Introducing IPv6 Stateless Address Autoconfiguration or SLAAC. Described in RFC 4862 SLAAC is a mechanism that:

“requires no manual configuration of hosts, minimal (if any) configuration of routers, and no additional servers. The stateless mechanism allows a host to generate its own addresses using a combination of locally available information and information advertised by routers”

In Apple terms; it’s like magic!

SLAAC relies on Neighbor Discovery Protocol (NDP) which provides a lot of cool features like looking for duplicate addresses, configuring a default route, locating other nodes on the link and so on. NDP is really just multicast and ICMPv6 with different message types.

The most common Multicast Addresses used by NDP is:

• All Nodes Addresses
  • FF02:0:0:0:0:0:0:1 or FF02::1
  • Used to reach all nodes on the link.
• All Routers Addresses
  • FF02:0:0:0:0:0:0:2 or FF02::2
  • Used to reach all routers on the link.
• Solicited-Node Address
  • FF02:0:0:0:0:1:FFXX:XXXX or FF02::1:FFXX:XXXX
  • XX:XXXX is the last 24 bits from the configured address, link-local or unicast.
  • Used to reach all nodes with the same configured address on the link.

And then we have the different ICMPv6 message types:

• Neighbor Solicitation (NS) – Type 135
  • Sent to FF02::1:FFXX:XXXX
  • A node use this address to verify that the tentative or “soon to be configured address” is not already in use by another node on the link.
• Neighbor Advertisement (NA) – Type 136
  • Sent to all nodes listening to FF02::1
  • Informs neighbors about the currently configured address.
• Router Solicitation (RS) – Type 133
  • Sent to all routers listening to FF02::2
  • Used by a node to locate default routers and request them to send a Router Advertisement.
• Router Advertisement (RA) – Type 134
  • Sent to all nodes listening to FF02::1.
  • Used by routers to advertise their presence and give information about which prefix is being used on the link.
• Redirect
  • Used by routers to inform hosts of a better first hop for a destination.

So to better understand how this all works together we’ll use the following topology:

The router has been configured as follows:

ipv6 unicast-routing
!
interface FastEthernet0/0
 ipv6 address 2001:DB8:1:1::1/64

By running “debug ipv6 nd” on the router interface we can see NDP in action:

ROUTER#debug ipv6 nd
*Mar  1 01:31:19.271: ICMPv6-ND: Sending NS for FE80::200:11FF:FE11:1111 on FastEthernet0/0
*Mar  1 01:31:20.275: ICMPv6-ND: DAD: FE80::200:11FF:FE11:1111 is unique.
*Mar  1 01:31:20.275: ICMPv6-ND: Sending NA for FE80::200:11FF:FE11:1111 on FastEthernet0/0
*Mar  1 01:31:20.275: ICMPv6-ND: Linklocal FE80::200:11FF:FE11:1111 on FastEthernet0/0, Up
*Mar  1 01:31:20.279: ICMPv6-ND: Request to send RA for FE80::200:11FF:FE11:1111
*Mar  1 01:31:20.279: ICMPv6-ND: Sending RA from FE80::200:11FF:FE11:1111 to FF02::1 on FastEthernet0/0
*Mar  1 01:31:20.279: ICMPv6-ND:     MTU = 1500
*Mar  1 01:31:20.283: ICMPv6-ND:     prefix = 2001:DB8:1:1::/64 onlink autoconfig
*Mar  1 01:31:20.283: ICMPv6-ND:             2592000/604800 (valid/preferred)
*Mar  1 01:31:20.283: ICMPv6-ND: Address FE80::200:11FF:FE11:1111/10 is up on FastEthernet0/0
*Mar  1 01:31:20.291: ICMPv6-ND: Sending NS for 2001:DB8:1:1::1 on FastEthernet0/0
*Mar  1 01:31:21.295: ICMPv6-ND: DAD: 2001:DB8:1:1::1 is unique.
*Mar  1 01:31:21.295: ICMPv6-ND: Sending NA for 2001:DB8:1:1::1 on FastEthernet0/0
*Mar  1 01:31:21.299: ICMPv6-ND: Address 2001:DB8:1:1::1/64 is up on FastEthernet0/0
*Mar  1 01:31:36.607: ICMPv6-ND: Request to send RA for FE80::200:11FF:FE11:1111
*Mar  1 01:31:36.607: ICMPv6-ND: Sending RA from FE80::200:11FF:FE11:1111 to FF02::1 on FastEthernet0/0
*Mar  1 01:31:36.607: ICMPv6-ND:     MTU = 1500
*Mar  1 01:31:36.611: ICMPv6-ND:     prefix = 2001:DB8:1:1::/64 onlink autoconfig
*Mar  1 01:31:36.611: ICMPv6-ND:             2592000/604800 (valid/preferred)
*Mar  1 01:31:52.999: ICMPv6-ND: Request to send RA for FE80::200:11FF:FE11:1111
*Mar  1 01:31:52.999: ICMPv6-ND: Sending RA from FE80::200:11FF:FE11:1111 to FF02::1 on FastEthernet0/0
*Mar  1 01:31:52.999: ICMPv6-ND:     MTU = 1500
*Mar  1 01:31:53.003: ICMPv6-ND:     prefix = 2001:DB8:1:1::/64 onlink autoconfig
*Mar  1 01:31:53.003: ICMPv6-ND:             2592000/604800 (valid/preferred)
*Mar  1 01:35:13.503: ICMPv6-ND: Request to send RA for FE80::200:11FF:FE11:1111
*Mar  1 01:35:13.503: ICMPv6-ND: Sending RA from FE80::200:11FF:FE11:1111 to FF02::1 on FastEthernet0/0
*Mar  1 01:35:13.503: ICMPv6-ND:     MTU = 1500
*Mar  1 01:35:13.503: ICMPv6-ND:     prefix = 2001:DB8:1:1::/64 onlink autoconfig
*Mar  1 01:35:13.507: ICMPv6-ND:             2592000/604800 (valid/preferred)

