Configuracion dinámica de IPv6

■ Stateful DHCP
■ Stateless Address Autoconfiguration (SLAAC)
Direcciones Link-local
• Cada host (incluidos los routers) usan una dirección adicional llamada link-
local, usadas solamente dentro de la red local, no pueden ser enrutadas a
otra red remota.

• Hay ciertos protocolos que usan estas direcciones como el NDP (Neighbor
Discovery Protocol), el cual reemplaza a ARP de IPv4.

• Los routers usan las direcciones link local como dirección de siguiente
salto.

• Los hosts usan a las direcciones link local como su Gateway

predeterminado
Y en el show ipv6 route aparecerán las link-
local
• Unicast (not multicast): Link-local addresses represent a single host, and
packets sent to a link-local address should be processed by only that one
IPv6 host.

• Forwarding scope is the local link only: Packets sent to a link-local address
do not leave the local data link because routers do not forward packets
with link-local destination addresses.

• Automatically generated: Every IPv6 host interface (and router interface)

can create its own link-local address automatically, solving some
initialization problems for hosts before they learn a dynamically learned
global unicast address.

• Common uses: Link-local addresses are used for some overhead protocols
that stay local to one subnet and as the next-hop address for IPv6 routes.
Asignación

As a result, a router’s complete link-local address should be

unique because the MAC address that feeds into the EUI-64
process should be unique.
Ejemplo
IOS can either automatically create the link-local address, or it
can be configured. IOS chooses the link-local address for the
interface based on the following rules:
• If configured, the router uses the value in the ipv6 address address
link-local interface subcommand. Note that the configured link-local
address must be from the correct address range for link-local
addresses; that is, an address from prefix FE80::/10. In other words,
the address must begin with FE8, FE9, FEA, or FEB.

• If not configured, the IOS calculates the link-local address using EUI-
64 rules, as discussed and demonstrated in and around Example 30-7.
The calculation uses EUI-64 rules even if the interface unicast address
does not use EUI-64.
Enrutamiento IPv6 con solo las link local
addresses
Sólo hay que activar la interfaz con el comando:
ipv6 enable

Esto se activa por default al usar el comando:

ipv6 address address prefix
Uso del comando IPv6 enable
Multicast IPv6
Verificando que multicast usa una
determinada interfaz
Solicited-Node Multicast Addresses
• Una dirección multicast de nodo solicitado es una dirección que
coincide solo con los últimos 24 bits de la dirección IPv6 unicast
global de un dispositivo. Los únicos dispositivos que deben procesar
estos paquetes son aquellos que tienen estos mismos 24 bits en la
porción menos significativa que se encuentra más hacia la derecha de
la ID de interfaz.

• Se crea de forma automática cuando se asigna la dirección unicast

global o la dirección unicast link-local
• Se crea combinando un prefijo especial FF02:0:0:0:0:1:FF00::/104 con
los 24 bits de su dirección unicast que se encuentran en el extremo
derecho.
Anycast Address: Implementadando
• Dos routers configuran la misma dirección IPv6, designada como una
dirección anycast, para soportar algún servicio.

• En el futuro, cuando cualquier router recibe un paquete para esa

dirección anycast, los demás routers simplemente enrutan el paquete
al más cercano de los routers que soportan la dirección.
Direcciones IPv6 especiales
• The unknown (desconocida) IPv6 address, ::, or all 0s
• The loopback IPv6 address, ::1,

• Un host puede utilizar la dirección desconocida (: :) cuando su propia

dirección IPv6 no se conoce todavía, o cuando el host se pregunta si
su propia dirección IPv6 podría tener problemas. Por ejemplo, los
hosts usan la dirección desconocida durante las primeras etapas de
descubrir dinámicamente su dirección IPv6. Cuando un host todavía
no sabe qué dirección IPv6 usar, puede usar la dirección ::: como su
dirección IPv6 de origen.
Resumen de comandos
The Neighbor Discovery Protocol
• Los hosts IPv6 necesitan conocer varias configuraciones IPv6
importantes que reflejen la configuración necesaria en los hosts IPv4:
una dirección, la longitud de prefijo asociada (equivalente a la
máscara), la dirección del Gateway predeterminada y las direcciones
del servidor DNS.
Funciones de NDP
• SLAAC: When using Stateless Address Auto Configuration (SLAAC), the host uses NDP
messages to learn the first part of its address, plus the prefix length.

