IPv6: Quick Tips on some good to knows, and need to knows for IPv6 on exam day, may be adding info to this in the future!

I want to briefly touch on the basics of IPv6 in general without any sort of Protocols in the mix, just the basics for now, we’ll save that other fun stuff for a later date.

This is kind of from the beginning of enabling IPv6 to run on a router to assigning an interface an address (or it assigning itself an address)!

First, a quick note, this is how you enable ipv6 on your router to begin with:

R1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#ipv6 unicast-routing
R1(config)#

Without “ipv6 unicast-routing” entered in global config, IPv6 functionality is not enabled.

Some facts bullet point style to remember for exam day:

• IPv6 DOES NOT USE BROADCASTS – However it does use Unicasts and Multicasts
• IPv6 was created with Summarization in mind, and has 128 bit masks, usually condensed with zero compression / leading zero compression in them
• DHCPv6 exists, however the IPv6 hosts can configure themselves with “Autoconfiguration”
• NAT still exists as part of IPv4 to IPv6 Migration Strategies from another post

 

Internal / LAN Private IPv6 address space idenfication, as well as Public

To identify an address that is considered non-routable for IPv6 to be assigned to the LAN, look for to addresses:

•  fc00::/7
• fdxx:x:x:x… etc – Anything that starts with “FDXX” in the first “quartet”

Global (Public) IPv6 address space:

• 2000::/3 is the IPv6 for Global Unicast Addresses

 

Interface Identifiers and the EUI-64 (Extended Unique Identifier) Address type:

Every interface in an IPv6 link requires a unique identifier (hence Interface Identifier), which is a 64-bit value comprised of the MAC address, which does not need to be manually entered or learned via DHCPv6 (Stateless Auto-Config).

This is where the EUI-64 comes to save the day!

It takes the MAC address of an interface, say this interface:

R1#sh int fa0/1
FastEthernet0/1 is up, line protocol is up
Hardware is Gt96k FE, address is 001e.f797.f14b (bia 001e.f797.f14b)
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
(And so on…)

Which has a 48-bit MAC address for the physical interface, the first 6 digits being the OUI of the manufacturer (24 bits) and the last 6 digits used for device addressing (24 bits) for a MAC address refresher.

To get to 64-bits it needs an additional 16, which is where EUI-64 comes in, as it injects FF:FE into the middle of the MAC address to give the Interface a Unique Identifier when you enable IPv6 on the interface:

R1(config)#int fa0/1
R1(config-if)#ipv6 enable
R1(config-if)#do sh ipv6 int fa0/1
FastEthernet0/1 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::21E:F7FF:FE97:F14B
  No Virtual link-local address(es):
  No global unicast address is configured
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:FF97:F14B
  MTU is 1500 bytes

Note we use “sh ipv6 …” instead of “sh ip …” as with basically all IPv6 commands.

I saw this on a practice exam, and I completely forgot these “nicknames” for some of the IP Address types I’ve mentioned in the migration link above, but didn’t hear it specifically used in my training materials.

WHAT IS AN IPV6 ISATAP ADDRESS? YOU NEED TO KNOW THESE ODD ADDRESS NICKNAMES SO TO SAY, SO GIVE IT A QUICK READ, INCLUDES SOME GOTCHAS!

It is a method of allowing IPv4 assigned to an outside interface to be integrated with an IPv6 address for neighbor discovery, and can be part of migration strategies.

So it will start out with its link-local “FE80::” and inject the following characters right before the IPv4 address “0200:5EFE:x.x.x.x”, so it will come out looking like this:

FE80::0000:5EFE:192.0.2.143

However, of course there are some gotchas to watch out for on exam day, two particularly. When looking at addresses, leading zero compression may be used on the “0200” portion, making the new address appear as this:

FE80::0000:5EFE:192.0.2.143

That is #1 to watch for, but Cisco will probably try to catch you off guard by using both gotchas in conjunction, which leads to the second gotcha of making the IPv4 into a Hex Value instead of an obvious dotted decimal at the end indication the ISATAP address type.

Here is an example of the two gotchas in conjunction:

FE80::0000:5EFE:C000:28F

Just remember if you see a 5EFE inside the IPv6 address, it is an ISATAP address.

NOW WHAT ON EARTH IS A “TEREDO ADDRESS” ?

This address type can be identified by its prefix type as follows:

2001:0000::/32

There is really no gotchas with this one, one piece of terminology to watch for is the Teredo Relay, as that is actually considered the router allowing the flow of Teredo traffic into and outside of the network.

IPv6 packets are encapsulated in IPv4 packets before transmission across a point-to-point manually configured tunnel.

6to4 Address example

2002::/16

I’ll write a brief descriptions of the different tunnel types, but above is how you can spot it, it will begin with 2002::/16

NAT-PT

Not an IPv6 tunnel at all, but actually does translations between IPv4 and IPv6 back and forth between both protocols, so no packets to encap / decap when using this.