And the same events as seen in Wireshark:

So the following Neighbor Discovery events takes place:

1. Sending NS for FE80::200:11FF:FE11:1111 to FF02::1:FF11:111
   1. The router has generated a link-local address using EUI-64 and wants to know if it is available to use. Notice the unspecified source address.
2. Sending NA for FE80::200:11FF:FE11:1111 to FF02::1
   1. After waiting 1 second Duplicate Address Detection (DAD) concludes that the link-local address is available.
   2. The router informs all neighbors that it owns this address.
3. Sending RA from FE80::200:11FF:FE11:1111 to FF02::1
   1. The router starts sending Router Advertisement to inform all nodes about which prefix is being used etc.
4. Sending NS for 2001:DB8:1:1::1 to FF02::1:FF00:1
   1. The router has been assigned a global unicast address and wants to know if it is available. The source address is unspecified.
5. Sending NA for 2001:DB8:1:1::1 to FF02::1
   1. After waiting 1 second DAD concludes that the global unicast address is available.
   2. The router informs all neighbors that it owns this address.
6. Sending RA from FE80::200:11FF:FE11:1111 to FF02::1
   1. The second RA is sent after ~16 seconds.
7. Sending RA from FE80::200:11FF:FE11:1111 to FF02::1
   1. The third RA is sent after ~32 seconds.
8. Sending RA from FE80::200:11FF:FE11:1111 to FF02::1
   1. The fourth and following RAs are sent at 200 second intervals (default).
   2. Also notice that the router use it’s link-local address and not the global unicast address when sending RAs.

The whole process took around 5 seconds to complete. IPv6 is now running on the router, RAs is being sent at 200 second intervals and we have configured a global unicast address on the LAN interface.

Next step is to configure CLIENT_A. Setting up auto-configuration is done the same way as described earlier:

interface FastEthernet0/0
 ipv6 address autoconfig default

The default keyword tells the client to insert a default route based on the RA it receives.

