01-06 IPv6 Address Management Configuration

HUAWEI NE20E-S2 Universal Service Router
Configuration Guide - User Access 6 IPv6 Address Management Configuration
6 IPv6 Address Management Configuration
About This Chapter
This section describes how to assign IPv6 addresses to access users and manage these IPv6
addresses.
Context
NOTE
This feature is supported only on the Admin-VS.
6.1 Overview of IPv6 Address Management

On an IPv6 network, IPv6 address management includes configuring a fixed IPv6 address,
receiving an IPv6 address from the RADIUS server, and obtaining an IPv6 address
dynamically.
6.2 Licensing Requirements and Limitations for IPv6 Address Management--S2E
6.3 Licensing Requirements and Limitations for IPv6 Address Management--S2F
6.4 Configuring a DHCPv6 Relay Agent on the User Side
When independent DHCPv6 servers allocate and manage addresses, the NE20E can be
configured as the relay agent to implement redundancy backup and load balancing among the
remote DHCPv6 servers.
6.5 Configuring a Delegating Router
The NE20E can be configured as a delegating router to allocate and recycle prefixes
according to the requests of requesting routers.
6.6 (Optional) Adjusting DHCPv6 Service Parameters
Configure transparent transmission of DHCPv6 packets, unicast mode, and two-message
exchange between a DHCPv6 client and a DHCPv6 server based on actual network
conditions.
6.7 Configuring DHCPv6 (IA_NA) Address Allocation
This section describes how to configure the NE20E to use DHCPv6 (IA_NA) to allocate IPv6
addresses when the CPE works in bridging mode.
6.8 Configuring DHCPv6 (IA_PD) Prefix Allocation
Issue 01 (2018-12-05) Copyright © Huawei Technologies Co., Ltd. 163

This section describes how to configure the NE20E to allocate prefixes to the CPE when the
CPE works in unnumbered routing mode. The CPE allocates the prefixes to the attached host
to generate IPv6 addresses.
6.9 Configuring DHCPv6 (IA_NA+IA_PD) Address Allocation
This section describes how to configure the NE20E to use DHCPv6 to allocate IPv6 addresses
and prefixes to the WAN interface on the CPE when the CPE works in numbered routing
mode. The CPE sends the prefixes to the attached hosts for them to generate IPv6 addresses.
6.10 Configuring NDRA Address Allocation
This section describes how to configure the NE20E to use ND to allocate IPv6 addresses
when the CPE works in bridging mode.
6.11 Configuring NDRA+DHCPv6 (IA_PD) Address Allocation
This section describes how to configure the NE20E to use ND to allocate IPv6 addresses to
the WAN interfaces on the CPE and use DHCPv6 (IA_PD) to allocate prefixes to the CPE
when the CPE works in numbered routing mode. The CPE allocates the prefixes to the
attached hosts to generate IPv6 addresses.
6.12 Maintaining IPv6 Address Management
6.13 Configuration Examples for IPv6 Address Management
This section provides several examples of IPv6 address management. Each configuration
example includes the networking requirements, configuration notes, and configuration
roadmap.
6.1 Overview of IPv6 Address Management

On an IPv6 network, IPv6 address management includes configuring a fixed IPv6 address,
receiving an IPv6 address from the RADIUS server, and obtaining an IPv6 address
dynamically.
The NE20E allows a user to access the network by configuring a fixed IP address, receiving
an IPv6 address from the RADIUS server or obtaining an IP address dynamically.
l Configuring a fixed IPv6 address

A user can configure a fixed IPv6 address. After the user goes offline, the fixed IPv6
address cannot be assigned to other users.
l Receiving an IPv6 address from the RADIUS server
The NE20E allows the RADIUS server to use NDRA or DHCPv6 (IA_PD) to allocate
IPv6 prefixes and use DHCPv6 (IA_NA) to allocate IPv6 addresses to users. If an
address allocated to a user by the RADIUS server is part of the local address pool, the
prefix length allocated by the RADIUS server must be consistent with that of the local
address pool. If prefix lengths are different, route forwarding for this user will be
affected.
l Allocating an IPv6 address using dynamic allocation protocols
IPv4 has two address dynamic allocation protocols: IPCP and DHCPv4. IPv6 has two
global unicast address allocation protocols: ND and DHCPv6. IPv6CP is used to
negotiate local link addresses.
– Stateless address allocation using ND
Stateless address allocation is implemented using ND. ND replaces the Address
Resolution Protocol (ARP) and ICMP Router Discovery on an IPv4 network. ND

also provides neighbor unreachability detection (NUD), duplicate address detection

(DAD), and address autoconfiguration.
IPv6 stateless address allocation is implemented through interaction between router
solicitation (RS) and router advertisement (RA).
i. The client sends an RS packet.
ii. After receiving the RS packet, the NE20E replies an RA packet, including the
following contents.
○ Whether address autoconfiguration is enabled
○ Autoconfiguration modes supported by the flags (stateless and stateful
autoconfiguration, including the M flag and the O flag)
○ One or multiple link prefixes (nodes on the local link can automatically
generate addresses using these address prefixes) and the lifetime of link
prefixes
○ Whether the router that sends the RA message can function as a default
router (If the router can function as a default router, the lifetime of the
default router is also contained in the message, expressed in seconds.)
○ Other configuration information about the client, such as the hop limit
and the MTU of the packet initiated by the client
iii. The client receives an RA packet from the router. If address autoconfiguration
is specified in the RA packet, and the RA packet contains correct link prefixes,
the client uses the link prefixes and interface IDs to generate global unicast
addresses.
The IP address lease is renewed when the NE20E sends an RA packet with a new
lifetime.
Advantage:
n The stateless address allocation is simple, and all IPv6 nodes support ND.
n Addresses are automatically allocated without any servers. The clients do not
have to support DHCPv6 clients.
– Stateful address allocation using DHCPv6
In the interaction between RS and RA packets, if the M flag is 0, and the O flag is
1, the clients need to obtain other configuration information except IPv6 addresses
in stateful mode; if the M flag is 1 in the RA packet, the clients need to obtain IPv6
addresses and other configuration information in stateful mode.
Stateful information configuration and stateful address configuration all use
DHCPv6. The client requests configuration from the server, and the server replies
with corresponding configuration according to policies.
n Identity associations for non-temporary addresses (IA_NA): Allocating IPv6
addresses using IA_NA option in DHCP messages
n Identity associations for prefix delegation (IA_PD): Allocating IPv6 prefixes
using the IA_PD option in DHCP messages
Advantage:
n Flexible configuration functions: DHCPv6 offers more information to the
clients and allocates parameters such as the desired addresses.
n Better manageability: DHCPv6 can offer detailed management information.
n Expansibility: Some options of DHCPv6 packets can be defined by carriers,
increasing the expandability.

6.2 Licensing Requirements and Limitations for IPv6

Address Management--S2E
Licensing Requirements
This feature is a basic feature and is not under license control.
Restrictions and Guidelines

Restrictions Guidelines Impact
IP addresses cannot be Do not deploy these services If a user has been online, a
reserved based on MAC at the same time. new user with the same
addresses in scenarios where MAC address as the online
DHCPv6 and PPPoEv6 user cannot go online.
users have the same MAC If the user has been offline,
address and one-to-many the reserved address is
mapping between one MAC occupied by a new user with
address and multiple the same MAC address as
sessions is configured for the offline user.
PPPoEv6 users.
6.3 Licensing Requirements and Limitations for IPv6

Address Management--S2F
Licensing Requirements
This feature is a basic feature and is not under license control.

Restrictions and Guidelines

You can run the reserved None Users cannot use reserved
prefix command to prefixes to go online.
configure a reservation type
for the prefixes in a
delegation prefix pool. The
following reservation types
are supported: MAC
address-based reservation,
MAC address and lease-
based reservation, DUID-
based reservation, DUID
and lease-based reservation
l When ND assigns IPv6
prefixes in unshared
mode, MAC-based
reservation does not take
effect for L2TP users
because LNS-side users
have no MAC address.
IPoE and PPPoE support
MAC-based reservation
only.
l When DHCPv6 uses
IA_PD options to assign
IPv6 prefixes to L2TP
users, prefix reservations
based on MAC addresses
and based on MAC
addresses+leases are not
supported.
l IPv6 prefixes delivered
by RADIUS servers
cannot be reserved.
l Prefix reservations are
not supported when one
MAC address maps to
multiple sessions for
PPPoE users.

Address assignment based None None

on the Option 18 or Option
37 attribute:
l Prefixes in the delegation
prefix pool for which the
dhcpv6-unshare-only
command is configured
cannot be delivered by
the RADIUS server.
l The same IPv6 address
in the EUI-64 format or
interface ID negotiated
using PPP cannot be
assigned to users with
the same prefix.
Otherwise, the second
user with the same IPv6
address in the EUI-64
format or interface ID
negotiated using PPP
fails to go online after
the first user goes online.
IP addresses cannot be Do not deploy these services If a user has been online, a
reserved based on MAC at the same time. new user with the same
addresses in scenarios where MAC address as the online
DHCPv6 and PPPoEv6 user cannot go online.
users have the same MAC If the user has been offline,
address and one-to-many the reserved address is
mapping between one MAC occupied by a new user with
address and multiple the same MAC address as
sessions is configured for the offline user.
PPPoEv6 users.
6.4 Configuring a DHCPv6 Relay Agent on the User Side

When independent DHCPv6 servers allocate and manage addresses, the NE20E can be
configured as the relay agent to implement redundancy backup and load balancing among the
remote DHCPv6 servers.
Usage Scenario
When users access the NE20E, it functions as a DHCPv6 relay agent and forwards user
address requests to the remote DHCPv6 servers. Configuring multiple DHCPv6 servers is
recommended to perform redundancy backup and load balancing among the remote servers.
The DHCPv6 server group must be bound to the remote address pool. This binding shields the
interactions between NE20E and DHCPv6 servers from the client.

Figure 6-1 Networking diagram of the NE20E as a DHCPv6 relay agent on user side
DHCPv6 Server
DNS Server
Access Backbone
network network
DHCPv6 Relay
HOST CPE agent
Pre-configuration Tasks
The remote DHCPv6 servers have been deployed.
Configuration Procedures
Figure 6-2 Flowchart for configuring a DHCPv6 relay agent on the user side
Configuring a Remote IPv6 Prefix
Pool
Configuring an IPv6 Remote Address

Pool
Configuring a DHCPv6 Server Group
Associating an Address Pool with a

DHCPv6 Server Group
Binding an IPv6 Remote Address

Pool to a Domain
Mandatory
Optional
6.4.1 Configuring a Remote IPv6 Prefix Pool

When the NE20E functions as a DHCPv6 relay agent, a remote IPv6 prefix pool must be
configured to manage the prefixes.
Context
Perform the following steps on the NE20E.

Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run ipv6 prefix prefix-name remote
A remote IPv6 prefix pool is created and the IPv6 prefix pool view is displayed.
Step 3 Run link-address ipv6-address / prefix-length
The link address is configured.
When the remote server allocates addresses or prefixes, link addresses must be configured on
the relay.
Step 4 (Optional) Run lock
The IPv6 prefix pool is locked.
No prefix in the locked IPv6 prefix pool can be allocated, preventing new users from getting
online using the IPv6 prefix pool.
This command applies to a scenario where the IPv6 prefix pool cannot be deleted because it is
being used by online users. Lock the IPv6 prefix pool first to stop it from allocating prefixes.
The prefixes in the IPv6 prefix pool will be released when the users get offline. Then the IPv6
prefix pool can be deleted.
Step 5 (Optional) Run vpn-instance vpn-instance-name
The VPN instance is configured for the prefix pool.
Step 6 Run remote-ip lease manage
The lease management function is enabled for the remote ipv6 prefix pool.
Step 7 Run commit
The configuration is committed.
----End
6.4.2 Configuring a Remote IPv6 Address Pool

Configuring an IPv6 remote address pool including binding the prefix pool to the remote
address pool and configuring priority of the address pool and the route advertisement of the
address pool.
Context
Procedure
Step 2 Run ipv6 pool pool-name bas remote

An IPv6 address pool is created, and the IPv6 address pool view is displayed.
Step 3 Run prefix prefix-name
The IPv6 address pool is bound to the IPv6 prefix pool.
Step 4 (Optional) Run preference preference-value
A priority value is set for the IPv6 address pool.
Step 5 Run export host-route
Advertisement of the routes in the remote address pool is enabled.
Step 6 (Optional) Configure the device to assign addresses from IPv6 remote address pools based on
weights of the address pools.
1. Run weight weight-valuecommit
A weight is configured for the IPv6 address pool.
2. Run commit
3. Run quit
Return to the system view.
4. Run ipv6-pool algorithm loading-share remote
The device is configured to assign addresses from IPv6 remote address pools based on
their weights.
NOTE
This function applies only to IPv6 remote address pools and local rui-slave address pools.
Step 7 Run commit

----End
6.4.3 Configuring a DHCPv6 Server Group

DHCPv6 server groups are required only when the remote address pool is used to assign IPv6
addresses to BAS-side users.
Context
Perform the following steps on router:
Procedure
Step 2 Run dhcpv6-server group group-name
A DHCPv6 server group is created and the DHCPv6 server group view is displayed.
Step 3 Run dhcpv6-server { destination ipv6-address [ vpn-instance vpn-instance ] | interface
interface-type interface-number } [ weight weight-value ]

The IPv6 address or outbound interface of a DHCPv6 server is configured.

