You are on page 1of 643

NLIs CCIE IPv6 Lab Guide

WRI T T EN BY :
ASHWI N KOHL I
CCI E # 8877
NLI'S CCIE IPV6 LAB GUIDE
2
NLI'S CCIE IPV6 LAB GUIDE
Ashwin Kohli, CCIE #8877
Published by:
Network Learning Inc.
1997 Whitney Mesa Dr.
Henderson, NV 89014 USA
All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means,
electronic or mechanical, including photocopying, recording, or by any information storage and retrieval
system, without written permission from the publisher, except for the inclusion of brief quotations in a
review.
Printed in the United States of America
This book is designed to provide information about the Cisco CCIE lab examination. Every effort has been
made to make this book as complete and as accurate as possible, but no warranty or fitness is implied.
author, and the publisher, Network Learning Inc. shall
have neither liability nor responsibility to any person or entity with respect to any loss or damages arising
from the information contained in this book.
Feedback should be submitted to the following URL: www.securityie.comand www.routerie.com
That site is monitored daily by our staff. Should you have any comments, suggestions, or complaints feel
free to post them on that site.
Marc Russell
NLI'S CCIE IPV6 LAB GUIDE
4
is a dual CCIE #8877 (Routing/Switching and Security). He is currently a
Architect for one of the top financial companies, and is responsible for architecting
enterprise solutions. He has worked at many of the top financial companies for over 10 years.
Ashwin also holds the CCNP, CCDP and a BSc in Computer Science & Accounting form
Manchester University, United Kingdom. He has more than 10 years experience in Cisco
networking and security including planning, designing, implementing, and troubleshooting
enterprise multi-protocol networks. Ashwin also writes Cisco training material for Network
Learning, Inc.
NLI'S CCIE IPV6 LAB GUIDE
i
LEARNING THE BASICS OF INTERNET PROTOCOL ..................................................9
Brief History of IP: ARPAnet..................................................................................................... 9
Brief History Of IP:DARPAnet .................................................................................................. 9
TCP/IP Was Born ..................................................................................................................... 10
TCP/IP Layering....................................................................................................................... 10
IP Layer Features ...................................................................................................................... 10
IP Versions And Version Numbers........................................................................................... 11
IPv4 Packet Format................................................................................................................... 12
What Is An IP Address?............................................................................................................ 13
IPv4 Address Format ................................................................................................................ 13
IPv4 MASK .............................................................................................................................. 13
IPv4 Addressing........................................................................................................................ 13
Classful v Classless................................................................................................................... 13
Variable Length Subnet Mask (VLSM).................................................................................... 14
IPv4 Address Allocation........................................................................................................... 14
Limitations Of IPv4 .................................................................................................................. 15
Why has NAT not solved the address allocation problem?...................................................... 16
IPV6 HISTORY .........................................................................................................17
History Of IPv6......................................................................................................................... 17
IPV6 HEADER FORMAT...........................................................................................18
IPv6 Architecture...................................................................................................................... 18
Comparison of IPv4 And IPv6 Header ..................................................................................... 19
IPv6 Packet Format................................................................................................................... 20
Extension Headers .................................................................................................................... 21
IPV6 ADDRESSINGARCHITECTURE........................................................................23
IPv6 Address Pool..................................................................................................................... 23
IPv6 Text Representations ........................................................................................................ 23
Text Representation Of Address Prefixes................................................................................. 24
Illegal IPv6 Prefix Length Representations .............................................................................. 24
Address Type Representation ................................................................................................... 26
Types Of Addressing ................................................................................................................ 28
Aggregatable Global Unicast Address...................................................................................... 29
Site-Local Address.................................................................................................................... 33
Link-Local Address .................................................................................................................. 35
EUI-64 Address-Based Identifier ............................................................................................ 36
NLI'S CCIE IPV6 LAB GUIDE
ii
Mapping An 802 Address To EUI-64 Address......................................................................... 37
Special IPv6 Addresses............................................................................................................. 38
Compatibile Addresses ............................................................................................................. 40
Anycast Address ....................................................................................................................... 41
Multicast Address ..................................................................................................................... 43
Solicited-node Multicast Address............................................................................................. 46
IPv6 Address Assignment......................................................................................................... 47
Summary of IPv4 and IPv6 comparison................................................................................... 48
IPV6 CONFIGURATION FOR WINDOWS XP ............................................................49
Installing IPv6 On XP Machine................................................................................................ 49
Removing IPv6 On XP Workstation......................................................................................... 51
Configure Interface Attributes .................................................................................................. 52
View Interface Attributes.......................................................................................................... 53
IPv6 Address Configuration Methods ...................................................................................... 54
Manually Configure IPv6 Addresses........................................................................................ 55
Pinging Options On XP Workstation........................................................................................ 56
Pinging The Loopback Interface............................................................................................... 56
Pinging The Local Interface Of Node....................................................................................... 57
Pinging Between Two Hosts On Same Subnet......................................................................... 57
Other Pinging Options .............................................................................................................. 58
Traceroute ................................................................................................................................. 58
IPv6 Routing............................................................................................................................. 59
IPv6 Routing Tables ................................................................................................................ 59
IPv6 Node Local Routing Table Details................................................................................... 59
View IPv6 Routes On XP Workstation .................................................................................... 61
To Add A IPv6 Route Manually On XP Workstation.............................................................. 61
To Remove A IPv6 Route Manually On XP Workstation........................................................ 61
IPv6 Utility On XP Workstation............................................................................................... 62
IPv6.exe Utility......................................................................................................................... 62
IPsec6.exe Utility...................................................................................................................... 65
Ping6.exe Utility....................................................................................................................... 65
Tracert6.exe Utility................................................................................................................... 66
Windows IPv6 Applications ..................................................................................................... 67
Troubleshooting IPv6 Configuration........................................................................................ 68
ICMP VERSION 6 ....................................................................................................69
ICMP Overview........................................................................................................................ 69
ICMPv4..................................................................................................................................... 71
ICMPv6..................................................................................................................................... 72
Neighbor Discovery (ND)......................................................................................................... 73
ICMPv6 Router Solicitation Message (RS).............................................................................. 73
ICMPv6 Router Advertisement Message (RA) ........................................................................ 74
NLI'S CCIE IPV6 LAB GUIDE
AutoConfiguration.................................................................................................................... 76
Stateless Autoconfiguration Of Link-Local Address (Routers & Hosts) ................................. 77
Stateless Autoconfiguration Of Site-Local Address (only Hosts) ........................................... 77
Stateless Autoconfiguration Of Global Address (only Hosts)................................................. 78
States Of AutoConfigured Address .......................................................................................... 78
Stateful Autoconfiguration........................................................................................................ 80
DHCPv6 Components............................................................................................................... 80
DHCPv6 Ports........................................................................................................................... 80
DHCPv6 Multicast Addresses .................................................................................................. 80
DHCPv6 Client / Server Identification..................................................................................... 81
DHCPv6 Server Configuration Parameters .............................................................................. 81
DHCPv6 Client / Server Operation On Same Link .................................................................. 81
DHCPv6 Client / Server Operation On Different Links........................................................... 82
Summary Comparison Between Stateless & Stateful AutoConfiguration ............................... 83
ICMPv6 Neighbor Solicitation Message (NS) ......................................................................... 84
ICMPv6 Neighbor Advertisement Message (NS) .................................................................... 84
NeighborUnreability Detection................................................................................................. 86
Redirect Messages .................................................................................................................... 88
Maximum Transmission Unit (MTU) Path Discovery............................................................. 89
ICMPv6 Security ...................................................................................................................... 90
IPV6 ROUTING.........................................................................................................91
Introduction............................................................................................................................... 91
Static Routes ............................................................................................................................. 91
Types of Static Routes .............................................................................................................. 91
IPv6 RIP (RIPng)...................................................................................................................... 92
OSPFv3..................................................................................................................................... 93
Similarities with OSPFv2 ......................................................................................................... 93
OSPF Packet Header Comparison ............................................................................................ 94
OSPF LInk State Advertisement Message Format Comparison............................................... 95
OSPF LSA Type Comparison................................................................................................... 96
LSA flooding scope Comparison.............................................................................................. 98
Other Major Comparions Between OSPFv2 And OSPFv3 ...................................................... 99
OSPFv3 support for IPv6.......................................................................................................... 99
OSPFv3 protocol processing per link rather than per subnet ................................................... 99
Multiple OSPFv3 protocol instances ........................................................................................ 99
OSPFv3s use of link-local addresses....................................................................................... 99
Multicast Addresses.................................................................................................................. 99
Unknown LSA types............................................................................................................... 100
Removal Of Authentication.................................................................................................... 100
Routing Process Not Necessary.............................................................................................. 100
Interface Configuration Mode................................................................................................. 100
NBMA Networks.................................................................................................................... 100
Force SPF in OSPFv3............................................................................................................. 100
OSPFv3 Load-Balancing........................................................................................................ 101
OSPFv3 Route Authentication................................................................................................ 101
NLI'S CCIE IPV6 LAB GUIDE
iv
IS-IS Protocol Overview......................................................................................................... 102
IS-IS For IPv6......................................................................................................................... 103
IS-IS Multi-Topology Support For IPv6................................................................................. 103
BGPv4..................................................................................................................................... 104
BGP Path Attributes................................................................................................................ 109
BGPv4 Support For IPv4........................................................................................................ 110
BGPv4 Support For IPv6........................................................................................................ 111
MP_REACH_NLRI Attribute ................................................................................................ 112
MP_UNREACH_NLRI Attribute........................................................................................... 112
CISCO IPV6ROADMAP ..........................................................................................113
Cisco IPv6 IOS Roadmap....................................................................................................... 113
12.3T IPv6 Feature Overview................................................................................................. 117
Cisco Hardware....................................................................................................................... 118
Layer 2 Switches..................................................................................................................... 119
IPv6 Security Features ............................................................................................................ 120
IPv6 Network Management Features...................................................................................... 121
IPV6 INTEGRATION &COEXISTENCE WITHIPV4 ...............................................122
Introduction............................................................................................................................. 122
IPv6 Deployment Planning Assumptions ............................................................................... 123
IPv6 Transition Planning ........................................................................................................ 123
How Do I Start? ...................................................................................................................... 124
Where do I start?..................................................................................................................... 125
When Do I start....................................................................................................................... 125
How Do You Do It?................................................................................................................ 125
Tunneling IPv6 Over IPv4 Tunnels ........................................................................................ 126
a) Manual Tunneling............................................................................................................... 128
IPV6 SECURITY......................................................................................................131
IOS Code To Implement IPv6 Security.................................................................................. 131
IPv6 Access-Lists.................................................................................................................... 131
CONFIGURING IPV6...............................................................................................134
Labs Structure ......................................................................................................................... 134
Equipment Required ............................................................................................................... 134
Practicing the labs................................................................................................................... 134
Enabling Basic IPv6 On A Router .......................................................................................... 135
Enable Only IPv6 Address On An Interface.......................................................................... 138
Configuring IPv6 Address On An Interface ........................................................................... 140
Manually Converting Routers Mac Address to EUI-64 Address.......................................... 146
NLI'S CCIE IPV6 LAB GUIDE
Configuring IPv6 Address On An Interface Using EUI-64................................................. 149
Configuring IPv6 Unnumbered Address ................................................................................ 153
Configuring IPv6 Loopback Interface .................................................................................... 155
Configuring IPv6 CEF............................................................................................................ 157
Configuring IPv6 On Ethernet Local Subnet.......................................................................... 160
Duplicate Address Detection (DAD) ...................................................................................... 165
Duplicate Address Detection (DAD) Options ........................................................................ 168
IPv6 Frame-Relay Point-To-Point Configuration................................................................... 170
IPv6 Frame-Relay Full Mesh Configuration .......................................................................... 173
IPv6 Static Routes Directly Attached IPv6 Static Route..................................................... 177
IPv6 RIP Basic Enabling ..................................................................................................... 183
IPv6 RIP Maximum Paths ................................................................................................... 192
IPv6 RIP RIP Timers ........................................................................................................... 195
IPv6 RIP Default Route ....................................................................................................... 199
IPv6 RIP Redistribute static................................................................................................. 204
IPv6 RIP Route Tagging...................................................................................................... 211
IPv6 RIP Route Filtering (Incoming) .................................................................................. 217
IPv6 RIP Summary-Route ................................................................................................... 222
IPv6 RIP Metric-offset......................................................................................................... 227
IPv6 OSPFv3 Basic Enabling.............................................................................................. 232
IPv6 OSPFv3 Type1 Router LSA........................................................................................ 245
IPv6 OSPFv3 Type2 NETWORK LSA............................................................................... 259
IPv6 OSPFv3 Type3 Inter Area Prefix LSA........................................................................ 268
IPv6 OSPFv3 Type4 Inter Area Router LSA ...................................................................... 278
IPv6 OSPFv3 Type5 External LSA..................................................................................... 285
IPv6 OSPFv3 NSSA - Type7 Link-LSA............................................................................. 292
IPv6 OSPFv3 Type8 Link-LSA........................................................................................... 301
IPv6 OSPFv3 Type9 INTRA-AREA-PREFIX-LSA........................................................... 314
IPv6 OSPFv3 AREA IPSEC Authentication....................................................................... 327
IPv6 OSPFv3 INTERFACE IPSEC Authentication............................................................ 333
IPv6 OSPFv3 Timer Changes.............................................................................................. 339
IPv6 OSPFv3 Inter Area Route Summarization.................................................................. 345
IPv6 OSPFv3 Advertise Default Route ............................................................................... 357
IPv6 OSPFv3 Distribute-List............................................................................................... 366
IPv6 OSPFv3 Reference Bandwidth.................................................................................... 375
IPv6 OSPFv3 STUB AREA................................................................................................ 381
IPv6 OSPFv3 TOTAL STUB AREA (TSA) ....................................................................... 397
IPv6 OSPFv3 NOT-SO-STUBBY-AREA (NSSA)............................................................. 412
IPv6 OSPFv3 NOT-SO-STUBBY-AREA (NSSA) Totally Stubby Area........................ 429
IPv6 OSPFv3 Point-To-MuliPoint....................................................................................... 447
BGPv4 Support For IPv6 EBGP Peer Relationship ............................................................ 456
BGPv4 Support For IPv6 EBGP Peer Relationship Using Local-Link Addresses .......... 465
BGPv4 Support For IPv6 IBGP Peer Relationship ............................................................. 472
BGPv4 Support For IPv6 Redistribution Using A Route-Map ........................................... 479
BGPv4 Support For IPv6 Weight Atribute.......................................................................... 502
BGPv4 Support For IPv6 EBGP Load Sharing Over Multiple Paths.................................. 508
NLI'S CCIE IPV6 LAB GUIDE
vi
BGPv4 Support For IPv6 ADVANCED LAB..................................................................... 514
IPv6 Tunnel Manual Configuration..................................................................................... 531
IPv6 Tunnel GRE Configuration ......................................................................................... 547
IPv6 Tunnel 6to4 Relay ....................................................................................................... 563
IPv6 Access-List Standard................................................................................................... 577
IPv6 ICMP - ICMPAccess-Lists............................................................................................. 583
ISDN - Legacy Dial ................................................................................................................ 590
ISDN Dialer Profile ............................................................................................................. 596
Configuring ATM with IPv6 Connectivity On Physical Interface ......................................... 605
Enabling IPv6 QOS Rate-Limiting Per IPv6 Traffic........................................................... 611
Enabling IPv6 QOS Low Latrncy Queuing with Marking & Queuing ............................... 614
Enabling IPv6 NAT-PT (One-To-One Address Translation)................................................. 618
Enabling IPv6 NAT-PT (Pooling) .......................................................................................... 621
APPENDIX A- IPV6 RFCS......................................................................................624
APPENDIX B- LAB SETUP &PREPARATION..........................................................628
Minimum CCIE Rack Setup for R&S and Security ............................................................... 628
LAB Topology........................................................................................................................ 629
Configuring a Typical Frame Relay Switch ........................................................................... 630
Configuring a Terminal Server ............................................................................................... 633
Template Configuration.......................................................................................................... 635
NLI'S CCIE IPV6 LAB GUIDE
7
Figure 1 - TCP/IP Layering ........................................................................................ 10
Figure 2 - Format of an IPv4 packet ........................................................................... 12
Figure 3 - Field description of IPv4 packet ................................................................ 12
Figure 4 - IPv4 Class Boundaries ............................................................................... 14
Figure 5 - Growth of IPv4 Address usage .................................................................. 15
Figure 6 - Growth in devices requiring an IP address ................................................ 15
Figure 7 - IPv6 Architecture ....................................................................................... 18
Figure 8 - IPv4 to IPv6 packet header comparison..................................................... 19
Figure 9 - IPv6 packet format ..................................................................................... 20
Figure 10 - Field description of IPv6 packet .............................................................. 20
Figure 11 - IPv6 Packet Extension Header ................................................................. 21
Figure 12 - Examples of IPv6 Packet Extension Headers .......................................... 22
Figure 13 - IPv6 Preferred Format addressing architecture........................................ 23
Figure 14 - IPv4 to IPv6 address representation......................................................... 24
Figure 15 - IPv6 legal address format......................................................................... 24
Figure 16 - IPv6 illegal address format....................................................................... 25
Figure 17 IPv6 Unicat Address................................................................................ 28
Figure 18 - IPv6 Anycast Address.............................................................................. 28
Figure 19 - IPv6 Multicast Address............................................................................ 28
Figure 20- Aggregatable Global Unicast Address Format ......................................... 29
Figure 21 - Site-local address format.......................................................................... 33
Figure 22 - Single network subnet.............................................................................. 35
Figure 23 - Link-local Address Format ...................................................................... 35
Figure 24 IEEE 802 MAC address format............................................................... 36
Figure 25 - EUI-64 Address Format ........................................................................... 37
Figure 26 - Example of mapping 802 address to EUI address ................................... 38
Figure 27 - Multiple hosts on different subnets advertised same Anycast address .... 41
Figure 28 - Anycast address format ............................................................................ 41
Figure 29 - Multicast Address Format ........................................................................ 43
Figure 30 - Solicited-node Address Format................................................................ 46
Figure 31 - Converting Ethernet Macc Address to Solicited Node Address .............. 47
Figure 32 - IPv6.exe Utility on an XP workstation .................................................... 62
Figure 33 - IPSec6.exe Utility on XP Workstation..................................................... 65
Figure 34 - Ping6.exe Utility on XP Workstation....................................................... 65
Figure 35 - Tracert6.exe Utility on XP Workstation .................................................. 66
Figure 36 - ICMP packet encapulation....................................................................... 69
Figure 37 - ICMPv4 packet format............................................................................. 71
Figure 38 - ICMPv6 Header Format........................................................................... 72
Figure 39 - ICMPV6 Router Solicitation Message..................................................... 73
Figure 40 - ICMPv6 Router Advertisement Message................................................. 74
Figure 41 - Link-local address format ........................................................................ 77
Figure 42 - Site-Local Address Format ...................................................................... 77
NLI'S CCIE IPV6 LAB GUIDE
8
Figure 43 - Global Address format ............................................................................. 78
Figure 44 - States of Autoconfigured address............................................................. 78
Figure 45 - DHCPv6 Client and Server Operation on same local link....................... 81
Figure 46 - DHCPv6 Client and Server on different subnets ..................................... 82
Figure 47 ICMPv6 Neighbor Solicitation Message................................................. 84
Figure 48 - ICMPv6 Neighbor Advertisement Message ............................................ 84
Figure 49 - Solicited-node Multicast NS Message for IPv6 Address Resolution....... 85
Figure 50 - Unicast Neighbor Advertisement Message for Address Resolution........ 86
Figure 51 - Steps involved in an ICMPv6 redirect message....................................... 88
Figure 52 - Steps involved in ICMPv5 MTU Path Discovery.................................... 89
Figure 53 - OSPFv2 packet header ............................................................................. 94
Figure 54 - OSPFv3 Packet Header ............................................................................ 94
Figure 55 - OSPFv2 LSA packet format..................................................................... 95
Figure 56 - OSPFv3 LSA packet format..................................................................... 95
Figure 57 - New LSA Type field format .................................................................... 96
Figure 58 - OSPFv2 LSA flooding scope................................................................... 98
Figure 59 - IS-IS Router types.................................................................................. 102
Figure 60 - External Border Gateway Peering between different Autonomous Systems
................................................................................................................................... 104
Figure 61 - Comparison between EBGP and IBGP.................................................. 104
Figure 62 - Fixed states a BGP peer progresses through.......................................... 107
Figure 63 - Figure: Courtesy of Cisco - IOS Roadmap ........................................ 117
Figure 64 - Innovation Adoption Curve.................................................................... 122
Figure 65 - Tunneling IPv6 over IPv4 tunnels.......................................................... 126
Figure 66 - Manual Tunneling.................................................................................. 128
Figure 67 IPv6 packet through dual dtack router for Manual Tunnel ................... 128
Figure 68 GRE Tunnel........................................................................................... 129
Figure 69 - IPv6 packet through dual dtack router for GRE Tunnel ........................ 130
NLI'S CCIE IPV6 LAB GUIDE
9
LEARNING THE BASICS OFINTERNET PROTOCOL
BRIEF HISTORY OF IP: ARPANET
The United States Government commissioned the creation of an organization called the "Advanced
Research Projects Agency" or ARPA for short. Work began on researching a decentralized system
that would be robust enough to survive and function even if most of the network were destroyed.
Paul Baran of Rand Corporation first conceived the idea for a distributed packet switching
network, built on the premise that communication on the network would be unreliable. The
network was designed to be able to operate after a nuclear attack had wiped out large portions of
the network. After tons of statistical analysis, Paul figured out that by breaking messages up into
pieces and sending them via various redundant paths to the destination, messages would be
difficult to destroy and hard to intercept. A system with no centralized control point would be
difficult to target, let alone destroy. Even if some of the data were to be destroyed, as well as some
of the communications points, the message would still get through, and the network would
continue to function even when crippled.
After Paul Baran presented his findings, a testbed network was set up. The first machines
connected to this experimental communications system (without packet switches between) were a
TX-2 located at MIT and an AN/FSQ-32 at SystemDevelopment Corporation in Santa Monica, CA;
and a DEC computer at ARPA. The devices were attached to 1200bps connections (circa 1965).
This formed the first 'Experimental Network'.
The government awarded a Packet Switch contract to build Interface Message Processors (IMP) to
Bolt Beranik and Newman (BBN) in 1968. BBN chose Honeywell DDP-516's with 12K memory as
the connection and interface device. The Interface Message Processor (IMP) devices they built
were placed on each of the four designated research sites. These sites were colleges who had won
research grants from the US government. UCLA, Stanford, UCSB and University of Utah were the
first Universities to interconnect their supercomputers (hosts) via the new ARPAnet IMP's. BBN
purchased AT&T 50Kbps dedicated lines for the connections between sites.
BRIEF HISTORY OF IP:DARPANET
As the network was deployed and more government and research institutions were connected to
it, the Defense Department took over the project ARPA. The Defense Department administrated
the network for several years, and so, the namewas changed to DARPAnet (Defense Advanced
Research Projects Network) in the early to mid 70's.
The DARPAnet eventually expanded beyond the Defense Department's willingness to sponsor it.
More than half the connected sites were Universities receiving government funding, however the
networks were in use by more than just the researchers. Around 1971, Ray Tomlinson, originally
of BBN, wrote an application to send electronic mail back and forth and later modified it to use the
@ symbol (user@host).
It wasn't long before 75% of the traffic on the network was private and personal e-mail. Many of
the Defense Department connections were thus dismantled, and the network was handed over to
the National Science Foundation (NSF).
NLI'S CCIE IPV6 LAB GUIDE
10
TCP/IP WAS BORN
Early on in the 1980's, the Network Control Protocol (NCP) was used to move packets over the
ARPANET. This protocol was eventually was split into two protocols to isolate functions in
separate pieces of software, thus simplifying future software development efforts. The first of the
two new protocols was to handle addressing (IP), the second was to ride over it and was designed
to handle transport and make it reliable (TCP). Thus was born TCP over IP (TCP/IP).
TCP/IP LAYERING
Figure 1 - TCP/IP Layering
TCP and UDP are the two predominant transport layer protocols. Both use the IP as their network
layer. Every piece of TCP and UDP data that gets transferred around the Internet goes through the
IP layer at both end systems and at every intermediate router.
IPLAYER FEATURES
The following are some of the features that the IP layer provides:
Connectionless service
IP addressing
Data Forwarding
Fragmentation and reassembly of packets
NLI'S CCIE IPV6 LAB GUIDE
11
Best-effort delivery: Delay, out-of-order, corruption, and packet loss are possible. Higher layers
should handle this.
IP provides the frame work to encapsulate other protocols like TCP, UDP etc, as shown in figure 1.
IPVERSIONS AND VERSION NUMBERS
IP was created when its function was split from an earlier version of TCP, which combined both
TCP and IP functions. TCP evolved through three earlier versions, and was split into TCP and IP
for version 4. Confusion arises when most think that there were earlier versions of IP i.e. 1, 2 and
3. However, IP version 4 which was the fist version!
Given that it was originally designed for an internetwork a tiny fraction of the size of our current
Internet, IPv4 has proven itself remarkably capable. Various additions and changes have been
made over time to how IP is used, especially with respect to addressing, but the core protocol is
basically what it was in the early 1980s.
Despite how well IPv4 has served us, it was recognized that for various reasons a new version of IP
would eventually be required. Due to the difficulties associated with making such an important
change, development of this new version of IPhas actually been underway since the mid-1990s.
This new version of IP is formally called Internet Protocol version 6 (IPv6) and also sometimes
referred to as IP Next Generation or IPng.
A natural question at this point of course is: what happened to version 5 of IP? The answer is: it
doesn't exist. While this may seem confusing, version 5 was in fact intentionally skipped to avoid
confusion, or at least to rectify it. The problem with version 5 relates toan experimental TCP/IP
protocol called the Internet Stream Protocol, Version 2, originally defined in RFC 1190. This
protocol was originally seen by some as being a peer of IP at the Internet Layer in the TCP/IP
architecture, and in its standard, these packets were assigned IP version 5 to differentiate them
ocol apparently never went anywhere, but to be
absolutely sure that there would be no confusion, version 5 was skipped over in favor of version 6.
NLI'S CCIE IPV6 LAB GUIDE
12
IPV4 PACKET FORMAT
Figure 2 - Format of an IPv4 packet
Field Explanation Size (bits)
Version Version of IPcurrentlyused I.e. 4 4
Header Length DatagramHeader Length 4
TOS Assigns various levels of importancetothedatagrame.g. priority 8
Total Length Lengthof packet (including dataand header). Max size= 2
16
= 65,535 16
Identification If packet size>MTUof datalinkit is fragmented. Therouter marks 16
eachpacket withan identified field
Flags This fieldindicates whether thedatagramcan befragmented or not 3
Fragment Offset Becausefragments may not arriveinthecorrect order, this fieldallows 5
thefragments tobereassembled inthe right order
Timetolive As packets arepassed fromrouter torouter, eachrouter decrements this 8
field. If thefieldvaluereaches zero, the packet is discarded anderror
messagesent tothe source. This keeps packets fromlooping endlessly.
Protocol Indicates whichupper layer protocol of theOSI model receives thepacket 8
after theIPprocessing of thepacket is complete. Examples of theupper layer
protcols are- TCP, UDP, ICMP, OSPF, GREetc
Header Checksum Helps ensureIPheader integrity only and not on theencapsulated 16
data(that is doneby TCP)
SourceIPAddress IPaddress of thesourcenode 32
Destination IPAddress IPaddress of thedestination node 32
IPOptions It is of variablelength. It allows IPtosupport various options, suchas, security,
timestamps, routerecord, loosesourcerouting, etc
Padding Extrazero's added toendthefieldtofill up the32bit boundary
Data Contains upper layer information
Figure 3 - Field description of IPv4 packet
NLI'S CCIE IPV6 LAB GUIDE
13
WHAT IS AN IP ADDRESS?
Humans work with names. Computers work with numbers. To identify a specific logical
connection to a network, a unique number called an IP address is assigned to the network
interface of a host. When the IP address is assigned by the network administrator manually, this is
called a fixed or static IP address. When the network software assigns the IP address on
bootstrap, it's called a dynamic IP.
IPV4 ADDRESS FORMAT
An IP v4 address is a 32-bit binary number, composed of four, 8-bit numbers and is used to
identify the logical connection of a host to a physical network. IP v4 addresses are represented as
four decimal numbers between 0 and 255 separated bydots; (eg. 172.16.1.1). This is referred to as
dotted-decimal notation. Any host attached to an IP network can be assigned an IP address. IP
addresses are always unique to each host. Because IP addresses are software configured, it is easy to
move hosts from one network to another simply by changing the IP address or the network mask.
This process is called renumbering
IPV4 MASK
The mask is a value that is stored in the configuration of a computer along with the IP v4 address.
The mask gives the computer a simple way to figure out whether the IP address of another
computer is on the same local network, or on a different local network.
IPV4 ADDRESSING
When looking at an IPv4 address, the left-most portion of the address identifies which network
the machine (host) belongs to. The right-most portion is used as the address of the host itself.
All hosts on the same network will have the same network address (the network portion will be
the same for all hosts). Only the host portion will be different and unique for each host on the
network.
CLASSFULL V CLASSLESS
To find a particular host, you first find the network that host is on, then ask that network to find
the host. There are two main ways to find a host:
Classless Addressing treats the IPv4 address as a 32 bit stream of ones and zeroes, where the
boundary between network and host portions can fall anywhere between bit 0 and bit 31.
Classfull Addressing divides the entire IP address space (0.0.0.0 to 255.255.255.255) into 'classes',
or special ranges of contiguous IPv4 addresses. Classfull addressing makes it posible to determine
the network portion of the IP address by looking at the first four bits of the first octet in the
address. These first sets of four bits are referred to as the 'most significant bits' of the first octet.
The value of the first four bits determines the range of actual numerical values of the first octet of
the IP addresses in that Network class. From this information, a receiving host can determine
which part of the IP address is network, and which is host.
NLI'S CCIE IPV6 LAB GUIDE
14
There are 4 main IPv4 classes:
Figure 4 - IPv4 Class Boundaries
VARIABLE LENGTH SUBNET MASK (VLSM)
the more efficient use of the IP address space.
A technique was developed to carve the Classfull address blocks into smaller blocks, to conserve
and waste fewer addresses. This processes of carving out smaller blocks from larger blocks is
known as Subnetting. VLSM is often referred to as subnetting.
Many organization's networks started very small blocks and were assigned class C addresses. A
class C address range contains 256 addresses. Soon, these organizations grew and so did their
networks. Networks that needed to expand beyond their original class C range used a technique
called Supernetting to allow them to turn two contiguous IP address blocks into one network.
IPV4 ADDRESS ALLOCATION
The IPv4 address pool consists of a maximum of 2
32
addresses or approximately 4.5 billion
addresses. The pool of IP addresses is managed by the Internet Assigned Numbers Authority
(IANA) http://www.iana.org/assignments/ipv4-address-space. The IANA assigned blocks of Class A
i.e. /8 addresses to Regional Internet Registries (RIRs) e.g. ARIN, who in turn allocate smaller
blocks to local Internet Service Providers (ISPs) e.g. AT&T, UUnet etc.
There are a possible 256 Class A addresses available. Of these:
NLI'S CCIE IPV6 LAB GUIDE
15
LIMITATIONS OF IPV4
ses, 130 /8 Class A blocks have actually been
ted and remaining 2 /8 Class A blocks reserved for
other use.
With the explosion of the Internet since 1995, it is being predicted that the remaining 89 /8 Class
A blocks will be fully exhausted by August 2018. This is shown by Figure 5
Figure 5 - Growth of IPv4 Address usage
To get the latest projection analysis visit - http://bgp.potaroo.net/ipv4/. If all the possible 256 /8
edicted that the complete IPv4 address pool would
be completely exhausted by April 2040.
Internet has been the main reason for the explosion of addresses since 1985. However, mobile
phones, PDA, home area networks and IP telephony services have expedited the problem.
Figure 6 - Growth in devices requiring an IP address
The IETF first recognized the problem of eventual IPv4 address exhaustion around the 1990s and
tried to solve the problem using a number of techniques:
Network Address Translation
Classless Inter Domain Routing (CIDR)
DHCP
NLI'S CCIE IPV6 LAB GUIDE
16
These techniques appear to increase the size of the IPv4 address pool, however, they fail to meet
the requirements of many peer-to-peer and server-to-client applications.
WHY HAS NAT NOT SOLVED THE ADDRESS ALLOCATION PROBLEM?
NAT is used to translate IANA allocated address to private address space, described by RFC 1918.
NAT only delays the exhaustion of the IPv4 address pool and does not solve the problem. Some of
the common problems associated with NAT are:
NAT breaks security
NAT requires a state table to be kept of the translation. If the device performing the NAT fails,
state connections are lost and routing problems occur.
can cause communication problems between the companies.
NLI'S CCIE IPV6 LAB GUIDE
17
IPV6 HISTORY
HISTORY OF IPV6
The following shows a brief timeline of the development of IPv6 RFCs:
Reference
Appendix A
IPV6 FORUMS
The following lists some of the important IPv6 forums that can be visited to learn more about the
protocol:
IPv6 Forum - http://www.ipv6forum.com/
6Bone - http://www.6bone.net/
Cisco IPv6 - http://www.cisco.com/warp/public/732/Tech/ipv6/
Microsoft IPv6 Overview -
http://www.microsoft.com/downloads/details.aspx?FamilyId=27B1E6A6-BBDD-43C9-
AF57-DAE19795A088&displaylang=en
IPV6 STANDARDS
There are various IPv6 standards and these are listed in Appendix A.
18
Figure 7 - IPv6 Architecture
NLI'S CCIE IPV6 LAB GUIDE
19
COMPARISON OF IPV4 ANDIPV6HEADER
Figure 8 shows the main comparisons between an IPv4 header and an IPv6 header:
VERSION
HEADER
LENGTH
TYPE OF
SERVICE
TOTAL LENGTH
IDENTIFICATION FLAGS
FRAGMENT
OFFSET
TIME TO LIVE PROTOCOL HEADER CHECKSUM
SOURCE ADDRESS
DESTINATION ADDRESS
OPTIONS PADDING
VERSION TRAFFIC CLASS FLOW LABEL
PAYLOAD LENGTH
NEXT
HEADER
HOP LIMIT
SOURCE ADDRESS
DESTINATION ADDRESS
Fields kept the same in IPv4 and IPv6
Fields NOT kept the same in IPv4 and IPv6
Name and position changed in IPv6
New Field in IPv6
IPv4 Header IPv6 Header
Figure 8 - IPv4 to IPv6 packet header comparison
NLI'S CCIE IPV6 LAB GUIDE
20
IPV6 PACKET FORMAT
Figure 9 - IPv6 packet format
4 bits This indicates version 6
8 bits Similar to IPv4, indicates tra
that packets can be forwarded at different priorities to
ensure QOS
20 bits Packets that belong to a specific traffic class, are labeled
based on 5 fields: source / destination address, source /
destination port and protocol type
16 bits Length of the remainder of the packet, including
extension header
8 bits Identifies the type of header following the packet
header.
8 bits Number of hops the packet can travel, before it gets
discarded
128 bits
128 bits
Figure 10 - Field description of IPv6 packet
Payload Length
Version Flow Label
Next Header
Hop Limit
Source Address
Destination Address
40
bytes
Class
32 bits
NLI'S CCIE IPV6 LAB GUIDE
21
EXTENSION HEADERS
Following the IPv6 packet header, there can be more than one header. These additional headers
are called Extension Headers. Each header is 8 octets long. Only the destination node must
evaluate and process all the headers.
Each header contains a field called Next Header. This field helps continuity to identify the next
subsequent headers.
Figure 11 shows the structure of an IPv6 packet containing extension headers:
Figure 11 - IPv6 Packet Extension Header
Packets can include none, some or all of the extension headers. The extension headers are always
implemented in the order shown. Each extension header should not occur more than once in a
packet.
These extension headers contain information, such as:
Hop-by-Hop Header - The next hop on the path specified by the sender. Each node along the
delivery path must examine this header.
cal to the Hop-by-Hop header, except that it is
only examined by the destination node. This header appears twice. When it appears last, it is only
examined by the destination node, otherwise it is examined by each node defined in the routing
header.
packet destination. The IPv6 header contains the first node to be visited, and the Routing header
contains the list of the remaining nodes, including the final destination.
Fragmented Header - Whether the packet has been formatted. Only the source node can fragment
a packet and the packet sent are no more than the paths MTU. IPv6 requires a minimum link of
1280 octets and if a link has an smaller MTU then it must provide link fragmentation and assembly
below the IPv6 layer.
data origin authentication and connectionless integrity and is
used in conjunction with the ESP header.
NLI'S CCIE IPV6 LAB GUIDE
22
Encapsulation Security Payload (E encryption security and confidentiality.
ESP encrypts the data to be protected and places it in the Data portion of the ESP header. There
encrypts the entire IPv6 packet and places it in the encrypted field. In Transport mode, the ESP
encrypts transport layer and above (i.e. TCP, UDP, ICMP), and places the encrypted data in the
encrypted field.
The following figures show three example of how header options could be stacked up:
Figure 12 - Examples of IPv6 Packet Extension Headers
NLI'S CCIE IPV6 LAB GUIDE
23
IPV6 ADDRESSINGARCHITECTURE
IPV6 ADDRESS POOL
IPV6 uses a 128 (binary - 2
128
) bit addressing format. If we presume the current population of earth
is 10 billion, then each person on earth could possibly have - 3.4 * 10
27
addresses for themselves.
No more IP addressing issues .
IPV6 TEXT REPRESENTATIONS
There are three different possible text representations of an IPv6 address:
1.
is 16 bits long. To represent 16 bits using hexadecimal, it is broken down into four sets of
hex digits. The values are not case sensitive.
1 2 3 4 5 6 7 8
X: X: X: X: X: X: X: X
16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits
Figure 13 - IPv6 Preferred Format addressing architecture
An example is:
1 2 3 4 5 6 7 8
FEDC: BA98: 7654: 3210: FEDC: BA98: 7654: 3210
16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits
2. - IT MAY BE COMMON FOR SOME ADDRESSES TO CONTAIN LONG
STRINGS OF ZERO BITS. IN ORDER TO MAKE WRITING SUCH ADDRESSES EASIER, IT IS
POSSIBLE TO COMPRESS THE ZEROS, BY USING TO REPRESENT MULTIPLE 16 BITS OF
ZEROS. HOWEVER, THE CAN ONLY APPEAR ONCE IN ANIPV6ADDRESS. THE
CAN ALSO BE USED TO COMPRESS LEADING OR TRAILING ZEROS IN ANIPV6 ADDRESS.
For example the following addresses:
Unicast address 1080:0:0:0:8:800:200C:417A 1080::8:800:200C:417A
Multicast address FF01:0:0:0:0:0:0:101 FF01::101
Loopback address 0:0:0:0:0:0:0:1 ::1
Unspecified address 0:0:0:0:0:0:0:0 ::
NLI'S CCIE IPV6 LAB GUIDE
24
3.
alternative format can be used: x:x:x:x:d:d:d:d, wher
1 2 3 4 5 6 7 8
X: X: X: X: d: d: d: d
16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits
Figure 14 - IPv4 to IPv6 address representation
For example:
0:0:0:0:0:0:13.1.68.3 ::13.1.68.3
0:0:0:0:0:FFFF:129.144.52.38 ::FFFF:129.144.52.38
TEXT REPRESENTATION OF ADDRESS PREFIXES
The text representation of an IPv6 address prefix is similar to that of an IPv4 prefix. It is written as:
IPv6 address / prefix-length
the prefix.
For example, the correct representation of the node address 12AB:0:0:CD30:123:4567:89AB:CDEF
ILLEGAL IPV6 PREFIX LENGTH REPRESENTATIONS
The following shows example of illegal representations of the node address
12AB:0:0:CD30:123:4567:89AB:CDEF /60.
12AB:0000:0000:CD30:0000:0000:0000:0000/60
12AB::CD30:0:0:0:0/60
12AB:0:0:CD30::/60
Figure 15 - IPv6 legal address format
NLI'S CCIE IPV6 LAB GUIDE
25
12AB:0:0:CD3/60 You may drop leading zeros, but not trailing zeros,
within any 16-bit chunk of the address
12AB::CD30/60 address to left of "/" expands
12AB:0000:0000:0000:0000:000:0000:CD30
12AB::CD3/60 address to left of "/" expands to
12AB:0000:0000:0000:0000:000:0000:0CD3
Figure 16 - IPv6 illegal address format
NLI'S CCIE IPV6 LAB GUIDE
26
ADDRESS TYPE REPRESENTATION
B, C, D and E. IPv4 address pool can be further
broken down using VLSM. In a similar way, IPv6have a structure also. The specific type of an
IPv6 address is indicated by the leading bits in the address. The variable-length field comprising
these leading bits is called the Format Prefix (FP). The initial allocation of these prefixes is as
follows:
Reserved for NSAP 0000 001 02 1/128
Reserved for IPX 0000 010 04 1/128
Unassigned 0000 011 05 1/128
Unassigned 0000 1 08 1/32
Unassigned 0001 1 1/16
Unassigned 010 4 1/8
Unassigned 011 6 1/8
Unassigned 100 8 1/8
Unassigned 101 10 1/8
Unassigned 110 12 1/8
Unassigned 111 14 1/16
Unassigned 1111 0 16 1/32
Unassigned 1111 10 F8 1/64
Unassigned 1111 110 FC 1/128
Unassigned 1111 1110 0 FE0 1/512
NLI'S CCIE IPV6 LAB GUIDE
27
85% of the IPv6 address pool is reserved for future use. 15% of address space is initially allocated.
This allocated space is allocated for global routable unicast addresses and multicast addresses.
For example, Aggregatable Global Unicast Addresses is similar to IPv4 globally routable address
space. The space is assigned by blocks to ISPs, who then assign portions of these addresses to
companies or end users. This is the largest assignedaddress space, and it still only utilizes 1/8 of
IPv6 available address pool.
Unicast addresses are distinguished from multicast addresses by the value of the high-order octet of
the addresses: a value of FF (11111111) identifies an address as a multicast address; any other value
identifies an address as a unicast address.
NLI'S CCIE IPV6 LAB GUIDE
28
TYPES OF ADDRESSING
There are three main types of IPv6 addresses:
- An address for a single interface. A packet sent to a unicast address is delivered to
the interface identified by that address. . There are various types of IPv6 Unicast and all these
are supported by Cisco:
Aggregatable Global Unicast Addresses
Site-local unicast address
Link-local unicast address
Special addresses
Compatible addresses
Figure 17 IPv6 Unicast Address
terfaces belonging to different nodes. A
packet sent to an anycast address is delivered toone of the interfaces identified by that address
(the "nearest" one, according to the routing protocols' measure of distance and metric).
Figure 18 - IPv6 Anycast Address
- An address for a set of interfaces (typically belonging to different nodes). A packet
sent to a multicast address is delivered toall interfaces identified by that address.
Figure 19 - IPv6 Multicast Address
The main difference between IPv4 and IPv6, is that, there is no broadcast address in IPv6. That
function is superseded by multicast addresses.
NLI'S CCIE IPV6 LAB GUIDE
29
AGGREGATABLE GLOBALUNICAST ADDRESS
IPV6 aggregatable global unicast addresses, also known as global addresses, are very similar to IPv4
global unicast addresses. These addresses are used for hosts which have interfaces connected to the
public Internet, where each address has to be unique and routable over the Internet. Addresses of
this type are designed or summarized to produce an efficient routing infrastructure.
The IANA assign this type of address space blocks to ISPs, who then assign portions of these
addresses to companies or end users. This is thelargest assigned address space, and it still only
utilizes 1/8 of IPv6 available address pool.
Aggregatable global unicast addresses are of a hierarchical format:
Figure 20- Aggregatable Global Unicast Address Format
The following table shows describes the hierarchical format:
Public The collection of larger and smaller ISPs that provide access to
the IPv6 Internet.
Site The collection of subnets within an organization's site.
Interface identifier Identifies a specific interface on a subnet within an organization's
site.
The format of an aggregatable global unicast addresses is:
FP TLA ID RES NLA ID SLA ID Interface ID
The following table explains the fields of the address:
FP (Format Prefix) Aggregatable global unicast addresses have a Format Prefix of 001
TLA ID Indicates the Top Level Aggregator (TLA) for the address. The TLA
identifies the highest level in the routing hierarchy. TLAs are
NLI'S CCIE IPV6 LAB GUIDE
30
(Top Level Aggregator) administered by Internet Assigned Numbers Authority (IANA) and
allocated to local Internet registries (e.g. ARIN) that, in turn,
allocate individual TLA IDs to global ISPs (e.g. AT&T, UUnet).
There are a possible 8,192 (13 bits) different TLA IDs. Routers in
the highest level of the IPv6 Internet routing hierarchy do not
have a default route and are able to reach all known IPv6 prefixes
being advertised on the Internet.
Res
(Reserved for future use)
Reserved for future use in expanding the size of either the TLA ID
or the Next Level Aggregator (NLA) ID.
NLA ID
(Next Level Aggregator)
Indicates the Next Level Aggregator (NLA) for the address, and is
used to identify a specific customer site. The NLA ID allows an ISP
to create multiple levels of addressing hierarchy, to organize
addressing, and routing and to identify sites. The structure of the
ISP's network is not visible to default-free routers (i.e. TLA
routers). This is similar to a CIDR blocks in IPv4 address space
given by ISPs to their customers.
SLA ID
(Site Level Aggregator)
Indicates the Site Level Aggregator (SLA) for the address, and is
used by an organization to identify subnets within its site. The
organization can use the 16 bits within its si te to create 65,536
subnets or multiple levels of addressing hierarchy and an efficient
routing infrastructure. The structure of the customer's network is
not visible to the ISP.
Interface ID
(Interface Identifier)
Indicates the interface of a node on a specific subnet. This address
is unique to that subnet.
Aggregatable global unicast addresses starts from 2000:: /3 (001 in binary) through to E000:: /3 (111
in binary) . The IANA is responsible for allocated 2000:: /16 to the ISPs. The following table shows
how IANA has allocated the Aggregatable global unicast addresses to the different global address
registries (http://www.iana.org/assignments/ipv6-unicast-address-assignments):
NLI'S CCIE IPV6 LAB GUIDE
31
2001:0000::/23 IANA
2001:0200::/23 APNIC
2001:0400::/23 ARIN
2001:0600::/23 RIPE NCC
2001:0800::/23 RIPE NCC
2001:0A00::/23 RIPE NCC
2001:0C00::/23 APNIC
2001:0E00::/23 APNIC
2001:1200::/23 LACNIC
2001:1400::/23 RIPE NCC
2001:1600::/23 RIPE NCC
2001:1800::/23 ARIN
2001:1A00::/23 RIPE NCC
2001:1C00::/22 RIPE NCC
2001:2000::/20 RIPE NCC
2001:3000::/21 RIPE NCC
2001:3800::/22 RIPE NCC
2001:3C00::/22 RESERVED
2001:4000::/23 RIPE NCC
2001:4200::/23 ARIN
2001:4400::/23 APNIC
2001:4600::/23 RIPE NCC
2001:4800::/23 ARIN
2001:4A00::/23 RIPE NCC
NLI'S CCIE IPV6 LAB GUIDE
32
2001:4C00::/23 RIPE NCC
2001:5000::/20 RIPE NCC
2001:8000::/19 APNIC
2001:A000::/20 APNIC
2002:0000::/16 6to4
2003:0000::/18 RIPE NCC
2400:0000::/19 APNIC
2600:0000::/22 ARIN
2604:0000::/22 ARIN
2608:0000::/22 ARIN
260C:0000::/22 ARIN
2A00:0000::/21 RIPE NCC
3FFE:0000::/16 6BONE
APNIC ASIAN PACIFIC NETWORK INFORMATION CENTRE (WWW.APNIC.NET )
ARIN AMERICAN REGISTRY OF INTERNET NUMBERS (WWW.ARIN.NET )
LACNIC LATIN-AMERICAN &CARIBBEAN IP ADDRESSREGISTRY (WWW.LACNIC.NET )
RIPE EUROPE, THE MIDDLE EAST, AND CENTRAL ASIA (WWW.RIPE.NET )
NLI'S CCIE IPV6 LAB GUIDE
33
SITE-LOCAL ADDRESS
A site is usually part of an organization. It can include one or multiple locations. A network
configured with a site-local address is not reachable from locations outside th
routers must not forward site-local traffic outside of the site.
Site-local addresses have the following format:
1111 1110 11 0
subnet
ID
interface ID
Figure 21 - Site-local address format
The following table explains the fields in the address:
FP (Format Prefix) Site-local unicast addresses have a Format Prefix of 1111 1110 11
ie. .
TLA ID
(Top Level Aggregator)
There is no TLA ID, as these addresses are only meant to be used
within the side. The first 48-bits are always fixed for site-local
addresses, beginning with FEC0::/48.
Res
(Reserved for future use)
There is no RES field, as these addresses are only meant to be used
within the side.
NLA ID
(Next Level Aggregator)
There is no NLA ID, as these addresses are only meant to be used
within the side.
SLA ID
(Site Level Aggregator)
The aggregatable global unicast address and site-local address share
the same structure beyond the first 48 bits of the address. In
aggregatable global unicast addresses, the SLA ID identifies the
subnet within an organization. With 16 bits, you can have up to
65,536 subnets in a flat subnet structure, or you can subdivide the
high-order bits of the Subnet ID field to create a hierarchical and
aggregatable routing infrastructure.
Interface ID
(Interface Identifier)
Indicates the interface of a node on a specific subnet. This address
is unique to that subnet.
This address is equivalent to the IPv4 private address space RFC 1918 addresses - 10.0.0.0/8,
172.16.0.0/12, and 192.168.0.0/16. For example, private intranets that do not have a direct, routed
connection to the IPv6 Internet can use site-local addresses without conflicting with aggregatable
global unicast addresses.
NLI'S CCIE IPV6 LAB GUIDE
34
Unlike link-local addresses, site-local addresses are not automatically configured and must be
assigned through the stateless address configuration process.
Link-local addresses (see next section) are supposed to be used within a site.
NLI'S CCIE IPV6 LAB GUIDE
35
LINK-LOCAL ADDRESS
Link-local addresses are used for addressing nodes on a single link and are used to communicate
with neighboring hosts on the same link. The following shows the configuration of two nodes on a
single subnet using link-local addresses.
Figure 22 - Single network subnet
A Link-local addresses have the following format:
Figure 23 - Link-local Address Format
The following table explains the fields in the address:
FP (Format Prefix) Link-Local unicast addresses have a Format Prefix of 1111 1110 10.
(FE80::/64).
TLA ID
(Top Level Aggregator)
There is no TLA ID, as these addresses are only meant to be used
beyond the local link (i.e. local subnet).
Res
(Reserved for future use)
There is no RES field, as these addresses are not meant to be used
beyond the local link.
NLA ID
(Next Level Aggregator)
There is no NLA ID, as these addresses are not meant to be used
beyond the local link.
SLA ID
(Site Level Aggregator)
There is no SLA ID, as these addresses are not meant to be used
beyond the local link.
Interface ID
(Interface Identifier)
IPv6 address of a node on a single link. The last 64 bits of the IPv6
address is known as the interface identifier. It is derived from the
48-bit MAC address of the network adapter.
NLI'S CCIE IPV6 LAB GUIDE
36
For example, Link-Local addresses are similar to IPv4 ip addresses for hosts on the same subnet.
The only difference being that in IPv4 the local subnet is routable and hosts from one subnet can
reach ip addresses of hosts in other subnets. In IPv6 packets originating from or destined to a Link-
Local address will not be forwarded by a router. Therefore, any protocol that requires sending a
packet to a host on a single link and wants t ensure that the packet is not routed beyond the local
link (i.e. local subnet), should use Link-Local addresses in the IPv6 header.
Link-Local addresses are required for nodes on a router-less link, neighbor discovery, and are
always configured automatically. IPv6 addresses can be manually configured, but one of the main
benefits of using IPv6 is its ability of a host to configure itself with an IPv6 address, without using
DHCP. By default, the IPv6 protocol for Windows automatically configures link-local addresses
for each interface that corresponds to an installed Ethernet network adapter, by using MAC to
EUI-64 conversion.
EUI-64 ADDRESS-BASED IDENTIFIER
The EUI-64 address is defined by the IEEE. EUI-64addresses and is either derived from the 802
ethernet MAC address or assigned to a network adapter:
to an Ethernet interface is usually given a
unique 48 bit MAC address. The address is broken down into two parts. The First 24 bits
identifies the identifier given to each manufacturer of the Ethernet interface. The next 24
bits, identifies the unique address assigned to that Ethernet interface at the time of
manufacturing the part:
Figure 24 IEEE 802 MAC address format
the address is universally or locally administered. If the bit is set to 0, it is administered by
the IEEE. If it is set to 1, it is administered locally by the network administrator, who has
overridden the default settings by the IEEE.
unicast address or a multicast address. When
set to 0 it is a unicast address, and when set to 1 it is a multicast address.
however, the manufacturer ID is now 40 bits, which adds up to the 64bits allocated for
the Interface ID field within an IPv6 packet. By making the manufacturer ID larger, this
NLI'S CCIE IPV6 LAB GUIDE
37
makes for a much larger address space available for manufacturers to assign to their cards
at the time of production.
Figure 25 - EUI-64 Address Format
MAPPINGAN 802ADDRESS TO EUI-64 ADDRESS
The following will demonstrate how to convert an 802.x address to a EUI-64 address.
1. Take the 802.x address and insert 16 bits of 0xFFFE (11111111 11111110) between the
company ID and the manufacturer ID, as shown in the figure below:
2. To convert a EUI-64 address to a IPv6 Interface ID unicast address, the U/L bit in the EU-
64 address is complemented. So if the U/L is set to 0 is it set to 0, and if it is 0 it is set to 1.
This is shown below:
NLI'S CCIE IPV6 LAB GUIDE
38
The following shows an example of the above:
MAC Address
Step 1 - Convert to Binary
Step 2 Insert fffe
between Company-ID and
Node-ID
Step 3 Complement the
U/L bit to 1
Answer- EUI-64 address
Figure 26 - Example of mapping 802 address to EUI address
SPECIAL IPV6 ADDRESSES
There are two main types of special IPv6 addresses:
used as a placeholder for an interface under some of the following scenarios:
o When a node is starting up, and it does not an assigned IPv6 address. The
workstation will use :: /128 address is a temporary placeholder.
NLI'S CCIE IPV6 LAB GUIDE
39
o When the node does not have an assigned address, and is waiting for the DHCP
server to assign it an address.
o When the node has receives or detects a duplicate IPv6 address.
This address should be assigned to any specific interface or used as a destination
address.
1. This is equivalent to the IPv4 address of
127.0.0.1. A packet with the destination of a loopback address is used by the node to send packets
to itself and it should never leave the node. Similar to the unspecified address, this address can
never be assigned to a physical interface on the node.
NLI'S CCIE IPV6 LAB GUIDE
40
COMPATIBLE ADDRESSES
There are two main types of compatible addresses:
from an IPv4 to IPv6 infrastructure. When anIPv6 node want to communicate with other
IPv6 node over an IPv4 routing infrastructure e.g. Internet, the IPv6 packets are
automatically encapsulated within IPv4 packets and tunneled dynamically routed over the
IPv4 infrastructure.
dual-stack nodes i.e. they are running both
IPv4 and IPv6 addresses. The node will have two addresses simultaneously:
o IPv4 address (a.b.c.d)
o by 0:0:0:0:0:a:b:c:d (where a:b:c:d is the
dotted representation of an IPv4 address).
This type of packet is represented as:
zeros 0000 IPv4 address: 192.168.0.1
An example of this type of address is ::192.168.0.1 /128.
This address is used to represent the address of an IPv4 node as an IPv6 address. This
packet is presented as :
zeros 1111 IPv4 address: 192.168.0.1
On a dual stack node, an IPv6 application sending traffic to a destination represented by
an IPv4 mapped IPv6 address, will send IPv4 packets to the destination.
