IPv6 Routing - Implementing IPv6 Routing and Routing Protocols2
Topics to cover:
Implementing IPV6 Static Routes
Implementing IPV6 RIPNG
Implementing OSPFv3
In order to start setting up Static routes etc, first thing we need to do is enable IPv6 routing (as cisco appreciatte that not everyone is going to be running it, and why take up router resources with it ....)
SO ....
We enable IPV6 with the above command, so lets get it enabled:
R1#conf t
R1(config)#ipv6 unicast-routing
Just to recap:
R1#show ipv6 int brie
FastEthernet0/0 [up/up]
FE80::C200:8FF:FE14:0
2001:11AA::1
Serial0/0 [up/up]
FE80::C200:8FF:FE14:0
2001:22AA::1
FastEthernet0/1 [administratively down/down]
Serial0/1 [administratively down/down]
So as of now i can ping R2 (Fast Ethernet) and R3 (Serial):
R1#ping 2001:11AA::2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:11AA::2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/23/40 ms
R1#ping 2001:22AA::2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:22AA::2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/7/24 ms
So, as expected if we are try and ping the subnet behind R3 ..... we fail:
R1#ping 2001:33AA::1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:33AA::1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Lets get a static route in there to help him out, its not all that different as mentioned above:
R1#conf t
R1(config)#ipv6 route ?
X:X:X:X::X/<0-128> IPv6 prefix x:x::y/<z>
R1(config)#ipv6 route 2001:33AA::/64 ?
Async Async interface
BVI Bridge-Group Virtual Interface
CDMA-Ix CDMA Ix interface
CTunnel CTunnel interface
Dialer Dialer interface
FastEthernet FastEthernet IEEE 802.3
Lex Lex interface
Loopback Loopback interface
MFR Multilink Frame Relay bundle interface
Multilink Multilink-group interface
Null Null interface
Port-channel Ethernet Channel of interfaces
Serial Serial
Tunnel Tunnel interface
Vif PGM Multicast Host interface
Virtual-PPP Virtual PPP interface
Virtual-Template Virtual Template interface
Virtual-TokenRing Virtual TokenRing
X:X:X:X::X IPv6 address of next-hop
XTagATM Extended Tag ATM interface
R1(config)#ipv6 route 2001:33AA::/64 2001:22aa::2
R1#ping 2001:33AA::1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:33AA::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/4/8 ms
Sorted, now we can ping :0)
R1#show ipv6 route
IPv6 Routing Table - 7 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
C 2001:11AA::/64 [0/0]
via ::, FastEthernet0/0
L 2001:11AA::1/128 [0/0]
via ::, FastEthernet0/0
C 2001:22AA::/64 [0/0]
via ::, Serial0/0
L 2001:22AA::1/128 [0/0]
via ::, Serial0/0
S 2001:33AA::/64 [1/0]
via 2001:22AA::2
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
The ipv6 route table seperates the local interface IP address, from the locally connected subnets.
Now lets try and ping R4's interface on that connected subnet to R3 (which should fail)
R1#ping 2001:33AA::2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:33AA::2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Lets get some routes into R4;
R4(config)#ipv6 route 2001:22aa::/64 2001:33aa::1
Lets try that ping again from R1 to R4:
R1#ping 2001:33AA::2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:33AA::2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/35/92 ms
R4(config)#ipv6 route 2001:11aa::/64 2001:33aa::1
Now lets be a bit different with R2, lets give it a default router
R2(config)#ipv6 route ::/0 2001:11aa::1
R2#show ipv6 route
IPv6 Routing Table - 5 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
S ::/0 [1/0]
via 2001:11AA::1
C 2001:11AA::/64 [0/0]
via ::, FastEthernet0/0
L 2001:11AA::2/128 [0/0]
via ::, FastEthernet0/0
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
Notice we have no gateway of last resort here peeps, you just gotta know it :0)
So lets just test with a ping off our subnet:
R2#ping ipv6 2001:22aa::1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:22AA::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/20/28 ms
R2#ping ipv6 2001:22aa::2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:22AA::2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Ah yes, Router3 is our blackhole, lets jump on there and sort him out
R3(config)#ipv6 route 2001:11aa::/64 2001:22aa::1
R3(config)#do ping 2001:11aa::2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:11AA::2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/27/44 msRIGHT, that should be it ..... lets test end to end connectivity from R4 to R1
R4#ping ipv6 2001:11aa::2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:11AA::2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/40/56 ms
SWEEEEEEET, and a traceroute :0)
R4#traceroute ipv6 2001:11aa::2
Type escape sequence to abort.
