ICMP for IPv6 is identified by a header value of 58 in the IPv6 next header field. ICMPv6 is used to report errors and perform internet layer functions eg ping for diagnostics. It's the base protocol for IPv6 and has to be fully implemented and understood by aspiring engineers.
Diagram used for this article is:
IPv6 Neighbor discovery and unicast routing.
Unicast routing is off by default, remember to enable it to allow ICMpv6 neighbor discovery that replaces ARP.
Router0(config)#ipv6 unicast-routing
Router0(config)#int f0/0
Router0(config-if)#ipv6 enable
Router0(config-if)#no shutdown
Router0#sh int f0/0
FastEthernet0/0 is up, line protocol is up
Hardware is AmdFE, address is cc00.1368.0000 (bia cc00.1368.0000)
Router0#sh ipv6 interface fastEthernet 0/0
FastEthernet0/0 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::CE00:13FF:FE68:0
No global unicast address is configured
Joined group address(es):
FF02::1
FF02::1:FF68:0
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds
Router0#ping FE80::CE01:13FF:FE68:0
Output Interface: FastEthernet0/0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to FE80::CE01:13FF:FE68:0, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/40/164 ms
note the expanded 0's (zeroes below), they mean the same thing.
Router0#ping FE80:0000:0000:0000:CE01:13FF:FE68:0
Output Interface: FastEthernet0/0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to FE80::CE01:13FF:FE68:0, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/32/96 ms
note similar commands have to be run on router 1.
Now lets take some debug to observe this process of enabling th elink local address, but first cover a few basics:
- IPv6 host adresses are generated from interface mac addresses. from the previouse post (partI), mac addresses are 48 bits and need conversion to 64bit to make a EUI-64 address.
- ICMPv6 Neighbor discovery is used to resolve layer 3 address to Layer 2 address. in case of ethernet, that would be a mac address to an IP address, or frame relay dlci to an address, or pvc to an ip address etc etc...
- This is not necessary for point to point links. the router knows that any traffic resolving/recursing to the interface based on the routing table will use whatever layer 2 circuit is assigned to the circuit.
- no inverse neighbor discovery yet. so all routes should be mapped incase of frame relay (frame relay map ipv6).
- Solicitations - asking other neighbors for info.
- Neighbor Solicitations - By any general hosts eg desktops and other hosts.
- Router Solicitations - Devices routing IPV6 eg a default gateway. eg router to router segments.
- Used to decide what the remote L2 address is of hosts and routers. The two types are there because there is additional info apart from the L2 address. eg routers can tell hosts the network prefix - this way a host just needs to enable IPV6, start sending neighbor solicitations to find out the neighbor, and router solicitation to find out the routers. The router sends back the network bit and the host - stateless autoconfiguration is built into ipv6 protocol stack.
- Advertisements - sending informations.
- Neighbor advertisements
- Router Advertisemens.
Router0(config)#
ICMPv6: Received ICMPv6 packet from ::, type 135
ICMPv6: Received ICMPv6 packet from FE80::CE00:13FF:FE68:0, type 136
ICMPv6-ND: Sending NS for FE80::CE01:16FF:FE0C:0 on FastEthernet0/0
!note the NS (neighbor solicitation) this is basically like asking' can I use this address?"
IPV6: source :: (local)
dest FF02::1:FF0C:0 (FastEthernet0/0)
!solicited node multicast address...used for duplicate address detection (DAD). ie essentially we ask 'is anyone using this address? in the segment.)
traffic class 224, flow 0x0, len 64+16, prot 58, hops 255, originating
IPv6: Sending on FastEthernet0/0
ICMPv6-ND: DAD: FE80::CE01:16FF:FE0C:0 is unique.
!Note chances of having a conflict are rare in this case since the address is derived from your mac address.and ICMPv6 acknowledges that the address is indeed unique.
ICMPv6-ND: Sending NA for FE80::CE01:16FF:FE0C:0 on FastEthernet0/0
!next we are advertising that we're an IPV6 neighbor with the address above.
IPV6: source FE80::CE01:16FF:FE0C:0 (local)
dest FF02::1 (FastEthernet0/0)
traffic class 224, flow 0x0, len 72+8, prot 58, hops 255, originating
IPv6: Sending on FastEthernet0/0
ICMPv6-ND: Address FE80::CE01:16FF:FE0C:0/0 is up on FastEthernet0/0
Router0(config)#
ICMPv6-ND: Sending RA to FF02::1 on FastEthernet0/0
ICMPv6-ND: MTU = 1500
IPV6: source FE80::CE00:16FF:FE0C:0 (local)
dest FF02::1 (FastEthernet0/0)
traffic class 224, flow 0x0, len 72+1428, prot 58, hops 255, originating
IPv6: Sending on FastEthernet0/0
Here - above- R0 sends then sends out an RA - router advertisement
and receives an advertisement from R1. Please note no network addresses are set yet, so what you receive is the routers link local address.
ICMPv6: Received ICMPv6 packet from FE80::CE01:16FF:FE0C:0, type 134
ICMPv6-ND: Received RA from FE80::CE01:16FF:FE0C:0 on FastEthernet0/0
Router0#show ipv6 neighborsnote the routers above only have link local processing
IPv6 Address Age Link-layer Addr State Interface
FE80::CE01:16FF:FE0C:0 0 cc01.160c.0000 REACH Fa0/
other commands that show output for different IP versions:
Router0#sh ipv6 int brief
FastEthernet0/0 [up/up]
FE80::CE00:16FF:FE0C:0
!shows the link local addresses on our interfaces.
Router0#sh ip int br
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 1.1.1.1 YES manual up upRouter0#sh ipv6 route
Router0#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 1.1.1.1 - cc00.160c.0000 ARPA FastEthernet0/0
Router0#sh ipv6 neighbors
IPv6 Address Age Link-layer Addr State Interface
FE80::CE01:16FF:FE0C:0 2 cc01.160c.0000 STALE Fa0/0IPv6 Routing Table - 2 entriesRouter0#sh ipv6 int
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
!note the Null0, this is because the traffic is local (remember this are not global addresses yet).
FE80::/10 is the entire range of link local addresses.
Router0#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/24 is subnetted, 1 subnets
C 1.1.1.0 is directly connected, FastEthernet0/0FastEthernet0/0 is up, line protocol is upall other commands, telnet etc also work but you need to be specific. Is there get a way to make ipv6 default IPversion
IPv6 is enabled, link-local address is FE80::CE00:16FF:FE0C:0
No global unicast address is configured
Joined group address(es):
FF02::1
!all host multicast, this is where the advertisements are sent to for autoconfiguration.
FF02::2
FF02::1:FF0C:0
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds
ND advertised reachable time is 0 milliseconds
ND advertised retransmit interval is 0 milliseconds
ND router advertisements are sent every 200 seconds
ND router advertisements live for 1800 seconds
Hosts use stateless autoconfig for addresses.
Router0#sh ip int
FastEthernet0/0 is up, line protocol is up
Internet address is 1.1.1.1/24
Broadcast address is 255.255.255.255
Address determined by setup command
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
another question:
can you disable IPv4 processing and only have IPV6 processing on a router?
Interesting question came up during this writing:
can you disable IPv4 processing and only have IPV6 processing on a router?
Posts
No comments:
Post a Comment