1. Ch.5 Global Unicast Address (GUA)
CIS 116 IPv6 Fundamentals
Rick Graziani
Cabrillo College

2. Purpose and Format of GUA

3. IPv6 Address Types
IPv6 does not have a “broadcast” address.

4. IPv6 Source and Destination Addresses
IPv6 Source – Always a unicast (link-local or GUA)
IPv6 Destination – Unicast, multicast, or anycast.
IPv4
IPv6

5. Global Unicast Address
IPv6 Internet
Global Unicast Address (GUA)
2000::/3 (First hextet: 2000::/3 to 3FFF::/3)
Globally unique and routable
Similar to public IPv4 addresses
2001:DB8::/32 - RFC 2839 and RFC 6890 reserves this range of addresses for documentation
These are the addresses we will be referring to the most.
RFC 6890 lists other special use blocks for both IPv4 and IPv6 blocks.

6. Global Unicast Address Range
Global Routing Prefix
Subnet ID
Interface ID
001
Range: 2000:
3FFF: : :
First hextet
Global Unicast Address (GUA)
2000::/3
Range 2000::/64 thru 3fff:fff:fff:fff::/64
1/8th of IPv6 address space
IANA’s allocation of IPv6 address space in 1/8th sections

7. Global Unicast Address Range
Global Routing Prefix
Subnet ID
Interface ID
Range:
2000::/64 thru 3fff:fff:fff:fff::/64
001
Except under very specific circumstances, all end users will have a global unicast address.
Note: A host (an interface) can potentially have multiple IPv6 addresses on the same or different networks.
Terminology:
Prefix equivalent to the network address of an IPv4 address
Prefix length equivalent to subnet mask in IPv4
Interface ID equivalent to host portion of an IPv4 address

10. Parts of a Global Unicast Address
IPv4 Unicast Address /?
Network portion
Subnet portion
Host portion
32 bits
IPv6 Global Unicast Address
/48
/64
16-bit Subnet ID
Global Routing Prefix
Interface ID
128 bits
64-bit Interface ID = 18 quintillion (18,446,744,073,709,551,616) devices/subnet
16-bit Subnet ID (initially recommended) = 65,536 subnets
/48 global routing prefix could be more or less depending on what you service provider gives you – we will talk about this in a moment
Most orgs that go to ARIN are more likely to get a /40 w/ the ARIN assignment policy based on the number of sites. So you actually end w/ a more variable length “subnet” range that you can use. The /48 boundary was initially recommended by the first IPv6 standards but it is changing.

11. /64 Global Unicast Address and the 3-1-4 Rule
/48
/64
16 bits
16 bits
16 bits
16 bits
16 bits
16 bits
16 bits
16 bits
Global Routing Prefix
Subnet ID
Interface ID 3 1 4
2001 : 0DB8 : CAFE : 0001 : 0000 : 0000 : 0000 : 0100
3 + 1 = 4 (/64) : 4
2001:0DB8:CAFE:0001:0000:0000:0000:0100/64
2001:DB8:CAFE:1::100/64
3-1-4 when using a /48 (common but a moving target)

13. Subnetting IPv6

14. 3-1-4 Rule Subnetting IPv6 Can you count in hex?
Just increment by 1 in Hexadecimal:
2001:0DB8:CAFE:0000::/64
2001:0DB8:CAFE:0001::/64
2001:0DB8:CAFE:0002::/64 ...
2001:0DB8:CAFE:0009::/64
2001:0DB8:CAFE:000A::/64
Valid abbreviation is to remove the leading 0s:
2001:DB8:CAFE:1::/64
3-1-4 Rule

15. Extending the Subnet ID
/48
/48
/64
/80
16-bit Fixed Subnet ID
48-bit
Interface ID
Global Routing Prefix
Global Routing Prefix
32-bit Subnet ID
Interface ID
Prefix
Note:
It is highly recommended to NOT subnet into the /64 interface ID portion of the address to configure subnets.
The only exception would be for network infrastructure (router-to-router links, router-to-switch links, etc.).
Networks with an end system attached should be a /64.
Global Routing Prefix
Subnet-ID
Interface ID
2001 : 0DB8 : CAFE : 0000 : 0000 : 0000 : 0000 : 0000
2001 : 0DB8 : CAFE : 0000 : 0001 : 0000 : 0000 : 0000
2001 : 0DB8 : CAFE : 0000 : 0002 : 0000 : 0000 : 0000
thru
2001 : 0DB8 : CAFE : FFFF : FFFE : 0000 : 0000 : 0000
2001 : 0DB8 : CAFE : FFFF : FFFF : 0000 : 0000 : 0000
It is highly recommended to not go into the interface ID /64 portion of the address to configure subnets. The only exception would be for network infrastructure (i.e router-to-router links, router-to-switch links, etc.) Anything with an end system attached to it should be a /64.