Tracing the route to 2001:11AA::2
1 2001:33AA::1 32 msec 28 msec 20 msec
2 2001:22AA::1 20 msec 20 msec 28 msec
3 2001:11AA::2 44 msec 28 msec 32 msec
Implementing IPV6 RIPNG
Is still RIP, it is still running ontop of UDP, its port 521 its distance vector, max hop count of 15, still split verizon, still has admin distance of 120 .... same old rip, uses multicast still like RIPV2
BUT the config is slightly different.....
Bye Bye network command, now we just enable it under the interface, nice and easy :0)
(I have reloaded the routers, so we have no static routes anywhere)
R1(config)#ipv6 unicast-routing (enabled this on all routers again)
R1(config)#inter fa0/0
R1(config-if)#ipv6 rip CCNP-RIP enable
R1(config-if)#inter s0/0
R1(config-if)#ipv6 rip CCNP-RIP enable
SO now, RIP is enabled just like that on FA0/0, simples. Also as a side note RIP uses the link-local addresses to communicated via the multicasting and as its source address
R2(config)#int fa0/0
R2(config-if)#ipv6 rip CCNP-RIP enable
Lets see if we have learnt that serial network behind R1
R2(config-if)#do show ipv6 route
IPv6 Routing Table - 5 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
C 2001:11AA::/64 [0/0]
via ::, FastEthernet0/0
L 2001:11AA::2/128 [0/0]
via ::, FastEthernet0/0
R 2001:22AA::/64 [120/2]
via FE80::C200:9FF:FEC0:0, FastEthernet0/0
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
notice that link-local address :0)
R2#show ipv6 protocols
IPv6 Routing Protocol is "connected"
IPv6 Routing Protocol is "static"
IPv6 Routing Protocol is "rip CCNP-RIP"
Interfaces:
FastEthernet0/0
Redistribution:
None
lets do the others (just for the record the TAG, does not have to be the same on the routes..)
R3(config)#inter s0/0
R3(config-if)#ipv6 rip CCNP-RIP enable
R3(config-if)#inter fa0/0
R3(config-if)#ipv6 rip CCNP-RIP enable
R4(config-if)#inter fa0/0
R4(config-if)#ipv6 rip CCNP-RIP enable
Lets check the routing table of R4:
R4#show ipv6 route
IPv6 Routing Table - 6 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
R 2001:11AA::/64 [120/3]
via FE80::C203:13FF:FEEC:0, FastEthernet0/0
R 2001:22AA::/64 [120/2]
via FE80::C203:13FF:FEEC:0, FastEthernet0/0
C 2001:33AA::/64 [0/0]
via ::, FastEthernet0/0
L 2001:33AA::2/128 [0/0]
via ::, FastEthernet0/0
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
R4#debug ipv6 rip
*Mar 1 00:19:06.627: RIPng: Sending multicast update on FastEthernet0/0 for CCNP-RIP
*Mar 1 00:19:06.631: src=FE80::C202:13FF:FEEC:0
*Mar 1 00:19:06.631: dst=FF02::9 (FastEthernet0/0)
*Mar 1 00:19:06.635: sport=521, dport=521, length=32
*Mar 1 00:19:06.635: command=2, version=1, mbz=0, #rte=1
*Mar 1 00:19:06.635: tag=0, metric=1, prefix=2001:33AA::/64
We can see the souce/dest ports, tags now, yup you can do tagging, plus the hop count and network being advertised. Notice we have gone back to RIP v1 (as this is NG!)
Another note, you can only go under the RIP/OSPF process for the router once you have enabled RIP/OSPF:
R1(config)#ipv6 router ?
ospf Open Shortest Path First (OSPF)
rip IPv6 Routing Information Protocol (RIPv6)
R1(config)#ipv6 router rip CCNP-RIP
R1(config-rtr)#?
default Set a command to its defaults
distance Administrative distance
distribute-list Filter networks in routing updates
exit Exit from IPv6 routing protocol configuration mode
maximum-paths Forward packets over multiple paths
no Negate a command or set its defaults
poison-reverse Poison reverse updates
port Port and multicast address
redistribute Redistribute IPv6 prefixes from another routing protocol
split-horizon Split horizon updates
timers Adjust routing timers
Implementing OSPFv3
So OSPFv3 is still the same old OSPF, except the config and this time round the link-local neighbourships and the link-local carry the updates/etc , you also enable it under the interface
and there is no OSPF authentication, as IPV6 provides all the encryption and security.
