SJ-20160119164028-016-ZXR10 5960 Series (V3.02.20) All 10-Gigabit Data Center Switch Configuration Guide (IPv6)

ZXR10 5960 Series
All 10–Gigabit Data Center Switch

Configuration Guide (IPv6)
Version: 3.02.20
ZTE CORPORATION
No. 55, Hi-tech Road South, ShenZhen, P.R.China
Postcode: 518057
Tel: +86-755-26771900
Fax: +86-755-26770801
URL: http://support.zte.com.cn
E-mail: 800@zte.com.cn
LEGAL INFORMATION
Copyright © 2017 ZTE CORPORATION.
The contents of this document are protected by copyright laws and international treaties. Any reproduction or
distribution of this document or any portion of this document, in any form by any means, without the prior written
consent of ZTE CORPORATION is prohibited. Additionally, the contents of this document are protected by
contractual confidentiality obligations.
All company, brand and product names are trade or service marks, or registered trade or service marks, of ZTE
CORPORATION or of their respective owners.
This document is provided “as is”, and all express, implied, or statutory warranties, representations or conditions
are disclaimed, including without limitation any implied warranty of merchantability, fitness for a particular purpose,
title or non-infringement. ZTE CORPORATION and its licensors shall not be liable for damages resulting from the
use of or reliance on the information contained herein.
ZTE CORPORATION or its licensors may have current or pending intellectual property rights or applications
covering the subject matter of this document. Except as expressly provided in any written license between ZTE
CORPORATION and its licensee, the user of this document shall not acquire any license to the subject matter
herein.
ZTE CORPORATION reserves the right to upgrade or make technical change to this product without further notice.
Users may visit the ZTE technical support website http://support.zte.com.cn to inquire for related information.
The ultimate right to interpret this product resides in ZTE CORPORATION.
Revision History
Revision No. Revision Date Revision Reason
R2.0 2017-02-28 Updated configuration commands and instances
R1.0 2016-02-28 First edition
Serial Number: SJ-20160119164028-016
Publishing Date: 2017-02-28 (R2.0)
SJ-20160119164028-016|2017-02-28 (R2.0) ZTE Proprietary and Confidential

Contents
About This Manual ......................................................................................... I
Chapter 1 IPv6 Address Configuration..................................................... 1-1
1.1 IPv6 Address Overview ...................................................................................... 1-1
1.2 Configuring IPv6 Addresses.............................................................................. 1-13
1.3 Maintaining IPv6 Addresses.............................................................................. 1-14
1.4 IPv6 Address Configuration Example................................................................. 1-15
Chapter 2 NDP Configuration.................................................................... 2-1

2.1 NDP Overview ................................................................................................... 2-1
2.2 Configuring NDP ................................................................................................ 2-2
2.3 NDP Maintenance and Diagnosis ........................................................................ 2-6
2.4 NDP Configuration Example ............................................................................... 2-7
Chapter 3 IPv6 Tunnel Configuration ....................................................... 3-1

3.1 IPv6 Tunnel Overview......................................................................................... 3-1
3.2 Configuring IPv6 Tunnel ..................................................................................... 3-4
3.3 IPv6 Tunnel Configuration Examples ................................................................... 3-6
3.3.1 6in4 Tunnel Configuration Example ........................................................... 3-6
3.3.2 6to4 Tunnel Configuration Example ........................................................... 3-8
Chapter 4 IPv6 ACL Configuration............................................................ 4-1

4.1 IPv6 ACL Overview ............................................................................................ 4-1
4.2 Configuring IPv6 ACL ......................................................................................... 4-1
4.3 IPv6 ACL Maintenance and Diagnosis ................................................................. 4-7
4.4 IPv6 ACL Configuration Example ........................................................................ 4-8
Chapter 5 IPv6 Static Route Configuration .............................................. 5-1

5.1 IPv6 Static Route Overview................................................................................. 5-1
5.2 Configuring IPv6 Static Routes............................................................................ 5-1
5.3 Maintaining IPv6 Static Routes............................................................................ 5-2
5.4 IPv6 Static Route Configuration Example............................................................. 5-4
Chapter 6 RIPng Configuration ................................................................. 6-1

6.1 RIPng Overview ................................................................................................. 6-1
6.2 Configuring the RIPng ........................................................................................ 6-3
6.3 RIPng Maintenance and Diagnosis...................................................................... 6-7
6.4 RIPng Configuration Example ............................................................................. 6-9

Chapter 7 OSPFv3 Configuration.............................................................. 7-1
7.1 OSPFv3 Overview.............................................................................................. 7-1
7.2 Configuring OSPFv3........................................................................................... 7-5
7.3 OSPFv3 Maintenance and Diagnosis ................................................................ 7-13
7.4 OSPFv3 Configuration Examples ...................................................................... 7-15
7.4.1 OSPFv3 Configuration Example 1 ........................................................... 7-15
7.4.2 OSPFv3 Configuration Example 2 ........................................................... 7-18
Chapter 8 IS-ISv6 Configuration ............................................................... 8-1

8.1 IS-ISv6 Overview ............................................................................................... 8-1
8.2 Configuring IS-ISv6 ............................................................................................ 8-2
8.3 Maintaining IS-ISv6 .......................................................................................... 8-13
8.4 IS-ISv6 Configuration Examples ........................................................................ 8-17
8.4.1 Single-Area IS-ISv6 Configuration Example ............................................. 8-17
8.4.2 Multi-Area IS-ISv6 Configuration Example ............................................... 8-21
Chapter 9 BGP4+ Configuration ............................................................... 9-1

9.1 BGP4+ Overview ............................................................................................... 9-1
9.2 Configuring BGP4+ ............................................................................................ 9-1
9.3 Maintaining BGP4+ ............................................................................................ 9-2
9.4 BGP4+ Configuration Examples .......................................................................... 9-8
9.4.1 BGP4+ Route Reflector Configuration Example.......................................... 9-8
9.4.2 BGP4+ General Configuration Example ................................................... 9-10
Chapter 10 IPv6 QoS Configuration........................................................ 10-1

10.1 IPv6 QoS Overview ........................................................................................ 10-1
10.2 Configuring IPv6 QoS ..................................................................................... 10-1
10.3 IPv6 QoS Configuration Examples................................................................... 10-1
Chapter 11 IPv6 Multicast Configuration................................................ 11-1

11.1 IPv6 Multicast Overview ...................................................................................11-1
11.2 Configuring Public IP Multicast .........................................................................11-3
Chapter 12 MLD Configuration................................................................ 12-1

12.1 MLD Overview ............................................................................................... 12-1
12.2 Configuring MLD ............................................................................................ 12-2
12.3 Maintaining MLD ............................................................................................ 12-6
12.4 MLD Configuration Examples .......................................................................... 12-8
12.4.1 MLDv2 Configuration Example .............................................................. 12-8
12.4.2 Static Group Configuration Example .....................................................12-10
Chapter 13 IPv6 PIM-SM Configuration .................................................. 13-1
II

13.1 PIM-SM Overview .......................................................................................... 13-1
13.2 Configuring IPv6 PIM-SM................................................................................ 13-3
13.3 IPv6 PIM-SM Maintenance and Diagnosis........................................................ 13-9
13.4 IPv6 PIM-SM Configuration Example ..............................................................13-17
Chapter 14 IPv6 PIM-SSM Configuration................................................ 14-1

14.1 PIM-SSM Overview ........................................................................................ 14-1
14.2 Configuring IPv6 PIM-SSM ............................................................................. 14-1
14.3 IPv6 PIM-SSM Maintenance and Diagnosis ..................................................... 14-2
14.4 IPv6 PIM-SSM Configuration Example............................................................. 14-2
Chapter 15 IPv6 Static Multicast Configuration..................................... 15-1

15.1 IPv6 Static Multicast Introduction ..................................................................... 15-1
15.2 Configuring IPv6 Static Multicast ..................................................................... 15-2
15.3 Maintaining IPv6 Static Multicast ..................................................................... 15-3
15.4 IPv6 Static Multicast Configuration Example..................................................... 15-3
Chapter 16 ISATAP Tunnel Configuration .............................................. 16-1

16.1 ISATAP Tunnel Overview ................................................................................ 16-1
16.2 Configuring an ISATAP Tunnel ........................................................................ 16-2
16.3 ISATAP Configuration Example ....................................................................... 16-3
Chapter 17 IPv6 URPF Configuration ..................................................... 17-1

17.1 URPF Overview ............................................................................................. 17-1
17.2 Configuring IPv6 URPF................................................................................... 17-2
17.3 URPF Maintenance and Diagnosis .................................................................. 17-2
17.4 URPF Configuration Example.......................................................................... 17-3
Chapter 18 IPv6 Basic Configuration ..................................................... 18-1

Chapter 19 TCP6 Configuration .............................................................. 19-1
19.1 TCP6 Overview .............................................................................................. 19-1
19.2 Configuring the TCP6 ..................................................................................... 19-1
19.3 TCP6 Maintenance and Diagnosis................................................................... 19-3
Chapter 20 UDP6 Configuration.............................................................. 20-1

Chapter 21 DHCPv6 Configuration ......................................................... 21-1
21.1 DHCPv6 Overview ......................................................................................... 21-1
21.2 Configuring DHCPv6 ...................................................................................... 21-3
21.3 Maintaining DHCPv6 ...................................................................................... 21-9
21.4 DHCPv6 Configuration Examples ...................................................................21-10
21.4.1 DHCPv6 Server Configuration Instance ................................................21-10
21.4.2 DHCPv6 Relay Configuration Instance..................................................21-13
III

Figures............................................................................................................. I
Tables ............................................................................................................ III
Glossary .........................................................................................................V
IV

About This Manual
Purpose
This manual is the ZXR10 5960 Series (V3.02.20) All 10-Gigabit Data Center Switch
Configuration Guide (IPv6), which describes the functions, principles, configuration
commands, maintenance commands, and configuration instances of the ZXR10 5960.
Intended Audience
This manual is intended for:
l Network planning engineers

l Commissioning engineers
l On-duty personnel
What Is in This Manual

This manual contains the following chapters:
Chapter 1, IPv6 Address Configuration Describes IPv6 address, configuration

commands, maintenance commands and
configuration examples on the ZXR10 5960.
Chapter 2, NDP Configuration Describes NDP technology and principle,

configuration commands, maintenance
commands and configuration examples on the
ZXR10 5960.
Chapter 3, IPv6 Tunnel Configuration Describes IPv6 tunnel technology and principle,
ZXR10 5960.
Chapter 4, IPv6 ACL Configuration Describes IPv6 ACL technology and principle,
ZXR10 5960.
Chapter 5, IPv6 Static Route Configuration Describes IPv6 static route technology and
principle, configuration commands, maintenance
ZXR10 5960.
Chapter 6, RIPng Configuration Describes RIPng technology and principle,

ZXR10 5960.

Chapter 7, OSPFv3 Configuration Describes OSPFv3 technology and principle,
ZXR10 5960.
Chapter 8, IS-ISv6 Configuration Describes IS-ISv6 technology and principle,

ZXR10 5960.
Chapter 9, BGP4+ Configuration Describes BGP4+ technology and principle,

ZXR10 5960.
Chapter 10, IPv6 QoS Configuration Describes IPv6 QoS technology and principle,
ZXR10 5960.
Chapter 11, IPv6 Multicast Configuration Describes IPv6 multicast technology and
ZXR10 5960.
Chapter 12, MLD Configuration Describes MLD technology and principle,

ZXR10 5960.
Chapter 13, IPv6 PIM-SM Configuration Describes IPv6 PIM-SM technology and
ZXR10 5960.
Chapter 14, IPv6 PIM-SSM Configuration Describes IPv6 PIM-SSM technology and
ZXR10 5960.
Chapter 15, IPv6 Static Multicast Configuration Describes IPv6 Static Multicast technology and
ZXR10 5960.
Chapter 16, ISATAP Tunnel Configuration Describes ISATAP tunnel technology and
ZXR10 5960.
II

Chapter 17, IPv6 URPF Configuration Describes IPv6 URPF technology and principle,
ZXR10 5960.
Chapter 18, IPv6 Basic Configuration Describes frequently used IPv6 configuration
commands and maintenance commands.
Chapter 19, TCP6 Configuration Describes TCP6 principles and maintenance

commands.
Chapter 20, UDP6 Configuration Describes UDP6 principles and maintenance

commands.
Chapter 21, DHCPv6 Configuration Describes UDP6 principles, configuration

commands, maintenance commands and
configuration examples on the ZXR10 5960.
Conventions
This manual uses the following typographical conventions:
Italics Variables in commands. It may also refer to other related manuals and documents.
Bold Menus, menu options, function names, input fields, option button names, check boxes,
drop-down lists, dialog box names, window names, parameters, and commands.
Constant Text that you type, program codes, filenames, directory names, and function names.
width
[] Optional parameters.
{} Mandatory parameters.
| Separates individual parameters in a series of parameters.
Danger: indicates an imminently hazardous situation. Failure to comply will result in

death or serious personal injury.
Warning: indicates a potentially hazardous situation. Failure to comply can result in

death or serious personal injury.
Caution: indicates a potentially hazardous situation. Failure to comply can result in

moderate or minor personal injury.
Notice: indicates equipment or environment safety information. Failure to comply

can result in equipment damage, data loss, equipment performance degradation,
environmental contamination, or other unpredictable results.
Note: provides additional information about a topic.
III

This page intentionally left blank.
IV

Chapter 1
IPv6 Address Configuration
Table of Contents
IPv6 Address Overview ..............................................................................................1-1
Configuring IPv6 Addresses .....................................................................................1-13
Maintaining IPv6 Addresses .....................................................................................1-14
IPv6 Address Configuration Example .......................................................................1-15
1.1 IPv6 Address Overview

Introduction to IPv6
Internet Protocol (IP) version 6 is a new IP protocol, designed to replace IP version 4,
the Internet protocol that is predominantly deployed and extensively used throughout the
world.
However, the original design did not anticipate the following conditions:
l Recent exponential growth of the Internet and the impending exhaustion of the Internet
Protocol version 4 (IPv4) address space.
l Growth of the Internet and the ability of Internet backbone routers to maintain large
routing tables.
l Need for simpler auto configuration and renumbering.
l Requirement for security at the IP level.
l Need for better support to real-time delivery of data—also called Quality of Service
(QoS).
Note:
Features such as IP Security Protocol (IPSec) and QoS have been specified for both
versions of IP.
Internet Protocol Version 6 (IPv6) features a huge address capacity up to 128 bits, which
is described as below:
l It provides 2128 different IPv6 addresses, that is, the
number of the allocable addresses around the world is
340,282,366,920,938,463,463,374,607,431,768,211,456.
1-1

ZXR10 5960 Series Configuration Guide (IPv6)
l It provides 2.2×1020 addresses per cm2 if addresses are allocated based on ground
area of the whole world.
The following are differences between IPv4 and IPv6 in header format.
Figure 1-1 and Figure 1-2 are the header formats of IPv4 and IPv6 respectively. (Numbers
in the tables refer to bit numbers.)
Figure 1-1 IPv4 Header Format
Figure 1-2 IPv6 Header Format
An IPv6 header is simpler than an IPv4 header in structure because many fields in the
IPv4 header that are not frequently used are deleted from the IPv6 header, and are put
into its options and header extension, which are defined more strictly.
l IPv4 contains ten fields with fixed length, two address spaces and some options, while
IPv6 contains only six fields and two address spaces.
l Although an IPv6 header occupies 40 bytes, which is 1.6 times of an IPv4 header with
24-bytes, it does not consume too much memory capacity due to its fixed length (the
length of the IPv4 header is variable).
l The following six fields are deleted from an IPv4 header: header length, type of
service, identifier, flags, fragmented offsets and header checksum. Names and
some functions of the three fields of total length, protocol and Time to Live (TTL) are
changed, and its optional functions is completely changed. Apart from this, two fields
are added: traffic type and flow label.
1-2

Chapter 1 IPv6 Address Configuration
l The IPv6 header format is greatly simplified, which effectively pares down overhead of
processing header by a router or switch. At the same time, IPv6 enhances the support
to the extension header and options, which not only allows more efficient forwarding,
but also provides sufficient supports for future load of new applications to networks.
Each IPv6 packet can have 0, 1 or more extension headers. Each extension header
is determined by the "next header" domain of the previous header.
Address Classifications
In RFC 2373, addresses are classified based on the address prefix. For a list of IPv6
address types, refer to Table 1-1.
Table 1-1 IPv6 Address Types
Address Type Prefix (Binary)
Unassigned addresses 00...0(128 bits)[::/128]
Loopback addresses 00...1(128 bits )[::1/128]
Multicast addresses 11111111[FF00::/8]
Link-local unicast addresses 1111111010[FE80::/10]
Global unicast addresses Others
The broadcast address in IPv6 is not valid any more. RFC2373 defines three types of IPv6
address:
l Unicast
It is the identifier of a single interface. The packets sent to a unicast address will be
transmitted to the interface with this address identifier.
l Multicast
It is the identifier of a group of interfaces. These interfaces belong to different nodes.
The packets sent to a multicast address will be transmitted to all the interfaces with
this address identifier.
l Anycast
It is the identifier of a group of interfaces. These interfaces belong to different nodes.
The packets sent to an anycast address will be transmitted to an interface with this
address identifier (selecting the nearest one by calculating the distance based on
routing protocol).
An IPv6 unicast address can be regarded as an entity with two fields. One field is used
to identify networks and the other is used to identify interfaces of nodes on this network.
In the subsequent description of the specific unicast address types, the user will find that
the network identifier can be divided into several parts, each of which identifies different
network part.
1. Unicast address
1-3

An IPv6 unicast address can have a varied-length prefix. For the structure of the IPv6
unicast address, refer to Figure 1-3.
Figure 1-3 Structure of an IPv6 unicast address
The IPv6 unicast address can be classified into the following categories:
l Aggregatable Global Unicast Address
This is another kind of aggregation, which is independent of Internet Service
Provider (ISP). The provider aggregatable addresses must be changed as a
provider changes, while the exchange-based addresses are directly located by
an IPv6 switching entity. The exchange provides address blocks, and users and
providers conclude contracts for the network access.
Such network access is either directly provided by a provider, or indirectly provided
by an exchange. However, the routing is through the exchange. In this way, a user
needs not to address again when it changes a provider. At the same time, users
are allowed to use multiple ISPs to process single-block network address.
Aggregatable global unicast addresses include all the addresses whose three
starting bits are 001, which can be used as prefixes for other unallocated
unicast.Table 1-2 lists the aggregatable global unicast address fields.
Table 1-2 Aggregatable Global Unicast Address Fields
3 13 8 24 16 64
FP TLA ID RES NLA ID SLA ID Interface identifier
The table includes the following fields.

à FP
This is the 3-bit format prefix in an IPv6 address, indicating to which address
category in the IPv6 address space this address belongs. Currently, the field
is 001, indicating this is the aggregatable global unicast address.
à TLA ID
This is the top-level aggregation identifier, including the routing information
about the addresses at the highest level. Here, it refers to the routing
information with the most hosts in network interconnection. Currently, this
field is 13-bit and can obtain at most 8,192 different top level routes.
à RES
This is an 8-bit field and reserved for future use. It is likely to be used for
extending the top- or next-level aggregation identifier field.
à NLA ID
1-4

This is the next-level aggregation identifier with 24-bit. This identifier is

used by some institutions (including large-size ISPs and other institutions
that provide public network access) to control the top-level aggregation for
address space arrangement.
Such institutions can divide this 24-bit field for use in accordance with their own
addressing hierarchical structures. In this way, an entity can divide two bits of
address space into four internal top-level routes, and allocate the other 22 bits of
address space to other entities (for example, a small local ISP).
When these entities obtain enough address space, they can subdivide the
obtained space in the same way as mentioned above.
à SLA ID
This is the site aggregation identifier and is used by some institutions to
arrange their internal network structures. Each institution can create its own
internal hierarchical network structure in the same way as that of IPv4.
When the 16-bit field is dedicated to the plane address space, there are
at most 65,535 different subnets available. If the first eight bits are used
for the internal advanced routing of this institution, then there will be 255
advanced subnets available, and each advanced subnet can have up to 255
sub-subnets.
à Interface identifier
This is a 64-bit field, containing 64-bit values of the IEEE EUI-64 interface
identifier.
l Special Address & Reserved Address
In the first 1/256 IPv6 address space, the first 8 bits 0000 0000 of all the addresses
are reserved. Most of the vacant address spaces are used for special addresses,
including:
à Undesignated address
This is an all-zero address and is used if no valid address is available. For

example, if a host does not obtain an IPv6 address upon its initial startup
from the network, it can use this address. That is, it can specify this address
for the source address of the IPv6 packet when it sends out a request for
configuration information. This address can be expressed as 0:0:0:0:0:0:0:0,
or expressed as ::.
à Loopback address
In IPv4, the loopback address is defined as 127.0.0.1. Any packet that sends
a loopback address must be sent to a network interface through protocol
stack, instead of being sent to the network link. The network interface itself
shall accept these packets in the same way as it receives packets from
external nodes, and transmits them back to the protocol stack.
1-5

The loopback function is used for software test and configuration. Except
the lowest bit, all the other bits of an IPv6 loopback address are 0, that is, a
loopback address can be expressed as 0:0:0:0:0:0:0:1 or ::1.
à IPv6 address embedded with IPv4 address
In the RFC 2373, IPv6 provides two kinds of addresses. One is the
IPv4-compatible address, which allows the IPv6 node to access IPv4 nodes
that do not support IPv6.. The other is the IPv4-mapping address, which
allows the IPv6 router to transmit IPv6 packets over the IPv4 network in the
tunnel mode, where the nodes understand both IPv4 and IPv6.
The high-order 80 bits of these two kinds of addresses are all set to zeros,
and the low-order 32 bits contain the IPv4 address. If the middle 16 bits of
an address are set to FFFF, it indicates that this address is the IPv6 address
mapping to IPv4 address. For the address structures of these two kinds of
addresses, refer to Table 1-3.
Table 1-3 Structure of the IPv6 Address Embedded With IPv4 Address
IPv4 Compatible Address
80 16 32
0000.................................0000 0000 IPv4 address
IPv4 image address
80 16 32
0000.................................0000 FFFF IPv4 address
RFC 4291 specifies that these addresses are not used in the IPv6 transition
mechanism. It is not required for new implementations to support the above
address structures.
l Link Local Address and Site-Local Address
Using the network Model 10 address to translate IPv4 network addresses provides
an option for the institutions that do not want to apply for globally unique IPv4
network addresses.
A router that resides outside of an institution but used by the institution shall not
forward these addresses. It can neither prevent these addresses from being
forwarded, nor distinguish these addresses from other valid IPv4 addresses. It
is comparatively easier to make configurations for a router to enable it to forward
these addresses.
To realize this function, IPv6 allocates two different address segments from the
globally unique Internet space. Table 1-4 is originated from RFC 4291, indicating
the structures of link-local and site-local addresses. Site-local addresses were
originally designed to be used for addressing inside a site without the need for
a global prefix. The special behavior of this prefix is no longer supported in
new implementations (meaning that new implementations must treat this prefix as
1-6

Global Unicast). Existing implementations and deployments may continue using

this prefix.
Table 1-4 Structures of Link-local Address and Site-local Address
Link-local Address
10 54 64
1111111010 0 Interface identifier
Site-local Address
10 38 16 64
1111111011 0 Subnet Interface identifier

identifier
Link-local addresses are used in single network link for host numbering. The
address identified by the first ten bits of the prefix is the link-local address. Routers
do not process the packets with link-local addresses at their source end and
destination end because they will never forward these packets.
The middle 54 bits of this address are set to zero, its 64-bit interface identifier is in
the same IEEE structure as mentioned in the foregoing paragraphs, and the part
of this address space allows some networks to connect up to 264-1 hosts.
Link-local addresses are used for the single network link and site-local addresses
are used for sites. It means that site-local addresses can be used to transmit data
in the interconnected networks but cannot be directly routed to the global Internet
from a site.
Routers within a site can only forward packets within the site instead of forwarding
them outside of the site. The 10-bit prefix of a site-local address is immediately
followed by a succession of zeros, which is slightly different from that of a link-local
address. The subnet identifier of a site-local address is 16-bit, and its interface
identifier is still the 64-bit IEEE-based address.
l Open Systems Interconnection (OSI) Network Service Access Point (NSAP)
Address and Internetwork Packet Exchange (IPX) Address
One of the IPv6 objects is to unify the whole network world for among networks
of IP, IPX and OSI. To support this interoperability, IPv6 reserves 1/128 address
space for OSI NSAP address and network IPX address respectively.
At present, the IPX addresses have not been precisely defined. Refer to RFC
1888 (OSI NSAP and IPv6) for description of the NSAP address allocation.
2. Multicast Address
The format of the IPv6 multicast address is different from that of the IPv6 unicast
address. Multicast addresses can only be used as destination addresses. No packet
uses a multicast address as the source address. Table 1-5 shows the format of a
multicast address.
1-7

Table 1-5 Multicast Address Format
8 4 4 112
1111111 Flags Scope Group identifier
The first byte of the address format is set to full-one, identifying it as a multicast
address. The multicast address occupies the entire 1/256 of the IPv6 address space.
The other parts except the first byte of the multicast address format contain the
following three fields:
l Flags field
This field consists of four single bit flags. Currently, only the bit-4 is designated to
indicate that whether this address is a well-known multicast address designated
by the Internet numbering institution, or a temporary multicast address used in a
specific occasion.
If this flag bit is set to zero, it indicates that this address is a well-known address.
If this flag bit is set to one, it indicates that this address is a temporary address.
The other three flag bits are reserved for future use. The initialization value is 0.
l Scope field
This is a 4-bit field and is used to indicate the range of multicast. That is, whether
a multicast group only includes nodes within the same local network, the same
site or the same institution, or includes nodes that resides anywhere in the IPv6
global address space. The possible 4-bits value ranges from 0 to 15. For the
corresponding ranges, refer to Table 1-6.
Table 1-6 Multicast Scope Value
Hex Decimal Value
0 0 Reserved
1 1 Node-local range
2 2 Link-local range
3 3 Unallocated
4 4 Unallocated
5 5 Site-local range
6 6 Unallocated
7 7 Unallocated
8 8 Institution-local range
9 9 Unallocated
10 A Unallocated
11 B Unallocated
12 C Unallocated
1-8

Hex Decimal Value
13 D Unallocated
14 E Global range
15 F Reserved
l Group ID field
The 112-bit multicast ID field identifies a multicast group within a specified range
permanently or temporarily.
3. Anycast Address
A multicast address can be shared by many nodes in a sense. All the nodes of the
members of a multicast address expect to receive all the packets sent to this address.
A router connecting to five different local Ethernet networks shall forward a copy of
these multicast packets to each network respectively (supposing at least one node of
each network subscribes to this multicast address).
Anycast addresses are similar to multicast addresses. Although the two are in the
same case that an anycast address can be shared by multiple nodes, only one node
of an anycast address expects to receive the packet sent to the anycast address.
Anycast is helpful in providing services, especially those requiring no relationship
between client and server, such as, a domain name server and a time server.
A domain name server is nothing but a name server, which provides the same
performance whether it is located closely or remotely.
Similarly, a closely located time server is preferable in terms of accuracy. Therefore,
when a host sends a request to an anycast address to obtain information, it is the
nearest server associated to this anycast address that shall respond.
Anycast addresses are allocated outside of the normal IPv6 unicast address space.
Anycast addresses cannot be distinguished from unicast addresses in their forms, and
each member of an anycast address shall be explicitly configured to identify an anycast
address.
Address Expression Way

An IPv4 address is expressed in four parts separated by dots, that is, four numbers
separated by dots. The following are some legal IPv4 addresses expressed by decimal
integer: 0.5.3.1, 127.0.0.1, 201.199.244.101.
An IPv4 address is expressed as a group of four 2-bit hex integers or four 8-bit binary
integers, of which the latter one is seldom used.
The length of an IPv6 address is four times greater than an IPv4 address, and the
complicacy of expression for an IPv6 address is also four times greater than an IPv4
address. An IPv6 address can be basically expressed as X:X:X:X:X:X:X:X, among which
X is 4-bit hex integers (16-bit). Each number contains four bits, each integer contains four
1-9

numbers and each address contains eight integers. There are totally 128 bits (4 x 4 x 8 =
128). The following are some legal IPv6 addresses:
CDCD: 910A:2222:5498:8475:1111:3900:2020
1030:0:0:0:C9B4:FF12:48AA:1A2B
2000:0:0:0:0:0:0:1
All these integers are hex integers and those from A to F represent 10 to 15. Each integer
of an address must be indicated except for the starting zero. This is a relatively standard
way to express an IPv6 address. Apart from this, there are two more ways that are clearer
and easier to use.
Some IPv6 addresses contain a succession of zeros, similar to the second and the third
examples as mentioned above. In this case, the succession of zeros can be represented
by "pacing", as provided in the relevant standard.
That is to say, the address 2000:0:0:0:0:0:0:1 can be expressed as 2000::1, of which the
two colons mean that the address can be extended to a complete 128-bit address. In this
method, only when the 16-bit group is all-zero, can it be substituted by two colons, which
can only be used once in the address.
Table 1-7 shows examples for compressed formats of IPv6 addresses.
Table 1-7 IPv6 Address Compression
Add Type Normal Format Compressed Format
Unicast address 1080:0:0:0:8:800:200C:417A 1080::8:800:200C:417A
Multicast address FF01:0:0:0:0:0:0:101 FF01::101
Loopback address 0:0:0:0:0:0:0:1 ::1
Unspecified address 0:0:0:0:0:0:0:0 ::
In the environment mixed with IPv4 and IPv6, there may be a third way. The least
significant 32-bit in an IPv6 address can be used to express an IPv4 address in a mixed
way: X:X:X:X:X:X:d.d.d.d, among which X represents a 16-bit and d indicates a 8-bit
decimal integer.
For example, the address 0:0:0:0:0:0:10.0.0.1 is a legal IPv4 address. Therefore, this
address is expressed as: 10.0.0.1 by combining the two possible expressions.
An IPv6 address consists of two parts: subnet prefix and interface identifier. An IP node
address is expected to be expressed in a way similar to that of a CIDR address, as an
address carrying an extra value, indicating how many bits of the address is the mask.
An IPv6 node address indicates the length of a prefix by separating the length from the
IPv6 address with a slash.
For example, in the address of 1030:0:0:0:C9B4:FF12:48AA:1A2B/60, the length of the
prefix for routing is 60-bits
l IPv6 Host Address
1-10

An IPv6 host has many IPv6 addresses even if it has only one single interface. An
IPv6 host can have the following unicast addresses simultaneously.
à The link-local address of each interface
à The unicast address of each interface, which can be a site-local address or one
or more aggregable global addresses
à Loopback address (::1) of a loopback interface
In addition, each host must always keep receiving the data from the following multicast
addresses.
à Multicast addresses (FF01::1) of all the nodes within the node-local range
à Multicast addresses (FF02::1) of all the nodes within the link-local range
à Multicast address of the solicited-node (if the solicited-node group is added to an
interface of the host)
à Multicast address of a multicast group (if any multicast group is added to an
interface of the host)
l IPv6 Router Address
The following unicast addresses can be allocated to an IPv6 router:
à Link-local address of each interface
à Unicast address of each interface, which can be a site-local address or one or
more aggregable global addresses
à Subnet-router anycast address
à Other anycast addresses (optional)
à Loopback address (::1) of a loopback interface
Similarly, apart from these addresses, a router must always keep listening to the data
flow from the following multicast addresses.
à Multicast addresses (FF01::1) of all the nodes within the node-local range
à Multicast addresses (FF02::1) of all the nodes within the link-local range
à Multicast addresses (FF02::2) of all the routers within the link-local range
à Multicast addresses (FF05::2) of all the routers within the site-local range
à Multicast address of the solicited-node (if the solicited-node group is added to an
interface of the router)
à Multicast address of a multicast group (if any multicast group is added to an
interface of the router)
IPv6 Address Auto Configuration Technology

The state auto configuration employs the plug-and-play mode to insert a node into the
IPv6 network and starts it up without any manual interference. IPv6 has two different
mechanisms to shore up the plug-and-play network connection:
1-11

l State auto configuration

à Boot protocol (BOOTstrap Protocol (BOOTP)
à Dynamic Host Configuration Protocol (DHCP)
Both of the two mechanisms allow IP nodes to obtain configuration information from
a special BOOTP server or the DHCP server. These protocols use the state auto
configuration, that is, a server must retain and manage the state information of each
node.
l Stateless auto configuration
Apart from state auto configuration, IPv6 also employs a kind of auto configuration
service named stateless auto configuration. RFC2462 describes the IPv6 stateless
auto configuration.
For the stateless auto configuration, the local link must support multicast. Network
interface must be able to send and receive multicast packets. In the stateless auto
configuration process, the relevant nodes must meet the following requirements.
à A node for auto configuration must determine its own link-local address.
à Authenticate this link-local address to make sure that it is unique in the link.
à The node must determine the information to be configured. Such information can
be the IP address of this node, other configuration information, or both of them.
In case an IP address is needed, the node must determine whether to obtain it
through the stateless auto configuration or through the state auto configuration.
The procedure is as follows:
1. In the stateless auto configuration process, the host adds its network adapter MAC
address after the 1111111010 prefix of the link-local address to create a link-local
unicast address.
IEEE has modified the network adapter MAC address from 48-bit to 64-bit. If the
network adapter MAC address used by the host is still 48-bit, the IPv6 network
adapter driver will convert the 48-bit MAC address to the 64-bit MAC address in
accordance with an IEEE formula.
2. The host sends a neighbor discovery request to the address to check whether the
address is unique.
If there is no response to the request, it indicates that the link-local unicast address
configured by the host itself is unique. Otherwise, the host will use an interface
ID randomly created to form a new link-local unicast address.
3. Taking the address as the source address, the host sends a router solicitation in
the multicast way to all the routers within the local link to request configuration
information. Routers respond to it with a router advertisement containing the
prefix of an aggregable global unicast address and other relevant configuration
information.
1-12

