Skip to main content

IPv6 - Key concepts

IPv6 Addressing

IPv6 addresses are 128-bit long and written in hexadecimal format. To simplify the address, leading zeros can be omitted, and consecutive groups of zeros can be replaced with "::" (only once in an address).

  • Technical Tip: Always remember that "::" can be used only once in an IPv6 address to avoid ambiguity.

Example:

Full: 2001:0db8:0000:0000:0000:ff00:0042:8329

Shortened: 2001:db8::ff00:42:8329

IPv6 Address Types

  • Unicast: Identifies a single interface (Global, Link-Local, Unique-Local).
  • Multicast: Packets sent to all interfaces in the group (e.g., FF00::/8).
  • Anycast: Address assigned to multiple interfaces, routing the packet to the nearest device.
  • Technical Tip: IPv6 doesn't support broadcast; multicast is used for similar purposes.

IPv6 Stateless Autoconfiguration (SLAAC)

With Stateless Address Autoconfiguration (SLAAC), hosts can configure their own IP addresses based on the router’s advertisements. This provides a simple mechanism for address assignment without DHCP.

  • Technical Tip: SLAAC uses Neighbor Discovery Protocol (NDP) to obtain the prefix from Router Advertisements (RA) and then auto-generates the host portion using EUI-64 format.

IPv6 Address Configuration

There are three ways to assign an IPv6 address to an interface:

  1. Manual Global Unicast:

Router(config-if)# ipv6 address 2001:db8::1/64

  1. EUI-64 Autoconfiguration:

Router(config-if)# ipv6 address 2001:db8::/64 eui-64

    • This auto-generates the host part of the address using the MAC address.
  1. Link-Local:

Router(config-if)# ipv6 address fe80::1 link-local

    • Technical Tip: IPv6 link-local addresses are mandatory for communication between devices on the same link and automatically assigned.

IPv6 Routing

To enable IPv6 routing, use the following command:

Router(config)# ipv6 unicast-routing

  • Technical Tip: Without enabling IPv6 routing, routers can still have IPv6 addresses but won’t forward IPv6 traffic.

IPv6 Neighbor Discovery (NDP)

NDP replaces ARP in IPv6 and uses ICMPv6 for tasks like address resolution and Router Discovery. It comprises five key messages:

  • Router Solicitation (RS)
  • Router Advertisement (RA)
  • Neighbor Solicitation (NS): Similar to ARP in IPv4.
  • Neighbor Advertisement (NA)
  • Redirect
  • Technical Tip: NDP supports Duplicate Address Detection (DAD) to prevent IP conflicts by ensuring no other device is using the same address.

IPv6 and EUI-64

IPv6 uses EUI-64 to create unique host addresses by extending the 48-bit MAC address into a 64-bit interface identifier.

  • Technical Tip: EUI-64 splits the MAC address into two halves and inserts FFFE in the middle. The 7th bit of the first byte is flipped to indicate uniqueness.

DHCPv6

In addition to SLAAC, DHCPv6 is used for stateful address assignment and additional configurations like DNS servers.

  • Technical Tip: When Router Advertisements set the Managed Flag (M), hosts are prompted to use DHCPv6 for full address assignment.

IPv6 Security Considerations

  • Security Tip: IPv6 mandates the use of IPsec for end-to-end encryption. Ensure proper ACLs and filters are in place for managing IPv6 traffic and avoid open exposure of services.

IPv6 Transition Mechanisms

To support the transition from IPv4 to IPv6, several methods are used:

  1. Dual-Stack: Running both IPv4 and IPv6 on devices.
  2. Tunneling: Encapsulating IPv6 traffic in IPv4 packets (e.g., 6to4, ISATAP, GRE).
  3. NAT64: Translates IPv6 addresses to IPv4.
  • Technical Tip: Dual-Stack provides the most seamless transition as it allows both protocols to coexist until full IPv6 adoption.

Carrier-Grade NAT (CGN)

Used by ISPs to extend the life of IPv4 addresses, CGN translates private IPv4 addresses to a shared pool of public IPv4 addresses.

  • Technical Tip: ISPs typically use RFC 6598 (100.64.0.0/10) for CGN. This is separate from RFC 1918 private space and is intended for use within the ISP’s network.

By understanding these IPv6 concepts and configurations, you'll be better equipped to answer interview questions about IPv6 deployment, troubleshooting, and optimization.

Labels:

Comments

Post a Comment

Popular posts from this blog

Basic MPLS BGP and L3VPN Lab Setup

In this lab, we’ve set up a basic MPLS, BGP, and L3VPN environment, which is a great foundation for understanding how service providers build scalable networks. The lab uses the EVE-NG simulator along with Router IOS C7200-ADVENTERPRISEK9-M, Version 15.2(4)M8 to emulate a realistic MPLS environment. Below is a summary of the key components and roles of each router in the lab. MPLS Core Routers : The MPLS core consists of the routers responsible for label switching and forwarding customer traffic through the network: PE1 (Provider Edge 1) : Connects customer networks to the MPLS core and handles both MPLS and BGP routing. It also hosts VRF (Virtual Routing and Forwarding) instances for customers. PE2 (Provider Edge 2) : Functions similarly to PE1, connecting another customer network to the MPLS core. P1 (Core Router 1) and P2 (Core Router 2) : These routers serve as MPLS core routers and handle label switching but do not store or process customer routes directly. They simply f
Post a Comment
Read more

OSPF Adjacency Stuck in EXSTART on Cisco IOS XR – Issue and Solution

In a recent lab setup using Cisco IOS XR on EVE-NG, I faced a common but frustrating issue with OSPF adjacencies getting stuck in the EXSTART state. After spending considerable time troubleshooting interface MTUs and configurations, I discovered that the root cause was related to the virtual network interface type being used. This post outlines the issue, troubleshooting steps, and the eventual solution that got everything working. Issue: While configuring OSPF between two routers running Cisco IOS XR in my lab, OSPF adjacencies were getting stuck in the EXSTART state. I verified that interface configurations, MTU settings, and OSPF parameters were correct, but the problem persisted. I tried adjusting the MTU size, using the mtu-ignore command, and even checked for ACLs, but nothing seemed to resolve the issue. Troubleshooting Steps: MTU Settings: I started by verifying that both sides of the OSPF adjacency had matching MTUs. I used the default MTU and even tried different values wit
Post a Comment
Read more

How to Properly Clone an EVE-NG Lab with Configurations

Cloning labs in EVE-NG is a great way to duplicate setups and expand or experiment on a new copy without affecting the original lab. However, if not done correctly, the cloned lab may only copy the topology without configurations. In this guide, I’ll show you how to properly clone a lab in EVE-NG with all configurations using the EVE-NG GUI . Follow these steps to ensure that both the topology and router configurations are retained when cloning your lab. Steps to Clone an EVE-NG Lab with Configurations Save Running Configuration on All Devices In your original lab, make sure all devices have their configurations saved to NVRAM. Go into the CLI of each router and run the command: copy running-config startup-config Export All Configurations (CFGs) On the left sidebar in the EVE-NG Web UI , click on the "More Actions" option. Then select "Export all CFGs" . This step exports the configurations of all devices in the lab. Shutdown All Devices After exporting the confi
Post a Comment
Read more