16. For Demonstration Purposes Only Subnetting on a Nibble Boundary
/48
/68
Global Routing Prefix
Subnet ID
Interface ID
20 bits
60 bits
/68 Prefix
Subnetting on a nibble (4 bit) boundary makes it easier to list the subnets:
/64, /68, /72, etc.
2001:0DB8:CAFE:0000:0000::/68
2001:0DB8:CAFE:0000:1000::/68
2001:0DB8:CAFE:0000:2000::/68 through
2001:0DB8:CAFE:FFFF:F000::/68
/68 

17. For Demonstration Purposes Only Subnetting within a Nibble
/48
/70
Global Routing Prefix
Subnet ID
Interface ID 
22 bits
58 bits
/70 Prefix
Binary
Four Bits:
Two leftmost bits: Subnet-ID
Two rightmost bits: Associated with the Interface ID
2001:0DB8:CAFE:0000:0000::/70
2001:0DB8:CAFE:0000:0400::/70
2001:0DB8:CAFE:0000:0800::/70
2001:0DB8:CAFÉ:0000:0C00::/70
0000
0100
1000
1100

18. Do I Need the IPv6 Equivalent to an IPv4 /30?
/48
/127
Global Routing Prefix
Subnet ID
79 bits
1bit
RFC Using 127-Bit IPv6 Prefixes on Inter-Router Links
Ping-Pong Attack
Neighbor Cache Exhaustion Issue
There are mitigation techniques for both.
If you want to use a /127, reserve a separate /64 for each /127…. Really!
Built-in rate limiter with options to tune it
– Since 15.1(3)T: ipv6 nd cache interface-limit
– Or IOS-XE 2.6: ipv6 nd resolution data limit
– Destination-guard is part of First Hop Security phase 3
– Priority given to refresh existing entries vs. discovering new ones
• Using a /64 on point-to-point links => a lot of addresses to scan!
– Using /127 could help (RFC 6164)

19. Allocate Separate /64’s F001 F000 000 0 or 1
/48
/127
Global Routing Prefix
F001
F000
Subnet ID
000
79 bits
3 bits
1bit
For each /127 allocate an entire /64:
2001:DB8:CAFE:F000::/64
2001:DB8:CAFE:F000::0/127
2001:DB8:CAFE:F000::1/127
2001:DB8:CAFE:F001::/64
2001:DB8:CAFE:F001::0/127
2001:DB8:CAFE:F001::1/127
0 or 1
2001:DB8:CAFE:F000::/64
2001:DB8:CAFE:F001::/64
2001:DB8:CAFE:F002::/64
2001:DB8:CAFE:F003::/64
And so on...
All 0s “::” can be confusing
Wasting addresses?
No! We are not cutting down binary trees and there are plenty of IPv6 addresses!
To make addresses easier to read digits use 1s in last two bits of the subnet id
- Two addresses are even (or 0) and +1

20. Use a Different Last 3 bits for the Subnet ID
/48
/127
Global Routing Prefix
F000
F001
Subnet ID
101
79 bits
3 bits
1bit
2001:DB8:CAFE:F000::/64
2001:DB8:CAFE:F000::A/127
2001:DB8:CAFE:F000::B/127
2001:DB8:CAFE:F001::/64
2001:DB8:CAFE:F001::A/127
2001:DB8:CAFE:F001::B/127
Be careful which two interfaces addresses you choose.
::9 and ::A are not on the same /127 subnet
0 or 1