A maximum of eight DHCPv6 servers can be configured in a DHCPv6 server group.
Step 4 (Optional) Run dhcpv6-server algorithm { loading-share | master-backup | polling }
Load balancing or redundancy backup is configured.
This command takes effect only when there are multiple DHCPv6 servers in a DHCPv6
server group.
l Load balancing: The NE20E distributes the traffic based on the weights of DHCPv6
servers.
l Master/backup: The NE20E specifies one server as the master server and the others as
the backup server.
l Polling: When multiple servers are configured, the NE20E sends Solicit, Request,
Rebind, and Confirm messages to all servers and selects the server that first responds to
the messages for subsequent message exchanges.
Step 5 (Optional) Run release-agent
The DHCPv6 release agent function is configured.
With the DHCPv6 release agent function, the NE20E sends DHCPv6 Release packets to
DHCPv6 servers for the users when they get offline.
Step 6 (Optional) Run dhcpv6-server source { interface interface-type interface-name | link-
address }
The source address or source interface for packets to be sent to the DHCPv6 server group is
configured.
Step 7 Run quit
Step 8 (Optional) Enable the DHCPv6 relay agent to add the Option 18 and Option 37 attributes in
OSP format to a Relay-Forward message sent to a DHCPv6 server.
1. Run interface interface-type interface-number
2. Run dhcpv6 relay option-insert mode type1 [ remote-id { neba | vula } ]
The DHCPv6 relay agent is enabled to add the Option 18 and Option 37 attributes in
OSP format to a Relay-Forward message sent to a DHCPv6 server.
NOTE
– The dhcpv6 relay option-insert mode type1 [ remote-id { neba | vula } ] and dhcpv6 relay
option-insert { interface-id mode { cn-telecom | tr-101 } | remote-id } commands are
mutually exclusive.
– The dhcpv6 relay option-insert mode type1 command takes effect in real time. After the
command is run on an interface, the command configuration takes effect for online users on
the interface.
3. Run quit
Return to the system view.
Step 9 (Optional) Run dhcpv6-server [ ipv6-address [ vpn-instance vpn-instance ] ] { dead-count
dead-count | timeout timeout-value | dead-time dead-time } *

The threshold of status (Up/Down) switchover for a DHCPv6 server are configured.
Step 10 (Optional) Run dhcpv6-server { ipv6-address [ vpn-instance vpn-instance-name ] | interface

interface-type interface-number } send-solicit-speed packet-number time
The rate at which Solicit packets are sent to the DHCPv6 server is configured.
Step 11 Run commit
----End
6.4.4 Associating an Address Pool with a DHCPv6 Server Group

Associating an address pool with a DHCPv6 server group is required only when the remote
IPv6 address pool is used.
Context
Perform the following steps on NE20E.
Procedure
Step 2 Run ipv6 pool pool-name bas remote
The remote address pool view is displayed.
Step 3 Run dhcpv6-server group group-name
An address pool is associated with a DHCPv6 server group.
Step 4 Run commit
----End
6.4.5 Binding an IPv6 Remote Address Pool to a Domain

Users in the domain can obtain addresses from the address pool only after an IPv6 address
pool is bound to a domain.
Prerequisites
The address pool to be bound has been created and bound to a prefix pool.
Context
Perform the following steps on router.

Procedure
Step 2 Run aaa
The AAA view is displayed.
Step 3 Run domain domain-name
A domain is created and the domain view is displayed.
Step 4 Run ipv6-pool pool-name
The IPv6 remote address pool is bound to the domain.
Step 5 (Optional) Run ipv6-warning-threshold threshold-value
The threshold for the usage of IPv6 addresses and prefixes is configured.
Step 6 Run commit
----End
6.4.6 (Optional) Enabling a Device to Insert the Option 18 and

Option 37 Attributes into Messages to Be Sent to the DHCPv6
Server
This section describes how to enable a device to insert the self-defined Option 18 and Option
37 attributes into the Relay-forward messages to be sent to the DHCPv6 server when IPv6
addresses are assigned from a remote IPv6 address pool.
Context
When IPv6 addresses are assigned from a remote IPv6 address pool, you can configure the
device to insert the self-defined Option 18 and Option 37 attributes into Relay-forward
messages to be sent to the DHCPv6 server.
Option 18 identifies the interface on which client messages are received on a DHCP relay
agent, facilitating the forwarding of Relay-reply messages. The DHCP server can also assign
addresses/prefixes based on the Option 18 attribute, which plays a similar role as the circuit-id
sub-attribute carried in the Option 82 attribute of DHCP messages.
A DHCP relay agent inserts additional information about remote users into the Option 37
attribute, which plays a similar role as remote-id sub-attribute carried in the Option 82
attribute of DHCP messages.
Procedure

Step 2 Run interface interface-type interface-number [ .subinterface-number ]
The interface view is displayed.
Step 3 Run bas
The BAS interface view is displayed.
Step 4 Run dhcpv6 option-18 rebuild self-define self-define-value send-to-server
The device is enabled to insert the self-defined Option 18 attribute into a Relay-forward
message to be sent to the DHCPv6 server.
The dhcpv6 option-18 rebuild self-define self-define-value send-to-server command is

configured in the BAS interface view, whereas the dhcpv6 relay option-insert interface-id
mode { cn-telecom | tr-101 } and dhcpv6 relay option-insert mode type1 commands are
configured in the interface view. If the commands configured in the two views are both run,
the command configured in the BAS interface view takes effect.
Step 5 Run dhcpv6 option-37 rebuild self-define self-define-value send-to-server
The device is enabled to insert the self-defined Option 37 attribute into a Relay-forward
message to be sent to the DHCPv6 server.
The dhcpv6 option-37 rebuild self-define self-define-value send-to-server command is

configured in the BAS interface view, whereas the dhcpv6 relay option-insert remote-id and
dhcpv6 relay option-insert mode type1 commands are configured in the interface view. If
the commands configured in the two views are both run, the command configured in the BAS
interface view takes effect.
----End
6.4.7 Verifying the DHCPv6 Relay Agent Configuration

After the DHCPv6 relay agent is configured, you can check the DHCPv6 server group
configurations, including the DHCPv6 server DUID and the address pool bound to the
domain.
Procedure
l Run the display ipv6 pool [ pool-name ] command to check the IPv6 address pool
configurations.
l Run the display ipv6 prefix [ prefix-name [ all | used ] ] command to check the IPv6
prefix pool configurations.
l Run the display dhcpv6-server statistics { ipv6-address [ vpn-instance vpn-instance ]|
interface interface-type interface-number }command to check packet statistics on a
DHCPv6 server.
l Run the display dhcpv6-server item { ipv6-address [ vpn-instance vpn-instance ] |
interface interface-type interface-number } command to check information about the
DHCPv6 server.
l Run the display ipv6-pool max-ratio domain command to check information about
IPv6 address pool or prefix pool usage in all domains on the device.

l Run the display ipv6-pool pool-usage { upper-threshold | lower-threshold | all-

threshold } command to check information about domains whose IPv6 address pool or
prefix pool usage exceeds a specified threshold.
----End
6.5 Configuring a Delegating Router

The NE20E can be configured as a delegating router to allocate and recycle prefixes
according to the requests of requesting routers.
Usage Scenario
DHCPv6 PD is used to manage and configure IPv6 network segments.
On an IPv4 network, the NE20E uses DHCPv4 to allocate IPv4 addresses to the CPE; the
CPE allocates private IPv4 addresses to home users and forwards IPv4 packets through NAT.
On an IPv6 network, all users can obtain global unicast addresses. The CPE working in
unnumbered mode uses DHCPv6 to obtain the prefixes from the NE20E and allocates IPv6
addresses to the host.
Figure 6-3 Networking diagram of the NE20E as a delegating router
DHCPv6-PD
Access
network
Requesting
Delegating
DeviceA
DeviceB
Before configuring NE20E as a delegating router, enable IPv6 on interfaces

Figure 6-4 Flowchart for configuring a delegating router
Configuring the DHCPv6 Server

DUID
Configuring an IPv6 Delegation

Prefix Pool
Configuring an IPv6 Delegation

Address Pool
Binding an IPv6 Delegation

Address Pool to a Domain
Mandatory
Optional
6.5.1 Configuring the DHCPv6 Server DUID

A DHCPv6 client uses a DHCPv6 server unique identifier (DUID) to identify the DHCPv6
server when the client communicates with the server.
Context
When the NE20E functions as a DHCPv6 server, DHCPv6 Server DUID should be
configured .
When the NE20E functions as a DHCPv6 relay agent and encapsulates Options 37 to relay-
forward packets, DHCPv6 Server DUID should be configured .
Procedure
Step 2 Run dhcpv6 duid { dhcpv6 duid | llt }
A DUID is configured for a DHCPv6 server.
When a DHCPv6 client interacts with a DHCPv6 server, each of the client and server is
identified by a unique DUID. A DHCPv6 server identifies a DHCPv6 client with a client
DUID and uses the client DUID in the local address allocation; a DHCPv6 client identifies a
DHCPv6 server with a server DUID.
Step 3 Run commit
----End

6.5.2 Configuring an IPv6 Delegation Prefix Pool

When the NE20E functions as a delegation router, an IPv6 delegation prefix pool needs to be
configured to manage prefixes.
Context
l Prefix configuration
Only one prefix and one mask can be configured for a local prefix pool. The mask length
ranges from 1 bit to 128 bits.
l Prefix locking configuration
After a prefix pool is locked, the leases of prefixes that have been allocated cannot be
extended and new addresses cannot be allocated.
l Address conflict resolution configuration
If an IPv6 address status conflict is resolved, the address can be allocated to another user.
l Binding an IPv6 prefix pool to a VPN instance
After a prefix pool is bound to a VPN instance, prefixes in the prefix pool can be
allocated to VPN users.
l Prefix lease configuration
A preferred prefix lifetime and valid prefix lifetime can be configured. The default value
for the preferred prefix lifetime is 2 days, and the default value for the valid prefix
lifetime is 3 days. The preferred prefix lifetime is used to limit the lease renewal time
and rebinding time. By default, the lease renewal time accounts for 50% of the preferred
prefix lifetime, and rebinding time accounts for 80% of the preferred lifetime. The valid
prefix lifetime specifies the validity period in which an address can be used.
l Address reservation configuration
Addresses in the local prefix pool have four reservation types:
– 1: MAC reservation
– 2: MAC+lease-based reservation
– 3: DUID reservation
– 4: DUID+lease-based reservation
l Address withdrawal
The address of an offline user can be withdrawn using the command.
l Exclusive prefix pool configuration
The delegation prefix pool can be used to allocate unshared prefixes to ND users or
prefixes only to DHCPv6 (IA_PD) users.
l Prefix exclusion
In complex network planning, some IPv6 prefixes cannot be allocated to users.
l Address exclusion
In complex network planning, some IPv6 addresses cannot be allocated to users.
Procedure


Step 2 Run ipv6 prefix prefix-name delegation
Step 3 Run prefix prefix-address/prefix-length [ delegating-prefix-length delegating-prefix-length ]
The IPv6 address prefix is configured.
prefix-length specifies the length of an address prefix to be assigned from a delegation prefix
pool. The value is an integer ranging from 1 to 128.
prefix-length specifies the length of an IPv6 prefix assigned by a delegating router to a
requesting router. The configured length of prefixes to be assigned from a delegation prefix
pool must be greater than the length of prefixes in the delegation prefix pool. Otherwise, the
delegating router cannot assign prefixes from the delegation prefix pool to clients.
Step 6 (Optional) Run lifetime preferred-lifetime { days days-value [ hours hours-value [ minutes
minutes-value ] ] | infinite } valid-lifetime { days days-value [ hours hours-value [ minutes
minutes-value ] ] | infinite }
The preferred lifetime and valid lifetime of IPv6 prefixes are configured.
preferred-lifetime of the IPv6 prefixes in the command is used by the system to calculate the
lease renewal time and rebinding time of the IPv6 prefix pool. The time must be no less than
1 minute. The default value is 2 days.
valid-lifetime specifies the validity period of the prefixes. The users using the prefixes will be
logged off after the validity period expires. The valid-lifetime must be no less than 1 minute,
nor less than the preferred prefix lifetime. The default value is 3 days.
Step 7 (Optional) Run reserved prefix { duid | mac } [ lease ]
The reservation type of user prefixes in the prefix pool is configured.
Step 8 (Optional) Run recycle prefix start-prefix [ end-prefix ]
The prefix status is set to idle.
Step 9 (Optional) Run pd-unshare-only
After the pd-unshare-only command is run for a delegation prefix pool, this prefix pool can
be used only for DHCPv6 IA_PD prefix allocation and is preferred in DHCPv6 IA_PD prefix
allocation.

