1. 1 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada Regional Cisco Networking Academy Conference 2014 Giving you the knowledge and confidence to teach IPv6 DHCPv6-PD (Prefix Delegation) IPv6 Address Allocation to the Home Rick Graziani CS/CIS Instructor Cabrillo College

2. 2 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada The World of IPv4 – DHCPv4 and NAT ISP only has to deliver a public IPv4 address for Home router interface. DHCPv4 and RFC 1918 private address space is used for home network. NAT is used for translation – but has its drawbacks! No NAT (like that… kind of) for IPv6 ISP HOME Public IPv4 Address for the interface G0/1 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 G0/0 Private IPv4 Address NAT DHCPv4

3. 3 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada The World of IPv6 – DHCPv6-PD (Prefix Delegation) IPv6 End-to-end reachability: Home network gets its own IPv6 prefix (public address) No NAT ISP router is known as the Delegating Router (DR) HOME router is known as the Requesting Router (RR) ISP-DR HOME-RR G0/1 G0/0 Complete IPv6 Reachability Delegating Router (DR) Requesting Router (RR) Global IPv6 Address

4. 4 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada The World of IPv6 – DHCPv6-PD (Prefix Delegation) First, HOME’s ISP facing interface needs an IPv6 address. Similar to any IPv6 client it may dynamically get an address using: SLAAC - Using prefix in RA Stateful DHCPv6 - Like DHCPv4 Stateless DHCPv6 – Using prefix in RA and perhaps DNS address from DHCPv6 server What about the address for the HOME LAN? ISP-DR HOME-RR IPv6 Address for the interface: SLAAC DHCPv6 (Stateful or Stateless) G0/1 G0/0 Complete IPv6 Reachability Delegating Router (DR) Requesting Router (RR) ?

5. 5 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada The World of IPv6 – DHCPv6-PD (Prefix Delegation) Step 1. HOME asks the ISP for an address to allocate for it’s LANs DHCPv6-PD is initiated by the RR! Step 2. ISP delegates an IPv6 prefix for HOME Example: ISP sends HOME a /48 prefix Step 3. HOME delegates prefix using SLAAC RA messages (currently only option) HOME assigns the prefix or subnets of the prefix to one or more interfaces HOME advertises the prefix out its interfaces using ICMPv6 Router Advertisement messages Example: HOME interfaces are assigned /64 prefixes ISP-DR HOME-RR G0/1 G0/0 Delegating Router (DR) Requesting Router (RR) DHCPv6-PD REQUEST DHCPv6-PD REPLY with /48 prefix RA with /64 prefix G0/1 RA with /64 prefix 1 1 2 2 3 3 3 3

6. 6 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada Our Example - DHCPv6-PD ISP will deliver an IPv6 address for HOME’s G0/1 interface using SLAAC ISP will delegate the 2001:DB8:AB00::/48 prefix to HOME to allocate to its LANs HOME will use the 2001:DB8:AB00:1::/64 subnet for its G0/0 interface. Assign :1 to the G0/0 interface G0/0 LAN will receive the 2001:DB8:AB00:1::/64 prefix and other information using SLAAC (RA). ISP-DR HOME-RR G0/1 :1 G0/1 :EUI-64 G0/0 :1 Router Advertisement 2001:DB8:AB00:1::/64 Router Advertisement 2001:DB8:AB00:1::/64 Router Advertisement 2001:DB8:FEED:6::/64 Router Advertisement 2001:DB8:FEED:6::/64 DHCPv6 Prefix Delegation Prefix Delegation for the HOME 2001:DB8:AB00:/48 Prefix Delegation for the HOME 2001:DB8:AB00:/48 2001:DB8:AB00:1::/642001:DB8:FEED:6::/64 SLAAC

7. 7 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada RA and DHCPv6-PD Messages ISP DR HOME RR G0/1 G0/0 SOLICIT: Prefix Delegation request ADVERTISE REQUEST REPLY: Include Prefix ICMPv6 Router Advertisement (RA) The RR must be enabled with the PD option In the case where the RR only has one DR the rapid commit option omits these two steps. ICMPv6 Router Advertisement ICMPv6 Router Solicitation SLAAC DHCPv6-PD SLAAC Note: If instead of SLAAC, HOME uses DHCPv6 for its G0/1 address, a separate set of DHCPv6 messages will be exchanged between the two routers.