The host automatically uses the global address prefix obtained from routers and
its own interface ID to automatically configure a global address to communicate
with other hosts within the Internet.
1.2 Configuring IPv6 Addresses

To configure IPv6 addresses, perform the following steps:
Step Command Function
1 ZXR10(config)#interface vlan<vlan-id> Enters the interface

configuration mode.
2 ZXR10(config-if-vlanx)#ipv6 enable Enables the IPv6 protocol.
ZXR10(config-if-vlanx)#ipv6 address <ipv6-address>/<p Configures an IPv6 address on

refix-length>[{eui-64|anycast}] an interface.
ZXR10(config-if-vlanx)#ipv6 address link-local Configures the IPv6 link local

<X:X::X:X> address of the interface.
ZXR10(config-if-vlanx)#ipv6 mtu <bytes> Sets the MTU of the IPv6

packets to be transmitted on
the interface.
3 ZXR10(config-if-vlanx)#ipv6 dad-attemps <number> Sets the maximum number

of times that an interface can
ZXR10(config-if-vlanx)#no ipv6 dad-attemps
detect an address, range:
0–10, default 3. To cancel the
setting, use the no form of this
command.
For a description of the parameters in Step 2, refer to the following table:
Parameter Description
<ipv6-address> Specifies the address to be configured on the interface. The

address format follows RFC 2373. 16 bits form a group and
groups are separated by colons. The address may also
assume the simplified mode as defined in RFC 2373.
<prefix-length> Specifies the prefix length of the IPv6 address in decimal

system, indicating the number of consecutive most significant
bits that form the prefix in the IPv6 address.
eui-64 EUI-64 address.
anycast Anycast address identifier.
<bytes> Specifies the MTU value in the unit of bytes. The default
value depends on the specific interface type. The minimum
value is 1,280 bytes, and the value range is 1280-9216.
1-13

1.3 Maintaining IPv6 Addresses

To maintain IPv6 addresses, run the following commands:
Command Function
ZXR10#show ipv6 interface <interface-name> Shows details about the specified

IPv6 interface.
ZXR10#show ipv6 interface brief <interface-name> Shows the brief information about
the specified IPv6 address.
The following is sample output from the show ipv6 interface <interface-name> command:
ZXR10(config)#show ipv6 interface vlan10
Interface vlan10 is up, line protocol is up,
IPv6 protocol is up
IPv6 is enabled, Hardware is Vlan
Hardware address is 00d0.d0be.0200
index 151
Bandwidth 1000000 Kbits
IPv6 MTU is 1500 bytes
inet6 fe80::2d0:d0ff:febe:200/10
inet6 1000::2/64
ND DAD is enabled, number of DAD attempts: 3
ND reachable time is 30000 milliseconds
ZXR10(config)#show ipv6 interface brief

mgmt_eth [disable/down]
unassigned
vlan10 [up/up]
fe80::2d0:d0ff:febe:200
1000::2/64
For a description of the sample output from the show ipv6 interface <interface-name>
command, refer to the following table:
Command Output Description
IPv6 is enable Indicates that IPv6 is enabled on the interface.
Hardware is Vlan Indicates that the interface is an VLAN interface.
HWaddr Indicates the physical address.
index Indicates the interface index.
Bandwidth Indicates the bandwidth.
[tentative]/[duplicated] Indicates the IPv6 address status.
1-14

[disable/down] [disable/down] indicates that IPv6 is disabled and the

interface protocol is down; [up/down] indicates that IPv6 is
enabled and the interface protocol is down.
1.4 IPv6 Address Configuration Example

General Description
As shown in Figure 1-4, the interface xgei-0/1/1/1 of S1 and the interface xgei-0/1/1/2 of S2
are directly connected with each other. It is required that S1 and S2 be able to successfully
ping each other.
Figure 1-4 IPv6 Address Configuration Example
Method
1. Configure the IP addresses of the interfaces of S1 and S2.
2. Check the configuration results and ensure that S1 and S2 can successfully ping each
other.
Steps
S1 configuration:
S1(config)#interface vlan10
S1(config-if-vlan10)#ipv6 enable
S1(config-if-vlan10)#ipv6 address 3ffe:100::1/64
Or:
S1(config-if-vlan10)#ipv6 address link-local fe80::1111:2222:3333:4444
S1(config-if-vlan10)#exit
S2 configuration:
S2(config-if-vlan10)#ipv6 address 3ffe:100::2/64
Or:
1-15

S2(config-if-vlan10)#ipv6 address link-local fe80::5555:6666:7777:8888

Verification
Verify the configuration results on S1:
S1#show ipv6 interface brief vlan10
vlan10 [up/up]
fe80::2d1:d1ff:fe3a:7be1
3ffe:100::1/64
S1#ping6 3ffe:100::2
sending 5,100-byte ICMP echo(es) to 3FFE:100:0:0:0:0:0:2,timeout is 2 second(s).
!!!!!
Success rate is 100 percent(5/5),round-trip min/avg/max= 9/13/25 ms
Verify the configuration results on S2:

S2#show ipv6 interface brief vlan10
Vlan10 [up/up]
fe80::1422:30ff:fec4:e999
3ffe:100::2/64
S2#ping6 3ffe:100::1
sending 5,100-byte ICMP echo(es) to 3FFE:100:0:0:0:0:0:1,timeout is 2 second(s).
!!!!!
Success rate is 100 percent(5/5),round-trip min/avg/max= 9/13/25 ms.
1-16

Chapter 2
NDP Configuration
Table of Contents
NDP Overview............................................................................................................2-1
Configuring NDP ........................................................................................................2-2
NDP Maintenance and Diagnosis ...............................................................................2-6
NDP Configuration Example.......................................................................................2-7
2.1 NDP Overview

Introduction to NDP
The Neighbor Discovery Protocol (NDP) implements the router discovery function of the
Address Resolution Protocol (ARP) and the Internet Control Message Protocol (ICMP)
as well as all functions of the redirection protocol in IPv4. It also provides a neighbor
unreachability detection mechanism.
When one IPv6 node appears on the network, the other IPv6 nodes on the link that directly
connects with the node can discover the node through the neighbor discovery protocol and
can further obtain its link layer address. IPv6 nodes can also search for routers through
the neighbor discovery protocol and maintain the reachability information of the active
neighboring nodes on the path. The neighbor discovery protocol solves the interactions
between nodes on the same link.
NDP Principle
The IPv6 NDP provides a group of solutions for solving communication-related problems.
The NDP supports address resolution, that is, it can resolve the IPv6 address of one IPv6
node interface into the corresponding link layer address.
The NDP supports router discovery. A host can detect the existence of routers through
the NDP and determine the IDs of the routers willing to forward packets.
The NDP supports prefix discovery. A router can distribute prefix information through the
NDP to the other connected links.
The NDP also supports neighbor unreachability detection. A node can determine the
bidirectional reachability of peer communication entities through the NDP.
All these functions of the NDP are mostly implemented by NDP packets loaded inside
ICMPv6 packets. For this reason, the NDP defines five types of ICMPv6 packets: Router
Solicitation (RS) packets, Router Advertisement (RA) packets, Neighbor Solicitation (NS)
packets, Neighbor Advertisement (NA) packets, and redirection packets.
2-1

A router will periodically send RA packets and may also use them as a response to the RS
packets it has received from hosts. Each RA packet may also contain prefix information,
link configuration information and IPv6 protocol parameters. It indicates the existence of
routers, and routers can forward the packet. The RA packet carries the information of the
routers. Such information helps a host make the next judgment for the packet to be sent.
The host discovers available routers through the RA packet and constructs a list of all the
discovered routers as the default router list.
A host may send an RS packet to inquire router configuration information and router-related
information. A time interval for consecutively sending RA packets has been set on each
router. The interval ranges from several seconds to several minutes. In order to avoid
long-time waiting before the configuration information is obtained and the communication
starts, the host may integrate the sending of RS packets as a part of its startup process.
A node can send an NS packet to interpret the link layer address of another node so as to
verify the reachability of that node and the address uniqueness of a specific link.
A node can send an NA packet as the response to an NS packet. It will also send
unsolicited NA packets to notify its own link layer address changes to other nodes.
2.2 Configuring NDP

To configure NDP, perform the following steps.
1 ZXR10(config)#interface vlan<vlan-id> Enters the interface

configuration mode.
2 ZXR10(config-if-vlanx)#ipv6 nd managed-config-flag Sets the managed-config-flag

field of the RA packets sent on
the interface, that is, sets the
value of M bit in the packets to
1.
ZXR10(config-if-vlanx)#no ipv6 nd managed-config-flag Clears the settings of the

managed-config-flag field and
restores the default value.
3 ZXR10(config-if-vlanx)#ipv6 nd other-config-flag Sets the other-config-flag field

of the RA packets sent on the
interface, that is, sets the value
of 0 bit in the packets to 1.
ZXR10(config-if-vlanx)#no ipv6 nd other-config-flag Clears the settings of the

other-config-flag field and
restores the default value.
2-2

Chapter 2 NDP Configuration
4 ZXR10(config-if-vlanx)#ipv6 nd prefix Sets the prefix option of the

<ipv6-prefix>/<prefix-length> [{<valid-lifetime> router response packets sent
<preferred-lifetime>} | off-link | no-autoconfig] on the interface. For the valid
lifetime and preferred lifetime,
the range is 0-4294967295.
The default value of the valid
lifetime is 2592000, and the
default value of the preferred
lifetime is 604800.
ZXR10(config-if-vlanx)#no ipv6 nd prefix Clears the prefix option of the

<ipv6-prefix>/<prefix-length> router response packets sent
on the interface.
5 ZXR10(config-if-vlanx)#ipv6 nd ra-interval <seconds> Specifies the interval for

sending router response
packets on the interface in the
unit of seconds. The value
range is 3-1800. The default
value is 600 seconds.
ZXR10(config-if-vlanx)#no ipv6 nd ra-interval Restores the default

advertisement interval.
6 ZXR10(config-if-vlanx)#ipv6 nd ra-lifetime <seconds> Specifies the value of the

ra-lifetime field in the router
response packets sent on the
interface in the unit of seconds.
The value range is 0-9000. The
default value is 1,800 seconds.
ZXR10(config-if-vlanx)#no ipv6 nd ra-lifetime Restores the default value of

the ra-lifetime field.
7 ZXR10(config-if-vlanx)#ipv6 nd reachable-time < Specifies the time within

milliseconds> which the remote neighbor
is considered as reachable
after the reachability of the
remote neighbor is confirmed
in the unit of milliseconds.
The default value is 30,000
milliseconds.
ZXR10(config-if-vlanx)#no ipv6 nd reachable-time Restores the default time.
2-3

8 ZXR10(config-if-vlanx)#ipv6 nd retransmit-time Specifies the value of the

<milliseconds> retransmit-time field in the
router response packets
in the unit of milliseconds.
The default value is 1,000
milliseconds.
ZXR10(config-if-vlanx)#no ipv6 nd retransmit-time Restores the default value of

the retransmit-time field.
9 ZXR10(config-if-vlanx)#ipv6 nd suppress-ra Prohibits the router from

sending router advertisement
packets. Router advertisement
packets are not sent by default.
ZXR10(config-if-vlanx)#no ipv6 nd suppress-ra Enables the router to send

router advertisement packets.
10 ZXR10(config-if-vlanx)#ipv6 nd ra-curhoplimit<hop Configures the counter limit

limit> of router advertisement hops,
range: 0–255, default: 64.
ZXR10(config-if-vlanx)#no ipv6 nd ra-curhoplimit Restores the hop limit of

routing advertisement to the
default value.
11 ZXR10(config-if-vlanx)#ipv6 nd staled-time Configures the staled-time of

ND entities in the neighbor
cache table. The time is in
unit of minute, range: 1-14400,
default: 1440.
ZXR10(config-if-vlanx)#no ipv6 nd staled-time Restores the default value of

the stale status period of the
nd entry in the neighbor's catch
table.
12 ZXR10(config-if-vlanx)#ipv6 nd stale-switch Configures reachability

detection after staled-time
expires.
ZXR10(config-if-vlanx)#no ipv6 nd stale-switch Disables reachability detection

after staled-time expires.
By default, the reachability
detection function is not
enabled.
2-4

13 ZXR10(config-if-vlanx)#ipv6 nd ra-linkmtu <mtu> Sets the mtu field in route

advertisement. Range:
0-1500, default: 1500.
ZXR10(config-if-vlanx)#no ipv6 nd ra-linkmtu Restores the default value

of the linkmtu in route
advertisement.
14 ZXR10(config-if-vlanx)#nd6 add <ipv6-address><hardw Adds a static entry to the

are-address> neighbor cache table.
ZXR10(config-if-vlanx)#nd6 delete <ipv6-address> Deletes a static entry from the

neighbor cache table.
15 ZXR10#clear nd-cache Clears all the entries in the

IPv6 neighbor cache table.
16 ZXR10(config-if-vlanx)#ipv6 dad-attemps <numbers> Sets the number of times for

checking duplicate addresses
by the interface, range: 0–10,
default: 3.
ZXR10(config-if-vlanx)#no ipv6 dad-attemps Restores the default number

of times for checking duplicate
addresses by the interface.
17 ZXR10(config-if-vlanx)#ipv6 nd redirect Enables the interface

redirection function.
ZXR10(config-if-vlanx)#no ipv6 nd redirect Disables the interface

redirection function.
The command parameters in step 4 are described as follows:
<ipv6-prefix> Indicates the network prefix included in the RA packet.
<prefix-length> Indicates the prefix length.
<valid-lifetime> Indicates the valid lifetime of the prefix in the unit of seconds.
Ranging in 0-4294967295. The default value is 2592000
seconds.
<preferred-lifetime> Indicates the preferred lifetime in the unit of seconds.

Ranging in 0-4294967295. The default value is 604800
seconds.
no-autoconfig Indicates that the hosts on the link cannot use the prefix for
IPv6 address auto configuration.
2-5

off-link Indicates that the L bit (Online flag) of the prefix is not set. By
default, the flag bit is set to 1.
If this flag is set to 1, it indicates that the prefix can be used
to determine whether addresses are online, that is, all the
addresses belonging to this prefix are online if this flag is
set whereas some addresses may be online but the other
addresses are offline if this flag is not set.
2.3 NDP Maintenance and Diagnosis

The ZXR10 5960 provides the following show commands to maintain the NDP:
Command Function
ZXR10#show nd6 cache Shows the IPv6 neighbor cache

table. The display results show
not only the entries generated by
the ND protocol for the routes to
neighbors but also static neighbor
cache entries.
The following example shows the outputs of the command show nd6 cache. This command
can be run to check the static ND entries and the ND entries dynamically learned including
the MAC address, the entry status, the age of this status, and the corresponding interface
name:
ZXR10#show nd6 cache
Total Cache Number Is:2
Only Current Valid Items Are Shown Below:
Address Link-Address Age Status Interface
8384::2 1234.1234.1234 static Reachable vlan11
fe80::5634 0000.2244.5500 18h17m1s Stale vlan34
The outputs of the command show nd6 cache are described as follows:
Address Indicates the IP address.
link-Address Indicates the link layer address.
age Indicates the age of the entry in this status or other attributes.
infinity: Indicates that the corresponding interface address
is infinitely valid.
static: Indicates that the entry is a static entry infinitely valid.
2-6

status Indicates the status of the ND entry. Incomplete: The

entry has been generated but the link layer address is not
determined because address resolution is under way.
Reachable: The known entry is recently reachable.
Stale: The known entry is recently unreachable. If
stale-switch function is configured, the neighbor reachability
is before the entity is deleted. Otherwise, the neighbor
reachability is not verified until there are communication
messages to the neighbor.
Delay: The known entry is recently unreachable and there are
communication messages to the neighbor. In this status, the
NS packet (also called the probe packet) will be delayed for a
period of time to provide the opportunity for the upper-layer
protocol to verify the reachability of the neighbor.
Probe: The neighbor reachability is indeterminate. A probe
message is sent to verify the reachability.
Interface Indicates the interface name of the entry.
2.4 NDP Configuration Example

General Description
This example describes how to configure static entries in the NDP neighbor cache table
of the interface VLAN10 on a switch.
Method
1. Enter the interface configuration mode, and add a static entry to the neighbor cache
table.
2. Show the content of the neighbor cache table, and check whether the static entry has
been successfully added.
Steps
Router configuration:
ZXR10(config)#interface vlan10
ZXR10(config-if-vlan10)#nd6 add 780::1 0000.0a00.1345
Verification
Verify the configuration results on the router:
ZXR10#show nd6 cache
Total Cache Number Is:1
2-7

Only Current Valid Items Are Shown Below

Address Link-Address Age Status Interface
780::1 0000.0a00.1345 static Reachable vlan10
The above results indicate that a static entry has been successfully added to the NDP
neighbor cache table.
2-8

Chapter 3
IPv6 Tunnel Configuration
Table of Contents
IPv6 Tunnel Overview ................................................................................................3-1
Configuring IPv6 Tunnel .............................................................................................3-4
IPv6 Tunnel Configuration Examples..........................................................................3-6
3.1 IPv6 Tunnel Overview

Introduction to IPv6 Tunnel
Tunneling is an encapsulation technology used to transmit another network protocol
through the use of one network protocol, that is, it utilizes one network transfer protocol
to encapsulate the data packets generated by other protocols into its own packets before
the packets are transmitted in the network.
The IPv6 over IPv4 tunnel mechanism is used to add an IPv4 header in the front of the
IPv6 data packet and then transfer the IPv6 packet through a tunnel so that the IPv6
packet traverses the IPv4 network to implement the interworking between two isolated
IPv6 networks, as shown in Figure 3-1.
Figure 3-1 Principles of the IPv6 over IPv4 Tunnel Mechanism
An IPv6 over IPv4 tunnel can be established between two hosts, between a host and a
router, or between two routers. The termination point of the tunnel may be the ultimate
destination of the IPv6 packet, or the packet may still need to be further forwarded.
Therefore, tunnels are classified into configured tunnels and automatic tunnels based on
the ways to obtain the destination IPv4 address of a tunnel.
l If the termination address of the IPv6 over IPv4 tunnel cannot be automatically
obtained from the destination address of the IPv6 packet but needs to be manually
3-1

configured, the tunnel is called a configured tunnel, such as a 6in4 tunnel or a GRE
tunnel.
l If the interface address of the IPv6 over IPv4 tunnel assumes a special
IPv4-embedded IPv6 address format (i.e. the IPv4 address of the tunnel termination
point can be automatically obtained from the destination address of the IPv6 packet),
the tunnel is called an automatic tunnel, such as a 6to4 tunnel or an ISATAP tunnel.
There is another type of IPv4 or IPv6 over IPv6 tunnel (see RFC 2473). The protocol
encapsulates an IPv4 or IPv6 data packet so that the encapsulated data packet can be
transmitted in another IPv6 network. The data packet after the encapsulation is an IPv6
tunnel packet, as shown in Figure 3-2.
Figure 3-2 Principles of the IPv4 (or IPv6) over IPv4 Tunnel
In the above figure, Original data refers to the IPv4 or IPv6 packet.
IPv6 Tunnel Principle

l 6in4 Tunnel
Figure 3-3 shows the operating principles of a 6in4 tunnel.
Figure 3-3 Principles of a 6in4 Tunnel
The 6in4 tunnel involves a tunnel encapsulation and decapsulation process.

à Encapsulation: If the packet egress interface is a tunnel interface when an IPv6
host or router or switch sends an IPv6 flow, the host or router first determines
the tunnel type. If the tunnel is a 6in4 tunnel, the host or router implements IPv4
3-2

Chapter 3 IPv6 Tunnel Configuration
header encapsulation. During the encapsulation, the source and destination

addresses of the IPv4 header are manually configured by the user. The
encapsulated packet is then sent according to the IPv4 packet sending process.
à Decapsulation: The process is just contrary to the encapsulation process. If the
protocol number in the IPv4 header of the received IPv4 packet is 41, the host or
router proceeds to the 6in4 decapsulation process and searches for the matched
tunnel number according to the source and destination addresses of the packet.
If the tunnel number is found, the host or router removes the IPv4 header added
during tunnel encapsulation and delivers the remaining IPv6 packet to the IPv6
packet receiving process for further handling.
l 6to4 Tunnel
Figure 3-4 shows the operating principles of a 6to4 tunnel.
Figure 3-4 Principles of a 6to4 Tunnel
A 6to4 tunnel is a point-to-multipoint auto tunnel used to connect multiple isolated IPv6
sites through an IPv4 network to an IPv6 network. It makes possible the automatic
acquisition of the IPv4 address at the termination point of the tunnel by embedding an
IPv4 address in the destination address of an IPv6 packet.
The 6to4 tunnel assumes a special 6to4 address in the format of
2002:abcd:efgh:Subnet ID::InterfaceID/64. Of the address, 2002 is a fixed IPv6
address prefix, abcd:efgh is a globally unique 32-bit IPv4 source address of the 6to4
tunnel in hexadecimal system (e.g. 1.1.1.1 can be expressed as 0101:0101), and
the rest portion uniquely identifies the position of a host in a 6to4 network. As the
termination point of the tunnel can be automatically determined by this embedded
IPv4 address, tunnel establishment becomes very convenient.
Because the 16-bit subnet ID in the 64-bit address prefix of the 6to4 address can be
user-defined whereas the first 48 bits of the prefix are a fixed number or determined by
the IPv4 address of the device at the start or termination point of a tunnel, it becomes
possible to forward IPv6 packets over the tunnel. The 6to4 tunnel makes possible the
interconnection of two IPv6 networks through an IPv4 network and thus conquers the
limitations of automatic IPv4-compatible IPv6 tunnels in practical use.
The 6to4 tunnel involves a tunnel encapsulation and decapsulation process.
3-3

à Encapsulation: If the egress interface of the sent IPv6 packet is a tunnel interface,
the host first determines the tunnel type. If the tunnel is a 6to4 tunnel, the host
implements IPv4 header encapsulation. During the encapsulation, the source
address is user-configured whereas the destination address is obtained from
the destination address of the packet. The encapsulated packet is then sent
according to the IPv4 packet sending process.
à Decapsulation: If the protocol number in the IPv4 header of the received IPv4
packet is 41, the host proceeds to the 6to4 decapsulation process and searches
for the matched tunnel number according to the source address of the packet.
If the tunnel number is found, the host removes the IPv4 header added during
tunnel encapsulation and delivers the remaining IPv6 packet to the IPv6 packet
receiving process for further handling.
3.2 Configuring IPv6 Tunnel

Configuring 6in4 Tunnel
To configure a 6in4 tunnel, perform the following steps:
1 ZXR10(config)#interface v6_tunnel<tunnel_no> Creates an IPv6 tunnel

interface. To delete the tunnel
interface, use the no format of
the command.
The parameter <tunnel_no>
indicates the tunnel number.
The number of tunnel interfaces
that can be created ranges
from 1 to 512.
2 ZXR10(config)#ipv6-tunnel-config Enters the IPv6 tunnel

configuration mode.
3 ZXR10(config-ipv6-tunnel)#interface v6_tunnel<tunne Enters the IPv6 tunnel interface

l_no> configuration mode.
4 ZXR10(config-ipv6-tunnel-if-v6_tunnelx)#tunnel Sets the current tunnel mode

mode ipv6ip 6in4 to 6in4. To cancel the current
tunnel mode, use the no format
of the command.
5 ZXR10(config-ipv6-tunnel-if-v6_tunnelx)#tunnel Specifies the source address

source ipv4<ipv4-address> of the tunnel. To delete the
source address configuration
of the tunnel, use the no format
of the command.
3-4

6 ZXR10(config-ipv6-tunnel-if-v6_tunnelx)#tunnel Specifies the destination

destination ipv4<ipv4-address> address of the tunnel. To
delete the destination address
configuration of the tunnel, use
the no of the command.
Configuring 6to4 Tunnel

To configure a 6to4 tunnel, perform the following steps:
1 ZXR10(config)#interface v6_tunnel1<tunnel_no> Creates an IPv6 tunnel

interface. To delete the tunnel
interface, use the no format of
the command.
The parameter <tunnel_no>
indicates the tunnel number.
The number of tunnel interfaces
that can be created ranges
from 1 to 512.
2 ZXR10(config)#ipv6-tunnel-config Enters the IPv6 tunnel

configuration mode.
3 ZXR10(config-ipv6-tunnel)#interface v6_tunnel<tunne Enters the IPv6 tunnel interface

l_no> configuration mode.
4 ZXR10(config-ipv6-tunnel-if-v6_tunnelx)#tunnel Sets the current tunnel mode

mode ipv6ip 6to4 to 6to4. To cancel the current
tunnel mode, use the no format
of the command.
5 ZXR10(config-ipv6-tunnel-if-v6_tunnelx)#tunnel Specifies the source address

source ipv4 <src_address> of the tunnel. To delete the
source address configuration
of the tunnel, use the no format
of the command.
3-5

3.3 IPv6 Tunnel Configuration Examples

3.3.1 6in4 Tunnel Configuration Example
Configuration Description
As shown in Figure 3-5, suppose S1 and S2 are dual-stack routers whereas PC1 and PC2
are IPv6 hosts. This example describes how to configure a 6in4 tunnel.
Figure 3-5 6in4 Tunnel Configuration Example
Configuration Thought
The 6in4 tunnel is of v6 nature and thus IPv6 needs to be enabled. The source address
of the tunnel is the IPv4 address of the local router, whereas the destination address is
the IPv4 address of the peer router. There must be a route for interworking between the
source address and the destination address of the tunnel (via the IPv4 routing protocol).
1. Create 6in4 tunnel interfaces and enable IPv6 on them.
2. Enter the tunnel configuration mode from the global mode, and then enter the 6in4
tunnel interface to be configured.
3. Configure the tunnel mode, the source address, and the destination address.
Configuration Commands
S1 configuration:
S1(config)#interface v6_tunnel3
S1(config-if-v6_tunnel3)#ipv6 enable
S1(config-if-v6_tunnel3)#ipv6 address 3172::27/64
S1(config-if-v6_tunnel3)#exit
S1(config)#ipv6-tunnel-config
S1(config-ipv6-tunnel)#interface v6_tunnel3
S1(config-ipv6-tunnel-if-v6_tunnel3)#tunnel mode ipv6ip 6in4
S1(config-ipv6-tunnel-if-v6_tunnel3)#tunnel destination ipv4 33.1.1.28
S1(config-ipv6-tunnel-if-v6_tunnel3)#tunnel source ipv4 33.1.1.27
3-6

S1(config-ipv6-tunnel-if-v6_tunnel3)#exit
S1(config-ipv6-tunnel)#exit
S1(config)#ipv6 route ::/0 v6_tunnel3
S1(config-if-vlan10)#ip address 33.1.1.27 255.255.0.0
S2 configuration:
S2(config-if-v6_tunnel3)#ipv6 address 3172::28/64
S2(config-ipv6-tunnel-if-v6_tunnel3)#tunnel mode ipv6ip 6in4
S2(config-ipv6-tunnel-if-v6_tunnel3)#tunnel destination ipv4 33.1.1.27
S2(config)#ipv6 route ::/0 v6_tunnel3
S2(config-if-vlan10)#ip address 33.1.1.28 255.255.0.0
Configuration Verification
Check the tunnel configurations on S1 and verify whether the configurations have taken
effect:
S1(config)#show running-config-interface v6_tunnel3
!<if-intf>
interface v6_tunnel3
ipv6 enable
ipv6 address 3172::2/64
$
!</if-intf>
!<ipv6-tunnel>
ipv6-tunnel-config
tunnel mode ipv6ip 6in4
tunnel source ipv4 33.1.1.27
tunnel destination ipv4 33.1.1.28
$
$
!</ipv6-tunnel>
!<ipv6-static-route>
ipv6 route::/0 v6_tunnel3
!</ipv6-static-route>
3-7

S1(config)#show ipv6 interface brief

v6_tunnel3 [up/up]
fe80::2d0:d0ff:fe52:abcf
3172::27/64
3.3.2 6to4 Tunnel Configuration Example

As shown in Figure 3-6, suppose S1 and S2 are dual-stack routers whereas PC1 and PC2
are IPv6 hosts. This example describes how to configure a 6to4 tunnel.
Figure 3-6 6to4 Tunnel Configuration Example
A 6to4 tunnel is of v6 nature and thus IPv6 needs to be enabled to connect the 6to4 node
prefixed with 2002::/16. The source end of the tunnel is bound with the IPv4 address of
the local router, and no destination address is required. The tunnel address must assume
a 2002::/16 prefix.
1. Create a 6to4 tunnel, configure IPv6 addresses, and enable IPv6.
2. Enter the tunnel configuration mode from the global mode, and then enter the 6to4
tunnel interface to be configured.
3. Configure the tunnel mode and the source address.
4. Advertise the tunnel route through static routing or BGP4+.
S1 configuration:
S1(config-if-v6_tunnel2)#ipv6 address 2002:0101:0101::1/64
3-8

S1(config-ipv6-tunnel-if-v6_tunnel2)#tunnel mode ipv6ip 6to4
S1(c config-ipv6-tunnel-if-v6_tunnel2)#tunnel source ipv4 1.1.1.1
S1(config)#ipv6 route 2002::/16 v6_tunnel2
S2 configuration:
S2(config-if-v6_tunnel2)#ipv6 address 2002:0101:0102::1/64
S2(config-ipv6-tunnel-if-v6_tunnel2)#tunnel mode ipv6ip 6to4
Check the tunnel configurations on S1 and verify whether the configurations have taken
effect:

!<if-intf>
ipv6 enable
ipv6 address 2002:101:101::1/64
$
!</if-intf>
!<ipv6-tunnel>
ipv6-tunnel-config
tunnel mode ipv6ip 6to4
$
$
!</ipv6-tunnel>
ipv6 route 2002::/16 v6_tunnel2
S1(config)#show ipv6 interface brief

v6_tunnel2 [up/up]
3-9

fe80::2d0:d0ff:fe52:abcf
2002:101:101::1/64
3-10

Chapter 4
IPv6 ACL Configuration
Table of Contents
IPv6 ACL Overview ....................................................................................................4-1
Configuring IPv6 ACL.................................................................................................4-1
IPv6 ACL Maintenance and Diagnosis........................................................................4-7
IPv6 ACL Configuration Example ...............................................................................4-8
4.1 IPv6 ACL Overview

The Access Control List (ACL) is a kind of flow classification policies used to implement
numerous functions such as port-ACL, Unicast Reverse Path Forwarding (URPF) and
policy routing.
The IPv6 ACL mechanism is used to filter packets by the fields in IPv6 packets. One IPv6
ACL can have multiple rules, with each rule describing certain matching conditions. For
a given packet, matching starts from the first rule. Once a packet matches a certain rule,
the permit or deny action set in the rule is returned.
4.2 Configuring IPv6 ACL

Configuring IPv6 ACL
To configure IPv6 ACL, perform the following steps.
1 ZXR10(config)#ipv6-access-list <acl-name> Configures the specified IPv6

ACL.
ZXR10(config)#no ipv6-access-list <acl-name> Deletes the specified IPv6

ACL.
4-1

2 ZXR10(config-ipv6-acl)#rule[<rule-id>]{permit | Configures the extended IPv6

deny}<protocol>{<source>| any}{<destination>| any}[{dscp ACL rule.
<value>}][time-range<name>][traffic-class<value>]
ZXR10(config-ipv6-acl)#rule[<rule-id>]{permit|den Configures the IPv6 ACL rule

y}tcp{<source>|any}[<oper><source-port>]{<destination>| based on TCP.
any}[<oper><destination-port>][{dscp <value>}][establishe
d][fin][psh][ack][rst][syn][urg][{dscp <value>}][ time-range
<name>][traffic-class<value>]
ZXR10(config-ipv6-acl)#rule[<rule-id>]{permit Configures the IPv6 ACL rule

|deny}udp{<source>|any}[<oper><source-port>]{<d based on UDP.
estination>| any}[<oper><destination-port>][{dscp
<value>}][time-range<name>][traffic-class<value]
ZXR10(config-ipv6-acl)#rule[<rule-id>]{permit | Configures the IPv6 ACL rule

deny}icmp{<source>|any}{<destination>|any}[<icmp-type>|<i based on ICMP.
cmp-code>][{dscp<value>}][time-range<name>][traffic-cl
ass<value>]
ZXR10(config-ipv6-acl)#rule[<rule-id>]{permit | This configures an ACL with an

deny}<protocol>{<source>| any }{<destination>| any}[authe IPv6 extended header.
n][destopts][esp][ fragments][ hop-by-hop][ routing]][{dscp
<value>}][time-range<name>][traffic-class<value>]
3 ZXR10(config-ipv6-acl)#no rule {<rule-id>| all} Deletes the specified IPv6 ACL

rule or all rules.
ZXR10(config-ipv6-acl)#move < target-rule-id>< Move the ACL.

target-New-rule-id>
4 ZXR10(config)#ipv6-access-group {interface Binds the specified IPv6 ACL

<interface-name>}{ingress | egress<acl-name>} to the specified interface.
ZXR10(config)#no ipv6-access-group {interface Deletes the bound IPv6 ACL

<interface-name>}{ingress | egress} from the specified interface.
5 ZXR10(config)#interface <interface-name> Enters the interface

configuration mode.
ZXR10(config-if-interface-name)#ipv6-access-group Binds the specified IPv6 ACL in

<interface-name>{ingress | egress}<acl-name> interface configuration mode.
ZXR10(config-if-interface-name)#no ipv6-access-gr Deletes the bound IPv6 ACL in

oup {ingress | egress} interface configuration mode.
4-2

Chapter 4 IPv6 ACL Configuration
<rule-id> Indicates the unique identity of a rule in the IPv6 ACL table.
This ID determines the sequence of the rule in the IPv6 ACL
table. It ranges from 1 to 2147483644.
If this parameter is not specified, the system inserts the rule
to the end of the table by default and allocates the rule-id
according to the default base and increment.
permit Indicates that the rule is the permit rule.
deny Indicates that the rule is the deny rule.
protocol Indicates the protocol type to be matched, which can be one

of the keywords "tcp", "udp" and "ip", or can be an integer
representing the IP protocol number and ranging from 0
to 255. If this parameter is set to "ip", it indicates that any
protocol type is matched.
source Indicates the source IPv6 address.
destination Indicates the destination IPv6 address.
oper Indicates the port operation type, which can be any of the
keywords "eq", "ge", "le", and "range". If this parameter is set
to "range", two port numbers need to be specified behind
"range".
<source-port> Indicates the source port number ranging from 0 to 65535.
<destination-port> Indicates the destination port number ranging from 0 to