R1(config-if)#ipv6 ospf 1 area 10
R1(config-if)#
*Mar 1 00:01:01.135: %OSPFv3-4-NORTRID: OSPFv3 process 1 could not pick a router-id,
please configure manually
Why do we get this error, well it still relies on an IPV4 address and we have none:
R1(config-if)#do show ip int brie
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES NVRAM up up
Serial0/0 unassigned YES NVRAM up up
FastEthernet0/1 unassigned YES NVRAM administratively down down
Serial0/1 unassigned YES NVRAM administratively down down
Lets get that sorted otherwise we wont be sending any HELLO packets:
R1(config-if)#ipv6 router ospf 1
R1(config-rtr)#router-id 1.1.1.1
R1(config-if)#ipv6 ospf 1 area 0
Lets do R2:
R2(config)#ipv6 unicast-routing
R2(config)#int fa0/0
R2(config-if)#ipv6 ospf 1 area 10
*Mar 1 00:07:14.467: %OSPFv3-4-NORTRID: OSPFv3 process 1 could not pick a router-id,
please configure manually
R2(config-if)#ipv6 router ospf 1
R2(config-rtr)#router-id 2.2.2.2
*Mar 1 00:07:50.023: %OSPFv3-5-ADJCHG: Process 1, Nbr 1.1.1.1 on FastEthernet0/0 from LOADING to FULL, Loading Done
R2#show ipv6 ospf neighbor
Neighbor ID Pri State Dead Time Interface ID Interface
1.1.1.1 1 FULL/DR 00:00:32 4 FastEthernet0/0
Lets do R3:
R3(config)#ipv6 unicast-routing
R3(config)#inter s0/0
R3(config-if)#ipv6 ospf 1 area 0
*Mar 1 00:09:57.367: %OSPFv3-4-NORTRID: OSPFv3 process 1 could not pick a router-id,
please configure manually
R3(config-if)#int fa0/0
R3(config-if)#ipv6 ospf 1 area 20
R3(config-if)#ipv6 router ospf 1
R3(config-rtr)#router-id 3.3.3.3
R3(config-rtr)#
*Mar 1 00:10:28.967: %OSPFv3-5-ADJCHG: Process 1, Nbr 1.1.1.1 on Serial0/0 from LOADING to FULL, Loading Done
Lets do R4:
R4(config)#ipv6 unicast-routing
R4(config)#inter fa0/0
R4(config-if)#ipv6 ospf 1 area 20
R4(config-if)#
*Mar 1 00:12:32.007: %OSPFv3-4-NORTRID: OSPFv3 process 1 could not pick a router-id,
please configure manually
R4(config-if)#ipv6 router ospf 1
R4(config-rtr)#router-id 4.4.4.4
*Mar 1 00:12:53.567: %OSPFv3-5-ADJCHG: Process 1, Nbr 3.3.3.3 on FastEthernet0/0 from LOADING to FULL, Loading Done
R4#show ipv6 ospf int
FastEthernet0/0 is up, line protocol is up
Link Local Address FE80::C202:10FF:FE30:0, Interface ID 4
Area 20, Process ID 1, Instance ID 0, Router ID 4.4.4.4
Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State BDR, Priority 1
Designated Router (ID) 3.3.3.3, local address FE80::C203:10FF:FE30:0
Backup Designated router (ID) 4.4.4.4, local address FE80::C202:10FF:FE30:0
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:04
Index 1/1/1, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 2
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 3.3.3.3 (Designated Router)
Suppress hello for 0 neighbor(s)
R4#show ipv6 rou
IPv6 Routing Table - 6 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
OI 2001:11AA::/64 [110/84]
via FE80::C203:10FF:FE30:0, FastEthernet0/0
OI 2001:22AA::/64 [110/74]
via FE80::C203:10FF:FE30:0, FastEthernet0/0
C 2001:33AA::/64 [0/0]
via ::, FastEthernet0/0
L 2001:33AA::2/128 [0/0]
via ::, FastEthernet0/0
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
Everything else is the same, ASBR's, ABR's etc .......Its not toooo bad