An example of this type of address is0:0:00:0:FFFF:192.168.0.1 /128 or
::FFFF:192.168.01 /128.
Currently (at the time of writing the document), Windows 2003 Server does not
implement this type addressing.
41
Figure 27 - Multiple hosts on different subnets advertised same Anycast address
Figure 28 - Anycast address format
NLI'S CCIE IPV6 LAB GUIDE
42
It is s are syntactically indistinguishable fromglobal unicast addresses and they should be
allocated from global unicast address space
It can be assigned to multiple interfaces of multiple nodes
It must be assigned to an IPv6 host. It can be assigned to an IPv6 router.
It must never to be used as the source address of an IPv6 packet.
Anycast address can create complexity within the network, depending on how far apart the
routers advertising the anycast address are located. Anycast addressing across the Internet would
be potentially difficult to implement, and IPv6 anycasting was designed for devices in close
proximity to each other, generally in the same network.
NLI'S CCIE IPV6 LAB GUIDE
43
MULTICAST ADDRESS
Multicast addresses are used for one-to-many communication. They are used identify groups of
interfaces, each of which can contain multiple multicast addresses. A multicast packet is processed
only by those interfaces that belong to the multicast group.
The following represents multicast packet format:
11111111 flags scope group ID
Figure 29 - Multicast Address Format
The following table explains the fields of the address:
Format Prefix (FP) Multicast addresses are very easy to identify, as the Format Prefix is
always FF (1111 1111).
Flags The first 3 bits are reserved and must always be set to 0. The 4
th
bit
can have one of two options:
IANA
global use and is locally assigned.
Scope This field is used to create artificial boundaries for the IPv6
multicast packet, and defines the scope of how far the packet can
travel along the network.
There are various scopes for a multicast address:
NLI'S CCIE IPV6 LAB GUIDE
44
For example, traffic with the multicast address of FF02::5 has a site-
local scope. An IPv6 router will never forward the traffic beyond
Group ID Group ID uniquely identifies the multicast group. They can be
either:
Permanently assigned Group IDs and are independent of
the multicast scope
Transient group IDs are only relevant within that scope.
Transient group is one which is locally assigned and not
for global use.
Multicast address range from FF01:: through FF0F:: is reserved, and
well-known addresses.
NLI'S CCIE IPV6 LAB GUIDE
45
Following are some well-known IPv6 multicast addresses as defined by RFC2375:
(Used by hosts when they first start using IPv6 multicast for the IGMP messages)
FF01:0:0:0:0:0:0:1 224.0.0.1 All nodes on the subnet
FF01:0:0:0:0:0:0:2 224.0.0.2 All routers on the subnet
(Used for communication by routers only)
FF02:0:0:0:0:0:0:1 224.0.0.1 All nodes on the subnet
FF02:0:0:0:0:0:0:2 224.0.0.2 All routers on the subnet
FF02:0:0:0:0:0:0:5 224.0.0.5
FF02:0:0:0:0:0:0:6 224.0.0.6
FF02:0:0:0:0:0:0:9 224.0.0.9 RIP
FF02:0:0:0:0:0:0:A 224.0.0.10 EIGRP
FF02:0:0:0:0:0:0:D 224.0.0.13 All PIM routers
FF02:0:0:0:0:0:0:D
(Used for communication by routers only)
FF05:0:0:0:0:0:0:2 224.0.0.1 All nodes on the subnet
(Used for communication by hosts or routers)
FF0X:0:0:0:0:0:0:101 224.0.1.1 NTP
NLI'S CCIE IPV6 LAB GUIDE
46
FF0X:0:0:0:0:0:0:127 224.0.0.39 Cisco-RP-Announce
FF0X:0:0:0:0:0:0:128 224.0.0.40 Cisco-RP-Discovery
The main difference between the IPv4 and IPv6 packet, is that, an IPv6 packet does not contain
TTL value. TTL scoping in IPv4 is used to control how far the packet travels in the network from
the source. The major drawback of this method is that it is very inflexible and is applied to all
packets. In IPv6, there are 5 types of scoping. Using this approach, it is possible to ensure that the
same address is not used for two different multicast groups.
SOLICITED-NODE MULTICAST ADDRESS
This is particular type of multicast address. It is used to facilitate efficient address resolution. In
IPv4 when a host wants to resolve a multicast group address with the Ethernet multicast MAC
address, it sends out a broadcast ARP request on the local subnet. This ARP request is forwarded
by the switch to all ports on the network, and therefore generating unnecessary traffic.
For IPv6, instead of disturbing all IPv6 nodes on the local subnet by using the local-link scope
address of FF02:0:0:0:0:0:0:1 (i.e. 224.0.0.1), thesolicitated-node multicast address is used as the
neighbor selection message destination.
The solicitated-node multicast address is actually a multicast group. The solicited multicast address
consist of the prefix FF02::1:FF00:0 /104 and the last 24 bits of the IPv6 Interface ID address.
Following is the typical solicitated-node multicast packet:
Figure 30 - Solicited-node Address Format
NLI'S CCIE IPV6 LAB GUIDE
47
node multicast address. The solicitated-node address of an IPv6 address always ends with:
Ethernet MAC : 00:00:0C:
EUI-64 address: ::200:CFF:FE
Site-local address: FEC0::200:CFF:FE
Solicited-node multicast address:
Figure 31 - Converting Ethernet Mac Address to Solicited Node Address
Every Pv6 node join the solicited-node multicast group, for each unicast and anycast address
number of hosts for this group will respond, thereby reducing network traffic.
IPV6 ADDRESS ASSIGNMENT
An interface can have a number of IPv6 addressing possibilities:
A single Unicast IPv6 address can be assigned to an interface.
A single interface can be assigned with multiple Unicast IPv6 addresses.
interfaces can have a single Unicast IPv6
address assigned to them. This allows load balancing packets over multiple interfaces.
Routers using unnumbered interfaces on point-to-point links are not assigned IPv6 addresses.
Each node can be identified by any of the Unicast IPv6 addresses.
NLI'S CCIE IPV6 LAB GUIDE
48
SUMMARY OF IPV4 ANDIPV6 COMPARISON
32bit (4 octet) 128bit (16 octet)
Over 109 (42 billion )
Variable Size Fixed Size (40 octet)
A,B,C,D (Multicast) Class CIDR CIDR Base
Unicast
Multicast
Broadcast
Unicast
- link-local address
- site-local address
- global aggregatable address
Multicast
Anycast
Defined (ToS) , but not generally
used
Flow Label
Traffic Class
Limited IP sec built-in
Manual Configuration Auto-configuration
NLI'S CCIE IPV6 LAB GUIDE
49
IPV6 CONFIGURATION FOR WINDOWS XP
INSTALLINGIPV6 ON XP MACHINE
HTTP://WWW.MICROSOFT.COM/DOWNLOADS/ and choose from the menu option.
Once this has been done, it will automatically download the IPv6installation pack.
1. To install IPv6
2. Open Command Prompt.
3. At the command prompt, type:
: The IPv6 software supplied in the current XP release contains prerelease code and is not
intended for commercial use. This software is made available for research, development, and
testing only and must never be used in a production environment.
The other GUI way to install the service pack is:
1. Open Network Connections and then click .
2. Choose any local network interface and click .
NLI'S CCIE IPV6 LAB GUIDE
50
3. Click .
4. In the Select Network Component Type dialog box, click Protocol, and then click .
5. In the Select Network Protocol dialog box, click Microsoft TCP/IP version 6, and then
click .
6. Click to save changes to your network connection.
NLI'S CCIE IPV6 LAB GUIDE
51
REMOVING IPV6ONXP WORKSTATION
1. OPEN NETWORK CONNECTIONS AND THEN CLICK PROPERTIES.
2. Choose any local network interface and click .
3. In the network properties dialog box, click and then click
4. And click
5. Click to save changes to your network connection.
6. Reboot your workstation.
NLI'S CCIE IPV6 LAB GUIDE
52
CONFIGURE INTERFACE ATTRIBUTES
By default no attributes need to be configured on an XP interface on installation. However, if you
need to, the following commands are available:
1. Open Command Prompt.
2. At the command prompt, type:
to obtain the interface index of the interface for which interface attributes are
being configured.
3. At the command prompt, type:
where InterfaceIndex is the interface number for the interface and Attribute is
one or more of the following attributes:
o
Enables the forwarding of packets received on this interface.
o
Disables the forwarding of packets received on this interface.
o
Enables the sending of RouterAdvertisement messages on the interface.
o
Disables the sending of Router Advertisement messages on the interface.
o
Sets the size of the maximum transmissionunit in bytes for the link, which is
sent as the MTU option in the Router Advertisement message.
o
Sets the identifier for the site. The site identifier is used to distinguish among
interfaces belonging to different administrative regions that use site-local
addressing.
53
54
NLI'S CCIE IPV6 LAB GUIDE
55
MANUALLY CONFIGURE IPV6 ADDRESSES
1. Open Command Prompt.
2. At the command prompt, type:
3. At the command prompt, type:
where
InterfaceIndex is the interface number for the interface, and
Address is the IPv6 address.
NLI'S CCIE IPV6 LAB GUIDE
56
PINGING OPTIONS ON XP WORKSTATION
1. Open Command Prompt.
2. At the command prompt, type:
and view the various ping options for the workstation
PINGING THE LOOPBACKINTERFACE
1. Open Command Prompt.
2. At the command prompt, type:
and look for the loopback interface
3. At the command prompt, type:
where ::1 is the loopback interface. If the ping command fails, verify that ::1 address is
assigned to the loopback interface
NLI'S CCIE IPV6 LAB GUIDE
57
PINGING THE LOCAL INTERFACE OF NODE
1. Open Command Prompt.
2. At the command prompt, type:
and look for the LAN interface
3. At the command prompt, type:
where
is the link-local address (always FE80), and
is the interface index to which the link-local address is assigned. ::1 is
the loopback interface.
PINGING BETWEEN TWOHOSTS ON SAMESUBNET
You can perform a simple ping (an exchange of ICMPv6 Echo Request and Echo Reply messages)
with IPv6 between two link-local hosts on same or by completing the following steps:
1. Use the ipv6 install command at a Command Prompt to install the IPv6 protocol on two
host computers running Windows XP (Host A and Host B) that are on the same link
(subnet).
2. Use ipv6 if on Host A to obtain the link-local address and the interface ID for the Ethernet
interface. For example, the link-local address of Host A is FE80::210:5AFF:FEAA:20A2
and the interface ID of the Ethernet interface is 4.
3. Use ipv6 if on Host B to obtain the link-local address and the interface ID for the Ethernet
interface. For example, the link-local address of Host B is FE80::260:97FF:FE02:6EA5 and
the interface ID for the Ethernet interface is 3.
4. From Host A, use Ping6.exe to ping Host B. For example, ping6
FE80::260:97FF:FE02:6EA5%4
NLI'S CCIE IPV6 LAB GUIDE
58
OTHER PINGING OPTIONS
1. To ping the of another node:
where is the IPv6 global address of the other node
2. To ping another node by name:
where is the DNS name of the remote node
3. To ping an IPv4 compatible address of the remote node
where is the public or private IPv4 address of the remote node
TRACEROUTE
1. Open Command Prompt.
2. At the command prompt, type:
or
where:
- Is the scope ID of the remote workstation. The ScopeID for a link-
local address is the interface index from which you want to send out the
traceroute.
NLI'S CCIE IPV6 LAB GUIDE
59
IPV6 ROUTING
IPv6 Routing involves forwarding packets from hosts on one part of the network to another. The
source node will determine the destination IPv6 address of the packet. It will then lookup in its
local routing table, the next hop interface to forward the packet out of. The packet will then travel
through the network via the routers, which will perform route table lookups to determine the best
path to reach the destination.
IPV6 ROUTING TABLES
IPv6 hosts use a routing table to maintain information about other IPv4 or IPv6 nodes on the
network. Network segments are identified by using an IPv6 network prefix and prefix length.
Each workstation on an IPv6 network can maintain a routing table with an entry for every other
node it wants to communicate with. A more practical alternative is to pass the packet to the
default router.
Before a workstation sends an IPv6 packet, it inserts its source IPv6 address and the destination
IPv6 address (for the recipient) into the IPv6 header. It will then examine the destination IPv6
address and compare it to a locally maintained IPv6 routing table. The search in the routing table t
is for the closest match to the destination IPv6 address. The most specific to the least specific route
is determined in the following order:
1. A route that matches the destination IPv6 address (a host route with a 128-bit prefix
length), if this is not successful then
2. A route that matches the destination with the longest prefix length, if this is not
successful then
3. The default route (the network prefix ::/0) and the packet is forwarded to the default
router. Because the router that corresponds to the default router contains information
about the network prefixes of the other IPv6 subnets within the larger IPv6 internetwork,
it forwards the packet to other routers until it is eventually delivered to the destination.
IPV6 NODE LOCAL ROUTING TABLE DETAILS
Each node that uses IPv6 addressing, determines how to forward packets based on the contents of
the local IPv6 routing table. The IPv6 routing table is built automatically, based on the current
IPv6 configuration of the workstation. The contents of the local IPv6 routing table on an XP
workstation are listed by . The entries in the routing table consist of:
An address prefix
The interface over which packets matching the address prefix are sent
A forwarding or next-hop address
A preference value used to select between multiple routes with the same prefix
The lifetime of the route
The specification of whether the route is published (advertised in a Routing Advertisement)
The specification of how the route is aged
NLI'S CCIE IPV6 LAB GUIDE
60
The route type
NLI'S CCIE IPV6 LAB GUIDE
61
VIEW IPV6 ROUTES ON XP WORKSTATION
1. Open Command Prompt.
2. At the command prompt, type:
TO ADD AIPV6 ROUTE MANUALLY ON XPWORKSTATION
3. Open Command Prompt.
4. At the command prompt, type:
to obtain the interface index of the next hop local interface from which the route is
reachable
5. At the command prompt, type:
Prefix InterfaceIndex/Next Hop Address
where
Prefix is the route prefix
InterfaceIndex is the interface number for the local next hop interface, and
Next Hop Address is the IPv6 address of the local router normally
TO REMOVE A IPV6 ROUTE MANUALLYON XPWORKSTATION
1. Open Command Prompt.
2. At the command prompt, type:
Prefix InterfaceIndex
where
Prefix is the route prefix
InterfaceIndex is the interface number for the local next hop interface, and
Setting the lifetime of the route to 0removes the route from the routing table
NLI'S CCIE IPV6 LAB GUIDE
62
IPV6 UTILITY ON XP WORKSTATION
Currently on XP there are a number of utilities which are available :
is used for configuring interfaces, addresses, caches and routes and viewing their status.
policies and security associations.
XP does not permanently save any configuration changes and are lost if the workstation is
rebooted or restarted. In order to permanentlysave the configuration changes, a command script
file (.cmd) has to be run after restarting the workstation. To run your configuration changes
automatically after restarting the workstation, use Scheduled Tasks in Control Panel to run the
.cmd file when the workstation starts.
IPV6.EXE UTILITY
Figure 32 - IPv6.exe Utility on an XP workstation
NLI'S CCIE IPV6 LAB GUIDE
63
Installs the IPv6 protocol as a network protocol
for LAN connections. After it is installed, it
appears in the list of components in the
properties of a local area connection in
Network Connections. Type ipv6 if at the
Command Prompt to determine whether IPv6
is installed.
Removes the IPv6 protocol as a network
protocol for LAN connections.
Displays information about the local interfaces
on the node
[ ] Configures IPv6 over IPv4 tunnel with the
specified source and destination IPv4 addresses.
The option enables Neighbor Discovery
across the tunnel, so that router advertisements
can be sent and received
Creates an interface for 6over4 using the
specified IPv4 source address
Independently controls interface attributes:
Interfaces can be forwarding, in which
case they forward packets whose
destination address is not assigned to
the interface.
Interfaces can be advertising, in which
case they send router advertisements.
An interface either sends router
solicitations and receives router
advertisements, or receives router
solicitations and sends router
advertisements.
MTU for the interface can be set. The
new MTU must be less than or equal to
the link's maximum (true) MTU (as
specified by ipv6 if), and greater than
or equal to the minimum IPv6 MTU
(1280 bytes).
The site-identifier for an interface can
also be changed. Site identifiers are
used in the sin6_scope_id field for site-
local addresses.
Deletes an interface. The loopback and
automatic tunneling pseudo-interfaces cannot
be deleted.
IfIndex/Address [
ValidLifetime[ PrefLifetime]] [ ]
[ ]
Adds or removes a unicast or anycast address
assignment on an interface, defaulting to
unicast unless anycast is specified.
NLI'S CCIE IPV6 LAB GUIDE
64
Displays the content of the routing table
Prefix IfIndex[/Address] [
Valid[/Preferred]] [ P] [ ] [ ]
[ SitePrefixLength]
Adds or removes an entry from the routing
table
IfIndex Renews the ip configuration of all IPv6
interfaces. If the IfIndex is specified, only the
configuration of that interface is renewed.
NLI'S CCIE IPV6 LAB GUIDE
65
IPSEC6.EXE UTILITY
Figure 33 - IPSec6.exe Utility on XP Workstation
Displays the active security policies
Displays the active security association
filename Loads the security policies from the file
Saves the security policies to the file
sp | sa Deletes the security policy or security
association
PING6.EXE UTILITY
Figure 34 - Ping6.exe Utility on XP Workstation
NLI'S CCIE IPV6 LAB GUIDE
66
Pings continuously
Resolves addresses to hostnames
the Count
Changes the size of the ping packet to, for
example, 1500bytes
Specifies the IPv6 address source of the ping
packet
Specifies the destination IPv6 address of the
node
TRACERT6.EXE UTILITY
Figure 35 - Tracert6.exe Utility on XP Workstation
Prevents a DNS lookup when the traceroute is
being performed
Specifies the maximum number of hops the
ICMP packet travels to reach the destination
Specifies the source IPv6 interface of the
traceroute
Specifies the destination node IPv6 address
NLI'S CCIE IPV6 LAB GUIDE
67
WINDOWS IPV6 APPLICATIONS
Windows includes the following IPv6-enabled applications:
Internet Explorer - The new Internet extensions dynamic link library, Wininet.dll, enables Web
browsers to access IPv6-enabled Web servers. For example, Wininet.dll is used by Microsoft
Internet Explorer to make connections with a Web server to view Web pages. Internet Explorer
uses IPv6 to download Web pages when the Domain Name System (DNS) query for the name of
the Web server in the URL returns an IPv6 address.
NLI'S CCIE IPV6 LAB GUIDE
68
TROUBLESHOOTING IPV6 CONFIGURATION
Following are some of the problems that may be encountered when configuring IPv6 on a
workstation and some possible solutions:
Add a default route (::/0) to the router computer
and configure it to be published with the
command.
The version of Internet explorer could not be
correct. Download the correct version from the
Microsoft website.
Add a static IPv6 DNS entry in the host file that
points to the URL of the web server
This is a common problem when a link-local
destination address is used. Link-local addresses
are often configured automatically for multiple
interfaces. To specify the exact interface over
which to send Echo Request messages, use the
syntax where ScopeID
is the interface identifier for the interface over
which the ping6 traffic is sent.
The IPv6 protocol for Windows does not
support the use of IPSec Encapsulating Security
Payload (ESP) encryption. However, the use of
ESP with NULL encryption is supported.
Although NULL encryption uses the ESP
header, only data authentication and integrity
services are provided. There is currently no
solution for this and is a limitation of the IPv6
protocol of Windows
All IPv6 traffic that is encapsulated (tunneled)
inside of an IPv4 header has the IPv4 Protocol
field in the header set to 41.Open port 41 on the
firewall between the hosts
The IPv4 address configuration is missing.
Configure an IPv4 address on the workstation
NLI'S CCIE IPV6 LAB GUIDE
69
ICMP VERSION 6
ICMPOVERVIEW
Internet Control Message Protocol (ICMP), documented in RFC 792, is a required protocol tightly
integrated with IP. Some of main ICMP's functions are to:
ICMP supports the function, which just sends a
packet on a round--trip between two hosts. Ping, a common network management tool, is
based on this feature. Ping will transmit a series of packets, measuring average round--trip
times and computing loss percentages.
If an IP packet's TTL field drops to zero, the router discarding the
packet will often generate an ICMP packet announcing this fact. TraceRoute is a tool
which maps network routes by sending packets with small TTL values and watching the
ICMP timeout announcements.
such as a host or entire portion of the network being
unreachable, due to some type of failure. A TCP or UDP packet directed at a port number
with no receiver attached is also reported via ICMP.
When a router begins buffering too many packets, due to
an inability to transmit them as fast as they are being received, it will generate ICMP
messages. Directed at the sender, these messages should cause the rate of
packet transmission to be slowed. Of course, generating too many Source Quench
messages would cause even more network congestion, so they are used sparingly.
Figure 36shows that ICMP packets are encapsulated inside IP packets. It is still a layer 3 packet.
Figure 36 - ICMP packet encapsulation
NLI'S CCIE IPV6 LAB GUIDE
70
NLI'S CCIE IPV6 LAB GUIDE
71
ICMPV4
Following is a typical ICMPv4 packet format.
Figure 37 - ICMPv4 packet format
Following are some of the common ICMPv4 types and their respective codes. They are categorized as
follows: queries, errors, troubleshooting, others.
8 0 ICMPECHO Tests weather thehost is reachable
0 0 IICMPECHO_REPLY Replyfromthehostif it is reachable
13 0 TIMESTAMPREQUEST Sendtimestampinformationinthepacket
14 0 TIMESTAMPREPLY
15 0 INFORMATIONREQUEST
16 0 INFORMATIONREPLY
17 0 ADDRESSMASKREQUEST
18 0 ADDRESSMASKREPLY
3 DESTINATIONUNREACHABLE
0 NETWORKUNREACHABLE Error returnedfromrouter if networkis unreachable
1 HOSTUNREACHABLE Errr returnedif hostis unreachable
2 PROTOCOLUNREACHABLE Error returnedif protocol is unreachable
3 PORTUNREACHABLE This error occurs whenahostreceives apacket withanunknown
port number or nolonger inuse
11 0 TimetoLive(TTL) EXCEEDED Error returnedif TTLe.g. 15is reachedbypacket. Stops packet
gett inglost inthenetwork.
13 PARAMETERERROR Whenthereis aproblemwithoneof thefields inthepacke, this erro
is returned
0 Pointer Indicates theError
1 Misinga requiredoption
2 BadLength
30 TRACEROUTE Reports theroutes usedbytheIPdatagranfromsourceto
destination. It alsoprovides round-triptime.
5 REDIRECT
0 Redirect Datagramfor theNetork
NLI'S CCIE IPV6 LAB GUIDE
72
ICMPV6
ICMPv6 has many changes from ICMPv4. ICMPv6defines how IPv6 nodes use to communicate
ICMPv4 is limited to error detection, testing androuter redirection. ICMPv6 usage is a lot more
extensive, such as:
Error detection
Testing
MTU Path Discovery
Neighbor Discovery
Management of multicast groups
Stateless automatic configuration
Router redirection
next. Following is a typical ICMPv6 header format:
Figure 38 - ICMPv6 Header Format
The following summarizes the different types of ICMPv6 messages:
Error Detection i.e.
Pings
Management of
Multicast groups
Stateless
autoconfiguration
Neighbor Discovery
Router Redirection
MTU Path Discovery
The main types of ICMPv6 messages are now explained.
73
Figure 39 - ICMPV6 Router SOLICITATION Message
74
Default Gateway
`
Host
Router Solicitation Message
ICMP Type =133
Source = Link local address i.e. FE80:: /10
Destination = All-routers multicast address(FF02::2)
Router Advertisement Message
ICMP Type =134
Source = Link local address i.e. FE80:: /10
Destination = All-nodes multicast address(FF02::1)
This packet contains : subnet prefix, lifetime,
autoconfig flag, default router flag, reachability timer,
retransmit timer, MTU and hop count
Figure 40 - ICMPv6 Router Advertisement Message
o
o
NLI'S CCIE IPV6 LAB GUIDE
75
the value is set to 0, then the router is not a default router and should not appear in the
Reachable Timer. This timer determines for how long a neighbor on a link can be
considered reachable. If this timer is exceeded, the host will stop sending packets to the
neighbor.
Retransmit timer - This timer (in ms) is used by the host to retransmit RS messages and to
ensure neighbor unreachability detection.
MTU size of the packets generated by the host
The hop limit, by default this is 255.
NLI'S CCIE IPV6 LAB GUIDE
76
AUTOCONFIGURATION
In traditional IPv4 networks, there are two ways to configure the IP address of a host:
1. Manually configure the host to have a static ip address. This method makes address
management extremely difficult in enterprise networks.
2. Hosts receive their address from a DHCP server. DHCP tools make the management of
addresses a lot easier.
IPv6 takes it a step further. An IPv6 host can automatically configure itself, with or without the
help of a DHCP server. This makes address management extremely easy.
Following explains the steps on initialization of an interface, no matter what type of address (i.e.
link-local, site-local or global) is being configured:
1. On interface initialization, the host sends a Router Solicitation (RS) message to
2. If no RA message is received, then the host uses a stateful address configuration protocol
(i.e. DHCP) and other configuration parameters.
3. If the RA message is received, the configuration information that is sent in the message is
used by the host to configure itself.
Autoconfiguration occurs on each interface of a node, i.e. when each interface on that node
becomes enabled. The criteria to define when an interface is enabled are:
1. The interface is initialized when the system is booting up
2. The interface is enabled after being administratively shut down
3. The interface is re-enabled after an interface failure
4. The interface attaches itself to a new link for the first time.
In IPv6 there are three main types of autoconfiguration:
a) - for link-local, site-local and for global-address
With the exception of link-local addresses, address autoconfiguration is only for hosts. Routers
must obtain addresses and configuration parameters through manual configuration.
NLI'S CCIE IPV6 LAB GUIDE
77
STATELESS AUTOCONFIGURATION OF LINK-LOCAL ADDRESS (ROUTERS &HOSTS)
The following describes how a node (either a router or host) can automatically configure its own
link-local address:
1.
contained with the RA message to configure its link-local address:
Figure 41 - Link-local address format
The well-known link-local prefix (FE80:: /64) is received from the default router. The last
64 bits of the IPv6 address is known as the interface identifier. It is derived from the 48-
bit MAC address of the network adapter. (See section on EUI-64 Interface Identifier).
Combined both these form the 128bit IPv6 link-local address for that interface. For
example, link-local prefix FE80:0:0:0:0:0:0:0 and interface ID of 200:CFF:FE0A.2C51 forms
a link-local address of FE80:: 200:CFF:FE0A.2C51.
2. Before the node can assign the address to the interface, it needs to determine whether the
address a duplicate address exists on the same link. The node, will now initiate the
duplicate address detection process (see section below). If the node realizes that it does not
have a unique address, then the address must be manually configured.
3. If the tentative address from the router is unique, the address is initialized. This includes
setting the valid and preferred lifetimes for that address, based on the information in the
RA message. Initialization also includes registering the corresponding solicited-node
multicast link-layer address with the network adapter.
4. The node is now ready to communicate locally with other nodes on the same link.
STATELESS AUTOCONFIGURATION OF SITE-LOCAL ADDRESS (ONLY HOSTS)
The following describes how a host only can automatically configure its own site-local address:
1. The default router will respond to the hosts RA message, and provide the host details to
autoconfigure itself along with other information.
2. The host will use the prefix information markets for configuration to create a site-local
address:
Figure 42 - Site-Local Address Format
1111 1110 11 0 subnet ID interface ID
NLI'S CCIE IPV6 LAB GUIDE
78
3. A host is not required to perform duplicate address detection when assigning its site-local
address, because this step was already carried out with then link-local address was
assigned.
4.
unique to each link.
5. The address is now initialized. This includes setting the valid and preferred lifetimes for
that address, based on the information in the RA message.
6. The node is now ready to communicate locally with other nodes on the same link.
STATELESS AUTOCONFIGURATION OF GLOBAL ADDRESS (ONLY HOSTS)
The following describes how a host only can automatically configure its own site-local address:
1. The default router will respond to the hosts RA message, and provide the host details to
autoconfigure itself along with other information.
2. The host will use the prefix information markets for configuration to create a global-local
address:
FP TLA ID RES NLA ID SLA ID Interface ID
Figure 43 - Global Address format
3. A host is not required to perform duplicateaddress detection as all global addresses are
unique. This is equivalent to the IPv4 Internet routable addresses, which always have to
be unique to each host sitting on the Internet.
4. The address is now initialized. This includes setting the valid and preferred lifetimes for
that address, based on the information in the RA message.
5. The node is now ready to communicate locally with other nodes on the same link.
STATES OF AUTOCONFIGURED ADDRESS
When an address is being automatically configured by the node, it can live in one of many states as
shown below. Each of these states are defined in the following table:
Figure 44 - States of Autoconfigured address
NLI'S CCIE IPV6 LAB GUIDE
79
The IPv6 address is in the process of being verified as being unique
on the local-link. This process occurs through the duplicate address
detection process (see below).
Once a node has determined that the address is unique, it can send
and receive traffic. A Router Advertisement (RA) message can
determine the period of time an address can remain in this
Preferred state, using the value.
This is an IP address which is valid, but is discouraged from being
used.
This state spans both Preferred and Deprecated state. It is the
overall state when nodes can send and receive traffic. A Router
Advertisement (RA) message can determine the period of time an
address can remain in this Preferred state, using the
value.
A node can no longer use the IP address. An address enters this
state after the Valid Lifetime expires.
NLI'S CCIE IPV6 LAB GUIDE
80
STATEFUL AUTOCONFIGURATION
DHCPv6 supports IPv6 and it enables DHCP servers to transmit configuration parameters to IPv6
nodes.
DHCP can be used in an environment to deliver either stateless or stateful autoconfiguration:
require a DHCP server to maintain the dynamic state for each
individual node on the network (see previous section). However, even in stateless
autoconfiguration, a DHCP server can still be used to provide other parameters to nodes,
such as, DNS and domain search list options.
- Addresses are centrally managed by a DHCP server and assigned to nodes on the
networks. A node use a centrally assigned address and not use protocols, such as,
autoconfiguration or router advertisement (RA). The client (i.e. node) will first listen out
for RA messages on the local link. If a RA isnot received, the node will determine that it
needs to use DHCP to configure the address for that interface.
DHCPV6 COMPONENTS
The following table describes the DHCPv6 components:
DHCP client The node or host that has an interface requiring an IPv6 address
DHCP agent or relay
DHCPv6 does not require a DHCP server on each link. An agent or
relay facilitates the initial communication between the DHCP
server and the client, when they are on different links.
DHCP server
This is the server that provides central management and allocation
of IPv6 addresses to DHCP client configuration parameters.
DHCPV6 PORTS
DHCPv6 uses the following Internet User Datagram Protocol (UDP) ports:
546 - DHCP servers use this port as the destination port to send messages to clients and
DHCP relays. In addition, the DHCP relay use this port to send messages to the clients.
547 - DHCP clients use this port to send messages to DHCP relays. In addition, DHCP
relays use this port as the destination port for messages sent to the servers.
DHCPV6 MULTICAST ADDRESSES
DHCPv6 uses the following multicast addresses:
- DHCP clients use this link-scoped multicast
address to communicate with DHCP relays (agent) . All relays (agent) within the same
DHCP domain belong to this multicast group.
81
o
o
`
DHCPv6 Client
DHCPv6 Server
3
1
2
4
5
5ffe::10
5ffe::2
Figure 45 - DHCPv6 Client and Server Operation on same local link
82
Figure 46 - DHCPv6 Client and Server on different subnets
NLI'S CCIE IPV6 LAB GUIDE
83
SUMMARY COMPARISON BETWEEN STATELESS &STATEFUL AUTOCONFIGURATION
The following table highlights, the main comparisons between stateless and stateful
autoconfiguration:
Router Solicitation (RS) and Router
Advertisement (RA) ICMPv6 messages used to
automatically configure in
DHCPv6 protocol used to configure IPv6
address. This requires a DHCPv6 server and/or
DHCP relays.
Addresses are automatically generated. Central address management and allocation.
Minimal setup and administration time. Requires administration of the DHCPv6 server.
DNS parameters are not automatically assigned
and can either be manually configured or use
stateful configuration via a DHCPv6 server.
DNS parameters are automatically provided to
the client.
84
ICMPv6 Neighbor Solicitation Message
ICMPv6 type 135
Source Address Host A
Destination Address Solicited-node multicast address
Data field Link-layer address of Host A
Query what is your address?
Figure 47 ICMPv6 Neighbor Solicitation Message
Figure 48 - ICMPv6 Neighbor Advertisement Message
85
Figure 49 - Solicited-node Multicast NSMessage for IPv6 Address Resolution
86
`
`
Ethernet Header
Destination Mac address- 00-AA-00-11-11-11
IPv6 Header
Source Address FE80::2AA:FF:FE22:2222
Destination Address FF80::2AA:FF:FE11:1111
Hop limit 255
Neighbor Solicitation Header
Target Address FE80::2AA:FF:FE11:1111
Neighbor Discovery Option
Source Link Layer Address
Host A
MAC Address- 00-AA-00-11-11-11
IPv6 Address 2AA-FF-FE11-1111
Host B
MAC Address- 00-AA-00-22-22-22
IPv6 Address 2AA-FF-FE22-2222
Host C
MAC Address- 00-AA-00-33-33-33
IPv6 Address 2AA-FF-FE33-3333
Neighbor Advertisement
Message
Figure 50 - Unicast Neighbor Advertisement Message for Address Resolution
NLI'S CCIE IPV6 LAB GUIDE
87
This intelligence to detect whether a neighbor is reachable is built into IPv6. IPv6 uses two main
ways to determine if a neighbor is reachable:
1. Using upper layers of the protocol e.g. TCP, or
2. Receipt of a Neighbor Advertisement (NA) message in response to a Neighbor Solicitation
(NS) message.
When no verification can be received from upper layers of the protocol, a node will use NS
messages to probe the neighbor to verify the next-hop path is still available. If the neighbor replies
with a NA message (with the solicited bit set), this verifies that theforward path is still working. If
no NA message is received, then the neighbor is considered unreachable.
Neighbor reachability is determined when a node sends out a NS message and receives a reply
from the neighbor with a NS message. The neighboring node which sends out the NA message,
does not receive any confirmation that message was reached. For two nodes to determine
reachability, both nodes much exchange NS and NA messages with each other.
IPv6 address, link-layer address, and reachability state. Neighbors transition through various states
to determine their reachability.
DUPLICATE ADDRESS DETECTION
In IPv4, all nodes send out a gratuitous ARP to detect duplicate ip addresses on the same link. In
IPv6, nodes perform a similar function by using the NS messages. Duplicate address detection is
performed whether the IPv6 address assigned to th
configuration.
When the interface is being initialized, it enters the state. It is at this state, where the
duplicate address detection is carried out. The address being queried for duplication cannot be used
until it is determined that the address is not already in use on the local-link.
The duplicate address process is described as below:
1. Interface is initialized.
2. The node sends out a NS message with the tentative IPv6 address as the target. The source
field is the unspecified address ( ).
3. If a neighbor on the same local-link is already assigned that address receives the message,
it sends a NA message back. The destination address of the message is i.e. multicast
address all nodes on the local-link. The reason for using the multicast address, is that the
sender of the NS message cannot use the address until the duplication detection process is
over.
4. The source node will disable use of the duplicate address on the interface and wait for the
interface to be configured manually with an alternative IPv6 address.
NLI'S CCIE IPV6 LAB GUIDE
88
If no duplicate address was detected, the interface initialization process is complete, and the use of
that IPv6 address is assigned as the link-local address of the interface.
REDIRECT MESSAGES
Routers send Redirect messages to inform hosts of a better first hop to the destination. There are
two main reasons why the redirect messages are sent:
Normally, the host will send the traffic to its configured default router. However, if there
are multiple routers on the same network, and if the default router has a higher metric to
reach the destination, it will send the host a redirect message to use the alternative router
as its next-hop to reach the destination.
The source and the destination are on the same subnet and if the source host does include
the prefix for the destination host, the packet would be sent to the default router. In this
case, the default router will send a redirect back to the source informing the presence of
the destination on the same link.
Figure 51describes the steps involved in a redirect:
Figure 51 - Steps involved in an ICMPv6 redirect message
1. The originating host sends a packet to the default router A.
2. Router A determines one of the conditions (identified before) to send a redirect message
to Host H. In the destination field of the message is the correct next hop address, for
example, the link-local address of Router B in the above diagram.
3. Router A will forward the packet to the appropriate next-hop.
4. Upon receiving the redirect message, Host H will update the next-hop field in the
destination cache entry to match value contained in the redirect message.
5. The Routers send Redirect messages to inform hosts of a better first hop to the destination.
There are two main
89
Figure 52 - Steps involved in ICMPv5 MTU Path Discovery
NLI'S CCIE IPV6 LAB GUIDE
90
ICMPV6 SECURITY
Similar to ICMPv4, ICMPv6 is often blocked by corporate firewalls because most Denial of Service
(DoS) attacks are based around ICMP. However, the main difference between ICMPv4 and
ICMPv6 is that,ICMPv6 has the capability of IPSec authentication and encryption. This reduces
the possibilities of an attack associated around ICMP.
ICMP protocol packet exchanges can be authenticated using the IPv6 Authentication Header. A
node can include an Authentication Header when sending ICMPv6 messages. When the
destination host receives the Authentication Headers, it must be verified for correctness. Packets
with incorrect authentication will be ignored and discarded. Confidentiality issues are addressed
by using the ESP header.
NLI'S CCIE IPV6 LAB GUIDE
91
IPV6 ROUTING
INTRODUCTION
As in IPv4 there are distinctions in either manually configured or dynamically learned routes
using routing protocols, similarly in IPv6 there are :
o RIPng
o OSPFv3
o IS-ISv6
o Cisco EIGRP for IPv6
o BGPv4 support for IPv6
STATIC ROUTES
Static routes are manually configured to create a route entry between two networking devices in
order to forward packets.
Ideal for extremely small networks Manual configuration
No CPU process taken to calculate routes Not automatically updated to represent changes
in networking topology
No bandwidth taken to exchange routing
information between neighbors
Not scalable for larger networks.
Accurate control over the path packets should
always follow
No solution exists to prevent routing loops
Static routes can be redistributed into dynamic
protocols, however, cannot redistribute the
other way around.
TYPES OF STATIC ROUTES
There are four main types of static routes:
1.
local interface, a directly connected interfaceis statically defined as the next hop for the
destination network, as shown below:
Ipv6 route 2001:1:1::1/64 Fastethernet0/0
2.
looked up in the routing table to determine the output interface, as shown below:
NLI'S CCIE IPV6 LAB GUIDE
92
Ipv6 route 2001:1:2::0/64 2001:1:1::1 {recursive static route}
Ipv6 route 2001:1:1::1/64 Fastethernet0/0
The recursive route is valid only when the next-hop resolves to a directly or indirectly
connected IPv6 interface on the router. Also, the route should not be self-recursive i.e. route
back to itself thus causing a routing loop.
If the next-hop interface disappears (in our example above fastethernet 0/0 goes down), it
could take up to a minute for the recursive route to disappear from the routing table.
Similarly, when the next-hop interface becomes valid again it could take up to a minute for
the recursive route to be added back to the routing table.
3. e and the next hop are specified.
This is configured, when the output interface is a multi-access interface and it is necessary to
explicitly define the next-hop. The next hopmust be directly connected to the output
interface.
Ipv6 route 2001:1:2::0/64 Serial 0/0 2001:1:1::1
4. administrative distance than the
dynamic routing protocol and used as a backup to dynamic routing protocols. If the dynamic
route disappears, the floating route takes its place in the routing table.
Ipv6 route 2001:1:2::0/64 Fastethernet0/0 200 {higher AD than RIP}
IPV6 RIP (RIPNG)
RIP for IPv6 is also called (RIP next generation). RIPng functions the same way as RIPv4,
i.e. there is no difference in routing operational features or timers. The only main differences are:
Supports IPv4 addresses only Supports IPv6 addresses only and is
backward compatible with IPv4
RIP updates sent to 224.0.0.10 RIP updates uses multicast address FF02::9
One RIP process uses only one Routing
Information Database (RIB)
Multiple RIP processes can be configured, each
with their own name. Each RIP process
maintains its own local routing database, called
Routing Information Database (RIB). This RIP
database consists of best IPv6 routes to a
destination. These routes are uploaded to the
administrative distance.
UDP port 520 UDP port 521
RIPv4 only uses 1 equal-cost path when
multiple paths are available between neighbors.
IPv6 by default uses 4 equal-cost paths between
neighbors. The range is from 1 to 64.
NLI'S CCIE IPV6 LAB GUIDE
93
OSPFV3
The RFC of OSPFv3 is RFC2740. It is based on the enhancements of OSPFv2 features and is
primarily designed to support larger IPv6 addresses and additional new features. The fundamental
mechanics of flooding, DR election, area support, SPF and so on have remained unchanged.
SIMILARITIES WITHOSPFV2
Following highlights some of the similarities between OSPFv2 and OSPFv3:
OSPFv2 packet types:
Hello
Database Description
Link-State Request
Link-State Update
Link-State Acknowledgement
Mechanisms for neighbor discovery and adjacency formation are identical:
Hello packets are exchanged to discover neighbor information
Adjacency selection and establishment to and for DR / BDR
SPF algorithm is exactly the same for both versions
Support for various interface types:
Point-to-Point
Point-to-Multipoint
Broadcast
Non-Broadcast Multicast Access (NBMA)
Virtual-links
Timers are identical:
Link state database aging timers are identical
LSA flooding and aging timers are identical
Nearly identical LSA types
OSPFv3 also uses Router-ID under the OSPF process. This Router-ID is a IPv4 32 bit
number just like in OSPFv2. If no ID is configured, the OSPFv3 uses the same rules as
OSPFv2 to choose the Router-ID i.e. it automatically prefers highest loopback interface,
and if no lookback interface is present then the interface with the highest IPv4 is chosen to
be the Router-ID.
NLI'S CCIE IPV6 LAB GUIDE
94
OSPF PACKET HEADERCOMPARISON
OSPFv2 packet type uses a 24-byte header:
Figure 53 - OSPFv2 packet header
Field Description
V Ospf version
T Ospf packet type:
I Packet length
Rid Router ID
Aid OSPF area ID
CHK OSPF packet checksum
Auto Authentication type
Auk Acknowledgment interface
OSPFv3 packet type uses a 16-byte header:
Figure 54 - OSPFv3 Packet Header
Field Description
V Ospf version
T Ospf packet type:
NLI'S CCIE IPV6 LAB GUIDE
95
I Packet length
Rid Router ID
Aid OSPF area ID
CHK OSPF packet checksum
Instance ID Multiple instances per link
OSPF LINK STATE ADVERTISEMENT MESSAGE FORMATCOMPARISON
LSA messages are Type 5 messages as explained in the previous section.
In OSPFv2, the format of an LSA packet is:
Figure 55 - OSPFv2 LSA packet format
In OSPFv3, LSA message format looks exactly the same as in OSPFv2, except that the Option (8
bits) field has been removed from the header and the LS Type field has been expanded to 16 bits:
Figure 56 - OSPFv3 LSA packet format
NLI'S CCIE IPV6 LAB GUIDE
96
The new LSA Type field looks like:
Figure 57 - New LSA Type field format
OSPF LSATYPE COMPARISON
OSPFv2 used in IPv4 has 10 main types of LSAs. A summary table is shown below:
1 Router-LSA
2 Network-LSA
3 ABR summary link advertisement
4 ASBR summary link advertisement
5 Autonomous System (AS) External route advertisement
6 Multicast Group LSA
7 NSSA external
9 Opaque LSA : Link-local scope
10 Opaque LSA : Area-local scope
11 Opaque LSA : Autonomous System scope
OSPFv3 has 9 main types of LSAs. Although most of the functionality has remained unchanged
from OSPFv2 LSA types, the LSAs have been renamed in OSPFv3. Also, new LSAs have been
added to OSPF to carry IPv6 addresses and next-hop information.
The following table shows OSPFv3 LSA types. The additions or renaming are highlighted in grey.
0x2001 1
This LSA describes the link state and costs of a router's links to
the area.
These LSAs are flooded within an area only.
This LSA will indicate if the router is a ABR or ASBR or virtual-
link router
This type of LSA is used to advertise a stub network
NLI'S CCIE IPV6 LAB GUIDE
97
0x2002 2
This LSA describes the link state and cost of all routers attached
to the network.
Only DR routers send this LSA to all routers in the network
0x2003 3
This LSA has been renamed
This is generated by ABRs
Lists all networks or summarizednetworks within an OSPF area
In OSPFv3 this LSA contains , instead of
and like in OSPFv2.
0x2004 4
This LSA has been renamed also
This is generated by the ASBR
It is used to advertise the location of the ASBR
0x2005 5
This LSA lists all external networks e.g. redistributed routes from
a different routing protocol into OSPF
This is generated by ASBR or ABR
In OSPFv3 this LSA contains , instead of
and like in OSPFv2.
0x2006 6 Group-Membership-LSA
0x2007 7 Type7-LSA
0x2008 8
This is a new LSA type
The scope of the LSA is limited to the local-link and are never
flooded beyond the local-link
This type of LSA is used to provide the link-local address of the
router to all other OSPFv3 routers on the same local-link, so that
they can establish neighbor relationship.
0x2009 9
This has been renamed
A router can originate multiple intra-area-prefix LSAs for each
router or transit network, eachwith a unique link-state ID
In OSPFv3 this LSA contains , instead of
and like in OSPFv2.
98
Figure 58 - OSPFv2 LSA flooding scope
NLI'S CCIE IPV6 LAB GUIDE
99
OTHER MAJOR COMPARISONS BETWEENOSPFV2ANDOSPFV3
Following is a list of major comparisons between OSPFv2 and OSPFv3, details of each comparison
will be explained next:
Support for Ipv6 addressing
OSPFv3 protocol processing per link rather than per subnet
Multiple OSPFv3 protocol instances can now run over a single link
Multicast addresses
Unknown LSA types
Removal of authentication
Routing process not necessary
Interface configuration mode
NBMA networks
Force SPF in OSPFv3
Load Balancing
OSPFV3 SUPPORT FORIPV6
RFC2740 expands OSPFv2 to now provide support for the 128bit IPv6 addressing.
OSPFV3 PROTOCOL PROCESSING PER LINK RATHER THAN PER SUBNET
IPv6 has some important characteristics:
Connects physical interfaces to links and not subnets
Multiple addresses and prefixes can be configured on each subnet
OSPFv3 uses there characteristics to communicatewith neighbors over links and not subnets.
packet no longer needs to reside on the same
MULTIPLEOSPFV3PROTOCOL INSTANCES
Multiple OSPFv3 processes can run on a single link. The field is used to differentiate
between the multiple OSPFv3 processes running onthe same link. In order to have two instances
to talk to each other, they have to have the sameinstance ID. By default, the instance ID is 0.
OSPFV S USE OF LINK-LOCAL ADDRESSES
As link-local addresses are configured on every IPv6 router link, OSPFv3 uses these link-local
addresses as the source address of protocol packets.
MULTICAST ADDRESSES
IPv6 multicast addresses are used to establish adjacency relationships:
NLI'S CCIE IPV6 LAB GUIDE
100
UNKNOWNLSA TYPES
In OSPFv2, the router would discard LSAs of unknown type. The handling of unknown LSA types
has changed in OSPFv3. If an OSPFv3 router does not recognize the LSA type will still know how
to flood the packet, the reason being as the flooding scope of handling of unknown LSA types is
encoded in the expanded LSA Type field in the packet header. The values associated with the
handling of unknown LSAs is shown in the table below:
0 Treat the LSA as if it has link-local flooding scope
0 Store and flood the LSA as if the type is understood
REMOVAL OF AUTHENTICATION
In OSPFv2 authentication is included with the OSPF packet . In OSPFv3, authentication has been
removed as IPv6 integrity, authenticity and confidentiality mechanisms are built into the IPv6
packet header using AH and ESP.
ROUTING PROCESS NOT NECESSARY
Unlike OSPFv2, in OSPFv3 a routing process does not need to be explicitly created. Enabling
OSPFv3 on an interface will cause a routing process to be created automatically.
INTERFACE CONFIGURATION MODE
OSPFv2 is enabled on an interface automatically using the routing configuration mode e.g. router
ospf 100. In OSPFv3, OSPF must be enabled perinterface under the interface configuration mode
e.g. ipv6 ospf 100 area 0. The disadvantage of this that, in OSPFv3 all address prefixes on an
interface are enabled by default and would be placed in the same area configured for that interface
(unless a different instance is created). Users cannot select some address prefixes to be imported
into OSPFv3 database; either all address prefixes on an interface are imported, or no address
prefixes are imported.
NBMANETWORKS
OSPFv3 cannot automatically detect neighbors ona NBMA network. On a NBMA interface, all
neighbors must be specifically configured.
FORCE SPFIN OSPFV3
Normally, to re-run the SPF algorithm the command has to be used. This
command clears the database, repopulates it and then runs the SPF algorithm. In OSPFv3, a new
command has been added , which does not clear the database only runs the
SPF algorithm.
NLI'S CCIE IPV6 LAB GUIDE
101
OSPFV3 LOAD-BALANCING
If there are multiple paths to the same destination, with the same metric and administrative
distance, in OSPFv2, there are only a maximum of 6 paths the traffic can be load balanced. In
OSPFv3, there can be a maximum of 16 paths.
OSPFV3 ROUTE AUTHENTICATION
To ensure that route updates have not been changed, OSPFv3 can turn onroute authentication.
OSPFv3 uses IPSEC to enable route authentication. In OSPFv3, the authentication headers have
been removed from the OSPF packet header and instead IPv6 headers to authenticate and encrypt
route exchanges are used.
IPSEC is used to add authentication to OSPFv3 route updates. IPv6 AH and ESP headers are used
needed for encryption. Once IPSEC has been configured under OSPFv3, it is invisible to the user.
To configure IPSEC, a security policy must be configured. This policy is made up of:
o (SPI) number
o
o
o
OSPF authentication can either be configured per:
different authentication keys can be chosen per interface, however, this is not a very
scalable model.
NLI'S CCIE IPV6 LAB GUIDE
102
IS-IS PROTOCOL OVERVIEW
Intermediate System-to-Intermediate System (IS-IS) protocol is a link state Interior Gateway
Protocol (IGP). A single Autonomous Systemin IS-IS is divided into areas. Hierarchical
organization of routing between areas is achieved by administratively dividing a domain into
smaller areas. Hierarchical organization is completed by configuring Level 1 and Level 2
Intermediate Systems (IS). IS-IS supports two-level routing hierarchy:
Both Level 1 and Level 2 routers exist in an area. Routers can be one of the following types:
Figure 59 - IS-IS Router types
Level 1 (L1) router - knows only the topology of its own area and contains L1 neighbors in
this area. It has an L1 link-state database that contains the information for intra-area
routing. The L1 router uses the closest L1L2 router in its area to send packets outside the
area.
Level 2 (L2) router - can have neighbors in the same or in different areas. It has an L2
link-state database that contains information for inter-area routing. L2 routers know
about other areas, but cannot have information about L1 from their own area.
p for any router. An L1L2 router can have
neighbors in any area. As such, it has a L1 link-state database for intra-area routing and
L2 link-state database for inter-area routing. An L1L2 router executes two SPFs and hence
can require more memory and processing.
Following are some of the main features of IS-IS:
Hello packets are sent out of each interface to discover neighbors and establish adjacency
relationships
Link State Packets (LSP) are used to communicate network reachability information to
adjacent routers. LSPs are used to construct a link-state database.
Uses the same algorithm as OSPF i.e. Shortes
algorithm to calculate the best path to a network. SPF runs over level 1 and level 2
database separately.
NLI'S CCIE IPV6 LAB GUIDE
103
IS-IS FOR IPV6
Two new Type/Length/Values (TLV) were added for IPv6:
ribes network reachability, such as, routing
prefix and metric.
e IPv6 interface address i.e. 128 bits. Hello
PDUs must contain link-local address (FE80:: /10) and LSP must contain non-link local
addresses.
A new Network Layer Protocol Identifier (NLPID was also defined. This allows IS-IS routers to
advertise IPv6 prefix payload.
IS-IS MULTI-TOPOLOGY SUPPORT FOR IPV6
IS-IS for IPv6 uses the same SPF for both IPv4 and IPv6 on each level. This means that all routers
in an IS-IS area must run the same set of protocols! Therefore, it is not really suitable for an
existing IPv4 IS-IS network to have customers who want to turn on scattered IPv6 support.
To allow more flexibility in the design of IS-ISnetworks multi-topology support allows a set of
independent topologies to exist within the same area. New TLVs attributes for Multi-Topology
extensions were introduced, and these are as follows:
Multi-topology TLV -contains one or more multi-topology ID in which the router
participates. It is theoretically possible to advertise an infinite number of topologies. This
TLV is included in IIH and the first fragment of a LSP.
MT Intermediate Systems TLV - this TLV appears as many times as the number of
topologies a node supports. A MT ID is addedto the extended IS reachability TLV type 22.
Multi-Topology Reachable IPv4 Prefixes TLV- this TLV appears as many times as the
number of IPv4 announced by an IS for a given MT ID. Its structure is aligned with the
extended IS Reachability TLV Type 236 and add a MT ID.
Multi-Topology Reachable IPv6 Prefixes TLV- this TLV appears as many times as the
number of IPv6 announced by an IS for a given MT ID. Its structure is aligned with the
extended IS Reachability TLV Type 236 and add a MT ID.
NLI'S CCIE IPV6 LAB GUIDE
104
BGPV4
Border Gateway Protocol (BGP) is an External Gateway Protocol (EGP) and is used to route traffic
between different Autonomous Systems (AS), and this is show below:
AS1
AS2
Figure 60 - External Border Gateway Peering between different Autonomous Systems
For two BGP peers to exchange routing information, they need to form a neighbor relationship,
also called Peer Relationship. BGP routers form two types of peer relationships and this is shown
in the diagram below:
th BGP peers within the same AS
BGP peers within a different AS
Figure 61 - Comparison between EBGP and IBGP
BGP uses TCP for reliable communication between its peers. BGP uses TCP port 179. Once a TCP
session has been established to port 179 between the BGP peers, BGP sends a series of messages
between the peers to initiate a BGP sessions, verify that the sessionis active, send routing updates,
and notify peers of any error conditions. There are 5 different message types and these are
explained in detail below:
105
BGP
Message
Number
BGP Message
Type
Message Description
1 OPEN After the TCP session has been negotiated, BGP peers send an OPEN
message. All the fields must match with the peers before any routing
updates can be exchanged. Once this message has been exchanged, a
BGP session has been established.
OPEN Message
BGP version no 4 The latest BGP version number
is 4.
My AS 21994 If this value does not
match with that configured on the
remote router, the BGP session will
not be opened
Hold timer 180 seconds On cisco routers,
this is the default timer
Router ID 137.1.200.1- The local Routers ID,
and like OSPF it is the highest ip
address on the router, and if there a
loopback address, then it is the
highest loopback IP address. This
value is configured using the bgp
router-idcommand
Optional None - Optional BGP capabilities
parameters
OPEN Message
BGP version no 4 The latest BGP version number is
4.
My AS 714 If this value does not match
with that configured on the remote
router, the BGP session will not be
opened
Hold timer 180 seconds On cisco routers, this
is the default timer
Router ID 137.1.200.2 - The local Routers ID,
and like OSPF it is the highest ip
address on the router, and if there a
loopback address, then it is the
highest loopback IP address. This
value is configured using the bgp
router-id command
Optional None - Optional BGP capabilities
parameters
2 UPDATE After the OPEN message has been sent, the routers will then exchange
routing information using the UPDATEmessage. This message contains
information about each route being advertised to the BGP peer.