• Router Discovery: Hosts learn the IPv6 addresses of the available IPv6 routers in the
same subnet using NDP messages.

• Duplicate Address Detection: No matter how a host sets or learns its IPv6 address, the
host waits to use the address until the host knows that no other host uses the same
address. How does a host detect this problem? Using NDP messages, of course, through
a process called Duplicate Address Detection (DAD).

• Neighbor MAC Discovery: After a host has passed the DAD process and uses its IPv6
address, a LAN-based host will need to learn the MAC address of other hosts in the same
subnet. NDP replaces IPv4’s ARP, providing messages that replace the ARP Request and
Reply messages.
Descubriendo routers con NDP RS y RA
NDP usa el protocolo ICMPv6 para sus mensajes de comunicación. Estos
mensajes ayudan a que los routers aprendan información de
direccionamiento y de subred:

• Router Solicitation (RS): This message is sent to the “all-IPv6-routers” local-

scope multicast address of FF02::2 so that the message asks all routers, on
the local link only, to identify themselves

• Router Advertisement (RA): This message, sent by the router, lists many
facts, including the link-local IPv6 address of the router. When unsolicited,
it is sent to the all-IPv6-hosts local-scope multicast address of FF02::1.
When sent in response to an RS message, it flows back to either the unicast
address of the host that sent the RS or to the all-IPv6- hosts address
FF02::1.
Ejemplo de como PC1 puede aprender la
dirección link local del router:
• IPv6 no utiliza broadcast, pero utiliza multicasts. En este caso, el
mensaje RS fluye a la dirección de multicast de todos los routers
(FF02 :: 2) para que todos los routers reciban el mensaje. Tiene el
mismo efecto que un broadcast con IPv4, sin los negativos de un
broadcast . En este caso, sólo los routers IPv6 pasarán procesarán el
mensaje RS. El mensaje RA puede fluir ya sea a la dirección IPv6
unicast de PC1 o a la dirección FF02 :: 1 de todos los nodos.
Descubriendo direccionamiento por SLAAC.

Con los mensajes de RS y RA se puede descubrir el prefijo y la longitud de prefijo

Descubriendo direcciones de vecinos con
NDP (RS y RA)
• NDP define otro par de mensajes

• Neighbor Solicitation (NS) - Actua como en ARP Request de IPv4

• Neighbor Advertisement (NA) - Actua como en ARP Reply de IPv4
• Neighbor Solicitation (NS): Este mensaje solicita a un host con una
dirección IPv6 particular (la dirección de destino) que envíe una NA
con su dirección MAC incluida. El mensaje NS se envía a la dirección
de multicast de nodo solicitado asociada con la dirección de destino,
por lo que el mensaje sólo se procesa por los hosts cuyos últimos seis
dígitos hexadecimales coinciden con la dirección que se está
consultando.
• Anuncio de vecinos (NA): este mensaje contiene la dirección de
origen asi como la dirección de destino, junto con la dirección MAC
que se buscaba en el NS. Se envía de nuevo a la dirección unicast del
host que envió el mensaje NS original. En algunos casos, un host envía
una NA no solicitada, en cuyo caso el mensaje se envía a la dirección
de multidifusión de los hosts IPv6 FF02 :: 1.
Ejemplo de NDP en acción obteniendo la
MAC de su vecino

Hay una tabla de vecinos de NDP asi como la tabla de ARP

• Un host envía un mensaje NS que contiene la dirección que el host
desea utilizar como dirección de destino. Si no existe duplicado,
ningún otro host debe responder con una NA. Sin embargo, si otro
host ya usa esa dirección, ese host responderá con un NA,
identificando un uso duplicado de la dirección.
Dynamic Configuration Using Stateful DHCP and NDP, More specifically,
stateful DHCPv6 works like the more familiar DHCP for IPv4 in many other
general ways, as follows:
• ■ DHCP clients on a LAN send messages that flow only on the local LAN, hoping to find a
DHCP server.
• ■ If the DHCP server sits on the same LAN as the client, the client and server can
exchange DHCP messages directly, without needing help from a router.
• ■ If the DHCP server sits on another link as compared to the client, the client and server
rely on a router to forward the DHCP messages.
• ■ The router that forwards messages from one link to a server in a remote subnet must
be configured as a DHCP Relay Agent, with knowledge of the DHCP server’s IPv6 address.
• ■ Servers have configuration that lists pools of addresses for each subnet from which the
server allocates addresses.
• ■ Servers offer a lease of an IP address to a client, from the pool of addresses for the
client’s subnet; the lease lasts a set time period (usually days or weeks).
• ■ The server tracks state information, specifically a client identifier (often based on the
MAC address), along with the address that is currently leased to that client.
DHCPv6 se divide en Stateless y Stateful
• DHCPv6 Stateful es similar a DHCPv4 ya que el servidor lleva un
seguimiento de que direcciones ha arrendado a determinados hosts.