The delegation prefix pool is configured only for DHCPv6 IA_PD prefix allocation.
Step 10 (Optional) Run dhcpv6-unshare-only
The prefix pool is configured to assign only IPv6 addresses not prefixes to users.
NOTE
The dhcpv6-unshare-only command is mutually exclusive with the following commands:

l slaac-unshare-only
l pd-unshare-only
l client-duid client-duid bind prefix prefix-address
Step 11 (Optional) Run frame-ipv6 lease manage

The NE20E is enabled to manage the leases of RADIUS-delivered IPv6 addresses that are in
the supported address pools.
NOTE
To enable the NE20E to manage the leases of RADIUS-delivered IPv6 addresses that are not in the supported
address pools, run the access frame-ipv6 lease manage pool-exclude command in the system view.
Step 12 Run commit

----End
6.5.3 Configuring an IPv6 Delegation Address Pool

Configuring an IPv6 delegation address pool involves configuring the prefix pool to which
the address pool is bound, setting the preference value of the address pool, and configuring
other services such as a DNS or a DNS suffix.
Context
l Prefix binding
A prefix pool can be bound to only one address pool. Similarly, an address pool can be
bound to only one prefix pool. Table 6-1 shows the binding between address pools and
prefix pools.
Table 6-1 Binding between address pools and prefix pools

Address Pool Type Prefix Pool for Binding
User-side local address pool Local prefix pool
User-side delegation address pool Delegation prefix pool
User-side relay address pool Local prefix pool
User-side remote address pool Remote prefix pool
l Priority configuration
Among address pools of the same type, the greater the value of pool, the higher its
priority.

In NDRA address allocation mode, BAS local address pools are used to allocate shared
prefixes, while BAS delegation address pools are used to allocate unshared prefixes. A
BAS delegation address pool configured with slaac-unshare-only takes precedence over
other BAS delegation address pools.
l Address pool binding configuration
An IPv6 address pool whose addresses are in use cannot be deleted. To delete an IPv6
address pool, first run the lock command in the IPv6 address pool view to lock the pool
and then delete it after all online users have logged out.
l DNS suffix configuration
Only one domain name suffix can be set for an IPv6 address pool.
l DNS server configuration
A maximum of two DNS servers can be bound to an IPv6 address pool.
l Address lease configuration
If an IPv6 address pool has been bound to a domain, the address lease cannot be
changed.
Procedure
Step 2 Run ipv6 pool pool-name bas delegation
An IPv6 address pool is created, and the view of the IPv6 address pool is displayed.
The IPv6 address pool is bound to an IPv6 prefix pool.
The default value is 255.
Step 5 (Optional) Run dns-search-list dns-search-list-name
A DNS suffix is configured to perform domain name resolution.
Step 6 (Optional) Run dns-server ipv6-address &<1-2>
A DNS server is specified for an IPv6 address pool. An IPv6 address is used to specify a DNS
server.
Step 7 (Optional) Run renew-time-percent renew-time-percent rebind-time-percent rebind-time-

percent
A lease renewal time and rebinding time are set for the IPv6 address pool.
By default, the renewal time for an IPv6 address pool is 50% of the preferred lifetime and the
rebinding time is 80% of the preferred lifetime.

Step 8 (Optional) Run option code { ipv6-address ipv6-address & <1-2> | string string | hex hex-
string | { suboption subcode { ipv6-address ipv6-address | string string | hex hex-string } }
& <1-16> }
A DHCPv6 user-defined option is configured.
Step 9 Run commit
----End
6.5.4 Binding an IPv6 Delegation Address Pool to a Domain

After an IPv6 delegation address pool is bound to a domain, users in the domain can be
assigned prefixes from the address pool.
Prerequisites
An IPv6 delegation address pool has been configured.
Context
Perform the following steps on router:
Procedure
Step 2 Run aaa
A domain is created and the AAA domain view is displayed.
An IPv6 delegation address pool is bound to the domain.
Step 5 (Optional) Run ipv6-warning-threshold { upper-limit-value | lower-limit lower-limit-value }
Threshold for the usage of IPv6 addresses and prefixes is configured.
Step 6 (Optional) Run prefix-assign-mode unshared
IPv6 prefix allocation mode is set to unshared mode. IPv6 users do not share the same IPv6
prefix.
Step 7 (Optional) Configure different users of a home connected to the network through a hub to
communicate with each other directly rather than through a BRAS.
NOTE
You must run the dhcpv6-unshare-only command in the IPv6 prefix pool view before performing this
step.
1. Run ipv6-address assign { circuit-id | remote-id } *

The device is configured to assign IPv6 addresses to users based on the Option 18 or
Option 37 attribute.
2. Run ipv6 nd ra link-prefix
The device is configured to send RA packets carrying the first 64 bits of the addresses
assigned to IPv6 users as on-link prefixes.
Step 8 Run commit
----End
6.5.5 Verifying the Delegating Router Configuration

After configuring a delegating router, you can view the configurations of IPv6 address pool,
the prefix pool, and statistics about the DHCPv6 server.
Procedure
configurations.
l Run the display ipv6 prefix [ prefix-name [ all | used | start-ipv6-prefix [ end-ipv6-
prefix ] ] ] command to check the IPv6 prefix pool configurations.
l Run the display dhcpv6 upgrade command to check the lease configuration for
DHCPv6 users to determine the time when the device restarts.
l Run the display dhcpv6-access user-table command to query the detailed information
about online DHCPv6 users.
l Run the display dhcpv6-access statistic command to check statistics about packets
exchanged between users and the DHCPv6 server.
----End
Example
Run the display ipv6 pool command, you can view brief information about all IPv6 address
pools.
<HUAWEI> display ipv6 pool
----------------------------------------------------------------------
Pool name : lj
Pool No : 3
Pool constant index: -
Pool type : BAS LOCAL
RUI-Flag : -
Preference : 255
Renew time : 50
Rebind time : 80
Status : UNLOCKED
Refresh interval : infinite
Used by domain : 0
Dhcpv6 Unicast : disable
Dhcpv6 rapid-commit: disable

Dns list : -
Dns server master : -
Dns server slave : -
AFTR name : -
Warning Threshold : 10
Warning Exhaust Switch: TRUE
----------------------------------------------------------------------
Prefix-Name Prefix-Type
----------------------------------------------------------------------
lj LOCAL
----------------------------------------------------------------------
Run the display ipv6 prefix command, you can view the configuration of all IPv6 prefix
pools.
<HUAWEI> display ipv6 prefix
-------------------------------------------------------------------------------
Index Name Address/Length Type
Constant-index
-------------------------------------------------------------------------------
0 dg 2021::/46 DELEGATION
-
1 dl - REMOTE
-
2 dpc 2011::/64 LOCAL
-
3 god6 2012::/64 LOCAL
-
4 prefix1 - LOCAL
-
5 tt 1000::/64 LOCAL
-
6 wm 1111::/64 LOCAL
-
7 ww 2222::/46 DELEGATION
-
-------------------------------------------------------------------------------
Total created prefix pool(s): 8
Run the display dhcpv6 upgrade command, you can view leases of DHCPv6 users.
<HUAWEI> display dhcpv6 upgrade
DHCPv6 upgrade: enable.
Preferred lifetime: 0days 0hours 30minutes
Valid lifetime: 0days 1hours 0minutes
Renew time percent: 50%
Rebind time percent:80%
Renew time: 0days 0hours 15minutes
Rebind time: 0days 0hours 24minutes
Access DHCPv6 user count of new lifetime: 100
Access DHCPv6 user count of old lifetime: 100
Access DHCPv6 user count of infinite lifetime: 10
Max interval from current for old lifetime DHCPv6 user renew: 0days 0hours
15minutes
Run the display dhcpv6-access user-table command, you can view detailed information
about the DHCPv6 user with user-id set to 2.
<HUAWEI> display dhcpv6-access user-table user-id 2
-------------------------------------------------------------------
Interface : GigabitEthernet0/1/0.3
SVLAN/CVLAN : 3/0
User Link-Local Address : FE80::202:1FF:FE01:10C
User Address Type : IA_NA
DNS search list : -
AFTR name : -
Option15 : 01 02 03 04 05 06 07 08 09
User DUID : 00 03 00 01 00 02 01 01 01 0C
User MAC Address : 0002-0101-010C
User-ID : 2
Index : 1
User State : ONLINE

VPN Instance : -
Session ID : 2147483649
Client DUID to Remote Server : 00 02 00 00 07 DB FF FF 80 00 00 01 01 01 01 01
01 01 00 00
User IPV6 address : 1100::1

T1 : 86400
T2 : 138240
Prefer time : 2 days 0 hours 0 minutes
Valid time : 3 days 0 hours 0 minutes
IA_ID : 38
Prefix length : 128
Lease : 2012/01/23 14:23:39 --- 2012/01/26 14:23:39
Remain-Lease(Sec) : 259029
Address Pool Name : csj-local
User IPV6 PD prefix : 2200::
T1 : 86400
T2 : 138240
Prefer time : 2 days 0 hours 0 minutes
Valid time : 3 days 0 hours 0 minutes
IA_ID : 9
Prefix length : 64
Lease : 2012/01/23 14:23:39 --- 2012/01/26 14:23:39
Remain-Lease(Sec) : 258811
Address Pool Name : csj-del
PCP server name(option 80) : www.pcpserver.com
-------------------------------------------------------------------
Run the display dhcpv6-access statistic command, you can view statistics about packets
exchanged between users and DHCPv6 server.
<HUAWEI> display dhcpv6-access statistic
-------------------------------------------------------------------------
Received Packets
-------------------------------------------------------------------------
Total Packets : 40
Received from Clients : 40

Solicit Packets : 8
Request Packets : 11
Renew Packets : 0
Rebind Packets : 0
Confirm Packets : 0
Release Packets : 7
Decline Packets : 0
Received from Servers : 0

Advertise Packets : 0
Reply Packets : 0
Received Invalid Packets : 22

Invalid UDP Length : 0
NULL Client DUID : 5
NULL Server DUID : 9
NULL IA Option : 8
Invalid IA Option Length : 0
Invalid Client DUID Length : 0
Invalid Server DUID Length : 0
Invalid Server DUID : 0
Invalid Unicast Option : 0
Invalid Preference Option : 0
Other Invalid Packets : 0
vCPE Not Support Packet : 0
-------------------------------------------------------------------------
Sent Packets
-------------------------------------------------------------------------
Total Packets : 18
Sent to Clients : 18

Advertise Packets : 8
Reply Packets : 10
Sent to Servers : 0
Solicit Packets : 0
Request Packets : 0
Renew Packets : 0
Rebind Packets : 0
Confirm Packets : 0
Release Packets : 0
Decline Packets : 0
-------------------------------------------------------------------------
Run the display ipv6-pool max-ratio domain command to view information about IPv6
address pool or prefix pool usage in all domains on the device.
<BASE_VNFC1> display ipv6-pool max-ratio domain
----------------------------------------------------------------------------
Domain name:
Address Current Max Time
NDRA Unshared Prefix Current Max Time
Delegation Prefix Current Max Time
----------------------------------------------------------------------------
isp2
10% 40% 2012-08-07 15:31:50
0 0 -
0 0 -
----------------------------------------------------------------------------
Run the display ipv6-pool pool-usage { upper-threshold | lower-threshold | all-threshold }

command to view information about domains whose IPv6 address pool or prefix pool usage
exceeds a specified threshold.
<BASE_VNFC1> display ipv6-pool pool-usage upper-threshold
--------------------------------------------------------
Domain name:
Address PoolLen Used Ratio
NDRA unshared Prefix PoolLen Used Ratio
Delegation Prefix PoolLen Used Ratio
--------------------------------------------------------
domain1(up)
262144 252222 90%
0 0 0%
0 0 0%
6.6 (Optional) Adjusting DHCPv6 Service Parameters

conditions.
6.6.1 (Optional)Configuring Global DHCPv6 Parameters

conditions.
Context
l Transparent transmission of DHCPv6 packets and the speed threshold at which solicit
packets are sent

When receiving the DHCPv6 Solicit packet that the online user terminal, the NE20E
forces the user to go offline and waits until the user sends a DHCPv6 Solicit packet to
obtain the address through DHCPv6.
If a user terminal that does not support retransmission of DHCP Solicit packets is
restarted immediately after a user logout, the NE20E is unable to detect the logout event.
In this case, run the dhcpv6 through-packet command to enable transparent
transmission of DHCPv6 packets so that the user can normally log in to the NE20E.
The dhcpv6 solicit-speed-threshold command is used when the speed at which users go
online needs to be limited.
l DHCPv6 server unicast mode and two-message exchange between a DHCPv6 client and
a DHCPv6 server
The dhcpv6 unicast-option command must be run if the DHCPv6 server needs to
communicate with DHCPv6 clients in unicast mode.
In certain situations, for example, when a DHCPv6 client retains the last IP address it
was allocated, the client can obtain an IP address through a rapid two-message exchange
if the Solicit packet sent from the client contains the Rapid Commit option and the server
also supports this option.
Procedure
l Configure transparent transmission of DHCPv6 packets.
a. Run system-view

b. Run dhcpv6 through-packet
The function for transparently transmitting DHCPv6 packets is configured.