UPDATE Message
PATH attributes This is basically the metrics used by
BGP to decide on the best route. The
top 10 are:
1. ORIGIN IGP
2. AS_PATH -21994
3. NEXT_HOP- 137.1.200.1
4. MULTI-EXIT-DISC - 0
5. LOCAL-PREF
6. ATOMIC-AGGREGATE
7. AGGREGATOR
8. COMMUNITY
9. ORIGINATOR_ID
10. CLUSTER_LIST
NLRI (Network Layer
Reachability
Information)
This is the actual route being
advertised as reachable by the
router: 11.11.11.11 /24. Each route
being advertised is listed here.
Unfeasible Route
Length
Total number of routes that are being
withdrawn from the BGP table 0
(When this is zero, then no routes
are being withdrawn)
Withdrawn Routes The actual routes which are being
withdrawn -0
UPDATE Message
PATH attributes This is basically the metrics used by
BGP to decide on the best route. The
top 10 are:
1. ORIGIN IGP
2. AS_PATH - 714
3. NEXT_HOP- 137.1.200.2
4. MULTI-EXIT-DISC - 0
5. LOCAL-PREF
6. ATOMIC-AGGREGATE
7. AGGREGATOR
8. COMMUNITY
9. ORIGINATOR_ID
10. CLUSTER_LIST
NLRI (Network Layer
Reachability
Information)
This is the actual route being
advertised as reachable by the
router: 22.22.22.22 /24. Each route
being advertised is listed here.
Unfeasible Route
Length
Total number of routes that are being
withdrawn from the BGP table 0
(When this is zero, then no routes
are being withdrawn)
Withdrawn Routes The actual routes which are being
withdrawn - 0
3 NOTIFICATION If this message is sent to a BGP peer, this is because an error has
occurred, which results in an immediate BGP session termination. On
termination, an UPDATE message is sent to the peer and all the BGP
routes are removed from the table.
There are 6 main reasons which a NOTIFICATION message is sent:
NLI'S CCIE IPV6 LAB GUIDE
106
1. Message Header Error This indicates that an error occurred
processing the BGP packet error e.g. bad BGP message length
2. OPEN Message Error This occurs if any one of the fields in
an OPEN message dont match between the peers, e.g. BGP
version mismatch, MD5 password mismatch, the peering router
expects a different My AS.
3. UPDATE Message Error A number of errors can occur when
processing an UPDATE message e.g. Malformed AS_PATH,
invalid NEXT-HOP attribute, AS Route loop, invalid ORIGIN
attribute etc
4. Hold Timer Expired - This indicates that the BGP peer does
not receive a KEEPALIVE message within the negotiated time
interval e.g. default 180 seconds
5. Finite-State Message Error This indicates if an unexpected
error occurs during the BGP finite state negotiation.
6. Cease Indicates the immediately terminated BGP session
4 KEEPALIVE After a BGP session has been established using TCP, KEEPALIVE
messages are sent between the peers. The default timer is 60 seconds.
This is like an OSPF hello packet, notifying the BGP peer that the
session is still active. KEEPALIVE messages do not contain any data.
They are just a 19 byte BGP header.
Router 1
AS21994
Router2
AS714
KEEPALIVE Message KEEPALIVE Message
5 ROUTE-
REFRESH
Previously BGP sessions had to be cleared and manually started if there
was a local policy change and for the policy change to have an effect on
local BGP database. This used to have detrimental effects on the
routers performance as whole BGP table had to be re-learnt.
In newer code, soft reconfiguration can be configured. This allows the
router to receive any updates and store them in the routers memory.
This is issued by using the command clear ip bgp * soft { in | out }.
When this command is issued, the local BGP peer acts as if it just
received a full BGP routing table.
BGP ROUTE-REFRESH capability (also called the soft-reconfiguration
capability) is automatically enabled on latest versions of Cisco IOS
releases. This option is exchanged in the OPEN message before a BGP
session is initiated. This capability allows BGP peers to dynamically
request any inbound or outbound updates without having to specifically
configure the soft-reconfiguration inboundcommand.
For BGP peers to establish an adjacency and exchange routes, they have to transition through
various states. During each state, the BGP peer send and receive BGP messages, such as, OPEN,
UPDATE, NOTIFICATION etc, and on each successful state negotiation they transition to a higher
state. This process is known as the .
NLI'S CCIE IPV6 LAB GUIDE
107
Following depicts the FSM:
Figure 62 - Fixed states a BGP peer progresses through
Idle State
Initializes resources for the BGP process
Tries to establish a TCP connection with its
configured BGP peer
Listen for a TCP connection from its peer
If an error occurs at any state of the FSM
process, the BGP session is terminated
immediately, and returned to the Idle State.
Some of the reasons why a router does not
progress from the Idle state are:
o TCP port 179 is not open
o A random port over TCP port greater
than 1023 is not open
o Peer address configured incorrectly on
either router
o AS number configured incorrectly on
either router
Connect State
Wait for successful TCP negotiation with peer.
BGP does not spend much time in this state if
the TCP session has been successfully
established.
Sends OPENmessage to peer
NLI'S CCIE IPV6 LAB GUIDE
108
If an error occurs, BGP moves to the ACTIVE
state. Some reasons for the error are:
o TCP port 179 is not open
o A random port over TCP port greater
than 1023 is not open
o Peer address configured incorrectly on
either router
o AS number configured incorrectly on
either router
Active State
If the router was unable to establish a successful
TCP session, then it ends up in the ACTIVE
state.
Here, the router will try to restart another TCP
session with the peer and if successful, then it
will send an OPENmessage to the peer.
If it is unsuccessful again, the FSM is reset to the
IDLE state.
If you see a router cycling between the IDLE and
the ACTIVE state, here are some of the reasons:
o TCP port 179 is not open
o A random port over TCP port greater
than 1023 is not open
o BGP configuration error
o Network congestion
o Flapping network interface
OpenSent State
The router listens for anOPEN message from its
peer.
Once the message has been received, the router
checks the validity of theOPEN message.
If there is an error it isbecause one of the fields
in the OPENmessage doesnt match between
the peers, e.g. BGP version mismatch, MD5
password mismatch, the peering router expects
a different My AS. The router will then send a
NOTIFICATION message to the peer indicating
why the error occurred.
If there is no error, aKEEPALIVE message is
sent
OpenConfirm State
The peer is listening for aKEEPALIVE message
from its peer.
If a message is received, then BGP transitions to
the next state.
If no KEEPALIVE message is received, the
router transitions back to the IDLE state.
NLI'S CCIE IPV6 LAB GUIDE
109
Established State
Here the peers sendUPDATE messages to
exchange information about each route being
advertised to the BGP peer.
If there is any error in the UPDATE message
then a NOTIFICATIONmessage is sent to the
peer, and BGP transitions back to the IDLE
state.
BGP PATH ATTRIBUTES
All dynamic protocols use metrics in order to calculate the best route to a destination. Unlike other
routing protocols which only use a few metrics, BGP
grey attributes are specific to IPv6 and not used in IPv4):
1 ORIGIN. Well Known, Mandatory RFC 1771
2 AS_PATH. Well Known, Mandatory RFC 1771
3 NEXT_HOP. Well Known, Mandatory RFC 1771
4 MULTI_EXIT_DISC. Optional, Non-Transitive RFC 1771
5 LOCAL_PREF. Well Known, Discretionary RFC 1771
6 ATOMIC_AGGREGATE. Well Known, Discretionary RFC 1771
7 AGGREGATOR. Optional, Transitive RFC 1771
8 COMMUNITY. Optional, Transitive RFC 1997
9 ORIGINATOR_ID. Optional, Non-Transitive RFC 1966, RFC 1998
10 CLUSTER_LIST. Optional, Non-Transitive RFC 1966, RFC 1998, RFC 2796
11 DPA.
12 ADVERTISER. RFC 1863
13 RCID_PATH / CLUSTER_ID. RFC 1863
14 MP_REACH_NLRI. Optional, Non-Transitive RFC 2283, RFC 2858
15 MP_UNREACH_NLRI. Optional, Non-Transitive RFC 2283, RFC 2858
16 EXTENDED COMMUNITIES
17 NEW_AS_PATH.
18 NEW_AGGREGATOR.
19 SSA, SAFI Specific Attribute.
20 Connector Attribute.
255 Reserved.
As shown in the table above, each path attribute falls in one of the four categories:
in every BGP UPDATE message packet, and must be processed by each BGP neighbor
receiving it.
neighbor, but they may or may not be sent in the BGP UPDATE message packet. i.e. these
attributes are optional attributes for the sender to include in the packet, but mandatory
for the receiver to process them when it is received.
NLI'S CCIE IPV6 LAB GUIDE
110
If these attributes are contained in the UPDATE packet, but not recognized by the
receiver, it should be passed onto the next AS.
implementations. If the attributes are contained in the UPDATE packet, the receiver does
not have to pass it on and can ignore the attributes.
BGPV4 SUPPORT FOR IPV4
All though IPv4 uses all the BGP attributes for path selection, there are only 3 attributes which are
truly IPv4 specific:
NEXT_HOP attribute
AGGREGATOR attribute
NLRI
This is shown in the highlighted attributes (in red) in the UPDATE packet below:
BGPv4 UPDATE packet
This is basically the metrics used by BGP to decide on the
best route.
1. ORIGIN
2. AS_PATH
3. NEXT_HOP
4. MULTI-EXIT-DISC
5. LOCAL-PREF
6. ATOMIC-AGGREGATE
7. AGGREGATOR
8. COMMUNITY
9. ORIGINATOR_ID
10. CLUSTER_LIST
NLRI - Network Layer Reachability Information is
composed of :
Only one NLRI is included in the UPDATE packet,
although there may be multiple AS_PATH attributes
Total number of routes that are being withdrawn from the
BGP table. When this is value is zero, then no routes are
being withdrawn
The actual routes which are being withdrawn
NLI'S CCIE IPV6 LAB GUIDE
111
BGPV4 SUPPORT FOR IPV6
BGP attributes 14 and 15 are used to support IPv6 addressing. This is shown in the highlighted
attributes (in red) in the UPDATE packet below:
BGPv4 UPDATE packet
This is basically the metrics used by BGP to decide on the
best route.
1. ORIGIN
2. AS_PATH
3. NEXT_HOP
4. MULTI-EXIT-DISC
5. LOCAL-PREF
6. ATOMIC-AGGREGATE
7. AGGREGATOR
8. COMMUNITY
9. ORIGINATOR_ID
10. CLUSTER_LIST
14. MP_REACH_NLRI
15. MP_UNREAH_MLRI
NLRI - Network Layer Reachability Information is
composed of :
Only one NLRI is included in the UPDATE packet,
although there may be multiple AS_PATH attributes
Total number of routes that are being withdrawn from the
BGP table. When this is value is zero, then no routes are
being withdrawn
The actual routes which are being withdrawn
If you look at the BGP path attribute table- Multiprotocol-reachable NLRI (MP_REACH_NLRI)
and Multiprotocol-unreachable NLRI (MP_UNREACH_NLRI) are
attributes, i.e. a BGP router that does not recognize these attributes can quietly ignore the
UPDATE packet and not advertise the information to its peers.
NLI'S CCIE IPV6 LAB GUIDE
112
MP_REACH_NLRI ATTRIBUTE
As the name suggests, this attribute describes a list of reachable subnets and the next hop BGP peer
to reach those subnets.
This attribute consists of the following fields:
Address Family Information, which is always set to - 2 to indicate IPv6 address
Next Hop Information - This can either be a global IPv6 address or link-local address
s) and their length (subnet masks) that be
reached.
MP_UNREACH_NLRI ATTRIBUTE
As the name suggests, this attribute describes a list of unreachable subnets, and the next hop
address.
This attribute consists of the following fields:
Address Family Information, which is always set to - 2 to indicate IPv6 address
Next Hop Information - This can either be a global IPv6 address or link-local address
s) and their length (subnet masks) that be
reached.
NLI'S CCIE IPV6 LAB GUIDE
113
CISCO IPV6ROADMAP
CISCOIPV6 IOS ROADMAP
In June 2000, Cisco Systems announced a three-phase Cisco IOS IPv6 Software roadmap. In May
2001, the first commercial release of Cisco IOSSoftware Release 12.2T train integrated IPv6,
followed by Cisco IOS Software Release 12.0S support on Cisco 12000 Series routers to enable
integration of the new Internet protocol on core infrastructures. In 2003, the availability of Cisco
IOS 12.3 Mainline, 12.3T, and 12.2S releases enabled IPv6 production deployment for all Cisco-
based networks (see below).
Cisco IOS Software Release 12.3M General production
Cisco IOS Software Release 12.3T Technology development
Cisco IOS Software Release 12.3B Broadband access
Cisco IOS Software Release 12.0S Service provider infrastructure
Cisco IOS Software Release 12.2S
and its derivatives
Service provider and enterprise infrastructure
including Layer 3 switches
Service provider and enterprise infrastructure including Layer 3 switches
Note that there no new IPv6 features is added to the Cisco IOS Software release 12.3M. Before
deploying one of these two releases it is important to determine whether all prerequisite IPv4,
IPv6, or MPLS services are present to support a given hardware and environment.
As the three-phase program is nearly completed and in CY04, Cisco IOSSoftware developments
are focused on creating additional IPv6 features and innovations as indicated below:
Services IPv6 X X X X
IPv6 addressing architecture X X X X
IPv6 anycast addressing X X
Internet Control Message Protocol
Version 6 (ICMPv6), including
redirect, duplicate address
detection, and rate limiting
X X X X
Neighbor discovery, including
static cache entries
X X X X
IPv6 stateless autoconfiguration X X X X
Maximum transmission unit X X X X
NLI'S CCIE IPV6 LAB GUIDE
114
(MTU) path discovery for IPv6
IPv6 standard and extended access
control list (ACL)
X X X X
First hop redundancy protocols CY05 CY05
Netflow IPv6 record CY05 X
IPSec site-to-site CY05 CY05
Cisco vendor-specific attribute
(VSA) IPv6 AAA
CY04 X X
RADIUS IPv6 AAA CY04 X
DHCP for IPv6 prefix delegation CY05 CY04 X
Stateless DHCPv6 CY04 X
DHCPv6 relay CY04 CY04
DNS lookups over an IPv4
transport
X X X X
DNS lookups over an IPv6
transport
X X X X
Cisco IPv6 MIBs X X X X
Simple Network Management
Protocol (SNMP) over IPv6
X CY05 CY05
Secure Shell (SSH) Protocol
support over IPv6
X X X X
Ping, traceroute, Trivial file
Transfer Protocol (TFTP), HTTP
over IPv6
X X X X
Multicast IPv6 multicast X X X
IPv6 multicast over IPv4 tunnels X X X
IPv6 multicast over IPv6 tunnels CY04 X
Multicast Listener Discovery
(MLD) protocol, versions 1 and 2
X X X
MLD access group X CY04 X
Protocol Independent Multicast
(PIM) sparse mode (PIM-SM)
X X X
PIM source-specific mode
(PIM SSM)
X X X
PIM-embedded rendezvous point
(RP) support
X CY04 X
PIM Bi-Directional CY04 CY04 X
NLI'S CCIE IPV6 LAB GUIDE
115
Static RP configuration X X X
Multicast scope boundaries X X X
IPv6 static multicast routing
(mroute) for IPv6
X CY04 X
IPv6 multicast address family
support for multiprotocol Border
Gateway Protocol (BGP)
X CY04 X
Reverse Path Forwarding (RPF)
flooding of bootstrap router (BSR)
packets
X CY04 X
IPv6 PIM accept register X CY04 X
Routable address hello option X CY04 X
Tunneling IPv6 manually configured tunnels X X X X
IPv6 over IPv4 generic routing
encapsulation (GRE) tunnels
X X X X
Automatic 6to4 tunnels for IPv6 X X X X
Automatic IPv4-compatible
tunnels
X X X X
Intra-Site Automatic Tunnel
Addressing Protocol (ISATAP)
tunnels
X X X
IPv4 over IPv6 tunnels CY04 X
IPv6 over IPv6 tunnels CY04 X
GRE over IPv6 tunnels CY04 X
IPv6 over L2TPv3 on Cisco 12000
Series
X
Data Link
Layer
Protocols
ATM permanent virtual
connection (PVC) and ATM LAN
Emulation (LANE)
X X X X
CDP IPv6 address support for
neighbor information
X X X
Ethernet, Fast Ethernet, Gigabit
Ethernet, and 10 Gigabit Ethernet
X X X X
VLANs using Inter-Switch Link
and IEEE 802.1Q encapsulation
X X X X
Fiber Distributed Data Interface
(FDDI)
X X X
Frame Relay PVC X X X X
NLI'S CCIE IPV6 LAB GUIDE
116
Cisco High-Level Data Link
Control (HDLC)
X X X X
Point-to-Point Protocol (PPP)
over packet over SONET, ISDN,
and serial (synchronous and
asynchronous) interface types
X X X X
Point-to-Point Protocol over ATM
(PPPoA)
CY04 X X
Point-to-Point Protocol over
Ethernet (PPPoE)
CY04 X X
Routed bridged encapsulation
(RBE)
CY04 X
Dynamic Packet Transport (DPT) X CY04
Routing
Protocols
Static routes X X X X
Routing Information Protocol
(RIP) for IPv6
X X X X
Integrated Intermediate System-
to-Intermediate System (IS-IS)
Protocol for IPv6
X X X X
Multitopology IS-IS for IPv6 X X X X
Open Shortest Path First (OSPF)
Protocol for IPv6
X X X X
OSPF for IPv6 authentication
support with IPSec
CY05 X
Enhanced Interior Gateway
Routing Protocol (EIGRP) for IPv6
CY05 CY04
Multiprotocol BGP extensions for
IPv6, including link-local address
peering
X X X X
IPv6 policy-based routing CY04 X
Route redistribution X X X X
QoS Differentiated Services (DiffServ)
Modular QoS (MQC)
CY04 CY04 X X
Ipv4-ipv6
Translation
Services
NAT Protocol translation X X
NAT-PT support for overload X
NAT-PT support for Domain X X
NLI'S CCIE IPV6 LAB GUIDE
117
Name System (DNS) Application
Layer Gateway (ALG)
NAT-PT support for FTP ALG X
NAT-PT support for fragmentation X
Switching
Services
Cisco Express
Forwarding/distributed Cisco
Express Forwarding switching for
IPv6
X X X X
IPv6 Provider Edge Router over
MPLS (6PE)
X X X X
IPv6 VPN over MPLS (6VPE) CY05
Mobility Mobile IPv6 Home Agent CY05
Mobile router CY05
12.3T IPV6FEATURE OVERVIEW
The following shows an overall of the new IPv6 features included in 12.3T
Figure 63 - Figure: Courtesy of Cisco - IOS Roadmap
NLI'S CCIE IPV6 LAB GUIDE
118
CISCOHARDWARE
Cisco IPv6 solutions are packaged in a feature set that is supported on specific platforms and
applications packages. On Cisco IOS Software platforms, Cisco Feature Navigator
Dynamically updates the list of supported platforms as new platform and features support are
added.
IPv6 services are part of Cisco IOS Software releases, and any router that runs IPv6 must conform
to the minimum memory size required by the selected Cisco IOS Software release and feature set.
As on IPv4, high-end routers and Layer 3 switching may implement assisted hardware acceleration
for IPv6. Cisco devices that benefit from IPv6 hardware forwarding are indicated in table below.
Not all hardware supports all features. Consult the release notes to determine which
hardware platform receives features from a particular IOS release train.
Cisco 12000
Series
Now Yes
Cisco 10720
Series
Now Yes
Cisco 10000
Series
CY04 Yes With PRE-2
Cisco 7600
Series
Now Yes With Supervisor Engine 720 and
720-3BXL
Cisco 7500
Series
Now
Cisco 7304 Now
Cisco 7301 Now
Cisco 7200
Series
Now
Cisco AS5850 CY04
Cisco AS5400 Now
Cisco AS5350 Now
Cisco 4000
Series
End of Life
Cisco 3700
Series
Now
Cisco 3600
Series
Now Refer to Product Bulletin 1975 on
Cisco 3620
Cisco 3200
Series
Now Mobile Router IPv6 in CY05
Cisco 2600 Now Refer to Product Bulletin #1975 for
NLI'S CCIE IPV6 LAB GUIDE
119
Series non-XM Cisco 2600 (but 2691)
Cisco 2500
Series
Now Limited support from Cisco IOS
Software Release 12.2T
Cisco 1700
Series
Now
Cisco 830 Series Now Beginning on 12.3(4)XG release
Cisco Catalyst
6500 Series
Now Yes With Sup720 and 720-3BXL
Cisco Catalyst
4500 Series
Q2
CY04
Yes HW FW in late CY05
Cisco Catalyst
3750 Series
Q3
CY04
Yes Software availability scheduled in
CY05
LAYER 2SWITCHES
IPv6 traffic forwarding does not impact Layer 2 LAN switches, since these devices do not need to
look at the Layer 3 header to forward an IPv6 frame; thus IPv6 hosts can be transparently attached
to the following Cisco products:
NLI'S CCIE IPV6 LAB GUIDE
120
IPV6 SECURITY FEATURES
Below are some of the IPv6 Security features available:
Cisco IOS Software standard ACL Now
Cisco IOS Software extended ACL including option header filtering Now
Packet
filtering
Cisco IOS Software reflexive ACL Now
Cisco IOS IPv4 IPsec to protect Configured, 6to4 tunnels Now IPv6 over
IPv4
tunnels
protection
IPv6 over Cisco VPN client IPv4 IPSec tunnels Now
OSPFv3 authentication on Cisco IOS Software Now
Site-to-site tunnel H2 CY04
IPv6 IPSec
Mobile IPv6 authentication H1 CY05
Cisco IOS Software IPv6 firewall Now
Cisco PIX Firewall H1 CY04
Firewall
Cisco Catalyst 6500/7600 Series Firewall Services Module (FWSM) CY04
IPv6 packet flow control and analysis, access control packet protocol
decode analysis via network access module (NAM) and Real-Time
Monitor (RTM)
Now
CiscoWorks Access Control List Manager (ACLM) and CiscoSecure
Access Control Server (ACS)
H2 CY04
Configuration and control of security features of IPv6-capable
devices CiscoWorks VPN/Security Management Solution (VMS)
Configuration tools
H2 CY04
Security
applications
Security monitoring of IPv6 networks H2 CY04
VMS
monitoring
tools
CiscoWorks QoS Policy Manager (QPM) H1 CY05
NLI'S CCIE IPV6 LAB GUIDE
121
IPV6 NETWORK MANAGEMENT FEATURES
Below are some of the IPv6 network management features available:
Cisco-IP and Cisco-IP-
Forwarding MIB
Cisco IOS
Software
Now Based on early IETF draft. Will get aligned on
public draft when available.
SNMP over an IPv6
network layer
Cisco IOS
Software
Now On Cisco 12000 series only, later on other
Cisco IOS release trains
NetFlow IPv6 record Cisco IOS
Software
Now On Cisco IOS 12.3T release train, later on other
Cisco IOS release trains
NetFlow Collector to
manage NetFlow IPv6
record
NFC 5.x Now
IPv6 traffic monitoring Catalyst 6500
NAM module
Now Refer to product bulletin no. 2170.
IPv6 management using
IPv4 transport
Cisco NMA H1
CY04
Enable IPv6 management functionality using
SNMP over IPv4 transport on dual stacks.
IPv6 management over
either IPv4 or IPv6
transport
Cisco NMA H1
CY05
This phase will add support for SNMP,
SSH/Telnet over IPv6 transport. The IPv4 stack
will still be required on the CiscoWorks
management server.
Support for a "native"
IPv6 Transport
Cisco NMA H2
CY05
In addition to supporting a v4/v6 dual stack
network, this phase will also support a "native"
IPv6 transport, with norequirement for IPv4
stacks anywhere in the network or in the
CiscoWorks management servers. This phase
will include support for HTTP/SSL over IPv6.
NLI'S CCIE IPV6 LAB GUIDE
122
IPV6 INTEGRATION & COEXISTENCE WITHIPV4
INTRODUCTION
We are still in the very early stages of IPv6 deployment. As of 2005, there are very few IPv6
applications and services in the market. As a result, there is still initial focus on migration and
transition techniques required for deploying IPv6 from IPv4. The momentum of IPv6 in the
market place is shown by the following curve known as the . This
model classifies adopters of innovation into various categories, based on the idea that certain
individuals are more open to change of new ideas and products than others.
Figure 64 - Innovation Adoption Curve
of gaining acceptance
in the market place. However, although the success of IPv6 will depend ultimately on the
availability of applications that run IPv6, a very key part of IPv6 is its ability to integrate and
coexist with existing IPv4 networks.
The phase of the above model shows that, certain people will only accept change when
IPv6 becomes a mainstream idea. As a result, it is expected that IPv4 and IPv6 networks will
coexist for a very long time.
The following tries to show a rough timeline on how IPv6 deployment will grow:
- Brave people, pulling the change. Innovators are very important communication.
- Respectable people, opinion leaders, try out new ideas, but in a careful way.
- Thoughtful people, careful but accepting change more quickly than the average.
- Skeptic people, will use new ideas or products only when the majority is using it.
- Traditional people, caring for the "old ways", are critical towards new ideas and will only
accept it if the new idea has become mainstream or even tradition.
NLI'S CCIE IPV6 LAB GUIDE
123
Q1
1996 - 2001
2002 2003 2004 2005 2006
2007 - 2010
Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q1 Q2 Q2 Q3 Q3 Q4 Q4
Early Adopters
Application Port <= Duration 3+ Years =>
ISP Adoption <= Duration 3+ Years =>
Consumer Adoption <= Duration 5+ Years =>
Enterprise Adoption <= Duration 5+ Years =>
IPv6 Transition
IPV6 DEPLOYMENT PLANNINGASSUMPTIONS
In order to deploy IPv6 in your network, there are a number of assumptions that you will need to
be aware of:
- IPv4 is here to stay here for some time. Therefore, you will not be
celebrating this for some time, maybe years.
transition from IPv4 to IPv6 will take years, depending on the size of the network.
from an IPv4 to IPv6 network. Hopefully, it stays that way!
before moving to an IPv6 network completely.
With such assumptions in your mind, now you can start to think about planning to deploy IPv6.
IPV6 TRANSITIONPLANNING
You may be thinking:
Hopefully, the following will help you answer each of these questions.
NLI'S CCIE IPV6 LAB GUIDE
124
HOWDO I START?
When starting to plan for an IPv6 network, a will need to be developed. By not
planning, you are planning to fail! This is probably the most important of all transition steps. The
following highlights some of the major points which you will need to consider in your master plan
(they are in no particular order):
1.
to be upgraded to a newer model, as it may not have the CPU processing power in order
to load the IPv6 software. Refer to the previous chapter for matrix on Cisco platforms
which have IPv6 available, however, check Cisco website for updates.
2.
you will need to assess whether your network has adequate memory. In order to perform
this step, you will need to take inventory of your networking equipment to ensure DRAM
and flash requirements are met. Check Cisco website for updates on code memory
requirements.
3.
Refer to previous chapter for matrix on Cisco IOS IPv6 Roadmap. Always consider new
features to be implemented. Check Cisco website for updates on IPv6 IOS Roadmap. Pay
particular attention to how deploying IPv6 would interact with already deployed features
on your network e.g.QOS, VOIP, multicast etc.
4.
Therefore, you will have to work with your network management software suppliers to
get new updates for monitoring your IPv4/IPv6 network. Refer to the previous chapter for
Cisco IOS Roadmap for IPv6 network management features.
5.
upgrade to IPv6 ACLs, IPv6 NAT, firewall software to include IPv6 feature set, upgrade
IDS feature set. Inform you security department to lookout for new IPv6 software
vulnerabilities.
6.
existing core network application servers eg. DNS servers, DHCP servers, Proxy servers,
Load balancing servers, etc.
7.
order to move to a new network, will need to be considered. You will need to account
ementing and Monitoring labor costs.
8.
software and the costs involved in upgrade the operating system.
9. s within your transition budget.
10. , we know that IPv6 addressing
space is abundant. However, the recommendation is to learn from lessons in deploying
IPv4 addresses and develop a formalized planfor IPv6 addressing space in your network.
NLI'S CCIE IPV6 LAB GUIDE
125
Registry (IRRR) or getting it from your ISP.
11.
an IPv6 network will need to be included. This is described in more detail below.
12. - You will need to get buy-in fromthe different user departments. Try to
13.
ensure that it all comes together. If successful, include the findings of your pilot test plan
in your management presentation.
14. tion together. Include a Roadmap
which clearly highlights dates and the events.
WHERE DO I START?
To deploy IPv6, there are a number of strategies:
protocol area
However, the best recommended solution which Cisco recommends is:
The main reason this is the recommended strategy is because you will have more control over:
meeting the immediate needs of users
time to convert upgrade your network to IPv6
the deployment budget
The above strategy can be used for any sized network, i.e. whether you are a service provider, or
have an enterprise or small network.
WHEN DO I START?
This really depends on your network strategy and architecture. However, with all things being
equal, this will probably be determined by demand from users in your network and when they
want to start deploying IPv6 applications.
HOWDO YOUDO IT?
The good news is that, there are a number of strategies on how to transition from IPv4 to IPv6
with little or no disruption. As stated above, the key to deploying any strategy is to always start in
NLI'S CCIE IPV6 LAB GUIDE
126
the middle and work towards the core. This involves, running IPv4 and IPv6 coherently on your
network at the same time.
The four strategies are:
Tunneling IPv6 over IPv4 tunnels
IPv6 over dedicated links
IPv6 over MPLS backbone
IPv6 using dual-stack backbones.
The following will now describe each of these strategies in turn.
TUNNELING IPV6 OVER IPV4 TUNNELS
By using tunnels, it is possible to allow communication of isolated IPv6 networks, without having
to upgrade the IPv4 infrastructure between them. Tunnels are using by encapsulating IPv6 packets
into IPv4 packets to be delivered over an IPv4 infrastructure as shown in the diagram below.
Figure 65 - Tunneling IPv6 over IPv4 tunnels
As the above diagram shows, the tunnels can either be configured between the Dual-Stack routers
or between Dual-Stack routers and an IPv6 host. A Dual-Stack router is one, which supports IPv4
and IPv6 protocols.
Cisco IPv6 supports the following types of tunneling methodologies:
Manual
GRE
IPv4-compatible
6to4
ISATAP (Intra-Site Automatic Tunnel Addressing Protocol)
NLI'S CCIE IPV6 LAB GUIDE
127
The following table summarizes the differences between the various tunneling methods:
Manual Point-to-Point
tunnels between
sites.
The tunnel can
only carry Ipv6
data
ipv6ip IPv4 address IPv6 address
IPv4 address
GRE Point-to-Point
tunnels between
sites
As it is a GRE
tunnel, it can
carry IPv6, IS-
IS, and other
types of IPv4
data also
gre ip IPv4 address IPv6 address
IPv4 address
IPv4-
compatible
Point-to-Multipoint
tunnels
Uses a ::/96
prefix. This
tunnel type is
recommended
to be used
ipv6ip auto-
tunnel
Not required.
The interface
address is
generated
automatically
6to4 Point-to-Multipoint
tunnels
Uses IPv6
aggregatable
global unicast
addresses from
the range
2002::/16
ipv6ip 6to4 IPv6 address.
The prefix
must embed
the tunnel
source IPv4
address in
format
2002:IPv4::/96
ISATAP Point-to-Multipoint
tunnels
Any IPv6
address can be
used any
unicast address
range
ipv6ip isatap
IPv4 address
or reference
to an
interface on
which IPv4
is
configured
As these
tunnels are
deployed as
point-to-
multipoint,
the
destination
address is
not needed
as it is
calculated
on a per-
packet basis
depending
on the
destination
IPv6 address
IPv6 prefix in
modified EUI-
64 format. The
IPv6 address is
generated from
the tunnel
source IPv4
address
The following will now describe each of the above methods in further detail.
128
Router 2
IPv4
Backbone
Dual Stack Router
Dual Stack Router
Dual Stack Router
IPv6 Domain
IPv6 Domain
Router 1
Router 3
IPv6 Domain
`
Dual Stack Host
Figure 66 - Manual Tunneling
Figure 67 IPv6 packet through dual stack router for Manual Tunnel
129
Router 2
IPv4
Backbone
Dual Stack Router
Dual Stack Router
Dual Stack Router
IPv6 Domain
IPv6 Domain
Router 1
Router 3
IPv6 Domain
Figure 68 GRE Tunnel
NLI'S CCIE IPV6 LAB GUIDE
130
GRE has a special field in the protocol which allows it to distinguish the data it is carrying.
Therefore, GRE tunnels are not tied to a specific passenger or transport protocol, and carry IPv6
packets as the passenger protocol. The original IPv6 packet is not modified in any way.
Data IPv6 Header GRE Header
(24 bytes)
IPv4 Header
(20 bytes)
Data IPv6 Header GRE Header
(24 bytes)
IPv4 Header
(20 bytes)
Tunnel IPv6 In GRE
Data IPv6 Header IPv4 Header
(20 bytes)
Data IPv6 Header IPv4 Header
(20 bytes)
IPv6 Packet
Figure 69 - IPv6 packet through dual stack router for GRE Tunnel
As illustrated in the above figure, and similar to the manual configuration, as the GRE tunnels are
configured in a hub-spoke topology if packets from Router3 need to travel to Router2, it has to
traverse through Router1. If the packets need to travel directly, another GRE tunnel will need to
be configured between Router3 and Router2.
The advantage of using GRE has an encapsulating method is, that it is flexible enough to carry
other types of data than cannot travel of an IPv4 backbone eg. Intermediate System-to-
Intermediate System (IS-IS), or routing protocol through firewalls etc.
C) 6TO4 TUNNEL
Up to now the tunnel methods connecting IPv6 domain have been built using pre-configured
point-to-point configurations. The key difference between 6to4 tunnels and manually configured
tunnels it is not point-to-point; it is point-to-multipoint. 6to4 tunnels are created automatically.
NLI'S CCIE IPV6 LAB GUIDE
131
IPV6SECURITY
IOS CODETO IMPLEMENT IPV6 SECURITY
The following tables highlights the minimum code necessary to implement the various IPv6
security features on any IOS platform
Feature Minimum Required Cisco IOS Release
by Release Train
Standard access control lists 12.2(2)T, 12.0(21)ST, 12.0(22)S, 12.2(14)S, 12.3, 12.3(2)T
Extended access control lists
1
12.0(23)S, 12.2(13)T, 12.2(14)S, 12.3, 12.3(2)T
IPv6 IPSec to Authenticate OSPFv3 12.3(4)T
IPv6 IOS Firewall 12.3(7)T
IPv6 FTP Firewall inspection 12.3(11)T
IPV6 ACCESS-LISTS
Just like in IPv4 access-lists are used to filter and restrict traffic, IPv6 access-lists work in exactly
the same manner. The following shows the main characteristics of :
IPv6 Standard ACLs - These are more like IPv4 extended ACLs are extremely powerful.
There is no IPv4 equivalent of standard ACL in IPv6. Their format is:
o Source IPv6 Prefix / Prefix-Length - Even though this is a standard ACL the
source prefix and length are mandatory.
o Destination IPv6 Prefix / Prefix-Length - Typically in IPv4 the standard ACL is
filtered on the destination host or subnet only and no source host or subnet is
defined)
o numbered ACLs can be used and only named access-lists are allowed.
o The keyword when specified for the either the Source IPv6 Prefix / Prefix-
Length or Destination IPv6 Prefix / Prefix-Length, matches any prefix and is
equivalent to configuring any host i.e. IPv6 prefix ://0
o Filtering on routing updates and upper layer protocols can be performed. This is
similar to IPv4 extended ACLs
o Implicit Deny at the end of the ACL
o Traffic Filter command is used to apply the ACL either Inbound or Outbound to a
specific interface
NLI'S CCIE IPV6 LAB GUIDE
132
The following shows the comparison in standard access-list formats in IPv4 and IPv6
to only permit host 10.1.1.2 and applying it to interface f0/0:
access-list 10 remark <<IPv4 Standard ACL>>
access-list 10 permit host 10.1.1.2
!
Interface FastEthernet0/0
ip access-group 10 in
ipv6 access-list <<Standard_ACL>>
permit any 2001::A:1:1:2/64
!
Interface FastEthernet0/0
ipv6 traffic-filter Standard_ACL in
IPv6 Extended ACLs - These are configured with exactly the same format as IPv4
extended ACLs:
o
o
subnet
o numbered ACLs can be used and only named access-lists are allowed.
o The keyword when specified for the either the Source IPv6 Prefix / Prefix-
Length or Destination IPv6 Prefix / Prefix-Length, matches any prefix and is
equivalent to configuring any host i.e. IPv6 prefix ://0
o Filtering on routing updates and upper layer protocols can be performed. This is
similar to IPv4 extended ACLs
o Implicit Deny at the end of the ACL
o Traffic Filter command is used to apply the ACL either Inbound or Outbound to a
specific interface
The following shows the comparison in extended access-list formats in IPv4 and IPv6
to only permit tcp port 123 from host 10.1.1.1 to host 10.1.1.2 and applying it to
interface f0/0:
access-list 101 remark <<IPv4 Extended ACL>>
access-list 10 permit tcp host 10.1.1.1 host 10.1.1.2 eq 123
!
Interface FastEthernet0/0
ip access-group 101 in
ipv6 access-list <<Extended_ACL>>
permit tcp host 2001::10:1:1:1 host 2001::10:1:1:2 eq 123
!
Interface FastEthernet0/0
NLI'S CCIE IPV6 LAB GUIDE
133
ipv6 traffic-filter Extended_ACL in
In both types of ALCs, there is an implicit permit rule to allow neighbor discovery messages
between directly connected routers. This is equivalent to the following syntax:
permit icmp any any nd-na
permit icmp any any nd-ns
deny ipv6 any any
NLI'S CCIE IPV6 LAB GUIDE
134
CONFIGURING IPV6
INTRODUCTION
The following labs are to give you practice on configuring multicast from a basic to an advanced
level to pass the CCIE labs successfully.
LABS STRUCTURE
The labs are structured in the following logical approach:
Basic IPv6
Configuring IPv6 using Routing Protocols
Advanced IPv6 configuration
EQUIPMENT REQUIRED
The labs have been designed for ease of use and with the least amount of equipment, without
compromising the technicality of any of the labs.
The following equipment will be required to complete all the labs (Also reference )
1 x 3550 Switch - 24 port
6 x 2621 with two Fast Ethernet ports
Ensure that the routers have any T enabled code after . 12.2T will be work, but earlier
versions of it have very limited commands and you will have difficulty completing all the labs in
this book.
PRACTICING THE LABS
Just like the real exam, where each section is a small lab, these labs have been designed as mini-
labs in their own right. The labs have been designed to cover the major areas of the syllabus to pass
the CCIE lab successfully.
To master the concepts, we would recommend the following approach:
Read through all the labs first
Attempt them once slowly and make sure your answers match with that in the solution
Practice, Practice and Practice all the labs over again.
Highlight your weak areas, and then practice those labs again.
Lastly, GOOD LUCK!
NLI'S CCIE IPV6 LAB GUIDE
135
ENABLING BASIC IPV6 ON A ROUTER
1. Enable IPv6 on Router1.
2. Test your configuration to ensure that IPv6 has been enabled on the router.
NLI'S CCIE IPV6 LAB GUIDE
136
ANSWER
To enable routing, command is used. Similarly, to enable IPv6 routing on a router, enter
the global command: . By default, IPv6 addresses are not configured, and IPv6
routing is disabled. If this command is not entered globally, the rest of the IPv6 interface
commands will be enabled.
However, by just enabling does not do much. IPv6 still needs to be configured
on each of the interfaces on the router.
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router1
!
!
no ip domain lookup
!
ip multicast-routing
ipv6 unicast-routing
!
fax interface-type fax-mail
mta receive maximum-recipients 0
!
interface FastEthernet0/0
no ip address
ip pim sparse-dense-mode
speed 100
full-duplex
!
interface FastEthernet0/1
no ip address
ip pim sparse-dense-mode
NLI'S CCIE IPV6 LAB GUIDE
137
duplex auto
speed auto
!
ip http server
no ip http secure-server
ip classless
!
line con 0
exec-timeout 60 0
logging synchronous
line aux 0
exec-timeout 60 0
logging synchronous
line vty 0 4
exec-timeout 60 0
logging synchronous
login
NLI'S CCIE IPV6 LAB GUIDE
138
ENABLE ONLYIPV6 ADDRESS ON AN INTERFACE
1. Without configuring any address, configure
interface.
2. Check your configuration to ensure that link-local address has been configured correctly.
NLI'S CCIE IPV6 LAB GUIDE
139
ANSWER
Configuring automatically configures link-local ip
By default, this command is disabled.
NLI'S CCIE IPV6 LAB GUIDE
140
CONFIGURINGIPV6 ADDRESS ON ANINTERFACE
1.
a. Aggregatable global addr
b.
c.
3. Check your configuration to ensure that each of these address were accurately configured.
4. Ensure the multicast solicited addresses are accurate also.
NLI'S CCIE IPV6 LAB GUIDE
141
ANSWER
Aggregatable global unicast addresses have a Format Prefix of 001 i.e. the address always starts
with .
As soon as the aggregatable address is configured, a link-local address is automatically
configured.
NLI'S CCIE IPV6 LAB GUIDE
142
NLI'S CCIE IPV6 LAB GUIDE
143
Site-local unicast addresses have a Format Prefix of 1111 1110 11 i.e. the address always starts with
ed, after a site-local address is configured
As soon as the site-local address is configured, a link-local address is automatically
configured.
NLI'S CCIE IPV6 LAB GUIDE
144
A Link-Local unicast addresses has a Format Prefix of 1111 1110 10. (FE80::/64). There are two
ways to configure the link-local address:
Router automatically generate the link-local address using the command
Manually configure a link-local address as stated in the question:
FE80:0:0:0:0123:0456:0789:0ABC
By using the key-word is used to override the default link-local address assigned by the
router.
The router has collapsed the by using notation.
NLI'S CCIE IPV6 LAB GUIDE
145
However, this time as the link-local address has been manually configured, the solicited-
node address has changed from (which was from the automatically generated
link-local address), to (the manually configured link-local address).
NLI'S CCIE IPV6 LAB GUIDE
146
MANUALLY CONVERTINGROUTER S MAC ADDRESS TO EUI-64 ADDRESS
1. mac address to EUI-64 address.
2. Enable IPv6 address on fe0/0 without configuring an IPv6 address under interface f0/0.
3.
NLI'S CCIE IPV6 LAB GUIDE
147
ANSWER
The following shows how to convert a routers Mac address into EUI-64 address:
0 0 0 7 5 0 2 1 a 2 a 0
0000 0000 0000 0111 0101 0000 0010 0001 1010 0010 1010 0000
IEEE administered company ID Manufacturer selected ID
0000 0000 0000 0111 0101 0000 0010 0001 1010 0010 1010 0000
0000 0000 0000 0111 0101 0000 1111 1111 1111 1110 0010 0001 1010 0010 1010 0000
0000 00 0 0000 0111 0101 0000 1111 1111 1111 1110 0010 0001 1010 0010 1010 0000
0 2 0 7 5 0 F F F E 2 1 A 2 A 0
NLI'S CCIE IPV6 LAB GUIDE
148
: The reason the address starts with FE80, is because when you enable ipv6 on the interface
with the command , the router will automatically generate a link-local address. A
Link-Local unicast addresses has a Format Prefix of 1111 1110 10. (FE80::/64).
The Router automatically takes the Ethernet-mac address, and converts it into an EUI-64 address
to produce a link-local address of FE80::207:50FF:FE21:A2A0. This should match your calculation
in Step 6.
NLI'S CCIE IPV6 LAB GUIDE
149
CONFIGURINGIPV6 ADDRESS ON ANINTERFACE USING EUI-64
1.
a. Aggregatable global addr
b.
2. Check your configuration to ensure that each of these address were accurately configured.
3. Ensure the multicast solicited addresses are accurate also.
NLI'S CCIE IPV6 LAB GUIDE
150
ANSWER
When using EUI-64 format, it is important to specify the higher order prefix i.e. /64, and the
router will compute the lower 64 bits using the interface MAC address and convert it to an EUI-64
format.
The EUI-64 be specified for aggregatable global and site-local address. It
be defined for link-local addresses.
Aggregatable global unicast addresses have a Format Prefix of 001 i.e. the address always starts
with .
As soon as the aggregatable address is configured, a link-local address is automatically
configured.
The router has added the EUI-64 address to the aggregatable global IPv6 address. Also, the
interface has only joined multicast solicited-node address.
NLI'S CCIE IPV6 LAB GUIDE
151
Site-local unicast addresses have a Format Prefix of 1111 1110 11 i.e. the address always starts with
ed, after a site-local address is configured
As soon as the site-local address is configured, a link-local address is automatically
configured.
The router has added the EUI-64 address to the aggregatable global IPv6 address to the
site-local address.
NLI'S CCIE IPV6 LAB GUIDE
152
NLI'S CCIE IPV6 LAB GUIDE
153
CONFIGURINGIPV6 UNNUMBERED ADDRESS
1. Configure Tunnel 0 interface with link-local ip address of -FE80:0:0:0:0123:0456:0789:0ABC
2.
IPv6 address.
3. Check your configuration to ensure that the address was accurately assigned to interface f0/0.
4. Ensure the multicast solicited address is accurate also.
NLI'S CCIE IPV6 LAB GUIDE
154
ANSWER
Sometimes an interface may not require an IPv6 address, for example when creating a tunnel
interface. The IPv6 configured of an unnumbered interface is the same as an IPv4 configuration.
NLI'S CCIE IPV6 LAB GUIDE
155
CONFIGURINGIPV6 LOOPBACKINTERFACE
1. Configure Loopback0 interface with link-local ip address of -FE80:0:0:0:0123:0456:0789:0ABC
2. Check your configuration to ensure that the address was accurately assigned to interface
Loopback0.
3. Ensure the multicast solicited address is accurate also.
NLI'S CCIE IPV6 LAB GUIDE
156
ANSWER
NLI'S CCIE IPV6 LAB GUIDE
157
CONFIGURINGIPV6 CEF
1. Configure f0/0 interface with link-local ip address of -FE80:0:0:0:0123:0456:0789:0ABC
2. Configure IPv6 cef on the router globally and on the local interface f0/0.
3. Check your configuration to ensure that IPv6 CEF has been enabled on interface f0/0.
NLI'S CCIE IPV6 LAB GUIDE
158
ANSWER
In order to enable IPv6 CEF, IPv4 CEF needs to be enabled globally.
Like IPv4 CEF, CEFv6 is advanced Layer 3 IP switching technology that optimizes network
performance.
NLI'S CCIE IPV6 LAB GUIDE
159
NLI'S CCIE IPV6 LAB GUIDE
160
CONFIGURINGIPV6 ON ETHERNET LOCAL SUBNET
1. Configure your network as per the above diagram over a local Ethernet segment
2. Ensure that you are able to ping the IPv6 address of each router
3. Check your configuration to ensure that each router sees each other through neighbor
discovery.
NLI'S CCIE IPV6 LAB GUIDE
161
ANSWER
ssages being sent or received on the router
NLI'S CCIE IPV6 LAB GUIDE
162
.
*Mar 29 16:15:26.949 UTC: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEt
hernet0/0, changed state to up
!Router2 is now going to send a Neighbor Solicitation out of f0/0
*Mar 29 16:15:27.949 UTC: ICMPv6-ND: Sending NS for FE80::123:456:789:ABC on
FastEthernet0/0
!Router2 uses the local f0/0 to send out the neighbor solicitation message
*Mar 29 16:15:27.949 UTC: IPV6: source :: (local)
!The message is sent to the solicited scope address FF89:ABC which the prefix falls under
*Mar 29 16:15:27.949 UTC: dest FF02::1:FF89:ABC (FastEthernet0/0)
*Mar 29 16:15:27.949 UTC: traffic class 224, flow 0x0, len 64+16, prot 58, hops 255, originating
*Mar 29 16:15:27.949 UTC: IPv6: Sending on FastEthernet0/0
router2#
!Duplicate address detection is performed, i.e. as no other router on the same link has the same
address, Router2 determines that the link-local address is Unique.
*Mar 29 16:15:28.949 UTC: ICMPv6-ND: DAD: FE80::123:456:789:ABC is unique.
!Router2 received a ICMPv6 packet
*Mar 29 16:15:46.485 UTC: ICMPv6: Received ICMPv6 packet from FE80::123:456:789:ABB, type
134
!Router2 has determined that it has received a Router Advertisement message from Router1 on
f0/0
*Mar 29 16:15:46.485 UTC: ICMPv6-ND: Received RA from FE80::123:456:789:ABB on
FastEthernet0/0
NLI'S CCIE IPV6 LAB GUIDE
163
NLI'S CCIE IPV6 LAB GUIDE
164
NLI'S CCIE IPV6 LAB GUIDE
165
DUPLICATE ADDRESS DETECTION(DAD)
1. Configure your network as per the above diagram over a local Ethernet segment.
2. Ensure that both routers have been configured with the same link-local interface IPv6 address.
3. Ensure the following debug commands are turned on to see the results of your configuration:
a. Debug ipv6 icmp
b. Debug ipv6 nd
c. Debug ipv6 packet
4. Check your configuration to see the results of your configuration.
NLI'S CCIE IPV6 LAB GUIDE
166
ANSWER
The duplicate address process is described as below:
5. Interface is initialized.
6. The node sends out a NS message with the tentative IPv6 address as the target. The source
field is the unspecified address ( ).
7. If a neighbor on the same local-link is already assigned that address receives the message,
it sends a NA message back. The destination address of the message is i.e. multicast
address all nodes on the local-link. The reason for using the multicast address, is that the
sender of the NS message cannot use the address until the duplication detection process is
over.
8. The source node will disable use of the duplicate address on the interface and wait for the
interface to be configured manually with an alternative IPv6 address.
If no duplicate address was detected, the interface initialization process is complete, and the use of
that IPv6 address is assigned as the link-local address of the interface.
NLI'S CCIE IPV6 LAB GUIDE
167
!Router2 will send out a neighbor advertisement message to solicitated scope address of FF89:AB
*Mar 29 16:57:28.065 UTC: ICMPv6-ND: Sending NS for FE80::123:456:789:ABB on
FastEthernet0/0
*Mar 29 16:57:28.065 UTC: IPV6: source :: (local)
*Mar 29 16:57:28.065 UTC: dest FF02::1:FF89:ABB (FastEthernet0/0)
*Mar 29 16:57:28.065 UTC: traffic class 224, flow 0x0, len 64+16, prot 58, hops 255, originating
*Mar 29 16:57:28.065 UTC: IPv6: Sending on FastEthernet0/0
!Router2 receives a message from Router1 that it has the same address
*Mar 29 16:57:28.065 UTC: ICMPv6: Received ICMPv6 packet from FE80::123:456:789:ABB, type
136
*Mar 29 16:57:28.065 UTC: ICMPv6-ND: Received NA for FE80::123:456:789:ABB on Fa
stEthernet0/0 from FE80::123:456:789:ABB
!Router2 runs the duplicate address check and detects that its link-local address is the same as
state.
*Mar 29 16:57:28.065 UTC: ICMPv6-ND: DAD: duplicate link-local FE80::123:456:789:ABB on
FastEthernet0/0,interface stalled
*Mar 29 16:57:28.065 UTC: %IPV6-4-DUPLICATE: Duplicate address FE80::123:456:789
:ABB on FastEthernet0/0
NLI'S CCIE IPV6 LAB GUIDE
168
DUPLICATE ADDRESS DETECTION(DAD) OPTIONS
1. Configure your network as per the above diagram over a local Ethernet segment.
2. Ensure that both routers have been configured with the same link-local interface IPv6
address.
3. Configure Router1 to disable
4. Ensure the following debug commands are turned on to see the results of your
configuration:
a. Debug ipv6 icmp
b. Debug ipv6 nd
c. Debug ipv6 packet
5. Check your configuration to see the results of your configuration.
NLI'S CCIE IPV6 LAB GUIDE
169
ANSWER
Default Address Detection is 1 message being sent when an interface is initialized.
NLI'S CCIE IPV6 LAB GUIDE
170
IPV6 FRAME-RELAY POINT-TO-POINT CONFIGURATION
1. Configure your network as per the above diagram over a local Ethernet segment.
2. Ensure that both routers have been configured with the correct IPv6 address.
3.
4. Do not use frame-relay inverse arp.
5. Test your configuration by ensuring that the two routers can ping each other.
NLI'S CCIE IPV6 LAB GUIDE
171
ANSWER
As you can see below the configuration is extremely similar to an IPv4 frame-relay point-to-point
configuration.
NLI'S CCIE IPV6 LAB GUIDE
172
NLI'S CCIE IPV6 LAB GUIDE
173
IPV6 FRAME-RELAY FULL MESH CONFIGURATION
1. Configure your network as per the above diagram over a local Ethernet segment.
2. Ensure that all routers have been configured with the correct IPv6 address.
3.
4. Do not use frame-relay inverse arp.
5. Test your configuration by ensuring that all the router can ping each other.
NLI'S CCIE IPV6 LAB GUIDE
174
ANSWER
As you can see below the configuration is extremely similar to an IPv4 frame-relay point-to-point
configuration.
NLI'S CCIE IPV6 LAB GUIDE
175
NLI'S CCIE IPV6 LAB GUIDE
176
NLI'S CCIE IPV6 LAB GUIDE
177
IPV6 STATIC ROUTES DIRECTLY ATTACHEDIPV6STATIC ROUTE
1. Configure your network as per the above diagram over a local Ethernet segment.
2. Ensure that all routers have been configured with the correct IPv6 address.
3. Configure only static routes, to ensure Router1 is able to ping Router3 and vice-versa.
4. Ensure no dynamic routing is configured on your network.
5. Test your configuration to ensure that the two routers can ping each other.
NLI'S CCIE IPV6 LAB GUIDE
178
ANSWER
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
username all
voice-card 1
!
voice-card 3
!
voice-card 4
!
voice-card 5
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
ipv6 cef accounting per-prefix
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 enable
ipv6 cef
!
ip http server
no ip http secure-server
ip classless
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
voice-card 3
!
no aaa new-model
ip subnet-zero
!
!
ip cef
no ip domain lookup
!
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 cef
!
interface FastEthernet0/1
duplex auto
speed auto
!
ip http server
no ip http secure-server
ip classless
!
control-plane
NLI'S CCIE IPV6 LAB GUIDE
179
!
!Host static route to Router3. Subnet mask is
128 bits to ensure it is a host route, just like in
IPv4 to define the host route you use /32 bits
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
NLI'S CCIE IPV6 LAB GUIDE
180
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router3
!
logging buffered 20000 debugging
!
ip subnet-zero
ip cef
!
no ip domain lookup
!
ip multicast-routing
ipv6 unicast-routing
!
voice call carrier capacity active
!
mta receive maximum-recipients 0
!
interface FastEthernet0/0
half-duplex
ipv6 enable
!
!Host static route to Router3. Subnet mask is 128 bits to ensure it is a host route, just like in IPv4 to
define the host route you use /32 bits
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
line aux 0
exec-timeout 60 0
logging synchronous
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
end
NLI'S CCIE IPV6 LAB GUIDE
181
!Router1 IPv6 routing table includes the host static routeto Router3. This is indicated by the
flag.
!Router2 IPv6 routing table. This does not include any static routes as the router is directly
connected to both subnets
!Router3 IPv6 routing table includes the host static routeto Router1. This is indicated by the
flag.
NLI'S CCIE IPV6 LAB GUIDE
182
NLI'S CCIE IPV6 LAB GUIDE
183
IPV6 RIP BASIC ENABLING
1. Configure your network as per the above diagram over a local Ethernet segment.
2. Ensure that all routers have been configured with the correct IPv6 address.
3.
4. Test your configuration to ensure that the two routers can ping each other.
NLI'S CCIE IPV6 LAB GUIDE
184
ANSWER
RIP for IPv6 is also called (RIP next generation). RIPng functions the same way as RIPv4,
i.e. there is no difference in routing operational features or timers. The only main differences are:
Supports IPv4 addresses only Supports IPv6 addresses only and is
backward compatible with IPv4
RIP updates sent to 224.0.0.10 RIP updates uses multicast address FF02::9
One RIP process uses only one Routing
Information Database (RIB)
Multiple RIP processes can be configured, each
with their own name. Each RIP process
maintains its own local routing database, called
Routing Information Database (RIB). This RIP
database consists of best IPv6 routes to a
destination. These routes are uploaded to the
administrative distance.
