SLAAC Overview
How often does a router send RA messages?
A router sends RA messages every 200 seconds. However, it will also send an RA message if it receives an RS message from a host.
What is the RA flag set to in SLAAC?
Both the M flag and the O flag are set to 0 in the RA. This option instruct the client to the information in the RA message only.
How is DHCPv6 defined?
DHCPv6 is defined in RFC 3315
show ipv6 interface
Displays the IPv6 statistics for all interfaces on a router
Stateful DHCPv6
M flag is set to 1. Use the command ipv6 nd managed-config-flag note: The DHCPv6 server is stateful and maintains a list of IPv6 address bindings
Basic IPv6 SLAAC Configuration
Router>enable Router#configure terminal Router(config)#ipv6 unicast-routing Router(config)#interface <interface> Routher(config-if)#ipv6 address ipv6-address/prefix-length Router(config-if)#no shutdown Basic IPv6 SlAAC Example Configuration R1>enable R1#configure terminal R1(config)#ipv6 unicast-routing R1(config)#interface fa0/0 R1(config-if)#ipv6 address 2000:1234:5678::1001:1/64 R1(config-if)#no shutdown
SLAAC (stateless address autoconfiguration )
SLAAC is a stateless service. This means there is no server that maintains network address information to know which IPv6 addresses are being used and which ones are available. SLAAC uses ICMPv6 RA messages to provide addressing and other configuration information that would normally be provided by a DHCP server. A host configures its IPv6 address based on the information that is sent in the RA. RA messages are sent by an IPv6 router every 200 seconds. A host can also send a Router Solicitation (RS) message requesting that an IPv6-enabled router send the host an RA. SLAAC can be deployed as SLAAC only, or SLAAC with DHCPv6.
Randomly generated
The 64-bit interface ID is randomly generated by the client operating system. This is the method now used by Windows 10 hosts.
Duplicate Address Detection (DAD)
The Duplicate Address Detection (DAD) process is used by a host to ensure that the IPv6 GUA is unique. DAD is implemented using ICMPv6. To perform DAD, the host sends an ICMPv6 Neighbor Solicitation (NS) message with a specially constructed multicast address, called a solicited-node multicast address. This address duplicates the last 24 bits of IPv6 address of the host. If no other devices respond with a NA message, then the address is virtually guaranteed to be unique and can be used by the host. If an NA is received by the host, then the address is not unique, and the operating system has to determine a new interface ID to use. The Internet Engineering Task Force (IETF) recommends that DAD is used on all IPv6 unicast addresses regardless of whether it is created using SLAAC only, obtained using stateful DHCPv6, or manually configured. DAD is not mandatory because a 64-bit interface ID provides 18 quintillion possibilities and the chance that there is a duplication is remote. However, most operating systems perform DAD on all IPv6 unicast addresses, regardless of how the address is configured.
What do the 0 for O and M flags mean?
The O =0 and M=0 flags instruct the client to use the information in the RA message exclusively. The RA includes the prefix, prefix-length, DNS server, MTU, and default gateway information. There is no further information available from a DHCPv6 server.
What happens when the ipv6 unicast-routing command is configured?
The SLAAC only method is enabled by default when the ipv6 unicast-routing command is configured. All enabled Ethernet interfaces with an IPv6 GUA configured will start sending RA messages with the A flag set to 1, and the O and M flags set to 0, as shown in the figure.
EUI-65
The host creates an interface ID using its 48-bit MAC address. The host inserts the hex value of fffe in the middle of the address, and flips the seventh bit of the interface ID. This changes the value of the second hexadecimal digit of the interface ID. Some operating systems default to the randomly generated interface ID instead of the EUI-64 method, due to privacy concerns. This is because the Ethernet MAC address of the host is used by EUI-64 to create the interface ID. Note: Windows, Linux, and Mac OS allow for the user to modify the generation of the interface ID to be either randomly generated or to use EUI-64.
ipv6 unicast-routing
a command to enable IPv6 on a router
What command is used to enable Stateless DHCPv6?
ipv6 nd other-confg-flag interface configurationg comand setting O flag to 1 Note: You can use the no ipv6 nd other-config-flag to reset the interface to the default SLAAC only option (O flag = 0).
How to enable SLAAC on a router
The output of the show ipv6 interface command displays the current settings on the G0/0/1 interface. As highlighted, R1 has been assigned the following IPv6 addresses: Link-local IPv6 address - fe80::1 GUA and subnet - 2001:db8:acad:1::1 and 2001:db8:acad:1::/64 IPv6 all-nodes group - ff02::1 R1# show ipv6 interface G0/0/1 GigabitEthernet0/0/1 is up, line protocol is up IPv6 is enabled, link-local address is FE80::1 No Virtual link-local address(es): Description: Link to LAN Global unicast address(es): 2001:DB8:ACAD:1::1, subnet is 2001:DB8:ACAD:1::/64 Joined group address(es): FF02::1 FF02::1:FF00:1 (output omitted) R1# Although the router interface has an IPv6 configuration, it is still not yet enabled to send RAs containing address configuration information to hosts using SLAAC. To enable the sending of RA messages, a router must join the IPv6 all-routers group using the ipv6 unicast-routing global config command, as show in the output. R1(config)# ipv6 unicast-routing R1(config)# exit R1# The IPv6 all-routers group responds to the IPv6 multicast address ff02::2. You can use the show ipv6 interface command to verify if a router is enabled as shown, in the output. An IPv6-enabled Cisco router sends RA messages to the IPv6 all-nodes multicast address ff02::1 every 200 seconds. R1# show ipv6 interface G0/0/1 | section Joined Joined group address(es): FF02::1 FF02::2 FF02::1:FF00:1 R1#
show ipv6 interface g0/0/1 | section Joined
Used to verify if a router is enabled
What dopes a host typically acquire when using SLAAC?
Using SLAAC, a host typically acquires its 64-bit IPv6 subnet information from the router RA. However, it must generate the remainder 64-bit interface identifier (ID) using one of two methods:
What happens when a client is configured to obtain it's addressing information automatically?
When a client is configured to obtain its addressing information automatically, it sends an RS message to the IPv6 all-routers multicast address of ff02::2.