65535.
dscp <value> Indicates the DSCP field. The value range is 0-63.
traffic-class<value> Indicates the traffic-class field. The value range is 0-255.
established, fin, rst, ack, urg, psh, syn Indicates TCP link establishment. This parameter is valid
for TCP only.
authen, destopts, esp, fragments, Fields in an IPv6 extended header.

hop-by-hop, routing
ingress Indicates that the IPv6 ACL is bound to the ingress direction
of the interface.
egress Indicates that the IPv6 ACL is bound to the egress direction
of the interface.
Configuring IPv6-MIXED-ACL
To configure the IPv6-MIXED-ACL on ZXR10 5960, use the following commands:
4-3

1 ZXR10(config)#ipv6-mixed-access-list <name> Configures an ACL list.
ZXR10(config)#no ipv6-mixed-access-list <name> To delete the ACL list, use this

command.
2 ZXR10(config-ipv6-mixed-acl)#rule [<rule-id>]{permit Configures the LINK ACL

| deny}[link-protocol<value>]{<source-mac><source based and extension based
mac-wildcard>| any }{destination-mac <destination IPv6 ACL rule.
mac-wildcard>| any }[{ inner-cos <value>| inner-vlan
<value>| outer-cos <value>| outer- vlan <value>}] tcp
{<source>| any}[<oper><source-port>]{<destination>|any}[<o
per><destination-port>][{dscp<value>}][established][fin][ps
h][ack][rst][syn][urg][ time-range <name>]
ZXR10(config-ipv6-mixed-acl)#rule [<rule-id>]{permit Configures the LINK ACL

| deny}[link-protocol<value>]{<source-mac><source based and TCP based IPv6
mac-wildcard>| any }{destination-mac <destination ACL rule.
<value>| outer-cos <value>| outer- vlan <value>}] tcp
{<source>| any}[<oper><source-port>]{<destination>|any}[<o
per><destination-port>][{dscp<value>}][establish][fin][psh][r
ange][rst][syn][urg][ time-range <name>]

| deny}[link-protocol<value>]{<source-mac><source based and UDP based IPv6
<value>| outer-cos <value>| outer- vlan <value>}]
udp {<source>| any}[<oper><source-port>]{<destination>|
any}[<oper><destination-port>][{dscp <value>}][time-range
<name>]

| deny}[link-protocol<value>]{<source-mac><source based and ICMP based IPv6
mac-wildcard>| any }[{ inner-cos <value>|
inner-vlan <value>| outer-cos <value>| outer-
vlan <value>}] icmp {<source>| any }{<destination>|
any}[<icmp-type>|<icmp-code>][{dscp <value>}][
time-range <name>]
ZXR10(config-ipv6-acl)#rule [<rule-id>]{permit Configures the LINK ACL

| deny}[link-protocol<value>]{<source-mac><source based IPv6 ACL rule that
mac-wildcard>| any }{destination-mac <destination carries the IPv6 extension
mac-wildcard>| any }[{ inner-cos <value>| prefix.
inner-vlan <value>| outer-cos <value>| outer-
vlan <value>}]<protocol>{<source>|any }{<destination>|any}[
4-4

authen][ destopts][ esp][ fragments][ hop-by-hop][ routing][

time-range <name>][traffic-class<value>]
3 ZXR10(config-ipv6-mixed-acl)#move < target-rule-id>< Moves an ACL rule.

target-New-rule-id>
4 ZXR10(config-ipv6-mixed-acl)#no rule {<rule-id>| all } Deletes an ACL rule/all rules.
Command parameters are describes as follows:
<rule-id> Indicates the unique identity of a rule in the ACL. This

ID determines the sequence of the rule. Range: 1 to
2147483646.
If this parameter is not set, the system inserts the rule to the
end of the ACL by default and sets the rule-id according to
the default base and increment.
permit Keyword indicating that the rule is a permit rule.
deny Keyword indicating that the rule is a deny rule.
protocol Protocol type to be matched, which can be set to "tcp", "udp"

or "ip", or an integer representing the IP protocol number
ranging from 0 to 255. If this parameter is set to "ip", it
indicates that any protocol type is matched.
source Source IPv6 address.
destination Destination IPv6 address.
oper Port operation type, which can be any of the keywords "eq",
"ge", "le", and "range". If this parameter is set to "range", two
port numbers need to be specified behind "range".
source-port Source port number, range: 0 to 65535.
destination-port Destination port number, range: 0 to 65535
precedence <value> Precedence. Range: 0 to 7
established ,fin,rst,ack,urg,psh,syn Keywords for TCP link establishment. This parameter is valid
for TCP only.
dscp <value> DSCP field, range: 0 to 63.
authen,destopts, esp, fragments, IPv6 extension prefix field.

hop-by-hop, routing
time-tange Time range.
established Keyword for TCP link establishment. This parameter is valid

for TCP only.
link-protocol Type of the level 2 protocol to be matched. Value: 34525.
4-5

source-mac Source MAC address, in the form of dotted hexadecimal

notation.
<source-mac-wildcard> Wildcard mask of the source MAC address, in the form of

dotted hexadecimal notation.
destination-mac Destination MAC address, in the form of dotted hexadecimal

notation.
<destination-mac-wildcard> Wildcard mask of the destination MAC address, in the form of

dotted hexadecimal notation.
inner-cos Priority of the VLAN header for the inner layer, range: 0 to 7.
inner-vlan ID of the VLAN header for the inner layer, range: 1 to 4094.
outer-cos Priority of the VLAN header for the outer layer, range: 0 to 7.
outer-vlan ID of the VLAN header for the outer layer, range: 1 to 4094.
Bind the VLAN to the IPv6 ACL

To bind the VLAN to the IPv6 ACL on the ZXR10 5960, perform the following steps:
1 ZXR10(config)#ipv6-access-group vlan <vlan-id>{ingress | The IPv6 ACL bound on the

egress}<acl-name> VLAN.
ZXR10(config)#no ipv6-access-group vlan Deletes the IPv6 ACL bound

<vlan-id>{ingress | egress} on the VLAN.
2 ZXR10(config)#ipv6-mixed-access-group vlan Binds mixed v6 ACL on the

<vlan-id>{ingress | egress}<acl-name> VLAN.
ZXR10(config)#no ipv6-mixed-access-group vlan Deletes the bound mixed v6

<vlan-id>{ingress | egress} ACL on the VLAN.
ingress Indicates that the ACL is bound to the ingress direction of

the interface.
egress Indicates that the ACL is bound to the egress direction of

the interface.
4-6

4.3 IPv6 ACL Maintenance and Diagnosis

IPv6 ACL Maintenance and Diagnosis
To maintain and diagnose IPv6 ACLs, use the following commands.
Command Function
ZXR10(config)#show ipv6-access-lists [{name <a Shows the IPv6 ACL list or brief
cl-name>[{from<value>|to <value>}]|[ brief [name information.
<acl-name>]|[config]}[|{begin|exclude|include}]
ZXR10(config)#show ipv6-access-groups [{by-access-list Shows the IPv6 ACL binding

<acl-name>|by-direction {ingress | egress}|by-interface-or-vlan information. The information can
{by-vlan<vlan-id>| by-interface<interface-name>}] be selectively displayed according
to the command parameters.
ZXR10(config)#show running-config ipv6-acl Shows the entire IPv6 ACL

information.
ZXR10(config)#show running-config port-acl Shows all the IPv6 ACL binding

information (and the IPv4 ACL
binding information as well if any
IPv4 ACL is bound).
The command parameters are described as follows.
Command Function
<acl-name> Shows IPv6 ACL information by the specified ACL name.
ingress/egress Shows ACL information by the ingress or egress.
<interface-name> Shows ACL information by the interface name.
The following example shows the outputs of the commandshow ipv6-access-lists:

ZXR10(config)#show ipv6-access-lists
ipv6-access-list kkk
1/1 (showed/total)
10 permit tcp 200:300::400:500/64 any
The following example shows the outputs of the command show ipv6-access-groups:
ZXR10(config)#show ipv6-access-groups
Interface name|vlan Direction ACL name
--------------------------------------------
xgei-0/1/1/1 Ingress kkk
The following example shows the outputs of the command show running-config port-acl:
ZXR10(config)#show running-config port-acl
!<port-acl>
interface xgei-0/1/1/1
4-7

ipv4-access-group ingress lll

ipv6-access-group ingress kkk
$
!</port-acl>
IPv6 mixed-ACL Maintenance and Diagnosis

To maintain and diagnose MIXED-ACL, use the following commands.
Command Function
ZXR10#show ipv6-mixed-access-lists name<acl-name>[{from<valu Shows the ACL list.

e>|to <value>}|{begin|exclude|include}]
ZXR10#show ipv6-mixed-access-lists brief {name<acl-name>|[|{beg Shows the brief information.

in|exclude|include}]}
ZXR10#show ipv6-mixed-access-lists |{begin|exclude|include} Shows the ACL list
ZXR10#show ipv6-mixed-access-lists config {begin | exclude | Shows the ACL configured in the
include} system database.
ZXR10#show ipv6-mixed -access-groups[by-access-list Shows the ACL binding

<acl-name>|by-direction {ingress | egress}|by-interface-or-vlan information.
{by-vlan<vlan-id>| by-interface<interface-name>}]
Parameter Function
<acl-name> Shows IPv6 MIXED ACLinformation by the specified ACL

name.
ingress | egress Shows ACL information by the ingress or egress.
<interface-name> Shows ACL information by the interface name.
4.4 IPv6 ACL Configuration Example

General Description
In the network as shown in Figure 4-1, suppose both PC1 and PC2 send telnet requests
through S2 to S1. S1 expects to receive the login requests of PC1 only but not the login
requests of PC2. Then an ACL can be bound to the ingress direction of the interface
xgei-0/1/1/3 to filter out the telnet packets from PC2 (or the ACL may be bound to the
egress direction of the interface xgei-0/1/1/4).
4-8

Figure 4-1 IPv6 ACL Configuration Example
In this case, it is only necessary to create one ACL and add the following rule to this
ACL: Deny the telnet packets matching the IP address of PC2 and using the protocol type
TCP and the port type telnet. Then bind the ACL to the ingress direction of the interface
xgei-0/1/1/3 or the egress direction of the interface xgei-0/1/1/4.
After the above configuration is completed, the requests initiated by PC2 will not reach S1
but will be discarded when they reach S2 even if PC2 has obtained the telnet username
and password of S1. The other communications of S1 and PC2, however, will not be
affected.
Method
1. First create an ipv6-access-list. During the creation, a customized name can be
assigned to this list but the length of the name shall not exceed 31 characters.
2. Enter the IPv6 ACL configuration mode after the list is created and then add rules. A
packet type can be specified for each rule, and the permit or deny action applies to
the packet type.
3. Bind the customized ipv6-access-list to the ingress or egress direction of the interface
to which traffic filtering applies.
Steps
S2 configuration:
S2(config)#ipv6-access-list test
S2(config-ipv6-acl)#rule deny tcp 100:1::1:2/128 110:1::1:2/128 eq 23
S2(config-ipv6-acl)#rule permit ip any any
S2(config-ipv6-acl)#exit
S2(config)#ipv6-access-group xgei-0/1/1/3 ingress test
Verification
Check the configured ACL in one of the following three modes:
/*Check all the ACLs on the router. In this mode, all the names
and number of ACLs are shown.*/
4-9

S2(config)#show ipv6-access-lists brief

No. ACL RuleSum
---------------------------------
1 test 2
/*Check the ACL of the specified name. In this mode, information

about the number of rules of the specified ACL is shown.*/
S2(config)#show ipv6-access-lists name test
ipv6-access-list test
2/2 (showed/total)
10 deny tcp 100:1::1:2/128 110:1::1:2/128 eq telnet
20 permit ip any any
/*Check the details of all ACLs on the router. In this mode,

information about the number of rules of each ACL is shown.*/
S2(config)#show ipv6-access-lists
ipv6-access-list test
2/2 (showed/total)
10 deny tcp 100:1::1:2/128 110:1::1:2/128 eq telnet
20 permit ip any any
Check the interface bound with the ACL. Two methods are available for checking the
binding between the ACL and the interface:
/*Check the binding between IPv6 ACLs on the router and the
related interfaces*/
S2(config)#show ipv6-access-groups
Interface name|vlan Direction ACl name
-----------------------------------------
xgei-0/1/1/3 Ingress test
/*Check the binding between all ACLs on the router and the
related interfaces, including IPv4 ACLs and IPv6 ACLs*/
S2(config)#show running-config port-acl
!<PORT_ACL>
ipv4-access-group ingress 1K
!
ipv6-access-group ingress test
!
!</PORT_ACL>
4-10

Chapter 5
IPv6 Static Route
Configuration
Table of Contents
IPv6 Static Route Overview ........................................................................................5-1
Configuring IPv6 Static Routes...................................................................................5-1
Maintaining IPv6 Static Routes...................................................................................5-2
IPv6 Static Route Configuration Example ...................................................................5-4
5.1 IPv6 Static Route Overview

Static routes refer to the routes that the network administrator creates by using
configuration commands in the routing table. Static routing is different from dynamic
routing that creates a routing table according to the routing algorithm.
When dynamic routing is applied, sometimes it is necessary to send the routes of the
entire Internet to a router and then the router can hardly tolerate such a huge load. In that
case, static routing can be applied to solve the problem. With static routing, only a few
configurations are required to eliminate the use of dynamic routes.
In a routing environment involving multiple routers and multiple paths, however, it is rather
complex to configure static routes.
The static unicast routing table is configured by the network administrator according to
his/her routing requirements after he/she gets familiar with the entire network topology.
Therefore, the network administrator can exactly control routing behaviors in the network.
When the network topology changes, however, the network administrator needs to
reconfigure the static routing table.
Unlike dynamic routing protocols, static routing does not require the setting of protocol
data on the related interfaces but requires only the validity check of the user-configured
static routing parameters such as destination address, mask length, next hop and egress
interface. The validity of each configured static route, however, still depends on the status
of the egress interface.
5.2 Configuring IPv6 Static Routes

To configure IPv6 static routes, run the following commands:
5-1

Command Function
ZXR10(config)#ipv6 route [vrf <vrf-name>]<prefix>/<mask-len><i Configures a static route with the

nterface-name>[<distance-metric>][bfd enable] specified egress interface. If the
egress interface is a broadcast
interface, the next hop should also
be specified.
ZXR10(config)#ipv6 route <prefix>/<mask-len><forwarding-route Configures a static route with the

r's-address>[<distance-metric>][bfd enable] specified next hop.
ZXR10(config)#ipv6 route <prefix>/<mask-len><interface-name Configures a static route with both

><forwarding-router's-address>[<distance-metric>][bfd enable] the specified egress interface and
the specified next hop.
For a description of the parameters, refer to the following table:
<vrf-name> Used to configure static route in a specific VRF. The VRF

name is with 1–32 characters. The management port mng
is a special VRF.
<prefix> Indicates the IPv6 address prefix.
<mask-len> Indicates the mask length ranging from 0 to 128.
<forwarding-router's-address> Indicates the next-hop IPv6 address.
<interface-name> Indicates the interface name.
<distance-metric> Indicates the administrative distance ranging from 1 to 255.
bfd enable Enables the BFD for the route in the IPv6 route configuration.
5.3 Maintaining IPv6 Static Routes

To maintain IPv6 static routes, run the following commands:
Command Function
ZXR10(config)#show running-config ipv6-static-route Shows the static routes configured

in the system database.
ZXR10(config)#show ipv6 protocol routing static Shows the static routes in the
routing table and the validity of
these routes.
Run the show running-config ipv6-static-route command to show the static routes
configured in the system database. The display results indicate the user-configured static
routes but these routes are not necessarily effective.
5-2

Chapter 5 IPv6 Static Route Configuration
Run the show ipv6 protocol routing static command to show the static routing table of the
router and check the validity of the static routes in the routing table. This command is often
used during the maintenance and diagnosis of routing protocols.
The following is a sample output from the show running-config ipv6-static-route command:
ZXR10(config)#show running-config ipv6-static-route
ipv6 route 11::/64 3::2 20
ipv6 route 22::/64 vlan56
ipv6 route 22::/64 vlan56 3::2
For a description of the sample output from the show running-config ipv6-static-route
command, refer to the following table:
ipv6 route Indicates the keyword of the configuration command.
11::/64 Indicates the destination address and mask length.
vlan56 Indicates the egress interface.
The following is a sample output from the show ipv6 protocol routing static command:
ZXR10(config)#show ipv6 protocol routing static
IPv6 Routing Table
Codes: D - Direct, A - Address, S - Static, R - RIP, UI - USER_IPADDR,
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS static,
O - OSPF intra, OI - OSPF inter, E1 - OSPF ext 1, E2 - OSPF ext 2,
N - ND, B - BGP, IB - IBGP, EB - EBGP, AG - BGP AGG, V - VRRP, P - PPP,
D6 - DHCPv6, SFN - Stateful NAT64, SLN - Stateless NAT64, AF - AFTR,
NP - ND_PREFIX, NF - ND_DFROUTE, NH - ND_HOST
M - Multicast
* - FIB route
> - selected route, p - stale info
Time: The time of last modified!
S> 11::/64 [1/0]
* via 3::2, [out label:-1 in label:-1], 0h9m14s
S> 22::/64 [1/0]
* via ::, vlan56, [out label:-1 in label:-1], 0h18m18s
S> 22::/64 [1/0]
* via 3::2, [out label:-1 in label:-1], 0h7m10s
S> 22::/64 [1/0]
via 3::2, vlan56, [out label:-1 in label:-1], 0h4m16s
5-3

5.4 IPv6 Static Route Configuration Example

General Description
As shown in Figure 5-1, S1 and S2 are directly connected with each other and belong to
the network segment 2005::/64. To enable S1 to successfully ping the network segment
2003::/64 of S2, a static route to the network segment 2003::/64 can be added on S1, with
the next hop being the IPv6 address of the S2 interface that directly connects S1 with S2.
Figure 5-1 IPv6 Static Route Configuration Example
Method
1. Configure the IPv6 address of the network segment 2005::/64 for the direct connection
between S1 and S2.
2. Configure the IPv6 address of another different network segment 2003::/64 on the
non-direct connection interface of S2.
3. Add a static route pointing to the network segment 2003::/64 on S1 so that S1 can
successfully ping the network segment 2003::/64 of S2.
Steps
S1 configuration:
S1(config-if-vlan10)#ipv6 address 2005::1/64
S1(config)#ipv6 route 2003::/64 2005::2
S1(config)#exit
S2 configuration:
5-4

Chapter 5 IPv6 Static Route Configuration
Verification
On S1, check whether the address has been successfully configured, whether the interface
is up, and whether the static route has been successfully added, and then run "ping6
2003::2" to check whether the ping operation is successful.
S1(config)#show running-config-interface vlan10
!<if-intf>
interface vlan10
ipv6 enable
ipv6 address 2005::1/64
$
!</if-intf>
S1(config)#show ipv6 interface brief vlan10

vlan10 [up/up]
fe80::2d0:d0ff:fe60:1000
2005::1/64
S1(config)#show running-config ipv6-static-route

ipv6 route 2003::/64 2005::2
S1(config)#ping6 2003::2
sending 5,100-byte ICMP echo(es) to 2003:0:0:0:0:0:0:2,timeout is 2 second(s).
!!!!!
5-5

5-6

Chapter 6
RIPng Configuration
Table of Contents
RIPng Overview .........................................................................................................6-1
Configuring the RIPng ................................................................................................6-3
RIPng Maintenance and Diagnosis.............................................................................6-7
RIPng Configuration Example ....................................................................................6-9
6.1 RIPng Overview

The Routing Information Protocol (RIP) is widely applied as a mature routing standard on
the Internet, especially on some small-scale and medium-scale networks. Considering
this situation and the compatibility between RIP and IPv6, the Internet Engineering Task
Force (IETF) altered the existing technology and set an RIP standard under IPv6, that is,
RIP next generation (RIPng).
RIPng is a User Datagram Protocol (UDP)-based protocol using port 521 to transmit and
receive data packets. In general, RIPng packets are classified into two categories: routing
information packets and request packets.
RIPng is not intended to create a completely new protocol but to make necessary
alternation to the RIP so as to enable it to adapt to the routing requirements under IPv6.
Therefore, RIPng has the same working principles as the RIP, except for changes in the
address and packet formats.
l Address Length
RIPv1 and RIPv2 are IPv4-based. The address field consists of only 32 bits. In
contrast, RIPng is IPv6-based and all its addresses comprise 128 bits.
l Subnet Mask and Prefix Length

RIPv1 is designed for use in subnet-free networks and thus does not involve
the subnet mask concept. For this reason, RIPv1 cannot be used to propagate
variable-length subnet addresses or CIDR classless addresses. The support for
subnet routing is added to RIPv2, so it can use subnet masks to distinguish between
network routes and subnet routes.
IPv6 address prefixes have express meanings. Therefore, RIPng no longer involves
the subnet mask concept but uses the prefix length instead. Similarly, due to the use
of IPv6 addresses, it is unnecessary for RIPng to distinguish among network routes,
subnet routes and host routes.
l Protocol Applicable Scope
6-1

The application scope of RIPv1 and RIPv2 is not limited to the Transfer Control
Protocol/Internet Protocol (TCP/IP) protocol suite but also includes other network
protocol suites. Therefore, the routing entries of a packet include the network
protocol suite field. However, it is seldom used for other non-IP networks in practice.
Therefore, support for this function is removed from RIPng.
l Next Hop
There is no information about next hop in RIPv1. The router at the receiving end takes
the source address of a packet as the next hop for the route to the destination network.
RIPv2 contains explicit information about the next hop, thus facilitating selection of the
optimum route and avoiding routing loops and slow convergence.
Different from RIPv1 and RIPv2, the next hop field in RIPng exists as a separate RTE
to avoid overlong Routing table Entry (RTE) and to improve the efficiency of routing
information transmission.
l Packet Length
In both RIPv1 and RIPv2, the packet length is limited and a packet can carry at most
25 RTEs.
RIPng has no limit on the length of a packet and the number of RTEs. The length of a
packet depends on the MTU of a medium. This packet length processing mechanism
of RIPng has improved the transmission efficiency of routing information on the
network.
l Security Consideration
RIPv1 packets do not contain authentication information and thus RIPv1 is not secure.
Any host sending packets via UDP port 520 may be regarded by neighboring hosts
as a router and thus router spoofing may easily take place. RIPv2 is designed to
contain authentication packets to enhance security. Although routers that exchange
routes with each other cannot receive route information from each other before
authentication, RIPv2 does not have adequate security.
IPv6 contains perfect security policies, so there is no need to design separate security
authentication packets for RIPng any more but to use IPv6 security policies.
l Packet Transmission Mode
RIPv1 sends routing information through broadcast. In this way, both routers and all
the hosts within the same Local Area Network (LAN) can receive packets, which is
unnecessary and insecure.
However, both RIPv2 and RIPng can send packets either through broadcast or
through multicast. In this way, packets can be sent through multicast in networks that
support multicast, thus greatly reducing the volume of routing information transmitted
in networks.
6-2

Chapter 6 RIPng Configuration
6.2 Configuring the RIPng

RIPng configuration includes the enabling of RIPng and the configuration of RIPng protocol
parameters.
Enabling RIPng
To enable RIPng, perform the following steps.
1 ZXR10(config)#ipv6 router rip Enters the RIPng configuration

mode.
2 ZXR10(config-ripng)#interface <interface-name> Enters the RIPng interface

configuration mode.
3 ZXR10(config-ripng-if-interface-name)#ipv6 rip Enables RIPng on an interface.

enable
Configuring RIPng Protocol Parameters

To configure RIPng protocol parameters, perform the following steps.
l Configure the timers of RIPng:
1 ZXR10(config)#ipv6 router rip Enters the RIPng

configuration mode.
2 ZXR10(config-ripng)#timers basic <update><timeout Configures the timers of

><garbage> RIPng.
<update> Specifies the periodic packet sending interval in the unit

of seconds. The value range is 5-65535 seconds. The
default value is 30 seconds.
<timeout> Specifies the time for the route to become invalid in the
unit of seconds. The value range is 5-65535 seconds.
The default value is 180 seconds.
<garbage> Specifies the time period from the time when the route
becomes invalid to the time when the route is deleted in
the unit of seconds. The value range is 5-65535 seconds.
l Set the default metric of RIPng routes:
6-3


configuration mode.
2 ZXR10(config-ripng)#default-metric <metric> Sets the default metric of

routes in the range of 1-16.
l Configures the summarized routes of the RIPng:

configuration mode.
2 ZXR10(config-ripng)#summary-prefix Configures the summarized

X:X::X:X/<0-128> routes of the RIPng.
X:X::X:X/<0-128> Indicates the IPv6 route prefix and length of the

summarized routes.
l Configure the port for listening to RIPng multicast packets:

configuration mode.
2 ZXR10(config-ripng)#port <1-65535> Specifies the port for listening

to multicast packets. The
value range is 1-65535. The
default value is 521.
l Configure the offset list of the RIPng:

configuration mode.
2 ZXR10(config-ripng)#offset-list <access-list-name>{in Configures the offset list of

| out}<offset> the RIPng.
<access-list-name> Specifies the ACL number with 1-31 characters.
6-4

in | out Specifies route receiving or sending.
<offset> Specifies the metric of the offset in the range of 0-16.
l Configure the redistribution of protocol routes:

configuration mode.
2 ZXR10(config-ripng)#redistribute <protocol>[metric Configures the redistribution

<metric-value>][route-map <map-tag>] of protocol routes.
<protocol> Specifies the name of the protocol whose routes are

redistributed.
<metric-value> Specifies the metric for the redistributed routes in the

range of 1-16.
<map-tag> Specifies the route map used for protocol route

redistribution.
l Delete the routes received by the RIPng:
Command Function
ZXR10#clear ipv6 rip route {X:X::X:X/<0-128>| all} Deletes the routes received by
the RIPng. You can delete all
the received routes or a certain
route only.
X:X::X:X/<0-128> Specifies the route prefix of the routes to be deleted.
all Indicates that all the received RIPng routes will be deleted.
l Configure interface commands:

configuration mode.
6-5

2 ZXR10(config-ripng)#interface <interface-name> Enters the RIPng interface

configuration mode.
3 ZXR10(config-ripng-if-interface-name)#ipv6 rip Enables split horizon on

split-horizon the interface. By default,
split horizon is enabled. To
disable split horizon, use the
no form of the command.
ZXR10(config-ripng-if-interface-name)#ipv6 rip Enables poison reverse on

poison-reverse the interface. By default, the
poison reverse function is
enabled.
ZXR10(config-ripng-if-interface-name)#ipv6 rip Configures the active

interface active interface so that the interface
only sends packets but
does not receive packets.
To cancel the configuration
and restore normal packet
sending and receiving, use
the no form of the command.
ZXR10(config-ripng-if-interface-name)#ipv6 rip Configures the passive

interface passive interface so that the interface
only receives packets but
does not send packets. To
cancel the configuration
and restore normal packet
sending and receiving, use
the no form of the command.
ZXR10(config-ripng-if-interface-name)#ipv6 rip Configures the neighbor

neighbor <X:X::X:X> address of the RIPng so that
unicast packets will be sent
to this neighbor only.
ZXR10(config-ripng-if-interface-name)#ipv6 rip Originates the default route

originate-default-route [only] of the RIPng on the interface.
To cancel the configuration,
use the no form of the
command.
<X:X::X:X> Specifies the link-local address of the neighbor.
6-6

[only] Indicates that only the default route will be sent on the
interface.
6.3 RIPng Maintenance and Diagnosis

To maintain and diagnose RIPng, use the following commands.
Command Function
ZXR10(config)#show ipv6 rip [vrf <vrf-name>] Shows the content of the RIPng
protocol.
ZXR10(config)#show ipv6 rip database [{X:X::X:X/<0-128 Shows the RIP route database
>|<X:X::X:X>}][vrf <vrf-name>] information.
ZXR10(config)#show ipv6 rip interface [vrf <vrf-name>]<interf Shows the interfaces on which
ace-name> RIPng is enabled.
The command parameters are described as follows:
vrf <vrf-name> VRF name, with 1-32 characters
X:X::X:X Indicates the specific IPv6 route prefix.
X:X::X:X/<0-128> Indicates the IPv6 route prefix and prefix length.
<interface-name> Indicates the interface name.
The following example shows the outputs of the command show ipv6 rip:
ZXR10(config)#show ipv6 rip
RIPng protocol, port 521, multicast-group FF02::9
administrative distance is 120
default metric is 1
updates every 30 seconds, expire after 180 seconds
garbage collect after 120 seconds
The number of ripng routes:
connect ripng route 1
aggregate ripng route 0
ripng route 0
Redistribution:
The outputs of the command show ipv6 rip are described as follows:
port 521 Indicates that the RIPng uses UDP port 521.
6-7

multicast-group FF02::9 Indicates that the multicast address used by the RIPng is
FF02::9.
administrative distance is 120 Indicates that the administrative distance of RIPng routes
is 120.
default metric is 1 Indicates that the default metric of RIPng routes is 1.
updates every 30 seconds, expire Indicates that the update timer currently set is 30s, the
after 180 seconds timeout timer is 180s, and the garbage timer is 120s.
connect ripng route 0 Indicates that the number of connect RIPng routes is 0.
aggregate ripng route 0 Indicates that the number of aggregate RIPng routes is 0.
Redistribution Indicates that the protocol type of rouet redistribute.
The following example shows the outputs of the command show ipv6 rip database:
ZXR10(config)#show ipv6 rip database
1001::/64
nexthop: ::, via: vlan1
metric: 1, tag: 0 time: 00:20
2001:210:120:1::/64
2001:210:120:2::/64
The outputs of the command show ipv6 rip database are described as follows:
1001::/64 Indicates the destination network segment.
nexthop: :: Indicates the next-hop address. In this example, there is no

next hop because the network segment is a direct connection
segment.
via: vlan1 Indicates the egress interface of the route.
metric: 1, tag: 0 Indicates that the metric of the route is 1 and the tag is 0.
time: 00:20 Indicates the time of the route exist.
The following example shows the outputs of the command show ipv6 rip interface [<interf
ace-name>]:
ZXR10(config)#show ipv6 rip interface vlan1
vlan1: interface is up
RIPng is enabled
6-8

Split horizon enabled

Poison reverse enable
Active interface
IPv6 interface address:
2010::13/64
The outputs of the command show ipv6 rip interface [<interface-name>] are described as
follows:
vlan1: interface is up Indicates that the vlan1 is up.
RIPng is enabled Indicates that PIPng is enabled on the interface vlan1.
Split horizon enabled Indicates that the split horizon is enabled.
Poison reverse enable Indicates that the poison reverse is enabled.
Active interface Sets VLAN1 interface to an active interface, which means

that this interface can only send packets.
IPv6 interface address: Indicates that the address of the interface vlan1 is
2010::13/64 2010::13/64.
6.4 RIPng Configuration Example

General Description
As shown in Figure 6-1, the RIPng runs on routers S1 and S2 to advertise the RIPng routes
of the two routers. Here, a loopback address is taken as an example and can redistribute
other routes. The redistribution of direct routes is taken as an example.
Figure 6-1 RIPng Configuration Example
Method
1. Enable the IPv6 protocol on the interfaces and configure IPv6 addresses.
2. Configure the RIPng protocol.
3. Enable the RIPng-related configurations on the interfaces.
4. Configure the redistribution commands if it is necessary to redistribute other routes.
6-9

5. Check the configuration results, and confirm that neighbors are correctly established
between the two routers and each router can learn the routes advertised by the peer
router.
Steps
S1 configuration:
S1(config)#interface loopback5
S1(config-if-loopback5)#ipv6 enable
S1(config-if-loopback5)#ipv6 address 3555::52/64
S1(config-if-loopback5)#exit
S1(config)#ipv6 router rip
S1(config-ripng)#interface vlan1
S1(config-ripng-if-vlan1)#ipv6 rip enable
S1(config-ripng-if-vlan1)#exit
S1(config-ripng)#interface loopback5
S1(config-ripng-if-loopback5)#ipv6 rip enable
S1(config-ripng-if-loopback5)#exit
S1(config-ripng)#redistribute connected
S1(config-ripng)#exit
S2 configuration:
S2(config)#ipv6 router rip
S2(config-ripng)#interface vlan1
S2(config-ripng-if-vlan1)#ipv6 rip enable
S2(config-ripng-if-vlan1)#exit
S2(config-ripng)#interface loopback5
6-10

S2(config-ripng-if-loopback5)#ipv6 rip enable

S2(config-ripng-if-loopback5)#exit
S2(config-ripng)#redistribute connected
S2(config-ripng)#exit
Verification
Run the command show running-config ripng on S1 and S2 to check the RIPng
configuration information, and run the command show ipv6 forwarding route ripng to
check the routing information.
Check the routing information on S1:
S1#show running-config ripng
! <ripng>
ipv6 router rip
redistribute connected
interface vlan1
ipv6 rip enable
$
interface loopback5
ipv6 rip enable
$! </ripng>
S1#show ipv6 rip

default metric is 1
The number of ripng routes: Redistribution:
ripng route 2
Redistribution:
S1#show ipv6 rip database

2352::/64
nexthop: fe80::2d0:d0ff:feaf:cc10, via: vlan1
metric: 2, tag: 0, time: 00:12
3550::/64
2310::/64 connected
metric: 1, tag: 0
6-11