UDP port 520 UDP port 521
RIPv4 only uses 1 equal-cost path when
multiple paths are available between neighbors.
IPv6 by default uses 4 equal-cost paths between
neighbors. The range is from 1 to 64.
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
username all
voice-card 1
!
voice-card 3
!
voice-card 4
!
voice-card 5
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
voice-card 3
!
no aaa new-model
ip subnet-zero
!
!
ip cef
no ip domain lookup
!
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
NLI'S CCIE IPV6 LAB GUIDE
185
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
ipv6 cef accounting per-prefix
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 cef
!
ip http server
no ip http secure-server
ip classless
!
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:1::2/64
ipv6 cef
!
interface FastEthernet0/1
duplex auto
speed auto
ipv6 address 2001:1:2::2/64
!
ip http server
no ip http secure-server
ip classless
!
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
NLI'S CCIE IPV6 LAB GUIDE
186
NLI'S CCIE IPV6 LAB GUIDE
187
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router3
!
logging buffered 20000 debugging
!
ip subnet-zero
ip cef
!
no ip domain lookup
!
ip multicast-routing
ipv6 unicast-routing
!
voice call carrier capacity active
!
mta receive maximum-recipients 0
!
interface FastEthernet0/0
half-duplex
ipv6 address 2001:1:2::3/64
ipv6 enable
!
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
line aux 0
exec-timeout 60 0
logging synchronous
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
end
NLI'S CCIE IPV6 LAB GUIDE
188
router1#sh ipv6 rip
RIP process "testlab", port 521, multicast-group FF02::9, pid 4
Administrative distance is 120. Maximum paths is 16
Updates every 30 seconds, expire after 180
Holddown lasts 0 seconds, garbage collect after 120
Split horizon is on; poison reverse is off
Default routes are not generated
Periodic updates 26, trigger updates 1
Interfaces:
FastEthernet0/0
Redistribution:
None
router2#sh ipv6 rip
RIP process "testlab", port 521, multicast-group FF02::9, pid 4
Administrative distance is 120. Maximum paths is 16
Updates every 30 seconds, expire after 180
Holddown lasts 0 seconds, garbage collect after 120
Split horizon is on; poison reverse is off
Default routes are not generated
Periodic updates 21, trigger updates 2
Interfaces:
FastEthernet0/1
FastEthernet0/0
Redistribution:
None
router3#sh ipv6 rip
RIP process "testlab", port 521, multicast-group FF02::9, pid 118
Administrative distance is 120. Routing table is 0
Updates every 30 seconds, expire after 180
Holddown lasts 180 seconds, garbage collect after 120
Split horizon is on; poison reverse is off
Default routes are not generated
Periodic updates 20, trigger updates 1
Interfaces:
Ethernet0/1
Redistribution:
None
NLI'S CCIE IPV6 LAB GUIDE
189
NLI'S CCIE IPV6 LAB GUIDE
190
router1#sh ipv6 rip database
RIP process "testlab", local RIB
2001:1:1::/64, metric 2
FastEthernet0/0/FE80::20C:CEFF:FE49:D2D0, expires in 170 secs
2001:1:2::/64, metric 2, installed
FastEthernet0/0/FE80::20C:CEFF:FE49:D2D0, expires in 170 secs
router2#sh ipv6 rip database
RIP process "testlab", local RIB
2001:1:1::/64, metric 2
FastEthernet0/0/FE80::207:50FF:FE21:A2A0, expires in 160 secs
2001:1:2::/64, metric 2
FastEthernet0/1/FE80::203:E3FF:FE21:5510, expires in 175 secs
router3#sh ipv6 protocols
IPv6 Routing Protocol is "connected"
IPv6 Routing Protocol is "static"
IPv6 Routing Protocol is "rip testlab"
Interfaces:
Ethernet1/0
Redistribution:
Redistributing protocol rip testlab
NLI'S CCIE IPV6 LAB GUIDE
191
router1#
*Mar 19 21:45:33.019 UTC: RIPng: response received from FE80::20C:CEFF:FE49:D2D0 on
FastEthernet0/0 for testlab
*Mar 19 21:45:33.019 UTC: src=FE80::20C:CEFF:FE49:D2D0 (FastEthernet0/0)
*Mar 19 21:45:33.019 UTC: dst=FF02::9
*Mar 19 21:45:33.019 UTC: sport=521, dport=521, length=32
*Mar 19 21:45:33.019 UTC: command=2, version=1, mbz=0, #rte=1
*Mar 19 21:45:33.019 UTC: tag=0, metric=1, prefix=2001:1:1::/64
*Mar 19 21:45:33.023 UTC: RIPng: Inserted 2001:1:1::/64, nexthop FE80::20C:CEFF:
FE49:D2D0, metric 2, tag 0
router1#
*Mar 19 21:45:38.339 UTC: RIPng: Sending multicast update on FastEthernet0/0 for
testlab
*Mar 19 21:45:38.339 UTC: src=FE80::207:50FF:FE21:A2A0
*Mar 19 21:45:38.339 UTC: dst=FF02::9 (FastEthernet0/0)
*Mar 19 21:45:38.339 UTC: sport=521, dport=521, length=32
*Mar 19 21:45:38.339 UTC: command=2, version=1, mbz=0, #rte=1
*Mar 19 21:45:38.339 UTC: tag=0, metric=1, prefix=2001:1:1::/64
router1#
*Mar 19 21:45:43.019 UTC: RIPng: response received from FE80::20C:CEFF:FE49:D2D0
on FastEthernet0/0 for testlab
*Mar 19 21:45:43.019 UTC: src=FE80::20C:CEFF:FE49:D2D0 (FastEthernet0/0)
*Mar 19 21:45:43.019 UTC: dst=FF02::9
*Mar 19 21:45:43.019 UTC: sport=521, dport=521, length=52
*Mar 19 21:45:43.019 UTC: command=2, version=1, mbz=0, #rte=2
*Mar 19 21:45:43.019 UTC: tag=0, metric=1, prefix=2001:1:2::/64
*Mar 19 21:45:43.019 UTC: tag=0, metric=1, prefix=2001:1:1::/64
*Mar 19 21:45:43.019 UTC: RIPng: 2001:1:2::/64, metric changed to 2
*Mar 19 21:45:43.023 UTC: RIPng: 2001:1:2::/64, added path FE80::20C:CEFF:FE49:D
2D0/FastEthernet0/0
router1#
*Mar 19 21:45:43.023 UTC: RIPng: Triggered update requested, in hold-down
*Mar 19 21:45:43.339 UTC: RIPng: generating triggered update for testlab
*Mar 19 21:45:43.339 UTC: RIPng: Suppressed null multicast update on FastEthernet0/0 for testlab
NLI'S CCIE IPV6 LAB GUIDE
192
IPV6 RIP MAXIMUMPATHS
1. Configure your network as per the above diagram over a local Ethernet segment.
2. Ensure that all routers have been configured with the correct IPv6 address.
3.
4. Configure router1 to use only a maximum of 1
5. Test your configuration to ensure that router1 only has 1 maximum path configured
NLI'S CCIE IPV6 LAB GUIDE
193
ANSWER
By default RIPv6 uses up to 4 equal-costs paths. The range is between 1 to 64.
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
username all
voice-card 1
!
voice-card 3
!
voice-card 4
!
voice-card 5
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
ipv6 cef accounting per-prefix
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 cef
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
voice-card 3
!
no aaa new-model
ip subnet-zero
!
!
ip cef
no ip domain lookup
!
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:1::2/64
ipv6 cef
!
interface FastEthernet0/1
duplex auto
speed auto
ipv6 address 2001:1:2::2/64
NLI'S CCIE IPV6 LAB GUIDE
194
!
ip http server
no ip http secure-server
ip classless
!
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
!
ip http server
no ip http secure-server
ip classless
!
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
NLI'S CCIE IPV6 LAB GUIDE
195
IPV6 RIP RIP TIMERS
1. Configure your network as per the above diagram over a local Ethernet segment.
2. Ensure that all routers have been configured with the correct IPv6 address.
3.
4. mers to the following:
a.
b.
c.
d.
5.
configuration.
NLI'S CCIE IPV6 LAB GUIDE
196
ANSWER
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
username all
voice-card 1
!
voice-card 3
!
voice-card 4
!
voice-card 5
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
ipv6 cef accounting per-prefix
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 cef
!
ip http server
no ip http secure-server
ip classless
!
NLI'S CCIE IPV6 LAB GUIDE
197
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
NLI'S CCIE IPV6 LAB GUIDE
198
*Mar 19 22:24:59.215 UTC: RIPng: Sending multicast update on FastEthernet0/0 for testlab
*Mar 19 22:24:59.215 UTC: src=FE80::207:50FF:FE21:A2A0
*Mar 19 22:24:59.215 UTC: dst=FF02::9 (FastEthernet0/0)
*Mar 19 22:24:59.215 UTC: sport=521, dport=521, length=32
*Mar 19 22:24:59.215 UTC: command=2, version=1, mbz=0, #rte=1
*Mar 19 22:24:59.215 UTC: tag=0, metric=1, prefix=2001:1:1::/64
router1#
*Mar 19 22:25:01.851 UTC: RIPng: Next RIB walk in 26128
router1#
*Mar 19 22:25:08.811 UTC: RIPng: Sending multicast update on FastEthernet0/0 for testlab
*Mar 19 22:25:08.811 UTC: src=FE80::207:50FF:FE21:A2A0
*Mar 19 22:25:08.811 UTC: dst=FF02::9 (FastEthernet0/0)
*Mar 19 22:25:08.811 UTC: sport=521, dport=521, length=32
*Mar 19 22:25:08.811 UTC: command=2, version=1, mbz=0, #rte=1
*Mar 19 22:25:08.811 UTC: tag=0, metric=1, prefix=2001:1:1::/64
router1#
*Mar 19 22:25:17.551 UTC: RIPng: Sending multicast update on FastEthernet0/0 for testlab
*Mar 19 22:25:17.551 UTC: src=FE80::207:50FF:FE21:A2A0
*Mar 19 22:25:17.551 UTC: dst=FF02::9 (FastEthernet0/0)
*Mar 19 22:25:17.551 UTC: sport=521, dport=521, length=32
*Mar 19 22:25:17.551 UTC: command=2, version=1, mbz=0, #rte=1
*Mar 19 22:25:17.551 UTC: tag=0, metric=1, prefix=2001:1:1::/64
router1#
*Mar 19 22:25:26.491 UTC: RIPng: response received from FE80::20C:CEFF:FE49:D2D0
on FastEthernet0/0 for testlab
*Mar 19 22:25:26.491 UTC: src=FE80::20C:CEFF:FE49:D2D0 (FastEthernet0/0)
*Mar 19 22:25:26.491 UTC: dst=FF02::9
*Mar 19 22:25:26.491 UTC: sport=521, dport=521, length=52
*Mar 19 22:25:26.491 UTC: command=2, version=1, mbz=0, #rte=2
*Mar 19 22:25:26.495 UTC: tag=0, metric=1, prefix=2001:1:2::/64
*Mar 19 22:25:26.495 UTC: tag=0, metric=1, prefix=2001:1:1::/64
router1#
*Mar 19 22:25:26.867 UTC: RIPng: Sending multicast update on FastEthernet0/0 for testlab
*Mar 19 22:25:26.867 UTC: src=FE80::207:50FF:FE21:A2A0
*Mar 19 22:25:26.867 UTC: dst=FF02::9 (FastEthernet0/0)
*Mar 19 22:25:26.867 UTC: sport=521, dport=521, length=32
*Mar 19 22:25:26.867 UTC: command=2, version=1, mbz=0, #rte=1
*Mar 19 22:25:26.867 UTC: tag=0, metric=1, prefix=2001:1:1::/64
router1#
*Mar 19 22:25:27.979 UTC: RIPng: Next RIB walk in 28516
NLI'S CCIE IPV6 LAB GUIDE
199
IPV6 RIP DEFAULT ROUTE
1. Configure your network as per the above diagram over a local Ethernet segment.
2. Ensure that all routers have been configured with the correct IPv6 address.
3.
4. Configure router2 to advertise only default route to router1. No other routes should be
advertised to router1.
5. Configure router2 to advertise a default router, as well as, routes to 2001:1:1::/64 subnet to
router3.
6. Test your configuration to ensure that the appropriate default routers are being generated
by router2.
NLI'S CCIE IPV6 LAB GUIDE
200
ANSWER
Unlike in IPv4 where default routes were configured under the RIP process, in RIPng the default
routes are configured per interface.
The default route in IPv6 looks like .
There are two main types of default routes that can be generated in RIPng:
Using the keyword originates the default route (::/0) but suppresses all other routes in
the updates sent on this interface.
Using the keyword originates the default route (::/0) in addition to all other
routes in the updates sent on this interface.
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
voice-card 3
!
no aaa new-model
ip subnet-zero
!
!
ip cef
no ip domain lookup
!
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:1::2/64
ipv6 rip testlab enable
NLI'S CCIE IPV6 LAB GUIDE
201
ipv6 rip testlab default-information only
ipv6 cef
!
interface FastEthernet0/1
duplex auto
speed auto
ipv6 address 2001:1:2::2/64
ipv6 rip testlab enable
ipv6 rip testlab default-information originate
!
ip http server
no ip http secure-server
ip classless
!
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
NLI'S CCIE IPV6 LAB GUIDE
202
NLI'S CCIE IPV6 LAB GUIDE
203
NLI'S CCIE IPV6 LAB GUIDE
204
IPV6 RIP REDISTRIBUTE STATIC
1. Configure your network as per the above diagram over a local Ethernet segment.
2. Ensure that all routers have been configured with the correct IPv6 address.
3.
4.
5.
6. On Router2, redistribute the static route into RIPng to ensure that Router3 can reach it.
Ensure the redistribute the static metric is 5.
7. Configure router2 to advertise a default router to both routers.
8. Test your configuration to ensure that rout
NLI'S CCIE IPV6 LAB GUIDE
205
ANSWER
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
username all
voice-card 1
!
voice-card 3
!
voice-card 4
!
voice-card 5
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
ipv6 cef accounting per-prefix
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
!
interface Loopback0
no ip address
ipv6 address 2001:1:3::1/64
ipv6 enable
!
interface FastEthernet0/0
speed 100
full-duplex
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
voice-card 3
!
no aaa new-model
ip subnet-zero
!
!
ip cef
no ip domain lookup
!
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:1::2/64
ipv6 rip testlab enable
ipv6 cef
!
interface FastEthernet0/1
duplex auto
speed auto
ipv6 address 2001:1:2::2/64
ipv6 rip testlab enable
!
NLI'S CCIE IPV6 LAB GUIDE
206
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 cef
!
ip http server
no ip http secure-server
ip classless
!
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
ip http server
no ip http secure-server
ip classless
!
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
NLI'S CCIE IPV6 LAB GUIDE
207
NLI'S CCIE IPV6 LAB GUIDE
208
NLI'S CCIE IPV6 LAB GUIDE
209
router3#debug ipv6 rip
RIP Routing Protocol debugging is on
router3#clear ipv6 route *
router3#
*Apr 20 23:40:12.704 UTC: RIPng: response received from FE80::20C:CEFF:FE49:D2D1
on Ethernet1/0 for testlab
*Apr 20 23:40:12.708 UTC: src=FE80::20C:CEFF:FE49:D2D1 (Ethernet1/0)
*Apr 20 23:40:12.708 UTC: dst=FF02::9
*Apr 20 23:40:12.708 UTC: sport=521, dport=521, length=92
*Apr 20 23:40:12.708 UTC: command=2, version=1, mbz=0, #rte=4
*Apr 20 23:40:12.708 UTC: tag=0, metric=1, prefix=2001:1:2::/64
*Apr 20 23:40:12.708 UTC: tag=0, metric=1, prefix=2001:1:1::/64
*Apr 20 23:40:12.708 UTC: tag=0, metric=5, prefix=2001:1:3::/64
*Apr 20 23:40:12.708 UTC: tag=0, metric=1, prefix=::/0
router3#
*Apr 20 23:40:17.680 UTC: RIPng: Sending multicast update on Ethernet1/0 for tes
tlab
*Apr 20 23:40:17.680 UTC: src=FE80::203:E3FF:FE21:5510
*Apr 20 23:40:17.680 UTC: dst=FF02::9 (Ethernet1/0)
*Apr 20 23:40:17.680 UTC: sport=521, dport=521, length=32
*Apr 20 23:40:17.680 UTC: command=2, version=1, mbz=0, #rte=1
*Apr 20 23:40:17.680 UTC: tag=0, metric=1, prefix=2001:1:2::/64
NLI'S CCIE IPV6 LAB GUIDE
210
NLI'S CCIE IPV6 LAB GUIDE
211
IPV6 RIP ROUTE TAGGING
1. Configure your network as per the above diagram over a local Ethernet segment.
2. Ensure that all routers have been configured with the correct IPv6 address.
3.
4.
5.
6. On Router2, redistribute the static route into RIPng to ensure that Router3 can reach it.
Ensure the redistribute the static metric is 5 .
7. Configure router2 to advertise a default router to both routers.
8. Test your configuration to ensure that rout
NLI'S CCIE IPV6 LAB GUIDE
212
ANSWER
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
username all
voice-card 1
!
voice-card 3
!
voice-card 4
!
voice-card 5
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
ipv6 cef accounting per-prefix
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
!
interface Loopback0
no ip address
ipv6 address 2001:1:3::1/64
ipv6 enable
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:1::1/64
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
voice-card 3
!
no aaa new-model
ip subnet-zero
!
!
ip cef
no ip domain lookup
!
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:1::2/64
ipv6 rip testlab enable
ipv6 rip testlab default-information originate
ipv6 cef
!
interface FastEthernet0/1
duplex auto
speed auto
ipv6 address 2001:1:2::2/64
ipv6 rip testlab enable
ipv6 rip testlab default-information originate
!
ip http server
NLI'S CCIE IPV6 LAB GUIDE
213
ipv6 rip testlab enable
ipv6 enable
ipv6 cef
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router rip testlab
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
no ip http secure-server
ip classless
!
!
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
NLI'S CCIE IPV6 LAB GUIDE
214
NLI'S CCIE IPV6 LAB GUIDE
215
router3#debug ipv6 rip
RIP Routing Protocol debugging is on
router3#clear ipv6 route *
router3#
*Apr 20 23:40:12.704 UTC: RIPng: response received from FE80::20C:CEFF:FE49:D2D1
on Ethernet1/0 for testlab
*Apr 20 23:40:12.708 UTC: src=FE80::20C:CEFF:FE49:D2D1 (Ethernet1/0)
*Apr 20 23:40:12.708 UTC: dst=FF02::9
*Apr 20 23:40:12.708 UTC: sport=521, dport=521, length=92
*Apr 20 23:40:12.708 UTC: command=2, version=1, mbz=0, #rte=4
*Apr 20 23:40:12.708 UTC: tag=0, metric=1, prefix=2001:1:2::/64
*Apr 20 23:40:12.708 UTC: tag=0, metric=1, prefix=2001:1:1::/64
*Apr 20 23:40:12.708 UTC
*Apr 20 23:40:12.708 UTC: tag=0, metric=1, prefix=::/0
router3#
*Apr 20 23:40:17.680 UTC: RIPng: Sending multicast update on Ethernet1/0 for tes
tlab
*Apr 20 23:40:17.680 UTC: src=FE80::203:E3FF:FE21:5510
*Apr 20 23:40:17.680 UTC: dst=FF02::9 (Ethernet1/0)
*Apr 20 23:40:17.680 UTC: sport=521, dport=521, length=32
*Apr 20 23:40:17.680 UTC: command=2, version=1, mbz=0, #rte=1
*Apr 20 23:40:17.680 UTC: tag=0, metric=1, prefix=2001:1:2::/64
NLI'S CCIE IPV6 LAB GUIDE
216
NLI'S CCIE IPV6 LAB GUIDE
217
IPV6 RIP ROUTE FILTERING (INCOMING)
1. Configure your network as per the above diagram over a local Ethernet segment.
2. Ensure that all routers have been configured with the correct IPv6 address.
3.
4. Configure router2 to advertise a default router to both routers.
5. Configure router3 to filter any 2001:1:1::/64 RIPng routes received from Router2.
6. Ensure that router3 is still able to receive the default route with the minimum
configuration possible.
7. Test your configuration to ensure that router3 can ping router1 - 2001:1:1::1/128.
NLI'S CCIE IPV6 LAB GUIDE
218
ANSWER
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
username all
voice-card 1
!
voice-card 3
!
voice-card 4
!
voice-card 5
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
ipv6 cef accounting per-prefix
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:1::1/64
ipv6 rip testlab enable
ipv6 enable
ipv6 cef
!
ip http server
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
voice-card 3
!
no aaa new-model
ip subnet-zero
!
!
ip cef
no ip domain lookup
!
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:1::2/64
ipv6 rip testlab enable
ipv6 rip testlab default-information originate
ipv6 cef
!
interface FastEthernet0/1
duplex auto
speed auto
ipv6 address 2001:1:2::2/64
ipv6 rip testlab enable
ipv6 rip testlab default-information originate
!
ip http server
NLI'S CCIE IPV6 LAB GUIDE
219
no ip http secure-server
ip classless
!
ipv6 router rip testlab
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
no ip http secure-server
ip classless
!
ipv6 router rip testlab
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router3
!
logging buffered 20000 debugging
!
ip subnet-zero
ip cef
!
no ip domain lookup
!
ip multicast-routing
ipv6 unicast-routing
!
voice call carrier capacity active
!
mta receive maximum-recipients 0
NLI'S CCIE IPV6 LAB GUIDE
220
!
interface FastEthernet0/0
half-duplex
ipv6 address 2001:1:2::3/64
ipv6 enable
!
!
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
line aux 0
exec-timeout 60 0
logging synchronous
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
end
NLI'S CCIE IPV6 LAB GUIDE
221
router3#debug ipv6 rip
*Apr 21 00:13:32.548 UTC: RIPng: response received from FE80::20C:CEFF:FE49:D2D1
on Ethernet1/0 for testlab
*Apr 21 00:13:32.548 UTC: src=FE80::20C:CEFF:FE49:D2D1 (Ethernet1/0)
*Apr 21 00:13:32.548 UTC: dst=FF02::9
*Apr 21 00:13:32.552 UTC: sport=521, dport=521, length=72
*Apr 21 00:13:32.552 UTC: command=2, version=1, mbz=0, #rte=3
*Apr 21 00:13:32.552 UTC: tag=0, metric=1, prefix=2001:1:2::/64
*Apr 21 00:13:32.552 UTC: tag=0, metric=1, prefix=2001:1:1::/64
*Apr 21 00:13:32.552 UTC: tag=0, metric=1, prefix=::/0
*Apr 21 00:13:32.552 UTC: RIPng: Input filter rejects 2001:1:1::/64
NLI'S CCIE IPV6 LAB GUIDE
222
IPV6 RIP SUMMARY-ROUTE
1. Configure your network as per the above diagram over a local Ethernet segment.
2. Ensure that all routers have been configured with the correct IPv6 address.
3.
4.
RIPng process- testlab.
5. Configure router2 to advertise a default router to both routers.
6. Configure router2 to also advertise the followed summarized route to router3 -2001:1::/20.
7. Test your configuration to ensure that rout
NLI'S CCIE IPV6 LAB GUIDE
223
ANSWER
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
username all
voice-card 1
!
voice-card 3
!
voice-card 4
!
voice-card 5
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
ipv6 cef accounting per-prefix
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
!
interface Loopback0
no ip address
ipv6 address 2001:1:3::1/64
ipv6 enable
!
interface FastEthernet0/0
speed 100
full-duplex
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
voice-card 3
!
no aaa new-model
ip subnet-zero
!
!
ip cef
no ip domain lookup
!
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:1::2/64
ipv6 rip testlab enable
ipv6 rip testlab default-information originate
ipv6 cef
!
interface FastEthernet0/1
duplex auto
speed auto
ipv6 address 2001:1:2::2/64
ipv6 rip testlab enable
ipv6 rip testlab default-information originate
NLI'S CCIE IPV6 LAB GUIDE
224
ipv6 address 2001:1:1::1/64
ipv6 rip testlab enable
ipv6 enable
ipv6 cef
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router rip testlab
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
!
ip http server
no ip http secure-server
ip classless
!
!
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
NLI'S CCIE IPV6 LAB GUIDE
225
router2#debug ipv6 rip
*Mar 20 00:49:47.886 UTC: RIPng: Sending multicast update on FastEthernet0/1 for testlab
*Mar 20 00:49:47.886 UTC: src=FE80::20C:CEFF:FE49:D2D1
*Mar 20 00:49:47.886 UTC: dst=FF02::9 (FastEthernet0/1)
*Mar 20 00:49:47.886 UTC: sport=521, dport=521, length=52
*Mar 20 00:49:47.886 UTC: command=2, version=1, mbz=0, #rte=2
*Mar 20 00:49:47.886 UTC: tag=0, metric=1, prefix=::/0
*Mar 20 00:49:47.886 UTC: tag=0, metric=1, prefix=2001::/20
NLI'S CCIE IPV6 LAB GUIDE
226
NLI'S CCIE IPV6 LAB GUIDE
227
IPV6 RIP METRIC-OFFSET
1. Configure your network as per the above diagram over a local Ethernet segment.
2. Ensure that all routers have been configured with the correct IPv6 address.
3.
4.
RIPng process- testlab.
5. Configure router2 to advertise a default router to both routers.
6.
. However, ensure the metric of the summary route received from
router2 is not changed.
NLI'S CCIE IPV6 LAB GUIDE
228
ANSWER
command is an interface specific command only, and it adds metric to any RIPng
routes received from a neighbor.
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
voice-card 3
!
no aaa new-model
ip subnet-zero
!
!
ip cef
no ip domain lookup
!
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:1::2/64
ipv6 rip testlab enable
ipv6 rip testlab default-information originate
ipv6 cef
!
interface FastEthernet0/1
duplex auto
speed auto
ipv6 address 2001:1:2::2/64
ipv6 rip testlab enable
ipv6 rip testlab default-information originate
NLI'S CCIE IPV6 LAB GUIDE
229
!
ip http server
no ip http secure-server
ip classless
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
NLI'S CCIE IPV6 LAB GUIDE
230
!The following debug shows that router2 is receiving the routes from router1 with metric 1
router2#
*Mar 20 01:05:31.558 UTC: RIPng: response received from FE80::207:50FF:FE21:A2A0 on
FastEthernet0/0 for testlab
*Mar 20 01:05:31.558 UTC: src=FE80::207:50FF:FE21:A2A0 (FastEthernet0/0)
*Mar 20 01:05:31.558 UTC: dst=FF02::9
*Mar 20 01:05:31.558 UTC: sport=521, dport=521, length=52
*Mar 20 01:05:31.558 UTC: command=2, version=1, mbz=0, #rte=2
*Mar 20 01:05:31.558 UTC: tag=0, metric=1, prefix=2001:1:1::/64
*Mar 20 01:05:31.558 UTC: tag=0, metric=1, prefix=2001:1:3::/64
NLI'S CCIE IPV6 LAB GUIDE
231
232
VLAN 1 VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
Fe0/0 2001:1:12::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:12::2 /64 - Fe0/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
NLI'S CCIE IPV6 LAB GUIDE
233
ANSWER
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernet0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
NLI'S CCIE IPV6 LAB GUIDE
234
log-adjacency-changes
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
ipv6 ospf 1 area 0
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
NLI'S CCIE IPV6 LAB GUIDE
235
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 0
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
236
NLI'S CCIE IPV6 LAB GUIDE
237
NLI'S CCIE IPV6 LAB GUIDE
238
NLI'S CCIE IPV6 LAB GUIDE
239
NLI'S CCIE IPV6 LAB GUIDE
240
241
OSPF state description
OSPF
Protocol
Packet
Used
Down This is the first neighbor state.
This means that no hellos have been received
from the neighbor, but hellos can still be sent in
this state.
Down Hello
Attempt This is only valid for neighbors in a NBMA
network.
This means that no hellos have been received
from the neighbor, but hellos can still be sent in
this state.
Attempt Hello
Int The router now has received a hello packet form
the neighbor router, but the receiving routers ID
was not included in the packet.
When a router receives a hello packet from a
neighbor, it should list the sender's router ID in its
hello packet as an acknowledgment that it
received a valid packet.
Int Hello
2-Way This state is reached when the router receiving
the hello packet sees its own Router ID within the
received hello packet's neighbor field.
In this state the routers form a neighbor
relationship with each other.
Now the routers decide that in order to
synchronize their databases, they have to form an
adjacency relationship with each other.
At the end of this stage, the DR and the BDR are
elected.
On a broadcast media, the router becomes FULL
adjacency relationship only with the DR and BDR
and 2-Way adjacency relationship with all other
routers.
2-Way Hello
Exstart This is the first step to creating an adjacency
relationship.
The routers try to establish a master / slave
relationship. A master is elected using the highest
Router ID, which in most cases is the DR/BDR.
Exstart Hello
NLI'S CCIE IPV6 LAB GUIDE
242
The master controls the communication to the
slave router using a sequence number and it is
the only router that can increment the sequence
number.
Exchange In this state the router is listing its entire Link State
Database to its neighbor.
Exchange Database
Description,
Link state
request, Link
state update
Loading In this state, the actual exchange of the
information occurs. Based on the information
provided in the Database Description (DD) packet,
routers send LSA request packets. The neighbor
then provides the information using the LSA
update packet.
If during this state, there is a change in the OSPF
LSA database, then a LSA request packet is sent
out.
Loading LS request,
LS update,
LS Acknowledge
Full In this state, routers are fully adjacent with each
other. All the router and network LSAs are
exchanged and the routers' databases are fully
synchronized.
Full is the normal state for an OSPF router. If a
router is stuck in another state, it's an indication
that there are problems in forming adjacencies.
The only exception to this is the 2-way state,
which is normal in a broadcast network. Routers
achieve the full state with their DR and BDR only.
Neighbors always see each other as 2-way.
Full All
NLI'S CCIE IPV6 LAB GUIDE
243
!Router1 has received a hello packet from router2
*Mar 30 16:25:29.192 UTC: OSPFv3: Rcv hello from 2.2.2.2 area 0 from FastEtherne
t0/0 FE80::20C:CEFF:FE49:D2D0 interface ID 4
!Router1 have entered the 2 WAY state and established neighbor relationship with each other
*Mar 30 16:25:29.192 UTC: OSPFv3: 2 Way Communication to 2.2.2.2 on FastEthernet
0/0, state 2WAY
*Mar 30 16:25:29.192 UTC: OSPFv3: End of hello processing
router1#
*Mar 30 16:25:39.192 UTC: OSPFv3: Rcv hello from 2.2.2.2 area 0 from FastEtherne
t0/0 FE80::20C:CEFF:FE49:D2D0 interface ID 4
*Mar 30 16:25:39.192 UTC: OSPFv3: End of hello processing
router1#
!In the 2 WAY state, the routers will try to establish a DR / BDR neighbor relationship
*Mar 30 16:25:42.820 UTC: OSPFv3: end of Wait on interface FastEthernet0/0
*Mar 30 16:25:42.820 UTC: OSPFv3: DR/BDR election on FastEthernet0/0
*Mar 30 16:25:42.820 UTC: OSPFv3: Elect BDR 2.2.2.2
!Because Router2 has a higher router-id, it is made the DR
*Mar 30 16:25:42.820 UTC: OSPFv3: Elect DR 2.2.2.2
*Mar 30 16:25:42.820 UTC: DR: 2.2.2.2 (Id) BDR: 2.2.2.2 (Id)
!The routers now enter the EXSTART state to exchange databases and establish a MASTER and
SLAVE relationship
*Mar 30 16:25:42.820 UTC: OSPFv3: Send DBD to 2.2.2.2 on FastEthernet0/0 seq 0x1
5B4 opt 0x0013 flag 0x7 len 28
router1#
*Mar 30 16:25:47.820 UTC: OSPFv3: Send DBD to 2.2.2.2 on FastEthernet0/0 seq 0x1
5B4 opt 0x0013 flag 0x7 len 28
*Mar 30 16:25:47.820 UTC: OSPFv3: Retransmitting DBD to 2.2.2.2 on FastEthernet0
/0 [1]
router1#
*Mar 30 16:25:49.192 UTC: OSPFv3: Rcv hello from 2.2.2.2 area 0 from FastEtherne
t0/0 FE80::20C:CEFF:FE49:D2D0 interface ID 4
*Mar 30 16:25:49.192 UTC: OSPFv3: End of hello processing
router1#
*Mar 30 16:25:52.820 UTC: OSPFv3: Send DBD to 2.2.2.2 on FastEthernet0/0 seq 0x1
5B4 opt 0x0013 flag 0x7 len 28
*Mar 30 16:25:52.820 UTC: OSPFv3: Retransmitting DBD to 2.2.2.2 on FastEthernet0
/0 [2]
router1#
*Mar 30 16:25:57.820 UTC: OSPFv3: Send DBD to 2.2.2.2 on FastEthernet0/0 seq 0x1
5B4 opt 0x0013 flag 0x7 len 28
*Mar 30 16:25:57.820 UTC: OSPFv3: Retransmitting DBD to 2.2.2.2 on FastEthernet0
/0 [3]
*Mar 30 16:25:59.192 UTC: OSPFv3: Rcv hello from 2.2.2.2 area 0 from FastEtherne
t0/0 FE80::20C:CEFF:FE49:D2D0 interface ID 4
*Mar 30 16:25:59.192 UTC: OSPFv3: End of hello processing
*Mar 30 16:25:59.196 UTC: OSPFv3: Rcv DBD from 2.2.2.2 on FastEthernet0/0 seq 0x
NLI'S CCIE IPV6 LAB GUIDE
244
14E7 opt 0x0013 flag 0x7 len 28 mtu 1500 state EXSTART
*Mar 30 16:25:59.196 UTC: OSPFv3: NBR
router1# Negotiation Done. We are the SLAVE
*Mar 30 16:25:59.196 UTC: OSPFv3: Send DBD to 2.2.2.2 on FastEthernet0/0 seq 0x1
4E7 opt 0x0013 flag 0x2 len 88
!The routers will now exchange their LSA database with each other and enter the EXCHANGE
state
*Mar 30 16:25:59.200 UTC: OSPFv3: Rcv DBD from 2.2.2.2 on FastEthernet0/0 seq 0x
14E8 opt 0x0013 flag 0x3 len 168 mtu 1500 state EXCHANGE
*Mar 30 16:25:59.200 UTC: OSPFv3: Send DBD to 2.2.2.2 on FastEthernet0/0 seq 0x1
4E8 opt 0x0013 flag 0x0 len 28
*Mar 30 16:25:59.200 UTC: OSPFv3: Database request to 2.2.2.2
*Mar 30 16:25:59.200 UTC: OSPFv3: sent LS REQ packet to FE80::20C:CEFF:FE49:D2D0
, length 84
*Mar 30 16:25:59.200 UTC: OSPFv3: Rcv DBD from 2.2.2.2 on FastEthernet0/0 seq 0x
14E9 opt 0x0013 flag 0x1 len 28 mtu 1500 state EXCHANGE
*Mar 30 16:25:59.200 UTC: OSPFv3: Exchange Done with 2.2.2.2 on FastEthernet0/0
*Mar 30 16:25:59.200 UTC: OSPFv3: Send DBD to 2.2.2.2 on FastEthernet0/0 seq 0x1
4E9 opt 0x0013 flag 0x0 len 28
*Mar 30 16:25:59.200 UTC: OSPFv3: Synchronized with 2.2.2.2 on FastEthernet0/0,
state FULL
!The routers have established a FULL OSPF neighbor relationship
*Mar 30 16:25:59.200 UTC: %OSPFv3-5-ADJCHG: Process 1, Nbr 2.2.2.2 on FastEthern
et0/0 from LOADING to FULL, Loading Done
NLI'S CCIE IPV6 LAB GUIDE
245
IPV6 OSPFV3 TYPE1 ROUTER LSA
VLAN 1 VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
Fe0/0 2001:1:12::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:12::2 /64 - Fe0/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
AREA 1
1. Configure your network as per the above diagram.
2. Ensure that all routers have been configured with the correct IPv6 address.
3. Ensure all the routers use OSPF process ID - 1.
4. Configure the routers to reside in the appropriate OSPF area indicated in the diagram.
5. Ensure the loopback interfaces reside in the appropriate area.
6. Test your configuration to ensure that all
loopback IPv6 addresses.
7.
NLI'S CCIE IPV6 LAB GUIDE
246
ANSWER
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernet0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 ospf 1 area 1
NLI'S CCIE IPV6 LAB GUIDE
247
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
NLI'S CCIE IPV6 LAB GUIDE
248
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
End
249
NLI'S CCIE IPV6 LAB GUIDE
250
Number of Links: 1
Link connected to: a Transit Network
Link Metric: 1
Local Interface ID: 4
Neighbor (DR) Interface ID: 4
Neighbor (DR) Router ID: 2.2.2.2
Routing Bit Set on this LSA
LS age: 333
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Router Links
Link State ID: 0
Advertising Router: 2.2.2.2
LS Seq Number: 80000155
Checksum: 0x6729
Length: 40
Area Border Router
Number of Links: 1
Link connected to: a Transit Network
Link Metric: 1
Local Interface ID: 4
Neighbor (DR) Interface ID: 4
Neighbor (DR) Router ID: 2.2.2.2
NLI'S CCIE IPV6 LAB GUIDE
251
router2#sh ipv6 ospf database router
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
LS age: 946
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Router Links
Link State ID: 0
Advertising Router: 1.1.1.1
LS Seq Number: 80000054
Checksum: 0x8710
Length: 40
Number of Links: 1
Link connected to: a Transit Network
Link Metric: 1
Local Interface ID: 4
Neighbor (DR) Interface ID: 4
NLI'S CCIE IPV6 LAB GUIDE
252
Neighbor (DR) Router ID: 2.2.2.2
LS age: 477
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Router Links
Link State ID: 0
Advertising Router: 2.2.2.2
LS Seq Number: 80000155
Checksum: 0x6729
Length: 40
Area Border Router
Number of Links: 1
Link connected to: a Transit Network
Link Metric: 1
Local Interface ID: 4
Neighbor (DR) Interface ID: 4
Neighbor (DR) Router ID: 2.2.2.2
Router Link States (Area 1)
LS age: 429
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Router Links
Link State ID: 0
Advertising Router: 2.2.2.2
LS Seq Number: 80000004
Checksum: 0x765A
Length: 40
Area Border Router
Number of Links: 1
Link connected to: a Transit Network
Link Metric: 1
Local Interface ID: 5
Neighbor (DR) Interface ID: 5
Neighbor (DR) Router ID: 6.6.6.6
Routing Bit Set on this LSA
LS age: 437
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Router Links
Link State ID: 0
Advertising Router: 6.6.6.6
LS Seq Number: 80000004
Checksum: 0xFDC2
NLI'S CCIE IPV6 LAB GUIDE
253
Length: 40
Area Border Router
Number of Links: 1
Link connected to: a Transit Network
Link Metric: 1
Local Interface ID: 5
Neighbor (DR) Interface ID: 5
Neighbor (DR) Router ID: 6.6.6.6
router2#sh ipv6 ospf database
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 189 0x80000004 0 1 None
2.2.2.2 193 0x80000004 0 1 B
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
2.2.2.2 194 0x80000001 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 190 0x80000001 2001:1:6::6/128
2.2.2.2 190 0x80000001 2001:1:26::/64
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
1.1.1.1 205 0x80000001 4 Fa0/0
2.2.2.2 211 0x80000001 4 Fa0/0
2.2.2.2 211 0x80000001 10 Lo0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 196 0x80000002 0 0x2001 0
2.2.2.2 196 0x80000002 0 0x2001 0
2.2.2.2 196 0x80000001 1004 0x2002 4
NLI'S CCIE IPV6 LAB GUIDE
254
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 194 0x80000009 0 1 B
6.6.6.6 201 0x80000006 0 1 None
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
6.6.6.6 205 0x80000001 5 2
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
2.2.2.2 1828 0x80000002 2001:1:1::1/128
2.2.2.2 369 0x80000001 2001:1:2::2/128
2.2.2.2 377 0x80000002 2001:1:12::/64
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
2.2.2.2 378 0x80000002 5 Fa0/1
6.6.6.6 457 0x80000001 5 Fa0/1
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
6.6.6.6 382 0x80000004 0 0x2001 0
6.6.6.6 383 0x80000001 1005 0x2002 5
router6#sh ipv6 ospf database router
OSPFv3 Router with ID (6.6.6.6) (Process ID 1)
Router Link States (Area 1)
Routing Bit Set on this LSA
LS age: 210
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Router Links
Link State ID: 0
Advertising Router: 2.2.2.2
LS Seq Number: 80000009
Checksum: 0x6C5F
NLI'S CCIE IPV6 LAB GUIDE
255
Length: 40
Area Border Router
Number of Links: 1
Link connected to: a Transit Network
Link Metric: 1
Local Interface ID: 5
Neighbor (DR) Interface ID: 5
Neighbor (DR) Router ID: 6.6.6.6
LS age: 215
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Router Links
Link State ID: 0
Advertising Router: 6.6.6.6
LS Seq Number: 80000006
Checksum: 0xF6C8
Length: 40
Number of Links: 1
Link connected to: a Transit Network
Link Metric: 1
Local Interface ID: 5
Neighbor (DR) Interface ID: 5
Neighbor (DR) Router ID: 6.6.6.6
NLI'S CCIE IPV6 LAB GUIDE
256
NLI'S CCIE IPV6 LAB GUIDE
257
NLI'S CCIE IPV6 LAB GUIDE
258
NLI'S CCIE IPV6 LAB GUIDE
259
IPV6 OSPFV3 TYPE2 NETWORKLSA
VLAN 1 VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
Fe0/0 2001:1:12::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:12::2 /64 - Fe0/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
AREA 1
8. Configure your network as per the above diagram.
9. Ensure that all routers have been configured with the correct IPv6 address.
10. Ensure all the routers use OSPF process ID - 1.
11. Configure the routers to reside in the appropriate OSPF area indicated in the diagram.
12. Ensure the loopback interfaces reside in the appropriate area.
13. Test your configuration to ensure that all
loopback IPv6 addresses.
14. Review the OSPFv3 databases on each
NLI'S CCIE IPV6 LAB GUIDE
260
ANSWER
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
speed 100
full-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 ospf 1 area 1
NLI'S CCIE IPV6 LAB GUIDE
261
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
NLI'S CCIE IPV6 LAB GUIDE
262
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
End
NLI'S CCIE IPV6 LAB GUIDE
263
Area 0
Designated Router
Network LSA - Type 2
Router2
Router6
Router1
Area 1
NLI'S CCIE IPV6 LAB GUIDE
264
router2#sh ipv6 ospf database
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 588 0x80000004 0 1 None
2.2.2.2 591 0x80000006 0 1 B
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
2.2.2.2 595 0x80000001 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 727 0x80000001 2001:1:6::6/128
2.2.2.2 727 0x80000001 2001:1:26::/64
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
2.2.2.2 726 0x80000001 9 Lo0
1.1.1.1 606 0x80000001 4 Fa0/0
2.2.2.2 630 0x80000002 4 Fa0/0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 596 0x80000002 0 0x2001 0
2.2.2.2 595 0x80000003 0 0x2001 0
NLI'S CCIE IPV6 LAB GUIDE
265
2.2.2.2 595 0x80000001 1004 0x2002 4
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 939 0x8000003A 0 1 B
2.2.2.2 674 0x8000003B 0 1 B
6.6.6.6 1569 0x80000046 0 1 None
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
6.6.6.6 1569 0x8000002A 4 2
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
1.1.1.1 931 0x80000001 2001:1:1::1/128
2.2.2.2 718 0x80000001 2001:1:2::2/128
2.2.2.2 622 0x80000001 2001:1:12::/64
2.2.2.2 592 0x80000001 2001:1:1::1/128
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
2.2.2.2 1289 0x8000002B 5 Fa0/1
6.6.6.6 1569 0x8000002C 4 Fa0/1
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 941 0x80000031 0 0x2001 0
6.6.6.6 1571 0x8000003B 0 0x2001 0
6.6.6.6 1571 0x8000002A 1004 0x2002 4
router2# sh ipv6 ospf database network
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Net Link States (Area 0)
LS age: 693
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Network Links
Link State ID: 4 (Interface ID of Designated Router)
NLI'S CCIE IPV6 LAB GUIDE
266
Advertising Router: 2.2.2.2
LS Seq Number: 80000001
Checksum: 0x3ED
Length: 32
Attached Router: 2.2.2.2
Attached Router: 1.1.1.1
Net Link States (Area 1)
LS age: 1666
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Network Links
Link State ID: 4 (Interface ID of Designated Router)
Advertising Router: 6.6.6.6
LS Seq Number: 8000002A
Checksum: 0xF2B0
Length: 32
Attached Router: 6.6.6.6
Attached Router: 2.2.2.2
NLI'S CCIE IPV6 LAB GUIDE
267
NLI'S CCIE IPV6 LAB GUIDE
268
IPV6 OSPFV3 TYPE3 INTER AREA PREFIX LSA
VLAN 1 VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
Fe0/0 2001:1:12::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:12::2 /64 - Fe0/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
AREA 1
1. Configure your network as per the above diagram.
2. Ensure that all routers have been configured with the correct IPv6 address.
3. Ensure all the routers use OSPF process ID - 1.
4. Configure the routers to reside in the appropriate OSPF area indicated in the diagram.
5. Ensure the loopback interfaces reside in the appropriate area.
6. Test your configuration to ensure that all
loopback IPv6 addresses.
7.
NLI'S CCIE IPV6 LAB GUIDE
269
ANSWER
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
speed 100
full-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
NLI'S CCIE IPV6 LAB GUIDE
270
log-adjacency-changes
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
ipv6 ospf 1 area 1
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
NLI'S CCIE IPV6 LAB GUIDE
271
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
NLI'S CCIE IPV6 LAB GUIDE
272
!
End
Area 0
Area Border Router
(ABR)
Type2 Network LSA
Router2
Router6
Router1
Area 1
Type1 Router LSA
Type 3 Inter Area Prefix
router2#sh ipv6 ospf database inter-area prefix
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Inter Area Prefix Link States (Area 0)
LS age: 817
LS Type: Inter Area Prefix Links
Link State ID: 2
Advertising Router: 2.2.2.2
LS Seq Number: 80000072
Checksum: 0x966D
Length: 44
Metric: 1
Prefix Address: 2001:1:6::6
Prefix Length: 128, Options: None
LS age: 822
LS Type: Inter Area Prefix Links
NLI'S CCIE IPV6 LAB GUIDE
273
Link State ID: 5
Advertising Router: 2.2.2.2
LS Seq Number: 80000042
Checksum: 0x6CF2
Length: 36
Metric: 1
Prefix Address: 2001:1:26::
Prefix Length: 64, Options: None
Inter Area Prefix Link States (Area 1)
LS age: 1834
LS Type: Inter Area Prefix Links
Link State ID: 0
Advertising Router: 2.2.2.2
LS Seq Number: 80000054
Checksum: 0x38F4
Length: 44
Metric: 0
Prefix Address: 2001:1:2::2
Prefix Length: 128, Options: None
LS age: 1838
LS Type: Inter Area Prefix Links
Link State ID: 1
Advertising Router: 2.2.2.2
LS Seq Number: 80000054
Checksum: 0x2F36
Length: 36
Metric: 1
Prefix Address: 2001:1:12::
Prefix Length: 64, Options: None
LS age: 1839
LS Type: Inter Area Prefix Links
Link State ID: 2
Advertising Router: 2.2.2.2
LS Seq Number: 80000056
Checksum: 0xFB2E
Length: 44
Metric: 1
Prefix Address: 2001:1:1::1
Prefix Length: 128, Options: None
NLI'S CCIE IPV6 LAB GUIDE
274
NLI'S CCIE IPV6 LAB GUIDE
275
router2# sh ipv6 ospf database
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 93 0x80000004 0 1 None
2.2.2.2 96 0x80000062 0 1 EB
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
2.2.2.2 97 0x80000001 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 343 0x80000002 2001:1:6::6/128
2.2.2.2 343 0x80000045 2001:1:26::/64
NLI'S CCIE IPV6 LAB GUIDE
276
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
2.2.2.2 343 0x80000002 9 Lo0
1.1.1.1 111 0x80000001 4 Fa0/0
2.2.2.2 344 0x80000059 4 Fa0/0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 99 0x80000002 0 0x2001 0
2.2.2.2 98 0x8000005C 0 0x2001 0
2.2.2.2 98 0x80000001 1004 0x2002 4
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 344 0x80000004 0 1 EB
6.6.6.6 291 0x80000005 0 1 None
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
6.6.6.6 291 0x80000002 5 2
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
2.2.2.2 344 0x80000002 2001:1:2::2/128
2.2.2.2 346 0x80000002 2001:1:12::/64
2.2.2.2 88 0x80000001 2001:1:1::1/128
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
2.2.2.2 346 0x80000002 5 Fa0/1
6.6.6.6 548 0x80000002 5 Fa0/1
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
6.6.6.6 292 0x80000003 0 0x2001 0
6.6.6.6 292 0x80000002 1005 0x2002 5
NLI'S CCIE IPV6 LAB GUIDE
277
NLI'S CCIE IPV6 LAB GUIDE
278
IPV6 OSPFV3 TYPE4 INTER AREA ROUTERLSA
VLAN 1 VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
Fe0/0 2001:1:12::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:12::2 /64 - Fe0/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
AREA 1
1. Configure your network as per the above diagram.
2. Ensure that all routers have been configured with the correct IPv6 address.
3. Ensure all the routers use OSPF process ID - 1.
4. Configure the routers to reside in the appropriate OSPF area indicated in the diagram.
5. Ensure the loopback interfaces reside in the appropriate area.
6. On Router1, configure a static route to 2001:20:20::1/64 with the next hop being
interface.
7. Redistribute this static route into Router
8. Test your configuration to ensure that all
loopback IPv6 addresses.
9. Review the OSPFv3 databases to identify the ASBR i.e. Router1.
NLI'S CCIE IPV6 LAB GUIDE
279
ANSWER
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
speed 100
full-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
!
ip http server
no ip http secure-server
ip classless
!
ipv6 route 2001:20:20::/64 Null0
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
NLI'S CCIE IPV6 LAB GUIDE
280
ipv6 router ospf 1
log-adjacency-changes
redistribute static
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
ipv6 ospf 1 area 1
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
NLI'S CCIE IPV6 LAB GUIDE
281
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
NLI'S CCIE IPV6 LAB GUIDE
282
!
End
Area 0
Area Border Router
(ABR)
Type2 Network LSA
Router2
Router6
Router1
Area 1
Type1 Router LSA
Type 3 Inter Area Prefix
Type 4 Inter Area Router
Autonomous System
Border Router (ASBR)
NLI'S CCIE IPV6 LAB GUIDE
283
NLI'S CCIE IPV6 LAB GUIDE
284
NLI'S CCIE IPV6 LAB GUIDE
285
IPV6 OSPFV3 TYPE5 EXTERNAL LSA
VLAN 1 VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
Fe0/0 2001:1:12::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:12::2 /64 - Fe0/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
AREA 1
1. Configure your network as per the above diagram.
2. Ensure that all routers have been configured with the correct IPv6 address.
3. Ensure all the routers use OSPF process ID - 1.
4. Configure the routers to reside in the appropriate OSPF area indicated in the diagram.
5. Ensure the loopback interfaces reside in the appropriate area.
6. On Router1, configure a static route to 2001:20:20::1/64 with the next hop being
interface.
7. Redistribute this static route into Router
8. Test your configuration to ensure that all
loopback IPv6 addresses.
9. Review the OSPFv3 databases to identify the Type 5 LSAs being advertised by the ASBR
i.e. Router1.
NLI'S CCIE IPV6 LAB GUIDE
286
ANSWER
This lab has exactly the same configuration as the previous lab. The only difference is in the show
commands to see the Type 5 LSAs being received by Router2 and Router 6 from Router1.
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
speed 100
full-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
!
ip http server
no ip http secure-server
ip classless
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
no ip address
duplex auto
NLI'S CCIE IPV6 LAB GUIDE
287
!
ipv6 route 2001:20:20::/64 Null0
ipv6 router ospf 1
log-adjacency-changes
redistribute static
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
speed auto
ipv6 address 2001:1:26::2/64
ipv6 ospf 1 area 1
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
NLI'S CCIE IPV6 LAB GUIDE
288
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
line aux 0
exec-timeout 60 0
logging synchronous
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
End
NLI'S CCIE IPV6 LAB GUIDE
289
Area 0
Area Border Router
(ABR)
Type2 Network LSA
Router2
Router6
Router1
Area 1
Type1 Router LSA
Type 3 Inter Area Prefix
Type 4 Inter Area Router
Autonomous System
Border Router (ASBR)
Type 5 External LSA
NLI'S CCIE IPV6 LAB GUIDE
290
NLI'S CCIE IPV6 LAB GUIDE
291
NLI'S CCIE IPV6 LAB GUIDE
292
IPV6 OSPFV3 NSSA - TYPE7 LINK-LSA
VLAN 1 VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
Fe0/0 2001:1:12::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:12::2 /64 - Fe0/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
AREA 1
1. Configure your network as per the above diagram.
2. Ensure that all routers have been configured with the correct IPv6 address.
3. Ensure all the routers use OSPF process ID - 1.
4. Configure the routers to reside in the appropriate OSPF area indicated in the diagram.
5. Ensure the loopback interfaces reside in the appropriate area.
6. On Router6, configure a static route to 2001:20:20::1/128 with the next hop being
interface.
7. Redistribute this static route into Router6s OSPF process ID 1 with metric-type 2.
8. Configure area 1 as a NSSA area.
9. Test your configuration to ensure that all
loopback IPv6 addresses.
10. Review the OSPFv3 database to identify that area 1 is NSSA and it is advertising Type 7
routes to area 0.
11. Perform a traceroute from Router1 to 2001:20:20::6 to ensure the packets are following
the correct path.
NLI'S CCIE IPV6 LAB GUIDE
293
ANSWER
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
!
ip http server
no ip http secure-server
ip classless
!
control-plane
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface Serial0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
NLI'S CCIE IPV6 LAB GUIDE
294
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
ipv6 ospf 1 area 1
!
ipv6 router ospf 1
log-adjacency-changes
area 1 nssa
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
NLI'S CCIE IPV6 LAB GUIDE
295
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 route 2001:20:20::1/128 Null0
ipv6 router ospf 1
log-adjacency-changes
area 1 nssa
redistribute static
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
296
NLI'S CCIE IPV6 LAB GUIDE
297
NLI'S CCIE IPV6 LAB GUIDE
298
NLI'S CCIE IPV6 LAB GUIDE
299
NLI'S CCIE IPV6 LAB GUIDE
300
NLI'S CCIE IPV6 LAB GUIDE
301
IPV6 OSPFV3 TYPE8 LINK-LSA
VLAN 1 VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
Fe0/0 2001:1:12::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:12::2 /64 - Fe0/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
AREA 1
1. Configure your network as per the above diagram.
2. Ensure that all routers have been configured with the correct IPv6 address.
3. Ensure all the routers use OSPF process ID - 1.
4. Configure the routers to reside in the appropriate OSPF area indicated in the diagram.
5. Ensure the loopback interfaces reside in the appropriate area.
6. Test your configuration to ensure that all
loopback IPv6 addresses.
7. Review the OSPFv3 database to identify Link-LSAs being advertised by each of the
routers
NLI'S CCIE IPV6 LAB GUIDE
302
ANSWER
Link LSAs
- Scope of flooding is within the same area
- Provide link local addresses
- List all IPv6 addresses attached to the link
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
!
ip http server
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
NLI'S CCIE IPV6 LAB GUIDE
303
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 ospf 1 area 1
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
NLI'S CCIE IPV6 LAB GUIDE
304
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
NLI'S CCIE IPV6 LAB GUIDE
305
transport preferred all
transport input all
transport output all
!