21. Be Careful! 100 101 Global Routing Prefix Subnet ID /127
0 or 1
/127
1bit
79 bits
Global Routing Prefix
Subnet ID
101
0 or 1
1bit
Be careful which two interfaces addresses you choose.
::9 and ::A are not on the same /127 subnet
2001:DB8:CAFE:F000::/64
2001:DB8:CAFE:F000::8/127
2001:DB8:CAFE:F000::9/127
2001:DB8:CAFE:F000::A/127
2001:DB8:CAFE:F000::B/127

23. IPv6 Addressing Plan RFC 1878 VLSM
IPv4 subnetting is used to help conserve IPv4 address space.
Managing a limited space
VLSM
/30s for point-to-point links
IPv6 address conservation does not need to be as aggressive as IPv4.
Developing an address plan that is:
Makes sense.
Easy to manage.
NANOG BCOP: IPv6 Subnetting
Cisco: IPv6 Address Guide
RIPE NCC: Preparing an IPv6 Addressing Plan - RIPE Network
When we think IPv4 subnetting its all about conserving IPv4 address space,
allocating enough hosts per subnet for growth but not too many because we’re limited.

24. Using ipv6gen
Ipv6gen is a tool which generates list of IPv6 prefixes of given length from certain prefix according to RFC (A Flexible Method for Managing the Assignment of Bits of an IPv6 Address Block)
When we think IPv4 subnetting its all about conserving IPv4 address space,
allocating enough hosts per subnet for growth but not too many because we’re limited.

25. Apples-MacBook-Pro-9:~ rigrazia$ ipv6gen.pl 2001:db8:cafe::/48 64
2001:0DB8:CAFE:000A::/64
2001:0DB8:CAFE:000B::/64
2001:0DB8:CAFE:000C::/64
...
2001:0DB8:CAFE:FFFC::/64
2001:0DB8:CAFE:FFFD::/64
2001:0DB8:CAFE:FFFE::/64
2001:0DB8:CAFE:FFFF::/64
Apples-MacBook-Pro-9:~ rigrazia$
65,536 subnets

26. Apples-MacBook-Pro-9:~ rigrazia$ ipv6gen.pl 2001:db8:cafe::/48 52
2001:0DB8:CAFE:A000::/52
2001:0DB8:CAFE:B000::/52
2001:0DB8:CAFE:C000::/52
2001:0DB8:CAFE:D000::/52
2001:0DB8:CAFE:E000::/52
2001:0DB8:CAFE:F000::/52
Apples-MacBook-Pro-9:~ rigrazia$
16 subnets

27. Apples-MacBook-Pro-9:~ rigrazia$ ipv6gen.pl 2001:db8:cafe::/52 56
2001:0DB8:CAFE:0A00::/56
2001:0DB8:CAFE:0B00::/56
2001:0DB8:CAFE:0C00::/56
2001:0DB8:CAFE:0D00::/56
2001:0DB8:CAFE:0E00::/56
2001:0DB8:CAFE:0F00::/56
Apples-MacBook-Pro-9:~ rigrazia$
16 subnets

28. Apples-MacBook-Pro-9:~ rigrazia$ ipv6gen.pl 2001:db8:cafe:aaaa::/64 68
2001:0DB8:CAFE:AAAA:A000::/68
2001:0DB8:CAFE:AAAA:B000::/68
2001:0DB8:CAFE:AAAA:C000::/68
2001:0DB8:CAFE:AAAA:D000::/68
2001:0DB8:CAFE:AAAA:E000::/68
2001:0DB8:CAFE:AAAA:F000::/68
Apples-MacBook-Pro-9:~ rigrazia$
16 subnets

29. Subnetting within the nibble 64 subnets
Apples-MacBook-Pro-9:~ rigrazia$ ipv6gen.pl 2001:db8:cafe:aaaa::/64 70
2001:0DB8:CAFE:AAAA:0000::/70
2001:0DB8:CAFE:AAAA:0400::/70
2001:0DB8:CAFE:AAAA:0800::/70
2001:0DB8:CAFE:AAAA:0C00::/70
2001:0DB8:CAFE:AAAA:1000::/70
2001:0DB8:CAFE:AAAA:1400::/70
2001:0DB8:CAFE:AAAA:1800::/70
2001:0DB8:CAFE:AAAA:1C00::/70
2001:0DB8:CAFE:AAAA:2000::/70
2001:0DB8:CAFE:AAAA:2400::/70
2001:0DB8:CAFE:AAAA:2800::/70
2001:0DB8:CAFE:AAAA:2C00::/70
2001:0DB8:CAFE:AAAA:3000::/70
...
2001:0DB8:CAFE:AAAA:F000::/70
2001:0DB8:CAFE:AAAA:F400::/70
2001:0DB8:CAFE:AAAA:F800::/70
2001:0DB8:CAFE:AAAA:FC00::/70
Binary
0000
0100
1000
1100
Binary
0001
0010
0011
:01xx: :02xx: and :03xx: are Interface IDs of :0000:
Subnetting within the nibble
64 subnets