c. Run dhcpv6 solicit-speed-threshold packet-number seconds
The dhcpv6 solicit-speed-threshold command configures the speed threshold at

which solicit packets are received.
The more solicit packets are sent within a specified time period, the faster users go
online.
l Configure DHCPv6 server unicast mode and two-message exchange between a DHCPv6
client and a DHCPv6 server.
a. Run system-view

b. (Optional) Run dhcpv6 rapid-commit
The DHCPv6 server is configured to support rapid two-message exchange (solicit,

reply).
This command run in the system view allows all DHCPv6 clients with the Rapid
Commit option to obtain IP addresses through a rapid two-message exchange.
Without this command run in the system view, the dhcpv6 rapid-commit
command configured in the view of the IPv6 address pool allocated by the client
determines whether to use a rapid two-message exchange.
c. Run ipv6 pool pool-name { bas { local | delegation | relay } }

d. (Optional) Run dhcpv6 unicast-option
Unicast mode is configured on the DHCPv6 server.Then, the DHCPv6 server can
receive unicast DHCPv6 messages and instruct the DHCPv6 clients to
communicate with the DHCPv6 server in unicast mode.
e. (Optional) Run dhcpv6 rapid-commit
The DHCPv6 server is configured to support rapid two-message exchange (solicit,

reply).
----End
6.6.2 (Optional) Enabling the Device to Parse Option 37 of Any

Format in DHCPv6 Solicit or Request Messages
The device can be enabled to parse Option 37 of any format in DHCPv6 solicit or request
messages.
Context
In DHCPv6 scenarios, Layer 2 relay agents insert Option 37 to the relay header of Relay-
forward messages. When the NE20E receives the Relay-forward messages, the NE20E can
parse Option 37. However, if Layer 2 relay agents insert Option 37 to DHCPv6 Solicit or
Request messages instead of the relay header of Relay-forward messages, the NE20E can
parse Option 37 only if it is 10 or 16 bytes in length. In this case, configure the NE20E to
parse Option 37 of any format in DHCPv6 Solicit or Request messages.
Perform the following steps on the NE20E:
Procedure
Step 2 Run dhcpv6 option-37 any-format decode enable
The NE20E is enabled to parse Option 37 of any format in DHCPv6 Solicit or Request
messages.
Step 3 Run commit
----End
6.6.3 (Optional) Shortening the User Address Lease Before a

DHCPv6 Server Restarts
The user address lease can be shortened before a DHCPv6 server restarts. This change allows
DHCP users to get online a short period of time after the DHCPv6 server restarts due to an
upgrade without restarting the terminal.

Context
When the NE20E is being upgraded, DHCPv6 users cannot detect that the link goes Down
and dial-up again like PPP users. Therefore, these users do not redial to get online. Instead,
the terminal must be restarted to trigger a DHCPv6 request so that the users can obtain IP
addresses to get online again. In the current upgrade solution, the address pool lease time is
shortened at the lease renewal time before the upgrade date. This solution ensures that the
terminal can send lease renewal packets in a shorter period of time after the device is
upgraded to allow DHCPv6 users to get online again.
This upgrade solution has two disadvantages:

l Changing the address pool lease takes effect only for users that obtain addresses from
local address pools. The address lease delivered by a RADIUS server is not changed.
The users that have obtained addresses from the RADIUS server have to wait a
comparatively long period of time to get online again.
l The address pool lease is configured in the address pool view. Manually changing the
lease configurations of all the address pools brings a huge workload.
Using the dhcpv6 upgrade command in the system view to change the address lease for all
DHCP users attached to the device solves these problems.
Procedure
Step 2 Run dhcpv6 upgrade preferred-lifetime day [ hour [ minute ] ] valid-lifetime day [ hour
[ minute ] ] [ renew-time-percent renew-time-percent ] [ rebind-time-percent rebind-time-
percent ]
The address lease for all DHCPv6 users attached to the device is configured.
After the dhcpv6 upgrade command is used, the lease configured in the system view takes
effect for new users, online users that need to renew the lease, users using addresses/prefixes
in local and Delegation address pools, and users using addresses/prefixes delivered by a
RADIUS server.
No configuration file will be generated after the dhcpv6 upgrade command is used. To view
the configuration result, run the display dhcpv6 upgrade command. The dhcpv6 upgrade
command becomes invalid after the device restarts.
If a short lease is configured, a large number of users will renew their lease at the same time,
causing high CPU usage. Therefore, configuring a short lease is not recommended unless the
device needs to be upgraded.
Step 3 Run commit
----End

6.6.4 (Optional) Configuring a Constant Index for an IPv6

Address Pool
Context
After the ip-pool constant-index enable command is used, the index of the IPv4 address
pool, IPv6 prefix pool, or IPv6 address pool does not change after the device restarts. The
constant-index index command is automatically generated in the views of all the IPv4
address pools, IPv6 prefix pools, and IPv6 address pools configured on the device for users to
check the constant value. But the constant-index command cannot be used to change the
automatically generated constant index for an IPv6 prefix pool or IPv6 address pool.
Procedure
Step 2 Run ip-pool constant-index enable
The constant index function is enabled for IPv4 address pools, IPv6 prefix pools, and IPv6
address pools.
Step 3 Run commit
----End
6.6.5 Changing the DHCPv6 Option Code for Interconnection

Between Huawei and Non-Huawei Devices
On the NE20E, the vendor-class attribute is carried in DHCPv6 Option 16. The option code
probably differs with that on a non-Huawei device. The DHCPv6 option code can be changed
for interconnection between Huawei and non-Huawei devices.
Context
If the mapping between the vendor-class attribute and a DHCPv6 option code is configured in
both system and BAS interface views, the configuration in the BAS interface view takes
effect.
Procedure
l Configure a mapping between the vendor-class attribute and a DHCPv6 option code in
the system view.
a. Run system-view

b. Run vendor-class dhcpv6 [ option-code option-code | offset offset-length ]*
The mapping between the vendor-class attribute and a DHCPv6 option code as well
as the offset value are configured. After the configuration is complete, the BRAS

uses the offset value to obtain the desired contents in the Value field of the DHCPv6
option.
l Configure a mapping between the vendor-class attribute and a DHCPv6 option code in
the BAS interface view.
a. Run system-view

b. Run interface interface-type interface-number [ .subinterface-number ]

c. Run bas
A BAS interface is created and the BAS interface view is displayed.
You can configure an interface as the BAS interface by running the bas command
in the interface view. You can configure an Ethernet interface or its sub-interface, a
VE interface or its sub-interface, an ATM interface or its sub-interface, or an Eth-
Trunk interface or its sub-interface as a BAS interface.
d. Run access-type layer2-subscriber [ default-domain { [ authentication [ force |
replace ] dname ] [ pre-authentication predname ] } ]
The access type is set to Layer 2 subscriber access and the attributes of this access
type are configured.
Or run:access-type layer3-subscriber [ default-domain { [ pre-authentication

predname ] authentication [ force | replace ] dname } ]
The access type is set to Layer 3 subscriber access and the attributes of this access
type are configured.
When setting the access type on the BAS interface, you can set the service attributes
of the access users at the same time. You can also set these attributes in later
configurations.
The access type cannot be configured on the Ethernet interface that is added to an
Eth-Trunk interface. You can configure the access type of such an Ethernet interface
only on the associated Eth-Trunk interface.
e. Run vendor-class dhcpv6 [ option-code option-code | offset offset-length ]*
The mapping between the vendor-class attribute and a DHCPv6 option code as well
as the offset value are configured. After the configuration is complete, the BRAS
uses the offset value to obtain the desired contents in the Value field of the DHCPv6
option.
----End
6.6.6 (Optional) Configuring the NE20E to Log Out an Online

User and Deny Access of a New User After Detecting an IPv6
Address Conflict
You can configure the NE20E to log out an online user and deny access of a new user if it
detects that the IPv6 address assigned to the new user from a remote address pool or by the
RADIUS server is the same as the IPv6 address of the online user.

Context
To implement authentication, authorization, and accounting for users separately, users must
use different IPv6 addresses to go online. This requires the NE20E to detect whether the IPv6
address assigned to a new user conflicts with that of an online user. By default, if the NE20E
detects that the IPv6 address assigned to a new user is the same as the IPv6 address of an
online user, it sends a DHCPv6 Decline message to the DHCPv6 server. Then the new user
cannot go online, but the online user is not affected.
In scenarios in which IPv6 addresses are assigned based on the Option 82 field that carries
physical location information of users and ARP probe is not configured, the online user is
required to go offline to allow the new user to go online. For example, if a CPE is replaced,
users attached to the old CPE will switch to the new CPE to go online. As their physical
location information remains the same, they will be assigned the same IPv6 addresses as
before. However, if the previous IPv6 address lease has not expired, the user information is
retained. Therefore, the NE20E considers that the users are already online and discards the
user packets sent from the new CPE. Subsequently, the users fail to go online through the new
CPE. To allow the users to go online through the new CPE, configure the NE20E to delete the
previous user information and deny new user access so that the users can be triggered to go
online again.
Procedure
Step 2 Run dhcpv6 conflict-ip-address offline user [ include framed-ipv6 ]
The NE20E is configured to log out an online user and deny access of a new user if it detects
that the IPv6 address assigned to the new user from a remote address pool or by the RADIUS
server is the same as the IPv6 address of the online user.
Step 3 Run commit
----End
6.6.7 (Optional) Setting Priorities for the DHCPv6 Option

If the DHCPv6 Option is configured in the domain view and in the address pool view and
delivered by the RADIUS server, you can configure priorities for the DHCPv6 Option.
Procedure
Step 2 Run dhcpv6 option-priority radius domain pool
The highest, medium, and lowest priorities are configured for the DHCPv6 Option delivered
by the RADIUS server, configured in the domain view, and configured in the address pool
view, respectively.
Step 3 Run commit

----End
6.7 Configuring DHCPv6 (IA_NA) Address Allocation

This section describes how to configure the NE20E to use DHCPv6 (IA_NA) to allocate IPv6
addresses when the CPE works in bridging mode.
Usage Scenario
In DHCPv6(IA_NA) address allocation mode, IA_NA options are used to carry IA addresses
to be allocated.
Figure 6-5 Networking diagram of DHCPv6(IA_NA) address allocation mode
DHCPv 6(IA_NA)
Access Backbone
network network
HOST CPE
Device
The host initiates a connection request and the CPE transparently forwards the connection
request packet. The NE20E uses DHCPv6 (IA_NA) to allocate IPv6 addresses to the host.
Before configuring DHCPv6 address allocation, enable IPv6.
Figure 6-6 Flowchart for configuring DHCPv6 (IA_NA) address allocation
Configuring a Local DHCPv6 Configuring a DHCPv6 Relay

Server
or
Agent on the User Side
Configuring the state of Address Configuring the state of Address

Allocation(M=1) Allocation(M=1)
Mandatory
Optional
6.7.1 Configuring the NE20E based on Its Role

This section describes how to configure the NE20E based on its role.

Context
When a device acts as a DHCPv6 relay agent, refer to the configuration of 6.4 Configuring a
DHCPv6 Relay Agent on the User Side.
When a device acts as a DHCPv6 server, perform the following operations to allow Layer 3
DHCPv6 users to request for IPv6 addresses from an IPv6 relay address pool.
Procedure
Step 2 Run ipv6 prefix prefix-name local
An IPv6 prefix pool is created, and the IPv6 prefix pool view is displayed.
The address pool is of the relay type, and the prefix pool must be configured as the local
mode.
Step 3 Run prefix prefix-address/prefix-length
An IPv6 address prefix is configured.
Step 4 Run quit
Step 5 Run ipv6 pool pool-name bas relay
The IPv6 address pool is bound to the IPv6 prefix pool.
----End
6.7.2 Configuring the State of Address Allocation

Configuring the state of address allocation according to the IPv6 access mode and address
allocation mode.
Context
Stateful address allocation (M=1) should be configured for IA_NA and IA_NA+IA_PD
address allocation modes.
If the M flag is 1, the clients need to obtain IPv6 addresses and other configuration
information in stateful mode.
NOTE
l For PPPoE users, the domain configuration determines whether stateful or stateless configuration
should be adopted.
l For IPoE users, the interface configuration determines whether stateful or stateless address
configuration should be adopted.