• DHCP Stateless no lleva ningún seguimiento de ningún host.

Diferencia entre DHCPv4 y DHCPv6 Stateful

El Default router o default Gateway en IPv6 se aprende por NDP

Los mensajes de DHCPv6 que reemplazan a los mensajes de
DHCPv4 Discover, Offer, Request, and Acknowledgment (DORA)
son:
DHCPv6 Relay Agent
Destination address of “all-DHCP-agents” FF02::1:2:
Configuración DHCPv6 Relay
Stateless Address Auto Configuration (SLAAC)
• Usando DHCPv6 requiere cierto conocimiento y atención por parte
del staff de IT, SLAAC de IPv6 ayuda a resolver esto sin la necesidad de
tener un servidor.
Proceso de SLAAC
1 - Aprenda el prefijo IPv6 usado en el enlace, desde cualquier router,
usando mensajes NDP RS / RA.
2 - Elija su propia dirección IPv6 formando el valor ID de la interfaz
seguido del prefijo aprendido previamente.
3 - Antes de utilizar la dirección, utilice primero DAD para asegurarse de
que ningún otro host ya esté utilizando la misma dirección.
DHCP Stateless y SLAAC
• El host hace uso de DHCP sin estado (stateless) para aprender las
direcciones IPv6 de un servidor DNS.
Con DHCPv6 sin estado (stateless), el servidor DHCPv6

■ Sólo necesita una configuración simple, específicamente un número

pequeño de direcciones para los servidores DNS, pero nada más

■ No necesita ninguna configuración de sub-subred: ninguna lista de

subredes, ninguna agrupación de direcciones por subred, ninguna lista de
direcciones excluidas por subred y ninguna longitud de prefijo por subnet

■ No tiene necesidad de rastrear la información de estado sobre los

contratos de arrendamiento de DHCP, es decir, qué dispositivos alquilan la
dirección IPv6 porque el servidor no alquila direcciones a ningún cliente
Topología con IPv6
Config R1
Show ipv6 route
Enrutamiento estatico IPv6
Config de IPv6 siguiente salto
Estaticas por default IPv6
OSPFv3
• La diferencia de OSPFv2 recae en como se estructuran las LSAs y se
crean nuevas estructuras de datos, pero no se ve a nivel CCNA, sino a
nivel CCNP.
Configuración
Topologia
Config
EIGRP for IPv6
BGP
• – Interior Gateway Protocol (IGP): A routing protocol operating
within an Autonomous System (AS) like OSPF, EIGRP… Usually routers
running IGP are under the same administration (of a company,
corporation, individual)
– Exterior Gateway Protocol (EGP): A routing protocol operating
between different AS. BGP is the only EGP used nowadays
• In the topology above R1, R2 and R3 should run an IGP to communicate with each other because
they are in the same AS. But to connect with other routers in another AS (like a different ISP), R1
and R3 must use an EGP.
• In the topology above R1 and R3 are operating in BGP AS 1. If an AS connects to the public
Internet using an EGP, then it must be assigned a unique AS number which is managed by the
Internet Assigned Numbers Authority (IANA). IANA manages the AS numbers from 1 to 64,512 for
public use (similar to public IP addresses) while 64,512 to 65,535 numbers are reserved for
private use (similar to private IP addresses).
Autonomous system (AS)
• With BGP, the term autonomous system (AS) refers to a network that
operates separately from other networks and usually operates within
a single administrative domain. Each AS is represented by an AS
number. It is similar to EIGRP AS in this aspect. BGP is used mainly by
the Internet Service Provider (ISP) all over the world. Each ISP usually
has one BGP AS number (some very big ISP may have a few AS
numbers). BGP AS numbers can be between 1 to 65,535.
Terminos de BGP
+ BGP speaker: a router running BGP
+ BGP peer or BGP neighbor: Any two routers that have formed a TCP
connection to exchange BGP routing information (as BGP runs over TCP on
port 179, not UDP)
+ Prefix: Maybe you learned the word “subnet”. In BGP world, it is usually
called “prefix” because BGP usually does not advertise small subnets. It
advertises blocks of large subnets so “prefix” is often used instead
+ Internal BGP (iBGP): refers to the BGP neighbor relationship within the
same AS. The iBGP neighbor does not have to be directly connected
+ External BGP (eBGP): refers to the BGP neighbor relationship between two
peers belongs to different AS. It is recommended that eBGP should be
directly connected. Never run an IGP between eBGP peers.
• In the below topology suppose all routers are running BGP then R1 is
considered internal BGP to R2 and R3 (as they are running same AS 1)
but is external BGP to R4. R5 is internal to R4 and R6 but external to
R3.
Why do we need BGP?
• Maybe you will raise a question: “Why can’t we only use OSPF or
EIGRP instead?”