30. IPv6 Address Planning
Designing an Address Plan for the Future
By Tom Coffeen
Publisher: O'Reilly Media
Release Date: November 2014
Pages: 286

31. IPv6 Address Allocation

32. IPv6 Address Allocation Internet Service Provider
Global Routing Prefix
I am getting a /64 at home
/23
/32
/48
/56
/64
Subnet ID
Sub
Interface ID
*RIR
Internet Service Provider
*ISP Prefix
*Site Prefix
Possible Home Site Prefix
Subnet Prefix
* This is a minimum allocation. The prefix-length may be shorter if it can be justified.

33. Global Routing Prefix determines number of /64 subnets *
Subnet ID
18 quintillion hosts per subnet
2001:DB8:0000:0000:0000:0000:0000:0000
From your ISP or ARIN
/32 UCSC from ARIN
/48 Cabrillo from CENIC
64-bit Interface ID
/60 (4-bit Subnet ID) = 16 subnets
/56 (8-bit Subnet ID) = 256 subnets
/52 (12-bit Subnet ID) = 4,096 subnets
IPv6 lets us create a well organized and easy to manage addressing plan without having to try and conserve addresses.
(Many sites will get this prefix length)
/48 = (16-bit Subnet ID) 65,536 subnets
/44 = (20-bit Subnet ID) 1,048,576 subnets
/40 (24-bit Subnet ID) = 16,777,216 subnets
/36 (28-bit Subnet ID) = 268,435,456 subnets
/32 (32-bit Subnet ID) = 4,294,967,296 subnets
You use /64 subnets.
As many IPv6 subnets as there are IPv4 addresses!

34. PI versus PA Address Space
/32
/48
RIR
ISP
Subnet ID
Global Routing Prefix
Interface ID
Provider Independent (PI) Address Space
Address space that is assigned by the RIR.
Remains assigned to the customer regardless of provider
No prefix renumbering needed if change providers
Provider Aggregatable (PA) Address Space
Address space that is typically assigned by an ISP to a customer.
Change provider, must get new address space
Customer must do prefix renumbering (Helpful IETF RFCs)

35. Configuring a Static GUA

36. Configuring a Global Unicast Address
Manual
Dynamic
Stateless
Stateful
Static
IPv6 unnumbered
SLAAC
DHCPv6
Similar to IPv4 unnumbered
Static + EUI 64
SLAAC + DHCPv6
DHCPv6-PD
Details, including the operations and configurations of SLAAC (Stateless Address Autoconfiguration) in later chapters
We need to talk more about link-local addresses (lesson 5) and multicast addresses in lesson 6, and introduce ICMPv6 which we will do in lesson 7.
Like herding cats.

37. Static GUA Configuration
2001:DB8:CAFE:1::/64
:100 A
G0/0 :1
2001:DB8:CAFE:3::/64 :1
S0/0/0 :1
G0/1 R1
:100 B
2001:DB8:CAFE:2::/64
R1(config)#interface gigabitethernet 0/0
R1(config-if)#ipv6 address 2001:db8:cafe:1::1/64
R1(config-if)#no shutdown
R1(config-if)#exit
No space
Exactly the same as an IPv4 address only different.
No space between IPv6 address and Prefix-length.
IOS commands for IPv6 are very similar to their IPv4 counterpart.
All 0’s and all 1’s are valid IPv6 host IPv6 addresses.