Procedure
l Configure the state of address allocation on an interface.
a. Run system-view

b. Run interface interface-type interface-number

c. Run ipv6 nd autoconfig managed-address-flag
Stateful address allocation mode is enabled.

d. Run ipv6 nd autoconfig other-flag
The O flag is set to 1 to enable stateful mode.
Configures unicast as the destination IP address type for RA packets.
a. Run bas

b. (Optional) Run ipv6 nd ra unicast
The router is enabled to send RA packets that carry unicast destination IP addresses
in response to IPoEv6 user access requests.
l Configure the state of address allocation in a domain.
a. Run system-view

b. Run aaa

c. Run domain domain-name

d. Run ipv6 nd autoconfig managed-address-flag [ interface-id ipv6cp ]
Stateful address allocation is configured for PPPoX users.

e. Run ipv6 nd autoconfig other-flag { ndra | dhcpv6 }
The O flag is set.

f. (Optional) Run prefix-assign-mode unshared
The IPv6 prefix allocation mode is set to unshared mode. After the configuration,
IPv6 users do not share the same IP prefix.
g. (Optional) Run dhcpv6-follow-ipv6cp wait-delay { time-value| infinity }
The timeout period for waiting for a DHCPv6 connection request is set.
h. (Optional) Run ipv6 nd ra unicast
in response to PPPv6 user access requests.
l Run commit

----End
6.7.3 Verifying the DHCPv6 (IA_NA) Address Allocation

Configuration
After DHCPv6 address allocation mode is configured, you can check the configuration of the
IPv6 address pool, the prefix pool, the domain, and usage in the address pool bound to the
domain.
Procedure
configurations.
l Run the display domain [ domain-name ] command to check the domain configurations.
l Run the display ipv6-pool pool-usage [ domain domain-name | pool-name [ pool-
name ] ] command to check information about the usage of the address pool.
l Run the display ipv6-pool max-usage { pool [ pool-name ] | domain [ domain-name ] }
command in any view to check the historical maximum usage of addresses in an IPv6
address pool.
----End
6.8 Configuring DHCPv6 (IA_PD) Prefix Allocation

This section describes how to configure the NE20E to allocate prefixes to the CPE when the
CPE works in unnumbered routing mode. The CPE allocates the prefixes to the attached host
to generate IPv6 addresses.
Usage Scenario
In DHCPv6 prefix allocation, the IA_PD option is used to carry IA prefixes.
Figure 6-7 Networking diagram of IA_PD prefix allocation
IA-PD
Access Backbone
network network
HOST CPE
unnumbered Device

The CPE initiates a connection request, and the NE20E uses DHCPv6 (IA_PD) to allocate
prefixes to the CPE and the CPE allocates the prefixes to the attached host for the host to
generate IPv6 addresses.
Before configuring PD (IA_PD) prefix allocation, enable IPv6.

Context
PD(IA_PD) prefix allocation is used, and NE20E acts as a delegating router. For details, refer
to the configuration of 6.5 Configuring a Delegating Router.
When NE20E acts as a DHCPv6 relay agent, refer to the configuration of 6.4 Configuring a
DHCPv6 Relay Agent on the User Side.
6.8.2 Checking the DHCPv6 (IA_PD) Prefix Allocation

Configuration
After PD (IA_PD) prefix allocation is configured, you can check the configurations of the
IPv6 address pool, the prefix pool, the domain and address usage in the address pool bound to
a domain.
Procedure
configurations.
----End

6.9 Configuring DHCPv6 (IA_NA+IA_PD) Address

Allocation
This section describes how to configure the NE20E to use DHCPv6 to allocate IPv6 addresses
and prefixes to the WAN interface on the CPE when the CPE works in numbered routing
mode. The CPE sends the prefixes to the attached hosts for them to generate IPv6 addresses.
Usage Scenario
The NE20E uses DHCPv6 to allocate addresses to the WAN interfaces on the CPE and uses
PD to allocate the prefixes to the CPE working in numbered mode. The CPE sends the
prefixes to Home LANs.
Figure 6-8 Networking diagram of DHCPv6(IA_NA+IA_PD) Address Allocation
IA-PD
Access Backbone
network network
HOST CPE
numbered Device
The CPE initiates a connection request, and the NE20E uses DHCPv6 (IA_NA) to allocate
IPv6 addresses to the WAN interfaces on the CPE and uses DHCPv6 (IA_PD) to allocate
prefixes to the CPE and the CPE allocates the prefixes to the attached host for the host to
Before configuring DHCPv6(IA_NA+IA_PD) address allocation, complete the following
tasks:
Setting the CPE working mode to numbered routing mode
Enabling IPv6 on interfaces

Context
When IA_NA is used to allocate addresses to the WAN interfaces on the CPE, refer to the
configuration of 6.7 Configuring DHCPv6 (IA_NA) Address Allocation.
When DHCPv6 (IA_PD) is used to allocate prefixes to the CPE, refer to the configuration of
6.8 Configuring DHCPv6 (IA_PD) Prefix Allocation.

NOTE
In IA_NA+IA_PD address allocation, a DNS server must be configured for both the address pool for
IA_NA address allocation and the address pool for IA_PD address allocation.
6.9.2 Configuring the State of Address Allocation

allocation mode.
Context
Stateful address allocation (M=1) should be configured for IA_NA and IA_NA+IA_PD
address allocation modes.
If the M flag is 1, the clients need to obtain IPv6 addresses and other configuration
information in stateful mode.
NOTE
should be adopted.
Procedure
l Configure the state of address allocation on an interface.
a. Run system-view


c. Run ipv6 nd autoconfig managed-address-flag
Stateful address allocation mode is enabled.

Configures unicast as the destination IP address type for RA packets.
a. Run bas

b. (Optional) Run ipv6 nd ra unicast
in response to IPoEv6 user access requests.
l Configure the state of address allocation in a domain.
a. Run system-view

b. Run aaa


d. Run ipv6 nd autoconfig managed-address-flag [ interface-id ipv6cp ]
Stateful address allocation is configured for PPPoX users.

The O flag is set.

f. (Optional) Run prefix-assign-mode unshared
g. (Optional) Run dhcpv6-follow-ipv6cp wait-delay { time-value| infinity }
h. (Optional) Run ipv6 nd ra unicast
in response to PPPv6 user access requests.
l Run commit
----End
6.9.3 Verifying the DHCPv6 (IA_NA+IA_PD) Address Allocation

Configuration
After DHCPv6 PD (IA_NA+IA_PD) address allocation is configured, you can check the
configuration of the IPv6 address pool, the prefix pool, the domain, and address usage in the
address pool bound to the domain.
Procedure
configurations.
----End

6.10 Configuring NDRA Address Allocation

This section describes how to configure the NE20E to use ND to allocate IPv6 addresses
when the CPE works in bridging mode.
Usage Scenario
NDRA address allocation is implemented using Stateless Address Autoconfiguration
(SLAAC).
The NE20E allocates only the 64-bit IPv6 prefixes. The 64-bit interface ID is generated by the
client itself.
Figure 6-9 Networking diagram of NDRA Address Allocation
NDRA
Access Backbone
network network
HOST CPE
Device
The host initiates a connection request, and the CPE transparently forwards the connection
request packet. The NE20E uses NDRA to allocate IPv6 addresses to the host.
NOTE
If NDRA address allocation is configured for IPoXv6 users, only unshared IPv6 prefixes support to
allocate .
Before configuring NDRA address allocation, complete the following tasks:
Configuring the CPE working mode as bridging mode
Enabling IPv6

Configuring an IPv6 prefix pool
Configuring an IPv6 Address Pool
Binding an IPv6 Address Pool to a

Domain
Configuring the state of Address

Allocation(M=0)
Configuring a Constant Index for an Mandatory

IPv6 Prefix Pool or IPv6 Address Pool Optional
6.10.1 Configuring an IPv6 prefix pool

Before configuring the NDRA address allocation mode, configure an IPv6 prefix pool and
bind it to an address pool.
Context
l Prefix configuration
Only one prefix and one mask can be configured for a local prefix pool. The mask length
ranges from 1 bit to 128 bits.
l Prefix locking configuration
After a prefix pool is locked, the leases of prefixes that have been allocated cannot be
extended and new addresses cannot be allocated.
l Address conflict resolution configuration
If an IPv6 address status conflict is resolved, the address can be allocated to another user.
l Binding an IPv6 prefix pool to a VPN instance
After a prefix pool is bound to a VPN instance, prefixes in the prefix pool can be
allocated to VPN users.
l Prefix lease configuration
A preferred prefix lifetime and valid prefix lifetime can be configured. The default value
for the preferred prefix lifetime is 2 days, and the default value for the valid prefix
lifetime is 3 days. The preferred prefix lifetime is used to limit the lease renewal time
and rebinding time. By default, the lease renewal time accounts for 50% of the preferred
prefix lifetime, and rebinding time accounts for 80% of the preferred lifetime. The valid
prefix lifetime specifies the validity period in which an address can be used.
l Address reservation configuration
Addresses in the local prefix pool have four reservation types:
– 1: MAC reservation
– 2: MAC+lease-based reservation
– 3: DUID reservation

– 4: DUID+lease-based reservation
l Address withdrawal
The address of an offline user can be withdrawn using the command.
l Exclusive prefix pool configuration
The delegation prefix pool can be used to allocate unshared prefixes to ND users or
prefixes only to DHCPv6 (IA_PD) users.
l Prefix exclusion
In complex network planning, some IPv6 prefixes cannot be allocated to users.
l Address exclusion
In complex network planning, some IPv6 addresses cannot be allocated to users.
Procedure
Step 2 Run ipv6 prefix prefix-name [ local | delegation ]
An IPv6 prefix pool is created and the IPv6 prefix pool view is displayed.
l The local prefix pool is used to allocate shared prefixes to ND users.
l The delegation prefix pool can allocate unshared prefixes to ND users. The delegation
prefix pool configured with slaac-unshare-only enjoys a higher priority.
Step 3 (Optional) Run slaac-unshare-only
The delegation prefix pool can be used only in stateless address allocation mode.
After this command is run, the delegation prefix pool no longer allocates prefixes when
receiving a DHCPv6 IAPD packet from the clients applying for addresses. In addition, the
delegation prefix pool configured with this command takes precedence over those without this
configuration.
Step 4 Run prefix prefix-address/prefix-length [ delegating-prefix-length delegating-prefix-length ]
IPv6 prefixes are configured.
The assignable prefix length is the length of the IPv6 prefix that a delegating router allocates
to the requesting router. The assignable prefix length in a prefix pool must be greater than or
equal to the prefix length configured in the prefix pool. Otherwise, the prefix pool cannot
allocate prefixes to users.
Step 5 (Optional) Run excluded-ipv6-address start-ipv6-address [ end-ipv6-address ]
A specified IPv6 address is prohibited.
The prohibited IPv6 address must be in the assignable range of the prefix pool. When the end
IPv6 address is not specified, only the start IPv6 address is prohibited.
Step 6 (Optional) Run excluded-ipv6-prefix start-ipv6-prefix/prefix-length [ end-ipv6-prefix/prefix-
length ]
A specified IPv6 prefix is prohibited.

The prohibited IPv6 prefix must be in the assignable range of the prefix pool. When the end
IPv6 prefix is not specified, only the start IPv6 prefix is prohibited.
Step 9 (Optional) Run lifetime preferred-lifetime { days days-value [ hours hours-value [ minutes
minutes-value ] ] | infinite } valid-lifetime { days days-value [ hours hours-value [ minutes
minutes-value ] ] | infinite }
The preferred lifetime and valid lifetime of IPv6 prefixes are configured.
preferred-lifetime of the IPv6 prefixes in the command is used by the system to calculate the
lease renewal time and rebinding time of the IPv6 prefix pool. The time must be no less than
1 minute. The default value is 2 days.
valid-lifetime specifies the validity period of the prefixes. The users using the prefixes will be
logged off after the validity period expires. The valid-lifetime must be no less than 1 minute,
nor less than the preferred prefix lifetime. The default value is 3 days.
Step 10 (Optional) Run conflict auto-recycle interval interval-time
The interval at which conflicting prefixes are automatically recycled is configured.
This command is valid only to the local prefix pool.
Step 11 (Optional) Run reserved prefix { duid | mac } [ lease ]
The reservation type of user prefixes in the prefix pool is configured.
Step 12 (Optional) Run recycle prefix start-prefix [ end-prefix ]
The prefix status is set to idle.
Step 13 (Optional) Run reserved ipv6-address { duid | mac } [ lease ]
The reservation type for the IPv6 addresses in a local address pool is configured.
Step 14 (Optional) Run recycle ipv6-address start-prefix [ end-prefix ]
The status of IPv6 addresses is set to idle.
Step 15 Run commit
----End

6.10.2 Configuring an IPv6 Address Pool

After an IPv6 prefix pool is configured in NDRA address allocation mode, you need to
configure an IPv6 address pool.
Context
l Prefix binding
A prefix pool can be bound to only one address pool. Similarly, an address pool can be
bound to only one prefix pool. Table 6-2 shows the binding between address pools and
prefix pools.
Table 6-2 Binding between address pools and prefix pools