2310::/64
nexthop: 2310::66, via: vlan2
3555::/64 connected
nexthop: ::, via: loopback1
metric: 1, tag: 0
3555::/64
nexthop: 3555::52, via: loopback1
3611::/64 connected
metric: 1, tag: 0
3611::/64
S1#show ipv6 forwarding route ripng

IPv6 Routing Table:
Headers: Dest: Destination, Gw: Gateway, Pri: Priority;
Codes : K: kernel, I1: isis-l1, SFN: sf-nat64, R: ripng, AF: aftr, B: bgp,
D: direct, I2: isis-l2, SLN: sl-nat64, O: ospfv3, D6: dhcp, P: ppp,
S: static, N: nd, V: vrrp, A: address, M: multicast, UI: user-ipaddr;
Dest Owner Metric
Interface Pri Gw
2352::/64 R 2
Vlan10 120 fe80:12::2d0:d0ff:feaf:cc10
3550::/64 R 2
S1#ping6 2352::52
sending 5,100-byte ICMP echoes to 2352::52,timeout is 2 seconds.
!!!!!
Check the routing information on S2:
S2#show running-config ripng

!<ripng>
ipv6 router rip
interface vlan1
ipv6 rip enable
$
interface loopback5
ipv6 rip enable
$!</ripng>
6-12

S2#show ipv6 rip

default metric is 1
The number of ripng routes: Redistribution:
ripng route 2
Redistribution:
S2#show ipv6 rip database

2310::/64
3555::/64
2352::/64 connected
metric: 1, tag: 0
2352::/64
3550::/64 connected
nexthop: ::, via: loopback1
metric: 1, tag: 0
3550::/64
nexthop: 3555::52, via: loopback1
3611::/64 connected
metric: 1, tag: 0
3611::/64
S2#show ipv6 forwarding route ripng

IPv6 Routing Table:
6-13


Dest Owner Metric
Interface Pri Gw
2310::/64 R 2
Vlan10 120 fe80:2e::2d0:d0ff:fe78:99dd
3555::/64 R 2
Vlan10 120 fe80:2e::2d0:d0ff:fe78:99dd
S2#ping6 2310::66
!!!!!
6-14

Chapter 7
OSPFv3 Configuration
Table of Contents
OSPFv3 Overview......................................................................................................7-1
Configuring OSPFv3 ..................................................................................................7-5
OSPFv3 Maintenance and Diagnosis .......................................................................7-13
OSPFv3 Configuration Examples .............................................................................7-15
7.1 OSPFv3 Overview

Introduction to OSPFv3
Open Shortest Path First (OSPF) version 2 is a link-status-based interior gateway protocol
developed by IETF. Because it has a wide application scope, provides fast convergence,
eliminates routing loops and facilitates hierarchical network design, it has been widely
applied in IPv4 networks.
With the construction of IPv6 networks, dynamic routing protocols are also required to
provide accurate and valid routing information for IPv6 packet forwarding. For this reason,
IETF revised OSPFv2 according to IPv6 networks and developed OSPFv3. OSPFv3 is
mostly used in IPv6 networks to provide the routing function. It is a mainstream routing
protocol applied in IPv6 networks.
The IPv6 OSPF protocol is OSPFv3, and the IPv4 OSPF protocol is OSPFv2.
The IPv6 OSPF keeps the majority of IPv4 algorithms. The essential OSPF mechanism
remains unchanged from IPv4 to IPv6.
Both OSPFv3 and OSPFv2 have a link status database. The Link Status Advertisement
(LSA) is contained in the link status database, and the link status databases of all routers
in the same area must be kept synchronous.
Database synchronization is implemented through the database exchange process, which
includes exchanging database description packets, link state request packets and link state
update packets. The subsequent database synchronization is maintained through flooding
with link state update packets and link state acknowledgment packets.
In broadcast and Non-Broadcast Multicast Access (NBMA) networks, both OSPFv3 and
OSPFv2 use the hello packet to discover and maintain adjacency and to elect Designate
Router (DR) and Backup Designate Router (BDR).
OSPFv3 and OSPFv2 also keep consistent with each other in such aspects as neighbor
determination, basic concept of inter-area routes, redistribution of Autonomous System
(AS) external routes and so on.
7-1

OSPFv3 Principle
Compared with OSPFv2, OSPFv3 has almost the same working mechanism but has also
revised OSPFv2 so as to support the IPv6 address format. The following sections describe
in detail the similarities and differences between OSPFv2 and OSPFv3. For details about
the OSPFv2 principles, please refer to "OSPF Configuration" in IPv4 Routing Volume.
Similarities Between OSPFv3 and OSPFv2
OSPFv3 has almost the same protocol design concept and working mechanism as
OSPFv2.
l The same packet types: Hello, DD, Link State Packet (LSP), Link State Update (LSU),
LSAck packets.
l The same area division.
l The same LSA flooding and synchronization mechanisms: To guarantee the
correctness of Link-state Database (LSDB) information, the reliable flooding and
synchronization of LSAs must be guaranteed.
l The same route computation method: Both use the Shortest Path First (SPF)
algorithm to compute routes.
l The same network types: Both support four network types, i.e. broadcast, NBMA,
point-to-point, point-to-multipoint.
l The same neighbor discovery and neighbor establishment mechanisms: After an
OSPF router is started, it sends a Hello packet via the OSPF interface to another
OSPF router. Upon receipt of the Hello packet, the latter OSPF router checks the
parameters defined in the packet. If the parameters in the received packet are the
same as those in its own packet, adjacency is established between the two routers.
Two routers in an adjacency relationship do not necessarily become neighbors. This
depends on the network type. The two routers become real neighbors only when
they have successfully exchanged the DD packet and the LSA and their LSDBs are
synchronized with each other.
l The same DR election mechanism: The DR and BDR need to be elected in NBMA
and broadcast networks.
Differences Between OSPFv3 and OSPFv2
There are differences between OSPFv3 and OSPFv2 because OSPFv3 is based on IPv6.
l The topology of OSPFv3 is link-based whereas that of OSPFv2 is subnet-based.
IPv6 uses the term "link" to describe the facilities or mediums used by nodes for
communications over the link layer. Nodes are connected with links. Multiple IP
subnets can be attached to the same link. Two nodes in different IP subnets can
communicate with each other directly over a single link.
l Address semanteme is deleted from OSPFv3.
The OSPFv3 packet contains no IPv6 address except for the LSA payload carried in
a link state update packet. The router LSA and network LSA do not contain network
addresses but only indicate topology information. The OSPF router ID and the LSA
ID are reserved as 32-bit IPv4 addresses and not assigned with any IPv6 address.
7-2

Chapter 7 OSPFv3 Configuration
l OSPFv3 extends the range of flooding

The LS field of the LSA reflects its flooding range. LSA features the following three
flooding ranges:
à Link Local Range: LSAs only flood in the local link range. This range is applicable
to the link LSA.
à Area Range: LSAs only flood in a single OSPFv3 area. This range is applicable
to the router LSA, network LSA, inter-area prefix LSA, inter-area router LSA and
intra-area prefix LSA.
à AS Range: LSAs flood in the whole OSPFv3 routing domain. This is applicable
to the AS external LSA. Each link supports multiple instances. OSPFv3 supports
the running of multiple OSPF protocol instances over a single link.
l Usage of link local address.
The IPv6 link local addresses are used for neighbor discovery and automatic
configuration over a single link. IPv6 routers do not forward the IPv6 packets
containing link local source addresses. The IPv6 address range allocated to the link
local unicast addresses is FE80/10.
Except for the virtual link, OSPFv3 link local addresses related to interfaces can
serve as source addresses to send OSPF packets. In the virtual link, only the IPv6
addresses in the global range or of a local site can serve as the source address.
The link local addresses occur in the OSPFv3 LSA but are not allowed to occur in
other types of LSAs.
l Changes to the authentication mode
The authentication type and authentication field are removed from the OSPFv3
header. The authentication-related fields do not occur in the OSPFv3 area data
structure and the interface data structure. The OSPFv3 employs the authentication
mechanism provided by the IPv6 itself to implement integrity and confidentiality in
packet exchanging.
l Changes to the protocol packet format
The OSPFv3 runs over the IPv6 directly. Address semanteme is not contained in
the OSPF header but in different LSA types. Therefore, OSPFv3 is independent of
network protocols. The following are changes to the packet format:
à The version number changes from 2 to 3.
à Options fields of the Hello packet and the database description packet are
expanded to 24 bits.
à The authentication and authentication type fields are removed from the packet
header.
à The Hello packet does not contain the address semanteme but contains an
interface ID used by the router to identify the link. If the router becomes the DR
on the link, the interface ID will be the link state ID of the network LSA.
7-3

à To process the router LSA during SPF computation, two flag bits R and V6 are
added to the options field. The OSPF header contains an Instance ID, thus
allowing the running of multiple OSPF protocol instances over a single link.
LSA Types
An LSA is the unit to construct the OSPFv3 link state database. A router uses LSAs to
form a complete network topology and further generate a routing table. OSPFv3 has the
following types of LSAs.
l Router LSA
Its link state type is 0x2001. It can generate one or multiple LSAs on each router
within an area.
l Network LSA
Its link state type is 0x2002. It can generate network LSAs for each broadcast and
NBMA link within an area, which supports two or multiple routers. Network LSAs are
created by DR on this link.
l Inter-Area Prefix LSA

Its link state type is 0x2003. It is equivalent to the Type-3 LSA in OSPFv2. Created by
an area border router, the inter-area prefix router LSA describes IPv6 address prefixes
in other areas. For stub areas, inter-area prefix LSA can also be used to describe the
default route.
l Inter-Area Router LSA
Its link state type is 0x2004. It is equivalent to the Type-4 LSA in IPv4. Created by the
ABR, it describes the ASBR to other areas.
l AS External LSA
Its link state type is 0x4005. It is created by the ASBR and describes the ASBR to
other areas.
l Link LSA
Its link state type is 0x0008. A router advertises a separate link LSA to each link
connecting with it. These LSAs have a local link flooding range and will not be flooded
out of the related link.
l Intra-Area Prefix LSA

Its link state type is 0x2009. A router uses the intra-area prefix LSA to advertise
one or multiple IPv6 address prefixes, which are associated with the router itself, the
connected stub network segment or the connected transit network segment.
Two types of LSAs are added to OSPFv3. They are the Link LSA and the Intra Area Prefix
LSA.Table 7-1 describes the brief similarities and differences between OSPFv3 LSAs and
OSPFv2 LSAs.
7-4

Table 7-1 Similarities and Differences Between OSPFv3 LSAs and OSPFv2 LSAs
OSPFv2 LSA OSPFv3 LSA Similarities with and

Differences from OSPFv2
LSAs
Router LSA Router LSA The name is the same and the
function is similar, except that
Network LSA Network LSA
the LSA no longer describes
address information but is used
only to describe the topology
structure of the routing area.
Network Summary LSA Inter Area Prefix LSA The function is similar but the
ASBR Summary LSA Inter Area Router LSA name is different.
AS External LSA AS External LSA Both the function and the name
are completely the same.
Link LSA The LSA is newly added.

-
Intra Area Prefix LSA The LSA is newly added.
7.2 Configuring OSPFv3

Enabling OSPFv3
To enable OSPFv3, perform the following steps.
1 ZXR10(config)#ipv6 router ospf <process-id> Enables the OSPFv3 process.
2 ZXR10(config-ospfv3-process-id)#router-id Specifies the Router ID for an

<router-id> OSPFv3 process.
Configuring OSPFv3 Interface Attributes

To configure OSPFv3 interface attributes, perform the following steps.
1 ZXR10(config)#ipv6 router ospf<process-id> Enters the interface

configuration mode.
2 ZXR10(config-ospfv3-process-id)#area<area-id> Enters the id area.
3 ZXR10(config-ospfv3-process-id)#interface Adds an interface to OSPFv3.

<interface-name>
7-5

4 ZXR10(config-ospfv3-process-id-if-interface- Specifies the interval of

name)#hello-interval <interval> sending Hello packets on an
interface in the unit of seconds.
The value range is 1-65535.
The default value for
point-to-point and broadcast
interfaces is 10 seconds.
non-broadcast and
point-to-multipoint interfaces is
30 seconds.
ZXR10(config-ospfv3-process-id-if-interface- Specifies the time interval at

name)#retransmit-interval <interval> which an interface retransmits
an LSA in the unit of seconds.
The value range is 1-65535.
ZXR10(config-ospfv3-process-id-if-interface- Sets the AH authentication

name)#authentication {null|ipsec spi <spi-id>{md5 {<md5- mode of the IPsec for an
key>|encrypted <md5-key-encrypted>}|sha1 {<sha1-key>| interface.
encrypted <sha1-key-encrypted>}}[rollover-interval
<rollover-interva>]}
ZXR10(config-ospfv3-process-id-if-interface- Sets the ESP authentication

name)#encryption {null | ipsec spi <spi-id> mode of the IPsec for an
esp {aes-cbc 128 <md5_key>| encrypted interface.
<aes-cbc-128-key-encrypted>}| 3des {<md5-key>|
encrypted <3des-key-encrypted>}|des {<md5-key>|
encrypted <des-key-encrypted>}| null}{md5 <md5-key>|
encrypted <md5-key-encrypted>}|sha1 {<md5_key>|
encrypted <sha1-key-encrypted>}}[rollover-interval
<rollover-interva>]}
ZXR10(config-ospfv3-process-id-if-interface- Specifies the delay after which

name)#transmit-delay <interval> an interface transmits a link
state update packet in the unit
of seconds. The value range
is 1-65535. The default value
is 1 second.
ZXR10(config-ospfv3-process-id-if-interface- Specifies the aging time of

name)#dead-interval <interval> neighbors on an interface in
the unit of seconds. The value
range is 1-65535.
7-6


point-to-point and broadcast
interfaces is 40 seconds.
non-broadcast and
point-to-multipoint interfaces is
120 seconds.
ZXR10(config-ospfv3-process-id-if-interface- Sets the interface cost value in

name)#cost <cost-value> the unit of seconds. The value
value is 1.
ZXR10(config-ospfv3-process-id-if-interface- Sets the interface priority in

name)#priority <value> the unit of seconds. The value
value is 1.
ZXR10(config-ospfv3-process-id-if-interface- Configures the neighboring

name)#neighbor <X:X::X:X>[{[cost <cost-value>]|[poll-inter routers in a non-broadcast or
val <interval>]|[priority <value>]}] point-to-multipoint network.
ZXR10(config-ospfv3-process-id-if-interface- Sets the network type for an

name)#network {broadcast | non-broadcast | interface.
point-to-multipoint [non-broadcast]| point-to-point}
ZXR10(config-ospfv3-process-id-if-interface- Configures BFD attribute.

name)#bfd <disable | enable>
ZXR10(config-ospfv3-process-id-if-interface- Configures to ignore MTU

name)#ipv6-mtu-ignore check during DD packet
exchange
ZXR10(config-ospfv3-process-id-if-interface- Suppresses an interface to

name)#linklsa-suppress <enable> generate Type-8 link LSA.
For a description of the parameters in the command for OSPFv3 interface authentication
key configuration, refer to the following table.
null Interface authentication is null.
ipsec spi IPSEC authentication mode.
<spi-id> Security policy index value, a decimal number,

range: 256–32767.
<md5_key> MD5 authentication key, a hex character string. It

must be 32 characters long.
7-7

<md5-key-encrypted> Encrypted MD5 authentication key, a hex

character string. It must be 64 characters long.
<sha1-key> SHA1 authentication key, a hex character string.

It must be 40 characters long.
<sha1-key-encrypted> Encrypted SHA1 authentication key, a hex

character string. It must be 64 characters long.
<rollover-interva> Delay for applying the key. When the key is

modified, the modification operations on all
the routers may take some time, so a smooth
transition period is required. This parameter
specifies the transition period in minutes.
For a description of the parameters in the command for OSPFv3 interface encryption
configuration, refer to the following table.
null Null IPSEC encryption.
ipsec spi IPSEC encryption.
<spi-id> Security policy index value, a decimal number,

range: 256–32767.
128 IPSEC encryption method.
<aes_cbc_128_key> 128-digit key, a hex character string. It must be

32 characters long.
<aes_cbc_128_key_encrypted> Encrypted 128-digit key, a hex character string. It

<3des-key> 192-digit key, a hex character string. It must be

48 characters long.
<3des-key-encrypted> Encrypted 192-digit key, a hex character string. It

des IPSEC encryption method.
<des-key> 64-digit key, a hex character string. It must be

16 characters long.
<des-key-encrypted> Encrypted 64-digit key, a hex character string. It

null Null IPSEC encryption.
<md5-key> MD5 key, a hex character string. It must be 40

characters long.
7-8

<md5-key-encrypted> Encrypted MD5 key, a hex character string. It

<sha1-key-encrypted> Encrypted SHA1 key, a hex character string. It

<rollover-interva> Delay for applying the key. When the key is

modified, the modification operations on all
the routers may take some time, so a smooth
transition period is required. This parameter
specifies the transition period in minutes.
Configuring OSPFv3 Protocol Attributes

To configure OSPFv3 protocol attributes, perform the following steps.
1 ZXR10(config)#ipv6 router ospf <process-id> Enables an OSPFv3 instance

and enters the OSPFv3
configuration mode.
2 ZXR10(config-ospfv3-process-id)#area <area-id> bfd Configures BFD attribute of all

<disable | enable> interface in an area.
3 ZXR10(config-ospfv3-process-id)#area <area-id> Configures the default metric

default-cost <cost-value> value for an area, the value
range is 0-16777215.
4 ZXR10(config-ospfv3-process-id)#area <area-id> Configures the range of

range X:X::X:X/<0-128>[advertise | not-advertise] summary addresses in an
area.
5 ZXR10(config-ospfv3-process-id)#area <area-id> stub Defines an area as the stub

[no-summary] area. no-summary implies
the ABR is forbidden to send
summary routes to this stub
area.
6 ZXR10(config-ospfv3-process-id)#area Defines an OSPF virtual link.

<area-id> virtual-link <router-id>[dead-interval
<seconds>][hello-interval <seconds>][retransmit-interval
<seconds>][transmit-delay <seconds>]
7 ZXR10(config-ospfv3-process-id)# bfd enable Enables BFD function on all

interfaces. Use the no format
of this command to restore the
default value.
7-9

8 ZXR10(config-ospfv3-process-id)#default-metric Sets the default metric value

<metric-value> for the OSPFv3 protocol.
This value is allocated to
redistributed routes. The value
range is 1-16777214. The
default value is 20.
9 ZXR10(config-ospfv3-process-id)#distribute-list The distribute-list in command

{[access-list <access-list-name> in ]|[route-map <name of filters routes of which the
a route-map> in]} owner is OSPF routes. The
distribute-list out command
controls the redistribution
of external routes to OSPF
areas after Type-5 LSAs
are generated. This is a
supplement of the redistribute
command.
10 ZXR10(config-ospfv3-process-id)#maximum-paths Sets the maximum number

<number> of routes for load sharing in
OSPF.
11 ZXR10(config-ospfv3-process-id)#passive-interface Prohibits OSPFv3-enabled

<interface-name> interfaces from sending
OSPFv3 packets.
12 ZXR10(config-ospfv3-process-id)#redistribute Redistributes the routes of

<protocol>[metric <metric-value>][metric-type protocols into the OSPFv3
<type>][route-map <name>] protocol.
13 ZXR10(config-ospfv3-process-id)#summary-prefix Summaries the routes of other

<X:X::X:X/<0-128>> protocols that are redistributed
to OSPF.
14 ZXR10(config-ospfv3-process-id)#timers spf delay Sets the interval at which the

<delay> hold-time <holdtime> OPSFv3 protocol computes
routes.
15 ZXR10(config-ospfv3-process-id)#area Sets the AH authentication of

{<area-id>|<area-id>} authentication ipsec the IPsec for an area.
spi <spi-id>{md5 {<md5_key>| encrypted
<md5-key-encrypted>}|sha1 {<sha1-key>| encrypted
<sha1-key-encrypted>}}[rollover-interval <rollover-interva>]
7-10

16 ZXR10(config-ospfv3-process-id)#area Sets the ESP authentication of

{<area-id>|<area-id>} encryption ipsec spi the IPsec for an area.
<spi-id> esp {aes-cbc 128 {<md5-key>| encrypted
<aes-cbc-128-key-encrypted>}|3des {<md5-key>| encrypted
<3des-key-encrypted>}|des {<md5-key>| encrypted
<des-key-encrypted>}|null}{md5 {<md5-key>|encrypted
<md5-_key-encrypted>}|sha1 {<md5-key>|encrypted
<sha1-key-encrypted>}}[rollover-interval <rollover-interva>]
<area-id> Specifies the ID of the area as an IP address of the decimal

(0-4294967295) or dotted decimal format (A.B.C.D).
disable Disables BFD.
enable Enables BFD.

<cost-value> Specifies the default metric value. The value range is

0-16777215. The default value is 1.

X:X::X:X/< 0-128> Specifies the summary IPv6 route prefix and the prefix length.
advertise Enables the advertisement of summary 3-type LSAs.
not-advertise Prohibits the advertisement of summary 3-type LSAs.

no-summary Forbids ABR to send summary information to the stub area.
7-11


<router-id> Specifies the peer router ID of the virtual link in the format of
a dotted decimal IP address.
hello-interval <seconds> Specifies the interval at which Hello packets are sent on the
virtual link in the unit of seconds. The value range is 1-8192.
dead-interval <seconds> Specifies the dead interval of neighbors on the virtual link in
the unit of seconds. The value range is 1-8192. The default
value is 40 seconds.
retransmit-interval <seconds> Specifies the retransmission interval of packets on the virtual

link in the unit of seconds. The value range is 1-8192. The
default value is 5 seconds.
transmit-delay <seconds> Specifies the delay after which a link state update packet
is transmitted on the virtual link in the unit of seconds. The
value range is 1-8192. The default value is 1 second.
The command parameter in step 8 is described as follows:
<metric-value> Default metric of external routes, in the range of 1-16777214.
<access-list-name> The first character can be a digit. Use an unused name.
<name of a route-map> Route-map template name
in In: The template specified is used to filter routes.
<number> Maximum number of routes for load sharing in OSPF, in the

range of 1-32, with the default value of 1.
<interface-name> Interface name
7-12

<protocol> Specifies the name of the redistributed protocol, such as

"connected", "static", "RIP", "BGP", "ISIS" or "OSPF".
<metric-value> Specifies the metric of the redistributed LSA. By default, the

default-metric of the instance is used. The value range is
0-16777214.
<type> Specifies the metric-type of the redistributed LSA. The value

is 1-2. The default value is 2.
route-map <map-name> Specifies the route map used for protocol route redistribution.
<X:X::X:X/128> Prefix and prefix length of the IPv6 routes summarized.
<delay> Specifies the delay of route re-computation that follows after

route updates are received in the unit of seconds. The value
range is 0-65535. The default value is 5 seconds.
<holdtime> Specifies the hold time in the unit of seconds. The value
7.3 OSPFv3 Maintenance and Diagnosis

Compared with RIPng, OSPFv3 is more complicated. There are many fault reasons behind
a fault symptom. Therefore, the maintenance and diagnosis of OSPFv3 is more difficult.
To maintain and diagnose OSPFv3, use the following commands.
Command Function
ZXR10(config)#show ipv6 ospf <process id> Shows an OSPFv3 instance.
ZXR10(config)#show ipv6 ospf database Shows the database information

about an OSPFv3 instance.
ZXR10(config)#show ipv6 ospf interface [<interface-name>] Shows the interface information

ZXR10(config)#show ipv6 ospf neighbor Shows the neighbor information

7-13

Command Function
ZXR10(config)#show ipv6 ospf virtual-links Shows the virtual link information

The following example shows the outputs of the command show ipv6 ospf:
ZXR10#show ipv6 ospf
Routing Process "ospfv3 1" with ID 1.1.1.8
socket enable
SPF schedule delay 5 secs. Hold time between two SPFs 10 secs
External distance 110. Inter-area distance 110. Intra-area distance 110
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
Number of external LSA 1. Checksum Sum 0x00985A
The number of ospfv3 routes is 3
Default metric is 20
Number of areas in this router is 2. 2 normal 0 stub
Area BACKBONE(0)
Number of interfaces in this area is 1
SPF algorithm executed 3 times
Number of LSA 5. Checksum Sum 0x02BC99
Number of Unknown LSA 0
Area 0.0.0.1
Number of interfaces in this area is 2
SPF algorithm executed 10 times
Number of LSA 9. Checksum Sum 0x045678
Number of Unknown LSA 0
The following example shows the outputs of the command show ipv6 ospf interface:
ZXR10#show ipv6 ospf interface
Vlan10 is up, line protocol is up
Link Local Address fe80::2f0:e0ff:fe21:201, Interface ID 2
Area 0.0.0.1, Process ID 1, Instance ID 0, Router ID 1.1.1.8
Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State BDR, Priority 1
Designated Router(ID) 1.1.1.9, local address fe80::2f0:e0ff:fe21:203
Backup Designated router(ID) 1.1.1.8,local address fe80::2f0:e0ff:fe21:201
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:08
Neighbor Count is 1, Adjacent neighbor count is 1
loopback1 is up, line protocol is up
Link Local Address fe80::2f0:e0ff:fe21:201, Interface ID 4
Area 0.0.0.0, Process ID 1, Instance ID 0, Router ID 1.1.1.8
Network Type LOOPBACK, Cost: 1
Loopback interface is treated as a stub Host
The following example shows the outputs of the command show ipv6 ospf database:
7-14

OSPFv3 Router with ID (1.1.1.8) (Process ID 1)

Router Link States (Area 0.0.0.1)
ADV Router Age Seq# Link count Bits
1.1.1.8 1260 0x8000000d 1 -|-|E|-
1.1.1.9 1247 0x8000000c 1 -|-|-|-
Net Link States (Area 0.0.0.1)
ADV Router Age Seq# Link ID Rtr count
1.1.1.9 1247 0x80000009 2 2
Inter Area Prefix Link States (Area 0.0.0.1)

ADV Router Age Seq# Prefix
1.1.1.8 1329 0x8000000a 100::100/64
Intra Area Prefix Link States (Area 0.0.0.1)

ADV Router Age Seq# Link ID Ref-lstype Ref-LSID
1.1.1.8 1262 0x8000000f 1 0x2001 0
1.1.1.9 1250 0x80000009 2 0x2002 2
Link (Type-8) Link States (Area 0.0.0.1)

ADV Router Age Seq# Link ID Interface
1.1.1.8 1332 0x8000000a 2 vlan10
1.1.1.9 1301 0x8000000a 2 vlan10
Link (Type-8) Link States (Area 0.0.0.1)

ADV Router Age Seq# Link ID Interface
1.1.1.8 1332 0x8000000a 3 vlan20
Type-5 AS External Link States

ADV Router Age Seq# Prefix
1.1.1.8 1333 0x80000009 666::1/64
7.4 OSPFv3 Configuration Examples

7.4.1 OSPFv3 Configuration Example 1
As shown in Figure 7-1, S1 and S2 establish a link via direct connection interfaces to
advertise their respective loopback address route.
7-15

Figure 7-1 OSPFv3 Configuration Example
1. Enable the IPv6 protocol on the direct connection interfaces of S1 and S2, configure
IPv6 addresses for the direct connection interfaces, configure loopback interfaces,
enable IPv6 on the loopback interfaces, and configure IPv6 addresses for the loopback
interfaces.
2. Configure OSPFv3.
3. Add the interfaces to OSPF area 0.
4. Check and verify the configuration results: Neighbors are correctly established
between the two routers, each router can learn the routes advertised by the peer
router, and each router can ping the peer loopback interface.
S1 configuration:
S1(config)#ipv6 router ospf 1
S1(config-ospfv3-1)#router-id 11.11.11.11
S1(config-ospfv3-1)#area 0
S1(config-ospfv3-1-area-0)#interface vlan10
S1(config-ospfv3-1-if-vlan10)#exit
S1(config-ospfv3)#interface loopback5
S1(config-ospfv3-1-if-loopback5)#exit
S1(config-ospfv3-1)#exit
S2 configuration:
7-16


S2(config-ospfv3-1)#interface loopback5
After completing the above configuration, run the commands show ipv6 ospf neighbor and
show ipv6 forwarding route on each router to check the established neighbors and routes.
Ping the peer loopback interface from each router. If both routers can ping the loopback
interface of the peer router, the configuration is successful.
Check and verify the configuration results as follows on S1:
S1(config)#show ipv6 ospf neighbor

OSPFv3 Process 1
Neighbor ID Pri State Dead Time Interface ID Interface
10.10.10.10 1 FULL/BDR 00:00:35 46 vlan10
S1#show ipv6 forwarding route 3550::52
IPv6 Routing Table:
Dest Owner Metric
Interface Pri Gw
3550::/64 O 1
vlan10 110 fe80:12::2d0:d0ff:feaf:cc10
S1#ping6 3550::52
!!!!!

S2(config)#show ipv6 ospf neighbor
OSPFv3 Process 1
11.11.11.11 1 FULL/DR 00:00:37 18 vlan10
S2#show ipv6 forwarding route 3555::52
IPv6 Routing Table:
7-17

Dest Owner Metric
Interface Pri Gw
3555::/64 O 1
vlan10 110 fe80:2e::2d0:d0ff:fe78:99dd
S2#ping6 3555::52
!!!!!
7.4.2 OSPFv3 Configuration Example 2

As shown in Figure 7-2, S1 and S2 establish a link with each other via the direct connection
interfaces, S1 and S2 establish the link in area 0 whereas S2 and S3 establish a link
with each other in area 10 to advertise their respective loopback address route, and S1
redistributes the direct route.
Figure 7-2 OSPFv3 Configuration Example 2
1. Enable the IPv6 protocol on the interfaces, configure IPv6 addresses for these
interfaces, configure loopback interfaces, enable IPv6 on the loopback interfaces,
and configure IPv6 addresses for the loopback interfaces.
2. Configure OSPFv3.
3. Add the interfaces to OSPFv3. S1 and S2 establish a link with each other in area 0,
S2 and S3 establish a link with each other in area 10, and S1 redistributes the direct
route.
7-18

4. Check and verify the configuration results: Neighbors are correctly established
between the routers, each router can learn the routes advertised by the other two
routers, and each router can ping the loopback interfaces of the other two routers.
S1 configuration:
S1(config-ospfv3-1)# area 0
S1(config-ospfv3-1)#redistribute connected
S2 configuration:
7-19

S3 configuration:
After completing the above configuration, run the commands show ipv6 ospf neighbor and
show ipv6 forwarding route on each router to check the established neighbors and routes.
Ping the loopback interfaces of the other two routers from each router. If each router can
ping the loopback interfaces of the other two routers, the configuration is successful.
Check and verify the configuration results as follows on R1:

S1(config)#show running-config ospfv3
!<ospfv3>
ipv6 router ospf 1
router-id 11.11.11.11
redistribute static
interface vlan10 area 0.0.0.0 instance 0
$
!</ospfv3>
S1#show ipv6 ospf neighbor
OSPFv3 Process 1
10.10.10.10 1 FULL/BDR 00:00:35 46 vlan10
S1#show ipv6 forwarding route ospf

IPv6 Routing Table:
7-20


Dest Owner Metric
Interface Pri Gw
2352::/64 O 1
3550::/64 O 1
3500::/64 O 2
S1#ping6 3550::55
!!!!!

S2#show running-config ospfv3
! <OSPFV3>
ipv6 router ospf 1
router-id 10.10.10.10
$
interface loopback5 area 0.0.0.0 instance 0
$
$
!
! </OSPFV3>

OSPFv3 Process 1
1.1.1.5 1 FULL/BDR 00:00:33 54 vlan20
11.11.11.11 1 FULL/DR 00:00:37 18 vlan10

IPv6 Routing Table:
Dest Owner Metric
Interface Pri Gw
7-21

3555::/64 O 1
vlan10 110 fe80:2e::2d0:d0ff:fe78:99dd
3500::/64 O 1
Vlan20 110 fe80:2d::1416:15ff:fe14:1212
S2#ping6 3555::55
!!!!!