38. Static GUA Configuration
2001:DB8:CAFE:1::/64
:100 A
G0/0 :1
2001:DB8:CAFE:3::/64 :1
S0/0/0 :1
G0/1 R1
:100 B
2001:DB8:CAFE:2::/64
I love the rule and subnetting IPv6!
R1(config)#interface gigabitethernet 0/1
R1(config-if)#ipv6 address 2001:db8:cafe:2::1/64
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface serial 0/0/0
R1(config-if)#ipv6 address 2001:db8:cafe:3::1/64 
The ipv6 unicast-routing global configuration command is required for forward IPv6 packets – it is not required to configure IPv6 addresses.

39. Verifying Address Using Running Configuration
2001:DB8:CAFE:1::/64
:100 A
G0/0 :1
2001:DB8:CAFE:3::/64 :1
S0/0/0 :1
G0/0 R1
:100 B
2001:DB8:CAFE:2::/64
R1# show running-config
<output omitted for brevity>
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
ipv6 address 2001:DB8:CAFE:1::1/64 !
IPv4 address
IPv6 address

40. Verifying Unicast Addresses on R1
R1# show ipv6 interface brief
GigabitEthernet0/0 [up/up]
FE80::FE99:47FF:FE75:C3E0
2001:DB8:CAFE:1::1
! <output omitted>
Link-local unicast address
Global unicast address
Link-local and global unicast addresses are displayed.
Link-local address automatically created when (before) the global unicast address is.
Link-local addresses are used for communicating with other devices on the same link (not routable).
We will discuss link-local addresses in Lesson 5.
Link-local address play an important part in IPv6 networking – so be sure you have a good understanding of them.

41. Static GUA Configuration on PC
Same as IPv4 devices:
Servers, printers, routers, etc.
Can also be a link-local unicast address of the router.
So one issue to mention here is that even if a static address is configured on the host, it could possibly pick up a SLAAC address.
In other words configuring a static address does not mean that will be the only global address on the end system. If the router is sending RA’s, the host could get both a static and a SLAAC assigned address.

42. Verifying Unicast Addresses on PC
PCA> ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS Suffix : IPv6 Address : 2001:db8:cafe:1::100 Link-local IPv6 Address : fe80::50a5:8a35:a5bb:66e1 Default Gateway : 2001:db8:cafe:1::1
Link-local addresses are created automatically.
Recent Microsoft operating systems use a random 64-bit Interface ID for link-local address… (coming soon)

43. Verifying IPv6 Connectivity
PCA> ping 2001:db8:cafe:1::1
Pinging 2001:db8:cafe:1::1 from 2001:db8:cafe:1::100 with 32 bytes of data:
Reply from 2001:db8:cafe:1::1: time=1ms
Ping statistics for 2001:db8:cafe:1::1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 1ms, Average = 1ms
PCA>
Don’t be intimidated with IPv6. It’s still all about packets getting from one place to another. If the ping fails, then troubleshoot it like you would IPv4.

44. R2 R3

57. IPv6 General Prefix: Making your life easier
Router(config)# ipv6 general-prefix ?
WORD General prefix name
Router(config)# ipv6 general-prefix MyGUA 2001:db8:cafe::/48
Router(config)# interface gigabitethernet 0/0
Router(config-if)# ipv6 address MyGUA 0:0:0:88::1/64
Router(config-if)# no shutdown
Router(config-if)# exit
Router(config)# interface gigabitethernet 0/1
Router(config-if)# ipv6 address MyGUA 0:0:0:99::1/64
Router(config-if)# end
Router# show ipv6 interface brief
GigabitEthernet0/0 [up/up]
FE80::7EAD:74FF:FECC:5380
2001:DB8:CAFE:88::1
GigabitEthernet0/1 [[up/up]
FE80::7EAD:74FF:FECC:5381
2001:DB8:CAFE:99::1
<output omitted>
The general-prefix option can be used as a short-cut or alias for just about any command requiring an IPv6 address, addressing, ACLs, etc.
Use the ipv6 general-prefix command to define an IPv6 general prefix.
A general prefix holds a short prefix, based on which a number of longer, more specific, prefixes can be defined. When the general prefix is changed, all of the more specific prefixes based on it will change, too. This function greatly simplifies network renumbering and allows for automated prefix definition.
More specific prefixes, based on a general prefix, can be used when configuring IPv6 on an interface.
When defining a general prefix based on an interface used for 6to4 tunneling, the general prefix will be of the form 2002:a.b.c.d::/48, where "a.b.c.d" is the IPv4 address of the interface referenced.