8. 8 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada HOME-RR Configuration HOME-RR(config)# ipv6 unicast-routing ! Required to send RA HOME-RR(config)# interface gig 0/1 HOME-RR(config-if)# ipv6 address autoconfig default ! Use RA & add default HOME-RR(config-if)# ipv6 dhcp client pd DHCPV6-PREFIX-FROM-ISP ! Request DHCPv6-PD. ! rapid-commit option ! can be used. HOME-RR(config)# interface gig 0/0 HOME-RR(config-if)# ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64 ! RA /48 from PD Router Advertisement HOME-RR G0/1 :1 G0/1 :EUI-64 G0/0 :1 2001:DB8:AB00:1::/642001:DB8:FEED:6::/64 ISP-DR 1 1 2001:DB8:FEED:6::/48 Router Solicitation DHCPv6 PD Request 2 2 3 3

9. 9 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada HOME-RR Configuration HOME-RR(config)# interface gig 0/1 HOME-RR(config-if)# ipv6 address autoconfig default HOME-RR(config-if)# ipv6 dhcp client pd DHCPV6-PREFIX-FROM-ISP HOME-RR(config)# interface gig 0/0 HOME-RR(config-if)# ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64 ! For G0/0 & RA 2001:DB8:AB00::/48 Router Advertisement 2 2 3 3 HOME-RR G0/1 :1 G0/1 :EUI-64 G0/0 :1 2001:DB8:AB00:1::/642001:DB8:FEED:6::/64 ISP-DR 2001:DB8:AB00:1::1/64 First 48 bits replaced by the prefix received by DHCPv6-PD 2001:DB8:AB00:: Subnet-ID Interface ID DHCPv6 PD Request 1 1 DHCPv6 PD Reply 3 3

10. 10 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada ISP-DR Configuration HOME-RR G0/1 :1 G0/1 :EUI-64 G0/0 :1 2001:DB8:AB00:1::/642001:DB8:FEED:6::/64 ISP-DR(config)# ipv6 unicast-routing ISP-DR(config)# interface gig 0/1 ISP-DR(config-if)# ipv6 address 2001:db8:feed:6::1/64 ISP-DR(config-if)# ipv6 address fe80::feed:1 link-local ISP-DR(config-if)# ipv6 dhcp server DHCPV6-CLIENT-ADDRESS ! Also a DHCPv6 server ISP-DR(config)# ipv6 dhcp pool DHCPV6-CLIENT-ADDRESS ISP-DR(config-dhcpv6)# prefix-delegation pool DHCPV6-PD-POOL ISP-DR(config-dhcpv6)# dns-server 2001:DB8:AAAA::1 ISP-DR(config)# ipv6 local pool DHCPV6-PD-POOL 2001:DB8:AB00::/40 48 ISP-DR Router Advertisement 2001:DB8:FEED:6::/64 Router Advertisement 2001:DB8:FEED:6::/64 Prefix Delegation for the HOME 2001:DB8:AB00:/64 Prefix Delegation for the HOME 2001:DB8:AB00:/64 DHCPv6-PD SLAAC For G0/1 interface For HOME LANs Pool can include address prefix command if stateful DHCPv6 is used instead of SLAAC.

11. 11 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada ISP-DR Configuration ISP-DR(config)# ipv6 dhcp pool DHCPV6-CLIENT-ADDRESS ISP-DR(config-dhcpv6)# prefix-delegation pool DHCPV6-PD-POOL ! DHCPv6 address pool ISP-DR(config-dhcpv6)# dns-server 2001:DB8:AAAA::1 ! DNS address for DHCPv6-PD ISP-DR(config)# ipv6 local pool DHCPV6-PD-POOL 2001:DB8:AB00::/40 48 ! PD pool Reserve a /40 to allocate addresses for ISP’s DHCPv6-PD clients 2001:DB8:ABxx::/40 From the /40 each DHCPv6-PD client will get a /48 2001:DB8:AB00::/48 2001:DB8:AB01::/48 2001:DB8:AB02::/48 … 2001:DB8:ABFF::/48 2001:DB8:AB00:1::/64 Router Advertisement HOME-RR G0/1 :1 G0/1 :EUI-64 G0/0 :1 2001:DB8:AB00:1::/642001:DB8:FEED:6::/64 ISP-DR DHCPv6 PD Reply 2001:DB8:AB00::/40 ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64

12. 12 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada Verifying DHCPv6-PD ISP-DR HOME-RR G0/1 :1 G0/1 :EUI-64 G0/0 :1 Router Advertisement 2001:DB8:AB00:1::/64 Router Advertisement 2001:DB8:AB00:1::/64 Router Advertisement 2001:DB8:FEED:6::/64 Router Advertisement 2001:DB8:FEED:6::/64 DHCPv6 Prefix Delegation Prefix Delegation for the HOME 2001:DB8:AB00:/64 Prefix Delegation for the HOME 2001:DB8:AB00:/64 2001:DB8:AB00:1::/642001:DB8:FEED:6::/64 SLAAC