The most important reason is BGP greatly supports path control.

• Maybe you learned and understood about EIGRP, OSPF routing
protocols. They are different but both of them have the same
purpose: find the most optimal path to the destination. But when we
are working in ISP level we don’t care much about this. In ISP we
really want to control the path, even it is not the most optimal path,
to the destination. For example, how can you choose which path to
go from AS 1 to AS 3 in the topology below?
Suppose an IGP (like OSPF) is using all the way. With default values and
same bandwidth on all the links, OSPF will choose the path AS 1 -> AS 2
-> AS 3. In order to manipulate the path we will have to change the
bandwidth of some interfaces on the edge routers of each AS. A few
months later we want to change the path then we have to configure
the bandwidth again. With BGP we can easily define the path like this:
“to go from AS 1 to AS 3 we will go through AS 2 then AS 4 then AS 5”.
Moreover we can easily control the ratio of traffic passing through each
link. BGP can do this because it has a rich set of features to control the
paths to the destination. One of the most popular features BGP uses to
control the path is known as “attributes”. However, discussion about
“attributes” is out of the scope of this course.
• In fact, BGP is a path vector protocol. Path vector protocol does not
rely on the bandwidth of the links (like OSPF) or hop count (like RIP)
or a group of parameters (like EIGRP). Path vector protocol relies on
the number of autonomous systems it has to go through. In other
words, it choose the path with least number of autonomous systems
(shortest AS Path) to reach the destination, provided that the path is
loop-free. Of course we can change the path easily for our purpose.

For example in the last topology, if all the values are default and same, BGP
will choose the path AS 1 -> AS 2 -> AS 3 for traffic from AS 1 destined to AS
3 because it only has to go through one AS (AS 2).
Otra Razón para usar BGP
• Another reason to use BGP is BGP can handle very big routing tables.
The ISP level of routing do had large number of routes, which IGP
cannot handle. BGP handle such large routes between AS. Currently
the global Internet routing table contains over 500,000 routes.

• Another good reason to use BGP is because the great benefits of

MPLS-based virtual private networks (MPLS VPN)
Type of connection to ISP: BGP is often used to connect to the
ISP so we list here all the type of connection to the ISP.
• Single homed
Your company may connect to ISP in several ways. The most popular
and simple way is single homed with a single link between the
company and the ISP. With this design, only one possible next-hop
router exists for all routes to the Internet.
• A big disadvantage of this design is when the link fails or either of the
routers fails, the connection to the Internet fails as well. But of
course, this design saves money comparing to multiple connections to
the Internet designs and in fact it is the only reason for small
company to accept this design.
• With this design we don’t need BGP in fact, all things we need are:
• + A default route from the company to the ISP
+ A static route from the ISP to the company’s public address range
Dual homed
The next design is called “dual homed”, in which the “dual”
word refers to the designs with two links to the same router.

In this design we can use BGP to share the traffic between two routers of the
company with our specific ratio (load balancing) or fail over. Of course this
design is better in redundancy than the first one but it still has a “single point
of failure” at the ISP router.
Single Multihomed: refers to:
+ Having connections to multiple ISPs from one router at the company
+ Single link per ISP.