58. IPv6 General Prefix: Renumbering
Router(config)# no ipv6 general-prefix MyGUA 2001:db8:cafe::/48
Router(config)# ipv6 general-prefix MyGUA 2001:db8:beef::/48
Router(config-if)# end
Router# show ipv6 interface brief
GigabitEthernet0/0 [up/up]
FE80::7EAD:74FF:FECC:5380
2001:DB8:BEEF:88::1
GigabitEthernet0/1 [[up/up]
FE80::7EAD:74FF:FECC:5381
2001:DB8:BEEF:99::1
<output omitted>
Router# show running-config
<partial output>
ipv6 general-prefix MyGUA 2001:DB8:BEEF::/48 !
interface GigabitEthernet0/0
ipv6 address MyGUA ::88:0:0:0:1/64
interface GigabitEthernet0/1
ipv6 address MyGUA ::99:0:0:0:1/64
It is also greatly simplifies network renumbering and allows for automated prefix definition.
Notice the use of the :: in the first group of all-0s hextets as per RFC Since there are two groups of all-0s hextets, each group with 3 hextets of all-0’s the :: is used on the first group.

59. Configuring a Static GUA with EUI-64

60. Configuring a Static GUA + EUI-64
Global Unicast
Manual
Dynamic
Stateless
Stateful
Static
IPv6 unnumbered
SLAAC
DHCPv6
Similar to IPv4 unnumbered
Static + EUI 64
SLAAC + DHCPv6
DHCPv6-PD

61. Configuring a Static GUA + EUI-64
R1(config)# interface gigabitethernet 0/1
R1(config-if)# ipv6 address 2001:db8:cafe:99::/64 ?
eui-64 Use eui-64 interface identifier
<cr>
R1(config-if)# ipv6 address 2001:0db8:cafe:99::/64 eui-64
R1(config-if)#
All 0s is ok! (Reserved for subnet-router anycast)
A 64-bit Interface ID is created with EUI-64 using:
48-bit MAC address
Inserting 16 bits: FF-FE
Flipping the U/L (Universal/Local) bit R1
G0/1
2001:DB8:CAFE:99::/64
Less common
EUI-64 is used with SLAAC – lesson 7

62. Modified EUI-64 Format (Extended Unique Identifier–64)
OUI (24 bits)
Device Identifier (24 bits) 00 03 6B E9 D4 80
Insert FF-FE 00 03 6B FF FE E9 D4 80 03 6B FF FE E9 D4 80 00
U/L bit flipped 02 03 6B FF FE E9 D4 80
Insert FFFE gives us a 64 bit Interface ID
IPv6 64-bit interface IDs are on a 64 bit boundary and accommodate IEEE specification for 64 bit MAC addresses
IEEE has chosen FFFE as a reserved value which can only appear in EUI-64 generated from the an EUI-48 MAC address. IEEE's Guidelines for EUI-64 Registration Authority,
Reason for U/L bit flipped can be found in RFC 4291 IP Version 6 Addressing Architecture

63. Configuring a Static GUA + EUI-64
R1(config)# interface gigabitethernet 0/1
R1(config-if)# ipv6 address 2001:db8:cafe:99::/64 eui-64
R1# show interface gigabitethernet 0/1
GigabitEthernet0/1 is up, line protocol is up
Hardware is AmdFE, address is be9.d480 (bia be9.d480)
<output omitted>
R1# show ipv6 interface gigabitethernet 0/1
IPv6 is enabled, link-local address is FE80::203:6BFF:FEE9:D480
Global unicast address(es):
2001:DB8:CAFE:99:203:6BFF:FEE9:D480,
subnet is 2001:DB8:CAFE:99::/64
64-bit prefix from configuration
64-bit Interface ID using EUI-64
EUI-64: 48-bit MAC address with FFFE (16 bits) inserted and 7th bit flipped
EUI-64 – (FFFE) = 64 bits
- more when we talk about dynamic address allocation using SLAAC in lesson 7