Address Pool Type Prefix Pool for Binding
User-side local address pool Local prefix pool
User-side delegation address pool Delegation prefix pool
User-side relay address pool Local prefix pool
User-side remote address pool Remote prefix pool
l Priority configuration
Among address pools of the same type, the greater the value of pool, the higher its
priority.
In NDRA address allocation mode, BAS local address pools are used to allocate shared
prefixes, while BAS delegation address pools are used to allocate unshared prefixes. A
BAS delegation address pool configured with slaac-unshare-only takes precedence over
other BAS delegation address pools.
l Address pool binding configuration
An IPv6 address pool whose addresses are in use cannot be deleted. To delete an IPv6
address pool, first run the lock command in the IPv6 address pool view to lock the pool
and then delete it after all online users have logged out.
l DNS suffix configuration
Only one domain name suffix can be set for an IPv6 address pool.
l DNS server configuration
A maximum of two DNS servers can be bound to an IPv6 address pool.
l Address lease configuration
If an IPv6 address pool has been bound to a domain, the address lease cannot be
changed.
Procedure

Step 2 (Optional) Run access wait-request-time dhcpv6 time-value
The timeout period for a router to wait for a Request message from a client in response to an
Advertise message sent to the client is set.
Step 3 Run ipv6 pool pool-name { bas { local | delegation | reomote } }
An IPv6 address pool is created and the IPv6 address pool view is displayed.
NOTE
The parameter remote is controlled by the PAF file. It is disabled by default. That is, the ipv6 pool bas
remote cannot be configured by default.
The IPv6 address pool is bound to an IPv6 prefix pool.
The default value is 255.
Step 6 (Optional) Run dns-server ipv6-address &<1-2>
A DNS server is specified for an IPv6 address pool. An IPv6 address is used to specify a DNS
server.
Step 7 (Optional) Run dns-search-list dns-search-list-name
A DNS suffix is configured to perform domain name resolution.
Step 8 (Optional) Run renew-time-percent renew-time-percent rebind-time-percent rebind-time-

percent
A lease renewal time and rebinding time are set for the IPv6 address pool.
By default, the renewal time for an IPv6 address pool is 50% of the preferred lifetime and the
rebinding time is 80% of the preferred lifetime.
Step 9 (Optional) Run ipv6-pool statistic include shared-user
IPv6 address pool statistics include those about users sharing the prefix pool.
Step 10 (Optional) Run wait-request-time time-value
The timeout period for a router to wait for a Request message from a client in response to an
Advertise message sent to the client is set.
NOTE
The wait-request-time time-value command is run in the IP address pool view whereas the access wait-
request-time dhcpv6 time-value command is run in the system view. If the two commands are both run,
the wait-request-time time-value command takes effect.
Step 11 Run commit
----End

6.10.3 Binding an IPv6 Address Pool to a Domain

Users in the domain can obtain addresses from the address pool only after an IPv6 address
pool is bound to a domain.
Prerequisites
The address pool to be bound has been created and bound to a prefix pool.
Context
Procedure
Step 2 Run aaa
A domain is created and the domain view is displayed.
The IPv6 local address pool or the delegation address pool is bound to the domain.
Step 5 (Optional) Run ipv6-warning-threshold { upper-limit-value | lower-limit lower-limit-value }
Threshold for the usage of IPv6 addresses and prefixes is configured.
Step 6 Run commit
----End
6.10.4 (Optional) Configuring the state of Address Allocation

allocation mode.
Context
Stateless address allocation (M=0) should be configured for NDRA and NDRA+IA_PD
address allocation modes. By default, the M flag is 0, you need not configuration.

NOTE
should be adopted.
If the M flag is 0, and the O flag is 1, the clients need to obtain other configuration
information except IPv6 addresses in stateful mode.
Procedure
l State of the interface
a. Run system-view
c. Run undo ipv6 nd autoconfig managed-address-flag
Stateless address allocation mode is enabled.
l State of the domain
a. Run system-view
b. Run aaa
A domain is created and the AAA view is displayed.
d. Run undo ipv6 nd autoconfig managed-address-flag
Stateless address allocation is configured for PPPoX users.
The O flag is set.
f. Run prefix-assign-mode unshared
g. Run dhcpv6-follow-ipv6cp wait-delay time-value
l Run commit
----End

6.10.5 (Optional) Configuring a Constant Index for an IPv6

Address Pool
Context
After the ip-pool constant-index enable command is used, the index of the IPv4 address
pool, IPv6 prefix pool, or IPv6 address pool does not change after the device restarts. The
constant-index index command is automatically generated in the views of all the IPv4
address pools, IPv6 prefix pools, and IPv6 address pools configured on the device for users to
check the constant value. But the constant-index command cannot be used to change the
automatically generated constant index for an IPv6 prefix pool or IPv6 address pool.
Procedure
Step 2 Run ip-pool constant-index enable
The constant index function is enabled for IPv4 address pools, IPv6 prefix pools, and IPv6
address pools.
Step 3 Run commit
----End
6.10.6 (Optional) Locking an IPv6 Address Pool

This section describes how to lock an IPv6 address pool so that the address pool cannot be
used to assign IPv6 addresses to new users.
Context
An IPv6 address pool with an in-use IPv6 address cannot be deleted. Therefore, configure the
drain function to lock the IPv6 address pool before you delete the address pool. After an IPv6
address pool is locked using the lock drain command, DHCP Renew or Rebind messages
from online users will be discarded. The IPv6 address pool can be deleted after all online
users using the address pool go offline upon lease expiry. If you only need to disable an IPv6
address pool so that the address pool will not be used to assign IPv6 addresses to new users
but online users can still use assigned IPv6 addresses, configure the lock function to lock the
address pool using the lock command.
Perform the following steps on the router.
Procedure
Step 2 Run ipv6 pool pool-name [ bas { local | remote | delegation | relay } ]
The IPv6 address pool view is displayed.

Step 3 Perform either of the following configurations as needed:

l Configure the drain function to lock the IPv6 address pool.
a. Run lock drain
The IPv6 address pool is locked so that the address pool cannot be used to assign
IPv6 addresses to new users and Renew or Rebind messages from online users
using the address pool are discarded.
NOTE
This command does not take effect for ND users in remote address pool scenarios.
b. Run commit
l Configure the lock function to lock the IPv6 address pool.
a. Run lock
The IPv6 address pool is locked so that the address pool cannot be used to assign
IPv6 addresses to new users but Renew or Rebind messages from online users can
still be processed.
b. Run commit
----End
6.10.7 Verifying the NDRA Address Allocation Configuration

After completing configurations, you can view information about the IPv6 address pool, the
prefix pool, domain configurations, and the address usage of the address pool.
Procedure
l Run the display ipv6 pool [ pool-name ] command to check information about the IPv6
address pool.
l Run the display ipv6 prefix [ prefix-name [ all | used ] ] command to check information
about the prefix pool.
l Run the display domain [ domain-name ] command to check information about the
domain.
l Run the display ipv6-pool max-usage { pool [ pool-name ] | domain [ domain-name ] }
command in any view to check the historical maximum usage of addresses in an IPv6
address pool.
----End

6.11 Configuring NDRA+DHCPv6 (IA_PD) Address

Allocation
This section describes how to configure the NE20E to use ND to allocate IPv6 addresses to
the WAN interfaces on the CPE and use DHCPv6 (IA_PD) to allocate prefixes to the CPE
when the CPE works in numbered routing mode. The CPE allocates the prefixes to the
attached hosts to generate IPv6 addresses.
Usage Scenario
The CPE sends a DHCPv6 packet only carrying the IA_PD option to allocate IPv6 prefixes to
Home LANs; the NE20E uses an RA packet to send the IPv6 prefixes allocated to the WAN
interfaces on the CPE to the CPE to generate IPv6 addresses.
Figure 6-10 Networking diagram of NDRA+DHCPv6 (IA_PD) address allocation
NDRA+IA-PD
Access Backbone
network network
HOST CPE
numbered Device
The CPE initiates a connection request, and the NE20E uses NDRA to allocate IPv6
addresses to the WAN interfaces on the CPE and uses DHCPv6 (IA_PD) to allocate prefixes
to the CPE and the CPE allocates the prefixes to the attached host for the host to generate
IPv6 addresses.
Before configuring NDRA+DHCPv6 (IA_PD) address allocation, complete the following
tasks:
Setting the CPE working mode to numbered routing mode
Enabling IPv6 on interfaces

This section describes how to configure the NE20E based on is role.
Context
When NDRA is used to allocate addresses to the WAN interfaces on the CPE, refer to the
configuration of 6.10 Configuring NDRA Address Allocation.
When DHCPv6(IA_PD) is used to allocate prefixes to the CPE, refer to the configuration of
6.8 Configuring DHCPv6 (IA_PD) Prefix Allocation.

NOTE
In NDRA+IA_PD address allocation, a DNS server must be configured for both the address pool for
NDRA address allocation and the address pool for IA_PD address allocation.
6.11.2 (Optional) Configuring the state of Address Allocation

allocation mode.
Context
Stateless address allocation (M=0) should be configured for NDRA and NDRA+IA_PD
address allocation modes. By default, the M flag is 0, you need not configuration.
NOTE
should be adopted.
If the M flag is 0, and the O flag is 1, the clients need to obtain other configuration
information except IPv6 addresses in stateful mode.
Procedure
l State of the interface
a. Run system-view
c. Run undo ipv6 nd autoconfig managed-address-flag
Stateless address allocation mode is enabled.
l State of the domain
a. Run system-view
b. Run aaa
A domain is created and the AAA view is displayed.

d. Run undo ipv6 nd autoconfig managed-address-flag
Stateless address allocation is configured for PPPoX users.

The O flag is set.

f. Run prefix-assign-mode unshared
g. Run dhcpv6-follow-ipv6cp wait-delay time-value
l Run commit
----End
6.11.3 Verifying the NDRA+DHCPv6 (IA_PD) Address Allocation

Configuration
After NDRA+DHCPv6 (IA_PD) address allocation is configured, you can check the
configuration of the IPv6 address pool, the prefix pool, the domain, and address usage in the
address pool bound to the domain.
Procedure
configurations.
----End
6.12 Maintaining IPv6 Address Management
6.12.1 Clearing IPv6 Address Statistics

Context
IPv6 address statistics cannot be restored after they are cleared. Exercise caution when
running the reset ipv6-pool max-ratio domain command.
Procedure
l Run the reset ipv6-pool max-ratio domain command in the user view to clear statistics
about IPv6 address pool usage in all domains on the device.
----End
6.13 Configuration Examples for IPv6 Address

Management
This section provides several examples of IPv6 address management. Each configuration
example includes the networking requirements, configuration notes, and configuration
roadmap.
6.13.1 Example for Assigning IPv6 Prefixes to Users from the

User-side Delegation Address Pool
This section provides an example for assigning IPv6 prefixes to users from a user-side
delegation address pool, including the networking requirements, configuration roadmap,
configuration procedure, and configuration files.
Networking Requirements
The CPE obtains IPv6 address or prefixes in NDRA+DHCPv6(IA_PD) mode from the
NE20E, and the LAN users attached to the CPE use the prefixes and the interface IDs to
As shown in Figure 6-11:
l The NE20E functions as a delegating router assigning IPv6 prefixes to a requesting

router.
l The requesting router is located in domain isp1. It connects to the delegating router
through GE 1/0/1, and adopts the PPP authentication method.
l RADIUS authentication and RADIUS accounting are used.
l The IP address of the RADIUS server is 10.6.55.55, the respective numbers of
authentication and accounting ports are 1550 and 1551, and the standard RADIUS
protocol is adopted with the key being it-is-my-secret1.
l The IP address of the DNS server is 3002:3101::2:2.

Figure 6-11 Networking diagram of assigning IPv6 prefixes to users from the local delegation
address pool on the user side
NOTE
Interfaces 1 through 2 in this example are 0/1/1, 0/1/2, respectively.
DNS server RADIUS server
Interface1 Interface2 Internet
Requesting DeviceA Delegating DeviceB

suberscriber@isp1 suberscriber@isp1
Configuration Roadmap
The configuration roadmap is as follows:
1. Configure a VT.
2. Configure the AAA scheme.
3. Configure a RADIUS server group.
4. Configure a prefix pool, an address pool (with the IP address of the DNS server
specified), and the binding between the two.
5. Configure a domain named isp1.
6. Configure a DUID for the DHCPv6 server.
7. Configure interfaces.
Data Preparation
To complete the configuration, you need the following data:
l Name of the authentication template and authentication method

l Name of the accounting template and accounting mode
l Name of the RADIUS server group and IP addresses and port numbers of the RADIUS
authentication server and accounting server
l Names of the local IPv6 prefix pool and IPv6 delegation pool, address prefix, and
assignable prefix length
l Names of the user-side local IPv6 address pool and user-side delegation address pool
l Domain name

l Parameters of the BAS interface
Procedure
Step 1 Only the configuration procedure for the NE20E is provided.
# Configure the virtual template.

[*Device] interface Virtual-Template 1
[*Device-Virtual-Template1] ppp authentication-mode pap
[*Device-Virtual-Template1] commit
[~Device-Virtual-Template1] quit
Step 2 Configure AAA schemes.
# Configure an authentication scheme.

[*Device] aaa
[*Device-aaa] authentication-scheme auth1
[*Device-aaa-authen-auth1] authentication-mode radius
[*Device-aaa-authen-auth1] commit
[~Device-aaa-authen-auth1] quit
# Configure an accounting scheme.