13. 13 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada ISP-DR Verification ISP-DR# show ipv6 dhcp interface gig 0/1 GigabitEthernet0/1 is in server mode Using pool: DHCPV6-CLIENT-ADDRESS Preference value: 0 Hint from client: ignored Rapid-Commit: disabled ISP-DR# HOME-RR G0/1 :1 G0/1 :EUI-64 G0/0 :1 2001:DB8:AB00:1::/642001:DB8:FEED:6::/64 ISP-DR ISP-DR(config)# interface gig 0/1 ISP-DR(config-if)# ipv6 dhcp server DHCPV6-CLIENT-ADDRESS ISP-DR(config)# ipv6 dhcp pool DHCPV6-CLIENT-ADDRESS ISP-DR(config-dhcpv6)# prefix-delegation pool DHCPV6-PD-POOL ISP-DR(config-dhcpv6)# dns-server 2001:DB8:AAAA::1 ISP-DR(config)# ipv6 local pool DHCPV6-PD-POOL 2001:DB8:AB00::/40 48 rapid-commit option not included

14. 14 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada ISP-DR Verification ISP-DR# show ipv6 local pool DHCPV6-PD-POOL Prefix is 2001:DB8:AB00::/40 assign /48 prefix 1 entries in use, 255 available, 0 rejected 0 entries cached, 1000 maximum User Prefix Interface 00030001885A923B29E000040001 2001:DB8:AB00::/48 ISP-DR# HOME-RR G0/1 :1 G0/1 :EUI-64 G0/0 :1 2001:DB8:AB00:1::/642001:DB8:FEED:6::/64 ISP-DR ISP-DR(config)# interface gig 0/1 ISP-DR(config-if)# ipv6 dhcp server DHCPV6-CLIENT-ADDRESS ISP-DR(config)# ipv6 dhcp pool DHCPV6-CLIENT-ADDRESS ISP-DR(config-dhcpv6)# prefix-delegation pool DHCPV6-PD-POOL ISP-DR(config-dhcpv6)# dns-server 2001:DB8:AAAA::1 ISP-DR(config)# ipv6 local pool DHCPV6-PD-POOL 2001:DB8:AB00::/40 48 Other verification commands: show ipv6 dhcp binding show ipv6 dhcp interface

15. 15 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada HOME-RR Verification HOME-RR# show ipv6 inter brief GigabitEthernet0/0 [up/up] FE80::1 2001:DB8:AB00:1::1 GigabitEthernet0/1 [up/up] FE80::8A5A:92FF:FE3B:29E1 2001:DB8:FEED:6:8A5A:92FF:FE3B:29E1 HOME-RR# HOME-RR G0/1 :1 G0/1 :EUI-64 G0/0 :1 2001:DB8:AB00:1::/642001:DB8:FEED:6::/64 ISP-DR HOME-RR(config)# ipv6 unicast-routing HOME-RR(config)# interface gig 0/1 HOME-RR(config-if)# ipv6 address autoconfig default HOME-RR(config-if)# ipv6 dhcp client pd DHCPV6-PREFIX-FROM-ISP HOME-RR(config)# interface gig 0/0 HOME-RR(config-if)# ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64 SLAAC

16. 16 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada HOME-RR Verification HOME-RR# show ipv6 interface gig 0/0 GigabitEthernet0/0 is up, line protocol is up General-prefix in use for addressing Global unicast address(es): 2001:DB8:AB00:1::1, subnet is 2001:DB8:AB00:1::/64 [CAL/PRE] Hosts use stateless autoconfig for addresses. HOME-RR# HOME-RR G0/1 :1 G0/1 :EUI-64 G0/0 :1 2001:DB8:AB00:1::/642001:DB8:FEED:6::/64 ISP-DR HOME-RR(config)# ipv6 unicast-routing HOME-RR(config)# interface gig 0/1 HOME-RR(config-if)# ipv6 address autoconfig default HOME-RR(config-if)# ipv6 dhcp client pd DHCPV6-PREFIX-FROM-ISP HOME-RR(config)# interface gig 0/0 HOME-RR(config-if)# ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64 Router Advertisement 2001:DB8:AB00:1::/64 Router Advertisement 2001:DB8:AB00:1::/64

17. 17 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada HOME-RR Verification HOME-RR# show ipv6 interface gig 0/0 GigabitEthernet0/0 is up, line protocol is up General-prefix in use for addressing Global unicast address(es): 2001:DB8:AB00:1::1, subnet is 2001:DB8:AB00:1::/64 [CAL/PRE] Hosts use stateless autoconfig for addresses. HOME-RR# HOME-RR# show ipv6 general-prefix IPv6 Prefix DHCPV6-PREFIX-FROM-ISP, acquired via DHCP PD 2001:DB8:AB00::/48 Valid lifetime 603983, preferred lifetime 603983 GigabitEthernet0/0 (Address command) HOME-RR# HOME-RR G0/1 :1 G0/1 :EUI-64 G0/0 :1 2001:DB8:AB00:1::/642001:DB8:FEED:6::/64 ISP-DR