64. Overview of Dynamic IPv6 Address Allocation (SLAAC and DHCPv6)

65. Dynamic IPv6 Address Allocation
Global Unicast
Overview only
Manual
Dynamic
Stateless
Stateful
Static
IPv6 unnumbered
SLAAC
DHCPv6
Similar to IPv4 unnumbered
Static + EUI 64
SLAAC + DHCPv6
DHCPv6-PD

66. I might not even be needed. 
Stateful vs Stateless
DHCPv6 Server
STATEFUL: I need an IPv6 address from someone who is keeping track of who has what address.
STATELESS: I will come up with my own IPv6 address…. No one will keep track of what address I have.
I might not even be needed. 
Hey! I can do that! 
Stateful – Some server is keeping track or a record of the interaction.
Stateless – No one is keeping track or a record…. But device can still make sure theirs is unique.

67. Dynamic IPv4 Address Allocation
I need IPv4 addressing information from a DHCP server.
DHCP Server
DHCP Client
Here is your IPv4 address, subnet mask, default gateway and DNS server addresses.

68. Internet Control Message Protocol for IPv6
ICMPv6
Internet Control Message Protocol for IPv6
ICMPv6 than just “messaging” but “how IPv6 conducts business”.
ICMPv6 Neighbor Discovery (RFC 4861) – used in dynamic address allocation.
More later!

69. Once again… ICMPv6 Neighbor Discovery
ICMPv6 informational messages used by Neighbor Discovery (RFC 4861):
Router Solicitation Message
Router Advertisement Message
Used for dynamic address allocation.
Neighbor Solicitation Message
Neighbor Advertisement Message
Used with address resolution (IPv4 ARP) and with DAD
Redirect Message (Similar to ICMPv4)
Router-Device Messaging
Device-Device Messaging

70. It Begins with the RA Message
Multicast: To all IPv6 routers, I need IPv6 address information
ICMPv6 Router Advertisement
ICMPv6 Router Solicitation
DHCPv6 Server
Multicast: To all IPv6 devices,
let me tell you how to do this …
I might not even be needed. 
An ICMPv6 Router Advertisement (RA) suggests to all IPv6 devices on the link how it will receive IPv6 Address Information.
Sent periodically by an IPv6 router or…
… when the router receives a Router Solicitation message from a host.

71. It Begins with the RA Message
ICMPv6 Router Advertisement
DHCPv6 Server
Router(config)# ipv6 unicast-routing
Router Advertisement (RA) Message
Part of ICMPv6 (Internet Control Message Protocol for IPv6)
RA messages are sent by an “IPv6 router”, ipv6 unicast-routing command
Forwards IPv6 Packets
Enables IPv6 dynamic routing
Sends ICMPv6 Router Advertisements
Routers can be configured with IPv6 addresses without being an IPv6 router.
IPv6 static routes can be configured but the router will only forward locally generated packets – it will not forward packets that transit through the router.

72. Router Advertisement: 3 Options
Option 1 and 2: Stateless Address Autoconfiguration
DHCPv6 Server does not maintain state of addresses
Option 3: Stateful Address Configuration
Address received from DHCPv6 Server
DHCPv6
Router(config)# ipv6 unicast-routing
DHCPv6 Server
Option 1: SLAAC – No DHCPv6 (Default on Cisco routers)
“I’m everything you need (Prefix, Prefix-length, Default Gateway)”
Option 2: SLAAC + Stateless DHCPv6 for DNS address
“Here is my information but you need to get other information such as DNS addresses from a DHCPv6 server.” (DNS can be in RA)
Option 3: All addressing except default gateway – DHCPv6
“I can’t help you. Ask a DHCPv6 server for all your information.” RA
you can send DNS server information in RA’s now. Again it is a two part problem, the routers have to support sending the information and the end systems have to know what to do with it.