End
Area 0
Area Border Router
(ABR)
Type2 Network LSA
Router2
Router6
Router1
Area 1
Type1 Router LSA
Type 3 Inter Area Prefix
Type 4 Inter Area Router
Autonomous System
Border Router (ASBR)
Type 5 External LSA
Type 8 LINK LSA
NLI'S CCIE IPV6 LAB GUIDE
306
router6#sh ipv6 ospf database link
OSPFv3 Router with ID (6.6.6.6) (Process ID 1)
Link (Type-8) Link States (Area 1)
LS age: 1773
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Link-LSA (Interface: FastEthernet1/0)
Link State ID: 5 (Interface ID)
Advertising Router: 2.2.2.2
LS Seq Number: 80000001
Checksum: 0x39F0
Length: 56
Router Priority: 1
Link Local Address: FE80::20C:CEFF:FE49:D2D1
Number of Prefixes: 1
Prefix Address: 2001:1:26::
Prefix Length: 64, Options: None
LS age: 1548
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Link-LSA (Interface: FastEthernet1/0)
Link State ID: 5 (Interface ID)
Advertising Router: 6.6.6.6
LS Seq Number: 80000006
Checksum: 0xEB76
Length: 56
Router Priority: 1
Link Local Address: FE80::206:D7FF:FE75:9790
Number of Prefixes: 1
Prefix Address: 2001:1:26::
Prefix Length: 64, Options: None
LS age: 1555
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Link-LSA (Interface: Loopback0)
Link State ID: 6 (Interface ID)
Advertising Router: 6.6.6.6
LS Seq Number: 80000001
Checksum: 0x1C79
Length: 56
Router Priority: 1
Link Local Address: FE80::206:D7FF:FE75:9781
Number of Prefixes: 1
Prefix Address: 2001:1:6::
Prefix Length: 64, Options: None
NLI'S CCIE IPV6 LAB GUIDE
307
NLI'S CCIE IPV6 LAB GUIDE
308
router2#sh ipv6 ospf database link
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Link (Type-8) Link States (Area 0)
LS age: 1886
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Link-LSA (Interface: Loopback0)
Link State ID: 9 (Interface ID)
Advertising Router: 2.2.2.2
LS Seq Number: 80000001
Checksum: 0xE565
Length: 56
Router Priority: 1
Link Local Address: FE80::20C:CEFF:FE49:D2D0
Number of Prefixes: 1
Prefix Address: 2001:1:2::
Prefix Length: 64, Options: None
LS age: 162
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Link-LSA (Interface: FastEthernet0/0)
Link State ID: 4 (Interface ID)
Advertising Router: 1.1.1.1
LS Seq Number: 80000002
Checksum: 0x84CA
Length: 56
Router Priority: 1
Link Local Address: FE80::207:50FF:FE21:A2A0
Number of Prefixes: 1
Prefix Address: 2001:1:12::
Prefix Length: 64, Options: None
LS age: 1887
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Link-LSA (Interface: FastEthernet0/0)
Link State ID: 4 (Interface ID)
Advertising Router: 2.2.2.2
LS Seq Number: 80000001
Checksum: 0x5AE5
Length: 56
Router Priority: 1
Link Local Address: FE80::20C:CEFF:FE49:D2D0
Number of Prefixes: 1
Prefix Address: 2001:1:12::
Prefix Length: 64, Options: None
NLI'S CCIE IPV6 LAB GUIDE
309
Link (Type-8) Link States (Area 1)
LS age: 1889
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Link-LSA (Interface: FastEthernet0/1)
Link State ID: 5 (Interface ID)
Advertising Router: 2.2.2.2
LS Seq Number: 80000001
Checksum: 0x39F0
Length: 56
Router Priority: 1
Link Local Address: FE80::20C:CEFF:FE49:D2D1
Number of Prefixes: 1
Prefix Address: 2001:1:26::
Prefix Length: 64, Options: None
LS age: 1666
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Link-LSA (Interface: FastEthernet0/1)
Link State ID: 5 (Interface ID)
Advertising Router: 6.6.6.6
LS Seq Number: 80000006
Checksum: 0xEB76
Length: 56
Router Priority: 1
Link Local Address: FE80::206:D7FF:FE75:9790
Number of Prefixes: 1
Prefix Address: 2001:1:26::
Prefix Length: 64, Options: None
NLI'S CCIE IPV6 LAB GUIDE
310
router2#sh ipv6 ospf database
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 824 0x80000007 0 1 None
2.2.2.2 878 0x80000005 0 1 B
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
1.1.1.1 824 0x80000002 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 878 0x80000002 2001:1:26::/64
2.2.2.2 626 0x80000002 2001:1:6::6/128
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
2.2.2.2 878 0x80000002 9 Lo0
1.1.1.1 1080 0x80000002 4 Fa0/0
2.2.2.2 878 0x80000002 4 Fa0/0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 824 0x80000003 0 0x2001 0
1.1.1.1 824 0x80000002 1004 0x2002 4
2.2.2.2 878 0x80000003 0 0x2001 0
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 626 0x80000008 0 1 B
6.6.6.6 656 0x8000001C 0 1 None
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
2.2.2.2 627 0x80000002 5 2
Inter Area Prefix Link States (Area 1)
NLI'S CCIE IPV6 LAB GUIDE
311
ADV Router Age Seq# Prefix
2.2.2.2 879 0x80000002 2001:1:2::/64
2.2.2.2 879 0x80000002 2001:1:12::/64
2.2.2.2 879 0x80000002 2001:1:1::1/128
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
2.2.2.2 879 0x80000002 5 Fa0/1
6.6.6.6 658 0x80000007 5 Fa0/1
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
2.2.2.2 627 0x80000002 1005 0x2002 5
6.6.6.6 658 0x80000019 0 0x2001 0
NLI'S CCIE IPV6 LAB GUIDE
312
router1#sh ipv6 ospf database link
OSPFv3 Router with ID (1.1.1.1) (Process ID 1)
Link (Type-8) Link States (Area 0)
LS age: 329
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Link-LSA (Interface: Loopback0)
Link State ID: 11 (Interface ID)
Advertising Router: 1.1.1.1
LS Seq Number: 80000002
Checksum: 0xD781
Length: 56
Router Priority: 1
Link Local Address: FE80::207:50FF:FE21:A2A0
Number of Prefixes: 1
Prefix Address: 2001:1:1::
Prefix Length: 64, Options: None
LS age: 329
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Link-LSA (Interface: FastEthernet0/0)
Link State ID: 4 (Interface ID)
Advertising Router: 1.1.1.1
LS Seq Number: 80000002
Checksum: 0x84CA
Length: 56
Router Priority: 1
Link Local Address: FE80::207:50FF:FE21:A2A0
Number of Prefixes: 1
Prefix Address: 2001:1:12::
Prefix Length: 64, Options: None
LS age: 130
Options: (V6-Bit E-Bit R-bit DC-Bit)
LS Type: Link-LSA (Interface: FastEthernet0/0)
Link State ID: 4 (Interface ID)
Advertising Router: 2.2.2.2
LS Seq Number: 80000002
Checksum: 0x58E6
Length: 56
Router Priority: 1
Link Local Address: FE80::20C:CEFF:FE49:D2D0
Number of Prefixes: 1
Prefix Address: 2001:1:12::
Prefix Length: 64, Options: None
NLI'S CCIE IPV6 LAB GUIDE
313
NLI'S CCIE IPV6 LAB GUIDE
314
IPV6 OSPFV3 TYPE9 INTRA-AREA-PREFIX-LSA
VLAN 1 VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
Fe0/0 2001:1:12::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:12::2 /64 - Fe0/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
AREA 1
1. Configure your network as per the above diagram.
2. Ensure that all routers have been configured with the correct IPv6 address.
3. Ensure all the routers use OSPF process ID - 1.
4. Configure the routers to reside in the appropriate OSPF area indicated in the diagram.
5. Ensure the loopback interfaces reside in the appropriate area.
6. Test your configuration to ensure that all
loopback IPv6 addresses.
7. Review the OSPFv3 database to identify Type 9 Intra-Area-Prefix LSAs being advertised
by each of the routers
NLI'S CCIE IPV6 LAB GUIDE
315
ANSWER
Intra-Area-Prefix LSAs
- This LSA contains the prefix and its length for each LSA
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
!
ip http server
no ip http secure-server
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
no ip address
NLI'S CCIE IPV6 LAB GUIDE
316
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 ospf 1 area 1
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
NLI'S CCIE IPV6 LAB GUIDE
317
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
NLI'S CCIE IPV6 LAB GUIDE
318
transport preferred all
transport input all
transport output all
!
End
Area 0
Area Border Router
(ABR)
Type2 Network LSA
Router2
Router6
Router1
Area 1
Type1 Router LSA
Type 3 Inter Area Prefix
Type 4 Inter Area Router
Autonomous System
Border Router (ASBR)
Type 5 External LSA
Type 8 & 9 LSA
NLI'S CCIE IPV6 LAB GUIDE
319
router6#sh ipv6 ospf database prefix
OSPFv3 Router with ID (6.6.6.6) (Process ID 1)
Intra Area Prefix Link States (Area 1)
Routing Bit Set on this LSA
LS age: 390
LS Type: Intra-Area-Prefix-LSA
Link State ID: 1005
Advertising Router: 2.2.2.2
LS Seq Number: 80000002
Checksum: 0xF382
Length: 44
Referenced LSA Type: 2002
Referenced Link State ID: 5
Referenced Advertising Router: 2.2.2.2
Number of Prefixes: 1
Prefix Address: 2001:1:26::
Prefix Length: 64, Options: None, Metric: 0
Routing Bit Set on this LSA
LS age: 418
LS Type: Intra-Area-Prefix-LSA
Link State ID: 0
Advertising Router: 6.6.6.6
LS Seq Number: 80000019
Checksum: 0x8FD
Length: 52
Referenced LSA Type: 2001
Referenced Link State ID: 0
Referenced Advertising Router: 6.6.6.6
Number of Prefixes: 1
Prefix Address: 2001:1:6::6
Prefix Length: 128, Options: LA , Metric: 0
NLI'S CCIE IPV6 LAB GUIDE
320
NLI'S CCIE IPV6 LAB GUIDE
321
router2#sh ipv6 ospf database prefix
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Intra Area Prefix Link States (Area 0)
Routing Bit Set on this LSA
LS age: 1206
LS Type: Intra-Area-Prefix-LSA
Link State ID: 0
Advertising Router: 1.1.1.1
LS Seq Number: 80000003
Checksum: 0xACA1
Length: 52
Referenced LSA Type: 2001
Referenced Link State ID: 0
Referenced Advertising Router: 1.1.1.1
Number of Prefixes: 1
Prefix Address: 2001:1:1::1
Prefix Length: 128, Options: LA , Metric: 0
Routing Bit Set on this LSA
LS age: 1206
LS Type: Intra-Area-Prefix-LSA
Link State ID: 1004
Advertising Router: 1.1.1.1
LS Seq Number: 80000002
Checksum: 0xFD96
Length: 44
Referenced LSA Type: 2002
Referenced Link State ID: 4
Referenced Advertising Router: 1.1.1.1
Number of Prefixes: 1
Prefix Address: 2001:1:12::
Prefix Length: 64, Options: None, Metric: 0
Routing Bit Set on this LSA
LS age: 1261
LS Type: Intra-Area-Prefix-LSA
Link State ID: 0
Advertising Router: 2.2.2.2
LS Seq Number: 80000003
Checksum: 0xD4BA
Length: 44
Referenced LSA Type: 2001
Referenced Link State ID: 0
NLI'S CCIE IPV6 LAB GUIDE
322
Referenced Advertising Router: 2.2.2.2
Number of Prefixes: 1
Prefix Address: 2001:1:2::
Prefix Length: 64, Options: None, Metric: 1
Intra Area Prefix Link States (Area 1)
Routing Bit Set on this LSA
LS age: 1010
LS Type: Intra-Area-Prefix-LSA
Link State ID: 1005
Advertising Router: 2.2.2.2
LS Seq Number: 80000002
Checksum: 0xF382
Length: 44
Referenced LSA Type: 2002
Referenced Link State ID: 5
Referenced Advertising Router: 2.2.2.2
Number of Prefixes: 1
Prefix Address: 2001:1:26::
Prefix Length: 64, Options: None, Metric: 0
Routing Bit Set on this LSA
LS age: 1041
LS Type: Intra-Area-Prefix-LSA
Link State ID: 0
Advertising Router: 6.6.6.6
LS Seq Number: 80000019
Checksum: 0x8FD
Length: 52
Referenced LSA Type: 2001
Referenced Link State ID: 0
Referenced Advertising Router: 6.6.6.6
Number of Prefixes: 1
Prefix Address: 2001:1:6::6
Prefix Length: 128, Options: LA , Metric: 0
NLI'S CCIE IPV6 LAB GUIDE
323
router2#sh ipv6 ospf database
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 824 0x80000007 0 1 None
2.2.2.2 878 0x80000005 0 1 B
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
1.1.1.1 824 0x80000002 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 878 0x80000002 2001:1:26::/64
2.2.2.2 626 0x80000002 2001:1:6::6/128
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
2.2.2.2 878 0x80000002 9 Lo0
1.1.1.1 1080 0x80000002 4 Fa0/0
2.2.2.2 878 0x80000002 4 Fa0/0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 824 0x80000003 0 0x2001 0
1.1.1.1 824 0x80000002 1004 0x2002 4
2.2.2.2 878 0x80000003 0 0x2001 0
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 626 0x80000008 0 1 B
6.6.6.6 656 0x8000001C 0 1 None
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
2.2.2.2 627 0x80000002 5 2
Inter Area Prefix Link States (Area 1)
NLI'S CCIE IPV6 LAB GUIDE
324
ADV Router Age Seq# Prefix
2.2.2.2 879 0x80000002 2001:1:2::/64
2.2.2.2 879 0x80000002 2001:1:12::/64
2.2.2.2 879 0x80000002 2001:1:1::1/128
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
2.2.2.2 879 0x80000002 5 Fa0/1
6.6.6.6 658 0x80000007 5 Fa0/1
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
2.2.2.2 627 0x80000002 1005 0x2002 5
6.6.6.6 658 0x80000019 0 0x2001 0
NLI'S CCIE IPV6 LAB GUIDE
325
router1#sh ipv6 ospf database prefix
OSPFv3 Router with ID (1.1.1.1) (Process ID 1)
Intra Area Prefix Link States (Area 0)
Routing Bit Set on this LSA
LS age: 1361
LS Type: Intra-Area-Prefix-LSA
Link State ID: 0
Advertising Router: 1.1.1.1
LS Seq Number: 80000003
Checksum: 0xACA1
Length: 52
Referenced LSA Type: 2001
Referenced Link State ID: 0
Referenced Advertising Router: 1.1.1.1
Number of Prefixes: 1
Prefix Address: 2001:1:1::1
Prefix Length: 128, Options: LA , Metric: 0
Routing Bit Set on this LSA
LS age: 1361
LS Type: Intra-Area-Prefix-LSA
Link State ID: 1004
Advertising Router: 1.1.1.1
LS Seq Number: 80000002
Checksum: 0xFD96
Length: 44
Referenced LSA Type: 2002
Referenced Link State ID: 4
Referenced Advertising Router: 1.1.1.1
Number of Prefixes: 1
Prefix Address: 2001:1:12::
Prefix Length: 64, Options: None, Metric: 0
Routing Bit Set on this LSA
LS age: 1418
LS Type: Intra-Area-Prefix-LSA
Link State ID: 0
Advertising Router: 2.2.2.2
LS Seq Number: 80000003
Checksum: 0xD4BA
Length: 44
Referenced LSA Type: 2001
Referenced Link State ID: 0
NLI'S CCIE IPV6 LAB GUIDE
326
Referenced Advertising Router: 2.2.2.2
Number of Prefixes: 1
Prefix Address: 2001:1:2::
Prefix Length: 64, Options: None, Metric: 1
NLI'S CCIE IPV6 LAB GUIDE
327
IPV6 OSPFV3 AREA IPSECAUTHENTICATION
VLAN 1 VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
Fe0/0 2001:1:12::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:12::2 /64 - Fe0/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
AREA 1
1. Configure your network as per the above diagram.
2. Ensure that all routers have been configured with the correct IPv6 address.
3. Ensure all the routers use OSPF process ID - 1.
4. Configure the routers to reside in the appropriate OSPF area indicated in the diagram.
5. Ensure the loopback interfaces reside in the appropriate area.
6. Configure MD5 authentication between all in area 0, using the following options
a.
b.
c. Key - encrypted
d. Hex-string - 1234567890ABCDEF1234567890ABCDEF
7.
loopback address.
NLI'S CCIE IPV6 LAB GUIDE
328
ANSWER
OSPF authentication can either be configured per:
different authentication keys can be chosen per interface, however, this is not a very
scalable model.
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
!
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
!
NLI'S CCIE IPV6 LAB GUIDE
329
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
area 0 authentication ipsec spi 300 md5
1234567890ABCDEF1234567890ABCDEF
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 ospf 1 area 1
!
ipv6 router ospf 1
log-adjacency-changes
area 0 authentication ipsec spi 300 md5
1234567890ABCDEF1234567890ABCDEF
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
NLI'S CCIE IPV6 LAB GUIDE
330
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
NLI'S CCIE IPV6 LAB GUIDE
331
exec-timeout 60 0
logging synchronous
login
!
End
router1#sh ipv6 ospf int f0/0
FastEthernet0/0 is up, line protocol is up
Link Local Address FE80::207:50FF:FE21:A2A0, Interface ID 4
Area 0, Process ID 1, Instance ID 0, Router ID 1.1.1.1
Network Type BROADCAST, Cost: 1
MD5 Authentication (Area) SPI 300, secure socket state UP (errors: 0)
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 1.1.1.1, local address FE80::207:50FF:FE21:A2A0
Backup Designated router (ID) 2.2.2.2, local address FE80::20C:CEFF:FE49:D2D0
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:07
Index 1/1/2, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 4
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 2.2.2.2 (Backup Designated Router)
Suppress hello for 0 neighbor(s)
router2#sh ipv6 ospf int f0/0
FastEthernet0/0 is up, line protocol is up
Link Local Address FE80::20C:CEFF:FE49:D2D0, Interface ID 4
Area 0, Process ID 1, Instance ID 0, Router ID 2.2.2.2
Network Type BROADCAST, Cost: 1
MD5 Authentication (Area) SPI 300, secure socket state UP (errors: 0)
Transmit Delay is 1 sec, State BDR, Priority 1
Designated Router (ID) 1.1.1.1, local address FE80::207:50FF:FE21:A2A0
Backup Designated router (ID) 2.2.2.2, local address FE80::20C:CEFF:FE49:D2D0
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:02
Index 1/1/2, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 2, maximum is 7
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 1.1.1.1 (Designated Router)
Suppress hello for 0 neighbor(s)
NLI'S CCIE IPV6 LAB GUIDE
332
NLI'S CCIE IPV6 LAB GUIDE
333
IPV6 OSPFV3 INTERFACE IPSECAUTHENTICATION
VLAN 1 VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
Fe0/0 2001:1:12::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:12::2 /64 - Fe0/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
AREA 1
1. Configure your network as per the above diagram.
2. Ensure that all routers have been configured with the correct IPv6 address.
3. Ensure all the routers use OSPF process ID - 1.
4. Configure the routers to reside in the appropriate OSPF area indicated in the diagram.
5. Ensure the loopback interfaces reside in the appropriate area.
6. Configure MD5 authentication between all in area 0, using the following
options
a.
b.
c. Key - encrypted
d. Hex-string - 1234567890ABCDEF1234567890ABCDEF
7.
loopback address.
NLI'S CCIE IPV6 LAB GUIDE
334
ANSWER
OSPF authentication can either be configured per:
different authentication keys can be chosen per interface, however, this is not a very
scalable model.
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
area 0 authentication ipsec spi 300 md5
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
area 0 authentication ipsec spi 300 md5
NLI'S CCIE IPV6 LAB GUIDE
335
1234567890ABCDEF1234567890ABCDEF
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
1234567890ABCDEF1234567890ABCDEF
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 ospf 1 area 1
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
NLI'S CCIE IPV6 LAB GUIDE
336
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
NLI'S CCIE IPV6 LAB GUIDE
337
exec-timeout 60 0
logging synchronous
login
!
End
router1#sh ipv6 ospf int f0/0
FastEthernet0/0 is up, line protocol is up
Link Local Address FE80::207:50FF:FE21:A2A0, Interface ID 4
Area 0, Process ID 1, Instance ID 0, Router ID 1.1.1.1
Network Type BROADCAST, Cost: 1
MD5 Authentication (Area) SPI 300, secure socket state UP (errors: 0)
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 1.1.1.1, local address FE80::207:50FF:FE21:A2A0
Backup Designated router (ID) 2.2.2.2, local address FE80::20C:CEFF:FE49:D2D0
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:07
Index 1/1/2, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 4
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 2.2.2.2 (Backup Designated Router)
Suppress hello for 0 neighbor(s)
router2#sh ipv6 ospf int f0/0
FastEthernet0/0 is up, line protocol is up
Link Local Address FE80::20C:CEFF:FE49:D2D0, Interface ID 4
Area 0, Process ID 1, Instance ID 0, Router ID 2.2.2.2
Network Type BROADCAST, Cost: 1
MD5 Authentication (Area) SPI 300, secure socket state UP (errors: 0)
Transmit Delay is 1 sec, State BDR, Priority 1
Designated Router (ID) 1.1.1.1, local address FE80::207:50FF:FE21:A2A0
Backup Designated router (ID) 2.2.2.2, local address FE80::20C:CEFF:FE49:D2D0
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:02
Index 1/1/2, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 2, maximum is 7
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 1.1.1.1 (Designated Router)
Suppress hello for 0 neighbor(s)
NLI'S CCIE IPV6 LAB GUIDE
338
NLI'S CCIE IPV6 LAB GUIDE
339
IPV6 OSPFV3 TIMERCHANGES
VLAN 1 VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
Fe0/0 2001:1:12::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:12::2 /64 - Fe0/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
AREA 1
1. Configure your network as per the above diagram.
2. Ensure that all routers have been configured with the correct IPv6 address.
3. Ensure all the routers use OSPF process ID - 1.
4. Configure the routers to reside in the appropriate OSPF area indicated in the diagram.
5. Change the following timers under all routers for area 0
a. Hello Interval timer to 15 seconds
b. Dead Interval timer to 400 seconds
c. Retransmission Interval to 10 seconds
d. Transmit Delay Interval to 3 seconds
e. Flood pacing timer to 20 seconds
f. SPF calculation delay to 60 seconds with a hold-down timer of 120 seconds
between each consecutive SPF calculation
6.
loopback address.
NLI'S CCIE IPV6 LAB GUIDE
340
ANSWER
Timers - Whenever a timer change is made on one router in an area, it must also be
changed simultaneously on all the routers in the same area. The reason is, that timers
are one of the conditions used to establish a neighbor relationship. If the timers do not
match, the OSPF relationship goes down.
Retransmit Interval When a router advertises an LSA over an interface, the LSA is
added to a retransmission list for that particular interface. The router will keep
advertising that LSA until it is acknowledged. This interval is the number of seconds
between each retransmission.
Transmit Delay When a router creates an LSA, the router sets the age field to 0.
The Transmit Delay field is added to this value. This value now represents the time
delay of propagating the LSA over that particular interface
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernet0/0
speed 100
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
no ip address
NLI'S CCIE IPV6 LAB GUIDE
341
full-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
ipv6 ospf hello-interval 15
ipv6 ospf dead-interval 400
ipv6 ospf retransmit-interval 10
ipv6 ospf transmit-delay 3
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
timers pacing flood 20
timers spf 60 120
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
ipv6 ospf hello-interval 15
ipv6 ospf dead-interval 400
ipv6 ospf retransmit-interval 10
ipv6 ospf transmit-delay 3
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 ospf 1 area 1
!
ipv6 router ospf 1
log-adjacency-changes
timers pacing flood 20
timers spf 60 120
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
NLI'S CCIE IPV6 LAB GUIDE
342
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
NLI'S CCIE IPV6 LAB GUIDE
343
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
router1#sh ipv6 ospf int f0/0
FastEthernet0/0 is up, line protocol is up
Link Local Address FE80::207:50FF:FE21:A2A0, Interface ID 4
Area 0, Process ID 1, Instance ID 0, Router ID 1.1.1.1
Network Type BROADCAST, Cost: 1
Transmit Delay is 3 sec, State BDR, Priority 1
Designated Router (ID) 2.2.2.2, local address FE80::20C:CEFF:FE49:D2D0
Backup Designated router (ID) 1.1.1.1, local address FE80::207:50FF:FE21:A2A0
Timer intervals configured, Hello 15, Dead 400, Wait 400, Retransmit 10
Hello due in 00:00:10
Index 1/1/2, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 4
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 2.2.2.2 (Designated Router)
Suppress hello for 0 neighbor(s)
NLI'S CCIE IPV6 LAB GUIDE
344
router2#sh ipv6 ospf int f0/0
FastEthernet0/0 is up, line protocol is up
Link Local Address FE80::20C:CEFF:FE49:D2D0, Interface ID 4
Area 0, Process ID 1, Instance ID 0, Router ID 2.2.2.2
Network Type BROADCAST, Cost: 1
Transmit Delay is 3 sec, State DR, Priority 1
Designated Router (ID) 2.2.2.2, local address FE80::20C:CEFF:FE49:D2D0
Backup Designated router (ID) 1.1.1.1, local address FE80::207:50FF:FE21:A2A0
Timer intervals configured, Hello 15, Dead 400, Wait 400, Retransmit 10
Hello due in 00:00:13
Index 1/1/2, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 7
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 1.1.1.1 (Backup Designated Router)
Suppress hello for 0 neighbor(s)
NLI'S CCIE IPV6 LAB GUIDE
345
IPV6 OSPFV3 INTER AREA ROUTE SUMMARIZATION
VLAN 1 VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
Fe0/0 2001:1:12::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:12::2 /64 - Fe0/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
AREA 1
1. Configure your network as per the above diagram.
2. Ensure that all routers have been configured with the correct IPv6 address.
3. Ensure all the routers use OSPF process ID - 1.
4. Configure the routers to reside in the appropriate OSPF area indicated in the diagram.
5. Configure the following routes on Router 6:
a.
b.
c.
d.
6. Configure the ABR router i.e. Router 2 to advertise a single summarized route into the
backbone are for these loopback addresses being advertised from Router6
7. Ensure the correct subnet mask is being advertised by each of the loopbacks
8.
loopback interfaces.
NLI'S CCIE IPV6 LAB GUIDE
346
ANSWER
NLI'S CCIE IPV6 LAB GUIDE
347
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ip ospf network point-to-point
ipv6 ospf 1 area 0
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ip ospf network point-to-point
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 ospf 1 area 1
NLI'S CCIE IPV6 LAB GUIDE
348
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
!
ipv6 router ospf 1
log-adjacency-changes
area 1 range 2001:1::/41
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
NLI'S CCIE IPV6 LAB GUIDE
349
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf network point-to-point (*To advertise the correct loopback mask *)
ipv6 ospf 1 area 1
!
interface Loopback1
no ip address
ipv6 address 2001:1:32::6/64
ipv6 enable
ipv6 ospf network point-to-point (*To advertise the correct loopback mask *)
ipv6 ospf 1 area 1
!
interface Loopback2
no ip address
ipv6 address 2001:1:38::6/64
ipv6 enable
ipv6 ospf network point-to-point (*To advertise the correct loopback mask *)
ipv6 ospf 1 area 1
!
interface Loopback3
no ip address
ipv6 address 2001:1:48::6/64
ipv6 enable
ipv6 ospf network point-to-point (*To advertise the correct loopback mask *)
ipv6 ospf 1 area 1
!
interface Loopback4
no ip address
ipv6 address 2001:1:58::6/64
ipv6 enable
ipv6 ospf network point-to-point (*To advertise the correct loopback mask *)
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
NLI'S CCIE IPV6 LAB GUIDE
350
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
NLI'S CCIE IPV6 LAB GUIDE
351
router6#sh ipv6 route
IPv6 Routing Table - 17 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
OI 2001:1:1::1/128 [110/2]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
OI 2001:1:2::/64 [110/2]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
C 2001:1:6::/64 [0/0]
via ::, Loopback0
L 2001:1:6::6/128 [0/0]
via ::, Loopback0
OI 2001:1:12::/64 [110/2]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
C 2001:1:26::/64 [0/0]
via ::, FastEthernet1/0
L 2001:1:26::6/128 [0/0]
via ::, FastEthernet1/0
C 2001:1:32::/64 [0/0]
via ::, Loopback1
L 2001:1:32::6/128 [0/0]
via ::, Loopback1
C 2001:1:38::/64 [0/0]
via ::, Loopback2
L 2001:1:38::6/128 [0/0]
via ::, Loopback2
C 2001:1:48::/64 [0/0]
via ::, Loopback3
L 2001:1:48::6/128 [0/0]
via ::, Loopback3
C 2001:1:58::/64 [0/0]
via ::, Loopback4
L 2001:1:58::6/128 [0/0]
via ::, Loopback4
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
NLI'S CCIE IPV6 LAB GUIDE
352
router2#sh ipv6 route
IPv6 Routing Table - 14 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
O 2001:1:1::1/128 [110/1]
via FE80::207:50FF:FE21:A2A0, FastEthernet0/0
C 2001:1:2::/64 [0/0]
via ::, Loopback0
L 2001:1:2::2/128 [0/0]
via ::, Loopback0
O 2001:1:6::/64 [110/2]
via FE80::206:D7FF:FE75:9790, FastEthernet0/1
C 2001:1:12::/64 [0/0]
via ::, FastEthernet0/0
L 2001:1:12::2/128 [0/0]
via ::, FastEthernet0/0
C 2001:1:26::/64 [0/0]
via ::, FastEthernet0/1
L 2001:1:26::2/128 [0/0]
via ::, FastEthernet0/1
O 2001:1:32::/64 [110/2]
via FE80::206:D7FF:FE75:9790, FastEthernet0/1
O 2001:1:38::/64 [110/2]
via FE80::206:D7FF:FE75:9790, FastEthernet0/1
O 2001:1:48::/64 [110/2]
via FE80::206:D7FF:FE75:9790, FastEthernet0/1
O 2001:1:58::/64 [110/2]
via FE80::206:D7FF:FE75:9790, FastEthernet0/1
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
NLI'S CCIE IPV6 LAB GUIDE
353
router1#sh ipv6 route
IPv6 Routing Table - 13 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
C 2001:1:1::/64 [0/0]
via ::, Loopback0
L 2001:1:1::1/128 [0/0]
via ::, Loopback0
O 2001:1:2::/64 [110/2]
via FE80::20C:CEFF:FE49:D2D0, FastEthernet0/0
OI 2001:1:6::/64 [110/3]
NLI'S CCIE IPV6 LAB GUIDE
354
via FE80::20C:CEFF:FE49:D2D0, FastEthernet0/0
C 2001:1:12::/64 [0/0]
via ::, FastEthernet0/0
L 2001:1:12::1/128 [0/0]
via ::, FastEthernet0/0
OI 2001:1:26::/64 [110/2]
via FE80::20C:CEFF:FE49:D2D0, FastEthernet0/0
OI 2001:1:32::/64 [110/3]
via FE80::20C:CEFF:FE49:D2D0, FastEthernet0/0
OI 2001:1:38::/64 [110/3]
via FE80::20C:CEFF:FE49:D2D0, FastEthernet0/0
OI 2001:1:48::/64 [110/3]
via FE80::20C:CEFF:FE49:D2D0, FastEthernet0/0
OI 2001:1:58::/64 [110/3]
via FE80::20C:CEFF:FE49:D2D0, FastEthernet0/0
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
NLI'S CCIE IPV6 LAB GUIDE
355
NLI'S CCIE IPV6 LAB GUIDE
356
NLI'S CCIE IPV6 LAB GUIDE
357
IPV6 OSPFV3 ADVERTISE DEFAULT ROUTE
VLAN 1 VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
Fe0/0 2001:1:12::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:12::2 /64 - Fe0/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
AREA 1
1. Configure your network as per the above diagram.
2. Ensure that all routers have been configured with the correct IPv6 address.
3. Ensure all the routers use OSPF process ID - 1.
4. Configure the routers to reside in the appropriate OSPF area indicated in the diagram.
5. Configure Router2 to advertises a default route to Area 1 with the following
characteristics:
a.
b. Metric - 20
6.
loopback address.
NLI'S CCIE IPV6 LAB GUIDE
358
ANSWER
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 ospf 1 area 1
NLI'S CCIE IPV6 LAB GUIDE
359
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
!
ipv6 router ospf 1
log-adjacency-changes
!The keyword always means that whether or
not there is a default route in the routing table
learnt from another protocol, OSPF will always
advertise a default route
default-information originate metric 20
metric-type 1
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
NLI'S CCIE IPV6 LAB GUIDE
360
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
NLI'S CCIE IPV6 LAB GUIDE
361
login
!
End
router2#sh ipv6 ospf database
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 1119 0x8000005F 0 1 None
2.2.2.2 1111 0x8000004B 0 1 EB
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
1.1.1.1 857 0x80000023 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 899 0x8000002B 2001:1:26::/64
2.2.2.2 1843 0x80000001 2001:1:6::/64
2.2.2.2 1843 0x80000001 2001:1:26::/64
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
2.2.2.2 900 0x80000023 9 Lo0
1.1.1.1 603 0x80000028 4 Fa0/0
2.2.2.2 900 0x8000002B 4 Fa0/0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 603 0x8000003B 0 0x2001 0
1.1.1.1 857 0x80000023 1004 0x2002 4
2.2.2.2 900 0x80000039 0 0x2001 0
Router Link States (Area 1)
NLI'S CCIE IPV6 LAB GUIDE
362
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 1111 0x80000029 0 1 EB
6.6.6.6 347 0x8000024C 0 1 None
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
6.6.6.6 935 0x80000023 5 2
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
2.2.2.2 901 0x80000023 2001:1:2::/64
2.2.2.2 901 0x80000023 2001:1:12::/64
2.2.2.2 901 0x80000023 2001:1:1::1/128
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
2.2.2.2 901 0x80000023 5 Fa0/1
6.6.6.6 674 0x8000021E 5 Fa0/1
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
6.6.6.6 1848 0x80000248 0 0x2001 0
6.6.6.6 936 0x80000023 1005 0x2002 5
Type-5 AS External Link States
ADV Router Age Seq# Prefix
2.2.2.2 1108 0x80000002 ::/0
NLI'S CCIE IPV6 LAB GUIDE
363
NLI'S CCIE IPV6 LAB GUIDE
364
NLI'S CCIE IPV6 LAB GUIDE
365
NLI'S CCIE IPV6 LAB GUIDE
366
IPV6 OSPFV3 DISTRIBUTE-LIST
VLAN 1 VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
Fe0/0 2001:1:12::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:12::2 /64 - Fe0/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
AREA 1
1. Configure your network as per the above diagram.
2. Ensure that all routers have been configured with the correct IPv6 address.
3. Ensure all the routers use OSPF process ID - 1.
4. Configure the routers to reside in the appropriate OSPF area indicated in the diagram.
5. Configure Router2 to advertises a default route to Area 1 with the following
characteristics:
a.
b. Metric - 20
6. This time ensure that Router6 only learns the default route from Router2. No other route
from Area 0 should be learnt
7.
loopback address.
367
NOTE Distribute-lists are used to prevent OSPFroutes from being installed in the routing
table. Even though the routes do not enter the routing table, they are still present within the
OSPF database and advertised to the OSPF neighbors. The List should be applied on the
ABR, but can be applied per router. In the diagram below, the routers in Area 2 (in the figure
below) are able to receive the route 2001:1:10::1/64 in their OSPF database and the
distribute-list would have to be applied to each individual router in Area 2.
NLI'S CCIE IPV6 LAB GUIDE
368
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 ospf 1 area 1
!
NLI'S CCIE IPV6 LAB GUIDE
369
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
ipv6 router ospf 1
log-adjacency-changes
!The keyword always means that whether or
not there is a default route in the routing table
learnt from another protocol, OSPF will always
advertise a default route
default-information originate metric 20
metric-type 1
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
NLI'S CCIE IPV6 LAB GUIDE
370
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
distribute-list prefix-list R2_Default_Route_Only in
!
ipv6 prefix-list R2_Default_Route_Only description <<Only allow Default_Route>>
ipv6 prefix-list R2_Default_Route_Only seq 5 permit ::/0
ipv6 prefix-list R2_Default_Route_Only seq 10 deny ::/1 le 128
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
NLI'S CCIE IPV6 LAB GUIDE
371
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
router2#sh ipv6 ospf database
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 1119 0x8000005F 0 1 None
2.2.2.2 1111 0x8000004B 0 1 EB
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
1.1.1.1 857 0x80000023 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 899 0x8000002B 2001:1:26::/64
2.2.2.2 1843 0x80000001 2001:1:6::/64
2.2.2.2 1843 0x80000001 2001:1:26::/64
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
2.2.2.2 900 0x80000023 9 Lo0
1.1.1.1 603 0x80000028 4 Fa0/0
2.2.2.2 900 0x8000002B 4 Fa0/0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 603 0x8000003B 0 0x2001 0
1.1.1.1 857 0x80000023 1004 0x2002 4
NLI'S CCIE IPV6 LAB GUIDE
372
2.2.2.2 900 0x80000039 0 0x2001 0
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 1111 0x80000029 0 1 EB
6.6.6.6 347 0x8000024C 0 1 None
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
6.6.6.6 935 0x80000023 5 2
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
2.2.2.2 901 0x80000023 2001:1:2::/64
2.2.2.2 901 0x80000023 2001:1:12::/64
2.2.2.2 901 0x80000023 2001:1:1::1/128
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
2.2.2.2 901 0x80000023 5 Fa0/1
6.6.6.6 674 0x8000021E 5 Fa0/1
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
6.6.6.6 1848 0x80000248 0 0x2001 0
6.6.6.6 936 0x80000023 1005 0x2002 5
Type-5 AS External Link States
ADV Router Age Seq# Prefix
2.2.2.2 1108 0x80000002 ::/0
NLI'S CCIE IPV6 LAB GUIDE
373
NLI'S CCIE IPV6 LAB GUIDE
374
NLI'S CCIE IPV6 LAB GUIDE
375
IPV6 OSPFV3 REFERENCE BANDWIDTH
VLAN 1 VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
Fe0/0 2001:1:12::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:12::2 /64 - Fe0/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
AREA 1
1. Configure your network as per the above diagram.
2.
to 1000. If your routers have only 10Mb Ethernet ports, change the OSPF Cost of both the
routers to 10000.
3. Test your configuration to ensure that the Ethernet interfaces have the right cost.
NLI'S CCIE IPV6 LAB GUIDE
376
ANSWER
NOTE By default OSPF calculates the metric using OSPF costs. OSPF cost of a link is
calculated using the following formula:
Cost = Bandwidth / Interface Bandwidth
The cisco default reference bandwidth is 10
8
or 100,000,000 and the interface bandwidth
depends on the interface type. The higher the bandwidth of the interface the lower the cost of
the link. The following is the default OSPF costs depending on interface type.
Link Type Speed OSPF Cost
Serial 54,000 1785
T1 1,544,000 65
10 Mbps Ethernet 10,000,000 10
T3 44,736,000 3
100 Mbps Fast Ethernet 100,000,000 1
OC-3 155,520,000 1
OC-12 6220080,000 1
Gigabit Ethernet 1,000,000,000 1
From the above it can be seen that using the current reference bandwidth of 10
8
creates the
same cost for 100Mbps Fast Ethernet, OC-3, OC-12, Gigabit Ethernet, which can cause
problems on a production network.
By changing the reference bandwidth from 10
8
to 10
10
(100,000,000,000) will solve the
problem.
router3(config-router)#auto-cost reference-bandwidth ?
<1-4294967> The reference bandwidth in terms of Mbits per second
The above table show look like the following:
Link Type Speed OSPF Cost
10 Mbps Fast Ethernet 10,000,000 10000
100 Mbps Fast Ethernet 100,000,000 1000
Gigabit Ethernet 1,000,000,000 100
NLI'S CCIE IPV6 LAB GUIDE
377
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
auto-cost reference-bandwidth 100000
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 ospf 1 area 1
!
NLI'S CCIE IPV6 LAB GUIDE
378
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
ipv6 router ospf 1
log-adjacency-changes
auto-cost reference-bandwidth 100000
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
NLI'S CCIE IPV6 LAB GUIDE
379
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
auto-cost reference-bandwidth 100000
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
NLI'S CCIE IPV6 LAB GUIDE
380
NLI'S CCIE IPV6 LAB GUIDE
381
IPV6 OSPFV3 STUB AREA
VLAN 1 VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
Fe0/0 2001:1:12::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:12::2 /64 - Fe0/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
AREA 1
1. Configure your network as per the above diagram.
2. Ensure that all routers have been configured with the correct IPv6 address.
3. Ensure all the routers use OSPF process ID - 1.
4. Configure the routers to reside in the appropriate OSPF area indicated in the diagram.
5. Configure the following routes on Router 1:
a.
b.
c.
d.
6. Ensure the correct subnet mask is being advertised by each of the loopbacks
7. Configure the static route on Router1 and redistribute it into Area 0
a. the next hop being NULL 0 interface
8. Configure Area 1 as a Area.
9.
loopback interfaces.
382
Stub Area In a stub Area, the ABR generates a default route as a Type 3 LSA. A default
route is generate by the ABR and advertised even if there is no default route exists within
Area 0. A Stub Area also receives Inter-area routes, but no external (Type 5 LSA) routes.
NLI'S CCIE IPV6 LAB GUIDE
383
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ip ospf network point-to-point
ipv6 ospf 1 area 0
!
interface Loopback1
no ip address
ipv6 address 2001:1:32::1/64
ipv6 enable
(*To advertise the correct loopback mask *)
ipv6 ospf network point-to-point
ipv6 ospf 1 area 0
!
interface Loopback2
no ip address
ipv6 address 2001:1:38::1/64
ipv6 enable
(*To advertise the correct loopback mask *)
ipv6 ospf network point-to-point
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ip ospf network point-to-point
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 ospf 1 area 1
NLI'S CCIE IPV6 LAB GUIDE
384
ipv6 ospf 1 area 0
!
interface Loopback3
no ip address
ipv6 address 2001:1:48::1/64
ipv6 enable
ipv6 ospf network point-to-point
(*To advertise the correct loopback mask *)
ipv6 ospf 1 area 0
!
interface Loopback4
no ip address
ipv6 address 2001:1:58::1/64
ipv6 enable
(*To advertise the correct loopback mask *)
ipv6 ospf network point-to-point
ipv6 ospf 1 area 0
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
redistribute static
!
Ipv6 route 2001:1:10::1/128 null0
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
!
ipv6 router ospf 1
log-adjacency-changes
area 1 stub
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
NLI'S CCIE IPV6 LAB GUIDE
385
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ip ospf network point-to-point
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
NLI'S CCIE IPV6 LAB GUIDE
386
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
area 1 stub
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
NLI'S CCIE IPV6 LAB GUIDE
387
router1#sh ipv6 ospf database
OSPFv3 Router with ID (1.1.1.1) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 526 0x80000063 0 1 E
2.2.2.2 669 0x8000004F 0 1 B
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
1.1.1.1 686 0x80000025 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 953 0x8000002D 2001:1:26::/64
2.2.2.2 1728 0x80000003 2001:1:6::/64
2.2.2.2 1728 0x80000003 2001:1:26::/64
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
1.1.1.1 1065 0x80000001 17 Lo4
1.1.1.1 1065 0x80000001 16 Lo3
1.1.1.1 1065 0x80000001 15 Lo2
1.1.1.1 1065 0x80000001 14 Lo1
1.1.1.1 28 0x80000002 11 Lo0
1.1.1.1 426 0x8000002A 4 Fa0/0
2.2.2.2 954 0x8000002D 4 Fa0/0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 28 0x8000003F 0 0x2001 0
1.1.1.1 687 0x80000025 1004 0x2002 4
2.2.2.2 954 0x8000003B 0 0x2001 0
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 527 0x80000006 0 0 E
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
Type-5 AS External Link States
ADV Router Age Seq# Prefix
1.1.1.1 529 0x80000001 2001:1:10::1/128
NLI'S CCIE IPV6 LAB GUIDE
388
router1#sh ipv6 route
IPv6 Routing Table - 18 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
C 2001:1:1::/64 [0/0]
via ::, Loopback0
L 2001:1:1::1/128 [0/0]
via ::, Loopback0
O 2001:1:2::/64 [110/2]
via FE80::20C:CEFF:FE49:D2D0, FastEthernet0/0
OI 2001:1:6::/64 [110/3]
via FE80::20C:CEFF:FE49:D2D0, FastEthernet0/0
S 2001:1:10::1/128 [1/0]
via ::, Null0
C 2001:1:12::/64 [0/0]
via ::, FastEthernet0/0
L 2001:1:12::1/128 [0/0]
via ::, FastEthernet0/0
OI 2001:1:26::/64 [110/2]
via FE80::20C:CEFF:FE49:D2D0, FastEthernet0/0
C 2001:1:32::/64 [0/0]
via ::, Loopback1
L 2001:1:32::1/128 [0/0]
via ::, Loopback1
C 2001:1:38::/64 [0/0]
via ::, Loopback2
L 2001:1:38::1/128 [0/0]
via ::, Loopback2
C 2001:1:48::/64 [0/0]
via ::, Loopback3
L 2001:1:48::1/128 [0/0]
via ::, Loopback3
C 2001:1:58::/64 [0/0]
via ::, Loopback4
L 2001:1:58::1/128 [0/0]
via ::, Loopback4
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
NLI'S CCIE IPV6 LAB GUIDE
389
router2#sh ipv6 ospf database
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 657 0x80000063 0 1 E
2.2.2.2 793 0x8000004F 0 1 B
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
1.1.1.1 816 0x80000025 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 1078 0x8000002D 2001:1:26::/64
2.2.2.2 37 0x80000004 2001:1:6::/64
2.2.2.2 37 0x80000004 2001:1:26::/64
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
2.2.2.2 1079 0x80000025 9 Lo0
1.1.1.1 556 0x8000002A 4 Fa0/0
2.2.2.2 1079 0x8000002D 4 Fa0/0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 158 0x8000003F 0 0x2001 0
1.1.1.1 817 0x80000025 1004 0x2002 4
2.2.2.2 1079 0x8000003B 0 0x2001 0
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
NLI'S CCIE IPV6 LAB GUIDE
390
2.2.2.2 566 0x80000033 0 1 B
6.6.6.6 576 0x80000256 0 1 None
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
6.6.6.6 581 0x80000028 5 2
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
2.2.2.2 767 0x80000001 2001:1:58::/64
2.2.2.2 767 0x80000001 2001:1:48::/64
2.2.2.2 767 0x80000001 2001:1:38::/64
2.2.2.2 767 0x80000001 2001:1:32::/64
2.2.2.2 767 0x80000001 2001:1:1::/64
2.2.2.2 767 0x80000001 2001:1:6::/64
2.2.2.2 767 0x80000001 2001:1:2::/64
2.2.2.2 767 0x80000001 2001:1:12::/64
Inter Area Router Link States (Area 1)
ADV Router Age Seq# Link ID Dest RtrID
2.2.2.2 591 0x80000001 16843009 1.1.1.1
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
2.2.2.2 1080 0x80000025 5 Fa0/1
6.6.6.6 610 0x80000220 5 Fa0/1
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
6.6.6.6 587 0x8000024E 0 0x2001 0
6.6.6.6 855 0x80000027 1005 0x2002 5
Type-5 AS External Link States
ADV Router Age Seq# Prefix
1.1.1.1 662 0x80000001 2001:1:10::1/128
NLI'S CCIE IPV6 LAB GUIDE
391
router6#sh ipv6 ospf database
OSPFv3 Router with ID (6.6.6.6) (Process ID 1)
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 775 0x80000033 0 1 B
6.6.6.6 783 0x80000256 0 1 None
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
6.6.6.6 788 0x80000028 5 2
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
2.2.2.2 976 0x80000001 2001:1:58::/64
2.2.2.2 976 0x80000001 2001:1:48::/64
2.2.2.2 976 0x80000001 2001:1:38::/64
2.2.2.2 976 0x80000001 2001:1:32::/64
2.2.2.2 976 0x80000001 2001:1:1::/64
2.2.2.2 976 0x80000001 2001:1:6::/64
2.2.2.2 976 0x80000001 2001:1:2::/64
2.2.2.2 977 0x80000001 2001:1:12::/64
Inter Area Router Link States (Area 1)
ADV Router Age Seq# Link ID Dest RtrID
2.2.2.2 800 0x80000001 16843009 1.1.1.1
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
6.6.6.6 1059 0x80000025 6 Lo0
2.2.2.2 1289 0x80000025 5 Fa1/0
6.6.6.6 817 0x80000220 5 Fa1/0
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
6.6.6.6 794 0x8000024E 0 0x2001 0
6.6.6.6 1060 0x80000027 1005 0x2002 5
Type-5 AS External Link States
ADV Router Age Seq# Prefix
1.1.1.1 867 0x80000001 2001:1:10::1/128
NLI'S CCIE IPV6 LAB GUIDE
392
router2#sh ipv6 ospf database
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 1104 0x80000063 0 1 E
2.2.2.2 1241 0x8000004F 0 1 B
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
1.1.1.1 1264 0x80000025 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 1526 0x8000002D 2001:1:26::/64
2.2.2.2 485 0x80000004 2001:1:26::/64
2.2.2.2 61 0x80000001 2001:1:6::/64
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
2.2.2.2 1526 0x80000025 9 Lo0
1.1.1.1 1004 0x8000002A 4 Fa0/0
2.2.2.2 1526 0x8000002D 4 Fa0/0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 606 0x8000003F 0 0x2001 0
1.1.1.1 1265 0x80000025 1004 0x2002 4
2.2.2.2 1526 0x8000003B 0 0x2001 0
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 54 0x80000036 0 1 B
6.6.6.6 64 0x80000259 0 1 None
NLI'S CCIE IPV6 LAB GUIDE
393
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
6.6.6.6 74 0x8000002A 5 2
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
2.2.2.2 1214 0x80000001 2001:1:58::/64
2.2.2.2 1215 0x80000001 2001:1:48::/64
2.2.2.2 1215 0x80000001 2001:1:38::/64
2.2.2.2 1215 0x80000001 2001:1:32::/64
2.2.2.2 1215 0x80000001 2001:1:1::/64
2.2.2.2 1215 0x80000001 2001:1:6::/64
2.2.2.2 1215 0x80000001 2001:1:2::/64
2.2.2.2 1215 0x80000001 2001:1:12::/64
2.2.2.2 83 0x80000001 ::/0
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
2.2.2.2 1528 0x80000025 5 Fa0/1
6.6.6.6 1057 0x80000220 5 Fa0/1
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
6.6.6.6 74 0x80000250 0 0x2001 0
6.6.6.6 76 0x80000029 1005 0x2002 5
Type-5 AS External Link States
ADV Router Age Seq# Prefix
1.1.1.1 1108 0x80000001 2001:1:10::1/128
NLI'S CCIE IPV6 LAB GUIDE
394
router6#sh ipv6 ospf database
OSPFv3 Router with ID (6.6.6.6) (Process ID 1)
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 361 0x80000036 0 1 B
6.6.6.6 369 0x80000259 0 1 None
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
6.6.6.6 379 0x8000002A 5 2
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
2.2.2.2 1521 0x80000001 2001:1:58::/64
2.2.2.2 1521 0x80000001 2001:1:48::/64
2.2.2.2 1521 0x80000001 2001:1:38::/64
2.2.2.2 1521 0x80000001 2001:1:32::/64
2.2.2.2 1521 0x80000001 2001:1:1::/64
2.2.2.2 1521 0x80000001 2001:1:6::/64
2.2.2.2 1521 0x80000001 2001:1:2::/64
2.2.2.2 1522 0x80000001 2001:1:12::/64
2.2.2.2 389 0x80000001 ::/0
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
6.6.6.6 1604 0x80000025 6 Lo0
2.2.2.2 1834 0x80000025 5 Fa1/0
6.6.6.6 1362 0x80000220 5 Fa1/0
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
6.6.6.6 380 0x80000250 0 0x2001 0
6.6.6.6 380 0x80000029 1005 0x2002 5
NLI'S CCIE IPV6 LAB GUIDE
395
router6#sh ipv6 route
IPv6 Routing Table - 14 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
OI ::/0 [110/2]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
OI 2001:1:1::/64 [110/3]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
OI 2001:1:2::/64 [110/2]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
C 2001:1:6::/64 [0/0]
via ::, Loopback0
L 2001:1:6::6/128 [0/0]
via ::, Loopback0
OI 2001:1:12::/64 [110/2]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
C 2001:1:26::/64 [0/0]
via ::, FastEthernet1/0
L 2001:1:26::6/128 [0/0]
via ::, FastEthernet1/0
OI 2001:1:32::/64 [110/3]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
OI 2001:1:38::/64 [110/3]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
OI 2001:1:48::/64 [110/3]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
OI 2001:1:58::/64 [110/3]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
NLI'S CCIE IPV6 LAB GUIDE
396
NLI'S CCIE IPV6 LAB GUIDE
397
IPV6 OSPFV3 TOTAL STUBAREA (TSA)
VLAN 1 VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
Fe0/0 2001:1:12::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:12::2 /64 - Fe0/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
AREA 1
1. Configure your network as per the above diagram.
2. Ensure that all routers have been configured with the correct IPv6 address.
3. Ensure all the routers use OSPF process ID - 1.
4. Configure the routers to reside in the appropriate OSPF area indicated in the diagram.
5. Configure the following routes on Router 1:
e.
a.
b.
c.
6. Ensure the correct subnet mask is being advertised by each of the loopbacks
7. Configure the static route on Router1 and redistribute it into Area 0
a. the next hop being NULL 0 interface
8. Configure Area 1 as a Area.
9.
loopback interfaces.
398
Totally-Stub Area (TSA) In a TSSA, the ABR generates only a default route as a Type 3
LSA. A default route is sent, even if there is no default route within Area 0. A TSA will not
receive any other type of route.
NLI'S CCIE IPV6 LAB GUIDE
399
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ip ospf network point-to-point
ipv6 ospf 1 area 0
!
interface Loopback1
no ip address
ipv6 address 2001:1:32::1/64
ipv6 enable
(*To advertise the correct loopback mask *)
ipv6 ospf network point-to-point
ipv6 ospf 1 area 0
!
interface Loopback2
no ip address
ipv6 address 2001:1:38::1/64
ipv6 enable
(*To advertise the correct loopback mask *)
ipv6 ospf network point-to-point
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ip ospf network point-to-point
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 ospf 1 area 1
NLI'S CCIE IPV6 LAB GUIDE
400
ipv6 ospf 1 area 0
!
interface Loopback3
no ip address
ipv6 address 2001:1:48::1/64
ipv6 enable
ipv6 ospf network point-to-point
(*To advertise the correct loopback mask *)
ipv6 ospf 1 area 0
!
interface Loopback4
no ip address
ipv6 address 2001:1:58::1/64
ipv6 enable
(*To advertise the correct loopback mask *)
ipv6 ospf network point-to-point
ipv6 ospf 1 area 0
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
redistribute static
!