18. 18 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada HOME-RR Verification HOME-RR# show ipv6 route IPv6 Routing Table - default - 7 entries Codes: ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr – Redirect ND ::/0 [2/0] via FE80::FEED:1, GigabitEthernet0/1 S 2001:DB8:AB00::/48 [1/0] via Null0, directly connected HOME-RR# HOME-RR G0/1 :1 G0/1 :EUI-64 G0/0 :1 2001:DB8:AB00:1::/642001:DB8:FEED:6::/64 ISP-DR HOME-RR(config)# ipv6 unicast-routing HOME-RR(config)# interface gig 0/1 HOME-RR(config-if)# ipv6 address autoconfig default HOME-RR(config-if)# ipv6 dhcp client pd DHCPV6-PREFIX-FROM-ISP HOME-RR(config)# interface gig 0/0 HOME-RR(config-if)# ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64 Discard route Default Route 2001:DB8:AB00::/48 X

19. 19 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada HOME-RR Verification PC> ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: IPv6 Address.......... 2001:db8:ab00:1:1005:b37e:7e61:7ceb Link-local IPv6 Address..... fe80::1005:b37e:7e61:7ceb Default Gateway......... fe80::1 HOME-RR G0/1 :1 G0/1 :EUI-64 G0/0 :1 2001:DB8:AB00:1::/642001:DB8:FEED:6::/64 ISP-DR Router Advertisement 2001:DB8:AB00:1::/64 Router Advertisement 2001:DB8:AB00:1::/64 HOME-RR(config)# interface gig 0/0 HOME-RR(config-if)# ipv6 address DHCPV6-PREFIX-FROM-ISP 0:0:0:1::1/64 HOME-RR(config-if)# ipv6 address fe80::1 link-local For a recognizable default gateway address

20. 20 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada SLAAC Router(config)# ipv6 unicast-routing Router(config-if)# no ipv6 nd suppress-ra ! This is the default Stateful DHCPv6 Router(config-if)# ipv6 nd managed-config-flag Router(config-if)# ipv6 dhcp server POOL-NAME Router(config)# ipv6 dhcp pool POOL-NAME Router(config-dhcpv6)# address prefix ipv6-prefix/prefix-length Router(config-dhcpv6)# dns-server dns-address Router(config-dhcpv6)# domain-name domain-name Stateful DHCPv6 Router(config-if)# ipv6 nd other-config-flag Router(config-if)# ipv6 dhcp server POOL-NAME Router(config)# ipv6 dhcp pool POOL-NAME Router(config-dhcpv6)# dns-server dns-address Router(config-dhcpv6)# domain-name domain-name DHCPv6-PD option Router(config-dhcpv6)# prefix-delegation pool ipv6-prefix/prefix-length ! Add to POOL-NAME Router(config)# ipv6 local pool POOL-NAME ipv6-address-block/prefix-length subnet-prefix-length Server Client

21. 21 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada Server DHCPv6 Client(config-if)# ipv6 enable ! IPv6 link-local required to send DHCPv6 messages Client(config-if)# ipv6 address dhcp Client Router as a DHCPv6 Client (Stateless or Stateful) DR-facing Interface using SLAAC or DHCPv6 Client(config-if)# ipv6 dhcp client pd POOL-NAME ! Request DHCPv6-PD LAN-facing Interface Client(config)# ipv6 address POOL-NAME ::subnet-interfaceid-address/prefix-length Router as a DHCPv6-PD Client SLAAC Client(config-if)# ipv6 address autoconfig [default] ! default option used for DHCPv6-PD Router as SLAAC client

22. 22 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada DHCPv4 – Remember IPv4? ICMPv6 – Used more than ICMPv4 SLAACers – IPv6 Addressing without DHCPv6 Stateless DHCPv6 – I have my address but need some other stuff Stateful DHCPv6 – Just like DHCPv4 (only different) DHCPv6-PD (Prefix Delegation) – IPv6 Prefix for the “home”

23. 23 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada Rick Graziani - graziani@cabrillo.edugraziani@cabrillo.edu PowerPoints for CCNA, CCNP, IPv6 www.cabrillo.edu/~rgraziani Username = cisco Password = perlman Shameless plug! Quality time with my two nieces…

24. 24 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada Rick Graziani - graziani@cabrillo.edugraziani@cabrillo.edu www.cabrillo.edu/~rgraziani Username = cisco Password = perlman