S3#show running-config ospfv3
! <OSPFV3>
ipv6 router ospf 1
router-id 1.1.1.5
$
interface loopback5 area 0.0.0.10 instance 0
$
!
! </OSPFV3>

OSPFv3 Process 1
10.10.10.10 1 FULL/DR 00:00:31 45 vlan20

IPv6 Routing Table:
Dest Owner Metric
Interface Pri Gw
3611::/64 O 1
3550::/64 O 1
3555::/64 O 2
S3#ping6 3555::55
!!!!!
7-22

Chapter 8
IS-ISv6 Configuration
Table of Contents
IS-ISv6 Overview .......................................................................................................8-1
Configuring IS-ISv6 ....................................................................................................8-2
Maintaining IS-ISv6 ..................................................................................................8-13
IS-ISv6 Configuration Examples ...............................................................................8-17
8.1 IS-ISv6 Overview

The Intermediate System-to-Intermediate System (IS-IS) protocol is a routing protocol
developed by the International Organization for Standardization (ISO) for CLNS. It is a
network layer protocol of the OSI protocol suite. It has been expanded to support IP
routing and form an integrated IS-IS protocol. The IS-IS protocol currently mentioned
refers to the integrated IS-IS protocol.
The IS-IS protocol is used as an Interior Gateway Protocol (IGP) in plenty of networks.
Its operating mechanism is similar to that of the OSPF protocol. It divides a network into
multiple areas. The routers in an area can manage only the routing information in the area.
This saves router costs and thus makes it suitable for large- and medium-scale networks.
The IS-IS protocol also uses Dijkstra's SPF algorithm to compute routes. It uses the SPF
algorithm to obtain the optimal route according to the link status database and then adds
the route to the IP routing table.
IS-IS is a routing protocol with high expansibility, so it can support the expansion of the
CLNS routing protocol to support IPv4 and support IPv6.
RFC 5308 (Routing IPv6 with IS-IS) defines how to use IS-IS to support IPv6. It defines
two new Tag, Length, Values (TLVs): IPv6 Reachability TLV and IPv6 Interface Address
TLV.
l The TLV type value of the IPv6 Reachability TLV is 236 (0xEC). Its TLV effects are
equal to the two TLVs of IPv4: IP internally reachable and IP externally reachable.
Up/down and external are defined in this TLV and are used to indicate that routes are
redistributed mutually in the L2/L1 and to determine whether a route is an external
route.
l The TLV type value of the IPv6 Interface Address TLV is 232 (0xE8). Its TLV effects
are equal to the TLV of IPv4: IP port address. The difference is that the original 32-bit
address segment is superseded by the 128-bit address segment in the new TLV.
l The operating principles of IS-ISv6 are similar to those of IS-ISv4. For details, please
refer to "IS-IS Configuration" in IPv4 Routing Volume.
8-1

8.2 Configuring IS-ISv6

Configuring Basic Information
In this manual, it is assumed that the process-id is 0, and the VLANXinterface is used.
To configure the basic information about IS-ISv6, perform the following steps:
1 ZXR10(config)#router isis[<process-id>][vrf <vrf-name>] Enables the IS-ISv6 routing

protocol process.
2 ZXR10(config-isis-0)#system-id <system-id>[range Configures the system ID of a

<range-number>] route instance.
ZXR10(config-isis-0)#area <area-address> Designates the area address

of IS-ISv6.
3 ZXR10(config-isis-0)#interface <interface-name> Adds an interface to the

IS-ISv6 route entity.
4 ZXR10(config-isis-0-if-vlanX)#ipv6 router isis Runs the IS-ISv6 protocol on

an interface.
<process-id> IS-IS process ID, range: 0-65535.
<vrf-name> Specifies the VRF name, range: 1-32 characters.
<system-id> Specifies the System ID of the instance, which is a

hexadecimal string of 6 bytes in the form of xxxx.xxxx.xxxx.
range <range-number> Specifies the extensible range of the System ID. The
value range is 0-32. The default value is 0. The instance
will assume an ID ranging from System ID to System
ID+<range-number>.
<area-address> Specifies the area address, which is a hexadecimal string

of 1 to 13 bytes.
Configuring IS-ISv6 Global Parameters

If all the routers in the network are the ZXR10, the default parameters can be used during
IS-IS configuration. If other vendors' routers exist in the network and interconnect with the
ZXR10, however, the relevant interface parameters and timers may need to be changed
so as to enable the IS-IS protocol to run more efficiently in the network.
8-2

Chapter 8 IS-ISv6 Configuration
IS-IS parameter configuration includes the configuration of global parameters and the
configuration of interface parameters. The global parameters of IS-ISv6 need to be
configured in IS-ISv6 routing mode (some parameters are configured under the IS-ISv6
address suite).
To configure the global information about IS-ISv6, perform the following steps:
1 ZXR10(config)#router isis [<process-id>][vrf <vrf-name>] Enables the IS-ISv6 routing

protocol process.
2 2.1 ZXR10(config-isis-0)#area <area-address> Designates the area

address of IS-ISv6.
2.2 ZXR10(config-isis-0)#system-id <system-id>[ra Configures the system ID of

nge <range-number>] IS-ISv6.
2.3 ZXR10(config-isis-0)#authentication-type Configures the

{hmac-md5|text}[{level-1|level-2}] authentication mode of
the IS-ISv6 route entity.
2.4 ZXR10(config-isis-0)#ignore-lsp-errors[disable] Sets the IS-ISv6 to ignore

LSP checksum errors.
2.5 ZXR10(config-isis-0)#is-type {level-1 | level-2-only Configures the routing level

| level-1-2} for a router.
2.6 ZXR10(config-isis-0)#lsp-refresh-time <interval> Configures the LSP refresh

time.
2.7 ZXR10(config-isis-0)#max-lsp-lifetime <interval> Configures the maximum

LSP life time.
2.8 ZXR10(config-isis-0)#metric-style {narrow | wide} Configures the metric style

of the router.
2.9 ZXR10(config-isis-0)#authentication {encrypted Configures the LSP/SNP

<password>|clear <password>|<password>}[{level-1 authentication of IS-ISv6.
|level-2}]
2.10 ZXR10(config-isis-0)#disable-snp-authentication Disables SNP

authentication.
This command must
be run to disable SNP
authentication if only
LSP authentication is
required after LSP/SNP
authentication is set.
ZXR10(config-isis-0)#enable-snp-authentication Enables SNP

authentication.
8-3

2.11 ZXR10(config-isis-0)#disable Disables the IS-ISv6

protocol.
ZXR10(config-isis-0)#enable Disables the IS-ISv6

protocol.
2.12 ZXR10(config-isis-0)#lsp-size {originate Configures the size of LSP

<size>|receive <size>} packets.
2.13 ZXR10(config-isis-0)#hostname dynamic {disable Configures the dynamic

| enable} host name mapping function
of IS-ISv6.
2.14 ZXR10(config-isis-0)#hello padding [multi-point | Pads 0 to each hello packet

point-to-point] sent on the interface till the
packet size equals the MTU
value of the interface.
3 ZXR10(config-isis-0)#address-family ipv6 Enters the IPv6 family

configuration mode.
4 4.1 ZXR10(config-isis-0-af)#distance <1-255> Configures the

administrative distance
of IS-ISv6 routes.
4.2 ZXR10(config-isis-0-af)#multi-topology Enables the multi-topology

function.
4.3 ZXR10(config-isis-0-af)#redistribute Configures the redistribution

<protocol>[level-1 | level-1-2 | level-2][metric of routes from other routing
<metric-value>][route-map <map-tag>] protocols into IS-ISv6.
4.4 ZXR10(config-isis-0-af)#set-overload-bi Sets the overload-bit in the

LSP packets sent by IS-IS
itself.
4.5 ZXR10(config-isis-0-af)#summary-prefix Configures IS-ISv6 route

X:X::X:X/<0-128>[ level-1 | level-1-2 | level-2 ][metric aggregation.
<metric-value>]
4.6 ZXR10(config-isis-0-af)#route-leak level-2 into Configures the leakage from

level-1 [route-map <map-tag>] level-2 to level-1 routes.
4.7 ZXR10(config-isis-0-af)#distribute-list route-map Configures IS-ISv6 route

<map-tag> in filter policy.
4.8 ZXR10(config-isis-0-af)#spf-interval Configures the minimum

<interval>[level-1 | level-2] interval for calculating the
topology of the IS-ISv6 .
4.9 ZXR10(config-isis-0-af)#maximum-paths Configures the maximum

<number> number of next hops.
8-4

For a description of the parameters in Step 2.1, refer to the following table:
<area-address> Specifies the area address, which is a hexadecimal string

of 1 to 13 bytes.
<system-id> Specifies the System ID of the instance, which is a

hexadecimal string of 6 bytes in the form of xxxx.xxxx.xxxx.
range <range-number> Specifies the extensible range of the System ID. The
value range is 0-32. The default value is 0. The instance
will assume an ID ranging from System ID to System
ID+<range-number>.
The IS-ISv6 protocol cannot be enabled if the system-id is not set.

hmac-md5| text Indicates that the authentication mode is HMAC-MD5 or text

authentication.
level-1 | level-2 Indicates the level to which the authentication mode applies.
level-1 | level-2-only | level-1-2 Specifies the level of the configured router. By default, a
router is a level-1-2 router.
This is a basic parameter involved in IS-IS configuration. It is used to define the operation
type of the router according to the practical networking condition. By default, IS-IS-enabled
router is identified as a level-1-2 router.
<interval> Specifies the periodic LSP refresh interval in the unit of

seconds. The value range is 1-65535. The default value is
900 seconds.
Set the LSP refresh interval of the IS-IS protocol so that the LSP packets locally generated
are periodically updated when the network is stable. By default, LSP packets are refreshed
at an interval of 900 seconds.
8-5

<interval> Specifies the maximum LSP lifetime in the unit of seconds.

The value range is 1-65535. The default value is 1,200
seconds.
Set the maximum LSP lifetime of the local IS-IS, that is, the lifetime of LSP packets locally
generated in the databases of all the reachable nodes. By default, the maximum lifetime
of LSP packets is 1,200 seconds.
narrow | wide Specifies the metric type (narrow or wide).

The narrow mode uses only 6 bits to carry the metric value,
whereas the wide mode uses 24 bits to carry it and supports
more TLVs to be carried.
The metric range in the narrow mode is smaller than that in the wide mode. In addition, the
wide mode supports more TLV extensions. By default, the metric-style is set to "narrow".
Topology creation may fail due to inconsistent settings of the metric-type between the two
routers to be interconnected.
encrypted Ciphertext tag.
<password> Ciphertext password, range: 24–140 characters.
clear Cleartext tag.
<password> Cleartext password, range: 1–100 characters.
<password> Cleartext password, range: 1–100 characters.
level-1 | level-2 Specifies the authentication range. The default value is

level-1-2.
After configuring this command, you also need to set the same authentication code for
SNP packets. By default, application also applies to SNP packets. To clear SNP packet
authentication, run the command disable-snp-authentication.
<size> Specifies the size of LSP packets in the unit of bytes. The
value range is 512-7680.
8-6

By default, the size of LSP packets transmitted on a broadcast link is 1,492 bytes. You
can run this command to specify the LSP packet size to a value between 512 and 7,680
bytes. It is not recommended that users run this command unless really necessary.
dynamic Indicates that the system name is dynamically obtained.
<1-255> Specifies the distance. The value range is 1-255. The default
value is 115.
The administrative distance of an IS-ISv5 route is used for IPv6 route computation. The
smaller the value, the better the IS-ISv6 route is than the routes obtained by other routing
means or other routing protocols.
<protocol> Specifies the route origin, which can be "connect", "static",

"rip", "ospf", or "bgp". This parameter is mandatory. To
redistribute IS-IS/OSPF routes, it is necessary to specify the
instance number.
level-1 | level-2 | level-1-2 Specifies the redistribution range. The default value is
"level-2".
metric <metric-value> Specifies the metric value of the redistributed route. The
value range is 0-4261412864. The default value is 10.
route-map <map-tag> Specifies the route map name for the current protocol
redistribution, which is a string of 1 to 31 characters.
If the metric-style is narrow, the value range of <metric-value> is 0-63. If the metric-style is
wide, the value range of <metric-value> is 0-426142864.
X:X::X:X/<0-128> Specifies the IPv6 network segment prefix.
8-7

level-1 | level-1-2 | level-2 Specifies the route aggregation level, which is "level-1-2" by
default.
When a local LSP packet of the corresponding level carries
non-local interface address information that indicates a route
with this network segment prefix, the route is then aggregated
to the set level according to the aggregate address.
metric <metric-value> Specifies the metric value of the redistributed route. The
The IS-ISv6 protocol may aggregate certain routing table entries into an aggregate route
and advertise it to other routers instead of advertising the specific routes.
route-map <map-tag> Specifies the route map name for protocol route redistribution,
which is a string of 1 to 31 characters.
For a description of the parameters in Step 4.8, refer to the following table.
<interval> Sets the route mapping name for the current protocol
reallocation, range: 1–31 characters.
level-1 | level-2 Sets the level for the interval that is used to calculate the
topology.
<number> Number of supported equivalent route entries, range: 1–32.
Note:
If the maximum-paths parameter is not set, only one equivalent route entry is supported.
Configuring IS-ISv6 Interface Parameters

The interface parameters of IS-ISv6 need to be set in interface mode. To configure the
interface parameters of the IS-ISv6 protocol, perform the following steps:
8-8

1 ZXR10(config)#router isis [<process-id>][vrf <vrf-name>] Enables the IS-ISv6 routing

protocol process.
2 ZXR10(config-isis-0)#interface <interface-name> Configures the IS-ISv6

protocol on the specified
interface.
3 3.1 ZXR10(config-isis-0-if-vlanX)#circuit-type Configures the circuit-type

{level-1 | level-1-2 | level-2-only} on an interface.
3.2 ZXR10(config-isis-0-if-vlanX)#csnp-interval Configures the interval at

<interval>[level-1 | level-2] which the IS-ISv6 protocol
sends CSNP packets on an
interface.
3.3 ZXR10(config-isis-0-if-vlanX)#hello-interval Configures the interval at

sends two consecutive hello
packets on an interface.
3.4 ZXR10(config-isis-0-if-vlanX)#hello-multiplier Configures the IS-ISv6 hello

<multiplier>[level-1 | level-2] multiplier on an interface.
3.5 ZXR10(config-isis-0-if-vlanX)#lsp-interval Configures the interval at

sends two consecutive
LSP packets on an
interface in the unit of
milliseconds. The value
range is 33-4294967040.
The default value is 33
millisecond.
3.6 ZXR10(config-isis-0-if-vlanX)#psnp-interval Configures the interval at

sends PSNP packets on an
interface.
3.7 ZXR10(config-isis-0-if-vlanX)#ipv6 metric Configures the IS-ISv6

<value>[level-1 | level-2] metric on an interface.
3.8 ZXR10(config-isis-0-if-vlanX)#authentication-t Configures the

ype {hmac-md5|text}[{level-1|level-2}] authentication mode of
IS-ISv6 hello packets.
3.9 ZXR10(config-isis-0-if-vlanX)#authentication Configures the

{encrypted <password>|clear <password>|<password authentication of IS-ISv6
>}[{level-1|level-2}] hello packets.
8-9

3.10 ZXR10(config-isis-0-if-vlanX)#priority Configures the IS-ISv6

<priority>[level-1 | level-2] password on the broadcast
network interface.
3.11 ZXR10(config-isis-0-if-vlanX)#retransmit-inter Configures the interval at

val <interval>[level-1 | level-2] which the IS-ISv6 protocol
retransmits LSP packets on
an interface.
3.12 ZXR10(config-isis-0-if-vlanX)#ipv6 router isis Enables the IS-ISv6 protocol

on an interface.
3.13 ZXR10(config-isis-0-if-vlanX)#max-burst Sets the maximum number

<number> of LSP packets to be sent
on an interface. The value
value is 1.
3.14 ZXR10(config-isis-0-if-vlanX)#mesh-group Sets the mesh-group

{<mesh group number>| blocked} function on an certain
interface.
3.15 ZXR10(config-isis-0-if-vlanX)#network Enables a LAN network

point-to-point interface to simulate a
point-to-point interface.
3.16 ZXR10(config-isis-0-if-vlanX)#passive-mode Sets as the passive interface

[with-original-metric] of IS-ISv6.
level-1 | level-1-2 | level-2-only Specifies the circuit type of an interface. Either option must
be selected. By default, the circuit type of an interface is
level-1-2.
This is a basic parameter involved in IS-IS configuration to specify the operation type for
an interface. The default value is level-1-2. The value needs to match the IS-IS global
operation type. The settings of this parameter must also be matched between two routers
establishing adjacency.
<interval> Specifies the interval at which the IS-ISv6 protocol sends

CSNP packets in the unit of seconds. The value range is
1-65535. The default value is 10 seconds for a broadcast link
and 3,600 seconds for a point-to-point link.
8-10

level-1 | level-2 Specifies the applicable scope of the CSNP interval (level-1
CSNP or level-2 CSNP). By default, the interval takes effect
for both level-1 and level-2.
The above parameters specify the CSNP packet sending interval. When the optional
parameter is not carried in the command, the set interval takes effect for both level-1 CSNP
and level-2 CSNP on the interface.
<interval> Specifies the interval at which the IS-ISv6 sends hello

packets on an interface in the unit of seconds. The value
level-1 | level-2 Specifies the applicable scope of the hello interval (level-1
hello or level-2 hello). By default, the interval takes effect
When the optional parameter is not carried in the command, the set interval takes effect
for both level-1 hello and level-2 hello on the interface.
<multiplier> Specifies the IS-ISv6 hello multiplier on an interface. The

level-1 | level-2 Specifies the applicable scope of the hello multiplier (level-1
or level-2). By default, the hello multiplier takes effect for both
level-1 and level-2.
When the optional parameter is not carried in the command, the set multiplier takes effect
<interval> Specifies the interval at which the IS-ISv6 sends PSNP

packets on an interface in the unit of seconds. The value
level-1 | level-2 Specifies the applicable scope of the PSNP interval (level-1
PSNP or level-2 PSNP). By default, the interval takes effect
8-11

In general, PSNP is used in point-to-point networks. When the optional parameter is not
carried in the command, the set interval takes effect for both level-1 PSNP and level-2
PSNP on the interface.
<value> Specifies the metric value of an interface. The value range

is 1-16777215. The set metric value takes effect after the
multi-topology function is enabled. The default value is 10.
level-1 | level-2 Specifies the applicable scope of the metric value (level-1
or level-2).
The above parameters set the metric value for IS-ISv6 SPF computation on an interface.
When the optional parameter is not carried in the command, the metric-value takes effect
for both level-1 metric and level-2 metric on the interface.
hmac-md5| text Indicates that the authentication mode is HMAC-MD5 or

text authentication. By default, the text authentication mode
applies to hello packet authentication and takes effect for
both level-1 hello and level-2 hello.
level-1 | level-2 Indicates the level to which the authentication mode applies.
encrypted Ciphertext tag
<password> Ciphertext password, range: 24–140 characters
clear Cleartext tag
<password> Cleartext password, range: 1–100 characters
<password> Cleartext password, range: 1–100 characters
level-1 | level-2 Authentication scope, default: level-1-2
<priority> Sets the port priority in the unit of seconds. The value range
is 0-127. The default value is 64.
level-1 Indicates that the router is in the level-1 area.
level-2 Indicates that the router is in the level-2 area.
8-12

The above parameter settings exist only for broadcast links. When the optional parameter
is not carried, the priority takes effect for both level-1 priority and level-2 priority.
<interval> Specifies the retransmission interval in the unit of seconds.

The value range is 1-65535. The default value is 5 seconds.
level-1 | level-2 Specifies the applicable scope of the LSP retransmission

interval (level-1 or level-2). By default, the interval takes
effect for both level-1 and level-2.
The above parameter settings exist only for point-to-point links. When the optional
parameter is not carried, the set retransmission interval takes effect for both level-1
retransmission interval and level-2 retransmission interval.
<mesh group number> Specifies the mesh-group to which the interface belongs. The
value range is 1-4294967295.
blocked Indicates that LSP packets are blocked on the interface.
8.3 Maintaining IS-ISv6

To maintain IS-ISv6, run the following commands:
Command Function
ZXR10(config)#show isis adjacency [up-time][{level-1 | Shows IS-ISv6 neighbor

level-2}][process-id <process-id>] information.
ZXR10(config)#show isis database [{level-1 | level-2}][detail][pr Shows the current IS-ISv6

ocess-id <process-id>] database.
ZXR10(config)#show isis circuits [{process-id | detail [process-id Shows IS-ISv6 port information.
<process-id>]}]
ZXR10(config)#show isis ipv6 route [<ipv6-address>][ipv6-prefi Shows the current IS-ISv6 route
x][{level-1 | level-2}][detail][summary] table
ZXR10(config)#show isis ipv6 topology [{level-1 | Shows IS-ISv6 topology

level-2}][process-id <process-id>] information.
ZXR10(config)#show isis hostname [process-id<process-id>] Shows current IS-ISv6 hostname

information.
ZXR10(config)#show isis mesh-groups{blocked | Shows IS-ISv6 mesh-group

group}[process-id<process-id>] information.
8-13

process-id<process-id> IS-IS instance number, range: 0-65535.
level-1 Shows the neighbors in the level-1 area.
level-2 Shows the neighbors in the level-2 area.
up_time Shows the neighbor up-time.
vrf <vrf-name> Specifies the VRF name, which is a string of 1 to 32

characters.
verbose Shows the current verbose database information.
The following is a sample output from the show isis adjacency command:
ZXR10(config)#show isis adjacency
Process ID: 1
Interface System id State Lev Holds SNPA(802.2) Pri MT
vlan1 1111.1111.1111 UP/UP L1L2 27/27 00E0.D023.0203 64
ZXR10(config-isis-0-if-vlan100)#show isis adjacency process-id 1
Process ID: 1
vlan2 AAAA.AAAA.AAAA UP L1 21 00E0.D023.0203 64
ZXR10(config-isis-0-if-vlan100)#show isis adjacency up-time level-1 process-id 1
Process ID: 1
Interface System id State Lev Holds Pri MT Time
vlan1 1111.1111.1111 UP L1 22 64 000:00:01:1
For a description of the sample output from the show isis adjacency command, refer to the
following table:
Process-id IS-IS instance number, range: 0–65535
Interface Indicates the interface name.
System ID Indicates the system ID of the neighbor, displayed as the

mapped hostname.
State Indicates the status, which may be "UP" or "INIT".
Level Indicates the level, which may be "L1", "L2", or "L1L2".
Holds Indicates the hold time.
SNPA Indicates the port address of the neighbor in the format of

<snpa type> xx.xx.xx.xx.xx.xx.
Pri Indicates the priority of DIS election.
MT Indicates that the peer supports multi-topology.
8-14

The following is a sample output from the show isis database command:
ZXR10#show isis database
Process ID:0
IS-IS Level-1 Link State Database:
LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL
2.00-00* 0x42 0xb2a1 918 1/0/0
IS-IS Level-2 Link State Database:
LSPID LSP Seq Num LSP Checksum LSP Holdtime ATT/P/OL
1.00-00 0x4f 0x7e94 918 0/0/0
2.00-00* 0x4d 0x3977 917 0/0/0
2.02-00* 0x48 0x1f29 917 0/0/0
For a description of the sample output from the show isis database command, refer to the
following table:
Process-id IS-IS instance number, range: 0–65535.
LSP ID Indicates the LSP ID in the form of xxxx.xxxx.xxxx.xx-xx.
LSP Seq Num Indicates the LSP sequence number in the form of
0xdddddddd.
LSP Checksum Indicates the LSP checksum in the form of 0xdddd.
LSP Holdtime Indicates the LSP lifetime in the form of a common number.
ATT/P/OL Indicates the ATT (Whether to connect with external areas)

flag bit/partitioning bit/overload bit.
The following is a sample output from the show isis circuit command:
ZXR10(config)#show isis circuits
Process ID: 0
Interface State Lev CirId Level1-DR Level2-DR Pri(L1/L2)
vlan1 Up L1L2 2 Dis is me Dis is me 64/64
For a description of the sample output from the show isis circuit command, refer to the
following table:
Interface Indicates the interface name.
State Indicates whether the IS-IS protocol is enabled on the

interface. "UP" indicates that the IS-IS protocol is enabled.
"DOWN" indicates that the protocol is disabled.
Lev Indicates the port level, which can be "L1", "L2", or "L1L2".
CirId Indicates the port ID.
8-15

Level1–DR Indicates the level-1 designated router on the port, which can
be "xxxx.xxxx.xxxx.xx", "No found", "Disabled", "Dis is me",
"P to P" and so on.
Level2–DR Indicates the level-2 designated router on the port, which can
be "xxxx.xxxx.xxxx.xx", "No found", "Disabled", "Dis is me",
"P to P" and so on.
Pri(L1/L2) Indicates the L1/L2 priority set on the port.
The following is a sample output from the show isis ipv6 route command:
ZXR10(config)#show isis ipv6 route
IS-IS Local IPv6 Routing Table
Codes: I1 - ISIS L1, I2 - ISIS L2
Porcess ID: 1
I1 1001::/64 [115/20]
via fe80::200:0:0:0,vlan2
I2 1002::/64 [115/30]
via fe80::200:0:0:0,vlan2
There are totally 2 routes.
For a description of the sample output from the show isis ipv6 route command, refer to the
following table:
I1 ISIS L1 route information
I2 ISIS L2 route information
The following is a sample output from the show isis topology command:
ZXR10(config)#show isis topology
Process ID: 0
IS-IS paths to Level-1 routers
System id Metric Next-Hop Interface SNPA
1 --
59E 10 59E vlan200 0059.28E0.0801
IS-IS paths to Level-2 routers
1 --
59E 10 59E vlan200 0059.28E0.0801
2 10 2 vlan100 00D0.D0C7.FFE0
For a description of the sample output from the show isis topology command, refer to the
following table:
8-16

System id Indicates the system ID of the neighbor in the format of

xxxx.xxxx.xxxx.
Metric Indicates the metric to the neighbor.
Next-Hop Indicates the system-id of the next-hop router.
Interface Indicates the egress interface.
SNPA Indicates the port address of the neighbor in the format of

<snpa type> xx.xx.xx.xx.xx.xx.
8.4 IS-ISv6 Configuration Examples

8.4.1 Single-Area IS-ISv6 Configuration Example
This example shows how to configure the IS-ISv6 protocol on a single-area network shown
in Figure 8-1.
Figure 8-1 Single-Area IS-ISv6 Configuration Example
1. Enable the IPv6 protocol on the direct connection interfaces of S1 and S2, configure
IPv6 addresses for the direct connection interfaces, configure loopback interfaces,
enable IPv6 on the loopback interfaces, and configure IPv6 addresses for the loopback
interfaces.
2. Configure the IS-ISv6 protocol and ensure that the system-ids of the two routers are
not the same. If the IPv4 IS-IS protocol has been configured on certain interfaces of
the two routers, set both routers to the multi-topology mode. To set the multi-topology
mode, first set the metric type of the IS-IS protocol to "wide". If the IPv4 IS-IS protocol
is not configured on any interface of the two routers, adjacency can be established
through the default single-topology settings on the two routers. If any interface of either
router is configured with an IPv4 address and the IS-IS protocol, IS-ISv6 neighbors
can be established through the single-topology function on the two routers. In the
latter case, the interface needs to be configured with both an IPv4 address and an
8-17

IPv6 address as well as the commands ip router isis and ipv6 router isis. Here, the
multi-topology environment is taken as an example.
3. Enable the IS-ISv6 protocol on the interfaces.
4. Check and verify the configuration results: Neighbors are correctly established be-
tween the routers, and each router correctly computes the IPv6 topology and can suc-
cessfully ping the loopback interface of the peer router.
S1 configuration:
S1(config)#router isis
S1(config-isis-0)#area 47.0005
S1(config-isis-0)#system-id 0000.0000.0011
S1(config-isis-0)#metric-style wide
S1(config-isis-0)#interface vlan10
S1(config-isis-0-if-vlan10)#ipv6 router isis
S1(config-isis-0-if-vlan10)#exit
S1(config-isis-0)#interface loopback5
S1(config-isis-0-if-loopback5)#ipv6 router isis
S1(config-isis-0-if-loopback5)#exit
S1(config-isis-0)#address-family ipv6
S1(config-isis-0-af)#multi-topology
S1(config-isis-0-af)#end
S2 configuration:
S2(config-isis-0)#area 47.0005
8-18

After the configuration is completed, run the show command on each router to check the
configuration information: Neighbors are correctly established between the routers, and
each router correctly computes the IPv6 topology and can successfully ping the loopback
interface of the peer router.
First verify the configuration results on S1. Run the command show running-config isis to
check the IS-IS configuration information as follows:
S1#show running-config isis

! <ISIS>
router isis 0
area 47.0005
system-id 0000.0000.0011
metric-style wide
address-family ipv6
multi-topology
$
interface vlan10
ipv6 router isis
$
interface loopback5
ipv6 router isis
$
! </ISIS>
Run the command show isis adjacency to check whether the neighbor status is normal, that
is, check whether the state field is UP. After the neighbor is established, the state field
should indicate "UP":
S1#show isis adjacency
vlan10 S2 UP/UP L1L2 7/6 00D0.D0AF.CC10 64/64 M
Run the command show isis ipv6 topology to check whether the topology is correctly
computed (For the single-topology environment, run the command show isis topology
instead to check it). If the topology has been successfully computed, the execution results
8-19

will indicate the following item. If the metric is "–", it indicates the local router. If the metric
is "xx", it indicates that the destination is unreachable.
S1#show isis ipv6 topology
IS-IS IPv6 paths to Level-1 routers
S1 ----
S2 10 S2 vlan10 00D0.D0AF.CC10
S1 ----
S2 10 S2 vlan10 00D0.D0AF.CC10
Run the command show isis circuits to check the interface information and Designate IS
(DIS) election. If the interface status is "UP", the interface is normal. If the interface status
is "DOWN", the interface is abnormal. Then it is necessary to check the link status. The
Level1-DR item shows the system-id of the DIS.
S1#show isis circuits
IS-IS interface database:
loopback5 Up L1L2 0 Disabled Disabled -/-
vlan10 Up L1L2 2 S2.02 S2.02 64/64
Run the command show ipv6 forwarding route isis_l1 or show ipv6 forwarding route isis_l2
to check route advertisement. If route advertisement is normal, the route advertised by the
loopback interface of the peer router can be seen.
S1#show ipv6 forwarding route isis_l1
IPv6 Routing Table:
Dest Owner Metric Interface Gw
3550::/64 I1 20 vlan10 fe80:12::2d0:d0ff:feaf:cc10
If neighbor establishment and route advertisement are normal, the loopback interface of
the peer route can be pinged through:
S1#ping6 3550::52
!!!!!
Similarly, verify the configuration results on S2 as follows:

! <ISIS>
router isis 0
area 47.0005
system-id 0000.0000.0022
metric-style wide
address-family ipv6
multi-topology
8-20

$
interface vlan10
ipv6 router isis
$
interface loopback5
ipv6 router isis
$
! </ISIS>

vlan10 S1 UP/UP L1L2 25/25 00D0.D078.99DD 64/64 M

S1 10 S1 vlan10 00D0.D078.99DD
S2 ----
S1 10 S1 vlan10 000D0.D078.99DD
S2 ----
S2#show isis circuits

IS-IS interface database:
loopback5 Up L1L2 0 Disabled Disabled 64/64
vlan10 Up L1L2 2 Dis is me Dis is me 64/64
S2#show ipv6 forwarding route isis_l1

IPv6 Routing Table:
3555::/64 isis_l1 20 vlan10 fe80:2e::2d0:d0ff:fe78:99dd
S2#ping6 3555::52
!!!!!
8.4.2 Multi-Area IS-ISv6 Configuration Example

For a large-scale network, the use of multiple areas shall be considered in IS-IS. Set the
near routers to be in one area according to their positions and functions because area
8-21

division is helpful to decrease the demand for memory, and the routers in each area only
need to maintain a smaller link state database.
Figure 8-2 shows a multi-area IS-IS instance. S1 is in Area 1, S2 in Area 0, and S3 and
S4 in Area 2. On S1, perform route aggregation for the network segments in Area 1. The
direct routes are redistributed to the IS-IS on R4.
Figure 8-2 Multi-Area IS-ISv6 Configuration Example
1. Enable the IPv6 protocol on the interfaces, configure IPv6 addresses for these
interfaces, configure loopback interfaces, enable IPv6 on the loopback interfaces,
and configure IPv6 addresses for the loopback interfaces.
2. Configure the IS-ISv6 protocol and ensure that the system-ids of the routers are not
the same. Establish L2 neighbors between S2 and S1/S3, and establish L1 neighbors
between S3 and S4. Here, the multi-topology environment is taken as an example.
3. Enable the IS-ISv6 protocol on the interfaces.
4. Enable route aggregation on S1.
5. Redistribute the direct route on S4.
6. Check and verify the configuration results: The routers can correctly establish
neighbors and correctly compute the IPv6 topology, and the interface addresses of
the routers can be successfully pinged from each other
S1 configuration:
S1(config-if-loopback1)#ipv6 address 2000:0:0:1::1/64
8-22

S1(config-isis-0)#area 01
S1(config-isis-0)#is-type level-1-2
S1(config-isis-0-if-vlan10)#circuit-type level-2-only
S1(config-isis-0-if-loopback1)#circuit-type level-2-only
S1(config-isis-0-af)#summary-prefix 2000::/48
S2 configuration:
S2(config-if)#ipv6 enable
S2(config-if)#ipv6 address 2003::2/64
S2(config-if)#exit
S2(config-if)#exit
8-23

S2(config-isis-0)#is-type level-2
S3 configuration:
S3(config-if)#exit
S3(config-if)#exit
S3(config-isis-0)#is-type level-1-2
S3(config-isis-0-if-vlan20)#circuit-type level-2
S4 configuration:
8-24

S4(config-if)#exit
S4(config-if)#exit
S4(config-isis-0)#is-type level-1
S4(config-isis-0-af)#redistribute connected level-1 metric 10
After the configuration is completed, run the show command on each router to check the
configuration information: Neighbors are correctly established, the topology is computed,
and interfaces can be pinged.
First verify the configuration results on S1. Run the command show running-config isis to
check the IS-IS configuration information as follows:
! <ISIS>
router isis 0
area 01
system-id 0000.0000.0011
metric-style wide
address-family ipv6
multi-topology
summary-address 2000::/48
$
interface vlan10
ipv6 router isis
circuit-type level-2-only
$
interface loopback1
8-25

ipv6 router isis

$
interface loopback2
ipv6 router isis
$
interface loopback3
ipv6 router isis
$
! </ISIS>
Run the command show isis adjacency to check whether the neighbor status is normal, that
is, check whether the state field is UP. After the neighbor is established, the state field
should indicate "UP":
vlan10 S2 UP L2 7 00D0.D078.99D2 64 M
Run the command show isis ipv6 topology to check whether the topology is correctly
computed (For the single-topology environment, run the command show isis topology
instead to check it). If the topology has been successfully computed, the execution results
will indicate the following item. If the metric is "–", it indicates the local router. If the metric
is "xx", it indicates that the destination is unreachable.
S1 ---
S1 --
S2 10 S2 vlan10 00D0.D078.99D2
S3 20 S3 vlan10 00D0.D078.99D2
Run the command show ipv6 forwarding route isis_l2 to check route advertisement. If route
advertisement is normal, the route advertised by the loopback interface of the peer router
can be seen.
S1#show ipv6 forwarding route isis-l2
IPv6 Routing Table:
2001::/64 l2 20 vlan10 fe80:2e::2d0:d0ff:fe78:99d2
8-26

If neighbor establishment and route advertisement are normal, the loopback interface of
R4 can be pinged through:
S1#ping6 2400::4
!!!!!
Success rate is 100 percent(5/5),round-trip min/avg/max=97/120/156 ms.
Similarly, verify the configuration results on S2 as follows:

! <ISIS>
router isis 0
area 00
system-id 0000.0000.0012
is-type level-2-only
metric-style wide
address-family ipv6
multi-topology
$
interface vlan10
ipv6 router isis
$
interface vlan20
ipv6 router isis
$
! </ISIS>

vlan10 S1 UP L2 25 00D0.D078.99D1 64 M
vlan20 S3 UP L2 25 00D0.D078.99D3 64 M

S1 10 S1 vlan10 00D0.D078.99D1
S2 --
S3 10 S3 vlan20 00D0.D078.99D3

IPv6 Routing Table:
2000::/48 I2 10 vlan10 fe80:2e::2d0:d0ff:fe78:99d1
8-27

Verify the configuration results on S3 as follows:

! <ISIS>
router isis 0
area 02
system-id 0000.0000.0013
metric-style wide
address-family ipv6
multi-topology
$
interface vlan20
ipv6 router isis
$
interface vlan30
ipv6 router isis
circuit-type level-1
$
! </ISIS>

vlan30 S4 UP L1 25 00D0.D078.99D4 64 M
vlan20 S2 UP L2 25 00D0.D078.99D2 64 M

S3 --
S4 10 S4 vlan10 00D0.D078.99D4

S1 10 S1 vlan20 00D0.D078.99D2
S2 20 S2 vlan20 00D0.D078.99D2
S3 --

IPv6 Routing Table:
Verify the configuration results on R4 as follows:
8-28


! <ISIS>
router isis 0
area 02
system-id 0000.0000.0014
is-type level-1
metric-style wide
address-family ipv6
multi-topology
redistribute connected level-1 metric 10
$
interface vlan30
ipv6 router isis
circuit-type level-1
$
! </ISIS>

vlan30 S3 UP L1 25 00D0.D078.99D3 64 M

S3 10 S3 vlan30 00D0.D078.99D3
S4 --
S4#show ipv6 forwarding route

IPv6 Routing Table:
::/0 l1 10 vlan30 fe80:2e::2d0:d0ff:fe78:99d3
S4#ping6 2000:0:0:1::1
sending 5,100-byte ICMP echoes to 2000:0:0:1::1,timeout is 2 seconds.
!!!!!
8-29

8-30

Chapter 9
BGP4+ Configuration
Table of Contents
BGP4+ Overview........................................................................................................9-1
Configuring BGP4+ ....................................................................................................9-1
Maintaining BGP4+ ....................................................................................................9-2
BGP4+ Configuration Examples .................................................................................9-8
9.1 BGP4+ Overview

The Border Gateway Protocol (BGP) is a routing protocol applied between ASs to
exchange network reachability information between the ASs. The information covers a
list of ASs that a route passes. It is sufficient for establishing a diagram indicating the
connection status of the ASs. This makes possible AS-based routing policies and at the
same time solves the route loop issue.
BGP4+ is an extension of BGP. It assumes the basic message format of BGP4 as defined
in RFC 1771 but added with the extended attributes defined in RFC 2858 to transmit IPv6
routing information, and processes all IPv6 routes according to RFC 1771. BGP4+ also
supports the extended functions such as BGP route reflection and BGP alliance as defined
in RFC 1966 and RFC 1997. It has the following features:
l Supporting route aggregation
l Employing TCP as the bottom-layer protocol and using TCP port 179 to guarantee
reliable running
l Transmitting route updates only
l Periodically sending the keepalive signal to guarantee normal TCP connections
l Possessing complete metrics
l Boasting of abundant attributes and powerful control functions
l Suiting huge networks
The operating principles of BGP4+ are similar to those of BGP. For details, please refer
to the "BGP Configuration" chapter in ZXR10 M6000 (V1.00.30) Carrier-Class Router
Configuration Guide (IPv4 Routing Volume).
9.2 Configuring BGP4+

The commands for configuring BGP4+ are similar to those for configuring BGP in IPv4,
except that the ZXR10 5960 supports IPv6 address configuration. For details, please refer
to the "BGP Configuration" chapter in ZXR10 5950-H Series All Gigabit Intelligent Routing
Switch Configuration Guide (IPv4 Routing Volume).
9-1

9.3 Maintaining BGP4+

Common Maintenance Commands for Viewing Information
Certain debugging commands can be used to locate and remove BGP route faults. The
show command is most commonly used and can be run on a router to show the current
BGP neighbors and the BGP routes learned by the router.
To maintain BGP, run the following commands:
Command Function
ZXR10(config)#show ip bgp protocol Shows configuration information

about the BGP protocol module.
ZXR10(config)#show bgp ipv6 unicast neighbor Shows BGP adjacency and the
current neighbor status.
ZXR10(config)#show bgp ipv6 unicast Shows the entries in the BGP

routing table.
ZXR10(config)#show BGP ipv6 unicast summary Shows the states of all BGP
neighbors.
The following is a sample output from the show ip bgp protocol command:
E1#show ip bgp protocol

BGP router ID is 1.1.1.11, Local as is 100
Hold time is 180 seconds, KeepAlive time is 60 seconds
Default local preference is 100
Default export metric is 0
IPv4 IGP synchronization is disabled
IPv6 IGP synchronization is disabled
Default information advertise is disabled
Always compare med is disabled
Fast fallover is enabled
Client-to-client reflection is enabled
Enforce-first-as is enabled
IPv4 client-number: 1
IPv4 unicast is activated
BGP FRR is disabled
BGP IPv6 frr is disabled
Router target is filtered
Graceful restart is disabled
As-path ignore is disabled
Router-id ignore is disabled
BGP advertise-active-only is disabled
BGP VPNv4 advertise-active-only is disabled
BGP IPv4 rib-only is disabled
9-2

Chapter 9 BGP4+ Configuration
BGP IPv6 rib-only is disabled

Route dampening is disabled
Distance : external 20 internal 200
RT constraint filter is enabled
Number of all peer : 8
Number of enabled peer : 8
Number of disabled peer : 0
Number of establised peer : 1
Number of actived ipv4 peer : 2
Number of actived ipv6 peer : 5
Number of actived vpnv4 peer : 1
Number of actived ipv4_multi peer : 0
For a description of the sample output from the show ip bgp protocol command, refer to
the following table:
Hold time is 180 seconds, KeepAlive Indicates that the hold time is 90 seconds and the keepalive
time is 60 seconds time is 30 seconds.
Default local preference is 100 Indicates that the default local preference is 100.
IPv4 IGP synchronization is disabled BGP routing table is synchronized with IPv4 IGP routing table
(by default, they are not synchronized).
IPv6 IGP synchronization is disabled BGP routing table is not synchronized with IPv6 IGP routing
table (by default, they are not synchronized).
Default export metric is 0 Indicates the default export metric is 0.
Distance : external 20 internal 200 Indicates that the external administrative distance is 20 and
the internal administrative distance is 200.
The following is a sample output from the show bgp ipv6 unicast neighbor command:
ZXR10#show BGP ipv6 unicast neighbor
BGP neighbor is 2002:9::2, remote AS 300, external link
BGP version 4, remote router ID 218.231.0.1
BGP state = Established, up for 00:13:58
Last read update 00:13:58, hold time is 90 seconds, keepalive interval is 30
seconds
Neighbor capabilities:
Route refresh: advertised and received
New ASN Capability: advertised
Address family IPv4 Unicast: received
IPv4 MPLS Label capability: received
Address family IPv4 Multicast: received
Address family VPNv4 Unicast: received
Address family IPv6 Unicast: advertised and received
IPv6 MPLS Label capability: received
9-3

Address family VPNv6 Unicast: received

Address family IPv6 Multicast: received
All received 31 messages
1 updates, 0 errs
1 opens, 0 errs
29 keepalives
0 vpnv4 refreshes, 0 ipv4 refreshes, 0 ipv4 multicast refreshes, 0 ipv6
refreshes, 0 ipv6 multicast refreshes, 0 vpnv6 refreshes, 0 errs
0 notifications, 0 other errs
After last established received 29 messages
1 updates, 0 errs
0 opens, 0 errs
28 keepalives
refreshes, 0 ipv6 multicast refreshes, 0 ipv6 vpn refreshes, 0 errs
0 notifications, 0 other errs
All sent 33 messages
5 updates, 1 opens, 27 keepalives
refreshes, 0 ipv6 multicast refreshes, 0 vpnv6 refreshes,0 notifications
After last established sent 31 messages
5 updates, 0 opens, 26 keepalives
refreshes, 0 ipv6 multicast refreshes, 0 vpnv6 refreshes, 0 notifications
For address family: IPv4 Unicast no activate
All received nlri 0, unnlri 0, 0 accepted prefixes
All sent nlri 0, unnlri 0, 0 advertised prefixes
Maximum limit 4294967295
Threshold for warning message 75%
Minimum time between advertisement runs is 30 seconds
Minimum time between origin runs is 15 seconds
For address family: IPv4 Multicast no activate
For address family: VPNv4 Unicast no activate
For address family: IPv6 Unicast
Med attribute sent to this neighbor
9-4


For address family: VPNv6 Unicast no activate
Private AS number not removed from updates to this neighbor
For address family: IPv6 multicast no activate
Connections established 1
Local host: 2002:9::1, Local port: 4331
Foreign host: 2002:9::2, Foreign port: 179
For a description of the sample output, refer to the following table:
BGP neighbor is 2002:9::2, remote The IP address is the peer BGP address of the TCP
AS 300, external link connection. The peer belongs to AS 300. It is an EBGP
connection.
BGP version 4, remote router ID BGP-4 is used. The peer BGP router ID is 218.231.0.1.
218.231.0.1
BGP state = Established, up for Neighbor relation state is Established. The session has been
00:13:58 established for 13 minutes 58 seconds.
hold time is 90 seconds, keepalive The hold time is 90 seconds, and the Keepalive interval is
interval is 30 s 30 seconds.
Neighbor capabilities: The capability to describe the peer.
Route refresh: advertised and The neighbor supports enhanced router soft-reset.
received
Address family IP64 Unicast: The neighbor supports unicast NLRI.

advertised and received
All received 31 messages Totally 31 messages are received, among which there is
1 updates, 0 errs 1 open message, 1 update message and 29 keepalive
1 opens, 0 errs messages. There is no VPNV4 route update , no IPV4 route
29 keepalives update, no Notification message and no error message.
After last established received 29 Totally 29 messages are received since the neighbor
messages relationship was established last time, among which there is
1 updates, 0 errs 1 update message and 28 keepalive messages.
0 opens, 0 errs
28 keepalives
9-5

All sent 33 messages 5 updates, 1 Totally 33 messages are sent, among which there are 5
opens, 27 keepalives update messages, 1 open message and 27 keepalive
message.
After last established sent 31 Totally 31 messages are sent since the neighbor relationship
messages was established last time, among which there are 5 update
5 updates, 0 opens, 26 keepalives message, 0 open message and 26 keepalive messages.
For address family: IPv4 Unicast no Indicates that unicast IPv4 routes are described below. IPv4
activate unicast function is not activated.
All received nlri 0, unnlri 0, 0 accepted There is no NLRI message, no withdraw message and no
prefixes unicast prefix received.
All sent nlri 0, unnlri 0, 0 advertised here is no NLRI message, no withdraw message and no
prefixes unicast prefix sent.
Maximum limit 4294967295 The maximum limit is 4294967295s. The threshold to send
Threshold for warning message 75% warning messages is 75%.
For address family: IPv6 Unicast Indicates that unicast IPv6 routes are described below.
Med attribute sent to this neighbor MED attribute is sent to local device.
All received nlri 5, unnlri 0, 5 accepted There are 5 NLRI messages, no withdraw message and 5
prefixes unicast prefixes received.
All sent nlri 7, unnlri 6, 1 advertised There are 7 NLRI messages, 6 withdraw message and 1
prefixes unicast prefix received.
Maximum limit 4294967295 The maximum limit is 4294967295s. The threshold to send
Threshold for warning message 75% warning messages is 75%.
For address family: VPNv6 Unicast Indicates that unicast IPv6 routes are described below. IPv6
no activate unicast function is not activated.
For address family: IPv6 multicast no Indicates that multicast IPv6 routes are described below.
activate IPv6 multicast function is not activated.
Connections established 1 BGP neighbor relationship is established once with the peer.
Local host: 2002:9::1, Local port: Local IP host, including local IP address and TCP port
4331 number
Foreign host: 2002:9::2, Foreign port: Peer IP host, including peer IP address and TCP port number
179
The following is a sample output from the show bgp ipv6 unicast command:
ZXR10#show bgp ipv6 unicast

Status codes: *valid, >best, i-internal
Origin codes: i-IGP, e-EGP, ?-incomplete
Network Next Hop Metric LocPrf RtPrf Path
*> 1:1::/32 2002:9::2 100 300 i
9-6

*> 1:1:1::/64 2002:9::2 300 i

*> 1:1:1:1::/64 2002:9::2 300 i
*> 1:1:1:2::/64 2002:9::2 300 i
*> 1:1:1:3::/64 2002:9::2 300 i
*> 1:1:1:4::/64 2002:9::2 300 i
A symbol "*" before a route entry indicates that the route is valid. A route marked with
the symbol ">" indicates that it is the optimal route. A route marked with the symbol "i"
indicates that it is an IGP route. A route marked with the symbol "e" indicates that it is
an EGP route. A route marked with the symbol "?" indicates that the origin of the route is
incomplete.
Network Indicates the destination address.
Next-hop Indicates the next hop of the BGP route. A route with an
all-0s next hop indicates that the route is generated by the
local router itself.
Metric Indicates the route metric.
LocPrf Indicates the local preference of the routes learned by BGP.
RtPrf Distance of the route. The default distance of the

EBGP-advertised route is 20, and the distance of the
IBGP-advertised route is 200.
Path Indicates the route origin, which can be one of "IGP", "EGP"
and "incomplete".
The following is a sample output from the show bgp ipv6 unicast summary command:
ZXR10# show bgp ipv6 unicast summary
Neighbor Ver As MsgRcvd MsgSend Up/Down State/Pfx
Rcd
2002:2::2 4 400 7 11 00:15:45 Connect
2002:8::2 4 500 0 0 00:00:00 0
2002:9::2 4 300 37 38 00:17:44 5
Neighbor Indicates the BGP neighbor.
Ver Indicates the BGP version.
As Indicates the AS number of the neighbor.
MsgRcvd Indicates the number of messages received by BGP.
MsgSend Indicates the number of messages sent by BGP.
9-7

Up/Down(s) Indicates the connection establishment time.
State/PfxRcd Indicates the status of adjacency establishment. If the adjacency

has been established, a number is displayed to show the number of
received route entries. Otherwise, a letter is displayed to show the
status.
Common Alarm Information

The system will present major alarms in the form of alarms. This section lists some
common BGP alarms.
Alarm Code Description
Neighbor down/up BGP interface is up/down. Neighbor relationship is

established/un-established.
A complete alarm information record covers the alarm type, the alarm code, and the
additional information about the alarm. The alarm code indicates the essence of the
alarm and enables the alarm console to learn what the alarm is. An alarm may also carry
some additional information such as the alarm cause. For details about BGP alarms,
refer to the relevant alarm reference manual.
9.4 BGP4+ Configuration Examples

9.4.1 BGP4+ Route Reflector Configuration Example
In a network as shown in Figure 9-1, routers S1, S2, and S3 are Interior Border Gateway
Protocol (IBGP)-based but not fully meshed. To eliminate full meshing for IBGP, a route
reflector can be configured so that S3 can forward the routes it receives from an IBGP
neighbor to another IBGP neighbor. Considering that the routers with IBGP are not fully
meshed in AS 200, a route reflector can be configured to avoid full meshing.
9-8

Figure 9-1 BGP4+ Route Reflector Configuration Example
1. Enable BGP.
2. Specify neighbors.
3. Configure a route reflector group ID. Set the neighbors as route reflector clients.
4. Configure IGP to implement the interworking of routes in the AS200 (the configuration
is omitted). After the AS100 distributes route 1000::/64, the AS500 can learn the route.
S1 configuration:
S1(config)#router bgp 200
S1(config-bgp)#bgp router-id 1.1.1.1
S1(config-bgp)#neighbor 3fe6::1 remote-as 100
S1(config-bgp)#neighbor 2010::126 remote-as 200
S1(config-bgp)#address-family ipv6
S1(config-bgp-af-ipv6)#neighbor 3fe6::1 activate
S1(config-bgp-af-ipv6)#neighbor 2010::126 activate
S1(config-bgp-af-ipv6)#neighbor 2010::126 next-hop-self
S1(config-bgp-af-ipv6)#end
S2 configuration:
S2(config-bgp)#neighbor 6e22::1 remote-as 500
S2(config-bgp-af-ipv6)#neighbor 6e22::1 activate
9-9

S2(config-bgp-af-ipv6)#neighbor 3331::100 next-hop-self

S3 configuration:
S3(config-bgp-af-ipv6)#neighbor 2010::125 route-reflector-client
S3(config-bgp-af-ipv6)#neighbor 3331::101 route-reflector-client
9.4.2 BGP4+ General Configuration Example

This example describes how to configure BGP4+. It involves the practical use of BGP4+,
such as IBGP/EBGP neighbor establishment, routing policy, route redistribution, and
Message Digest 5 Algorithm (MD5) encryption.
As shown in Figure 9-2, EBGP neighbors are established between S4 and S1, IBGP
neighbors are established between S1 and S2, and multi-hop EBGP neighbors are
established between S2 and S5. S2 and S5 establish an EBGP multi-hop relation through
S3. Before BGP is configured, it is necessary to ensure that the addresses used for
neighbor establishment between the two routers can interwork with each other (via IGP;
IGP configuration is omitted in this example).
Figure 9-2 BGP4+ General Configuration Example
9-10

1. Create a BGP4 instance.
2. Configure BGP4+ neighbors and routing policies.
3. Configure the redistribution command and enable neighbors to advertise routes.
S4 configuration:
S4(config-bgp-af-ipv6)#redistribute static
S1 configuration:
S1(config-bgp)#neighbor 2003::2 next-hop-self
S2 configuration:
S2(config-bgp)#neighbor 2003::1 next-hop-self
S2(config-bgp)#neighbor 2007::5 ebgp-multihop
S2(config-bgp)#neighbor 2007::5 password hello
S5 configuration:
S5(config-bgp)#neighbor 2005::2 ebgp-multihop
S5(config-bgp)#neighbor 2005::2 password hello
9-11

Run the command show bgp ipv6 unicast summary on S1 to check the adjacency, as shown
below:
S1(config)#show bgp ipv6 unicast summary
Neighbor Ver As MsgRcvd MsgSend Up/Down State/PfxRcd
2003::2 4 1 12 12 00:25:34 0
2001::4 4 2 14 14 00:28:06 4
Run the command show bgp ipv6 unicast on S1 to check the routing table, as shown below:
S1(config)#show bgp ipv6 unicast
*> 2004:1::/64 2001::4 2 ?
*> 2004:2::/64 2001::4 2 ?
*> 2004:3::/64 2001::4 2 ?
*> 2004:4::/64 2001::4 2 ?
below:
2003::1 4 1 12 12 00:25:34 4
2007::5 4 3 15 15 00:32:30 0
*> 2004:1::/64 2003::1/64 100 2 ?
*> 2004:2::/64 2003::1/64 100 2 ?
*> 2004:3::/64 2003::1/64 100 2 ?
*> 2004:4::/64 2003::1/64 100 2 ?
below:
2001::1 4 1 14 14 00:28:06 0
9-12


*> 2004:1::/64 :: 2 ?
*> 2004:2::/64 :: 2 ?
*> 2004:3::/64 :: 2 ?
*> 2004:4::/64 :: 2 ?
Run the command show ip bgp summary on S5 to check the adjacency, as shown below:
2005::2 4 1 15 15 00:32:30 4
*> 2004:1::/64 2005::2/64 1 2 ?
*> 2004:2::/64 2005::2/64 1 2 ?
*> 2004:3::/64 2005::2/64 1 2 ?
*> 2004:4::/64 2005::2/64 1 2 ?
9-13

9-14

Chapter 10
IPv6 QoS Configuration
Table of Contents
IPv6 QoS Overview ..................................................................................................10-1
Configuring IPv6 QoS...............................................................................................10-1
IPv6 QoS Configuration Examples ...........................................................................10-1
10.1 IPv6 QoS Overview

IPv6 QoS is added with IPv6 support in addition to the functions of IPv4 QoS. For details
about QoS, refer to the section about the general description and principles of QoS in the
QoS Volume.
10.2 Configuring IPv6 QoS

The commands for configuring IPv6 QoS are similar to those for configuring IPv4 QoS,
except that IPv6 addresses are involved during the configuration. For details about the
configuration commands, refer to the section about QoS configuration in the QoS Volume.
10.3 IPv6 QoS Configuration Examples

l Configuration Description
As shown in Figure 10-1, user1 accesses the system via the interface xgei-0/1/1/1
whereas user2 accesses the system via the interface xgei-0/1/1/2. The DSCP values
are 1 and 2 respectively. Packets are sent via the interface xgei-0/1/1/3.
According to the requirements, the DSCP values of the packets of the two users sent
via the interface xgei-0/1/1/3 should be 7, the guaranteed bandwidth should be 100
M, and the maximum bandwidth should be 150 M.
10-1

Figure 10-1 IPv6 CAR SET Configuration Example
l Configuration Thought
Configure two Committed Access Rates (CARs) in the downlink of the interface
xgei-0/1/1/3, match them with DSCP values 1 and 2 respectively, and set the DSCP
value of the permitted traffic to 7. Set the guaranteed bandwidth to 100 M, and set
the maximum bandwidth to 150 M.
l Configuration Commands
1. Enter the QoS configuration mode:
ZXR10(config)#pm-qos
ZXR10(config-qos)#
2. Configure QoS commands:
ZXR10(config-pm-qos)#conform-dscp 1 7 0 0
ZXR10(config-pm-qos)#conform-dscp 2 7 1 0
ZXR10(config-pm-qos)#trust-dscp xgei-0/1/1/1 enable
ZXR10(config-pm-qos)#trust-dscp xgei-0/1/1/2 enable
ZXR10(config-pm-qos)#traffic-shape xgei-0/1/1/3 queue 0
min-gua-datarate 100000 max-datarate-limit 150000
ZXR10(config-pm-qos)#traffic-shape xgei-0/1/1/3 queue
1 min-gua-datarate 100000 max-datarate-limit 150000
l Configuration Verification
Run the command show running-config pm-qos to check the CAR SET configured on
the interface:
ZXR10(config-pm-qos)# show running-config pm-qos

! <pm-qos>
conform-dscp 1 7 0 0
conform-dscp 2 7 1 0
trust-dscp xgei-0/1/1/1 enable
trust-dscp xgei-0/1/1/2 enable
traffic-shape xgei-0/1/1/3 queue 0 max-datarate-limit
150000 min-gua-datarate 100000
traffic-shape xgei-0/1/1/3 queue 1 max-datarate-limit
150000 min-gua-datarate 100000
10-2

Chapter 10 IPv6 QoS Configuration
! </pm-qos>
10-3

10-4

Chapter 11
IPv6 Multicast Configuration
Table of Contents
IPv6 Multicast Overview ...........................................................................................11-1
Configuring Public IP Multicast .................................................................................11-3
11.1 IPv6 Multicast Overview

Introduction to Multicast
As a replacement of IPv4, IPv6 uses 128–bit address structure to solve the problem of IP
address shortage. Meanwhile, IPv6 optimizes some characteristics. IPv4 multicast solves
the problem of single-point sending and multi-point receiving, and it realizes high-efficiency
point-to-multipoint data transmission. It saves a lot of network bandwidths and reduces
network load. Therefore, multicast is applied and enhanced in IPv6.
The most obvious difference between IPv6 multicast and IPv4 multicast is that IPv6
multicast address mechanism is improved. The group member management, multicast
packet forwarding and multicast path establishment of IPv6 are similar to those of IPv4.
Multicast Address
An IPv6 address is of 128–bit long, divided by colons into eight bytes with four hex numbers
in each byte, such as FEDC:BA98:7654:3210:FEDC:BA98:7654:3210. An IPv6 multicast
address identifies a group of interfaces that belong to different nodes. A node can belong
to 0 or several multicast groups. A packet sent to a multicast address is received by all
interfaces identified by the multicast address.
According to RFC 4291, some IPv6 multicast addresses have been allocated permanently,
as described in Table 11-1.
Table 11-1 IPv6 Multicast Address Allocation
Name Address Description
Reserved multicast address FF0x:: Not allocated to any multicast

address
All node multicast addresses FF01::1 (node-local) -

FF02::1 (link-local)
All router multicast addresses FF01::2 (node-local) -

FF02::2 (link-local)
FF05::2 (site-local)
11-1

Name Address Description
Requested node multicast FF02::1:FFxx:xxxx Consisting of the address

addresses prefix FF02::1:FF00:/104 (in
front) and low 24 bits of a
unicast or anycast address of a
requested node. For example,
4307::01:800:200E:8C6C
is corresponding to
FF02::1:FF0E:8C6C.
RFC 3306 defines a mode to allocate IPv6 multicast addresses dynamically, that is, an IPv6
multicast address on the basis of unicast prefix. A such IPv6 multicast address includes the
unicast address prefix of its multicast source network. Global-unique multicast addresses
can be allocated in this way. The address structure is shown in Figure 11-1.
Figure 11-1 Structure of IPv6 Multicast Address on Basis of Unicast Prefix
IPv6 Multicast Protocols

The multicast protocols supported by IPv6 include Multicast Listener Discovery (MLD),
MLD Snooping, IPv6 Protocol Independent Multicast (PIM) and IPv6 MBGP.
1. Multicast routing group management protocol
MLD originate from Internet Group Management Protocol (IGMP). MLDv1 corresponds
to IGMPv2, and Multicast Listener Discovery Version 2 (MLDv2) corresponds to
IGMPv3. Different from IGMP which uses message type of IP protocol number 2,
MLD uses message type of ICMPv6 (the IP protocol number is 58), including MLD
Query message (type value is 130, MLDv1 Report message (type value is 131),
MLDv1 Leaving message (type value is 132) and MLDv2 Report message (type
value is 143). MLD acts completely the same as IGMP does excepts for the message
structure.
MLD Snooping is similar to IGMP Snooping.
2. Multicast routing protocol

IPv6 PIM protocol action is the same as that of IPv4 PIM except the IP address
structure in messages. IPv6 PIM also supports Sparse Mode (SM), Dense Mode
(DM) and Source Specific Multicast (SSM).
11-2

Chapter 11 IPv6 Multicast Configuration
When IPv6 PIM sends a protocol message (such as PIM Hello, Join-Prune, Assert,
Bootstrap, Graft, Graft-Ack or State-refresh) of link-local range, the source IPv6
address of the message is the link-local address on the interface that sends
the message. When IPv6 PIM sends a protocol message (such as Register,
Register-Stop or C-RP Advertisement), the source IPv6 address of the message is
the global unicast address on the interface that sends the message.
IPv6 multicast does not support Multicast Source Discovery Protocol (MSDP). There
are two ways to receive multicast data from other IPv6 PIM domains.
a. One way is to obtain the multicast source addresses in other IPv6 PIM domains
directly through other modes (such as advertisement) and use IPv6 PIM-SSM to
initiate joins of specific source groups.
b. The other way is to use embedded Rendezvous Point (RP) mechanism. The
device can obtain the RP addresses in other IPv6 PIM domains through the IPv6
multicast addresses with embedded RP addresses, and initiate joins to the RPs
in other domains. To deliver inter-domain IPv6 multicast routing information, IPv6
MBGP can be used, which is similar to IPv4 MBGP.
11.2 Configuring Public IP Multicast

To configure public IPv6 multicast on ZXR10 5960, perform the following steps.
1 ZXR10(config)#ipv6 multicast-routing Enables IPv6 multicast

function.
ZXR10(config)#no ipv6 multicast-routing Deletes all IPv6 multicast

functions.
2 ZXR10(config-mcast-ipv6)#router pim Enters PIM-SM.
3 ZXR10(config-mcast-ipv6-pim)#no router pim Exits from PIM-SM.
4 ZXR10(config-mcast-ipv6)#show ipv6 mroute [group Shows information in the IPv6

<group-address>][source <source-address>] multicast routing table.
5 ZXR10(config-mcast-ipv6)#damping-enable Mroute flap damping enable
6 ZXR10(config-mcast-ipv6)#damping-threshold Mroute flap damping threshold
7 ZXR10(config-mcast-ipv6)#mroute6-limit IPv6 multicast mroute limit
8 ZXR10(config-mcast-ipv6)#multipath Multipath
9 ZXR10(config-mcast-ipv6)#nexthop Configures the static multicast

next hop.
10 ZXR10#clear ipv6 mroute[group-address <group-address Clears multicast routes.

>][source-address<source-address>]
11 ZXR10#show ipv6 mroute summary Shows the number of IPv6

multicast routing tables.
11-3

12 ZXR10#show ipv6 mroute brief Shows the brief information of

an IPv6 multicast routing table.
The command parameters in Step 4 are described as follows:
<source-address> Source address, in the X:X::X:X format
<group-address> Group address, in the X:X::X:X format
The command parameter in Step 5 is described as follows:
<group-address> Group address, in the X:X::X:X format
11-4

Chapter 12
MLD Configuration
Table of Contents
MLD Overview..........................................................................................................12-1
Configuring MLD ......................................................................................................12-2
Maintaining MLD ......................................................................................................12-6
MLD Configuration Examples ...................................................................................12-8
12.1 MLD Overview

MLD originate from IGMP. MLDv1 corresponds to IGMPv2, and MLDv2 corresponds to
IGMPv3. Different from IGMP which uses message type of IP protocol number 2, MLD
uses message type of ICMPv6 (the IP protocol number is 58), including MLD Query
message (type value is 130, MLDv1 Report message (type value is 131), MLDv1 Leaving
message (type value is 132) and MLDv2 Report message (type value is 143). MLD acts
completely the same as IGMP does excepts for the message structure.
MLD provides the information that is needed in the last state to forward a multicast packet
to the destination. The multicast router exchanges information with the host receiving the
multicast data. The information is collected from the group members of hosts that connect
to the multicast router directly.
MLD mainly uses two types of messages, group member query message and group
member report message. The multicast router sends group member query messages to
all hosts periodically to know the group members on the interconnected subnets. Each
host replies with a member report message to report the multicast group which it belongs
to. When a host joins a new group, it sends a join message immediately instead of waiting
for a query in case it is the first member of the group.
When a host begins to receive information as a member of a group, the multicast router
will query the group periodically to check whether there is any member in the group. As
long as there is one host, the multicast router continues forwarding data.
When a host leaves a group, the multicast router receives a leaving message, and then it
queries whether there is any other active member in the group immediately. If there is any,
the multicast router continue forwarding data. Otherwise, it will not forward data any more.
At present, there are two versions of MLD. MLDv1 corresponds to IGMPv2, and it provides
the fast leaving mechanism of group members. MLDv2 corresponds to IGMPv3, and it
provides to receive or refuse to receive packets from designated multicast sources, thus
to support SSM.
12-1

12.2 Configuring MLD

To configure MLD on the ZXR10 5960, perform the following steps:
1 ZXR10(config-mcast-ipv6)#router mld Enters MLD mode. This is

not related to whether MLD
ZXR10(config-mcast-ipv6)#no router mld
is enabled. That whether
MLD is enabled id controlled
by IPv6 multicast-routing.
Use the no format of this
command to delete all MLD
configuration and restore the
default configuration.
2 ZXR10(config-mcast-ipv6-mld)#interface Enters MLD interface

<interface-name> configuration mode. This
is not related to whether MLD
ZXR10(config-mcast-ipv6-mld)#no interface
is enabled on an interface.
<interface-name>
That whether MLD is enabled
on an interface is controlled by
whether PIM is enabled on an
interface. Use the no format
of this command to delete
the interface configuration
and restore the default
configuration.
3 ZXR10(config-mcast-ipv6-mld)#ssm-map static Configures mapping from

{group-list <access-list-name>| default}<source-address> groups in a specified range to
the source.
4 ZXR10(config-mcast-ipv6-mld)#require-alert-options Discards the MLD packets

without carrying the
Router_Alert_Options option in
IPv6 headers.
To restore the default setting,
run the no form of this
command.
12-2

Chapter 12 MLD Configuration
<access-list-name> SSM group access list name, with 1-31 characters
<source-address> Source address, in the X:X::X:X format
The MLD function on ZXR10 5960 is on the basis of PIM interface. The MLD function will
be enabled automatically after PIM is enabled on an interface.
Configuring MLD Version

At present, there are MLDv1 and MLDv2. Version 2 is applied by default. Users can set the
version with the version <version> command according to demand. Considering security,
it is required to use the same version on the network elements in the same segment. MLD
version configuration is on the basis of interface. Different versions can be configured on
different interfaces of the same device.
Configuring an MLD Group on an Interface

To configure an MLD group on the ZXR10 5960, perform the following steps:
1 ZXR10(config-mcast-ipv6-mld-if-vlanx)#access-gr Configures the range of groups

oup <access-list-number> allowing MLD join.
ZXR10(config-mcast-ipv6-mld-if-vlanx)#no Deletes the join group.

access-group
2 ZXR10(config-mcast-ipv6-mld-if-vlanx)#static-group Binds a group address on an

<group-address>[source {<source-address>[{include|exclud interface statically.
e}]|ssm-map}]
ZXR10(config-mcast-ipv6-mld-if-vlanx)#no Deletes the static group

static-group<group- address>[source {<source-address>| member on an interface.
ssp-map}]
3 ZXR10(config-mcast-ipv6-mld-if-vlanx)#immediate-l Configure the range of

eave {group-list <access-list-name>| all} groups allowing MLD leaving
immediately.
ZXR10(config-mcast-ipv6-mld-if-vlanx)#no Deletes the function of allowing

immediate-leave MLD leaving immediately.
4 ZXR10(config-mcast-ipv6-mld)#querier-election disable Configures querier election

evading.
ZXR10(config-mcast-ipv6-mld)#no querier-election Deletes querier election

disable evading.
12-3

5 ZXR10(config-mcast-ipv6-mld)#join-group Configures members for the

<group-address> static group on the MLD
interface.
ZXR10(config-mcast-ipv6-mld)#no join-group Deletes the static group