Ipv6 route 2001:1:10::1/128 null0
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
!
ipv6 router ospf 1
log-adjacency-changes
area 1 stub no-summary
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
NLI'S CCIE IPV6 LAB GUIDE
401
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ip ospf network point-to-point
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
NLI'S CCIE IPV6 LAB GUIDE
402
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
area 1 stub no-summary
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
NLI'S CCIE IPV6 LAB GUIDE
403
router1#sh ipv6 ospf database
OSPFv3 Router with ID (1.1.1.1) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 526 0x80000063 0 1 E
2.2.2.2 669 0x8000004F 0 1 B
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
1.1.1.1 686 0x80000025 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 953 0x8000002D 2001:1:26::/64
2.2.2.2 1728 0x80000003 2001:1:6::/64
2.2.2.2 1728 0x80000003 2001:1:26::/64
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
1.1.1.1 1065 0x80000001 17 Lo4
1.1.1.1 1065 0x80000001 16 Lo3
1.1.1.1 1065 0x80000001 15 Lo2
1.1.1.1 1065 0x80000001 14 Lo1
1.1.1.1 28 0x80000002 11 Lo0
1.1.1.1 426 0x8000002A 4 Fa0/0
2.2.2.2 954 0x8000002D 4 Fa0/0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 28 0x8000003F 0 0x2001 0
1.1.1.1 687 0x80000025 1004 0x2002 4
2.2.2.2 954 0x8000003B 0 0x2001 0
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 527 0x80000006 0 0 E
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
Type-5 AS External Link States
ADV Router Age Seq# Prefix
1.1.1.1 529 0x80000001 2001:1:10::1/128
NLI'S CCIE IPV6 LAB GUIDE
404
router1#sh ipv6 route
IPv6 Routing Table - 18 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
C 2001:1:1::/64 [0/0]
via ::, Loopback0
L 2001:1:1::1/128 [0/0]
via ::, Loopback0
O 2001:1:2::/64 [110/2]
via FE80::20C:CEFF:FE49:D2D0, FastEthernet0/0
OI 2001:1:6::/64 [110/3]
via FE80::20C:CEFF:FE49:D2D0, FastEthernet0/0
S 2001:1:10::1/128 [1/0]
via ::, Null0
C 2001:1:12::/64 [0/0]
via ::, FastEthernet0/0
L 2001:1:12::1/128 [0/0]
via ::, FastEthernet0/0
OI 2001:1:26::/64 [110/2]
via FE80::20C:CEFF:FE49:D2D0, FastEthernet0/0
C 2001:1:32::/64 [0/0]
via ::, Loopback1
L 2001:1:32::1/128 [0/0]
via ::, Loopback1
C 2001:1:38::/64 [0/0]
via ::, Loopback2
L 2001:1:38::1/128 [0/0]
via ::, Loopback2
C 2001:1:48::/64 [0/0]
via ::, Loopback3
L 2001:1:48::1/128 [0/0]
via ::, Loopback3
C 2001:1:58::/64 [0/0]
via ::, Loopback4
L 2001:1:58::1/128 [0/0]
via ::, Loopback4
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
NLI'S CCIE IPV6 LAB GUIDE
405
router2#sh ipv6 ospf database
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 657 0x80000063 0 1 E
2.2.2.2 793 0x8000004F 0 1 B
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
1.1.1.1 816 0x80000025 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 1078 0x8000002D 2001:1:26::/64
2.2.2.2 37 0x80000004 2001:1:6::/64
2.2.2.2 37 0x80000004 2001:1:26::/64
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
2.2.2.2 1079 0x80000025 9 Lo0
1.1.1.1 556 0x8000002A 4 Fa0/0
2.2.2.2 1079 0x8000002D 4 Fa0/0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 158 0x8000003F 0 0x2001 0
1.1.1.1 817 0x80000025 1004 0x2002 4
2.2.2.2 1079 0x8000003B 0 0x2001 0
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 566 0x80000033 0 1 B
6.6.6.6 576 0x80000256 0 1 None
NLI'S CCIE IPV6 LAB GUIDE
406
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
6.6.6.6 581 0x80000028 5 2
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
2.2.2.2 767 0x80000001 2001:1:58::/64
2.2.2.2 767 0x80000001 2001:1:48::/64
2.2.2.2 767 0x80000001 2001:1:38::/64
2.2.2.2 767 0x80000001 2001:1:32::/64
2.2.2.2 767 0x80000001 2001:1:1::/64
2.2.2.2 767 0x80000001 2001:1:6::/64
2.2.2.2 767 0x80000001 2001:1:2::/64
2.2.2.2 767 0x80000001 2001:1:12::/64
Inter Area Router Link States (Area 1)
ADV Router Age Seq# Link ID Dest RtrID
2.2.2.2 591 0x80000001 16843009 1.1.1.1
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
2.2.2.2 1080 0x80000025 5 Fa0/1
6.6.6.6 610 0x80000220 5 Fa0/1
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
6.6.6.6 587 0x8000024E 0 0x2001 0
6.6.6.6 855 0x80000027 1005 0x2002 5
Type-5 AS External Link States
ADV Router Age Seq# Prefix
1.1.1.1 662 0x80000001 2001:1:10::1/128
NLI'S CCIE IPV6 LAB GUIDE
407
router6#sh ipv6 ospf database
OSPFv3 Router with ID (6.6.6.6) (Process ID 1)
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 775 0x80000033 0 1 B
6.6.6.6 783 0x80000256 0 1 None
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
6.6.6.6 788 0x80000028 5 2
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
2.2.2.2 976 0x80000001 2001:1:58::/64
2.2.2.2 976 0x80000001 2001:1:48::/64
2.2.2.2 976 0x80000001 2001:1:38::/64
2.2.2.2 976 0x80000001 2001:1:32::/64
2.2.2.2 976 0x80000001 2001:1:1::/64
2.2.2.2 976 0x80000001 2001:1:6::/64
2.2.2.2 976 0x80000001 2001:1:2::/64
2.2.2.2 977 0x80000001 2001:1:12::/64
Inter Area Router Link States (Area 1)
ADV Router Age Seq# Link ID Dest RtrID
2.2.2.2 800 0x80000001 16843009 1.1.1.1
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
6.6.6.6 1059 0x80000025 6 Lo0
2.2.2.2 1289 0x80000025 5 Fa1/0
6.6.6.6 817 0x80000220 5 Fa1/0
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
6.6.6.6 794 0x8000024E 0 0x2001 0
6.6.6.6 1060 0x80000027 1005 0x2002 5
Type-5 AS External Link States
ADV Router Age Seq# Prefix
1.1.1.1 867 0x80000001 2001:1:10::1/128
NLI'S CCIE IPV6 LAB GUIDE
408
router2#sh ipv6 ospf database
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 1104 0x80000063 0 1 E
2.2.2.2 1241 0x8000004F 0 1 B
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
1.1.1.1 1264 0x80000025 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 1526 0x8000002D 2001:1:26::/64
2.2.2.2 485 0x80000004 2001:1:26::/64
2.2.2.2 61 0x80000001 2001:1:6::/64
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
2.2.2.2 1526 0x80000025 9 Lo0
1.1.1.1 1004 0x8000002A 4 Fa0/0
2.2.2.2 1526 0x8000002D 4 Fa0/0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 606 0x8000003F 0 0x2001 0
1.1.1.1 1265 0x80000025 1004 0x2002 4
2.2.2.2 1526 0x8000003B 0 0x2001 0
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 54 0x80000036 0 1 B
6.6.6.6 64 0x80000259 0 1 None
NLI'S CCIE IPV6 LAB GUIDE
409
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
6.6.6.6 74 0x8000002A 5 2
Inter Area Prefix Link States (Area 1)
2.2.2.2 12 0x80000001 ::/0
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
2.2.2.2 1528 0x80000025 5 Fa0/1
6.6.6.6 1057 0x80000220 5 Fa0/1
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
6.6.6.6 74 0x80000250 0 0x2001 0
6.6.6.6 76 0x80000029 1005 0x2002 5
Type-5 AS External Link States
ADV Router Age Seq# Prefix
1.1.1.1 1108 0x80000001 2001:1:10::1/128
NLI'S CCIE IPV6 LAB GUIDE
410
router6#sh ipv6 ospf database
OSPFv3 Router with ID (6.6.6.6) (Process ID 1)
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 361 0x80000036 0 1 B
6.6.6.6 369 0x80000259 0 1 None
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
6.6.6.6 379 0x8000002A 5 2
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
2.2.2.2 149 0x80000001 ::/0
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
6.6.6.6 1604 0x80000025 6 Lo0
2.2.2.2 1834 0x80000025 5 Fa1/0
6.6.6.6 1362 0x80000220 5 Fa1/0
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
6.6.6.6 380 0x80000250 0 0x2001 0
6.6.6.6 380 0x80000029 1005 0x2002 5
NLI'S CCIE IPV6 LAB GUIDE
411
412
413
NSSA ASBR Router Advertises any external routes to the Autonomous System as a Type 7
LSA in the NSSA.
NSA ABR This router converts the Type 7 LSAs to a Type 5 LSA and advertises it into the
backbone area. It also prevents any External Routes from getting in the NSSA area.
NLI'S CCIE IPV6 LAB GUIDE
414
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf 1 area 2
!
interface Loopback1
no ip address
ipv6 address 2001:1:32::1/64
ipv6 enable
(*To advertise the correct loopback mask *)
ipv6 ospf network point-to-point
ipv6 ospf 1 area 2
!
interface Loopback2
no ip address
ipv6 address 2001:1:38::1/64
ipv6 enable
(*To advertise the correct loopback mask *)
ipv6 ospf network point-to-point
ipv6 ospf 1 area 0
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ip ospf network point-to-point
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 ospf 1 area 1
NLI'S CCIE IPV6 LAB GUIDE
415
!
interface Loopback3
no ip address
ipv6 address 2001:1:48::1/64
ipv6 enable
ipv6 ospf network point-to-point
(*To advertise the correct loopback mask *)
ipv6 ospf 1 area 0
!
interface Loopback4
no ip address
ipv6 address 2001:1:58::1/64
ipv6 enable
(*To advertise the correct loopback mask *)
ipv6 ospf network point-to-point
ipv6 ospf 1 area 0
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
router-id 1.1.1.1
log-adjacency-changes
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
!
ipv6 router ospf 1
router-id 2.2.2.2
log-adjacency-changes
area 1 nssa
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
NLI'S CCIE IPV6 LAB GUIDE
416
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router3
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip multicast-routing
ipv6 unicast-routing
!
interface Loopback0
ip address 3.3.3.3 255.255.255.0
ipv6 address 2001:1:3::3/64
ipv6 ospf network point-to-point
!
interface Ethernet0/0
half-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface Ethernet1/0
no ip address
ip pim sparse-dense-mode
half-duplex
ipv6 address 2001:1:13::3/64
ipv6 ospf 1 area 2
!
ipv6 router ospf 1
router-id 3.3.3.3
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ip ospf network point-to-point
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
NLI'S CCIE IPV6 LAB GUIDE
417
log-adjacency-changes
!
line con 0
exec-timeout 60 0
logging synchronous
line aux 0
exec-timeout 60 0
logging synchronous
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
end
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
router-id 6.6.6.6
log-adjacency-changes
area 1 nssa
redistribute static
!
Ipv6 route 2001:1:10::6/128 null0
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
NLI'S CCIE IPV6 LAB GUIDE
418
NLI'S CCIE IPV6 LAB GUIDE
419
router1#sh ipv6 ospf database
OSPFv3 Router with ID (1.1.1.1) (Process ID 1)
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
Router Link States (Area 2)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 160 0x80000004 0 1 None
3.3.3.3 166 0x8000000A 0 1 B
Net Link States (Area 2)
ADV Router Age Seq# Link ID Rtr count
3.3.3.3 169 0x80000001 8 2
Inter Area Prefix Link States (Area 2)
ADV Router Age Seq# Prefix
3.3.3.3 179 0x80000003 2001:1:12::/64
3.3.3.3 184 0x80000001 2001:1:26::/64
3.3.3.3 184 0x80000001 2001:1:6::/64
3.3.3.3 50 0x80000001 2001:1:2::/64
Inter Area Router Link States (Area 2)
ADV Router Age Seq# Link ID Dest RtrID
3.3.3.3 184 0x80000001 33686018 2.2.2.2
Link (Type-8) Link States (Area 2)
ADV Router Age Seq# Link ID Interface
1.1.1.1 176 0x80000001 11 Lo0
1.1.1.1 176 0x80000001 17 Lo4
1.1.1.1 176 0x80000001 16 Lo3
1.1.1.1 176 0x80000001 15 Lo2
1.1.1.1 177 0x80000001 14 Lo1
1.1.1.1 177 0x80000001 4 Fa0/0
3.3.3.3 191 0x80000002 8 Fa0/0
Intra Area Prefix Link States (Area 2)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
NLI'S CCIE IPV6 LAB GUIDE
420
1.1.1.1 170 0x80000002 0 0x2001 0
3.3.3.3 171 0x80000001 1008 0x2002 8
Type-5 AS External Link States
ADV Router Age Seq# Prefix
2.2.2.2 395 0x80000001 2001:1:10::6/128
router1#sh ipv6 route
IPv6 Routing Table - 19 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
C 2001:1:1::/64 [0/0]
via ::, Loopback0
L 2001:1:1::1/128 [0/0]
via ::, Loopback0
OI 2001:1:2::/64 [110/12]
via FE80::203:E3FF:FE21:5510, FastEthernet0/0
OI 2001:1:6::/64 [110/13]
via FE80::203:E3FF:FE21:5510, FastEthernet0/0
OE2 2001:1:10::6/128 [110/20]
via FE80::203:E3FF:FE21:5510, FastEthernet0/0
OI 2001:1:12::/64 [110/11]
via FE80::203:E3FF:FE21:5510, FastEthernet0/0
C 2001:1:13::/64 [0/0]
via ::, FastEthernet0/0
L 2001:1:13::1/128 [0/0]
via ::, FastEthernet0/0
OI 2001:1:26::/64 [110/12]
via FE80::203:E3FF:FE21:5510, FastEthernet0/0
C 2001:1:32::/64 [0/0]
via ::, Loopback1
L 2001:1:32::1/128 [0/0]
via ::, Loopback1
C 2001:1:38::/64 [0/0]
via ::, Loopback2
L 2001:1:38::1/128 [0/0]
via ::, Loopback2
C 2001:1:48::/64 [0/0]
via ::, Loopback3
L 2001:1:48::1/128 [0/0]
via ::, Loopback3
C 2001:1:58::/64 [0/0]
via ::, Loopback4
NLI'S CCIE IPV6 LAB GUIDE
421
L 2001:1:58::1/128 [0/0]
via ::, Loopback4
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
router3#sh ipv6 ospf database
OSPFv3 Router with ID (3.3.3.3) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 254 0x80000007 0 1 EB
3.3.3.3 247 0x80000006 0 1 B
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
2.2.2.2 254 0x80000001 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 459 0x80000001 2001:1:6::/64
2.2.2.2 469 0x80000025 2001:1:26::/64
3.3.3.3 249 0x80000002 2001:1:13::/64
3.3.3.3 223 0x80000005 2001:1:1::/64
3.3.3.3 223 0x80000005 2001:1:58::/64
3.3.3.3 228 0x80000001 2001:1:48::/64
3.3.3.3 223 0x80000005 2001:1:38::/64
3.3.3.3 229 0x80000001 2001:1:32::/64
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
2.2.2.2 479 0x80000001 4 Et0/0
3.3.3.3 250 0x80000002 7 Et0/0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
2.2.2.2 254 0x80000004 0 0x2001 0
NLI'S CCIE IPV6 LAB GUIDE
422
2.2.2.2 255 0x80000001 1004 0x2002 4
Router Link States (Area 2)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 226 0x80000004 0 1 None
3.3.3.3 230 0x8000000A 0 1 B
Net Link States (Area 2)
ADV Router Age Seq# Link ID Rtr count
3.3.3.3 235 0x80000001 8 2
Inter Area Prefix Link States (Area 2)
ADV Router Age Seq# Prefix
3.3.3.3 244 0x80000003 2001:1:12::/64
3.3.3.3 250 0x80000001 2001:1:26::/64
3.3.3.3 250 0x80000001 2001:1:6::/64
3.3.3.3 114 0x80000001 2001:1:2::/64
Inter Area Router Link States (Area 2)
ADV Router Age Seq# Link ID Dest RtrID
3.3.3.3 250 0x80000001 33686018 2.2.2.2
Link (Type-8) Link States (Area 2)
ADV Router Age Seq# Link ID Interface
1.1.1.1 243 0x80000001 4 Et1/0
3.3.3.3 257 0x80000002 8 Et1/0
Intra Area Prefix Link States (Area 2)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 236 0x80000002 0 0x2001 0
3.3.3.3 236 0x80000001 1008 0x2002 8
Type-5 AS External Link States
ADV Router Age Seq# Prefix
2.2.2.2 460 0x80000001 2001:1:10::6/128
NLI'S CCIE IPV6 LAB GUIDE
423
router2#sh ipv6 ospf database
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 442 0x80000007 0 1 EB
3.3.3.3 437 0x80000006 0 1 B
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
2.2.2.2 442 0x80000001 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 648 0x80000001 2001:1:6::/64
2.2.2.2 657 0x80000025 2001:1:26::/64
3.3.3.3 439 0x80000002 2001:1:13::/64
3.3.3.3 412 0x80000005 2001:1:1::/64
3.3.3.3 412 0x80000005 2001:1:58::/64
3.3.3.3 418 0x80000001 2001:1:48::/64
3.3.3.3 412 0x80000005 2001:1:38::/64
3.3.3.3 419 0x80000001 2001:1:32::/64
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
2.2.2.2 668 0x80000001 9 Lo0
2.2.2.2 668 0x80000001 4 Fa0/0
3.3.3.3 440 0x80000002 7 Fa0/0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
2.2.2.2 443 0x80000004 0 0x2001 0
2.2.2.2 444 0x80000001 1004 0x2002 4
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 650 0x80000004 0 1 EB
6.6.6.6 656 0x80000292 0 1 E
NLI'S CCIE IPV6 LAB GUIDE
424
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
6.6.6.6 657 0x80000001 5 2
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
2.2.2.2 659 0x80000001 2001:1:2::/64
2.2.2.2 659 0x80000001 2001:1:12::/64
2.2.2.2 434 0x80000001 2001:1:13::/64
2.2.2.2 419 0x80000001 2001:1:48::/64
2.2.2.2 419 0x80000001 2001:1:32::/64
2.2.2.2 414 0x80000001 2001:1:1::/64
2.2.2.2 415 0x80000001 2001:1:58::/64
2.2.2.2 415 0x80000001 2001:1:38::/64
Type-7 AS External Link States (Area 1)
ADV Router Age Seq# Prefix
6.6.6.6 686 0x80000024 2001:1:10::6/128
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
2.2.2.2 670 0x80000001 5 Fa0/1
6.6.6.6 681 0x80000248 5 Fa0/1
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
6.6.6.6 657 0x8000027F 0 0x2001 0
6.6.6.6 658 0x80000001 1005 0x2002 5
Type-5 AS External Link States
ADV Router Age Seq# Prefix
2.2.2.2 646 0x80000001 2001:1:10::6/128
NLI'S CCIE IPV6 LAB GUIDE
425
router6#sh ipv6 ospf database
OSPFv3 Router with ID (6.6.6.6) (Process ID 1)
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 919 0x80000004 0 1 EB
6.6.6.6 923 0x80000292 0 1 E
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
6.6.6.6 923 0x80000001 5 2
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
2.2.2.2 928 0x80000001 2001:1:2::/64
2.2.2.2 928 0x80000001 2001:1:12::/64
2.2.2.2 703 0x80000001 2001:1:13::/64
2.2.2.2 688 0x80000001 2001:1:48::/64
2.2.2.2 688 0x80000001 2001:1:32::/64
2.2.2.2 683 0x80000001 2001:1:1::/64
2.2.2.2 683 0x80000001 2001:1:58::/64
2.2.2.2 683 0x80000001 2001:1:38::/64
Type-7 AS External Link States (Area 1)
ADV Router Age Seq# Prefix
6.6.6.6 953 0x80000024 2001:1:10::6/128
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
6.6.6.6 959 0x80000001 6 Lo0
2.2.2.2 938 0x80000001 5 Fa1/0
6.6.6.6 948 0x80000248 5 Fa1/0
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
6.6.6.6 924 0x8000027F 0 0x2001 0
NLI'S CCIE IPV6 LAB GUIDE
426
6.6.6.6 925 0x80000001 1005 0x2002 5
NLI'S CCIE IPV6 LAB GUIDE
427
router6#sh ipv6 route
IPv6 Routing Table - 15 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
OI 2001:1:1::/64 [110/13]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
OI 2001:1:2::/64 [110/2]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
C 2001:1:6::/64 [0/0]
via ::, Loopback0
L 2001:1:6::6/128 [0/0]
via ::, Loopback0
S 2001:1:10::6/128 [1/0]
via ::, Null0
OI 2001:1:12::/64 [110/2]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
OI 2001:1:13::/64 [110/12]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
C 2001:1:26::/64 [0/0]
via ::, FastEthernet1/0
L 2001:1:26::6/128 [0/0]
via ::, FastEthernet1/0
OI 2001:1:32::/64 [110/13]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
OI 2001:1:38::/64 [110/13]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
OI 2001:1:48::/64 [110/13]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
OI 2001:1:58::/64 [110/13]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
NLI'S CCIE IPV6 LAB GUIDE
428
429
NLI'S CCIE IPV6 LAB GUIDE
430
8. Configure the following static route on Router6 and redistribute it into Area 1
a. the next hop being NULL 0 interface
9. Configure the following static route on Router6 and redistribute it into Area 1
a. the next hop being NULL 0 interface
10. Configure Area 1 as a
11. Advertise a default route into NSSA from the NSSA ABR i.e Router2
12.
loopback interfaces.
13. Test your configuration to ensure that Router6 is able to traceroute to 2001:1:50::1/128
network from Router1.
14. Test your configuration to ensure that Router1 is able to traceroute to 2001:1:10::6/128
network from Router6.
431
NSSA ASBR Router Advertises any external routes to the Autonomous System as a Type
7 LSA in the NSSA.
NSA ABR This router converts the Type 7 LSAs to a Type 5 LSA and advertises it into the
backbone area. It also prevents any External Routes from getting in the NSSA area.
NSSA Totally Stubby area Is very similar to a Totally Stubby Area, where the NSSA ABR
will advertise a default route only into the NSSA. No Type 3 and Type 5 LSAs are advertised
into the NSSA.
NLI'S CCIE IPV6 LAB GUIDE
432
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ip ospf network point-to-point
ipv6 ospf 1 area 2
!
interface Loopback1
no ip address
ipv6 address 2001:1:32::1/64
ipv6 enable
(*To advertise the correct loopback mask *)
ipv6 ospf network point-to-point
ipv6 ospf 1 area 2
!
interface Loopback2
no ip address
ipv6 address 2001:1:38::1/64
ipv6 enable
(*To advertise the correct loopback mask *)
ipv6 ospf network point-to-point
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ip ospf network point-to-point
ipv6 ospf 1 area 0
!
interface FastEthernetl0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 cef
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 ospf 1 area 1
NLI'S CCIE IPV6 LAB GUIDE
433
ipv6 ospf 1 area 0
!
interface Loopback3
no ip address
ipv6 address 2001:1:48::1/64
ipv6 enable
ipv6 ospf network point-to-point
(*To advertise the correct loopback mask *)
ipv6 ospf 1 area 0
!
interface Loopback4
no ip address
ipv6 address 2001:1:58::1/64
ipv6 enable
(*To advertise the correct loopback mask *)
ipv6 ospf network point-to-point
ipv6 ospf 1 area 0
interface FastEthernet0/0
speed 100
full-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 0
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
router-id 1.1.1.1
log-adjacency-changes
redistribute static
!
Ipv6 route 2001:1:50::1/128 null0
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
!
ipv6 router ospf 1
router-id 2.2.2.2
log-adjacency-changes
area 1 nssa no-summary default-information-
originate
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
NLI'S CCIE IPV6 LAB GUIDE
434
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router3
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip multicast-routing
ipv6 unicast-routing
!
interface Loopback0
ip address 3.3.3.3 255.255.255.0
ipv6 address 2001:1:3::3/64
ipv6 ospf network point-to-point
!
interface Ethernet0/0
half-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface Ethernet1/0
no ip address
ip pim sparse-dense-mode
half-duplex
ipv6 address 2001:1:13::3/64
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ip ospf network point-to-point
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
no ip address
duplex auto
NLI'S CCIE IPV6 LAB GUIDE
435
ipv6 ospf 1 area 2
!
ipv6 router ospf 1
router-id 3.3.3.3
log-adjacency-changes
!
line con 0
exec-timeout 60 0
logging synchronous
line aux 0
exec-timeout 60 0
logging synchronous
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
end
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
router-id 6.6.6.6
log-adjacency-changes
area 1 nssa no-summary
redistribute static
!
Ipv6 route 2001:1:10::6/128 null0
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
NLI'S CCIE IPV6 LAB GUIDE
436
NLI'S CCIE IPV6 LAB GUIDE
437
router1#sh ipv6 ospf database
OSPFv3 Router with ID (1.1.1.1) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 1105 0x80000003 0 0 E
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
Router Link States (Area 2)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 1105 0x80000007 0 1 E
3.3.3.3 779 0x8000000B 0 1 B
Net Link States (Area 2)
ADV Router Age Seq# Link ID Rtr count
3.3.3.3 779 0x80000002 8 2
Inter Area Prefix Link States (Area 2)
ADV Router Age Seq# Prefix
3.3.3.3 779 0x80000004 2001:1:12::/64
3.3.3.3 781 0x80000002 2001:1:26::/64
3.3.3.3 781 0x80000002 2001:1:6::/64
3.3.3.3 535 0x80000002 2001:1:2::/64
Inter Area Router Link States (Area 2)
ADV Router Age Seq# Link ID Dest RtrID
3.3.3.3 781 0x80000002 33686018 2.2.2.2
Link (Type-8) Link States (Area 2)
ADV Router Age Seq# Link ID Interface
1.1.1.1 696 0x80000002 11 Lo0
1.1.1.1 696 0x80000002 17 Lo4
1.1.1.1 696 0x80000002 16 Lo3
1.1.1.1 696 0x80000002 15 Lo2
1.1.1.1 698 0x80000002 14 Lo1
NLI'S CCIE IPV6 LAB GUIDE
438
1.1.1.1 698 0x80000002 4 Fa0/0
3.3.3.3 782 0x80000003 8 Fa0/0
Intra Area Prefix Link States (Area 2)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 698 0x80000003 0 0x2001 0
3.3.3.3 782 0x80000002 1008 0x2002 8
Type-5 AS External Link States
ADV Router Age Seq# Prefix
1.1.1.1 1093 0x80000001 2001:1:50::1/128
2.2.2.2 1012 0x80000002 2001:1:10::6/128
router1#sh ipv6 route
IPv6 Routing Table - 19 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
C 2001:1:1::/64 [0/0]
via ::, Loopback0
L 2001:1:1::1/128 [0/0]
via ::, Loopback0
OI 2001:1:2::/64 [110/12]
via FE80::203:E3FF:FE21:5510, FastEthernet0/0
OI 2001:1:6::/64 [110/13]
via FE80::203:E3FF:FE21:5510, FastEthernet0/0
OE2 2001:1:10::6/128 [110/20]
via FE80::203:E3FF:FE21:5510, FastEthernet0/0
OI 2001:1:12::/64 [110/11]
via FE80::203:E3FF:FE21:5510, FastEthernet0/0
C 2001:1:13::/64 [0/0]
via ::, FastEthernet0/0
L 2001:1:13::1/128 [0/0]
via ::, FastEthernet0/0
OI 2001:1:26::/64 [110/12]
via FE80::203:E3FF:FE21:5510, FastEthernet0/0
C 2001:1:32::/64 [0/0]
via ::, Loopback1
L 2001:1:32::1/128 [0/0]
via ::, Loopback1
C 2001:1:38::/64 [0/0]
via ::, Loopback2
NLI'S CCIE IPV6 LAB GUIDE
439
L 2001:1:38::1/128 [0/0]
via ::, Loopback2
C 2001:1:48::/64 [0/0]
via ::, Loopback3
L 2001:1:48::1/128 [0/0]
via ::, Loopback3
S 2001:1:50::1/128 [1/0]
via ::, Null0
C 2001:1:58::/64 [0/0]
via ::, Loopback4
L 2001:1:58::1/128 [0/0]
via ::, Loopback4
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
NLI'S CCIE IPV6 LAB GUIDE
440
router3#sh ipv6 ospf database
OSPFv3 Router with ID (3.3.3.3) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 857 0x80000008 0 1 EB
3.3.3.3 875 0x80000007 0 1 B
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
2.2.2.2 857 0x80000002 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 1105 0x80000002 2001:1:6::/64
2.2.2.2 1105 0x80000026 2001:1:26::/64
3.3.3.3 875 0x80000003 2001:1:13::/64
3.3.3.3 875 0x80000006 2001:1:1::/64
3.3.3.3 875 0x80000006 2001:1:58::/64
3.3.3.3 875 0x80000002 2001:1:48::/64
3.3.3.3 875 0x80000006 2001:1:38::/64
3.3.3.3 875 0x80000002 2001:1:32::/64
Inter Area Router Link States (Area 0)
ADV Router Age Seq# Link ID Dest RtrID
3.3.3.3 1194 0x80000001 16843009 1.1.1.1
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
2.2.2.2 1106 0x80000002 4 Et0/0
3.3.3.3 875 0x80000003 7 Et0/0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
2.2.2.2 858 0x80000005 0 0x2001 0
2.2.2.2 859 0x80000002 1004 0x2002 4
Router Link States (Area 2)
NLI'S CCIE IPV6 LAB GUIDE
441
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 1204 0x80000007 0 1 E
3.3.3.3 877 0x8000000B 0 1 B
Net Link States (Area 2)
ADV Router Age Seq# Link ID Rtr count
3.3.3.3 877 0x80000002 8 2
Inter Area Prefix Link States (Area 2)
ADV Router Age Seq# Prefix
3.3.3.3 877 0x80000004 2001:1:12::/64
3.3.3.3 877 0x80000002 2001:1:26::/64
3.3.3.3 877 0x80000002 2001:1:6::/64
3.3.3.3 631 0x80000002 2001:1:2::/64
Inter Area Router Link States (Area 2)
ADV Router Age Seq# Link ID Dest RtrID
3.3.3.3 877 0x80000002 33686018 2.2.2.2
Link (Type-8) Link States (Area 2)
ADV Router Age Seq# Link ID Interface
1.1.1.1 796 0x80000002 4 Et1/0
3.3.3.3 879 0x80000003 8 Et1/0
Intra Area Prefix Link States (Area 2)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 796 0x80000003 0 0x2001 0
3.3.3.3 879 0x80000002 1008 0x2002 8
Type-5 AS External Link States
ADV Router Age Seq# Prefix
1.1.1.1 1191 0x80000001 2001:1:50::1/128
2.2.2.2 1109 0x80000002 2001:1:10::6/128
NLI'S CCIE IPV6 LAB GUIDE
442
-
-
-
-
router2#sh ipv6 ospf database
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 1176 0x80000008 0 1 EB
3.3.3.3 1195 0x80000007 0 1 B
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
2.2.2.2 1176 0x80000002 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 1424 0x80000002 2001:1:6::/64
2.2.2.2 1424 0x80000026 2001:1:26::/64
3.3.3.3 1195 0x80000003 2001:1:13::/64
3.3.3.3 1195 0x80000006 2001:1:1::/64
3.3.3.3 1195 0x80000006 2001:1:58::/64
3.3.3.3 1195 0x80000002 2001:1:48::/64
3.3.3.3 1195 0x80000006 2001:1:38::/64
3.3.3.3 1196 0x80000002 2001:1:32::/64
Inter Area Router Link States (Area 0)
ADV Router Age Seq# Link ID Dest RtrID
3.3.3.3 1515 0x80000001 16843009 1.1.1.1
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
2.2.2.2 1425 0x80000002 9 Lo0
2.2.2.2 1425 0x80000002 4 Fa0/0
3.3.3.3 1196 0x80000003 7 Fa0/0
NLI'S CCIE IPV6 LAB GUIDE
443
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
2.2.2.2 1177 0x80000005 0 0x2001 0
2.2.2.2 1178 0x80000002 1004 0x2002 4
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 1426 0x80000005 0 1 EB
6.6.6.6 804 0x80000294 0 1 E
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
6.6.6.6 1382 0x80000002 5 2
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
2.2.2.2 556 0x80000003 ::/0
Type-7 AS External Link States (Area 1)
ADV Router Age Seq# Prefix
2.2.2.2 599 0x80000001 ::/0
6.6.6.6 1382 0x80000025 2001:1:10::6/128
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
2.2.2.2 1426 0x80000002 5 Fa0/1
6.6.6.6 1383 0x80000249 5 Fa0/1
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
6.6.6.6 1383 0x80000280 0 0x2001 0
6.6.6.6 1383 0x80000002 1005 0x2002 5
Type-5 AS External Link States
ADV Router Age Seq# Prefix
NLI'S CCIE IPV6 LAB GUIDE
444
1.1.1.1 1511 0x80000001 2001:1:50::1/128
2.2.2.2 1428 0x80000002 2001:1:10::6/128
-
-
-
-
router6#sh ipv6 ospf database
OSPFv3 Router with ID (6.6.6.6) (Process ID 1)
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 1685 0x80000005 0 1 EB
6.6.6.6 1062 0x80000294 0 1 E
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
6.6.6.6 1640 0x80000002 5 2
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
2.2.2.2 816 0x80000003 ::/0
Type-7 AS External Link States (Area 1)
ADV Router Age Seq# Prefix
2.2.2.2 859 0x80000001 ::/0
6.6.6.6 1640 0x80000025 2001:1:10::6/128
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
6.6.6.6 1641 0x80000002 6 Lo0
2.2.2.2 1686 0x80000002 5 Fa1/0
6.6.6.6 1641 0x80000249 5 Fa1/0
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
6.6.6.6 1641 0x80000280 0 0x2001 0
6.6.6.6 1641 0x80000002 1005 0x2002 5
NLI'S CCIE IPV6 LAB GUIDE
445
router6# sh ipv6 route
IPv6 Routing Table - 8 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
OI ::/0 [110/2]
via FE80::20C:CEFF:FE49:D2D1, FastEthernet1/0
C 2001:1:6::/64 [0/0]
via ::, Loopback0
L 2001:1:6::6/128 [0/0]
via ::, Loopback0
S 2001:1:10::6/128 [1/0]
via ::, Null0
C 2001:1:26::/64 [0/0]
via ::, FastEthernet1/0
L 2001:1:26::6/128 [0/0]
via ::, FastEthernet1/0
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
NLI'S CCIE IPV6 LAB GUIDE
446
447
VLAN2
Router 1 Router 2 Router 6
Loopback0 IPv4 1.1.1.1 /32
Loopback IPv6 2001:1:1::1 /64
S2/0 2001:1:36::1 /64
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback IPv6
2001:1:36::2 /64 S1/0
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 - Loopback IPv6
2001:1:26::6 /64 Fe1/0
AREA 0
Fe0/1 2001:1:26::6 /64
AREA 1
DLCI - 101
DLCI - 110
NLI'S CCIE IPV6 LAB GUIDE
448
ANSWER
NOTE Frame-relay is classified as a Non-Broadcast media. OSPF can run in two modes
over frame-relay:
Non Broadcast Multi-Access (NBMA) OSPF simulates the frame-relay network
as a broadcast model (like just the Ethernet model). Therefore, an election for
DR and BDR is made just like in an Ethernet model. There are one of two
command used here:
o The new command - ip ospf network broadcast command
o The legacy command neighbor
Point-to-multipoint OSPF treats the frame-relay network just like a non-
broadcast network and simulates the network has a bunch of point-to-point
networks.
The following shows how to configure the fully-mesh as a NBMA (i.e. a broadcast network).
See the Frame-relay section on how to configure the frame-relay fully-mesh configuration.
Network Type
Hello Interval
(secs)
Dead Interval
(secs)
Point-to-Point 10 40
Point-to-
Multipoint
30 120
Broadcast 10 40
Non-Broadcast 30 120
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
NLI'S CCIE IPV6 LAB GUIDE
449
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ip ospf network point-to-point
ipv6 ospf 1 area 0
!
interface Serial2/0
no ip address
encapsulation frame-relay
ipv6 address 2001:1:36::1/64
ipv6 enable
ipv6 cef
ipv6 ospf network point-to-multipoint
ipv6 ospf cost 100
ipv6 ospf neighbor
FE80::20C:CEFF:FE49:D2D0 cost 100
ipv6 ospf 1 area 0
frame-relay map ipv6
FE80::20C:CEFF:FE49:D2D0 101 broadcast
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
area 0 authentication ipsec spi 300 md5
1234567890ABCDEF1234567890ABCDEF
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ip ospf network point-to-point
ipv6 ospf 1 area 0
!
interface Serial1/0
no ip address
encapsulation frame-relay
ipv6 address 2001:1:36::2/64
ipv6 enable
ipv6 cef
ipv6 ospf network point-to-multipoint
ipv6 ospf cost 100
ipv6 ospf neighbor FE80::207:50FF:FE21:A2A0
cost 100
ipv6 ospf 1 area 0
frame-relay map ipv6
FE80::207:50FF:FE21:A2A0 110 broadcast
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 ospf 1 area 1
area 0 authentication ipsec spi 300 md5
1234567890ABCDEF1234567890ABCDEF
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
NLI'S CCIE IPV6 LAB GUIDE
450
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ip ospf network point-to-point
ipv6 ospf 1 area 1
!
interface FastEthernet1/0
NLI'S CCIE IPV6 LAB GUIDE
451
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
End
NLI'S CCIE IPV6 LAB GUIDE
452
router1#sh ipv6 ospf int s2/0
Serial2/0 is up, line protocol is up
Link Local Address FE80::207:50FF:FE21:A2A0, Interface ID 6
Area 0, Process ID 1, Instance ID 0, Router ID 1.1.1.1
Network Type POINT_TO_MULTIPOINT, Cost: 100
Transmit Delay is 1 sec, State POINT_TO_MULTIPOINT,
Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5
Hello due in 00:00:10
Index 1/3/3, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 3
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 2.2.2.2, cost is 100
Suppress hello for 0 neighbor(s)
router2#sh ipv6 ospf int s1/0
Serial1/0 is up, line protocol is up
Link Local Address FE80::20C:CEFF:FE49:D2D0, Interface ID 6
Area 0, Process ID 1, Instance ID 0, Router ID 2.2.2.2
Network Type POINT_TO_MULTIPOINT, Cost: 100
Transmit Delay is 1 sec, State POINT_TO_MULTIPOINT,
Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5
Hello due in 00:00:11
Index 1/3/4, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 3, maximum is 4
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 1.1.1.1, cost is 100
Suppress hello for 0 neighbor(s)
NLI'S CCIE IPV6 LAB GUIDE
453
router1#sh ipv6 ospf neighbor s2/0 detail
Neighbor 2.2.2.2
In the area 0 via interface Serial2/0
Neighbor: interface-id 6, link-local address FE80::20C:CEFF:FE49:D2D0
Neighbor priority is 1, State is FULL, 22 state changes, Cost is 100
Options is 0x65BF205D
Dead timer due in 00:01:58
Neighbor is up for 00:20:31
Index 1/1/1, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
router2#sh ipv6 ospf neighbor s1/0 detail
Neighbor 1.1.1.1
In the area 0 via interface Serial1/0
Neighbor: interface-id 6, link-local address FE80::207:50FF:FE21:A2A0
Neighbor priority is 1, State is FULL, 23 state changes, Cost is 100
Options is 0x64FE07A9
Dead timer due in 00:01:59
Neighbor is up for 00:22:25
Index 1/1/2, retransmission queue length 0, number of retransmission 1
First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0)
Last retransmission scan length is 1, maximum is 1
Last retransmission scan time is 0 msec, maximum is 0 msec
NLI'S CCIE IPV6 LAB GUIDE
454
NLI'S CCIE IPV6 LAB GUIDE
455
router1#sh ipv6 route
IPv6 Routing Table - 11 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
C 2001:1:1::/64 [0/0]
via ::, Loopback0
L 2001:1:1::1/128 [0/0]
via ::, Loopback0
O 2001:1:2::/64 [110/101]
via FE80::20C:CEFF:FE49:D2D0, Serial2/0
OI 2001:1:6::6/128 [110/101]
via FE80::20C:CEFF:FE49:D2D0, Serial2/0
O 2001:1:12::/64 [110/101]
via FE80::20C:CEFF:FE49:D2D0, Serial2/0
OI 2001:1:26::/64 [110/101]
via FE80::20C:CEFF:FE49:D2D0, Serial2/0
C 2001:1:36::/64 [0/0]
via ::, Serial2/0
L 2001:1:36::1/128 [0/0]
via ::, Serial2/0
O 2001:1:36::2/128 [110/100]
via FE80::20C:CEFF:FE49:D2D0, Serial2/0
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
NLI'S CCIE IPV6 LAB GUIDE
456
BGPV4 SUPPORT FOR IPV6 EBGP PEERRELATIONSHIP
VLAN2
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback 0 IPv6
Fe0/1 2001:1:26::6 /64
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 Loopback 0 IPv6
2001:1:26::6 /64 Fe1/0
12. Configure your network with all IPv6 addresses as shown in the above diagram.
13. Configure an EBGP peer relationship between the two routers.
14. Ensure that all local IPv6 loopback addresses are advertised to EBGP peers
15. Configure BGP Router IDs using the IPv4 loopback address.
16. Test your configuration to ensure that the EBGP relationship is up and running and that
NLI'S CCIE IPV6 LAB GUIDE
457
ANSWER
There are 5 minimum steps that have to be configured for a BGP neighbor relationship to be
established. These steps are exactly the same for an IBGP configuration, except that the AS for
both the peers is different.
be manually configured on every router. This is usually an
IPv4 address and by default BGP uses the highest loopback IPv4 address on the router. If no IPv4
loopback is present on the router, then the highest IPv4 address of any local physical interface is
taken.
session when the command is configured. The
command is configured. It disables IPv4 unicast for BGP routing process.
- IPv6 address and the autonomous system of the EBGP
peer must be configured.
configure the same functionality as the BGP commands supported in router configuration mode;
however, the BGP commands in router configuration mode configure functionality only for the
IPv4 unicast address prefix. To configure BGP commands and functionality for other address
family prefixes (for example, the IPv4 multicast or IPv6 unicast address prefixes), you must enter
address family configuration mode for those address prefixes using
command.
for the IPv6 address family with the local router.
This command is used to advertise IPv6 networks to the peers
NLI'S CCIE IPV6 LAB GUIDE
458
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 enable
!
router bgp 2
bgp router-id 2.2.2.2
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 2001:1:26::6 remote-as 6
!
address-family ipv6
neighbor 2001:1:26::6 activate
network 2001:1:2::/64
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ipv6 unicast-routing
ipv6 cef
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
!
ip http server
no ip http secure-server
ip classless
!
router bgp 6
bgp router-id 6.6.6.6
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 2001:1:26::2 remote-as 2
!
address-family ipv6
NLI'S CCIE IPV6 LAB GUIDE
459
exit-address-family
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
End
neighbor 2001:1:26::2 activate
network 2001:1:6::/64
exit-address-family
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
router6#debug bgp ipv6
BGP debugging is on
router6#
*Mar 19 21:38:32.047 UTC: BGP: 2001:1:26::2 went from Idle to Active
*Mar 19 21:38:32.047 UTC: BGP: 2001:1:26::2 open active, delay 24756ms
router6#
*Mar 19 21:38:56.803 UTC: BGP: 2001:1:26::2 open active, local address 2001:1:26::6
*Mar 19 21:38:56.803 UTC: BGP: 2001:1:26::2 went from Active to OpenSent
*Mar 19 21:38:56.807 UTC: BGP: 2001:1:26::2 sending OPEN, version 4, my as: 6
*Mar 19 21:38:56.807 UTC: BGP: 2001:1:26::2 send message type 1, length (incl. header) 45
*Mar 19 21:38:56.811 UTC: BGP: 2001:1:26::2 rcv message type 1, length (excl. header) 26
*Mar 19 21:38:56.811 UTC: BGP: 2001:1:26::2 rcv OPEN, version 4
*Mar 19 21:38:56.811 UTC: BGP: 2001:1:26::2 rcv OPEN w/ OPTION parameter len: 16
*Mar 19 21:38:56.811 UTC: BGP: 2001:1:26::2 rcvd OPEN w/ optional parameter type
2 (Capability) len 6
*Mar 19 21:38:56.811 UTC: BGP: 2001:1:26::2 OPEN has CAPABILITY code: 1, length4
*Mar 19 21:38:56.811 UTC: BGP: 2001:1:26::2 OPEN has MP_EXT CAP for afi/safi: 2/1
*Mar 19 21:38:56.811 UTC: BGP: 2001:1:26::2 rcvd OPEN w/ optional parameter type
2 (Capability) len 2
NLI'S CCIE IPV6 LAB GUIDE
460
*Mar 19 21:38:56.811 UTC: BGP: 2001:1:26::2 OPEN has CAPABIrouter6#LITY code: 128, length 0
*Mar 19 21:38:56.811 UTC: BGP: 2001:1:26::2 OPEN has ROUTE-REFRESH capability(ol
d) for all address-families
*Mar 19 21:38:56.811 UTC: BGP: 2001:1:26::2 rcvd OPEN w/ optional parameter type
2 (Capability) len 2
*Mar 19 21:38:56.811 UTC: BGP: 2001:1:26::2 OPEN has CAPABILITY code: 2, length0
*Mar 19 21:38:56.811 UTC: BGP: 2001:1:26::2 OPEN has ROUTE-REFRESH capability(ne
w) for all address-families
*Mar 19 21:38:56.811 UTC: BGP: 2001:1:26::2 went from OpenSent to OpenConfirm
*Mar 19 21:38:56.811 UTC: BGP: 2001:1:26::2 went from OpenConfirm to Established
*Mar 19 21:38:56.811 UTC: %BGP-5-ADJCHANGE: neighbor 2001:1:26::2 Up
router2#sh bgp ipv6 unicast summary
BGP router identifier 2.2.2.2, local AS number 2
BGP table version is 5, main routing table version 5
2 network entries using 290 bytes of memory
2 path entries using 144 bytes of memory
3/2 BGP path/bestpath attribute entries using 348 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 806 total bytes of memory
BGP activity 3/1 prefixes, 3/1 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2001:1:26::6 4 6 16 16 5 0 0 00:06:05 1
router6#sh bgp ipv6 summary
BGP router identifier 6.6.6.6, local AS number 6
BGP table version is 3, main routing table version 3
2 network entries using 266 bytes of memory
2 path entries using 144 bytes of memory
2 BGP path attribute entries using 120 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 554 total bytes of memory
BGP activity 4/2 prefixes, 4/2 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
NLI'S CCIE IPV6 LAB GUIDE
461
2001:1:26::2 4 2 17 17 3 0 0 00:07:00 1
router6# sh bgp ipv6 nei
BGP neighbor is 2001:1:26::2, remote AS 2, external link
BGP version 4, remote router ID 2.2.2.2
BGP state = Established, up for 00:00:07
Last read 00:00:06, hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
Route refresh: advertised and received(old & new)
Address family IPv6 Unicast: advertised and received
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 1 1
Notifications: 0 0
Updates: 1 1
Keepalives: 3 3
Route Refresh: 0 0
Total: 5 5
Default minimum time between advertisement runs is 30 seconds
For address family: IPv6 Unicast
BGP table version 7, neighbor version 7
Index 1, Offset 0, Mask 0x2
Sent Rcvd
Prefix activity: ---- ----
Prefixes Current: 1 1 (Consumes 72 bytes)
Prefixes Total: 1 1
Implicit Withdraw: 0 0
Explicit Withdraw: 0 0
Used as bestpath: n/a 1
Used as multipath: n/a 0
Outbound Inbound
Local Policy Denied Prefixes: -------- -------
Bestpath from this peer: 1 n/a
Total: 1 0
Number of NLRIs in the update sent: max 1, min 0
Connections established 1; dropped 0
Last reset never
Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Local host: 2001:1:26::6, Local port: 11005
Foreign host: 2001:1:26::2, Foreign port: 179
Enqueued packets for retransmit: 0, input: 0 mis-ordered: 0 (0 bytes)
NLI'S CCIE IPV6 LAB GUIDE
462
Event Timers (current time is 0x617ACF98):
Timer Starts Wakeups Next
Retrans 5 0 0x0
TimeWait 0 0 0x0
AckHold 3 1 0x0
SendWnd 0 0 0x0
KeepAlive 0 0 0x0
GiveUp 0 0 0x0
PmtuAger 0 0 0x0
DeadWait 0 0 0x0
iss: 4043983648 snduna: 4043983841 sndnxt: 4043983841 sndwnd: 16192
irs: 1270398823 rcvnxt: 1270399016 rcvwnd: 16192 delrcvwnd: 192
SRTT: 146 ms, RTTO: 1283 ms, RTV: 1137 ms, KRTT: 0 ms
minRTT: 0 ms, maxRTT: 300 ms, ACK hold: 200 ms
Flags: higher precedence, nagle
Datagrams (max data segment is 1440 bytes):
Rcvd: 8 (out of order: 0), with data: 5, total data bytes: 192
Sent: 7 (retransmit: 0, fastretransmit: 0), with data: 7, total data bytes: 480
NLI'S CCIE IPV6 LAB GUIDE
463
NLI'S CCIE IPV6 LAB GUIDE
464
NLI'S CCIE IPV6 LAB GUIDE
465
BGPV4 SUPPORT FOR IPV6 EBGP PEERRELATIONSHIP USING LOCAL-LINK ADDRESSES
VLAN2
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback 0 IPv6
Fe0/1 2001:1:26::6 /64
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 Loopback 0 IPv6
2001:1:26::6 /64 Fe1/0
1. Configure your network with all IPv6 addresses as shown in the above diagram.
2. Configure an EBGP peer relationship between the two routers using the link-local
3. Ensure that all local IPv6 loopback addresses are advertised to EBGP peers
4. Configure BGP Router IDs using the IPv4 loopback address.
5. Test your configuration to ensure that the EBGP relationship is up and running and that
NLI'S CCIE IPV6 LAB GUIDE
466
ANSWER
In order to use the link-local address the following steps have to be complied with:
- Instead of using the IPv6 address, configure the link-local
address of the EBGP peer.
BGP, you specify the local physical interface through which the neighbor relationship will be
established.
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
!
interface FastEthernet0/1
no ip address
duplex auto
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ipv6 unicast-routing
ipv6 cef
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
NLI'S CCIE IPV6 LAB GUIDE
467
speed auto
ipv6 address 2001:1:26::2/64
ipv6 enable
!
router bgp 2
bgp router-id 2.2.2.2
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor FE80::206:D7FF:FE75:9790 remote-as
6
neighbor FE80::206:D7FF:FE75:9790 update-
source FastEthernet0/1
!
address-family ipv6
neighbor FE80::206:D7FF:FE75:9790 activate
network 2001:1:2::/64
exit-address-family
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
End
ipv6 enable
!
ip http server
no ip http secure-server
ip classless
!
router bgp 6
bgp router-id 6.6.6.6
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor FE80::20C:CEFF:FE49:D2D1 remote-
as 2
neighbor FE80::20C:CEFF:FE49:D2D1 update-
source FastEthernet1/0
!
address-family ipv6
neighbor FE80::20C:CEFF:FE49:D2D1 activate
network 2001:1:6::/64
exit-address-family
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
router6#
*Mar 19 22:01:33.223 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 went from Idle to Active
*Mar 19 22:01:33.223 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 open active, delay 27856ms
NLI'S CCIE IPV6 LAB GUIDE
468
router6#
*Mar 19 22:01:53.459 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 passive open
*Mar 19 22:01:53.459 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 went from Active to Idle
*Mar 19 22:01:53.459 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 went from Idle to Connect
*Mar 19 22:01:53.459 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 rcv message type 1, leng
th (excl. header) 26
*Mar 19 22:01:53.459 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 rcv OPEN, version 4
*Mar 19 22:01:53.459 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 went from Connect to OpenSent
*Mar 19 22:01:53.459 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 sending OPEN, version 4, my as: 6
*Mar 19 22:01:53.463 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 rcv OPEN w/ OPTION param
eter len: 16
*Mar 19 22:01:53.463 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 rcvd OPEN w/ optional pa
rameter type 2 (Capability) len 6
*Mar 19 22:01:53.463 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 OPEN has CAPABILITY code
: 1, length 4
*Mar 19 22:01:53.463 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 OPEN has MP_EXT CAP for
afi/safi: 2/1
*Mar 19 22:01:53.463 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 rcvd OPEN w/ optional
parameter type 2 (Capability) len 2
*Mar 19 22:01:53.463 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 OPEN has CAPABILITY code
: 128, length 0
*Mar 19 22:01:53.463 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 OPEN has ROUTE-REFRESH c
apability(old) for all address-families
*Mar 19 22:01:53.463 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 rcvd OPEN w/ optional pa
rameter type 2 (Capability) len 2
*Mar 19 22:01:53.463 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 OPEN has CAPABILITY code
: 2, length 0
*Mar 19 22:01:53.463 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 OPEN has ROUTE-REFRESH c
apability(new) for all address-families
*Mar 19 22:01:53.463 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 went from OpenSent to
OpenConfirm
*Mar 19 22:01:53.463 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 send message type 1, len
gth (incl. header) 45
*Mar 19 22:01:53.467 UTC: BGP: FE80::20C:CEFF:FE49:D2D1 went from OpenConfirm to
Established
*Mar 19 22:01:53.467 UTC: %BGP-5-ADJCHANGE: neighbor FE80::20C:CEFF:FE49:D2D1 Up
NLI'S CCIE IPV6 LAB GUIDE
469
router2#sh bgp ipv6 unicast
BGP table version is 2, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 2001:1:2::/64 :: 0 32768 i
*> 2001:1:6::/64 FE80::206:D7FF:FE75:9790
0 0 2 i
NLI'S CCIE IPV6 LAB GUIDE
470
NLI'S CCIE IPV6 LAB GUIDE
471
472
NLI'S CCIE IPV6 LAB GUIDE
473
ANSWER
There are 5 minimum steps that have to be configured for a BGP neighbor relationship to be
established. These steps are exactly the same for an EBGP configuration, except that the AS for
both the peers are the same.
be manually configured on every router. This is usually an
IPv4 address and by default BGP uses the highest loopback IPv4 address on the router. If no IPv4
loopback is present on the router, then the highest IPv4 address of any local physical interface is
taken.
session when the command is configured. The
command is configured. It disables IPv4 unicast for BGP routing process.
- IPv6 address and the autonomous system of the EBGP
peer must be configured.
for the IPv6 address family with the local router.
