upstream/gateway router can be kept same for ease of use and comfort. This wasn’t the case of IPv4 where each VLAN/layer 2 domain had it’s own gateway.
So e.g if you have two VLANs or interfaces say: Gi1/0Ā and Gi2/0. You decide to use 10.100.100.0/30 on Gi1/0 and 10.100.100.4/30 on Gi2/0. Thus usual configuration in IPv4 world goes as:
Link 1
10.100.100.1 – Uplink/gateway router
10.100.100.2 – User/downstream device
Link 2
10.100.100.5 –Ā Uplink/gateway router
10.100.100.6 – User/downstream device
Thus linkĀ 1 user has to use gateway different from link 2 user.
Traditional IPv4 networking
In case of IPv6 since each interface has unique global address as well as link local address, we can give any cool/easy-to-remember link local like fe80::1 on multiple interfaces and hence gateway can remainĀ same across multiple end machines.
Say we have got a pool:Ā 2a04:ec40:e01a::/48. Now we grab two /64 slices out of it (for each interface) –Ā 2a04:ec40:e01a:100::/64 andĀ 2a04:ec40:e01a:200::/64.
Link 1
2a04:ec40:e01a:100::1 – Uplink/gateway router
2a04:ec40:e01a:100::2 – User/downstream device
Link 2
2a04:ec40:e01a:200::1 –Ā Uplink/gateway router
2a04:ec40:e01a:100::2 – User/downstream device
IPv6 networking
Config of GW
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 |
GW#sh run Building configuration... Current configuration : 955 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname GW ! boot-start-marker boot-end-marker ! ! no aaa new-model ! ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0/0 no ip address shutdown duplex half ! interface GigabitEthernet1/0 description Link to user1 no ip address negotiation auto ipv6 address 2A04:EC40:E01A:100::1/64 ipv6 address FE80::1 link-local ! interface GigabitEthernet2/0 description Link to user2 no ip address negotiation auto ipv6 address 2A04:EC40:E01A:200::1/64 ipv6 address FE80::1 link-local ! interface GigabitEthernet3/0 no ip address shutdown negotiation auto ! interface GigabitEthernet4/0 no ip address shutdown negotiation auto ! ! no ip http server no ip http secure-server ! ! ! ! ! ! control-plane ! ! ! ! ! ! gatekeeper shutdown ! ! line con 0 stopbits 1 line aux 0 line vty 0 4 ! ! end GW# |
User 1
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 |
User1#sh run Building configuration... Current configuration : 878 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname User1 ! boot-start-marker boot-end-marker ! ! no aaa new-model ! ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0/0 no ip address shutdown duplex half ! interface GigabitEthernet1/0 description "Link to GW" no ip address negotiation auto ipv6 address 2A04:EC40:E01A:100::2/64 ! interface GigabitEthernet2/0 no ip address shutdown negotiation auto ! interface GigabitEthernet3/0 no ip address shutdown negotiation auto ! interface GigabitEthernet4/0 no ip address shutdown negotiation auto ! ! no ip http server no ip http secure-server ! ! ipv6 route ::/0 GigabitEthernet1/0 FE80::1 ! ! ! ! control-plane ! ! ! ! ! ! gatekeeper shutdown ! ! line con 0 stopbits 1 line aux 0 line vty 0 4 ! ! end User1# |
User 2
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 |
User2#sh run Building configuration... Current configuration : 879 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname User2 ! boot-start-marker boot-end-marker ! ! no aaa new-model ! ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0/0 no ip address shutdown duplex half ! interface GigabitEthernet1/0 description "Link to GW" no ip address negotiation auto ipv6 address 2A04:EC40:E01A:200::2/64 ! interface GigabitEthernet2/0 no ip address shutdown negotiation auto ! interface GigabitEthernet3/0 no ip address shutdown negotiation auto ! interface GigabitEthernet4/0 no ip address shutdown negotiation auto ! ! no ip http server no ip http secure-server ! ! ipv6 route ::/0 GigabitEthernet1/0 FE80::1 ! ! ! ! control-plane ! ! ! ! ! ! gatekeeper shutdown ! ! line con 0 stopbits 1 line aux 0 line vty 0 4 ! ! end User2# |
Quick connectivity tests
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
User1#ping 2A04:EC40:E01A:100::1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2A04:EC40:E01A:100::1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/32 ms User1# User1# User1#ping fe80::1 Output Interface: GigabitEthernet1/0 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to FE80::1, timeout is 2 seconds: Packet sent with a source address of FE80::C802:26FF:FE39:1C !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms User1# |
Example of a Linux interface config file (assuming user 1 is a Linux server)
|
1 2 3 4 5 6 7 |
iface eth0 inet6 static address 2A04:EC40:E01A:100::2 netmask 64 gateway fe80::1 accept_ra 0 autoconf 0 privext 0 |
I hope you enjoyed it. With hope to see more IPv6, time for me to get some sleep! š