So here is what happens on CLIENT_A:

CLIENT_A#debug ipv6 nd
*Mar  1 02:55:26.539: ICMPv6-ND: Sending NS for FE80::200:AAFF:FEAA:AAAA on FastEthernet0/0
*Mar  1 02:55:27.543: ICMPv6-ND: DAD: FE80::200:AAFF:FEAA:AAAA is unique.
*Mar  1 02:55:27.543: ICMPv6-ND: Sending NA for FE80::200:AAFF:FEAA:AAAA on FastEthernet0/0
*Mar  1 02:55:27.543: ICMPv6-ND: Linklocal FE80::200:AAFF:FEAA:AAAA on FastEthernet0/0, Up
*Mar  1 02:55:27.547: ICMPv6-ND: Address FE80::200:AAFF:FEAA:AAAA/10 is up on FastEthernet0/0
*Mar  1 02:55:30.543: ICMPv6-ND: Sending RS on FastEthernet0/0
*Mar  1 02:55:30.607: ICMPv6-ND: Received RA from FE80::200:11FF:FE11:1111 on FastEthernet0/0
*Mar  1 02:55:30.607: ICMPv6-ND: DELETE -> INCMP: FE80::200:11FF:FE11:1111
*Mar  1 02:55:30.607: ICMPv6-ND: Neighbour FE80::200:11FF:FE11:1111 on FastEthernet0/0 : LLA 0000.1111.1111
*Mar  1 02:55:30.611: ICMPv6-ND: INCMP -> STALE: FE80::200:11FF:FE11:1111
*Mar  1 02:55:30.611: ICMPv6-ND: Selected new default router FE80::200:11FF:FE11:1111 on FastEthernet0/0
*Mar  1 02:55:30.615: ICMPv6-ND: Prefix Information change for 2001:DB8:1:1::/64, 0x0 -> 0xE0
*Mar  1 02:55:30.615: ICMPv6-ND: Adding prefix 2001:DB8:1:1::/64 to FastEthernet0/0
*Mar  1 02:55:30.619: ICMPv6-ND: Sending NS for 2001:DB8:1:1:200:AAFF:FEAA:AAAA on FastEthernet0/0
*Mar  1 02:55:30.619: ICMPv6-ND: Autoconfiguring 2001:DB8:1:1:200:AAFF:FEAA:AAAA on FastEthernet0/0
*Mar  1 02:55:31.619: ICMPv6-ND: DAD: 2001:DB8:1:1:200:AAFF:FEAA:AAAA is unique.
*Mar  1 02:55:31.619: ICMPv6-ND: Sending NA for 2001:DB8:1:1:200:AAFF:FEAA:AAAA on FastEthernet0/0
*Mar  1 02:55:31.623: ICMPv6-ND: Address 2001:DB8:1:1:200:AAFF:FEAA:AAAA/64 is up on FastEthernet0/0

And the same events as seen in Wireshark:

The main NDP events can be summarized like this:

1. Sending NS for FE80::200:AAFF:FEAA:AAAA to FF02::1:FFAA:AAAA
   1. The client has generated a link-local address and wants to know if it’s available. The source address is unspecified.
2. Sending NA for FE80::200:AAFF:FEAA:AAAA to FF02::1
   1. Having received no replies the client informs all nodes that it owns this address.
3. Sending RS to FF02::2
   1. The client tries to locate a router.
4. Received RA from FE80::200:11FF:FE11:1111
   1. The router replies to all nodes with a Router Advertisement.
5. Sending NS for 2001:DB8:1:1:200:AAFF:FEAA:AAAA to FF02::1:FFAA:AAAA
   1. The client has auto-configured a global unicast address based on the received prefix. Wants to know if it is available to use. The source address is unspecified.
6. Sending NA for 2001:DB8:1:1:200:AAFF:FEAA:AAAA to FF02::1
   1. After waiting 1 second DAD concludes that the address in available.

And just as we saw earlier, the whole process takes 5 seconds to complete. All is good, the router and client can reach each other and an IPv6 default route is installed on the client.

Here’s how it all looks in the router:

ROUTER#show ipv6 interface fastEthernet 0/0
FastEthernet0/0 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::200:11FF:FE11:1111
  No Virtual link-local address(es):
  Global unicast address(es):
    2001:DB8:1:1::1, subnet is 2001:DB8:1:1::/64
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:FF00:1
    FF02::1:FF11:1111
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ICMP unreachables are sent
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds
  ND advertised reachable time is 0 milliseconds
  ND advertised retransmit interval is 0 milliseconds
  ND router advertisements are sent every 200 seconds
  ND router advertisements live for 1800 seconds
  ND advertised default router preference is Medium
  Hosts use stateless autoconfig for addresses.