This command is used to advertise IPv6 networks to the peers
NLI'S CCIE IPV6 LAB GUIDE
474
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
!
interface Serial1/0
no ip address
encapsulation frame-relay
ipv6 address 2001:1:26::2/64
ipv6 enable
ipv6 cef
frame-relay map ipv6 2001:1:26::6 112
!
router bgp 26
bgp router-id 2.2.2.2
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 2001:1:26::6 remote-as 26
!
address-family ipv6
neighbor 2001:1:26::6 activate
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ipv6 unicast-routing
ipv6 cef
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
!
interface Serial0/0
no ip address
duplex auto
speed auto
encapsulation frame-relay
ipv6 address 2001:1:26::6/64
frame-relay map ipv6 2001:1:26::2 121
ipv6 enable
!
ip http server
no ip http secure-server
ip classless
!
router bgp 26
bgp router-id 6.6.6.6
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 2001:1:26::2 remote-as 26
NLI'S CCIE IPV6 LAB GUIDE
475
network 2001:1:2::/64
exit-address-family
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
End
!
address-family ipv6
neighbor 2001:1:26::2 activate
network 2001:1:6::/64
exit-address-family
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
router6#debug bgp ipv6
BGP debugging is on
router6#
*Mar 20 08:01:56.688 UTC: BGP: 2001:1:26::2 went from Idle to Active
*Mar 20 08:01:56.688 UTC: BGP: 2001:1:26::2 open active, delay 6337ms
router6#
*Mar 20 08:02:03.028 UTC: BGP: 2001:1:26::2 open active, local address 2001:1:26
::6
*Mar 20 08:02:03.068 UTC: BGP: 2001:1:26::2 went from Active to OpenSent
*Mar 20 08:02:03.068 UTC: BGP: 2001:1:26::2 sending OPEN, version 4, my as: 26
*Mar 20 08:02:03.068 UTC: BGP: 2001:1:26::2 send message type 1, length (incl. header) 45
*Mar 20 08:02:03.140 UTC: BGP: 2001:1:26::2 rcv message type 1, length (excl. header) 26
*Mar 20 08:02:03.140 UTC: BGP: 2001:1:26::2 rcv OPEN, version 4
*Mar 20 08:02:03.140 UTC: BGP: 2001:1:26::2 rcv OPEN w/ OPTION parameter len: 16
*Mar 20 08:02:03.140 UTC: BGP: 2001:1:26::2 rcvd OPEN w/ optional parameter type
2 (Capability) len 6
*Mar 20 08:02:03.140 UTC: BGP: 2001:1:26::2 OPEN has CAPABILITY code: 1, length4
*Mar 20 08:02:03.140 UTC: BGP: 2001:1:26::2 OPEN has MP_EXT CAP for afi/safi: 2/1
NLI'S CCIE IPV6 LAB GUIDE
476
*Mar 20 08:02:03.140 UTC: BGP: 2001:1:26::2 rcvd OPEN w/ optional parameter type
2 (Capability) len 2
*Mar 20 08:02:03.140 UTC: BGP: 2001:1:26::2 OPEN has CAPABrouter6#ILITY code: 128, length 0
*Mar 20 08:02:03.140 UTC: BGP: 2001:1:26::2 OPEN has ROUTE-REFRESH capability(ol
d) for all address-families
*Mar 20 08:02:03.140 UTC: BGP: 2001:1:26::2 rcvd OPEN w/ optional parameter type
2 (Capability) len 2
*Mar 20 08:02:03.140 UTC: BGP: 2001:1:26::2 OPEN has CAPABILITY code: 2, length0
*Mar 20 08:02:03.140 UTC: BGP: 2001:1:26::2 OPEN has ROUTE-REFRESH capability(ne
w) for all address-families
*Mar 20 08:02:03.140 UTC: BGP: 2001:1:26::2 went from OpenSent to OpenConfirm
*Mar 20 08:02:03.148 UTC: BGP: 2001:1:26::2 went from OpenConfirm to Established
*Mar 20 08:02:03.152 UTC: %BGP-5-ADJCHANGE: neighbor 2001:1:26::2 Up
NLI'S CCIE IPV6 LAB GUIDE
477
NLI'S CCIE IPV6 LAB GUIDE
478
479
480
NOTE - The origin attribute provides information about the origin of the route. The origin of a
route can be one of three values:
IGPThe route is interior to the originating AS. This value is set when the network
router configuration command is used to inject the route into BGP. The IGP origin
type is represented by the letter i in the output of the show ip bgp EXEC
command.
EGPThe route is learned via the Exterior Gateway Protocol (EGP). The EGP origin
type is represented by the letter e in the output of the show ip bgp EXEC
command.
IncompleteThe origin of the route is unknown or learned in some other way. An
origin of Incomplete occurs when a route is redistributed into BGP. The Incomplete
origin type is represented by the ? symbol in the output of the show ip bgp EXEC
command.
The ORGIN attribute is set in the UPDATE message. This is shown below:
UPDATE Message
PATH attributes
1. ORIGIN Incomplete ?
2. AS_PATH -21994
3. NEXT_HOP- 137.1.200.1
NLRI 137.1.1.0 /24.
Unfeasible Route
Length
0
Withdrawn Routes 0
UPDATE Message
PATH attributes
1. ORIGIN IGP i
2. AS_PATH - 714
3. NEXT_HOP- 137.1.200.2
NLRI 137.1.23.0 /24
Unfeasible Route
Length
0
Withdrawn Routes 0
UPDATE Message
PATH attributes
1. ORIGIN IGP i
2. AS_PATH - 714
3. NEXT_HOP- 137.1.200.3
NLRI 137.1.23.0 /24
Unfeasible Route
Length
0
Withdrawn Routes 0
NLI'S CCIE IPV6 LAB GUIDE
481
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
!
interface Loopback1
no ip address
ipv6 address 2001:1:50::2/64
ipv6 enable
!
interface Serial1/0
no ip address
encapsulation frame-relay
ipv6 address 2001:1:26::2/64
ipv6 enable
ipv6 cef
frame-relay map ipv6 2001:1:26::6 112
!
router bgp 26
bgp router-id 2.2.2.2
no bgp default ipv4-unicast
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ipv6 unicast-routing
ipv6 cef
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
!
interface Serial0/0
no ip address
duplex auto
speed auto
encapsulation frame-relay
ipv6 address 2001:1:26::6/64
frame-relay map ipv6 2001:1:26::2 121
ipv6 enable
!
ip http server
no ip http secure-server
ip classless
!
router bgp 26
bgp router-id 6.6.6.6
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 2001:1:26::2 remote-as 26
NLI'S CCIE IPV6 LAB GUIDE
482
bgp log-neighbor-changes
neighbor 2001:1:26::6 remote-as 26
!
address-family ipv6
neighbor 2001:1:26::6 activate
redistribute connected metric 30 route-map
loopback1_int
exit-address-family
!
ipv6 prefix-list loopback1_int_prefix seq 5
permit 2001:1:50::/64
route-map loopback1_int permit 10
match ipv6 address prefix-list
loopback1_int_prefix
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
End
!
address-family ipv6
neighbor 2001:1:26::2 activate
network 2001:1:6::/64
redistribute static
exit-address-family
!
ipv6 route 2001:1:60::/64 Null0
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
NLI'S CCIE IPV6 LAB GUIDE
483
NLI'S CCIE IPV6 LAB GUIDE
484
485
NLI'S CCIE IPV6 LAB GUIDE
486
ANSWER
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
!
interface Serial1/0
no ip address
encapsulation frame-relay
ipv6 address 2001:1:26::2/64
ipv6 enable
ipv6 cef
frame-relay map ipv6 2001:1:26::6 112
!
router bgp 26
bgp router-id 2.2.2.2
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 2001:1:26::6 remote-as 26
neighbor 2001:1:236::3 remote-as 3
no auto-summary
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ipv6 unicast-routing
ipv6 cef
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:236::6/64
ipv6 enable
!
interface Serial0/0
no ip address
duplex auto
speed auto
encapsulation frame-relay
ipv6 address 2001:1:26::6/64
frame-relay map ipv6 2001:1:26::2 121
ipv6 enable
!
ip http server
NLI'S CCIE IPV6 LAB GUIDE
487
!
address-family ipv6
neighbor 2001:1:26::6 activate
neighbor 2001:1:26::6 soft-reconfiguration inbound
neighbor 2001:1:236::3 activate
neighbor 2001:1:236::3 soft-reconfiguration
inbound
network 2001:1:2::2/64
no synchronization
exit-address-family
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
End
no ip http secure-server
ip classless
!
router bgp 26
synchronization
bgp router-id 6.6.6.6
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 2001:1:26::2 remote-as 26
neighbor 2001:1:236::3 remote-as 3
no auto-summary
!
address-family ipv6
neighbor 2001:1:26::2 activate
neighbor 2001:1:26::2 soft-reconfiguration inbound
neighbor 2001:1:236::3 activate
neighbor 2001:1:236::3 soft-reconfiguration
inbound
network 2001:1:6::/64
no synchronization
exit-address-family
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
NLI'S CCIE IPV6 LAB GUIDE
488
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router3
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip multicast-routing
ipv6 unicast-routing
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
ipv6 address 2001:1:3::3/64
ipv6 enable
!
interface Ethernet0/0
no ip address
half-duplex
ipv6 address 2001:1:236::3/64
ipv6 enable
!
router bgp 3
bgp router-id 3.3.3.3
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor EBGP_Peer peer-group
neighbor EBGP_Peer remote-as 26
neighbor EBGP_Peer description <<<Peer to Router 2 and Router 6>>>
neighbor 2001:1:236::2 peer-group EBGP_Peer
neighbor 2001:1:236::6 peer-group EBGP_Peer
!
address-family ipv6
neighbor EBGP_Peer activate
neighbor EBGP_Peer soft-reconfiguration inbound
neighbor 2001:1:236::2 peer-group EBGP_Peer
neighbor 2001:1:236::6 peer-group EBGP_Peer
network 2001:1:3::3/64
no synchronization
exit-address-family
NLI'S CCIE IPV6 LAB GUIDE
489
!
ip http server
ip classless
!
line con 0
exec-timeout 60 0
logging synchronous
line aux 0
exec-timeout 60 0
logging synchronous
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
end
NLI'S CCIE IPV6 LAB GUIDE
490
NLI'S CCIE IPV6 LAB GUIDE
491
NLI'S CCIE IPV6 LAB GUIDE
492
493
NLI'S CCIE IPV6 LAB GUIDE
494
8. Test your configuration to ensure that Router 2 and Router 6 are receiving and are able to
NLI'S CCIE IPV6 LAB GUIDE
495
ANSWER
The attribute is used to prefer an exit point from the local autonomous system
(AS). Unlike the weight attribute, the local preference attribute is propagated throughout the local
AS. If there are multiple exit points from the AS, the local preference attribute is used to select the
exit point for a specific route. The router with the local preference will be used as the
default exit point from the local AS.
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
!
interface Serial1/0
no ip address
encapsulation frame-relay
ipv6 address 2001:1:26::2/64
ipv6 enable
ipv6 cef
frame-relay map ipv6 2001:1:26::6 112
!
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ipv6 unicast-routing
ipv6 cef
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:236::6/64
ipv6 enable
!
interface Serial0/0
no ip address
duplex auto
NLI'S CCIE IPV6 LAB GUIDE
496
router bgp 26
bgp router-id 2.2.2.2
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 2001:1:26::6 remote-as 26
neighbor 2001:1:236::3 remote-as 3
no auto-summary
!
address-family ipv6
neighbor 2001:1:26::6 activate
neighbor 2001:1:26::6 soft-reconfiguration inbound
neighbor 2001:1:236::3 activate
neighbor 2001:1:236::3 soft-reconfiguration inbound
network 2001:1:2::2/64
no synchronization
exit-address-family
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
End
speed auto
encapsulation frame-relay
ipv6 address 2001:1:26::6/64
frame-relay map ipv6 2001:1:26::2 121
ipv6 enable
!
ip http server
no ip http secure-server
ip classless
!
router bgp 26
synchronization
bgp router-id 6.6.6.6
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 2001:1:26::2 remote-as 26
neighbor 2001:1:236::3 remote-as 3
bgp default local-preference 150
no auto-summary
!
address-family ipv6
neighbor 2001:1:26::2 activate
neighbor 2001:1:26::2 soft-reconfiguration inbound
neighbor 2001:1:236::3 activate
neighbor 2001:1:236::3 soft-reconfiguration inbound
network 2001:1:6::/64
no synchronization
exit-address-family
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
NLI'S CCIE IPV6 LAB GUIDE
497
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router3
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip multicast-routing
ipv6 unicast-routing
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
ipv6 address 2001:1:3::3/64
ipv6 enable
!
interface Ethernet0/0
no ip address
half-duplex
ipv6 address 2001:1:236::3/64
ipv6 enable
!
router bgp 3
bgp router-id 3.3.3.3
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor EBGP_Peer peer-group
neighbor EBGP_Peer remote-as 26
neighbor EBGP_Peer description <<<Peer to Router 2 and Router 6>>>
neighbor 2001:1:236::2 peer-group EBGP_Peer
neighbor 2001:1:236::6 peer-group EBGP_Peer
!
address-family ipv6
neighbor EBGP_Peer activate
neighbor EBGP_Peer soft-reconfiguration inbound
neighbor 2001:1:236::2 peer-group EBGP_Peer
neighbor 2001:1:236::6 peer-group EBGP_Peer
network 2001:1:3::3/64
no synchronization
exit-address-family
NLI'S CCIE IPV6 LAB GUIDE
498
!
ip http server
ip classless
!
line con 0
exec-timeout 60 0
logging synchronous
line aux 0
exec-timeout 60 0
logging synchronous
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
end
NLI'S CCIE IPV6 LAB GUIDE
499
NLI'S CCIE IPV6 LAB GUIDE
500
NLI'S CCIE IPV6 LAB GUIDE
501
502
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback 0 IPv6
S1/0 2001:1:26::6 /64
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 Loopback 0 IPv6
2001:1:26::6 /64 S0/0
VLAN 236
3.3.3.3 /32 - Loopback0 IPv4
2001:1:3::3 /64 - Loopback 0 IPv6
E0/0 2001:1:236::3 /64
F0/0 2001:1:236::3 /64
F1/0 2001:1:236::6 /64
NLI'S CCIE IPV6 LAB GUIDE
503
ANSWER
is a Cisco-defined attribute that is local to a router. The weight attribute is not advertised
to neighboring routers. If the router learns about more than one route to the same destination, the
route with the highest weight will be preferred
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
!
interface Serial1/0
no ip address
encapsulation frame-relay
ipv6 address 2001:1:26::2/64
ipv6 enable
ipv6 cef
frame-relay map ipv6 2001:1:26::6 112
!
router bgp 26
bgp router-id 2.2.2.2
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ipv6 unicast-routing
ipv6 cef
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:236::6/64
ipv6 enable
!
interface Serial0/0
no ip address
duplex auto
speed auto
encapsulation frame-relay
NLI'S CCIE IPV6 LAB GUIDE
504
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 2001:1:26::6 remote-as 26
neighbor 2001:1:236::3 remote-as 3
no auto-summary
!
address-family ipv6
neighbor 2001:1:26::6 activate
neighbor 2001:1:26::6 soft-reconfiguration inbound
neighbor 2001:1:236::3 activate
neighbor 2001:1:236::3 soft-reconfiguration inbound
network 2001:1:2::2/64
no synchronization
exit-address-family
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
End
ipv6 address 2001:1:26::6/64
frame-relay map ipv6 2001:1:26::2 121
ipv6 enable
!
ip http server
no ip http secure-server
ip classless
!
router bgp 26
synchronization
bgp router-id 6.6.6.6
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 2001:1:26::2 remote-as 26
neighbor 2001:1:236::3 remote-as 3
no auto-summary
!
address-family ipv6
neighbor 2001:1:26::2 activate
neighbor 2001:1:26::2 soft-reconfiguration inbound
neighbor 2001:1:236::3 activate
neighbor 2001:1:236::3 soft-reconfiguration inbound
network 2001:1:6::/64
no synchronization
exit-address-family
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
NLI'S CCIE IPV6 LAB GUIDE
505
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router3
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip multicast-routing
ipv6 unicast-routing
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
ipv6 address 2001:1:3::3/64
ipv6 enable
!
interface Ethernet0/0
no ip address
half-duplex
ipv6 address 2001:1:236::3/64
ipv6 enable
!
router bgp 3
bgp router-id 3.3.3.3
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor EBGP_Peer peer-group
neighbor EBGP_Peer remote-as 26
neighbor EBGP_Peer description <<<Peer to Router 2 and Router 6>>>
neighbor 2001:1:236::2 peer-group EBGP_Peer
neighbor 2001:1:236::6 peer-group EBGP_Peer
!
address-family ipv6
neighbor EBGP_Peer activate
neighbor EBGP_Peer next-hop-self
neighbor EBGP_Peer soft-reconfiguration inbound
neighbor 2001:1:236::2 peer-group EBGP_Peer
neighbor 2001:1:236::6 peer-group EBGP_Peer
neighbor 2001:1:236::6 weight 50
network 2001:1:3::3/64
NLI'S CCIE IPV6 LAB GUIDE
506
no synchronization
exit-address-family
!
ip http server
ip classless
!
line con 0
exec-timeout 60 0
logging synchronous
line aux 0
exec-timeout 60 0
logging synchronous
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
end
NLI'S CCIE IPV6 LAB GUIDE
507
!The following shows that Router3 take
address
508
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback 0 IPv6
S1/0 2001:1:26::6 /64
6.6.6.6 /32 - Loopback0 IPv4
2001:1:6::6 /64 Loopback 0 IPv6
2001:1:26::6 /64 S0/0
VLAN 236
3.3.3.3 /32 - Loopback0 IPv4
2001:1:3::3 /64 - Loopback 0 IPv6
E0/0 2001:1:236::3 /64
F0/0 2001:1:236::3 /64
F1/0 2001:1:236::6 /64
NLI'S CCIE IPV6 LAB GUIDE
509
ANSWER
If there is more than one equal cost path to reach a prefix, by default BGP will only install the best
route in the routing table. In order to install more than one path from the BGP database into the
is used.
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
!
interface Serial1/0
no ip address
encapsulation frame-relay
ipv6 address 2001:1:26::2/64
ipv6 enable
ipv6 cef
frame-relay map ipv6 2001:1:26::6 112
!
router bgp 26
bgp router-id 2.2.2.2
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ipv6 unicast-routing
ipv6 cef
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:236::6/64
ipv6 enable
!
interface Serial0/0
no ip address
duplex auto
speed auto
encapsulation frame-relay
NLI'S CCIE IPV6 LAB GUIDE
510
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 2001:1:26::6 remote-as 26
neighbor 2001:1:236::3 remote-as 3
no auto-summary
!
address-family ipv6
neighbor 2001:1:26::6 activate
neighbor 2001:1:26::6 soft -reconfiguration inbound
neighbor 2001:1:236::3 activate
neighbor 2001:1:236::3 soft-reconfiguration inbound
network 2001:1:2::2/64
no synchronization
exit-address-family
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
End
ipv6 address 2001:1:26::6/64
frame-relay map ipv6 2001:1:26::2 121
ipv6 enable
!
ip http server
no ip http secure-server
ip classless
!
router bgp 26
synchronization
bgp router-id 6.6.6.6
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 2001:1:26::2 remote-as 26
neighbor 2001:1:236::3 remote-as 3
no auto-summary
!
address-family ipv6
neighbor 2001:1:26::2 activate
neighbor 2001:1:26::2 soft-reconfiguration inbound
neighbor 2001:1:236::3 activate
neighbor 2001:1:236::3 soft-reconfiguration inbound
network 2001:1:6::/64
no synchronization
exit-address-family
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
NLI'S CCIE IPV6 LAB GUIDE
511
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router3
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip multicast-routing
ipv6 unicast-routing
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
ipv6 address 2001:1:3::3/64
ipv6 enable
!
interface Ethernet0/0
no ip address
half-duplex
ipv6 address 2001:1:236::3/64
ipv6 enable
!
router bgp 3
bgp router-id 3.3.3.3
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor EBGP_Peer peer-group
neighbor EBGP_Peer remote-as 26
neighbor EBGP_Peer description <<<Peer to Router 2 and Router 6>>>
neighbor 2001:1:236::2 peer-group EBGP_Peer
neighbor 2001:1:236::6 peer-group EBGP_Peer
!
address-family ipv6
neighbor EBGP_Peer activate
neighbor EBGP_Peer next-hop-self
neighbor EBGP_Peer soft-reconfiguration inbound
neighbor 2001:1:236::2 peer-group EBGP_Peer
neighbor 2001:1:236::6 peer-group EBGP_Peer
maximum-paths 2
network 2001:1:3::3/64
NLI'S CCIE IPV6 LAB GUIDE
512
no synchronization
exit-address-family
!
ip http server
ip classless
!
line con 0
exec-timeout 60 0
logging synchronous
line aux 0
exec-timeout 60 0
logging synchronous
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
end
NLI'S CCIE IPV6 LAB GUIDE
513
514
Router 2
Router 6
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback 0 IPv6
S1/0 2001:1:26::6 /64
6.6.6.6 /32 Loopback 0 IPv4
2001:1:6::6 /64 Loopback 0 IPv6
2001:1:26::6 /64 S0/0
AS 236
2.2.2.2 /32 - Loopback0 IPv4
2001:1:2::2 /64 - Loopback 0 IPv6
S1/0 2001:1:26::6 /64
6.6.6.6 /32 Loopback 0 IPv4
2001:1:6::6 /64 Loopback 0 IPv6
2001:1:26::6 /64 S0/0
VLAN 236
Router 3
3.3.3.3 /32 Loopback 0 IPv4
2001:1:3::3 /64 - Loopback 0 IPv6
E1/0 2001:1:236::3 /64
AS 1
F0/0 2001:1:236::6 /64
Router 1
E0/0 2001:1:23::3 /64
F0/0 2001:1:23::2 /64
3.3.3.3 /32 Loopback 0 IPv4
2001:1:3::3 /64 - Loopback 0 IPv6
F0/0 2001:1:236::1 /64
Area 0
NLI'S CCIE IPV6 LAB GUIDE
515
c. Ensure that all peers are using loopback 0 to establish their BGP peering
relationship.
d. Ensure that Router3 advertises prefix 2001:1:236::/64 to router 2, so that Router2
has two equal cost paths to reach that prefix only and installs both routes in the
local routing table only.
a. Configure an EBGP relationship between Routers 1 and Router 6
b. Configure an EBGP relationship between Router 1 and Router 3
c. Ensure that when traffic leaves AS26 it exists via Router6
d. Ensure that when traffic exits AS1 from Router1, it enters via Router3
a. Ensure synchronization is turned off.
b. Ensure auto-summary is turned off
c. Ensure all loopbacks addresses are advertised to each of the BGP neighbors.
6. Test your configuration by ensuring:
a. Traffic leaving AS1 traverses Router3 first
b. Traffic leaving AS26 exits Router6
c. Router2 has 2 routes in its routing tablefor 2001:236::/64 subnet and uses both
Router3 and Router6 to reach this prefix
d. The OSPF cost between router2 and router6 is 100.
e. Router1 is able to ping the loopback address of each router in AS26
f.
prefix
g.
prefix, even though it is directly attached to Router1.
NLI'S CCIE IPV6 LAB GUIDE
516
ANSWER
When this feature is enabled, routes learned from directly connected external neighbor (eBGP) are
propagated through the internal BGP (iBGP) network with the bandwidth of the source external
link.. This feature is enabled by entering the .
The bandwidth value of the external links is propagated to the big peers using an
. When the big peer receives this information and if there is more than one
equal cost path for load balancing (i.e. if the weight, local-prt, as-path length, Multi Exit
Discriminator (MED), and Interior Gateway Protocol (IGP) costs are the same), then big will sent
traffic proportionally to the bandwidth of the link. Need to ensure that the iBGP peer has
ibgp configured on it also.
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
ip cef
!
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernet0/0
no ip address
speed 100
full-duplex
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
ip cef
!
ipv6 unicast-routing
ipv6 cef
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:236::6/64
NLI'S CCIE IPV6 LAB GUIDE
517
ipv6 address 2001:1:23::2/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface Serial1/0
no ip address
encapsulation frame-relay
ipv6 address 2001:1:26::2/64
ipv6 enable
ipv6 cef
ipv6 ospf network point-to-multipoint
ipv6 ospf cost 100
ipv6 ospf 1 area 0
frame-relay map ipv6
FE80::206:D7FF:FE75:9781 112 broadcast
!
!Always build an IBGP full mesh configuration
!Use loopback 0, the reachability of this address
is guaranteed via OSPF
!Use maximum-paths ibgp 2 to install two equal
cost paths from the BGP database into the
routing table
router bgp 26
bgp router-id 2.2.2.2
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 2001:1:3::3 remote-as 26
neighbor 2001:1:3::3 update-source Loopback0
neighbor 2001:1:6::6 remote-as 26
neighbor 2001:1:6::6 update-source Loopback0
!
address-family ipv6
neighbor 2001:1:3::3 activate
neighbor 2001:1:3::3 soft-reconfiguration inbound
neighbor 2001:1:6::6 activate
neighbor 2001:1:6::6 soft-reconfiguration inbound
network 2001:1:2::2/64
no synchronization
maximum-paths ibgp 2
exit-address-family
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
ipv6 enable
!
interface Serial0/0
no ip address
encapsulation frame-relay
ipv6 address 2001:1:26::6/64
ipv6 ospf network point-to-multipoint
ipv6 ospf cost 100
ipv6 ospf 1 area 0
frame-relay map ipv6
FE80::20C:CEFF:FE49:D2D0 121 broadcast
!
ip http server
no ip http secure-server
ip classless
!
!Always build an IBGP full mesh configuration
! !Use loopback 0, the reachability of this
address is guaranteed via OSPF
!Use next-hop-self as there are two entry points
from AS26, to advertise to Router2 the next hop
routers to reach AS1
!Use local preference to ensure traffic exits
AS26 via router6
!Ensure all subnets not advertised via OSPF are
advertised using BGP, otherwise Router2 would
not be able to reach it
router bgp 26
no synchronization
bgp router-id 6.6.6.6
no bgp default ipv4-unicast
bgp default local-preference 150
bgp log-neighbor-changes
neighbor 2001:1:2::2 remote-as 26
neighbor 2001:1:2::2 update-source Loopback0
neighbor 2001:1:3::3 remote-as 26
neighbor 2001:1:3::3 update-source Loopback0
neighbor 2001:1:236::1 remote-as 1
no auto-summary
!
address-family ipv6
neighbor 2001:1:2::2 activate
neighbor 2001:1:2::2 next-hop-self
neighbor 2001:1:2::2 soft-reconfiguration inbound
neighbor 2001:1:3::3 activate
neighbor 2001:1:3::3 next-hop-self
neighbor 2001:1:3::3 soft-reconfiguration inbound
neighbor 2001:1:236::1 activate
NLI'S CCIE IPV6 LAB GUIDE
518
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
End
neighbor 2001:1:236::1 soft-reconfiguration inbound
network 2001:1:6::6/64
network 2001:1:26::6/64
network 2001:1:236::/64
no synchronization
exit-address-family
!
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
!
ip cef
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
!
interface FastEthernet0/0
no ip address
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
hostname router3
ip cef
ip multicast-routing
ipv6 unicast-routing
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
ipv6 address 2001:1:3::3/64
ipv6 enable
ipv6 ospf 1 area 0
!
interface Ethernet0/0
no ip address
NLI'S CCIE IPV6 LAB GUIDE
519
ipv6 address 2001:1:236::1/64
ipv6 enable
ipv6 cef
!
!Build BGP adjacency to both routers in AS26
!Use weight to ensure all local traffic leaving
AS1 and entering AS26 does so by using
Router3
!Route-map to change the local-preference of
2001:1:236::/64 to match the local-
preference of Router6, to ensure that Router2
has two routes in its routing table
router bgp 1
bgp router-id 1.1.1.1
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 2001:1:236::3 remote-as 26
neighbor 2001:1:236::6 remote-as 26
!
address-family ipv6
neighbor 2001:1:236::3 activate
neighbor 2001:1:236::3 weight 50
neighbor 2001:1:236::3 soft-reconfiguration inbound
neighbor 2001:1:2::2 route-map 236Prefix out
neighbor 2001:1:236::6 activate
neighbor 2001:1:236::6 soft-reconfiguration inbound
network 2001:1:1::1/64
no synchronization
exit-address-family
!
ipv6 router ospf 1
router-id 3.3.3.3
log-adjacency-changes
!
!Route-map to change the local-preference of
2001:1:236::/64 to match the local-
preference of Router6, to ensure that Router2
has two routes in its routing table
ipv6 prefix-list Prefix236route seq 5 permit
2001:1:236::/64
route-map 236Prefix permit 10
match ipv6 address Prefix236route
set local-preference 150
!
control-plane
!
line con 0
exec-timeout 60 0
half-duplex
ipv6 address 2001:1:23::3/64
ipv6 ospf 1 area 0
ipv6 enable
!
interface Ethernet1/0
no ip address
half-duplex
ipv6 address 2001:1:236::3/64
ipv6 enable
!
!Always build an IBGP full mesh configuration
! !Use loopback 0, the reachability of this
address is guaranteed via OSPF
!Use next-hop-self as there are two entry points
from AS26, to advertise to Router2 the next hop
routers to reach AS1
!Ensure all subnets not advertised via OSPF are
advertised using BGP, otherwise Router2 would
not be able to reach it
router bgp 26
bgp router-id 3.3.3.3
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 2001:1:2::2 remote-as 26
neighbor 2001:1:2::2 update-source Loopback0
neighbor 2001:1:6::6 remote-as 26
neighbor 2001:1:6::6 update-source Loopback0
neighbor 2001:1:236::1 remote-as 1
!
address-family ipv6
neighbor 2001:1:2::2 activate
neighbor 2001:1:2::2 next-hop-self
neighbor 2001:1:2::2 soft-reconfiguration inbound
neighbor 2001:1:6::6 activate
neighbor 2001:1:6::6 next-hop-self
neighbor 2001:1:6::6 soft-reconfiguration inbound
neighbor 2001:1:236::1 activate
neighbor 2001:1:236::1 soft-reconfiguration inbound
network 2001:1:3::3/64
network 2001:1:23::/64
network 2001:1:236::3/64
no synchronization
exit-address-family
!
Ipv6 router ospf 1
Router-id 3.3.3.3
!
NLI'S CCIE IPV6 LAB GUIDE
520
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
ip http server
ip classless
!
line con 0
exec-timeout 60 0
logging synchronous
line aux 0
exec-timeout 60 0
logging synchronous
line vty 0 4
exec-timeout 60 0
logging synchronous
NLI'S CCIE IPV6 LAB GUIDE
521
NLI'S CCIE IPV6 LAB GUIDE
522
NLI'S CCIE IPV6 LAB GUIDE
523
NLI'S CCIE IPV6 LAB GUIDE
524
NLI'S CCIE IPV6 LAB GUIDE
525
NLI'S CCIE IPV6 LAB GUIDE
526
NLI'S CCIE IPV6 LAB GUIDE
527
NLI'S CCIE IPV6 LAB GUIDE
528
NLI'S CCIE IPV6 LAB GUIDE
529
NLI'S CCIE IPV6 LAB GUIDE
530
531
NLI'S CCIE IPV6 LAB GUIDE
532
ANSWER
configured
Tunnel destination address
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
ip cef
!
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Tunnel0
no ip address
ipv6 address 2001:1:32::2/64
ipv6 ospf 1 area 0
tunnel source FastEthernet0/0
tunnel destination 192.168.23.3
tunnel mode ipv6ip
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf network point-to-point
ipv6 ospf 1 area 0
!
interface FastEthernet0/0
ip address 192.168.23.2 255.255.255.0
speed 100
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
ip cef
!
ipv6 unicast-routing
ipv6 cef
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf network point-to-point
ipv6 ospf 1 area 2
!
interface Serial0/0
no ip address
encapsulation frame-relay
ipv6 address 2001:1:26::6/64
ipv6 ospf network point-to-multipoint
ipv6 ospf cost 1
ipv6 ospf 1 area 2
frame-relay map ipv6
FE80::20C:CEFF:FE49:D2D0 121 broadcast
!
interface FastEthernet1/0
no ip address
NLI'S CCIE IPV6 LAB GUIDE
533
full-duplex
ipv6 address 2001:1:23::2/64
ipv6 enable
!
interface Serial1/0
no ip address
encapsulation frame-relay
ipv6 address 2001:1:26::2/64
ipv6 enable
ipv6 cef
ipv6 ospf network point-to-multipoint
ipv6 ospf cost 1
ipv6 ospf 1 area 2
frame-relay map ipv6
FE80::206:D7FF:FE75:9781 112 broadcast
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
End
duplex auto
speed 100
ipv6 address 2001:1:236::6/64
ipv6 enable
!
ipv6 router ospf 1
log-adjacency-changes!
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
NLI'S CCIE IPV6 LAB GUIDE
534
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
!
ip cef
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf network point-to-point
ipv6 ospf 1 area 1
!
interface FastEthernet0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:13::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
hostname router3
ip cef
ip multicast-routing
ipv6 unicast-routing
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
ipv6 address 2001:1:3::3/64
ipv6 enable
ipv6 ospf network point-to-point
ipv6 ospf 1 area 0
!
interface Tunnel0
no ip address
ipv6 address 2001:1:32::3/64
ipv6 ospf 1 area 0
tunnel source Ethernet0/0
tunnel destination 192.168.23.2
tunnel mode ipv6ip
!
interface Ethernet0/0
ip address 192.168.23.3 255.255.255.0
half-duplex
ipv6 address 2001:1:23::3/64
ipv6 enable
!
interface Ethernet1/0
no ip address
ip pim sparse-dense-mode
half-duplex
ipv6 address 2001:1:13::3/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
ip http server
NLI'S CCIE IPV6 LAB GUIDE
535
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
ip classless
!
line con 0
exec-timeout 60 0
logging synchronous
line aux 0
exec-timeout 60 0
logging synchronous
line vty 0 4
exec-timeout 60 0
logging synchronous
NLI'S CCIE IPV6 LAB GUIDE
536
router2#sh ipv6 ospf data
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 3334 0x80000007 0 1 None
2.2.2.2 1342 0x8000000A 0 1 B
3.3.3.3 1136 0x80000009 0 1 B
6.6.6.6 3287 0x80000006 0 1 None
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
1.1.1.1 3411 0x80000001 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 1100 0x80000002 2001:1:26::2/128
NLI'S CCIE IPV6 LAB GUIDE
537
2.2.2.2 1100 0x80000002 2001:1:6::/64
2.2.2.2 1100 0x80000002 2001:1:26::6/128
3.3.3.3 1136 0x80000002 2001:1:1::/64
3.3.3.3 1136 0x80000002 2001:1:13::/64
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
2.2.2.2 1343 0x80000002 9 Lo0
2.2.2.2 1604 0x80000002 12 Tu0
3.3.3.3 1398 0x80000002 13 Tu0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 3335 0x80000002 0 0x2001 0
1.1.1.1 3412 0x80000001 1004 0x2002 4
2.2.2.2 1343 0x80000007 0 0x2001 0
3.3.3.3 1398 0x80000006 0 0x2001 0
6.6.6.6 3288 0x80000004 0 0x2001 0
Router Link States (Area 2)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 1102 0x80000003 0 1 B
6.6.6.6 1160 0x80000004 0 1 None
Inter Area Prefix Link States (Area 2)
ADV Router Age Seq# Prefix
2.2.2.2 1343 0x80000002 2001:1:2::/64
2.2.2.2 1345 0x80000002 2001:1:32::/64
2.2.2.2 1345 0x80000002 2001:1:3::/64
2.2.2.2 1104 0x80000002 2001:1:1::/64
2.2.2.2 1104 0x80000002 2001:1:13::/64
Link (Type-8) Link States (Area 2)
ADV Router Age Seq# Link ID Interface
2.2.2.2 1345 0x80000002 6 Se1/0
6.6.6.6 1162 0x80000002 3 Se1/0
Intra Area Prefix Link States (Area 2)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
2.2.2.2 1345 0x80000002 0 0x2001 0
6.6.6.6 1162 0x80000003 0 0x2001 0
NLI'S CCIE IPV6 LAB GUIDE
538
router3#sh ipv6 ospf database
OSPFv3 Router with ID (3.3.3.3) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 3403 0x80000007 0 1 None
2.2.2.2 1413 0x8000000A 0 1 B
3.3.3.3 1205 0x80000009 0 1 B
6.6.6.6 3358 0x80000006 0 1 None
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
1.1.1.1 3480 0x80000001 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 1172 0x80000002 2001:1:26::2/128
2.2.2.2 1172 0x80000002 2001:1:6::/64
2.2.2.2 1172 0x80000002 2001:1:26::6/128
3.3.3.3 1205 0x80000002 2001:1:1::/64
3.3.3.3 1205 0x80000002 2001:1:13::/64
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
3.3.3.3 1467 0x80000002 12 Lo0
2.2.2.2 1675 0x80000002 12 Tu0
3.3.3.3 1467 0x80000002 13 Tu0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 3404 0x80000002 0 0x2001 0
1.1.1.1 3481 0x80000001 1004 0x2002 4
2.2.2.2 1414 0x80000007 0 0x2001 0
3.3.3.3 1467 0x80000006 0 0x2001 0
6.6.6.6 3360 0x80000004 0 0x2001 0
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 1278 0x80000008 0 1 None
NLI'S CCIE IPV6 LAB GUIDE
539
3.3.3.3 1206 0x80000007 0 1 B
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
3.3.3.3 1206 0x80000004 8 2
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
3.3.3.3 1207 0x80000002 2001:1:2::/64
3.3.3.3 1207 0x80000002 2001:1:32::/64
3.3.3.3 1207 0x80000004 2001:1:26::2/128
3.3.3.3 1207 0x80000002 2001:1:3::/64
3.3.3.3 1207 0x80000002 2001:1:6::/64
3.3.3.3 1207 0x80000002 2001:1:26::6/128
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
1.1.1.1 1279 0x80000003 4 Et1/0
3.3.3.3 1207 0x80000002 8 Et1/0
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 1279 0x80000003 0 0x2001 0
3.3.3.3 1207 0x80000004 1008 0x2002 8
NLI'S CCIE IPV6 LAB GUIDE
540
router2#sh ipv6 route
IPv6 Routing Table - 15 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
OI 2001:1:1::/64 [110/11122]
via FE80::C0A8:1703, Tunnel0
C 2001:1:2::/64 [0/0]
via ::, Loopback0
L 2001:1:2::2/128 [0/0]
via ::, Loopback0
O 2001:1:3::/64 [110/11112]
via FE80::C0A8:1703, Tunnel0
O 2001:1:6::/64 [110/2]
via FE80::206:D7FF:FE75:9781, Serial1/0
OI 2001:1:13::/64 [110/11121]
via FE80::C0A8:1703, Tunnel0
C 2001:1:23::/64 [0/0]
via ::, FastEthernet0/0
L 2001:1:23::2/128 [0/0]
via ::, FastEthernet0/0
C 2001:1:26::/64 [0/0]
via ::, Serial1/0
L 2001:1:26::2/128 [0/0]
via ::, Serial1/0
O 2001:1:26::6/128 [110/1]
NLI'S CCIE IPV6 LAB GUIDE
541
via FE80::206:D7FF:FE75:9781, Serial1/0
C 2001:1:32::/64 [0/0]
via ::, Tunnel0
L 2001:1:32::2/128 [0/0]
via ::, Tunnel0
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
NLI'S CCIE IPV6 LAB GUIDE
542
router3#sh ipv6 route
IPv6 Routing Table - 15 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
O 2001:1:1::/64 [110/11]
via FE80::207:50FF:FE21:A2A0, Ethernet1/0
O 2001:1:2::/64 [110/11112]
via FE80::C0A8:1702, Tunnel0
C 2001:1:3::/64 [0/0]
via ::, Loopback0
L 2001:1:3::3/128 [0/0]
via ::, Loopback0
OI 2001:1:6::/64 [110/11113]
via FE80::C0A8:1702, Tunnel0
C 2001:1:13::/64 [0/0]
via ::, Ethernet1/0
L 2001:1:13::3/128 [0/0]
via ::, Ethernet1/0
C 2001:1:23::/64 [0/0]
via ::, Ethernet0/0
L 2001:1:23::3/128 [0/0]
via ::, Ethernet0/0
OI 2001:1:26::2/128 [110/11111]
via FE80::C0A8:1702, Tunnel0
OI 2001:1:26::6/128 [110/11112]
via FE80::C0A8:1702, Tunnel0
C 2001:1:32::/64 [0/0]
via ::, Tunnel0
L 2001:1:32::3/128 [0/0]
via ::, Tunnel0
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
NLI'S CCIE IPV6 LAB GUIDE
543
NLI'S CCIE IPV6 LAB GUIDE
544
NLI'S CCIE IPV6 LAB GUIDE
545
router3#
*Mar 4 09:19:39.831 UTC: Tunnel0: IPv6/IP encapsulated 192.168.23.3->192.168.23
.2 (linktype=79, len=120)
*Mar 4 09:19:39.891 UTC: Tunnel0: IPv6/IP to classify 192.168.23.2->192.168.23.
3 (len=120 ttl=253 tos=0x0)
*Mar 4 09:19:39.891 UTC: Tunnel0: todecaps IPv6/IP packet 192.168.23.2->192.16
8.23.3 (len=120, ttl=253)
*Mar 4 09:19:39.891 UTC: Tunnel0: decapsulated IPv6/IP packet
*Mar 4 09:19:39.891 UTC: 2001:1:6::6 -> 2001:1:13::1 (len=60 ttl=63)
*Mar 4 09:19:39.895 UTC: Tunnel0: IPv6/IP encapsulated 192.168.23.3->192.168.23
.2 (linktype=79, len=120)
*Mar 4 09:19:39.951 UTC: Tunnel0: IPv6/IP to classify 192.168.23.2->192.168.23.
3 (len=120 ttl=253 tos=0x0)
*Mar 4 09:19:39.951 UTC: Tunnel0: todecaps IPv6/IP packet 192.168.23.2->192.16
8.23.3 (len=120, ttl=253)
*Mar 4 09:19:39.951 UTC: Tunnel0: decapsulated IPv6/IP packet
*Mar 4 09:19:39.951 UTC: 2001:1:6::6 -> 2001:1:13::1 (len=60 ttl=63)
*Mar 4 09:19:39.955 UTC: Tunnel0: IPv6/IP encapsulated 192.168.23.3->192.168.23.2
(linktype=79, len=120)
*Mar 4 09:19:40.011 UTC: Tunnel0: IPv6/IP to classify 192.168.23.2->192.168.23.
3 (len=120 ttl=253 tos=0x0)
*Mar 4 09:19:40.015 UTC: Tunnel0: todecaps IPv6/IP packet 192.168.23.2->192.16
8.23.3 (len=120, ttl=253)
*Mar 4 09:19:40.015 UTC: Tunnel0: decapsulated IPv6/IP packet
*Mar 4 09:19:40.015 UTC: 2001:1:6::6 -> 2001:1:13::1 (len=60 ttl=63)
*Mar 4 09:19:40.015 UTC: Tunnel0: IPv6/IP encapsulated 192.168.23.3->192.168.23
.2 (linktype=79, len=120)
*Mar 4 09:19:40.075 UTC: Tunnel0: IPv6/IP to classify 192.168.23.2->192.168.23.
3 (len=120 ttl=253 tos=0x0)
*Mar 4 09:19:40.075 UTC: Tunnel0: todecaps IPv6/IP packet 192.168.23.2->192.16
8.23.3 (len=120, ttl=253)
*Mar 4 09:19:40.075 UTC: Tunnel0: decapsulated IPv6/IP packet
*Mar 4 09:19:40.075 UTC: 2001:1:6::6 -> 2001:1:13::1 (len=60 ttl=63)
*Mar 4 09:19:40.079 UTC: Tunnel0: IPv6/IP encapsulated 192.168.23.3->192.168.23
.2 (linktype=79, len=120)
*Mar 4 09:19:40.135 UTC: Tunnel0: IPv6/IP to classify 192.168.23.2->192.168.23.
NLI'S CCIE IPV6 LAB GUIDE
546
3 (len=120 ttl=253 tos=0x0)
*Mar 4 09:19:40.135 UTC: Tunnel0: todecaps IPv6/IP packet 192.168.23.2->192.16
8.23.3 (len=120, ttl=253)
*Mar 4 09:19:40.135 UTC: Tunnel0: decapsulated IPv6/IP packet
*Mar 4 09:19:40.135 UTC: 2001:1:6::6 -> 2001:1:13::1 (len=60 ttl=63)
547
NLI'S CCIE IPV6 LAB GUIDE
548
ANSWER
configured
Tunnel destination address
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
ip cef
!
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Tunnel0
no ip address
ipv6 address 2001:1:32::2/64
ipv6 ospf 1 area 0
tunnel source FastEthernet0/0
tunnel destination 192.168.23.3
tunnel mode gre ip
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf network point-to-point
ipv6 ospf 1 area 0
!
interface FastEthernet0/0
ip address 192.168.23.2 255.255.255.0
speed 100
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
ip cef
!
ipv6 unicast-routing
ipv6 cef
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf network point-to-point
ipv6 ospf 1 area 2
!
interface Serial0/0
no ip address
encapsulation frame-relay
ipv6 address 2001:1:26::6/64
ipv6 ospf network point-to-multipoint
ipv6 ospf cost 1
ipv6 ospf 1 area 2
frame-relay map ipv6
FE80::20C:CEFF:FE49:D2D0 121 broadcast
!
interface FastEthernet1/0
no ip address
NLI'S CCIE IPV6 LAB GUIDE
549
full-duplex
ipv6 address 2001:1:23::2/64
ipv6 enable
!
interface Serial1/0
no ip address
encapsulation frame-relay
ipv6 address 2001:1:26::2/64
ipv6 enable
ipv6 cef
ipv6 ospf network point-to-multipoint
ipv6 ospf cost 1
ipv6 ospf 1 area 2
frame-relay map ipv6
FE80::206:D7FF:FE75:9781 112 broadcast
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
End
duplex auto
speed 100
ipv6 address 2001:1:236::6/64
ipv6 enable
!
ipv6 router ospf 1
log-adjacency-changes!
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
NLI'S CCIE IPV6 LAB GUIDE
550
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
!
ip cef
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf network point-to-point
ipv6 ospf 1 area 1
!
interface FastEthernet0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:13::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
hostname router3
ip cef
ip multicast-routing
ipv6 unicast-routing
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
ipv6 address 2001:1:3::3/64
ipv6 enable
ipv6 ospf network point-to-point
ipv6 ospf 1 area 0
!
interface Tunnel0
no ip address
ipv6 address 2001:1:32::3/64
ipv6 ospf 1 area 0
tunnel source Ethernet0/0
tunnel destination 192.168.23.2
tunnel mode gre ip
!
interface Ethernet0/0
ip address 192.168.23.3 255.255.255.0
half-duplex
ipv6 address 2001:1:23::3/64
ipv6 enable
!
interface Ethernet1/0
no ip address
ip pim sparse-dense-mode
half-duplex
ipv6 address 2001:1:13::3/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
ip http server
NLI'S CCIE IPV6 LAB GUIDE
551
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
ip classless
!
line con 0
exec-timeout 60 0
logging synchronous
line aux 0
exec-timeout 60 0
logging synchronous
line vty 0 4
exec-timeout 60 0
logging synchronous
NLI'S CCIE IPV6 LAB GUIDE
552
router2#sh ipv6 ospf data
OSPFv3 Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 3334 0x80000007 0 1 None
2.2.2.2 1342 0x8000000A 0 1 B
3.3.3.3 1136 0x80000009 0 1 B
6.6.6.6 3287 0x80000006 0 1 None
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
1.1.1.1 3411 0x80000001 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 1100 0x80000002 2001:1:26::2/128
NLI'S CCIE IPV6 LAB GUIDE
553
2.2.2.2 1100 0x80000002 2001:1:6::/64
2.2.2.2 1100 0x80000002 2001:1:26::6/128
3.3.3.3 1136 0x80000002 2001:1:1::/64
3.3.3.3 1136 0x80000002 2001:1:13::/64
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
2.2.2.2 1343 0x80000002 9 Lo0
2.2.2.2 1604 0x80000002 12 Tu0
3.3.3.3 1398 0x80000002 13 Tu0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 3335 0x80000002 0 0x2001 0
1.1.1.1 3412 0x80000001 1004 0x2002 4
2.2.2.2 1343 0x80000007 0 0x2001 0
3.3.3.3 1398 0x80000006 0 0x2001 0
6.6.6.6 3288 0x80000004 0 0x2001 0
Router Link States (Area 2)
ADV Router Age Seq# Fragment ID Link count Bits
2.2.2.2 1102 0x80000003 0 1 B
6.6.6.6 1160 0x80000004 0 1 None
Inter Area Prefix Link States (Area 2)
ADV Router Age Seq# Prefix
2.2.2.2 1343 0x80000002 2001:1:2::/64
2.2.2.2 1345 0x80000002 2001:1:32::/64
2.2.2.2 1345 0x80000002 2001:1:3::/64
2.2.2.2 1104 0x80000002 2001:1:1::/64
2.2.2.2 1104 0x80000002 2001:1:13::/64
Link (Type-8) Link States (Area 2)
ADV Router Age Seq# Link ID Interface
2.2.2.2 1345 0x80000002 6 Se1/0
6.6.6.6 1162 0x80000002 3 Se1/0
Intra Area Prefix Link States (Area 2)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
2.2.2.2 1345 0x80000002 0 0x2001 0
6.6.6.6 1162 0x80000003 0 0x2001 0
NLI'S CCIE IPV6 LAB GUIDE
554
router3#sh ipv6 ospf database
OSPFv3 Router with ID (3.3.3.3) (Process ID 1)
Router Link States (Area 0)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 3403 0x80000007 0 1 None
2.2.2.2 1413 0x8000000A 0 1 B
3.3.3.3 1205 0x80000009 0 1 B
6.6.6.6 3358 0x80000006 0 1 None
Net Link States (Area 0)
ADV Router Age Seq# Link ID Rtr count
1.1.1.1 3480 0x80000001 4 2
Inter Area Prefix Link States (Area 0)
ADV Router Age Seq# Prefix
2.2.2.2 1172 0x80000002 2001:1:26::2/128
2.2.2.2 1172 0x80000002 2001:1:6::/64
2.2.2.2 1172 0x80000002 2001:1:26::6/128
3.3.3.3 1205 0x80000002 2001:1:1::/64
3.3.3.3 1205 0x80000002 2001:1:13::/64
Link (Type-8) Link States (Area 0)
ADV Router Age Seq# Link ID Interface
3.3.3.3 1467 0x80000002 12 Lo0
2.2.2.2 1675 0x80000002 12 Tu0
3.3.3.3 1467 0x80000002 13 Tu0
Intra Area Prefix Link States (Area 0)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 3404 0x80000002 0 0x2001 0
1.1.1.1 3481 0x80000001 1004 0x2002 4
2.2.2.2 1414 0x80000007 0 0x2001 0
3.3.3.3 1467 0x80000006 0 0x2001 0
6.6.6.6 3360 0x80000004 0 0x2001 0
Router Link States (Area 1)
ADV Router Age Seq# Fragment ID Link count Bits
1.1.1.1 1278 0x80000008 0 1 None
NLI'S CCIE IPV6 LAB GUIDE
555
3.3.3.3 1206 0x80000007 0 1 B
Net Link States (Area 1)
ADV Router Age Seq# Link ID Rtr count
3.3.3.3 1206 0x80000004 8 2
Inter Area Prefix Link States (Area 1)
ADV Router Age Seq# Prefix
3.3.3.3 1207 0x80000002 2001:1:2::/64
3.3.3.3 1207 0x80000002 2001:1:32::/64
3.3.3.3 1207 0x80000004 2001:1:26::2/128
3.3.3.3 1207 0x80000002 2001:1:3::/64
3.3.3.3 1207 0x80000002 2001:1:6::/64
3.3.3.3 1207 0x80000002 2001:1:26::6/128
Link (Type-8) Link States (Area 1)
ADV Router Age Seq# Link ID Interface
1.1.1.1 1279 0x80000003 4 Et1/0
3.3.3.3 1207 0x80000002 8 Et1/0
Intra Area Prefix Link States (Area 1)
ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.1 1279 0x80000003 0 0x2001 0
3.3.3.3 1207 0x80000004 1008 0x2002 8
NLI'S CCIE IPV6 LAB GUIDE
556
router2#sh ipv6 route
IPv6 Routing Table - 15 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
OI 2001:1:1::/64 [110/11122]
via FE80::C0A8:1703, Tunnel0
C 2001:1:2::/64 [0/0]
via ::, Loopback0
L 2001:1:2::2/128 [0/0]
via ::, Loopback0
O 2001:1:3::/64 [110/11112]
via FE80::C0A8:1703, Tunnel0
O 2001:1:6::/64 [110/2]
via FE80::206:D7FF:FE75:9781, Serial1/0
OI 2001:1:13::/64 [110/11121]
via FE80::C0A8:1703, Tunnel0
C 2001:1:23::/64 [0/0]
via ::, FastEthernet0/0
L 2001:1:23::2/128 [0/0]
via ::, FastEthernet0/0
C 2001:1:26::/64 [0/0]
via ::, Serial1/0
L 2001:1:26::2/128 [0/0]
via ::, Serial1/0
O 2001:1:26::6/128 [110/1]
NLI'S CCIE IPV6 LAB GUIDE
557
via FE80::206:D7FF:FE75:9781, Serial1/0
C 2001:1:32::/64 [0/0]
via ::, Tunnel0
L 2001:1:32::2/128 [0/0]
via ::, Tunnel0
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
NLI'S CCIE IPV6 LAB GUIDE
558
router3#sh ipv6 route
IPv6 Routing Table - 15 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
O 2001:1:1::/64 [110/11]
via FE80::207:50FF:FE21:A2A0, Ethernet1/0
O 2001:1:2::/64 [110/11112]
via FE80::C0A8:1702, Tunnel0
C 2001:1:3::/64 [0/0]
via ::, Loopback0
L 2001:1:3::3/128 [0/0]
via ::, Loopback0
OI 2001:1:6::/64 [110/11113]
via FE80::C0A8:1702, Tunnel0
C 2001:1:13::/64 [0/0]
via ::, Ethernet1/0
L 2001:1:13::3/128 [0/0]
via ::, Ethernet1/0
C 2001:1:23::/64 [0/0]
via ::, Ethernet0/0
L 2001:1:23::3/128 [0/0]
via ::, Ethernet0/0
OI 2001:1:26::2/128 [110/11111]
via FE80::C0A8:1702, Tunnel0
OI 2001:1:26::6/128 [110/11112]
via FE80::C0A8:1702, Tunnel0
C 2001:1:32::/64 [0/0]
via ::, Tunnel0
L 2001:1:32::3/128 [0/0]
via ::, Tunnel0
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
NLI'S CCIE IPV6 LAB GUIDE
559
NLI'S CCIE IPV6 LAB GUIDE
560
NLI'S CCIE IPV6 LAB GUIDE
561
router3#
router3#
*Mar 4 10:36:18.491 UTC: Tunnel0: GRE/IP encapsulated 192.168.23.3->192.168.23.
2 (linktype=79, len=124)
*Mar 4 10:36:18.551 UTC: Tunnel0: GRE/IP to classify 192.168.23.2->192.168.23.3
(len=124 type=0x86DD ttl=254 tos=0x0)
*Mar 4 10:36:18.555 UTC: Tunnel0: GRE/IP encapsulated 192.168.23.3->192.168.23.
2 (linktype=79, len=124)
*Mar 4 10:36:18.611 UTC: Tunnel0: GRE/IP to classify 192.168.23.2->192.168.23.3
(len=124 type=0x86DD ttl=254 tos=0x0)
*Mar 4 10:36:18.615 UTC: Tunnel0: GRE/IP encapsulated 192.168.23.3->192.168.23.
2 (linktype=79, len=124)
*Mar 4 10:36:18.675 UTC: Tunnel0: GRE/IP to classify 192.168.23.2->192.168.23.3
(len=124 type=0x86DD ttl=254 tos=0x0)
*Mar 4 10:36:18.675 UTC: Tunnel0: GRE/IP encapsulated 192.168.23.3->192.168.23.
2 (linktype=79, len=124)
*Mar 4 10:36:18.735 UTC: Tunnel0: GRE/IP to classify 192.168.23.2->192.168.23.3
(len=124 type=0x86DD ttl=254 tos=0x0)
*Mar 4 10:36:18.739 UTC: Tunnel0: GRE/IP encapsulated 192.168.23.3->192.168.23.
2 (linktype=79, len=124)
*Mar 4 10:36:18.795 UTC: Tunnel0: GRE/IP to classify 192.168.23.2->192.168.23.3
(len=124 type=0x86DD ttl=254 tos=0x0)
NLI'S CCIE IPV6 LAB GUIDE
562
563
NLI'S CCIE IPV6 LAB GUIDE
564
ANSWER
format : 2002:IPv4address:SLA::/64 eui-64
6to4 ip addressing format for the physical interface:
The following shows how to arrive at the 6to4 addresses for both the dual-stack routers:
192 C0
168 A8
32 17
2 02
relay router. You can pick any number.
192 C0
168 A8
32 17
3 03
NLI'S CCIE IPV6 LAB GUIDE
565
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
ip cef
!