<group-address> member from the interface.
<access-list-name> Standard IP access list name, with 1-31 characters
<group-address> Static MLD join group address, in the X:X::X:X format
<source-address > Source address, in the X:X::X:X format
<access-list-name> Standard IP access list name, with 1-31 characters
By default, when a device receives an MLD leaving message, the group member will leave
the group if it does not receive any report message within (last member query interval *
2 + 1) seconds. If no option is configured in the command, it takes effect in all multicast
groups.
Configuring MLD Timers

After MLD is enabled on interfaces of multicast routers in a shared segment, an optimal
interface will be elected as the querier of the segment to obtain group member information
by sending query messages.
After sending a query message, the querier waits for a period to receive the report
messages from member hosts. The period is the value of the maximum response time
contained in the query messages. By default, the period is 10 seconds.
After receiving the query message, a member host in the segment will subtract a random
value on the basis of the maximum response time. It uses the result as its response time.
If the querier receives a report message from another member host during this period,
the host cancels to send a report message. If the querier does not receive any report
message from any other member hosts when the period expires, the member host will
send a report message. Increasing the maximum response time also increases the wait
chances of group members in the segment, and reduces the rate that several hosts send
report messages in the segment.
12-4

Users can set the timers related to the querier according to demand.
To configure MLD timers on the ZXR10 5960, perform the following steps:
1 ZXR10(config-mcast-ipv6-mld-if-vlanx)#query-int Configures the MLD common

erval <seconds> query interval.
ZXR10(config-mcast-ipv6-mld-if-vlanx)#no Restores the default value of

query-interval the MLD query-interval.
2 ZXR10(config-mcast-ipv6-mld-if-vlanx)#query-ma Configures the maximum

x-response-time <seconds> response time contained in
query messages.
ZXR10(config-mcast-ipv6-mld-if-vlanx)#no Restores the default maximum

query-max-response-time response time.
3 ZXR10(config-mcast-ipv6-mld-if-vlanx)#querier-ti Configures the MLD querier

meout <seconds> timeout time.
ZXR10(config-mcast-ipv6-mld-if-vlanx)#no Restores the default MLD

querier-timeout querier timeout time.
4 ZXR10(config-mcast-ipv6-mld-if-vlanx)#last-membe Configures MLD query-interval

r-query-interval <seconds> of a specified group.
ZXR10(config-mcast-ipv6-mld-if-vlanx)#no Restores the default MLD

last-member-query-interval query-interval of a specified
group.
5 ZXR10(config-mcast-ipv6-mld-if-vlanx)#robustnes Configures the allowed packet

s-count <times> loss times. <times>: The
allowed packet loss times + 1.
Range: 2-7.
ZXR10(config-mcast-ipv6-mld-if-vlanx)#no Restores the default value of

robustness-count the robust variable.
<seconds> The interval for sending common query packets by the

MLD, in the range of 1-65535, in the unit of second, with
the default value of 125. This command also exists in
MLD configuration mode. If this command does not exist
in interface configuration mode, the command in MLD
configuration mode takes effect.
12-5

<seconds> Time value, in the range of 1-25, in the unit of second,

with the default value of 10. This command also exists in
<seconds> Querier timeout period, in the range of 60-300, in the unit of

second. By default, the timeout period of the MLD querier is
twice of MLD query interval plus half of the query response
(query interval*2+query response/2). This command also
exists in MLD configuration mode. If this command does not
exist in interface configuration mode, the command in MLD
<seconds> Query interval, in the range of 1-25, in the unit of second,

with the default value of 1. This command also exists in
<times> Robust variable. Range: 2–7, default: 2.
12.3 Maintaining MLD

To maintain MLD, run the following commands:
Command Function
ZXR10#show ipv6 mld interface [<interface-name>] Shows MLD configuration on an

interface.
ZXR10#show ipv6 mld groups{[vlan <interface-name>]|[<group-add Shows MLD group join information
ress>]}[detail] on an interface.
12-6

Command Function
ZXR10#show ipv6 mld packet-count [vlan <interface-name>] Shows statistics counts of MLD
protocol messages sent and
received.
ZXR10#clear ipv6 mld groups [vlan <interface-name>] Clears multicast groups that are
joined dynamically.
ZXR10#clear ipv6 mld packet-count [vlan <interface-name>] Clears statistics counts of MLD
protocol messages sent and
received.
The following is a sample output from the show ipv6 mld interface command:
ZXR10(config-mcast-ipv6)#show ipv6 mld inter vlan100
vlan100
Internet address is fe80::200:18ff:fe18:1800
MLD is enabled on interface
Current MLD version is 2
MLD query interval is 125 seconds and now in startup phase
MLD last member query interval is 1 seconds
MLD query max response time is 10 seconds
MLD querier timeout period is 255 seconds
MLD robustness variable is 2
MLD querier is
fe80::200:18ff:fe18:1800, never expire
Inbound MLD access group is not set
MLD immediate leave control is not set
The following is a sample output from the show ipv6 mld groups command:
ZXR10(config-mcast-ipv6-pim-if-vlanX)#show ipv6 mld groups
Group Address : ff80::1
Last Reporter : fe80::2ee:ffff:fe30:1000
Interface : vlan10
Uptime : 00:02:14
Expires : never
Group Address Group address.
Last Reporter The address of the host that reports group member
information last time.
Interface Interface.
12-7

Expires Remaining time to Expire the timer. The information "never"

indicates that there is a static group and the timer is not
enabled.
12.4 MLD Configuration Examples

12.4.1 MLDv2 Configuration Example
As shown in Figure 12-1, PIM-SM is enabled on S1 and S2. The MLD version is v2. MLDv1
elects a querier through common query messages. The MLDv2 router with the smallest
IP address is elected as the querier.
Figure 12-1 MLDv1 Configuration Example
1. Configure addresses on the interfaces of the routers in interface configuration mode.
The address of S1 should be smaller than that of S2.
2. Enable multicast function by configuring ipv6 multicast-routing.
3. Enter PIM route mode and then enter the interfaces.
4. Enable PIM-SM in interface configuration mode.
S1 configuration:
S1(config)#ipv6 multicast-routing
S1(config-mcast-ipv6)#router pim
S1(config-mcast-ipv6-pim)#interface vlan1
S1(config-mcast-ipv6-pim-if-vlan1)#pimsm
S1(config-mcast-ipv6-pim-if-vlan1)#end
S2 configuration:
12-8

S1#show ipv6 mld interface vlan1
vlan1
Internet address is 100::1
MLD query interval is 125 seconds
MLD querier is fe80::2d0:d0ff:fe06:606,
expires timer:00:04:11

vlan2
MLD querier is fe80::2d0:d0ff:fe06:606, never expire
12-9

12.4.2 Static Group Configuration Example

As shown in Figure 12-2, PIM-SM is enabled on S1. The MLD version is v2 (default). It
is required to configure S1 to join a static group ffee::1, and configure it to join a dynamic
group ffee::2 through a tester.
Figure 12-2 Static Group Configuration
1. Configure addresses on the interfaces of the routers in interface configuration mode.
2. Enable multicast function by configuring ipv6 multicast-routing.
3. Enter PIM route mode and then enter the interfaces.
4. Enable PIM-SM in interface configuration mode.
5. Enter MLD route mode from multicast mode and then enter the interfaces.
6. Configure static group join on VLAN1 of S1.
7. Send MLD group join messages to S1 on the PC.
S1 configuration:
S1#configure terminal
S1(config-mcast-ipv6)#router mld
S1(config-mcast-ipv6-mld)#interface vlan1
S1(config-mcast-ipv6-mld-if-vlan1)#static-group ffee::1 source 200::1
S1(config-mcas-ipv6-mld-if-vlan1)#end
View interface information on S1:
12-10


vlan1
MLD querier is fe80::2d0:d0ff:fe06:606, never expire
View the detailed information of corresponding interface on S1:

S1#show ipv6 mld groups vlan1 detail
Flags: S - Static Group, SSM - SSM Group
I Interface: vlan1
Group: ffee::1
Flags:
Uptime: 21:51:20
Group mode: INCLUDE
Last reporter: fe80::2d0:d0ff:fe06:606
Group source list: (R - Report, M - SSM Mapping, S - Static)
Source addr Present Expires Fwd Flag
200::1 00:03:50 Never Yes S
nterface: vlan1
Group: ffee::2
Flags:
Uptime: 21:51:24
Group mode: INCLUDE
Last reporter: fe80::2d0:d0ff:fe06:606
Group source list is empty
12-11

12-12

Chapter 13
IPv6 PIM-SM Configuration
Table of Contents
PIM-SM Overview ....................................................................................................13-1
Configuring IPv6 PIM-SM .........................................................................................13-3
IPv6 PIM-SM Maintenance and Diagnosis................................................................13-9
IPv6 PIM-SM Configuration Example......................................................................13-17
13.1 PIM-SM Overview

Introduction to PIM-SM
PIM-SM is mainly used in the following situations:
l Group members locate sparsely in a relatively large scale.
l The network bandwidth resource is limited.
PIM-SM does not depend on a specific unicast routing protocol. PIM-SM assumes that
all routers on a shared segment do not need to send multicast packets. The routers only
can receive and send multicast packets after they request to join a multicast group on
their own initiative. PIM-SM advertises the multicast information to all routers supporting
PIM-SM through a RP. In PIM-SM, a router joins or leaves the multicast group explicitly.
This reduces the number of packets and the bandwidth used by the control packets.
PIM-SM Principle
PIM-SM sends multicast packets by using a shared tree. A shared tree has a center point
that is responsible for sending packets to all the source-sending ends in the multicast
group. Each source-sending end sends packets to the center point along the shortest
path, and then takes the center point as the root point to distribute the packets to various
receiving ends of the group.
The group center point of the PIM-SM is called the RP. There may be several RPs in a
network, but there is only one RP in a multicast group.
A switch can obtain the location of the RP in two ways.
1. Configure the RP manually and statically on the switches running PIM-SM.
2. PIM-SMv2 obtains the location through the candidate RP advertisement. The
candidate RP with the lowest priority will become formal RPs.
In PIM-SM, some switches running PIM-SM are manually set to work as candidate
Bootstrap switch (BSR). The candidate BSR with the highest priority will be elected as
the formal BSR.
13-1

The BSR is responsible for collecting the candidate RP information on the multicast
switches in group to find out candidate RPs in the multicast domain. It notifies the
candidate RPs to all the PIM switches in the PIM domain in a unified way. Each PIM
switch, according to the similar Hash rules, elects the one with the highest priority as the
formal RP from the same candidate RP set. Candidate RPs are configured manually.
The switches running PIM-SM discover each other and maintain the neighbor relationship
by exchanging Hello messages. In the multi-access network, the Hello messages also
contain the priority information of switches. The DR is elected according to this parameter.
The multicast source or the first hop switch (the DR connecting to the source directly)
encapsulates a packet in a Register message, and then sends it to the RP through a unicast
switch. When receiving the Register message, the RP de-encapsulates the messages to
take out the packet, and then sends the packet to the receivers of the group along the
shared multicast tree.
Each host acting as a receiver joins the multicast group through the IGMP member report
message. The last hop switch (or the DP in the multi-access network) sends the received
Join message to the RP level by level. After receiving the Join message, the intermediate
switch checks whether it has already had the routes of the group. If it has, the intermediate
switch adds the downstream request switch to the shared multicast tree as a branch. If
not, it continues to send the Join message to the RP.
When the RP or the multicast switch connects to a receiver directly, it can switch to the
SPT from the shared tree. When the RP receives a Register message sent from a new
multicast source, the RP will return a Join message to the DR directly connecting to the
multicast source. Thus, the SPT from the source to the RP is constructed.
After a DR or a switch directly connecting to multicast members receives the first multicast
packet from the multicast group, or the received packets reaches a threshold, it can switch
to the SPT from the shared tree. Once the handover occurs, the switch will send a Prune
message to the upstream neighbor and request to leave the shared tree.
In PIM-SM, there are the following types of messages.
l Hello message: The switch interfaces on which PIM-SM runs send Hello messages
periodically to the neighbor interfaces in the same segment to establish neighbor
relationship. Hello messages are also used for switches running MLD to elect the
DR.
l Register message: When receiving a multicast packet sent by a host in the local
network, the DR will encapsulate the packet in a Register message and send it to the
RP through unicast. The source address in the IP header of the Register message is
the address of the DR, and the destination address is the address of the RP.
l Register-Stop message: The RP unicasts a Register-Stop message to the sender of
the Register message to inform it stop sending Register messages.
l Join/Prune message: This message is forwarded in the direction to the source or
the RP. A Join message is used to construct a source tree or a shard tree. When a
receiver leaves a group, it sends a Prune message to prune the source tree or the
shard tree. This message contains the joining information and pruning information
13-2

Chapter 13 IPv6 PIM-SM Configuration
of the multicast route entities. The Join message and the Prune message are in the
same packet. Either message can be null.
l Bootstrap message: A route needs to send Bootstrap messages on all interfaces
except the interface on which the Bootstrap message is received. This message is
generated on the BSR and forwarded by all switches.
l Assert message: When there are several switches on a multi-access network and a
multicast group packet is received on an egress interface of a switch, it is necessary
to use the Assert message to designate a forwarder.
l Candidate-RP-Advertisement: A candidate RP unicasts
Candidate-RP-Advertisement to the BSR periodically to advertise the set of group
addresses served by the Candidate RP.
13.2 Configuring IPv6 PIM-SM

To configure IPv6 PIM-SM on ZXR10 5960, perform the following steps.
1 ZXR10(config-mcast-ipv6)#router pim Enables IPv6 PIM.
ZXR10(config-mcast-ipv6)#no router pim Disables PIM.
2 ZXR10(config-mcast-ipv6-pim)#static-rp<ip-address>[p Configures a static RP.

riority <priority>]
ZXR10(config-mcast-ipv6-pim)#bsr-candidate<ipv6-ad Configures a candidate BSR.

dress>[hash-mask-length <hash-mask-length>][priority
<priority>]
ZXR10(config-mcast-ipv6-pim)#rp-candidate Configures a candidate RP.

<ip-address>[priority <priority>]
ZXR10(config-mcast-ipv6-pim)#spt-threshold infinity Configures handover of the

SPT.
ZXR10(config-mcast-ipv6-pim)#accept-register< Filters the multicast packets

access-list-name > encapsulated in Register
messages.
ZXR10(config-mcast-ipv6-pim)#accept-rp Filters the candidate RP

<access-list-name> addresses advertised in the
Bootstrap messages.
ZXR10(config-mcast-ipv6-pim)#anycast-rp-local < Configures the Anycast-RP

ipv6-address > local address.
ZXR10(config-mcast-ipv6-pim)#anycast-rp-peer < Configures the Anycast-RP

ipv6-address > peer address.
ZXR10(config-mcast-ipv6-pim)#embedded-rp disable Disables embedded RP

ZXR10(config-mcast-ipv6-pim)#no embedded-rp function.
disable
13-3

ZXR10(config-mcast-ipv6-pim)#bidir-pim Enable BIDIR-PIM.
ZXR10(config-mcast-ipv6-pim)#bsm-unicast IPv6 PIM unicast bootstrap

messages.
ZXR10(config-mcast-ipv6-pim)#data-filter IPv6 PIM data filter.
ZXR10(config-mcast-ipv6-pim)#join-prune-interval PIM router join-prune interval.
ZXR10(config-mcast-ipv6-pim)#register-holdtime IM router register holdtime

without receiving register stop.
ZXR10(config-mcast-ipv6-pim)#register-probe-interval IPv6 PIM router register probe

interval.
ZXR10(config-mcast-ipv6-pim)#register-source Source address for PIM

Register.
ZXR10(config-mcast-ipv6-pim)#register-suppression-in IPv6 PIM router register

terval suppression interval.
ZXR10(config-mcast-ipv6-pim)#ssm IPv6 PIM SSM commands.
ZXR10(config-mcast-ipv6-pim)#assert-holdtime Asserted hold time of the IPv6

PIM router.
ZXR10(config-mcast-ipv6-pim)#bsr-candidate-holdtime Hold time of the IPv6 PIM BSR

candidate router.
ZXR10(config-mcast-ipv6-pim)#bsr-candidate-interval Interval of sending bootstrap

messages by the IPv6 PIM
BSR candidate router.
ZXR10(config-mcast-ipv6-pim)#join-prune-holdtime Join-prune hold time of the

IPv6 PIM router.
ZXR10(config-mcast-ipv6-pim)#join-prune-speed Join-prune speed of the IPv6

PIM router.
3 ZXR10(config-mcast-ipv6-pim)#interface Enters IPv6 PIM-SM interface.

<interface-name>
ZXR10(config-mcast-ipv6-pim-if-vlanX)#pimsm Enables IPv6 PIM-SM on an

interface.
ZXR10(config-mcast-ipv6-pim-if-vlanX)#no pimsm Disables IPv6 PIM-SM on an

interface.
ZXR10(config-mcast-ipv6-pim-if-vlanX)#dr-priority Configures the DR priority on a

<priority> IPv6 PIM-SM interface.
ZXR10(config-mcast-ipv6-pim-if-vlanX)#no
dr-priority
13-4

ZXR10(config-mcast-ipv6-pim-if-vlanX)#bsr-border Sets an interface to the border

ZXR10(config-mcast-ipv6-pim-if-vlanX)#no of the IPv6 PIM-SM domain.
bsr-border
ZXR10(config-mcast-ipv6-pim-if-vlanX)#hello-inter Configures the interval to send

val <seconds> Hello messages.
ZXR10(config-mcast-ipv6-pim-if-vlanX)#no
hello-interval
ZXR10(config-mcast-ipv6-pim-if-vlanX)#jp-max-p Maximum packet length of an

acket-length IPv6 PIM join-prune message.
ZXR10(config-mcast-ipv6-pim-if-vlanX)#neighbor IPv6 PIM neighbor filter.

-filter
ZXR10(config-mcast-ipv6-pim-if-vlanX)#override-in Override interval of the IPv6

terval PIM router.
ZXR10(config-mcast-ipv6-pim-if-vlanX)#pim-silent Prohibits the interface from

sending or receiving IPv6 PIM
packets.
<ip-address> Static RP address, in the X:X::X:X format
<hash-mask-length > Hash mask length, in the range of 0-128
<priority> Priority, in the range of 1-255
<priority> Priority, in the range of 1-4294927695
<seconds> The interval to send Hello messages on a IPv6 PIM-SM

switch. It is in the range of 1-65535, in the unit of second.
Configuring IPv6 PIM-SM Basic Information

To configure IPv6 PIM-SM on ZXR10 5960, perform the following steps.
1 ZXR10(config-mcast-ipv6)#router pim Enables IPv6 PIM-SM.
13-5

2 ZXR10(config-mcast-ipv6-pim)#interface After IPv6 PIM-SM is enabled

<interface-name> on an interface, MLD is enabled
automatically on the interface.
ZXR10(config-mcast-ipv6-pim-if-vlanX)#pimsm
By default, IPv6 PIM-SM is not
enabled on an interface.
3 ZXR10(config-mcast-ipv6-pim)#static-rp<ip-address>[p Configures a static RP.

riority <priority>]
4 ZXR10(config-mcast-ipv6-pim)#bsr-candidate <ipv6-a Configures a candidate BSR.

ddress>[hash-mask-length <hash-mask-length>][priority
<priority>]
5 ZXR10(config-mcast-ipv6-pim)#rp-candidate<ipv6 Configures a candidate RP.

address>[priority <priority>]
6 ZXR10(config-mcast-ipv6-pim)#anycast-rp-local < Configures the anycast-rp local

ipv6-address > address.
7 ZXR10(config-mcast-ipv6-pim)#anycast-rp-peer < Configures the anycast-rp peer

ipv6-address > address.
<ip-address> Static RP address, in the X:X::X:X format
<priority> Priority, in the range of 0-255, with the default value of 192
Note:
By default, no static RP is configured.
Usage descriptions of a static RP: After a static RP is configured, it participates in RP set

selection, even the switch does not receive any RP information advertisement of BSR.
The following example shows how to configure a static RP 2001::1 for all multicast groups.
ZXR10(config-mcast-ipv6-pim)#static-rp 2001::1
<ipv6-address > BSR address, in the X:X::X:X format
<hash-mask-length> Hash mask length, in the range of 0-128
<priority> Priority, in the range of 0-255, with the default value of 0
13-6

If static RP mechanism is not used, it is necessary to configure a candidate BSR on one

or more multicast switches in each multicast domain and elect a BSR.
A BSR sends bootstrap messages periodically to advertise the RP information. The
switches running PIM-SM update the RP state according to the latest advertisement
messages. The bootstrap messages sent by BSRs are also used to elect a formal BSR
among candidate BSRs.
The default priority of a candidate BSR is 0. The BSR with the highest priority will become
the formal BSR. If several candidate BSR have the same highest priority, the one with the
largest IP address will become the formal BSR.
< ipv6-address > BSR address, in the X:X::X:X format
<priority> Candidate RP priority, in the range of 0-255, with the default

value of 192
In PIM-SM, a RP is the root of the RPT. It is responsible for sending multicast packets to
downstream multicast receiving members along the RPT. There should be only one formal
RP in each multicast group.
Usage descriptions of a candidate RP:
1. The default priority of a candidate RP is 192. The RP with the smallest priority value
will become the RP. If some candidate RPs have the same smallest priority value, the
hash values are compared. The candidate RP with the largest hash value will become
the RP. If the hash values are the same, IP addresses are compared. The candidate
RP with the largest IP addresses will become the RP.
2. It is recommended to configure a candidate RP on the loopback interface to reduce
the network oscillation due to physical interface up/down.
Configuring IPv6 PIM-SM Global Parameters

In IPv6 PIM-SM, different parameters have different default values. Configuring these
parameters can optimize the network. To configure IPv6 PIM-SM global parameters on
ZXR10 5960, perform the following steps.
1 ZXR10(config-mcast-ipv6-pim)#spt-threshold infinity Configures handover of the

SPT.
2 ZXR10(config-mcast-ipv6-pim-if-vlanX)#dr-priority Configures the DR priority on a

<priority> IPv6 PIM-SM interface.
3 ZXR10(config-mcast-ipv6-pim-if-vlanX)#bsr-border Sets an interface to the border

of the IPv6 PIM-SM domain.
4 ZXR10(config-mcast-ipv6-pim-if-vlanX)#hello-inter Configures the interval to send

val <seconds> Hello messages.
13-7

infinity Infinity, making all sources of designated groups use the RPT
Note:
By default, the threshold to hand the RPT over to the SPT is 0.
Only the last hop DR and RP can hand over to the SPT on their own initiative. By default,
the handover begins when the RP receives the first Register message. For the last hop
DR, the policy of SPT handover can be configured by using single multicast group as the
control granularity. If the handover threshold of a group is set to infinity, handover will not
be performed. By default, as long as there is traffic, handover is performed.
<priority> DR priority on a PIM interface, in the range of 0-4294967295,

with the default value of 1.
A DR must be elected in a shared (or multi-access) segment. The candidate DR with

the highest priority will become the DR. If several candidate DRs have the same highest
priority, the one with the largest IP address will become the DR.
In a shared segment connecting to the multicast source, only the DR can send Register
messages to RP. In a shared segment connecting to receivers, only the DR reply to the
MLD Join messages and Leaving messages, and send PIM Join/Pruning messages to
upstream devices. The switch priority is contained in the Hello messages exchanged with
neighbors, with the default value of 1.
Configuration Example
The following example shows how to configure the DR priority on vlan1.
ZXR10(config)#ipv6 multicast-routing
ZXR10(config-mcast-ipv6)#router pim
ZXR10(config-mcast-ipv6-pim)#interface vlan1
ZXR10(config-mcast-ipv6-pim-if-vlan1)#dr-priority 20
ZXR10(config-mcast-ipv6-pim-if-vlan1)#exit
By default, an interface is not the border of the PIM domain. When the interface is set to
the border of the PIM domain, no BSR messages can pass the border in any direction.
This function divides the network into different areas of BSR messages effectively. Other
PIM messages can pass the domain border.
The following example shows how to configure a PIM domain border on vlan1.
13-8

ZXR10(config-mcast-ipv6-pim-if-vlan1)#bsr-border
The intervals of sending Hello messages to PIM-SM neighbors can be set according to
demand.
The following example shows how to configure the intervals of sending PIM Hello
messages on vlan1.
ZXR10(config-mcast-ipv6-pim-if-vlan1)#hello-interval 25
Configuring an IPv6 PIM-SM Control Policy

To configure an IPv6 PIM-SM control policy on ZXR10 5960, perform the following steps.
1 ZXR10(config-mcast-ipv6-pim)#accept-register < Filters the multicast packets

access-list-name > encapsulated in Register
messages.
2 ZXR10(config-mcast-ipv6-pim)#accept-rp Filters the candidate RP

<access-list-name> addresses advertised in the
Bootstrap messages.
<access-list-name> Defines a group range in which the source addresses of the

multicast packets encapsulated in Register messages are
filtered.
The source addresses of the multicast packets encapsulated in Register messages will be
filtered according to the rules defined in an ACL.
<access-list-name> Defines a group range in which the candidate RPs advertised

in BSR messages received are filtered.
13.3 IPv6 PIM-SM Maintenance and Diagnosis

The ZXR10 5960 provides the following commands to maintain IPv6 PIM-SM:
13-9

Command Function
ZXR10(config)#show ipv6 pim mroute [group <group-address>] Displays the IPv6 PIM-SM routing
table.
ZXR10(config)#show ipv6 mroute summary Displays the routing table

information of the IPv6 broadcast
PIM-SM.
ZXR10(config)#show ipv6 pim bsr Displays the information of the

BSR.
ZXR10(config)#show ipv6 pim rp mapping Displays the RP mapping

information advertised by the IPv6
PIM-SM.
ZXR10(config)#show ipv6 pim rp hash <group-address> Displays the RP information

selected by a IPv6 PIM-SM
specific multicast group.
ZXR10(config)#show ipv6 pim interface [<interface-name>] Displays the interface on which

IPv6 PIM-SM is configured.
ZXR10(config)#show ipv6 pim neighbor [<interface-name>] Displays the neighbor information

of a PIM-SM interface.
ZXR10(config)#show ipv6 pim nexthop Displays the PIM-SM next hop

information.
ZXR10#show ipv6 pim traffic [<interface-name>] Displays the IPv6 PIM-SM traffic
statistics information.
ZXR10#clear ipv6 pimsm traffic [<interface-name>] Clears the IPv6 PIM-SM traffic
statistics information.
group <group-address> Multicast group address, in the X:X::X:X format
The following example shows the outputs of the show ipv6 pim mroute command:
ZXR10(config-mcast-ipv6-pim)#show ipv6 pim mroute
IPv6 PIM Multicast Routing Table
Flags: T- SPT-bit set,A- Forward,J- Join SPT,U- Upsend,S- PIM-SM,D- PIM-DM,
Macro state: Ind- Pim Include Macro,Exd- Pim Exclude Macro,
Jns- Pim Joins Macro,LAst- Pim Lost_assert Macro,
Imo- Pim Immediate_olist Macro,Ino- Pim Inherited_olist Macro,
Lcd- Pim Local_receiver_include Macro
Timers:Uptime/Expire(Upstream State)/KAT
(*, ff1e::1)
13-10

00:00:10/00:00:00(JOINED)/00:00:00
RP address: ::
Ind: 1/Jns: 0/LAst: 0/Imo: 1/Lcd: 1
Iif: NULL, RPF nbr: 0::0
Oif:
vlan30, LocalIn / ImoXG
The outputs of the command show ipv6 pim mroute is as follows:
Ind PIM local join state
RPF nbr RPF neighbor
The following example shows the outputs of the show ipv6 pim mroute summary command:
ZXR10#show ipv6 pim mroute summary
IPv6 PIM-SM Multicast Routing Table Summary
(*, G):6 , (S, G):0, (S, G, rpt):0, Register:0
(*, ff88::1) (JOINED), RP: 2002::20
(*, ff88::2) (JOINED), RP: 2002::20
(*, ff88::3) (JOINED), RP: 2002::20
(*, ff88::4) (JOINED), RP: 2002::20
(*, ff88::5) (JOINED), RP: 2002::20
(*, ff88::6) (JOINED), RP: 2002::20
The following example shows the outputs of the show ipv6 pim bsr command:
ZXR10(config)#show ipv6 pim bsr
No IPv6 PIM-SM Bootstrap information !
This system is a candidate BSR!
candidate BSR address: 2002::20,
priority: 100,
hash mask length: 30
This system is a candidate RP!
candidate RP address: 2001::20,priority:192
The outputs of the show ipv6 pim bsr command are described as follows:
BSR address BSR IPv6 address
Uptime BSR uptime
BSR Priority BSR priority
Hash mask length BSR mask length
Expires Expiring time of the BSR or of the BSR message
candidate BSR address IPv6 address of the candidate BSR configured locally
Priority Priority of the candidate BSR configured locally
13-11

hash mask length Mask length of the candidate BSR configured locally
CRP IP address, interface number, priority and other information

of the RP configured locally
The following example shows the outputs of the show ipv6 pim rp mapping command:
ZXR10(config)#show ipv6 pim rp mapping
ff02::/16
RP : ::
Protocol : L-Local
RPF : ,
Info source: Default
Expires :
ff10::/15
RP : ::
Protocol : NOUSED
RPF : ,
Expires :
ff12::/16
RP : ::
Protocol : L-Local
RPF : ,
Expires :
ff00::/8
RP : 2001::20
Protocol : SM
RPF : Local,2001::20
Info source: BSR From: 2002::20, Priority: 188
Expires : 00:02:18
The outputs of the show ipv6 pim rp mapping command are described as follows:
Group The address and mask of the broadcast group that selects
the RP.
RP The address of the secondary RP advertised by the broadcast

group.
Protocol Protocol.
RPF RPF type and the interface address.
Info source RP information source.
13-12

Expires The time the secondary RP expires.
Group Address and the mask of the broadcast group that selects
the RP.
The following example shows the outputs of the show ipv6 pim rp hash command:
ZXR10(config)#show ipv6 pim rp hash ff88::2
rp address: 2001::20
The outputs of the show ipv6 pim rp hash command are described as follows:
rp address RP address selected by a specific multicast group
The following example shows the outputs of the show ipv6 pim interface command:
ZXR10#show ipv6 pim interface vlan1
Interface State Nbr Hello DR
Count Period Priority
vlan1 Up 1 30 1
Address: fe80::2e0:d0ff:fe21:203
DR : fe80::2e0:d0ff:fe21:205
The outputs of the show ipv6 pim interface command are described as follows:
Address Interface address
Interface Interface name
NbrCount Number of neighbors
State Interface state up/down
HelloPeriod Intervals of sending Hello messages
DR Priority DR priority of this interface
DR The DR of the interface
The following example shows the outputs of the show ipv6 pim neighbor command:
ZXR10(config-mcast-ipv6-pim)#show ipv6 pim neighbor
Neighbor Address(es): fe80::200:20ff:fe15:800
Interface: vlan100
Uptime: 00:03:46
Expire: 00:01:29
DR Pri: 1
Attr: N/A
The outputs of the show ipv6 pim neighbor command are described as follows:
13-13

Neighbor Address(es) IPv6 address of the neighbor
Interface Interface name
DR Priority DR priority of the neighbor
Uptime Uptime of the neighbor
Expires Expiring time of the neighbor
Address-list Hello option Address list of the neighbor.
The following example shows the outputs of the show ipv6 pim nexthop command:
ZXR10(config)#show ipv6 pim nexthop
IPv6 PIM-SM Nexthop Table
Nexthop state: R- Nexthop to RP,S- Nexthop to Source,
O- Related with Unicast,U- No Unicast Route,
L- Local Route,C- Connect to Dest,
Nexthop:2001::20 (00:03:26)
Type:.R. . . .L.
Metric:0
Preference:0
Nexthop address:::(is Local)
Nexthop port:vlan1
Nexthop:2002::20 (00:03:26)
Type:. . . . .L.
Metric:0
Preference:0
Nexthop address:::(is Local)
Nexthop port:vlan1
The outputs of the show ipv6 pim nexthop command are described as follows:
Next-hop Address IPv6 address of the next hop
Type Type of the next hop route
Metric Route metric of the next hop
Preference Route priority of the next hop
Next-hop port Egress interface of the unicast route.
The outputs of the show ipv6 pim traffic command are described as follows:
ZXR10(config-mcast-ipv6-pim)#show ipv6 pim traffic

IPv6 PIM packet Received/Sent:
Interface: vlan100
Hello:10/62, Join/Prune:0/0
13-14

Register:0/0, Register-Stop:0/0
Bootstrap:0/0, C-RP-Ad:0/0
Assert:0/0, State-Refresh:0/0
Graft:0/0, Graft-Ack:0/0
Interface: vlan30
Total traffic in current PIM instance:
Total:10/70, Received error packet:0
The outputs of the show ipv6 pim traffic command are described as follows:
Interface Interface name.
Hel Number of Hello packets.
Reg Number of Registration packets.
Reg-st Number of Deregistration packets.
J/P Number of J/P packets.
Bst Number of BSM packets.
Ast Number of Assert packets.
C-RP-Ad Number of CRP packets.
Summary Summarize traffic information of all interfaces.
pkt_rcv_all Number of protocol packets received by the IPv6

PIM-SM instance.
pkt_rcv_error Number of incorrect packets received by the IPv6

PIM-SM instance.
pkt_rcv_ok_notpim Number of incorrect packets received by the

non-pim interface of the IPv6 PIM-SM instance.
xg_Prune_rcv Number of xg prune packets received by the IPv6

PIM-SM instance.
13-15

sg_Prune_rcv Number of sg prune packets received by the IPv6

PIM-SM instance.
igmp_xglev_rcv Number of igmp xg leave packets received by the

IPv6 PIM-SM instance.
igmp_sginlev_rcv Number of igmp sg include leave packets

received by the IPv6 PIM-SM instance.
pkt_send_all Number of protocol packets sent by the IPv6