73. Preview of SLAAC 1 2 RA 3 MAC: 00-19-D2-8C-E0-4C
2001:DB8:CAFE:1::/64
MAC: D2-8C-E0-4C 1
SLAAC Option 1 – RA Message
To: FF02::1 (All-IPv6 devices)
From: FE80::1 (Link-local address)
Prefix: 2001:DB8:CAFE:1::
Prefix-length: /64 2 RA
Prefix: 2001:DB8:CAFE:1::
Prefix-length: /64
Default Gateway: FE80::1
Global Unicast Address:
2001:DB8:CAFE:1: + Interface ID
Note: Domain name and DNS server list may be included if router (and end system) support RFC 6106 IPv6 RA Options for DNS Configuration. 3
EUI-64 Process or Random 64-bit value
ipv6 nd ra dns-suffix ipv6.vmwcs.com
To configure the IPv6 router advertisement of DNS server addresses on an interface, use the ipv6 nd ra dns server command in interface configuration mode. To remove the IPv6 router advertisement of DNS server addresses, use the no form of this command.
ipv6 nd ra dns server ipv6-address seconds
no ipv6 nd ra dns server ipv6-address
Syntax Description
seconds
The amount of time (in seconds) that the Domain Naming System (DNS) server is advertised in an IPv6 router advertisement (RA). The range is from 200 to
Command Default
The DNS server is not advertised in an IPv6 RA.
Command Modes
Interface configuration (config-if)
Command History
Release Modification
Cisco IOS XE Release 3.9S
This command was introduced.
Usage Guidelines
You can use the ipv6 nd ra dns server command to configure up to eight DNS server addresses in an RA.
If you configure a seconds value of zero, the DNS server will no longer be used.
Examples
The following example configures a DNS server with an IPv6 address of 2001:DB8:1::1 to be advertised in an RA with a lifetime of 600 seconds:
Router(config)# interface ethernet 0/0
Router(config-if)# ipv6 nd ra dns server 2001:DB8:1::1 600
DHCPv6 Server

74. SLAAC: Interface ID ✔ DHCPv6 Server /48 /64 16-bit Subnet ID
Global Routing Prefix
64-bit Interface ID
Operating System
EUI-64
Random 64-bit
Windows XP, Server 2003 ✔
Windows Vista and newer
MAC OSX
Linux
SLAAC
EUI-64 Process
Randomly Generated Number
(Privacy Extension)
Check your OS for the default…. Most operating systems provide options to use use either one.
Cisco router configured as a client will use EUI-64. More on the router as a client in Lesson 8 when we discuss SLAAC and DHCPv6.
Default OS behavior can be changed.
Known instead of unknown © Copyright DOC RABE Media
Man in paper bag on head © Copyright binik

75. Modified EUI-64 Format (Extended Unique Identifier–64)
OUI (24 bits)
Device Identifier (24 bits) 00 19 D2 8C E0 4C
Insert FF-FE 00 19 D2 FF FE 8C E0 4C 19 D2 FF FE 8C E0 4C 00
U/L bit flipped 02 19 D2 FF FE 8C E0 4C
Insert FFFE gives us a 64 bit Interface ID
IPv6 64-bit interface IDs are on a 64 bit boundary and accommodate IEEE specification for 64 bit MAC addresses
IEEE has chosen FFFE as a reserved value which can only appear in EUI-64 generated from the an EUI-48 MAC address. IEEE's Guidelines for EUI-64 Registration Authority,
Reason for U/L bit flipped can be found in RFC 4291 IP Version 6 Addressing Architecture

76. Verifying SLAAC on the PC Using EUI-64
Router Advertisement
EUI-64
PC> ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: IPv6 Address : 2001:db8:cafe:1:0219:d2ff:fe8c:e04c Link-local IPv6 Address . . : fe80::0219:d2ff:fe8c:e04c Default Gateway : fe80::1
A 64-bit Interface ID and the EUI-64 process accommodates:
The IEEE specification for a 64-bit MAC address
64-bit boundary processing
FF-FE – more than likely EUI-64
Link local address is usually the same process
Default gateway – link-local address
Why. The Dude looking at the red question mark © Copyright jojje11

77. Dynamic IPv6 Address Allocation
Global Unicast
Manual
Dynamic
Lesson 7
Stateless
Stateful
Stateful
Static
IPv6 unnumbered
SLAAC
DHCPv6
Similar to IPv4 unnumbered
Static + EUI 64
SLAAC + DHCPv6
DHCPv6-PD
Lesson 8
ICMPv6 – Chapter 12
ICMPv6 Neighbor Discovery including packet captures – Chapter 13

78. 4: Global Unicast Addresses (GUA)
Rick Graziani
Cabrillo College