This design is good if we want to separate important traffic to a specific ISP while
still has the other ISP as the fail over path.
Dual Multihomed
+ Multiple links per ISP
+ Multiple links to Company
• If your company has a strong budget then Dual Multihomed design is
ideal to make sure your connection to outside is always up. And BGP
is highly recommended in this case.
• In conclusion, except Single Homed design, BGP can be used
effectively to control the traffic between your company/corporation
to ISPs.
Configuration
Simple eBGP (two BGP routers with different Autonomous System
numbers) configuration between two routers with the topology below:
So we have just configured interface fa0/0 and loopback0 on
both routers. Next we will configure the BGP configuration part
on R1:

• The configuration is very simple with only two lines on R1. In the first line, BGP configuration
begins with a familiar type of command: the router bgp command, where AS number is the BGP
AS number used by that router (same as EIGRP, OSPF configuration).
• The next command defines the IP address of the neighbor. Unlike OSPF or EIGRP, BGP cannot
discover its neighbors automatically so we have to explicitly declare them. We also have to know
and declare the neighbor’s BGP AS number as well. In this case R1 wants to establish BGP
neighbor relationship with R2 (in BGP AS 2) so it choose an interface on R2 (Fa0/0: 11.0.0.2) and
specify R2 is in BGP AS 2 via the command “neighbor 11.0.0.2 remote-as 2“. At the other end R2
will do the same thing for R1 to set up BGP neighbor relationship.
After a moment we should see a message (on each router) similar to the following,
letting us know that an adjacency has been formed:
So after forming BGP neighbor relationship we can verify by
using the “show ip bgp summary” command on both routers:
• Pay attention to the “State/PfxRcd” column of the output. It indicates
the number of prefixes that have been received from a neighbor. If
this value is a number (including “0”, which means BGP neighbor does
not advertise any route) then the BGP neighbor relationship is good.
If this value is a word (including “Idle”, “Connect”, “Active”,
“OpenSent”, “OpenConfirm”) then the BGP neighbor relationship is
not good.
• In the outputs above we see the BGP neighbor relationship between
R1 & R2 is good with zero Prefix Received (PfxRcd) because they have
not advertised any routes yet.
• How about the BGP routing table? We can check with the “show ip
bgp” command but currently this table is empty! This is because
although they formed BGP neighbor relationship but they have not
exchanged any routes. Let’s try advertising the loopback 0 interface
on R1 to R2:

• As you see, unlike other routing protocols like OSPF or EIGRP, we have
to use subnet mask (255.255.255.0 in this case), not wildcard mask,
to advertise the routes in the “network” command.
• Note: With BGP, you must advertise the correct network and subnet
mask in the “network” command ( in this case network 1.1.1.0/24).
BGP is very strict in the routing advertisements. In other words, BGP
only advertises the network which exists exactly in the routing table
(in this case network 1.1.1.0/24 exists in the routing table as the
loopback 0 interface). If you put the command “network 1.1.0.0 mask
255.255.0.0” or “network 1.0.0.0 mask 255.0.0.0” or “network 1.1.1.1
mask 255.255.255.255” then BGP will not advertise anything
Now the BGP routing tables on these two routers
contain this route:
• An asterisk (*) in the first column means that the route has a valid next
hop. A greater-than sign (>) indicates the route has been selected as the
best path to that network.
• The “Metric” column here is not the usual metric like in OSPF or EIGRP. It is
the Multi Exit Discriminator (MED) attribute of BGP. “Weight” is another
BGP attribute. The default values of both MED and Weight are 0 (as you
see at the outputs above).
• The “Path” column shows the AS paths that prefix were sent to reach us. It
would better to read the “Path” from right to left to understand which path
this prefix travel to reach our router. Letter “i” is considered the starting
point of the prefix and the next number is the originating AS where this
prefix originated. Next numbers are the recorded paths it traveled. For
example if a prefix had to travel from AS 1 -> 2 -> 3 -> 4 -> 5 (our AS) then
we will see the path “4 3 2 1 i” on our router.
• Note: A blank AS path (only letter “i” is shown) means that the route
was originated in the local AS. In the R1 output above, network
1.1.1.0/24 is originated from R1 so we see the path only has one
letter “i”.
• One notice is on R1 the “Next Hop” is 0.0.0.0 which means this prefix
is originated from the local router. On R2 the Next Hop is pointing
toward the interface Fa0/0 of R1 (11.0.0.1) to which R2 will send
traffic for the destination 1.1.1.0/24.
• Now R1 advertised prefix 1.1.1.0/24 to R2 so we can re-check R2 with
the “show ip bgp summary” command to see the “Prefix received”
increased to 1:
Also in the routing table of R2 we will see this prefix, which is advertised
with BGP from R1:
• This lab only mentioned about the most basic configuration of BGP
and introduced two most important commands of BGP, which are
“show ip bgp summary” and “show ip bgp”. In practical BGP is often
much more complex with many attributes, routing policies,
redistribution,… used.