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Tunnel0
no ip address
no ip redirects
ipv6 unnumbered FastEthernet0/0
tunnel source FastEthernet0/0
tunnel mode ipv6ip 6to4
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
ipv6 ospf network point-to-point
ipv6 ospf 1 area 2
!
interface FastEthernet0/0
ip address 192.168.23.2 255.255.255.0
speed 100
full-duplex
ipv6 address 2002:C0A8:1702::2/64
ipv6 enable
!
interface Serial1/0
no ip address
encapsulation frame-relay
ipv6 address 2001:1:26::2/64
ipv6 enable
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
ip cef
!
ipv6 unicast-routing
ipv6 cef
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
ipv6 ospf network point-to-point
ipv6 ospf 1 area 2
!
interface Serial0/0
no ip address
encapsulation frame-relay
ipv6 address 2001:1:26::6/64
ipv6 ospf network point-to-multipoint
ipv6 ospf cost 1
ipv6 ospf 1 area 2
frame-relay map ipv6
FE80::20C:CEFF:FE49:D2D0 121 broadcast
!
interface FastEthernet1/0
no ip address
duplex auto
speed 100
ipv6 address 2001:1:236::6/64
ipv6 enable
!
ipv6 router ospf 1
log-adjacency-changes!
!
NLI'S CCIE IPV6 LAB GUIDE
566
ipv6 cef
ipv6 ospf network point-to-multipoint
ipv6 ospf cost 1
ipv6 ospf 1 area 2
frame-relay map ipv6
FE80::206:D7FF:FE75:9781 112 broadcast
!
ip http server
no ip http secure-server
ip classless
!
ipv6 route 2001:1:1::/64 2002:C0A8:1703::
ipv6 route 2001:1:3::/64 2002:C0A8:1703::
ipv6 route 2001:1:13::/64 2002:C0A8:1703::
ipv6 route 2002::/16 Tunnel0
ipv6 router ospf 1
log-adjacency-changes
default-information originate always
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
End
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
NLI'S CCIE IPV6 LAB GUIDE
567
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router1
!
!
ip cef
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001:1:1::1/64
ipv6 enable
ipv6 ospf network point-to-point
ipv6 ospf 1 area 1
!
interface FastEthernet0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:13::1/64
ipv6 enable
ipv6 cef
ipv6 ospf 1 area 1
!
ip http server
no ip http secure-server
ip classless
!
ipv6 router ospf 1
log-adjacency-changes
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
hostname router3
ip cef
ip multicast-routing
ipv6 unicast-routing
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
ipv6 address 2001:1:3::3/64
ipv6 enable
ipv6 ospf network point-to-point
ipv6 ospf 1 area 1
!
interface Tunnel0
no ip address
no ip redirects
ipv6 unnumbered Ethernet0/0
tunnel source Ethernet0/0
tunnel mode ipv6ip 6to4
!
interface Ethernet0/0
ip address 192.168.23.3 255.255.255.0
half-duplex
ipv6 address 2002:C0A8:1703::/64 eui-64
ipv6 enable
!
interface Ethernet1/0
no ip address
ip pim sparse-dense-mode
half-duplex
ipv6 address 2001:1:13::3/64
ipv6 enable
ipv6 ospf 1 area 1
!
ip http server
ip classless
!
ipv6 route 2002::/16 Tunnel0
ipv6 route ::/0 2002:C0A8:1702::2
ipv6 router ospf 1
log-adjacency-changes
default-information originate always
NLI'S CCIE IPV6 LAB GUIDE
568
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
!
ip http server
ip classless
!
line con 0
exec-timeout 60 0
logging synchronous
line aux 0
exec-timeout 60 0
logging synchronous
line vty 0 4
exec-timeout 60 0
logging synchronous
NLI'S CCIE IPV6 LAB GUIDE
569
NLI'S CCIE IPV6 LAB GUIDE
570
NLI'S CCIE IPV6 LAB GUIDE
571
NLI'S CCIE IPV6 LAB GUIDE
572
NLI'S CCIE IPV6 LAB GUIDE
573
NLI'S CCIE IPV6 LAB GUIDE
574
router3#
*Mar 4 09:19:39.831 UTC: Tunnel0: IPv6/IP encapsulated 192.168.23.3->192.168.23
.2 (linktype=79, len=120)
*Mar 4 09:19:39.891 UTC: Tunnel0: IPv6/IP to classify 192.168.23.2->192.168.23.
3 (len=120 ttl=253 tos=0x0)
*Mar 4 09:19:39.891 UTC: Tunnel0: todecaps IPv6/IP packet 192.168.23.2->192.16
8.23.3 (len=120, ttl=253)
*Mar 4 09:19:39.891 UTC: Tunnel0: decapsulated IPv6/IP packet
*Mar 4 09:19:39.891 UTC: 2001:1:6::6 -> 2001:1:13::1 (len=60 ttl=63)
*Mar 4 09:19:39.895 UTC: Tunnel0: IPv6/IP encapsulated 192.168.23.3->192.168.23
.2 (linktype=79, len=120)
*Mar 4 09:19:39.951 UTC: Tunnel0: IPv6/IP to classify 192.168.23.2->192.168.23.
3 (len=120 ttl=253 tos=0x0)
*Mar 4 09:19:39.951 UTC: Tunnel0: todecaps IPv6/IP packet 192.168.23.2->192.16
8.23.3 (len=120, ttl=253)
*Mar 4 09:19:39.951 UTC: Tunnel0: decapsulated IPv6/IP packet
*Mar 4 09:19:39.951 UTC: 2001:1:6::6 -> 2001:1:13::1 (len=60 ttl=63)
*Mar 4 09:19:39.955 UTC: Tunnel0: IPv6/IP encapsulated 192.168.23.3->192.168.23.2
(linktype=79, len=120)
*Mar 4 09:19:40.011 UTC: Tunnel0: IPv6/IP to classify 192.168.23.2->192.168.23.
3 (len=120 ttl=253 tos=0x0)
*Mar 4 09:19:40.015 UTC: Tunnel0: todecaps IPv6/IP packet 192.168.23.2->192.16
8.23.3 (len=120, ttl=253)
*Mar 4 09:19:40.015 UTC: Tunnel0: decapsulated IPv6/IP packet
*Mar 4 09:19:40.015 UTC: 2001:1:6::6 -> 2001:1:13::1 (len=60 ttl=63)
*Mar 4 09:19:40.015 UTC: Tunnel0: IPv6/IP encapsulated 192.168.23.3->192.168.23
.2 (linktype=79, len=120)
*Mar 4 09:19:40.075 UTC: Tunnel0: IPv6/IP to classify 192.168.23.2->192.168.23.
3 (len=120 ttl=253 tos=0x0)
*Mar 4 09:19:40.075 UTC: Tunnel0: todecaps IPv6/IP packet 192.168.23.2->192.16
8.23.3 (len=120, ttl=253)
*Mar 4 09:19:40.075 UTC: Tunnel0: decapsulated IPv6/IP packet
*Mar 4 09:19:40.075 UTC: 2001:1:6::6 -> 2001:1:13::1 (len=60 ttl=63)
*Mar 4 09:19:40.079 UTC: Tunnel0: IPv6/IP encapsulated 192.168.23.3->192.168.23
.2 (linktype=79, len=120)
*Mar 4 09:19:40.135 UTC: Tunnel0: IPv6/IP to classify 192.168.23.2->192.168.23.
NLI'S CCIE IPV6 LAB GUIDE
575
3 (len=120 ttl=253 tos=0x0)
*Mar 4 09:19:40.135 UTC: Tunnel0: todecaps IPv6/IP packet 192.168.23.2->192.16
8.23.3 (len=120, ttl=253)
*Mar 4 09:19:40.135 UTC: Tunnel0: decapsulated IPv6/IP packet
*Mar 4 09:19:40.135 UTC: 2001:1:6::6 -> 2001:1:13::1 (len=60 ttl=63)
NLI'S CCIE IPV6 LAB GUIDE
576
577
NLI'S CCIE IPV6 LAB GUIDE
578
ANSWER
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
!
interface FastEthernetl0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 enable
ipv6 cef
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 enable
ipv6 traffic-filter Restrict_Vlan1 in
!
!Static routes pointing to the loopback addresses on each Router
NLI'S CCIE IPV6 LAB GUIDE
579
ipv6 route 2001:1:3::/64 2001:1:12::1
ipv6 route 2001:1:6::/64 2001:1:26::6
!
!Standard ACL to permit any local traffic to VLAN 2. All traffic is logged
ipv6 access-list Restrict_Vlan1
remark <<<Restict VLAN1 using to reach other VLANs>>>
permit ipv6 any 2001:1:12::/64 log
permit icmp any any router-advertisement
permit icmp any any router-solicitation
permit icmp any any nd-na
permit icmp any any nd-ns
deny ipv6 any any log
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
NLI'S CCIE IPV6 LAB GUIDE
580
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router3
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip multicast-routing
ipv6 unicast-routing
!
interface Loopback0
ip address 3.3.3.3 255.255.255.0
ipv6 address 2001:1:3::3/64
ipv6 enable
!
interface Ethernet0/0
half-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
interface Ethernet1/0
no ip address
half-duplex
ipv6 address 2001:1:13::3/64
ipv6 enable
!
!Default route pointing to Router2
ipv6 route ::/0 2001:1:12::2
!
line con 0
exec-timeout 60 0
logging synchronous
line aux 0
exec-timeout 60 0
logging synchronous
line vty 0 4
exec-timeout 60 0
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ipv6 unicast-routing
ipv6 cef
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
!
ip http server
no ip http secure-server
ip classless
!
!Default route pointing to Router2
ipv6 route ::/0 2001:1:26::2
!
control-plane
!
dial-peer cor custom
!
NLI'S CCIE IPV6 LAB GUIDE
581
logging synchronous
login
!
end
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
NLI'S CCIE IPV6 LAB GUIDE
582
583
NLI'S CCIE IPV6 LAB GUIDE
584
ANSWER
The following summarizes the different types of ICMPv6 messages:
Error Detection i.e.
Pings
Management of
Multicast groups
Stateless
autoconfiguration
Neighbor Discovery
Router Redirection
MTU Path Discovery
NLI'S CCIE IPV6 LAB GUIDE
585
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router2
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
no ftp-server write-enable
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ipv6 address 2001:1:2::2/64
ipv6 enable
!
interface FastEthernetl0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:12::2/64
ipv6 enable
ipv6 cef
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::2/64
ipv6 enable
ipv6 traffic-filter ICMPv6in_log in
!
!Static routes pointing to the loopback addresses on each Router
ipv6 route 2001:1:3::/64 2001:1:12::1
NLI'S CCIE IPV6 LAB GUIDE
586
ipv6 route 2001:1:6::/64 2001:1:26::6
!
!Standard ACL to permit any local traffic to VLAN 2. All traffic is logged
ipv6 access-list ICMPv6in_log
remark <<<Log ICMP traffic>>>
permit icmp any any log
!
control-plane
!
dial-peer cor custom
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
NLI'S CCIE IPV6 LAB GUIDE
587
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router3
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip multicast-routing
ipv6 unicast-routing
!
interface Loopback0
ip address 3.3.3.3 255.255.255.0
ipv6 address 2001:1:3::3/64
ipv6 enable
!
interface Ethernet0/0
half-duplex
ipv6 address 2001:1:12::1/64
ipv6 enable
interface Ethernet1/0
no ip address
half-duplex
ipv6 address 2001:1:13::3/64
ipv6 enable
!
!Default route pointing to Router2
ipv6 route ::/0 2001:1:12::2
!
line con 0
exec-timeout 60 0
logging synchronous
line aux 0
exec-timeout 60 0
logging synchronous
line vty 0 4
exec-timeout 60 0
service timestamps debug datetime msec
localtime show-timezone
service timestamps log datetime msec localtime
show-timezone
service password-encryption
!
hostname router6
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ipv6 unicast-routing
ipv6 cef
!
fax interface-type fax-mail
!
no crypto isakmp enable
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
ipv6 address 2001:1:6::6/64
ipv6 enable
!
interface FastEthernet1/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1:26::6/64
ipv6 enable
!
ip http server
no ip http secure-server
ip classless
!
!Default route pointing to Router2
ipv6 route ::/0 2001:1:26::2
!
control-plane
!
dial-peer cor custom
!
NLI'S CCIE IPV6 LAB GUIDE
588
logging synchronous
login
!
end
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
!
End
*Apr 16 01:53:36.834 UTC: ICMPv6: Received ICMPv6 packet from FE80::203:E3FF:FE2
1:5501, type 134
router2#
*Apr 16 01:53:38.390 UTC: ICMPv6: Received ICMPv6 packet from FE80::206:D7FF:FE7
5:9790, type 134
router2#
*Apr 16 01:56:12.646 UTC: ICMPv6: Received ICMPv6 packet from FE80::203:E3FF:FE2
1:5501, type 134
router2#
*Apr 16 01:56:27.386 UTC: ICMPv6: Received ICMPv6 packet from FE80::206:D7FF:FE7
5:9790, type 134
*Apr 16 02:04:45.278 UTC: %IPV6-6-ACCESSLOGDP: list ICMPv6in_log/20 permitted ic
mpv6 2001:1:26::6 -> 2001:1:12::1 (128/0), 1 packet
*Apr 16 02:04:45.282 UTC: %IPV6-6-ACCESSLOGDP: list ICMPv6out_log/20 permitted i
cmpv6 2001:1:12::1 -> 2001:1:26::6 (129/0), 1 packet
router2#
*Apr 16 02:04:50.278 UTC: ICMPv6: Received ICMPv6 packet from2001:1:12::1, type
NLI'S CCIE IPV6 LAB GUIDE
589
136
*Apr 16 02:04:50.278 UTC: ICMPv6: Received ICMPv6 packet from FE80::203:E3FF:FE2
1:5501, type 135
*Apr 16 02:04:50.282 UTC: %IPV6-6-ACCESSLOGDP: list ICMPv6in_log/20 permitted ic
mpv6 2001:1:26::6 -> FE80::20C:CEFF:FE49:D2D1 (136/0), 1 packet
router2#
*Apr 16 02:04:50.282 UTC: ICMPv6: Received ICMPv6 packet from2001:1:26::6, type
136
router2#
*Apr 16 02:04:55.274 UTC: ICMPv6: Received ICMPv6 packet from FE80::203:E3FF:FE2
1:5501, type 135
*Apr 16 02:04:55.278 UTC: ICMPv6: Received ICMPv6 packet from FE80::203:E3FF:FE2
1:5501, type 136
*Apr 16 02:04:55.278 UTC: %IPV6-6-ACCESSLOGDP: list ICMPv6in_log/20 permitted ic
mpv6 FE80::206:D7FF:FE75:9790 -> FE80::20C:CEFF:FE49:D2D1 (135/0), 1 packet
router2#
*Apr 16 02:04:55.282 UTC: ICMPv6: Received ICMPv6 packet from FE80::206:D7FF:FE7
5:9790, type 135
router2#
*Apr 16 02:05:00.282 UTC: %IPV6-6-ACCESSLOGDP: list ICMPv6in_log/20 permitted ic
mpv6 FE80::206:D7FF:FE75:9790 -> FE80::20C:CEFF:FE49:D2D1 (136/0), 1 packet
router2#
*Apr 16 02:05:00.282 UTC: ICMPv6: Received ICMPv6 packet from FE80::206:D7FF:FE7
5:9790, type 136
router2#
*Apr 16 02:05:05.838 UTC: ICMPv6: Received ICMPv6 packet from FE80::203:E3FF:FE2
1:5501, type 134
router2#
*Apr 16 02:05:27.302 UTC: %IPV6-6-ACCESSLOGDP: list ICMPv6in_log/20 permitted ic
mpv6 FE80::206:D7FF:FE75:9790 -> FF02::1 (134/0), 1 packet
router2#
*Apr 16 02:05:27.302 UTC: ICMPv6: Received ICMPv6 packet from FE80::206:D7FF:FE7
5:9790, type 134
NLI'S CCIE IPV6 LAB GUIDE
590
ISDN- LEGACY DIAL
R5 R6
ISDN
Switch
2001:1:1::5 / 64
2001:1:1::6 /64
1. Configure ISDN setup between Router5 and Router6
2. Either router should be able to dial each other.
3. Ensure the ISDN connection is initiated using ICMPv6 and IPv6 as interesting traffic.
4. Ensure the second lSDN link comes up immediately
5. Test your configur s physical ISDN interfaces.
NLI'S CCIE IPV6 LAB GUIDE
591
ANSWER
The configuration of IPv6 ISDN is exactly the same as IPv4 configuration except for the ip
addresses.
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r5
!
logging queue-limit 100
!
username r6 password 0 cisco
ip subnet-zero
!
!
no ip domain lookup
!
no ip bootp server
ip audit notify log
ip audit po max-events 100
ip ssh port 5555 rotary 1 2
ipv6 unicast-routing
!
!
!
crypto isakmp policy 10
!
!
!
isdn switch-type basic-ni
!
!
!
!
!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r5
!
logging queue-limit 100
!
username r5 password 0 cisco
ip subnet-zero
!
!
no ip domain lookup
!
no ip bootp server
ip audit notify log
ip audit po max-events 100
ip ssh port 5555 rotary 1 2
ipv6 unicast-routing
!
!
!
crypto isakmp policy 10
!
!
!
isdn switch-type basic-ni
!
!
!
!
!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
NLI'S CCIE IPV6 LAB GUIDE
592
!
class-map match-all test
!
interface BRI0/0
no ip address
encapsulation ppp
dialer map ipv6 2001:1:1::6 name r6 4930622
dialer map ipv6 2001:1:1::6 name r6 4930623
dialer load-threshold 1 either
dialer-group 1
ipv6 address 2001:1:1::5/64
isdn switch-type basic-net3
isdn spid1 81049306240101 4930624
isdn spid2 81049306250101 4930625
ppp multilink
!
ip http server
no ip http secure-server
ip classless
!
dialer-list 1 protocol ipv6 list R6_dial
!
ipv6 access-list R6_dial
permit icmp any any
permit ipv6 any any
call rsvp-sync
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0
!
end
!
class-map match-all test
!
interface BRI0/0
no ip address
encapsulation ppp
dialer map ipv6 2001:1:1::5 name r5 4930624
dialer map ipv6 2001:1:1::5 name r5 4930625
dialer load-threshold 1 either
dialer-group 1
ipv6 address 2001:1:1::6/64
isdn switch-type basic-net3
isdn spid1 81049306220101 4930622
isdn spid2 81049306230101 4930623
ppp multilink
!
ip http server
no ip http secure-server
ip classless
!
dialer-list 1 protocol ipv6 list R5_dial
!
ipv6 access-list R5_dial
permit icmp any any
permit ipv6 any any
call rsvp-sync
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0
!
end
NLI'S CCIE IPV6 LAB GUIDE
593
!The following shows that when Router5 pings Router6, the ISDN comes up
!The following shows the status of the physical interface on Router5
NLI'S CCIE IPV6 LAB GUIDE
594
!The following shows the status of the physical interface on Router6
!The following shows the output of Layer 2 debugging on router5 as soon as the BRI interface is
brought up
r5#debug isdn q921
debug isdn q921 is ON.
r5#
r5#config t
Enter configuration commands, one per line. End with CNTL/Z.
r5(config)#int bri0/0
r5(config-if)#no shut
r5(config-if)#
*Apr 18 23:57:16.488: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to down
*Apr 18 23:57:16.488: %LINK-3-UPDOWN: Interface BRI0/0:2, changed state to down
*Apr 18 23:57:16.512: ISDN BR0/0 Q921: User TX -> IDREQ ri=37339 ai=127
*Apr 18 23:57:16.540: ISDN BR0/0 Q921: User RX <- IDASSN ri=37339 ai=103
*Apr 18 23:57:16.544: ISDN BR0/0 Q921: User TX -> SABMEp sapi=0 tei=103
*Apr 18 23:57:16.548: %LINK-3-UPDOWN: Interface BRI0/0, changed state to up
*Apr 18 23:57:16.560: ISDN BR0/0 Q921: User RX <- UAf sapi=0 tei=103
r5(config-if)#
r5#
*Apr 18 23:57:16.564: %ISDN-6-LAYER2UP: Layer 2 for Interface BR0/0, TEI 103 cha
nged to up
NLI'S CCIE IPV6 LAB GUIDE
595
!The following shows the Layer 3 debug when Router5 dials Router6
r5#debug isdn q931
debug isdn q931 is ON.
r5#ping ipv6 2001:1:1::6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:1:1::6, timeout is 2 seconds:
*Apr 19 00:02:05.362: ISDN BR0/0 Q931: TX -> SETUP pd = 8 callref = 0x09
Bearer Capability i = 0x8890
Standard = CCITT
Transer Capability = Unrestricted Digital
Transfer Mode = Circuit
Transfer Rate = 64 kbit/s
Channel ID i = 0x83
Called Party Number i = 0x80, '4930622'
Plan:Unknown, Type:Unknown
*Apr 19 00:02:05.426: ISDN BR0/0 Q931: RX <- CALL_PROC pd = 8 callref = 0x89
Channel ID i = 0x89
*Apr 19 00:02:05.698: ISDN BR0/0 Q931: RX <- CONNECT pd = 8 callref = 0x89
*Apr 19 00:02:05.706: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to up
*Apr 19 00:02:05.710: ISDN BR0/0 Q931: TX -> CONNECT_ACK pd = 8 callref = 0x09
*Apr 19 00:02:05.738: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state t
o up.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 32/32/32 ms
r5#
*Apr 19 00:02:06.732: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0/0:1,
changed state to up
*Apr 19 00:02:06.740: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Ac
cess2, changed state to up
r5#
*Apr 19 00:02:11.708: %ISDN-6-CONNECT: Interface BRI0/0:1 is now connected to 49
30622 r6
NLI'S CCIE IPV6 LAB GUIDE
596
ISDN DIALER PROFILE
R5 R6
ISDN
Switch
2001:1:1::5 / 64
2001:1:1::6 /64
1. Configure ISDN setup between Router5 and Router6
2. Only router5 should be able to dial router6
3. Configure the connectivity without using physical interfaces and instead using a Dialer
profile.
4. Ensure the ISDN connection is initiated using ICMPv6 and IPv6 as interesting traffic.
5. Ensure the second lSDN link comes up immediately
6. .
NLI'S CCIE IPV6 LAB GUIDE
597
ANSWER
The configuration of IPv6 ISDN is exactly the same as IPv4 configuration except for the ip
addresses.
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r5
!
logging queue-limit 100
!
username r6 password 0 cisco
ip subnet-zero
!
!
no ip domain lookup
!
no ip bootp server
ip audit notify log
ip audit po max-events 100
ip ssh port 5555 rotary 1 2
ipv6 unicast-routing
!
!
!
crypto isakmp policy 10
!
!
!
isdn switch-type basic-ni
!
!
!
!
!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r5
!
logging queue-limit 100
!
username r5 password 0 cisco
ip subnet-zero
!
!
no ip domain lookup
!
no ip bootp server
ip audit notify log
ip audit po max-events 100
ip ssh port 5555 rotary 1 2
ipv6 unicast-routing
!
!
!
crypto isakmp policy 10
!
!
!
isdn switch-type basic-ni
!
!
!
!
!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
NLI'S CCIE IPV6 LAB GUIDE
598
!
class-map match-all test
!
interface BRI0/0
no ip address
encapsulation ppp
dialer pool-member 1
isdn switch-type basic-net3
isdn spid1 81049306240101 4930624
isdn spid2 81049306250101 4930625
ppp multilink
!
interface Dialer1
no ip address
encapsulation ppp
dialer pool 1
dialer remote-name r6
dialer string 4930622
dialer string 4930623
dialer load-threshold 1 either
dialer-group 1
ipv6 address 2001:1:1::5/64
ppp multilink
!
ip http server
no ip http secure-server
ip classless
!
dialer-list 1 protocol ipv6 list R6_dial
!
ipv6 access-list R6_dial
permit icmp any any
permit ipv6 any any
call rsvp-sync
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0
!
end
!
class-map match-all test
!
interface BRI0/0
no ip address
encapsulation ppp
dialer pool-member 1
isdn switch-type basic-net3
isdn spid1 81049306220101 4930622
isdn spid2 81049306230101 4930623
ppp multilink
end
!
interface Dialer1
no ip address
encapsulation ppp
dialer pool 1
dialer remote-name r5
dialer load-threshold 1 either
dialer-group 1
ipv6 address 2001:1:1::6/64
ppp multilink
!
ip http server
no ip http secure-server
ip classless
!
dialer-list 1 protocol ipv6 list R5_dial
!
ipv6 access-list R5_dial
permit icmp any any
permit ipv6 any any
call rsvp-sync
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0
!
end
NLI'S CCIE IPV6 LAB GUIDE
599
NLI'S CCIE IPV6 LAB GUIDE
600
!The following shows that when Router5 pings Router6, the ISDN comes up
!The following shows the status of the physical interface on Router5
NLI'S CCIE IPV6 LAB GUIDE
601
!The following shows the status of the physical interface on Router6
!The following shows Router5 is able to
!The following shows Router6 is able to
!The following shows that on Router5, the logical interface is bound to both channels
r5#show interfaces dialer 1
Dialer1 is up, line protocol is up (spoofing)
Hardware is Unknown
MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open, multilink Open
Open: IPV6CP, CDPCP, loopback not set
DTR is pulsed for 1 seconds on reset idle 00:01:27
Interface is bound to BR0/0:1
Interface is bound to BR0/0:2
Last input 00:00:32, output never, output hang never
Last clearing of "show interface" counters 3d14h
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queuing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/16 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 96 kilobits/sec
NLI'S CCIE IPV6 LAB GUIDE
602
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
39 packets input, 4772 bytes
41 packets output, 4680 bytes
Bound to:
BRI0/0:1 is up, line protocol is up
Hardware is PQUICC BRI
MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open, multilink Open, loopback not set
Interface is bound to Di1 (Encapsulation PPP)
Last input 00:00:34, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queuing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
332 packets input, 21310 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
333 packets output, 22213 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
13 carrier transitions
Bound to:
BRI0/0:2 is up, line protocol is up
Hardware is PQUICC BRI
MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open, multilink Open, loopback not set
Interface is bound to Di1 (Encapsulation PPP)
Last input 00:00:36, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queuing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
197 packets input, 12338 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
196 packets output, 11534 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
20 carrier transitions
NLI'S CCIE IPV6 LAB GUIDE
603
!The following shows that on Router6, the logical interface is bound to both channels
r6#show interfaces dialer 1
Dialer1 is up, line protocol is up (spoofing)
Hardware is Unknown
MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open, multilink Open
Open: IPV6CP, CDPCP, loopback not set
DTR is pulsed for 1 seconds on reset idle 00:00:11
Interface is bound to BR0/0:1
Interface is bound to BR0/0:2
Last input 00:00:13, output never, output hang never
Last clearing of "show interface" counters 00:09:46
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queuing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/16 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 96 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
38 packets input, 5454 bytes
38 packets output, 5138 bytes
Bound to:
BRI0/0:1 is up, line protocol is up
Hardware is PQUICC BRI
MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open, multilink Open, loopback not set
Interface is bound to Di1 (Encapsulation PPP)
Last input 00:00:15, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queuing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
324 packets input, 21239 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
323 packets output, 20360 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
27 carrier transitions
Bound to:
BRI0/0:2 is up, line protocol is up
Hardware is PQUICC BRI
MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec,
NLI'S CCIE IPV6 LAB GUIDE
604
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open, multilink Open, loopback not set
Interface is bound to Di1 (Encapsulation PPP)
Last input 00:00:17, output 00:00:02, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queuing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
230 packets input, 13479 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
232 packets output, 14512 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
25 carrier transitions
NLI'S CCIE IPV6 LAB GUIDE
605
CONFIGURINGATM WITH IPV6CONNECTIVITY ONPHYSICALINTERFACE
R13 R14
ATM
Switch
2001:1:1::13 / 64
2001:1:1::14 /64
1. Configure Router13 and Router14 for IP over ATM
2. Ensure they do not use Inverse-ARP
3. Ensure they do not use ATM PVC-discovery
4. Test your configuration to ensure the routers
ATM interfaces.
NLI'S CCIE IPV6 LAB GUIDE
606
ANSWER
The configuration of IPv6 ATM interface is exactly the same as IPv4 configuration except for the
ip addresses are different
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r5
!
logging queue-limit 100
!
username r6 password 0 cisco
ip subnet-zero
!
!
no ip domain lookup
!
no ip bootp server
ip audit notify log
ip audit po max-events 100
ip ssh port 5555 rotary 1 2
ipv6 unicast-routing
!
crypto isakmp policy 10
!
interface ATM2/0
no ip address
no atm ilmi-keepalive
pvc R13 0/16 ilmi
!
pvc 3/77
protocol ipv6 2001:1:1::14 broadcast
!
ipv6 address 2001:1:1::13/64
!
mgcp profile default
!
dial-peer cor custom
!
line con 0
logging synchronous
line aux 0
line vty 0
!
end
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r5
!
logging queue-limit 100
!
username r5 password 0 cisco
ip subnet-zero
!
no ip domain lookup
!
no ip bootp server
ip audit notify log
ip audit po max-events 100
ip ssh port 5555 rotary 1 2
ipv6 unicast-routing
!
crypto isakmp policy 10
!
interface ATM2/0
no ip address
no atm ilmi-keepalive
pvc R14 0/16 ilmi
!
pvc 3/77
protocol ipv6 2001:1:1::13 broadcast
!
ipv6 address 2001:1:1::14/64
!
all rsvp-sync
!
mgcp profile default
!
dial-peer cor custom
!
line con 0
logging synchronous
line aux 0
line vty 0
!
end
NLI'S CCIE IPV6 LAB GUIDE
607
interface ATM2/0
no ip address
no atm ilmi-keepalive
atm ilmi-pvc-discovery
pvc R13 0/16 ilmi
!
ipv6 address 2001:1:1::13/64
Then to discovery you the VPI/VCI for your rack, do the following command and match it with
your rack details
After you have discovered the information, go back to the interface and manually configure it in
with the broadcast information. - You may need to reboot first, it just depends on the code.
608
NLI'S CCIE IPV6 LAB GUIDE
609
ANSWER
In order to enable basic multicast routing on the router, should be
configured. This is similar to enabling to enable unicast IP routing. By default,
multicast-routing is not enabled and must be configured to support all IP multicast routing
features.
Router1#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router1(config)#ip multicast-routing
Router1#sh run
Building configuration...
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
ip subnet-zero
!
no ip domain-lookup
!
Ipv6 multicast-routing
ip audit notify log
ip audit po max-events 100
!
call rsvp-sync
!
interface FastEthernet0/0
speed 100
full-duplex
!
line con 0
exec-timeout 60 0
logging synchronous
line aux 0
exec-timeout 60 0
logging synchronous
line vty 0 4
exec-timeout 60 0
logging synchronous
login
NLI'S CCIE IPV6 LAB GUIDE
610
611
NLI'S CCIE IPV6 LAB GUIDE
612
ANSWER
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
ipv6 cef accounting per-prefix
no ftp-server write-enable
!
class-map match-all http_limit_class
match access-group name http_limit_access
!
policy-map http_limit_policy
class http_limit_class
police cir 1544000 bc 193000 be 193000
conform-action transmit
exceed-action drop
!
no crypto isakmp enable
!
interface FastEthernet0/0
no ip address
service-policy input http_limit_policy
speed 100
full-duplex
ipv6 address 2001:1:13::1/64
ipv6 enable
ipv6 cef
!
ipv6 access-list http_limit_access
permit tcp any any eq www
!
control-plane
!
NLI'S CCIE IPV6 LAB GUIDE
613
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
614
Router 1
VLAN 1
`
Receiver 1
2001:1:1::10/64
Fe0/0 2001:1:1::1//64
S0/0
NLI'S CCIE IPV6 LAB GUIDE
615
ANSWER
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
ipv6 cef accounting per-prefix
no ftp-server write-enable
!
class-map match-all http_limit_class
match access-group name http_limit_access
class-map match-all voice_mark_class
match access-group name voice_mark_access
class-map match-all http_mark_class
match access-group name http_mark_access
!
policy-map ingress_marking_policy
class voice_mark_class
set dscp ef
class http_mark_class
set dscp 21
class class-default
set dscp default
!
policy-map egress_queuing_policy
class voice_mark_class
priority percent 30
class http_mark_class
bandwidth percent 25
class class-default
bandwidth percent 45
!
no crypto isakmp enable
NLI'S CCIE IPV6 LAB GUIDE
616
!
interface FastEthernet0/0
no ip address
service-policy input ingress_marking_policy
speed 100
full-duplex
ipv6 address 2001:1:13::1/64
ipv6 enable
ipv6 cef
!
interface Serial2/0
no ip address
max-reserved-bandwidth 100
service-policy output egress_queuing_policy
ipv6 enable
ipv6 cef
serial restart-delay 0
!
ipv6 access-list voice_mark_access
permit udp any any range 16384 32767
!
ipv6 access-list http_mark_access
permit tcp any any eq www
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
NLI'S CCIE IPV6 LAB GUIDE
617
618
Router 1
VLAN 1
`
Host 1
2001:1:1::10/64
Fe0/0 2001:1:1::1//64
F0/1 172.16.1.1 /24
NLI'S CCIE IPV6 LAB GUIDE
619
ANSWER
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
ipv6 cef accounting per-prefix
no ftp-server write-enable
!
no crypto isakmp enable
!
interface FastEthernet0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:13::1/64
ipv6 enable
ipv6 cef
ipv6 nat
!
interface Serial2/0
ip add 172.16.1.1 255.255.255.0
ipv6 enable
ipv6 cef
serial restart-delay 0
ipv6 nat prefix 2001::/96
!
ipv6 nat v4v6 source 172.16.1.20 2001:1:1::20
ipv6 nat v6v4 source 2001:1:1::10 172.16.1.10
!
control-plane
!
line con 0
NLI'S CCIE IPV6 LAB GUIDE
620
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
621
Router 1
VLAN 1
`
Host 1
2001:1:1::10/64
Fe0/0 2001:1:1::1//64
F0/1 172.16.1.1 /24
NLI'S CCIE IPV6 LAB GUIDE
622
ANSWER
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router1
!
logging buffered 20000 debugging
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
ipv6 cef
ipv6 cef accounting per-prefix
no ftp-server write-enable
!
no crypto isakmp enable
!
interface FastEthernet0/0
no ip address
speed 100
full-duplex
ipv6 address 2001:1:13::1/64
ipv6 enable
ipv6 cef
ipv6 nat
!
interface Serial2/0
ip add 172.16.1.1 255.255.255.0
ipv6 enable
ipv6 cef
serial restart-delay 0
ipv6 nat prefix 2001::/96
!
ipv6 nat v4v6 source 172.16.1.20 2001:1:1::20
ipv6 nat v6v4 source list v6address pool v4Pool
ipv6 nat v6v4 pool v4Pool 172.16.1.50 172.16.1.60 prefix-length 24
!
ipv6 access-list v6address
NLI'S CCIE IPV6 LAB GUIDE
623
permit ipv6 2001::/96 any
!
control-plane
!
line con 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line aux 0
exec-timeout 60 0
logging synchronous
transport preferred all
transport output all
line vty 0 4
exec-timeout 60 0
logging synchronous
login
transport preferred all
transport input all
transport output all
!
end
NLI'S CCIE IPV6 LAB GUIDE
624
APPENDIX A- IPV6 RFCS
RFC Description/Status
RFC 1809 Using the Flow Label Field in IPv6. C. Partridge. June 1995. (Format: TXT=13591
bytes) (Status: INFORMATIONAL)
RFC 1881 IPv6 Address Allocation Management. IAB, IESG. December 1995. (Format:
TXT=3215 bytes) (Status: INFORMATIONAL)
RFC 1883 Internet Protocol, Version 6 (IPv6) Specification. S. Deering, R. Hinden. December
1995. (Format: TXT=82089 bytes) (Obsoleted by RFC2460) (Status: PROPOSED
STANDARD)
RFC 1885 Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6
(IPv6). A. Conta, S. Deering. December 1995. (Format: TXT=32214 bytes) (Obsoleted
by RFC2463) (Status: PROPOSED STANDARD)
RFC 1887 An Architecture for IPv6 Unicast Address Allocation. Y. Rekhter, T. Li, Eds..
December 1995. (Format: TXT=66066 bytes) (Status: INFORMATIONAL)
RFC 1924 A Compact Representation of IPv6 Addresses. R. Elz. Apr-01-1996. (Format:
TXT=10409 bytes) (Status: INFORMATIONAL)
RFC 1932 IP over ATM: A Framework Document. R. Cole, D. Shur, C. Villamizar. April 1996.
(Format: TXT=68031 bytes) (Status: INFORMATIONAL)
RFC 2080 RIPng for IPv6. G. Malkin, R. Minnear. January 1997. (Format: TXT=47534 bytes)
(Status: PROPOSED STANDARD)
RFC 2375 IPv6 Multicast Address Assignments. R. Hinden, S. Deering. July 1998. (Format:
TXT=14356 bytes) (Status: INFORMATIONAL)
RFC 2428 FTP Extensions for IPv6 and NATs. M. Allman, S. Ostermann, C. Metz. September
1998. (Format: TXT=16028 bytes) (Status: PROPOSED STANDARD)
RFC 2460 Internet Protocol, Version 6 (IPv6) Specification. S. Deering, R. Hinden. December
1998. (Format: TXT=85490 bytes) (Obsoletes RFC1883) (Status: DRAFT
STANDARD)
RFC 2461 Neighbor Discovery for IP Version 6 (IPv6). T. Narten, E. Nordmark, W. Simpson.
December 1998. (Format: TXT=222516 bytes) (Obsoletes RFC1970) (Status: DRAFT
STANDARD)
RFC 2462 IPv6 Stateless Address Autoconfiguration. S. Thomson, T. Narten. December 1998.
(Format: TXT=61210 bytes) (Obsoletes RFC1971) (Status: DRAFT STANDARD)
RFC 2463 Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6
(IPv6) Specification. A. Conta, S. Deering. December 1998. (Format: TXT=34190
bytes) (Obsoletes RFC1885) (Status: DRAFT STANDARD)
RFC 2464 Transmission of IPv6 Packets over Ethernet Networks. M. Crawford. December
1998. (Format: TXT=12725 bytes) (Obsoletes RFC1972) (Status: PROPOSED
NLI'S CCIE IPV6 LAB GUIDE
625
STANDARD)
RFC 2465 Management Information Base for IP Version 6: Textual Conventions and General
Group. D. Haskin, S. Onishi. December 1998. (Format: TXT=77339 bytes) (Status:
PROPOSED STANDARD)
RFC 2466 Management Information Base for IP Version 6: ICMPv6 Group. D. Haskin, S.
Onishi. December 1998. (Format: TXT=27547 bytes) (Status: PROPOSED
STANDARD)
RFC 2467
Transmission of IPv6 Packets over FDDI Networks. M. Crawford. December 1998.
(Format: TXT=16028 bytes) (Obsoletes RFC2019) (Status: PROPOSED STANDARD)
RFC 2492 IPv6 over ATM Networks. G. Armitage, P. Schulter, M. Jork. January 1999. (Format:
TXT=21199 bytes) (Status: PROPOSED STANDARD)
RFC 2526 Reserved IPv6 Subnet Anycast Addresses. D. Johnson, S. Deering. March 1999.
(Format: TXT=14555 bytes) (Status: PROPOSED STANDARD)
RFC 2529 Transmission of IPv6 over IPv4 Domains without Explicit Tunnels. B. Carpenter, C.
Jung. March 1999. (Format: TXT=21049 bytes) (Status: PROPOSED STANDARD)
RFC 2545 Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing. P. Marques,
F. Dupont. March 1999. (Format: TXT=10209 bytes) (Status: PROPOSED
STANDARD)
RFC 2675 IPv6 Jumbograms. D. Borman, S. Deering, R. Hinden. August 1999. (Format:
TXT=17320 bytes) (Obsoletes RFC2147) (Status: PROPOSED STANDARD)
RFC 2710 Multicast Listener Discovery (MLD) for IPv6. S. Deering, W. Fenner, B. Haberman.
October 1999. (Format: TXT=46838 bytes) (Updated by RFC3590, RFC3810) (Status:
PROPOSED STANDARD)
RFC 2711 IPv6 Router Alert Option. C. Partridge, A. Jackson. October 1999. (Format:
TXT=11973 bytes) (Status: PROPOSED STANDARD)
RFC 2732 Format for Literal IPv6 Addresses in URL's. R. Hinden, B. Carpenter, L. Masinter.
December 1999. (Format: TXT=7984 bytes) (Updates RFC2396) (Status: PROPOSED
STANDARD)
RFC 2740 OSPF for IPv6. R. Coltun, D. Ferguson, J. Moy. December 1999. (Format:
TXT=189810 bytes) (Status: PROPOSED STANDARD)
RFC 2893 Transition Mechanisms for IPv6 Hosts and Routers. R. Gilligan, E. Nordmark. August
2000. (Format: TXT=62731 bytes) (Obsoletes RFC1933) (Status: PROPOSED
STANDARD)
RFC 2894 Router Renumbering for IPv6. M. Crawford. August 2000. (Format: TXT=69135
bytes) (Status: PROPOSED STANDARD)
RFC 2928 Initial IPv6 Sub-TLA ID Assignments. R. Hinden, S. Deering, R. Fink, T. Hain.
September 2000. (Format: TXT=11882bytes) (Status: INFORMATIONAL)
RFC 3041 Privacy Extensions for Stateless Address Autoconfiguration in IPv6. T. Narten, R.
NLI'S CCIE IPV6 LAB GUIDE
626
Draves. January 2001. (Format: TXT=44446 bytes) (Status: PROPOSED STANDARD)
RFC 3056 Connection of IPv6 Domains via IPv4 Clouds. B. Carpenter, K. Moore. February
2001. (Format: TXT=54902 bytes) (Status: PROPOSED STANDARD)
RFC 3111 Service Location Protocol Modifications for IPv6. E. Guttman. May 2001. (Format:
TXT=25543 bytes) (Status: PROPOSED STANDARD)
RFC 3122 Extensions to IPv6 Neighbor Discoveryfor Inverse Discovery Specification. A.
Conta. June 2001. (Format: TXT=40416 bytes) (Status: PROPOSED STANDARD)
RFC 3146 Transmission of IPv6 Packets over IEEE 1394 Networks. K. Fujisawa, A. Onoe.
October 2001. (Format: TXT=16569 bytes) (Status: PROPOSED STANDARD)
RFC 3162 RADIUS and IPv6. B. Aboba, G. Zorn, D. Mitton. August 2001. (Format: TXT=20492
bytes) (Status: PROPOSED STANDARD)
RFC 3175 Aggregation of RSVP for IPv4 and IPv6 Reservations. F. Baker, C. Iturralde, F. Le
Faucheur, B. Davie. September 2001. (Format: TXT=88681bytes) (Status:
PROPOSED STANDARD)
RFC 3177 IAB/IESG Recommendations on IPv6 Address Allocations to Sites. IAB, IESG.
September 2001. (Format: TXT=23178bytes) (Status: INFORMATIONAL)
RFC 3266 Support for IPv6 in Session Description Protocol (SDP). S. Olson, G. Camarillo, A. B.
Roach. June 2002. (Format: TXT=8693 bytes) (Updates RFC2327) (Status:
PROPOSED STANDARD)
RFC 3306 Unicast-Prefix-based IPv6 Multicast Addresses. B. Haberman, D. Thaler. August
2002. (Format: TXT=12713 bytes) (Status: PROPOSED STANDARD)
RFC 3307 Allocation Guidelines for IPv6 Multicast Addresses. B. Haberman. August 2002.
(Format: TXT=15742 bytes) (Status: PROPOSED STANDARD)
RFC 3314 Recommendations for IPv6 in Third Generation Partnership Project (3GPP)
Standards. M. Wasserman, Ed.. September 2002. (Format: TXT=48168 bytes) (Status:
INFORMATIONAL)
RFC 3315 Dynamic Host Configuration Protocol for IPv6 (DHCPv6). R. Droms, Ed., J. Bound,
B. Volz, T. Lemon, C. Perkins, M. Carney. July 2003. (Format: TXT=231402 bytes)
(Status: PROPOSED STANDARD)
RFC 3363 Representing Internet Protocol version 6 (IPv6) Addresses in the Domain Name
System (DNS). R. Bush, A. Durand, B. Fink, O. Gudmundsson, T. Hain. August 2002.
(Format: TXT=11055 bytes) (Updates RFC2673, RFC2874) (Status:
INFORMATIONAL)
RFC 3484 Default Address Selection for Internet Protocol version 6 (IPv6). R. Draves. February
2003. (Format: TXT=55076 bytes) (Status: PROPOSED STANDARD)
RFC 3513 Internet Protocol Version 6 (IPv6) Addressing Architecture. R. Hinden, S. Deering.
April 2003. (Format: TXT=53920 bytes) (Obsoletes RFC2373) (Status: PROPOSED
STANDARD)
RFC 3587 IPv6 Global Unicast Address Format. R. Hinden, S. Deering, E. Nordmark. August
NLI'S CCIE IPV6 LAB GUIDE
627
2003. (Format: TXT=8783 bytes) (Obsoletes RFC2374) (Status: INFORMATIONAL)
RFC 3596 Textual Conventions for IPv6 Flow Label. B. Wijnen. September 2003. (Format:
TXT=11746 bytes) (Status: PROPOSED STANDARD)
RFC 3633 IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6. O.
Troan, R. Droms. December 2003. (Format: TXT=45308 bytes) (Status: PROPOSED
STANDARD)
RFC 3646 DNS Configuration options for Dynamic Host Configuration Protocol for IPv6
(DHCPv6). R. Droms, Ed.. December 2003. (Format: TXT=13312 bytes) (Status:
PROPOSED STANDARD)
RFC 3697 IPv6 Flow Label Specification. J. Rajahalme, A. Conta, B. Carpenter, S. Deering.
March 2004. (Format: TXT=21296 bytes) (Status: PROPOSED STANDARD)
RFC 3736 Stateless Dynamic Host Configuration Protocol (DHCP) Service for IPv6. R. Droms.
April 2004. (Format: TXT=18510 bytes) (Status: PROPOSED STANDARD)
RFC 3775 Mobility Support in IPv6. D. Johnson, C. Perkins, J. Arkko. June 2004. (Format:
TXT=393514 bytes) (Status: PROPOSED STANDARD)
RFC 3776 Using IPsec to Protect Mobile IPv6 Signaling Between Mobile Nodes and Home
Agents. J. Arkko, V. Devarapalli, F. Dupont. June 2004. (Format: TXT=87076 bytes)
(Status: PROPOSED STANDARD)
RFC 3810 Multicast Listener Discovery Version 2 (MLDv2) for IPv6. R. Vida, Ed., L. Costa, Ed..
June 2004. (Format: TXT=153579 bytes) (Updates RFC2710) (Status: PROPOSED
STANDARD)
RFC 3831 Transmission of IPv6 Packets over Fibre Channel. C. DeSanti. July 2004. (Format:
TXT=53328 bytes) (Status: PROPOSED STANDARD)
NLI'S CCIE IPV6 LAB GUIDE
628
APPENDIX B- LABSETUP & PREPARATION
MINIMUMCCIE RACK SETUP FOR R&S ANDSECURITY
Router 1, 3, 4, 5 and 6 - 2 Fast Ethernet and 2 Serial Interfaces
Each Router should have 16Mb Flash (for the IOS) and 64Mb DRAM.
th at least 1 Ethernet interface. This can
have minimal memory configuration.
ACS (TACACS+ ) server
IIS
Certificate Authority Server
copy of the Cisco VPN Client software
Ethereal sniffer software
1 IDS sensor
1 3005 VPN concentrator
6 back-to-back cables
from the network devices to the switch. Try
to connect f0/0 of each router to Switch1 and f0/1 to Switch2. Trunk the two switches on
port 23 and 24 with cross-over cables.
NLI'S CCIE IPV6 LAB GUIDE
630
CONFIGURING A TYPICAL FRAME RELAY SWITCH
Following is an example configuration of how to configure a Frame Relay Switch
with four serial interfaces, and DLCIs associated to route packets through the various
interfaces.
hostname framerelay-switch
!
!
frame-relay switching
!
interface Ethernet0
no ip address
shutdown
!
interface Ethernet1
no ip address
shutdown
!
interface Ethernet2
no ip address
shutdown
!
interface Ethernet3
no ip address
shutdown
!
interface Ethernet4
no ip address
shutdown
!
interface Ethernet5
no ip address
shutdown
!
interface Serial0
no ip address
no ip directed-broadcast
no ip mroute-cache
encapsulation frame-relay
no fair-queue
clockrate 64000
frame-relay intf-type dce
frame-relay route 101 interface Serial1 110
frame-relay route 102 interface Serial2 120
frame-relay route 103 interface Serial3 130
!
interface Serial1
no ip address
no ip directed-broadcast
no ip mroute-cache
encapsulation frame-relay
clockrate 64000
NLI'S CCIE IPV6 LAB GUIDE
631
frame-relay intf-type dce
frame-relay route 110 interface Serial0 101
frame-relay route 112 interface Serial2 121
frame-relay route 113 interface Serial3 131
!
interface Serial2
no ip address
no ip directed-broadcast
encapsulation frame-relay
clockrate 64000
frame-relay intf-type dce
frame-relay route 120 interface Serial0 102
frame-relay route 121 interface Serial1 112
frame-relay route 123 interface Serial3 132
!
interface Serial3
no ip address
no ip directed-broadcast
encapsulation frame-relay
clockrate 64000
frame-relay intf-type dce
frame-relay route 130 interface Serial0 103
frame-relay route 131 interface Serial1 113
frame-relay route 132 interface Serial2 123
!
interface BRI0
no ip address
shutdown
!
interface BRI1
no ip address
shutdown
!
interface BRI2
no ip address
shutdown
!
interface BRI3
no ip address
shutdown
!
interface BRI4
no ip address
shutdown
!
interface BRI5
no ip address
shutdown
!
interface BRI6
no ip address
shutdown
!
interface BRI7
no ip address
NLI'S CCIE IPV6 LAB GUIDE
632
shutdown
!
no ip classless
logging buffered
no logging console
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
end
NLI'S CCIE IPV6 LAB GUIDE
633
CONFIGURING A TERMINAL SERVER
Current configuration:
!
! Last configuration change at 21:18:19 EDT Fri Jun 27 2003
! NVRAM config last updated at 11:59:14 EDT Mon Apr 28 2003
!
version 12.0
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service compress-config
!
hostname labterminal
!
logging buffered 20000 debugging
no logging console
enable secret ccie
!
!
clock timezone EST -5
clock summer-time EDT recurring
ip subnet-zero
no ip finger
no ip domain-lookup
ip host router1 2001 1.1.1.1
ip host router2 2002 1.1.1.1
ip host router3 2003 1.1.1.1
ip host router4 2004 1.1.1.1
ip host router5 2005 1.1.1.1
ip host router6 2006 1.1.1.1
ip host router7 2017 1.1.1.1
ip host router8 2018 1.1.1.1
ip host pix1 209 1.1.1.1
ip host pix2 2010 1.1.1.1
Ip host switch1 2011 1.1.1.1
ip host switch2 2012 1.1.1.1
ip host backbone1 2013 1.1.1.1
ip host backbone2 2014 1.1.1.1
ip host backbone3 2015 1.1.1.1
!
!
!
process-max-time 200
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
no ip directed-broadcast
!
interface Ethernet0
ip address X.X.X.X 255.255.255.0
no ip directed-broadcast
!
NLI'S CCIE IPV6 LAB GUIDE
634
interface Serial0
no ip address
no ip directed-broadcast
shutdown
!
ip classless
ip route 0.0.0.0 0.0.0.0 X.X.X.X
no ip http server
!
!
line con 0
exec-timeout 60 0
password cisco
logging synchronous
transport input none
line 1 15
no exec
exec-timeout 30 0
logging synchronous
transport input all
transport output none
flowcontrol hardware
line 16
no exec
exec-timeout 30 0
logging synchronous
transport input all
transport output none
line aux 0
exec-timeout 60 0
password 7 121A551A411F
logging synchronous
line vty 0 4
exec-timeout 5 0
password 7 141442065F10
logging synchronous
login
transport input pad v120 telnet rlogin udptn
transport output pad v120 telnet rlogin udptn
!
end
NLI'S CCIE IPV6 LAB GUIDE
635
TEMPLATE CONFIGURATION
After each lab, erase the configuration and reload the router. Paste the following basic
configuration to bring it back to the minimal router configuration to configure the
next lab. If necessary, change the below templates to match your individual racks.
Router1
en
config t
host router1
service timestamps debug datetime localtime msec show-timezone
service timestamps log datetime localtime msec show-timezone
service password-enc
no ip domain-lookup
cdp run
logging buffered 20000 debugging
line con 0
logging synchronous
exec-timeout 60 0
exit
line aux 0
logging synchronous
exec-timeout 60 0
exit
line vty 0 4
logging synchronous
exec-timeout 60 0
exit
exit
wr mem
Router2
en
config t
host router2
service timestamps debug datetime localtime msec show-timezone
service timestamps log datetime localtime msec show-timezone
service password-enc
no ip domain-lookup
logging buffered 20000 debugging
cdp run
line con 0
logging synchronous
exec-timeout 60 0
exit
NLI'S CCIE IPV6 LAB GUIDE
636
line aux 0
logging synchronous
exec-timeout 60 0
exit
line vty 0 4
logging synchronous
exec-timeout 60 0
exit
exit
wr mem
Router3
en
config t
host router3
service timestamps debug datetime localtime msec show-timezone
service timestamps log datetime localtime msec show-timezone
no ip domain-lookup
service password-enc
logging buffered 20000 debugging
cdp run
line con 0
logging synchronous
exec-timeout 60 0
exit
line aux 0
logging synchronous
exec-timeout 60 0
exit
line vty 0 4
logging synchronous
exec-timeout 60 0
exit
exit
wr mem
Router4
en
config t
host router4
service timestamps debug datetime localtime msec show-timezone
service timestamps log datetime localtime msec show-timezone
service password-enc
no ip domain-lookup
logging buffered 20000 debugging
NLI'S CCIE IPV6 LAB GUIDE
637
cdp run
line con 0
logging synchronous
exec-timeout 60 0
exit
line aux 0
logging synchronous
exec-timeout 60 0
exit
line vty 0 4
logging synchronous
exec-timeout 60 0
exit
exit
wr mem
Router5
en
config t
host router5
service timestamps debug datetime localtime msec show-timezone
service timestamps log datetime localtime msec show-timezone
service password-enc
no ip domain-lookup
logging buffered 20000 debugging
cdp run
line con 0
logging synchronous
exec-timeout 60 0
exit
line aux 0
logging synchronous
exec-timeout 60 0
exit
line vty 0 4
logging synchronous
exec-timeout 60 0
exit
exit
wr mem
Router6
en
config t
host router6
service timestamps debug datetime localtime msec show-timezone
NLI'S CCIE IPV6 LAB GUIDE
638
service timestamps log datetime localtime msec show-timezone
service password-enc
no ip domain-lookup
logging buffered 20000 debugging
cdp run
line con 0
logging synchronous
exec-timeout 60 0
exit
line aux 0
logging synchronous
exec-timeout 60 0
exit
line vty 0 4
logging synchronous
exec-timeout 60 0
exit
exit
wr mem
Switch1
en
config t
host Switch1
service timestamps debug datetime localtime msec show-timezone
service timestamps log datetime localtime msec show-timezone
service password-enc
no ip domain-lookup
interface range f0/1 -24
no shut
spanning-tree portfast
switchport access vlan 1
logging buffered 20000 debugging
line con 0
logging synchronous
exec-timeout 60 0
exit
line vty 0 4
logging synchronous
exec-timeout 60 0
exit
exit
wr mem
Switch2
en
NLI'S CCIE IPV6 LAB GUIDE
639
config t
host Switch2
service timestamps debug datetime localtime msec show-timezone
service timestamps log datetime localtime msec show-timezone
service password-enc
no ip domain-lookup
interface range f0/1 -24
no shut
spanning-tree portfast
switchport access vlan 1
logging buffered 20000 debugging
line con 0
logging synchronous
exec-timeout 60 0
exit
line vty 0 4
logging synchronous
exec-timeout 60 0
exit
exit
wr mem