The output shows the link-local address generated using EUI-64, the global unicast address, the multicast addresses (all nodes, all routers, solicited-node address for both configured addresses), that DAD is enabled and RAs is being sent every 200 seconds.

CLIENT_A#show ipv6 interface fastethernet0/0
FastEthernet0/0 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::200:AAFF:FEAA:AAAA
  No Virtual link-local address(es):
  Global unicast address(es):
    2001:DB8:1:1:200:AAFF:FEAA:AAAA, subnet is 2001:DB8:1:1::/64 [EUI/CAL/PRE]
      valid lifetime 2591868 preferred lifetime 604668
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:FFAA:AAAA
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ICMP unreachables are sent
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds
  Hosts use stateless autoconfig for addresses.

The output show the link-local address and the global unicast address generated using EUI-64, the multicast addresses (all nodes, all routers and solicited-node address). The reason we’re seeing only one solicited-node address is that the last 24 bits on both the link-local and global unicast address are identical, “AA:AAAA”. And at the end we see DAD is enabled.

But what about DNS-servers and name resolution? That’s where DHCPv6 (RFC 3315) comes in or the proposed change to Router Advertisements to include DNS servers (RFC 6106). But that’s another story.

For more detailed information on IPv6 addressing, SLAAC and NDP have a look at the following RFCs:

It’s time to activate IPv6 on your routers!

If you’re looking for a tailor-made workshop or network analysis, check out my Consulting Services for more information.

Either prepare a topology using GNSparser or use this one:

The first thing to do is to enable IPv6 globally and configure the interfaces on each router. This includes loopback interfaces which will be used as Router IDs and IPv6 addressing for end-to-end connectivity between the routers.

Let’s start with R1:

ipv6 unicast-routing
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.0
!
interface FastEthernet0/0
 ipv6 address 2001:DB8:1000:1::1/64

And then we configure R2:

ipv6 unicast-routing
!
interface Loopback0
 ip address 2.2.2.2 255.255.255.0
!
interface FastEthernet0/0
 ipv6 address 2001:DB8:1000:1::2/64
!
interface FastEthernet0/1
 ipv6 address 2001:DB8:1000:2::2/64

And the last one, R3:

ipv6 unicast-routing
!
interface Loopback0
 ip address 3.3.3.3 255.255.255.0
!
interface FastEthernet0/0
 ipv6 address 2001:DB8:1000:2::3/64

Pretty straightforward stuff.

To verify IPv6 connectivity between R1 and R2 we’ll take ICMPv6 for a spin:

R1#ping 2001:DB8:1000:1::2                                                

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8:1000:1::2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/25/40 ms

We can also verify that we’re seeing IPv6 neighbors from R1:

R1#show ipv6 neighbors 2001:DB8:1000:1::2                                   
IPv6 Address                              Age Link-layer Addr State Interface
2001:DB8:1000:1::2                          1 c202.35ae.0000  STALE Fa0/0

R2 is alive!

So the next configuration step is to enable OSPFv3 on all interfaces on R1, R2 and R3 and put them in the backbone area 0. Enter interface configuration mode and type:

ipv6 ospf 100 area 0

Also notice how OSPFv3 use link-local addresses to form neighbor adjacencies and not global unicast addresses. Another detail to notice is how interfaces on adjacent routers are referred to using “Interface ID” or “Link ID” instead of IPv6 addresses:

That’s it. IPv6 rules.

Auto-tunneling is a last resort method compared to dual-stack or native IPv6 support, but it can be used as a temporary solution for providing IPv6 connectivity. Just don’t expect kick-ass performance http://www.potaroo.net/ispcol/2010-12/6to4fail.html.

For a short introduction on how 6to4 works check out http://en.wikipedia.org/wiki/6to4#How_6to4_works.

So here is the topology we’ll be using:

We are running OSPF on all backbone routers providing IPv4 connectivity between sites A and B. Both sites are IPv6 only networks. Each client is using IPv6 Stateless Address Autoconfiguration (SLAAC) to obtain an IPv6 global unicast address and a default route from the local gateway.