[*Device-aaa] accounting-scheme acct1
[*Device-aaa-accounting-acct1] accounting-mode radius
[*Device-aaa-accounting-acct1] commit
[~Device-aaa-accounting-acct1] quit
[~Device-aaa] quit
Step 3 Configure a RADIUS server group.

[*Device] radius-server group rd1
[*Device-radius-rd1] radius-server authentication 10.6.55.55 1550
[*Device-radius-rd1] radius-server accounting 10.6.55.55 1551
[*Device-radius-rd1] radius-server type standard
[*Device-radius-rd1] radius-server shared-key-cipher it-is-my-secret1
[*Device-radius-rd1] commit
[~Device-radius-rd1] quit
Step 4 Configure a local prefix pool.

[*Device] ipv6 prefix pre1 local
[*Device-ipv6-prefix-pre1] prefix 2010:2021::/64
[*Device-ipv6-prefix-pre1] commit
[~Device-ipv6-prefix-pre1] quit
Step 5 Configure a user-side local address pool.

[*Device] ipv6 pool pool1 bas local
[*Device-ipv6-pool-pool1] prefix pre1
[*Device-ipv6-pool-pool1] dns-server 3002:3101::2:2
[*Device-ipv6-pool-pool1] commit
[~Device-ipv6-pool-pool1] quit
Step 6 Configure a delegation prefix pool.

[*Device] ipv6 prefix pre2 delegation
[*Device-ipv6-prefix-pre2] prefix 2011:2022::/62 delegating-prefix-length 63
Step 7 Configure a user-side delegation address pool.

[*Device] ipv6 pool pool2 bas delegation
[*Device-ipv6-pool-pool2] dns-server 3002:3101::2:2

Step 8 Configure a domain named isp1.

[*Device] aaa
[*Device-aaa] domain isp1
[*Device-aaa-domain-isp1] authentication-scheme auth1
[*Device-aaa-domain-isp1] accounting-scheme acct1
[*Device-aaa-domain-isp1] radius-server group rd1
[*Device-aaa-domain-isp1] ipv6-pool pool1
[*Device-aaa-domain-isp1] commit
[~Device-aaa-domain-isp1] quit
[~Device-aaa] quit
Step 9 Configure a DUID for the DHCPv6 server.

[*Device] dhcpv6 duid llt
Warning:The change of DUID will cause the accessed user work abnormally,
are you sure to change ? [Y/N]: y
Step 10 Configure interfaces.

# Bind GE 0/1/1.1 to a virtual template.
[*Device] interface GigabitEthernet 0/1/1.1
[*Device-GigabitEthernet0/1/1.1] pppoe-server bind virtual-template 1
# Configure a BAS interface.

[*Device-GigabitEthernet0/1/1.1] user-vlan 1
[*Device-GigabitEthernet0/1/1.1] bas
[*Device-GigabitEthernet0/1/1.1-bas] access-type layer2-subscriber default-domain
authentication isp1
[*Device-GigabitEthernet0/1/1.1-bas] commit
[~Device-GigabitEthernet0/1/1.1-bas] quit
# Enable IPv6 on GE 0/1/1.1.

[*Device-GigabitEthernet0/1/1.1] ipv6 enable
[*Device-GigabitEthernet0/1/1.1] ipv6 address auto link-local
[*Device-GigabitEthernet0/1/1.1] commit
[~Device-GigabitEthernet0/1/1.1] quit
# Configure an upstream interface.

[*Device] interface GigabitEthernet 1/0/2
[*Device-GigabitEthernet1/0/2] ipv6 enable
[*Device-GigabitEthernet1/0/2] ipv6 address auto link-local
[*Device-GigabitEthernet1/0/2] ipv6 address 2011::1/64 eui-64
[*Device-GigabitEthernet1/0/2] commit
[~Device-GigabitEthernet1/0/2] quit
Step 11 Verify the configuration.

# Check information about the prefix pool named pre1. You can see that the prefix pool is a
local prefix pool and the prefix address is 2010:2021::/64.
<HUAWEI> display ipv6 prefix pre1
-------------------------------------------------------------
Prefix Name : pre1
Prefix Index : 4
Prefix constant index: -
Prefix Type : LOCAL
Prefix Address : 2010:2021::
Prefix Length : 64
Reserved Type : NONE
Valid Lifetime : 3 Days 0 Hours 0 Minutes
Preferred Lifetime: 2 Days 0 Hours 0 Minutes
IfLocked : Unlocked
Vpn instance : -
Conflict address : -

Free Prefix Count : 262144

Used Prefix Count : 0
Reserved Prefix Count: 0
-------------------------------------------------------------
# Check information about the prefix pool named pre2. You can see that the prefix pool is a
delegation prefix pool with the prefix address being 2011:2022::/62.
<HUAWEI> display ipv6 prefix pre2
-------------------------------------------------------------
Prefix Name : pre2
Prefix Index : 5
Prefix Type : DELEGATION
Prefix Address : 2011:2022::
Prefix Length : 62
Valid Lifetime : 3 Days 0 Hours 0 Minutes
Preferred Lifetime : 2 Days 0 Hours 0 Minutes
IfLocked : Unlocked
Vpn instance : -
PD Prefix Len : 64
PD Prefix/C-DUID : -
slaac-unshare-only : FALSE
Conflict address : -
Free Prefix Count : 4
Used Prefix Count : 0
Binded Prefix Count (Free): 0
Binded Prefix Count (Used): 0
-------------------------------------------------------------
# Check information about the address pool named pool1. You can see that the address pool is
a local address pool at the user side and the address pool is bound to the prefix pool named
pre1.
<HUAWEI> display ipv6 pool pool1
----------------------------------------------------------------------
Pool name : pool1
Pool No : 4
Pool-constant-index :-
Pool type : BAS LOCAL
Preference : 0
Renew time : 50
Rebind time : 80
Status : UNLOCKED
Refresh interval : 0 Days 0 Hours 0 Minutes
Used by domain : 1
Dns list : -
Dns server master : 3002:3101::2:2
AFTR name : -
----------------------------------------------------------------------
----------------------------------------------------------------------
pre1 LOCAL
----------------------------------------------------------------------
# Check information about the address pool named pool2. You can see that the address pool is
a user-side delegation address pool and the address pool is bound to the local prefix pool
named pre2.
<HUAWEI> display ipv6 pool pool2
----------------------------------------------------------------------
Pool name : pool2
Pool No : 5
Pool-constant-index :-

Pool type : BAS DELEGATION

Preference : 255
Renew time : 50
Rebind time : 80
Status : UNLOCKED
Refresh interval : 0 Days 0 Hours 0 Minutes
Used by domain : 0
Dns list : -
AFTR name : -
----------------------------------------------------------------------
----------------------------------------------------------------------
pre2 DELEGATION
----------------------------------------------------------------------
# Check configurations of the domain isp1. You can see that the domain is bound to IPv6
address pools pool1 and pool2.
<HUAWEI> display domain isp1
------------------------------------------------------------------------------
Domain-name : isp1
Domain-state : Active
Authentication-scheme-name : auth1
Accounting-scheme-name : acct1
Authorization-scheme-name :
Primary-DNS-IP-address : -
Second-DNS-IP-address : -
Web-server-URL-parameter : No
Portal-server-URL-parameter : No
Primary-NBNS-IP-address : -
Second-NBNS-IP-address : -
User-group-name : -
Idle-data-attribute (time,flow) : 0, 60
Install-BOD-Count : 0
Report-VSM-User-Count : 0
Value-added-service : COPS
User-access-limit : 279552
Online-number : 0
Web-IP-address : -
Web-URL : -
Slave Web-IP-address : -
Slave Web-URL : -
Slave Web-auth-server : -
Slave Web-auth-state : -
Portal-server-IP : -
Portal-URL : -
Portal-force-times : 2
PPPoE-user-URL : Disable
IPUser-ReAuth-Time(second) : 300
mscg-name-portal-key : -
Portal-user-first-url-key : -
Ancp auto qos adapt : Disable
RADIUS-server-template : rd1
Two-acct-template : -
HWTACACS-server-template : -
Bill Flow : Disable
Tunnel-acct-2867 : Disabled
Flow Statistic:
Flow-Statistic-Up : Yes
Flow-Statistic-Down : Yes
Source-IP-route : Disable
IP-warning-threshold : -
IPv6-warning-threshold : -
Multicast Forwarding : Yes
Multicast Virtual : No

Multicast-profile ipv6 : -
Max-multilist num : 4
Multicast-profile : -
IPv6-Pool-name : pool1
IPv6-Pool-name : pool2
Quota-out : Offline
Service-type : -
User-basic-service-ip-type : -/-/-
PPP-ipv6-address-protocol : Ndra
IPv6-information-protocol : Stateless dhcpv6
IPv6-PPP-assign-interfaceid : Disable
Trigger-packet-wait-delay : 60s
Peer-backup : enable
------------------------------------------------------------------------------
----End
Configuration Files
l router Configuration Files
#
sysname HUAWEI
#
ipv6
#
dhcpv6 duid 006735f300188253a56a
#
radius-server group rd1
radius-server authentication 10.6.55.55 1550 weight 0
radius-server accounting 10.6.55.55 1551 weight 0
radius-server shared-key-cipher %^%#vS%796FO7%C~pB%CR=q;j}gSCqR-X6+P!.DYI@)%^%
#
interface Virtual-Template1
ppp authentication-mode pap
#
ipv6 prefix pre1 local
prefix 2010:2021::/64
#
ipv6 prefix pre2 delegation
prefix 2011:2022::/62
delegating-prefix-length 63
#
ipv6 pool pool1 bas local
prefix pre1
#
ipv6 pool pool2 bas delegation
prefix pre2
dns-server 3002:3101::2:2
#
aaa
authentication-scheme default0
authentication-scheme auth1
authentication-mode radius
#
accounting-scheme default0
accounting-scheme acct1
accounting-mode radius
#
domain isp1
ipv6-pool pool1
ipv6-pool pool2
#
interface GigabitEthernet0/1/1.1

pppoe-server bind Virtual-Template 1

ipv6 enable
ipv6 address auto link-local
bas
access-type layer2-subscriber default-domain authentication isp1
#
interface GigabitEthernet1/0/2
ipv6 enable
ipv6 address 2011::1/64 eui-64
#
return
6.13.2 Example for Configuring a Remote Address Pool for

DHCPv6 Users' IPv6 Address Assignment
This section provides an example for configuring a user-side remote address pool that is used
to assign IPv6 addresses to DHCPv6 users, including the networking requirements,
configuration roadmap, configuration procedure, and configuration files.
When a DHCPv6 server and clients reside on different links, the Device can function as a
Layer 2 access device to relay user requests for IPv6 addresses or prefixes to the DHCPv6
server.
On the network in Figure 6-12, the requirements are as follows:
l The user accesses the Device in IPoE mode, and the user belongs to the domain isp1.
l The user is assigned an address on the network segment 2660:2321::/64.
l RADIUS authentication and accounting are used.
l The IP address of the RADIUS server is 10.6.55.55. The authentication port number is
1550, and the accounting port number is 1551. The standard RADIUS protocol is used,
with the password it-is-my-secret1.
l The IP address of the DHCPv6 server is 3002:3101::2:2.
Figure 6-12 Configuring a remote address pool to assign IPv6 addresses

NOTE
Interfaces 1 through 2 in this example are 0/1/1.1, 0/1/2, respectively.
DHCPv6 server RADIUS server
Access Interface1 Interface2 Internet

network
user@isp1 Device

1. Configure AAA schemes.
3. Configure a DHCPv6 server group.
4. Configure a remote IPv6 prefix pool.
5. Configure a user-side remote address pool and bind the DHCPv6 server group and IPv6
prefix pool to the address pool.
6. Configure an AAA domain to be used as the default authentication domain.
7. Configure a BAS interface.
Data Preparation
l Remote IPv6 prefix pool name
l Remote address pool name
l Assignable IPv6 prefixes and prefix lengths
Procedure
Step 1 Configure AAA schemes on the Device.
[*Device] aaa

[*Device-aaa-accounting-acct1] commit
[*Device-aaa-accounting-acct1] quit
[~Device-aaa] quit
Step 2 Configure a RADIUS server group on the Device.

Step 3 Configure a DHCPv6 server group named server1 on the Device.

[*Device] dhcpv6-server group server1
Info: It's successful to create a DHCPV6 server group
[*Device-dhcpv6-server-group-server1] dhcpv6-server destination 3002:3101::2:2
[*Device- dhcpv6-server-group-server1] commit
[~Device- dhcpv6-server-group-server1] quit

Step 4 Configure a remote IPv6 prefix pool named pre1 on the Device.
[*Device] ipv6 prefix pre1 remote
Info:Create a prefix pool
[*Device-ipv6-prefix-pre1] link-address 2660:2321::1/64
[*Device-ipv6-prefix-pre1] dhcpv6-only
NOTE
The dhcpv6-only command allows the IPv6 prefix pool to be used for IPv6 address or prefix assignment only
for DHCPv6 users. If the dhcpv6-only command is not run, the IPv6 prefix pool can be used for both ND and
DHCPv6 users.
Step 5 Configure a user-side remote address pool named pool1 on the Device.
[*Device] ipv6 pool pool1 bas remote
[*Device-ipv6-pool-pool1] dhcpv6-server group server1
Step 6 Configure a domain named isp1 on the Device.

