While I have been working with networking (about a year and a half seriously/professionally), it has all been IPv4. IPv6 has been featured only in the certification studies and even then it has been awfully basic.
I am currently pursuing the CCNA Security and aiming to get certified before the old exam is retired (I bought the book a while ago and I don’t want to have to buy another one). Like most of the associate certifications from Cisco they have a chapter on IPv6. It is very similar to IPv6 in the Routing & Switching track, but it seemed to stick better with me this time. I decided to make an effort to setup my home network with IPv6.
My Internet service provider is GET and on their website they state that they support IPv6 with prefix delegation. I used a MicroNugget from CBT Nuggets to setup prefix delegation on my router (a Cisco 881).
This is how I setup the router to get the prefix from Get.
interface FastEthernet 4
ipv6 enable
ipv6 address autoconfig default
ipv6 dhcp client pd FROM-ISP
The prefix received can be seen with the command show ipv6 interface Fa4
or show ipv6 general-prefix
. With the show ipv6 interface
command the DNS servers provided by the ISP is also seen, as well as various information like the referesh timer enad lifetime of the prefix.
So now I have a /60 from my ISP. What should I do with this? The suggested subnet size for IPv6 networks is /64 for simplicity and feature compliance. If you do not want to do the calculations, a /60 will give 16 /64 networks and plenty of addresses.
To setup the individual vlan to receive one /64 from the /60 network, I did the following on the interface for vlan 1.
int vlan 1
ipv6 enable
ipv6 address FROM-ISP ::1/64
To verify run show ipv6 interface vlan 1
and look after your global unicast address.
Now my clients are receiving/calculating their IPv6 address with base in the /64 I have assigned to the vlan. A show ipv6 neighbors
will show the bindings between the IPv6 addresses and the MAC addresses, much like the show ip arp
does with IPv4 addresses. If you need to look up the different states check out RFC 4861.
On my windows machine I am checking my ipconfig and I see that I have received/configured an IPv6 address. To properly test the connection I have disabled the IPv4 protocol on the machine. By looking through the ipconfig I can see I am missing DNS servers. I have not received them from my provider. Or, I have not relayed the DNS servers from the provider to my clients.
The clients are automatically configuring the IPv6 address, but only that. They get no information about DNS servers or domain-name. To do this IPv6 has the ability to send out DHCP information about “other configuration”. And this has the fitting name “other-config-flag” on Cisco.
First it is necessary to create the DHCP pool.
ipv6 dhcp pool POOL-1
dns-server 2001:4860:4860::8888
dns-server 2001:4860:4860::8844
I am using Google’s DNS servers, they have even managed to create an easy-to-remember IPv6 address!
On the vlan interface I need to add the other-config-flag and tell it to serve from the newly created DHCP pool.
int vlan 1
ipv6 nd other-config-flag
ipv6 dhcp server POOL-1
That should be it! Native IPv6 should now be flowing through your pipes! But remember, all the clients are now reachable on the Internet. There is no hiding behind the dynamic PAT anymore.
And if you want to roam the Internet without hanging on to that old and smelly IPv4 address… be prepared to be disappointed! It is almost impossible to keep up your normal browsing habits only with IPv6 addresses, so many websites have yet to implement this.