First let’s enable IPv6 and configure the internal interface on R1:

ipv6 unicast-routing
interface FastEthernet0/1
 no ip address
 ipv6 address 2001:DB8:0:1000::1/64
 ipv6 enable

And then we do the same on R3:

ipv6 unicast-routing
interface FastEthernet0/1
 no ip address
 ipv6 address 2001:DB8:0:2000::1/64
 ipv6 enable

Then we configure each IPv6 client to use SLAAC and insert a default route to be able to reach a remote network:

interface FastEthernet0/0
 no ip address
 ipv6 address autoconfig default
 ipv6 enable

So how are we doing so far? We have applied a link-local address and a global unicast address based on R1’s Router Advertisement:

CLIENT1#show ipv6 interface brief FastEthernet 0/0
FastEthernet0/0            [up/up]
    FE80::C006:1CFF:FE83:0
    2001:DB8:0:1000:C006:1CFF:FE83:0

We are seeing IPv6 neighbors (R1!) on our local link:

CLIENT1#show ipv6 neighbors                     
IPv6 Address                              Age Link-layer Addr State Interface
FE80::C000:1CFF:FE83:1                      3 c200.1c83.0001  STALE Fa0/0

We have inserted a default route of ::/0 with a next-hop of R1:

CLIENT1#show ipv6 route                           
IPv6 Routing Table - 4 entries
--LINES OMITTED--
S   ::/0 [1/0]
     via FE80::C000:1CFF:FE83:1, FastEthernet0/0
C   2001:DB8:0:1000::/64 [0/0]
     via ::, FastEthernet0/0
L   2001:DB8:0:1000:C006:1CFF:FE83:0/128 [0/0]
     via ::, FastEthernet0/0
L   FF00::/8 [0/0]
     via ::, Null0

And we have IPv6 connectivity with R1 from CLIENT1:

CLIENT1#ping 2001:DB8:0:1000::1         

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8:0:1000::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/20/20 ms

Very fancy indeed. So now let’s configure the 6to4 tunnels. Beginning with R1:

interface Tunnel0
 no ip address
 ipv6 address 2002:101:101::/128
 ipv6 enable
 tunnel source Loopback0
 tunnel mode ipv6ip 6to4

What is that 101:101 part? That’s the hexadecimal equivalent of the IPv4 address 1.1.1.1. This is where the magic happens that allows 6to4 to figure out which source IPv4 address to use when tunneling the IPv6 traffic over the internet.

Since we are using global unicast addresses  instead of the reserved 2002::/16 prefix we need to make two small changes to the IPv6 routing table:

ipv6 route 2001:DB8:0:2000::/64 2002:303:303::
ipv6 route 2002::/16 Tunnel0

By doing this we tell the router to route all traffic with an IPv6 destination of Site B’s prefix to the next-hop address of the 6to4 router R3. The recursive lookup that follows routes the packet to 2002::/16 and out the 6to4 tunnel interface Tunnel0.

The final step is to do the same steps on R3:

interface Tunnel0
 no ip address
 ipv6 address 2002:303:303::/128
 ipv6 enable
 tunnel source Loopback0
 tunnel mode ipv6ip 6to4
!
ipv6 route 2001:DB8:0:1000::/64 2002:101:101::
ipv6 route 2002::/16 Tunnel0

So now we have successfully configured a 6to4 tunnel. Let’s do a traceroute from CLIENT1 to CLIENT2:

CLIENT1#traceroute 2001:DB8:0:2000:C007:1CFF:FE83:0

Type escape sequence to abort.
Tracing the route to 2001:DB8:0:2000:C007:1CFF:FE83:0

  1 2001:DB8:0:1000::1 24 msec 20 msec 20 msec
  2 2002:303:303:: 64 msec 64 msec 64 msec
  3 2001:DB8:0:2000:C007:1CFF:FE83:0 88 msec 84 msec 84 msec

As we can see, the first hop is R1’s internal interface, the second hop is the 6to4 tunnel interface on R3 and the third and last hop is CLIENT2’s local SLAAC configured interface.

IPv6 rules.