[*Device] aaa
[~Device-aaa] quit
Step 7 Configure a BAS interface.

# Enable IPv6 and configure M and O flags on a user access interface on the Device.
[*Device-GigabitEthernet 0/1/1.1] ipv6 enable
[*Device-GigabitEthernet 0/1/1.1] ipv6 address auto link-local
[*Device-GigabitEthernet 0/1/1.1] ipv6 nd autoconfig managed-address-flag
[*Device-GigabitEthernet 0/1/1.1] ipv6 nd autoconfig other-flag
[*Device-GigabitEthernet 0/1/1.1] commit
[~Device-GigabitEthernet 0/1/1.1] quit
# Configure the interface as a BAS interface.

[HUAWEI-GigabitEthernet 0/1/1.1] user-vlan 1 20
[HUAWEI-GigabitEthernet 0/1/1.1-vlan-1-20] quit
[*Device-GigabitEthernet 0/1/1.1] bas
[*Device-GigabitEthernet 0/1/1.1-bas] access-type layer2-subscriber default-
domain authentication isp1
[*Device-GigabitEthernet 0/1/1.1-bas] authentication-method-ipv6 bind
[*Device-GigabitEthernet 0/1/1.1-bas] commit
[~Device-GigabitEthernet 0/1/1.1-bas] quit
NOTE
l In bind authentication, the user name is automatically generated based on the NE20E's location and
domain name. Therefore, configure a user name based on the generation rule and configure the
password vlan on the RADIUS server.
l For details on the user name generation rule used in bind authentication, see vlanpvc-to-username
in HUAWEI NE20E-S2 Universal Service Router Command Reference.

# Display information about the prefix pool named pre1. The command output shows that the
prefix pool is a remote prefix pool with the prefix address of 2660:2321::/64.

<Device> display ipv6 prefix pre1

-------------------------------------------------------------
Prefix Name : pre1
Prefix Index : 5
Prefix Type : REMOTE
Link-Address : 2660:2321::1
Prefix Length : 64
IfLocked : Unlocked
Vpn instance : -
Lease manage : false
Excluded Prefix Count: 0
-------------------------------------------------------------
# Display information about the address pool named pool1. The command output shows that
the address pool is a user-side remote address pool and the address pool is bound to the
remote prefix pool named pre1.
<Device> display ipv6 pool pool1
---------------------------------------------------------------
Pool name : pool1
Pool No : 3
Pool type : BAS REMOTE
RUI-Flag : -
Preference : 255
Renew time : 50
Rebind time : 80
Status : UNLOCKED
Used by domain : 1
Dns list : -
AFTR name : -
State : UP
Server down times : 0
----------------------------------------------------------------------
----------------------------------------------------------------------
pre1 REMOTE
---------------------------------------------------------------
Step 9 Run commit

----End
Configuration Files
#
ipv6
#
#
dhcpv6-server group server1
dhcpv6-server destination 3002:3101::2:2
#
ipv6 prefix pre1 remote
link-address 2660:2321::1/64

#
ipv6 pool pool1 bas remote
prefix pre1
dhcpv6-server group server1
#
aaa
#
#
domain isp1
ipv6-pool pool1
#
user-vlan 1 20
ipv6 enable
ipv6 nd autoconfig managed-address-flag
ipv6 nd autoconfig other-flag
bas
#
authentication-method-ipv6 bind
#
return
6.13.3 Example for Configuring a Remote Address Pool for ND

Users' IPv6 Address Assignment
This section provides an example for configuring a remote address pool that is used to assign
IPv6 addresses to ND users, including the networking requirements, configuration roadmap,
configuration procedure, and configuration files.
On the network in Figure 6-13, the Device is a DHCPv6 relay agent, and the remote DHCPv6
server assigns ND prefixes to users. The requirements are as follows:
l The user accesses the Device in IPoE mode through GE 1/0/1.1, and the user belongs to
the domain isp1 and uses bind authentication.
l The user is assigned an address on the network segment 2660:2321::/64.
l RADIUS authentication and accounting are used.
l The IP address of the RADIUS server is 10.6.55.55. The authentication port number is
1550, and the accounting port number is 1551. The standard RADIUS protocol is used,
with the password it-is-my-secret1.
l The IP address of the DHCPv6 server is 3002:3101::2:2.
Figure 6-13 Configuring a remote address pool for ND users' IPv6 address assignment
NOTE
Interfaces 1 through 2 in this example are 0/1/1.1, 0/1/2, respectively.

Interface1
1. Enable IPv6 packet forwarding on the Device.
2. Configure AAA schemes.
4. Configure a DHCPv6 server group.
5. Configure a remote IPv6 prefix pool.
6. Configure a user-side remote address pool and bind the DHCPv6 server group and IPv6
prefix pool to the address pool.
7. Configure an AAA domain to be used as the default authentication domain.
8. Configure a BAS interface.
Data Preparation
l Remote IPv6 prefix pool name
l Remote address pool name
l Next-hop relay agent's IPv6 address
l Link-address in the prefix pool
NOTE
The remote DHCPv6 server selects an address pool based on the link-address option in packets sent by the
relay agent.
Procedure
Step 1 Configure a DHCPv6 server group.
<Device> system-view
[*Device] dhcpv6-server group group1
[*Device-dhcpv6-server-group-group1] dhcpv6-server destination 3002:3101::2:2
[*Device-dhcpv6-server-group-group1] commit
[~Device-dhcpv6-server-group-group1] quit
Step 2 Configure a remote prefix pool and a remote address pool.

[*Device] ipv6 prefix pre1 remote
Info:Create a prefix pool
[*Device-ipv6-prefix-pre1] link-address 2660:2321::1/64
[*Device] ipv6 pool pool1 bas remote
[*Device-ipv6-pool-pool1] dhcpv6-server group group1
Step 3 Configure a RADIUS server group on the Device.



Step 4 Configure AAA schemes.

[*Device] aaa

[*Device-aaa-accounting-acct1] quit
[*Device-aaa] commit
[~Device-aaa] quit
Step 5 Configure a domain named isp1.

[*Device] aaa
[*Device-aaa-domain-isp1] prefix-assign-mode unshared
[~Device-aaa] quit
Step 6 Configure a BAS interface.
# Configure a BAS interface on the Device.

[HUAWEI-GigabitEthernet 0/1/1.1] user-vlan 1 20
[HUAWEI-GigabitEthernet 0/1/1.1-vlan-1-20] quit
[*Device-GigabitEthernet 0/1/1.1] ipv6 enable
[*Device-GigabitEthernet 0/1/1.1] ipv6 address auto link-local
[*Device-GigabitEthernet 0/1/1.1] bas
[*Device-GigabitEthernet 0/1/1.1-bas] access-type layer2-subscriber default-
domain authentication isp1
[*Device-GigabitEthernet 0/1/1.1-bas] authentication-method-ipv6 bind
[*Device-GigabitEthernet 0/1/1.1-bas] commit
[~Device-GigabitEthernet 0/1/1.1-bas] quit
NOTE
l In bind authentication, the user name is automatically generated based on the NE20E's location and
domain name. Therefore, configure a user name based on the generation rule and configure the
password vlan on the RADIUS server.
l For details on the user name generation rule used in bind authentication, see vlanpvc-to-username
in HUAWEI NE20E-S2 Universal Service Router Command Reference.
l The interface configurations determine whether IPoE access users use the stateless address
autoconfiguration (M=0) or stateful address autoconfiguration (M=1) mode. If the M flag is 0 and
the O flag is 1, the client uses the stateless address autoconfiguration mode to obtain an IP address
and uses the stateful address autoconfiguration mode to obtain other configuration parameters.

# Display information about the prefix pool named pre1. The command output shows that the
prefix pool is a remote prefix pool.
<Device> display ipv6 prefix pre1
-------------------------------------------------------------
Prefix Name : pre1
Prefix Index : 5
Prefix Type : REMOTE
Link-Address : 2660:2321::1
Prefix Length : 64
IfLocked : Unlocked
Vpn instance : -
Lease manage : false
Excluded Prefix Count: 0
-------------------------------------------------------------
# Display information about the address pool named pool1. The command output shows that
the address pool is a user-side remote address pool and the address pool is bound to the
remote prefix pool named pre1.
<Device> display ipv6 pool pool1
---------------------------------------------------------------
Pool name : pool1
Pool No : 3
Pool type : BAS REMOTE
RUI-Flag : -
Preference : 255
Renew time : 50
Rebind time : 80
Status : UNLOCKED
Used by domain : 1
Dns list : -
AFTR name : -
State : UP
Server down times : 0
----------------------------------------------------------------------
----------------------------------------------------------------------
pre1 REMOTE
---------------------------------------------------------------
Step 8 Run commit

----End
Configuration Files
#
ipv6
#
#
dhcpv6-server group group1
dhcpv6-server destination 3002:3101::2:2

#
ipv6 prefix pre1 remote
link-address 2660:2321::1/64
#
ipv6 pool pool1 bas remote
prefix pre1
dhcpv6-server group group1
#
aaa
#
#
domain isp1
ipv6-pool pool1
prefix-assign-mode unshared
#
user-vlan 1 20
ipv6 enable
bas
#
authentication-method-ipv6 bind
#
return

01-06 IPv6 Address Management Configuration

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

01-06 IPv6 Address Management Configuration

Uploaded by

Copyright:

Available Formats

HUAWEI NE20E-S2 Universal Service Router

Configuration Guide - User Access 6 IPv6 Address Management Configuration

6 IPv6 Address Management Configuration

About This Chapter

This feature is supported only on the Admin-VS.

6.1 Overview of IPv6 Address Management

Issue 01 (2018-12-05) Copyright © Huawei Technologies Co., Ltd. 163

6.1 Overview of IPv6 Address Management

l Configuring a fixed IPv6 address

Issue 01 (2018-12-05) Copyright © Huawei Technologies Co., Ltd. 164

also provides neighbor unreachability detection (NUD), duplicate address detection

Issue 01 (2018-12-05) Copyright © Huawei Technologies Co., Ltd. 165

6.2 Licensing Requirements and Limitations for IPv6

Restrictions and Guidelines

6.3 Licensing Requirements and Limitations for IPv6

Issue 01 (2018-12-05) Copyright © Huawei Technologies Co., Ltd. 166

Restrictions and Guidelines

Issue 01 (2018-12-05) Copyright © Huawei Technologies Co., Ltd. 167

Restrictions Guidelines Impact

Address assignment based None None

6.4 Configuring a DHCPv6 Relay Agent on the User Side

Issue 01 (2018-12-05) Copyright © Huawei Technologies Co., Ltd. 168

Configuring an IPv6 Remote Address

Configuring a DHCPv6 Server Group

Associating an Address Pool with a

Binding an IPv6 Remote Address

6.4.1 Configuring a Remote IPv6 Prefix Pool

Issue 01 (2018-12-05) Copyright © Huawei Technologies Co., Ltd. 169

6.4.2 Configuring a Remote IPv6 Address Pool

Issue 01 (2018-12-05) Copyright © Huawei Technologies Co., Ltd. 170

Step 7 Run commit

6.4.3 Configuring a DHCPv6 Server Group

Issue 01 (2018-12-05) Copyright © Huawei Technologies Co., Ltd. 171

The IPv6 address or outbound interface of a DHCPv6 server is configured.

Issue 01 (2018-12-05) Copyright © Huawei Technologies Co., Ltd. 172

Step 10 (Optional) Run dhcpv6-server { ipv6-address [ vpn-instance vpn-instance-name ] | interface

Step 11 Run commit

The configuration is committed.

6.4.4 Associating an Address Pool with a DHCPv6 Server Group

The system view is displayed.

Step 2 Run ipv6 pool pool-name bas remote

The remote address pool view is displayed.

Step 3 Run dhcpv6-server group group-name

An address pool is associated with a DHCPv6 server group.

Step 4 Run commit

The configuration is committed.

6.4.5 Binding an IPv6 Remote Address Pool to a Domain

Issue 01 (2018-12-05) Copyright © Huawei Technologies Co., Ltd. 173

The system view is displayed.

Step 2 Run aaa

The AAA view is displayed.

Step 3 Run domain domain-name

A domain is created and the domain view is displayed.

Step 4 Run ipv6-pool pool-name

The IPv6 remote address pool is bound to the domain.

Step 5 (Optional) Run ipv6-warning-threshold threshold-value

Step 6 Run commit

The configuration is committed.

6.4.6 (Optional) Enabling a Device to Insert the Option 18 and

The system view is displayed.

Issue 01 (2018-12-05) Copyright © Huawei Technologies Co., Ltd. 174

Step 2 Run interface interface-type interface-number [ .subinterface-number ]

The interface view is displayed.

Step 3 Run bas