PIM-SM instance.
data_rcv_all Number of data packets received by the IPv6

PIM-SM instance.
wrong_data_rcv Number of incorrect data packets received by the

IPv6 PIM-SM instance.
data_send_all Number of data packets that are sent successfully

by the IPv6 PIM-SM instance.
wrong_data_send Number of data packets that failed to be sent by

the IPv6 PIM-SM instance.
The following example shows the outputs of the clear ipv6 pim traffic command:
ZXR10#clear ipv6 pim traffic
ZXR10#show ipv6 pim traffic
IPv6 PIM-SM packet receive:
Interface Hel Reg Reg-st J/P Bst Ast
C-RP-Ad
loopback1 0 0 0 0 0 0
0
vlan1 0 0 0 0 0 0
0
vlan2 0 0 0 0 0 0
0
IPv6 PIM-SM packet send:
Interface Hel Reg Reg-st J/P Bst Ast
C-RP-Ad
loopback1 0 0 0 0 0 0
0
vlan1 0 0 0 0 0 0
0
vlan2 0 0 0 0 0 0
0
Total traffic in current IPv6 PIM-SM instance:
Summary_pkt Hel Reg Reg-st J/P Bst Ast
C-RP-Ad
13-16

RCV_type 0 0 0 0 0 0
0
SEND_type 0 0 0 0 0 0
0
pkt_rcv_all 0
pkt_rcv_error 0 pkt_rcv_ok_notpim 0
xg_Prune_rcv 0 sg_Prune_rcv 0
igmp_xglev_rcv 0 igmp_sginlev_rcv 0
pkt_send_all 0
data_rcv_all 0 wrong_data_rcv 0
data_send_all 0 wrong_data_send 0
13.4 IPv6 PIM-SM Configuration Example

General Description
As shown in Figure 13-1, an MLD group connects to S2, and a multicast source connects
to S1. It is required to configure BSR neighbors and CRP.
Figure 13-1 PIM-SM Configuration Example
Method
1. Configure related interfaces addresses.
2. Enter multicast configuration mode.
3. Enter PIM-SM configuration mode.
4. Set the loopback5 interface on S2 to CRP and BSR.
5. Enable PIM-SM on interfaces.
6. Configure a unicast route to the RP on S1. Configure a unicast route to the multicast
source on S2 (In this example, static route or IGP can be used).
Steps
S1 configuration:
13-17

S1(config-mcast-ipv6-pim)#router pim
S1(config-mcast-ipv6-pim-if-vlan1)#exit
S1(config-mcast-ipv6-pim-if-vlan2)#dr-priority 20
S1(config)#ipv6 route ::/0 199::2
S2 configuration:
S2(config-mcast-ipv6-pim)#rp-candidate loopback5
S2(config-mcast-ipv6-pim)#bsr-candidate loopback5
S2(config-mcast-ipv6-pim-if-vlan2)#dr-priority 20
S2#configure terminal
S2(config)#ipv6 route ::/0 199::1
Verification
Execute the show ip pim interface command on S1 to check the interface state, as shown
below.
S1(config)#show ipv6 pim interface
Interface State Nbr Hello DR
Count Period Priority
vlan1 Up 0 30 1
Address: fe80::2d0:d0ff:fe06:606
DR : fe80::2d0:d0ff:fe06:606
vlan2 Up 0 30 1
Address: fe80::2d0:d0ff:fe06:606
DR : fe80::2d0:d0ff:fe06:606
Execute the show ipv6 pim neighbor command on S1 to check the neighbor state, as shown
below.
S1(config)#show ipv6 pim neighbor

Neighbor Address(es)
Interface Uptime Expires DR Pri
fe80::211:12ff:fe51:ea12 vlan2 01:05:20 00:01:30 1
13-18

Execute the show ip pim rp mapping command on S1 to check the RP state, as shown
below.
S1(config)#show ipv6 pim bsr
BSR address: 100::1
Uptime:00:00::40,BSR Priority :0,Hash mask length:30
Expires:00:01:30
No IPv6 PIM-SM candidate RP information!
Execute the show ipv6 pim mroute command on S2 to check IPv6 PIM multicast routing
table.
S2(config)#show ipv6 pim mroute
Timers:Uptime/Expires(Upstream State)
(*, ff1e::1), 11:36:34/00:00:18(JOINED)/00:00:00, RP address: 100::1,
Ind: 1/Jns: 0/LAst: 0/Imo: 1/Lcd: 1
Iif: NULL, RPF nbr: 0::0
Oif:
vlan3, LocalIn / ImoXG
(198::2, ff1e::1), 00:00:18/00:00:42(JOINED)/00:03:21,
Reg:NO INFO; RP:100::1; RT:NULL;
Ind:0/Exd:0/Jns:0/LAst:0/Imo:0/Ino:1
Iif: vlan2, RPF nbr:fe80::259:28ff:fee0:801(S); AT
RPF nbr:0::0(D); 00:00:00(FORWARD);
Oif:
vlan3, InheritedFromXG / InoSGRpt / InoSG
13-19

13-20

Chapter 14
IPv6 PIM-SSM Configuration
Table of Contents
PIM-SSM Overview ..................................................................................................14-1
Configuring IPv6 PIM-SSM.......................................................................................14-1
IPv6 PIM-SSM Maintenance and Diagnosis .............................................................14-2
IPv6 PIM-SSM Configuration Example .....................................................................14-2
14.1 PIM-SSM Overview

Protocol Independent Multicast-Source Specific Multicast (PIM-SSM) has all advantages
of PIM-SM. PIM-SSM does not construct a shared tree. Instead, it only constructs the
SPT. When receiving the member relation report messages about a specific source and a
group, PIM-SSM will construct the SPT directly.
PIM-SSM is a subset of PIM-SM. PIM-SSM is suitable for the well known sources. It is
both intra-domain and inter-domain valid. PIM-SM uses MSDP for inter-domain multicast
routing. PIM-SSM does not need to use MSDP. The multicast group address allocated
for PIM-SSM is FF3X::/32. The switches will not construct a shared tree for this group
address.
After a host sends a Join message from a specific source to a group, the last hop switch
will send a (S, G) Join message to the direction of the source to construct a SPT. The last
hop switch will not send a (*, G) Join message to the direction of RP. Once the SPT is
constructed, the first hop switch will forward packets along this tree.
14.2 Configuring IPv6 PIM-SSM

To configure IPv6 PIM-SSM on ZXR10 5960, perform the following step.
Command Function
ZXR10(config-mcast-ipv6-pim)#ssm range {default | Configures address range of IPv6

group-list <access-list-name>} SSM groups or uses the default
group address range.
The default group range is
FF3X::/32.
The command parameter is described as follows:
< access-list-name > ACL name, with 1-31 characters
14-1

14.3 IPv6 PIM-SSM Maintenance and Diagnosis

Users can view the (S, G) routes of group addresses set by the SSM range. Other
addresses only generate (*, G) routes.
ZXR10 5960 provides the following command to maintain IPv6 PIM-SSM:
Command Function
ZXR10#show ipv6 pim mroute [group <group-address>][source Shows IPv6 PIM-SM routing table.
<source-address>]
group <group-address> Multicast group address, in the X:X::X:X format
source <source-address> Source address, in the X:X::X:X format
The following example shows the outputs of the show ipv6 pim mroute command:
ZXR10(config)#show ipv6 pim mroute group ff33::1 source 198::2
Timers:Uptime/Expires(Upstream State)
(198::2, ff33::1), 00:11:18/00:00:00(JOINED)/00:03:32,
Ind:1/Exd:0/Jns:0/LAst:0/Imo:1/Ino:1
Iif: vlan1, RPF nbr:0::0(S); AT
RPF nbr:0::0(D); 00:00:00(FORWARD);
Oif:
vlan2, LocalInSG / InoSG
14.4 IPv6 PIM-SSM Configuration Example

General Description
As shown in Figure 14-1, PIM-SM is enabled on S1, and SSM is configured. Configure
the SSM group range. MLD version is v2. The multicast source sends flows to multicast
groups of multiple specific sources. Only the traffic matching both the source address and
the multicast group address is allowed to pass through.
14-2

Chapter 14 IPv6 PIM-SSM Configuration
Figure 14-1 IPv6 PIM-SSM Configuration Example
Method
1. In interface mode, configure the interface address for both vlan1 and vlan2.
2. Enable the IP multicast function with the ipv6 multicast-routing command.
3. Enter the PIM-SM route configuration mode to configure the address range of SSM
groups.
4. Enter VLAN 1 and VLAN 2 to enable the PIM-SM protocol.
5. Enter MLD route configuration mode and then enter the interfaces to enable MLDv2.
6. Send dynamic group MLDv2 Join messages to specific receiving groups.
Steps
S1 configuration:
S1(config-mcast-ipv6-pim)#ssm range default
S1(config-mcast-ipv6-pim)#exit
S1(config-mcast-ipv6)#router mld
S1(config-mcast-ipv6-mld)#interface vlan2
S1(config-mcast-ipv6-mld-if-vlan2)#version 2
Verification
Check the configuration information on S1, as shown below.
S1#show running-config multicast6
!<multicast 6>
ipv6 multicast-routing
router pim
ssm range default
interface vlan2
pimsm
$
interface vlan1
14-3

pimsm
$
$
router mld
interface vlan2
$
!<multicast 6>
Check the result of multicast routes on S1, as shown below.

S1(config)#show ipv6 mroute
IPv6 Multicast Routing Table
Flags:NS:SPT upsend,RT:Reg upsend,F:Forward,
NTP:NTP join,DPU:Damping enable,DPD:Damping del,
B:Bidir
(198::2, ff33::1), TYPE: DYNAMIC, FLAGS: NS
Incoming interface: vlan1, flags: NS
Outgoing interface list:
vlan2, flags: F
14-4

Chapter 15
IPv6 Static Multicast
Configuration
Table of Contents
IPv6 Static Multicast Introduction..............................................................................15-1
Configuring IPv6 Static Multicast ..............................................................................15-2
Maintaining IPv6 Static Multicast ..............................................................................15-3
IPv6 Static Multicast Configuration Example.............................................................15-3
15.1 IPv6 Static Multicast Introduction

Static multicast routes are applied in the scenario where multicast packets are expected
to be forwarded along the specified path rather than the optimal path in unicast routing.
Static multicast routing provides ingress and egress interfaces for configuring the multicast
routing table, and creates the multicast forwarding table based on the user configuration. If
static and dynamic multicast routes are available at the same time, static multicast routes
are selected due to a higher priority. Static multicast routing can be considered as a special
multicast routing protocol.
The applications of static multicast routing vary with the application scenario:
l Changing RPF routes.
In general, the multicast networking structure is the same as the unicast networking
structure, and the transport path for multicast packets is the same as that for unicast
packets. RPF routes can be changed through the static multicast route configuration,
which creates a transport path for multicast packets. This path is different from the
transport path for unicast packets.
l Re-establishing RPF routes.
When unicast routes are blocked, packets (including multicast packets) cannot be
forwarded due to no RPF routes. RPF routes are generated through the static
multicast route configuration, and the multicast routing table is generated for the
forwarding of multicast packets.
When the multicast routing table is created by using the multicast routing protocol, the RPF
check mechanism is used to ensure the loop-free forwarding of multicast packets along
correct paths.
Three paths are separately selected from the unicast routing table, MBGP routing table,
and static multicast routing table, and the optimal path to the multicast source is determined
based on one of the following rules:
15-1

l If the longest matching rule is used, the longest matching path is selected from the
three paths.
l If the three paths have the same subnet mask, the highest-priority path is selected.
l If the three paths have the same priority, the path is selected in the following order:
à Static multicast path
à MGGP path
à Unicast path
This optimal path is used as an RPF route. After an RPF route is determined,
corresponding RPF interfaces and RPF neighbors are also determined.
15.2 Configuring IPv6 Static Multicast

To configure IPv6 static multicast routing, perform the following steps:
1 ZXR10(config-mcast-ipv6)#ipv6 Enables the MSTATIC protocol.

multicast-static-start
2 ZXR10(config-mcast-ipv6)#ipv6 Configures the maximum number of static

multicast-static-limit xg <xg-limit> sg multicast routes.
<sg-limit>
3 ZXR10(config-mcast-ipv6)#ipv6 Configures a static multicast routing entry.

multicast-static-route <source-address><grou
p-address>[{[ iif <iif-name>]|[oif <oif-index>]}]
4 ZXR10(config-mcast-ipv6)#ipv6 Configures a static multicast egress

multicast-static-interface index <index> interface set.
interface <interface-name>
<xg-limit> Maximum number of static multicast routes (*,

G), default: 0.
<sg-limit> Maximum number of static multicast routes (S,

G), default: 0.
<group-address> Multicast group address.
<source-address> Multicast source address.
15-2

Chapter 15 IPv6 Static Multicast Configuration
<iif-name> Name of the ingress interface for the multicast

route.
<oif-index> Sequence number of the egress interface for the

multicast route.
<index> Sequence number of the egress interface.
<interface-name> Name of the egress interface.
15.3 Maintaining IPv6 Static Multicast

To maintain IPv6 static multicast routing, run the following commands:
Command Function
ZXR10#show ipv6 multicast-static-interface[index Displays valid interfaces in the egress interface

<index>] set.
ZXR10#show ipv6 multicast-static-route [group Displays the contents in the static multicast
<group-address>][source <source-address>] routing table.
ZXR10##show ipv6 multicast-static-route summary Displays the statistics on the contents in the static
multicast routing table.
15.4 IPv6 Static Multicast Configuration Example

l Configuration Description
Figure 15-1 shows a sample networking topology. It is required to configure a
static multicast route (source address: 1::2, destination address: ff88::1) to forward
multicast packets.
Figure 15-1 Sample Networking Topology for the IPv6 Static Multicast
Configuration
l Configuration Flow
1. Configure the IP addresses.
2. Enter the multicast mode.
15-3

3. Enable static multicast routing.

4. Configure the maximum number of static multicast routes (*, G) and (S, G).
5. Configure a list of static multicast egress interfaces.
6. Configure a static multicast route.
l Configuration Commands
Run the following commands on S1:
S1(config-mcast-ipv6)#ipv6 multicast-static-start
S1(config-mcast-ipv6)#ipv6 multicast-static-limit xg 1024 sg 1024
S1(config-mcast-ipv6)#ipv6 multicast-static-interface index 2
interface vlan2
S1(config-mcast-ipv6)#ipv6 multicast-static-route 1::2
ff88::1 iif vlan1 oif 2
S1(config-mcast-ipv6)#end
l Configuration Verification
Run the show ipv6 multicast-static-interface command on S1 to display static multicast

information about the interfaces:
S1(config)#show ipv6 multicast-static-interface
STATIC6-MULTICAST OUT PORT INDEX 2:
Outgoing Interface:
vlan2
S1(config)#show ipv6 multicast-static-route

The Capability of Static Multicast6 Route
(*, g) 1024, (s, g) 1024
(1::2, ff88::1)
Incoming interface: vlan1 A
Outgoing interface list:
vlan2 F
15-4

Chapter 16
ISATAP Tunnel Configuration
Table of Contents
ISATAP Tunnel Overview .........................................................................................16-1
Configuring an ISATAP Tunnel .................................................................................16-2
ISATAP Configuration Example ................................................................................16-3
16.1 ISATAP Tunnel Overview

Instruction to ISATAP Tunnel
With the wide applications of IPv6 technology, there are more and more IPv6 hosts
on current IPv4 network. Intra-Site Automatic Tunnel Addressing Protocol (ISATAP)
tunnel technology provides a good solution for such application. ISATAP can obtain the
destination of a tunnel automatically by embedding an IPv4 address in the destination
address of an IPv6 packet.
When an ISATAP tunnel is used, the destination address of an IPv6 packet and the IPv6
address of a tunnel interface should use special ISATAP addresses. The format of an
ISATAP address is Prefix (64 bit):0:5EFE:ip-address. Thereinto, the 64–bit prefix is the
prefix of a legal IPv6 unicast address, and the ip-address is a 32–bit IPv4 source address
(in the a.b.c.d format or abcd:efgh format). Through this embedded IPv4 address, a
tunnel can be established automatically to transmit IPv6 packets. The ISATAP tunnel is
mainly used to connect two IPv6 forwarding devices and connect an IPv6 host to an IPv6
forwarding device on an IPv4 network.
ISATAP Tunnel Principle

ISATAP encapsulation principle and decapsulation principle are described below.
l Encapsulation principle: When an IPv6 is sent, the egress is an tunnel interface.
The tunnel type is judged according to packet call-back on the interface. If it is an
ISATAP tunnel, IPv4 header encapsulation is performed. An ISATAP tunnel follows the
encapsulation format of a 6in4 tunnel. The outer IPv4 destination address is the IPv4
address embedded in the destination address of the IPv6 packet, and the outer IPv4
source address is the source address of the ISATAP tunnel. After the encapsulation,
the packet is handled according to the common IPv4 packet sending flow.
l Decapsulation principle: The decapsulation flow of an ISATAP tunnel is the same as
that of a 6in4 tunnel. When an IPv4 packet is received and the protocol number in
the IPv4 header is 41, the protocol number processing functions registered for IPv4
are called and the 6in4 decapsulation function is used. The device searches for the
16-1

matched tunnel entity according to the source address and destination address of
the packet. If the matched tunnel entity is found, the IPv4 header encapsulated is
removed, and the left IPv6 packet is handled according to the IPv6 packet receiving
flow.
ISATAP tunnel principle is shown in Figure 16-1.
Figure 16-1 ISATAP Tunnel Principle
16.2 Configuring an ISATAP Tunnel

To configure an ISATAP tunnel on ZXR10 5960, perform the following steps:
1 ZXR10(config)#interface v6_tunnel1<tunnel_no> Creates an IPv6 tunnel

interface. Use the no format
of this command to delete a
tunnel interface.
2 ZXR10(config-if-v6_tunnel)#ipv6 enable Enables IPv6.
3 ZXR10(config-if-v6_tunnel)#ipv6 address <addrprefix / Configures an eui-64 address

prefix-len> eui-64 on an interface for an ISATAP
tunnel.
4 ZXR10(config)#ipv6-tunnel-config Enters IPv6 tunnel

configuration mode.
5 ZXR10(config)#interface v6_tunnel1<tunnel_no> Enters IPv6 tunnel interface

configuration mode.
6 ZXR10(config-ipv6-tunnel-if-v6_tunnelX)#tunnel Sets the tunnel mode to isatap.

mode ipv6ip isatap Use the no format of this
command to delete the current
tunnel mode.
16-2

Chapter 16 ISATAP Tunnel Configuration
7 ZXR10(config-ipv6-tunnel-if-v6_tunnelX)#tunnel Configures the source address

source ipv4 <src-addr> of an tunnel. Use the no format
of this command to delete the
source address of the tunnel.
Parameter descriptions:
<tunnel_no> Tunnel number, indicating the number of tunnel interfaces

that can be created, in the range of 1-512
<src-addr> Source address on the egress of the tunnel
<addrprefix /prefix-len> IPv6 address prefix and prefix length
16.3 ISATAP Configuration Example

General Description
As shown in Figure 16-2, assume that S1 is dual-stack switches, PC1 and PC2 are
dual-stack hosts. After the ISATAP tunnel is configured, PC1 can communicate with PC2
properly.
Figure 16-2 ISATAP Configuration Example
Method
To configure an ISATAP tunnel, it is necessary to enable IPv6 and bind the IPv4 address
of the switch at the source end of the tunnel. It is unnecessary to configure the destination
address. The configuration steps are described below:
1. Create an ISATAP tunnel. Configure an IPv6 address and enable IPv6. The IPv6
address on the ISATAP interface uses eui mode.
2. Enter tunnel configuration mode from global configuration mode, and then enter the
ISATAP tunnel interface to be configured.
3. Configure the tunnel mode and the source address.
4. Configure an IPv6 static route with the next hop being a tunnel.
16-3

Steps
S1 configuration:
S1(config-if-vlan10)#no ipv6 nd suppress-ra
S1(config-if-v6_tunnel1)#ipv6 address 2000::/64 eui-64
S1(config-ipv6-tunnel-if-v6_tunnel1)#tunnel mode ipv6ip isatap
Verification
Check the ISATAP configuration on S1, as shown below:
!<if-intf>
ipv6 enable
ipv6 address 2000::/64 eui-64
$
!</if-intf>
!<ipv6-tunnel>
ipv6-tunnel-config
tunnel mode ipv6ip isatap
$
$
!</ipv6-tunnel>
!<nd>
ipv6 nd suppress-ra disable
$
!</nd>
ipv6 route 2000::/64 v6_tunnel1
16-4

Chapter 16 ISATAP Tunnel Configuration
Execute the show ipv6 interface brief v6_tunnel2 command on S1 to view the tunnel
interface information, as shown below:
S1(config)#show ipv6 inter brief v6_tunnel1
v6_tunnel1 [up/up]
fe80::5efe:1400:1
2000::5efe:1400:1/64 [EUI]
16-5

16-6

Chapter 17
IPv6 URPF Configuration
Table of Contents
URPF Overview .......................................................................................................17-1
Configuring IPv6 URPF ............................................................................................17-2
URPF Maintenance and Diagnosis...........................................................................17-2
URPF Configuration Example...................................................................................17-3
17.1 URPF Overview

URPF is short for Unicast Reverse Path Forwarding. It is to prevent the network attack
behavior that based on the source address spoofing.
By inspecting source IP address containing in data packets, the interface which receives
data packets and the route entries existing in routing table, URPF confirms whether the
traffic is real and available and decides whether to forward or discard packets.
URPF is divided into three kinds,
l sRPF: strict RPF
Strict RPF is an easier method to filter source address. It performs routing lookup by
source address and estimate whether the egress interface of return path is consistent
with the ingress interface of packets arriving. If they are consistent, the forwarding
will continue. If they are inconsistent, URPF ACL matching is considered to perform.
If URPF ACL matching is not performed, then the packets will be discarded directly.
Conversely, if URPF ACL matching is performed and the result is matched, the
forwarding will continue. If the result is nonmatched, the packets will be discarded.
Strict RPF is only suitable for route symmetry. That is, when the packets enter from
a direction, its entrance path is the same with its return path. However, the route
paths usually are asymmetric between ISPs. Meanwhile, if some BGP valid network
segment address are not advertised or accepted by ISP policy, sRPF just like an ACL
with incomplete configuration. Some valid data flow will be discarded because lack of
information in forwarding table of filter router.
l lRPF: loose RPF

In loose RPF mode, router only inspects whether the source IP address of packet
exists in the routing table, but it does not inspect whether the ingress for receiving
packets matches with the content of routing table. In this way, URPF can effectively
prevent network from attacking, and it also can avoid to intercept legal user packets.
l lnRPF: loose RPF ignoring default route
17-1

Route still uses source IP address to look up route forwarding table. The packet is
permitted to forward when the route is found. However, the default route is ignored
to find in route forwarding table. Therefore, lnRPF is only suitable for dropping invalid
data flow through the default route. lnRPF has a explicit route for each valid route.
17.2 Configuring IPv6 URPF

To configure IPv6 URPF on ZXR10 5960, perform the following steps.
1 ZXR10(config)#ipv6 verify unicast source reachablevia {rx Enables IPv6 URPF function
| any} interface <interface-name>[ignore-default-route] on an interface.
2 ZXR10(config)#no ipv6 verify unicast source reachable-via Disables IPv6 URPF function
interface <interface-name> on an interface.
Descriptions of the parameters used by commands are shown below.
rx Strict mode
any Loose mode
interface <interface-name> The interface to be configured with IPv6

URPF
ignore-default-route InRPF. It is only available for loose mode.
17.3 URPF Maintenance and Diagnosis

ZXR10 5960 provides the following commands to maintain URPF:
Command Function
ZXR10#show running-config urpf This shows all the URPF

configurations.
This example describes what will be displayed after show running-config urpf is used.
ZXR10(config)#show running-config urpf
! <URPF>
ip verify unicast source reachable-via rx
!
ip verify unicast source reachable-via any
-ignore-default-route
!
17-2

Chapter 17 IPv6 URPF Configuration
! </URPF>
Descriptions of command output are shown below.
rx Strict mode
any Loose mode
ignore-default-route Ignore default route
17.4 URPF Configuration Example

General Description
As shown in Figure 17-1, strict URPF is configured in the interface xgei-0/1/1/1 on S1. To
avoid attacks on the network after S1 by users from the network before 1:1::ad:ea/64, the
data streams from the 1:1::ad:ea/64 network segment must pass the URPF check.
Figure 17-1 URPF Configuration Example Topology
Method
1. Configure interface IP address.
2. Configure strict URPF.
Steps
S1 configuration,
S1(config-if-vlan10)#ipv6 address 1:1::ad:ea/64
S1(config)#ip verify unicast source reachable-via rx interface xgei-0/1/1/1
Verification
Validate configuration result,
S1(config)#show running-config urpf
!<urpf>
ip verify unicast source reachable-via rx
!</urpf>
17-3

17-4

Chapter 18
IPv6 Basic Configuration
This command is used to query the mtu value, including the IP address, the path mtu value
learned by this device, the time when the path mtu becomes effective, and the remaining
time.
To query the learned PMTU on the ZXR10 5960, perform the following step:
Command Function
ZXR10#show ipv6 pmtu Queries the PMTU.
Example
The following is a sample output from the ZXR10#show ipv6 pmtu command:
ZXR10#show ipv6 pmtu
MTU Since Timeout Dest Vrfname(Vpnid)
1300 19s 9m41s 3ffe:320e:1:211::2 zte
1400 27s 9m33s 3ffe:3000:1:211::2 zte
18-1

18-2

Chapter 19
TCP6 Configuration
Table of Contents
TCP6 Overview ........................................................................................................19-1
Configuring the TCP6...............................................................................................19-1
TCP6 Maintenance and Diagnosis ...........................................................................19-3
19.1 TCP6 Overview

TCP6 is a connection-oriented full duplex data transmission control protocol. It provides
the end-to-end transmission service. This protocol is used when the transmission quality
and transmission result are highlighted.
The TCP6 protocol uses a mechanism that is similar to virtual connection. Before data
transmission, ensure that both ends are ready to send or receive data. The acknowledge
and retransmission mode guarantees that data can be transmitted safely. Before one
end sends packets, the other end must acknowledge the packet sent before. Using this
method, packets can be transmitted reliably.
The window mechanism can greatly improve the network throughput. Congestion
mechanism and retransmission mechanism can solve the packet delay and retransmission
faults. The state machine and timers are key to TCP6 data transmission.
19.2 Configuring the TCP6

To configure the TCP6 on the ZXR10 5960, perform the following steps:
1 ZXR10(config)#ipv6 tcp synwait-time <seconds> Sets the waiting time for

creating a TCP6 connection.
The time is effective is effective
for the TCP6 connections
created later. Range: 30-80
seconds. Use the no command
to restore the time to the
default 75 seconds.
19-1

2 ZXR10(config)#ipv6 tcp window-size <bytes> Sets the size of the TCP6

listening window. It is not
effective for the created
TCP6 connections. Range:
100-1048560 bytes. Use the
no command to restore the
value to the default 32768
bytes.
3 ZXR10(config)#ipv6 tcp finwait-time <seconds> Sets the waiting time for

disconnecting a TCP6
connection. Range: 300-675
seconds. Use the no command
to restore the value to the
default 675 seconds.
4 ZXR10(config)#ipv6 tcp queuemax <packets> Maximum queue length.

Range: 5-50 packets. Use the
no command to restore the
value to the default 5 packets.
5 ZXR10#clear tcp6 connect {<local-ip-address>|vrf Clears a TCP6 connection.

<vrf-name><local-ip-address>}<local-port><remote-ip-addre
ss><remote-port>
6 ZXR10#clear tcp6 statistics Clears the TCP6 statistics

information.
7 ZXR10#clear tcp6 tcb <tcb-index> Clears the TCP6 control block

information.
The range of <tcb-index> is
1-4294967295
vrf <vrf-name> Name of the VRF to which the IP address

belongs. Range: 1-32 characters.
<local-host-address> Local IP address.
<local-port> Local port number. Range: 1-65535.
<remote-ip-address> Remote IP address.
<remote-port> Remote port number. Range: 1-65535.
19-2

Chapter 19 TCP6 Configuration
19.3 TCP6 Maintenance and Diagnosis

To view the operation status of the TCP6 on the ZXR10 5960, run the following commands:
Command Function
ZXR10#show tcp6 brief Displays the brief information of all

TCP6 connections.
ZXR10#show tcp6 config Displays the TCP6 configuration

parameters.
ZXR10#show tcp6 statistics Displays the TCP6 statistics.
ZXR10#show tcp6 tcb <tcb-index> Displays the parameters of a

specific TCP connection.
The following is a sample output from the show tcp6 brief command:
ZXR10#show tcp brief
TCB Index Local Address Foreign Address State
11 2001::1:23 2001::10:3183 ESTAB
10 2001::1:23 2001::10:3182 ESTAB
7 2001::1:23 2001::6:1380 ESTAB
Parameter descriptions are as follows:
10 2001::1:23 2001::10:3182 ESTAB The index of the current control block is 10.
l Local Address: Local address and the port.
l Foreign Address: Remote address and the
port.
l State: State of the TCP connection.
The following is a sample output from the show tcp6 config command:
ZXR10#show tcp6 config
IPv6 TCP SYNWAIT: 75
IPv6 TCP FINWAIT: 675
IPv6 TCP QUEUEMAX: 5
IPv6 TCP WINDOWSIZE: 65535
TCP SYNWAIT: 75 TCP6 connection SYN packet timeout time. Unit:

second.
TCP FINWAIT: 675 TCP6 connection FIN packet timeout time. Unit:
second.
19-3

IPv6 TCP QUEUEMAX: 5 Maximum TCP6 connection queue length. Unit:

packet.
TCP WINDOWSIZE: 65535 Size of the TCP6 connection window that

receives data. Unit: byte.
The following is a sample output from the show tcp6 statistics command:
ZXR10#show tcp6 statistics
Rcvd:0 Total
0 checksum error, 0 bad offset, 0 too short
0 packets (0 bytes) in sequence
0 dup packets (0 bytes)
0 partially dup packets (0 bytes)
0 out-of-order packets (0 bytes)
0 packets (0 bytes) with data after window
0 packets after close
0 window probe packets, 0 window update packets
0 dup ack packets, 0 ack packets with unsend data
0 ack packets (0 bytes)
Sent: 0 Total
0 control packets (including 0 retransmitted)
0 data packets (0 bytes)
0 data packets (0 bytes) retransmitted
0 ack only packets (0 delayed)
0 window probe packets, 0 window update packets
0 Connections initiated, 0 connections accepted, 0 connections established
0 Connections closed (including 0 dropped, 0 embryonic dropped)
0 Total rxmt timeout, 0 connections dropped in rxmt timeout
0 Keepalive timeout, 0 keepalive probe, 0 connections dropped in keepalive
0 Total Number of all received packets, and the number

0 checksum error, 0 bad offset, of packets of each type, including the incorrect
0 too short packet.
0 packets (0 bytes) in sequence
0 dup packets (0 bytes)
0 partially dup packets (0 bytes)
0 out-of-order packets (0 bytes)
0 packets (0 bytes) with data after window
0 packets after close
0 window probe packets,
0 window update packets
19-4

Chapter 19 TCP6 Configuration
0 dup ack packets,

0 ack packets with unsend data
0 ack packets (0 bytes)
The following is a sample output from the show tcp6 tcb <tcb-index> command:
ZXR10#show tcp6 tcb 3
Connection state is ESTAB
Local host: 2345:6:7:8:ffff:2:1:a, Local port: 23
Foreign host: 2345:6:7:8:fff:2:1:b, Foreign port: 39647
iss: 435911597 snduna: 435911882 sndnxt: 435911882 sndwnd: 3844

irs: 3391817218 rcvnxt: 3391817259 rcvwnd: 8192
SRTT: 8 ms, RTTO: 4 ms, RTV: 0 ms

minRTT: 2 ms, maxRTT: 0 ms, ACK hold: 200 ms
show tcp6 tcb 2 Displays the parameters of the connection that

corresponds to control block 2. For parameter
descriptions, refer to the show tcp6 command.
19-5

19-6

Chapter 20
UDP6 Configuration
The UDP6 is a transmission layer protocol, and its transmission mechanism is not reliable.
It forwards the data received from programs but it cannot guarantee that the data can reach
the destination. In addition, whether to retransmit data and correct the data is determined
by the superior applications.
The UDP6 uses the source port (source IP address) and the destination port (destination IP
address) to establish a connection between two programs. It is a connectionless datagram
transmission mechanism. When you use the UDP6 protocol to transmit data, there is no
reply. The sender does not guarantee that the data is sent to the destination, and the
receiver only arranges the datagram according to the sequence field. If a datagram fails
to reach the destination, all data need to be retransmitted.
20-1

20-2

Chapter 21
DHCPv6 Configuration
Table of Contents
DHCPv6 Overview ...................................................................................................21-1
Configuring DHCPv6 ................................................................................................21-3
Maintaining DHCPv6 ................................................................................................21-9
DHCPv6 Configuration Examples...........................................................................21-10
21.1 DHCPv6 Overview

Introduction to DHCPv6
DHCPv6 is an automatic address allocation protocol defined by IETF on IPv6 networks.
Through DHCPv6, a network node can apply for IPv6 addresses and some other
configuration parameters from a DHCPv6 server. The network node also can obtain IPv6
addresses through other methods and just obtain other network parameters from the
DHCPv6 server.
On an IPv6 network, a DHCP client uses a reserved multicast address that is valid on a
link to locate the DHCPv6 server. Therefore, it is required that the client and the server
should be on the same link. However, in some applications, considering management,
economy and extension, it is required that a client can communicate with a server that is
not on the same link with the client. This function is accomplished by a DHCPv6 relay. A
DHCPv6 relay can relay access requests from other clients or relays.
Figure 21-1 shows the relation among DHCPv6 clients, relays and a server.
Figure 21-1 Relation Among DHCPv6 Client, Relay and Server
21-1

DHCPv6 Principle
Each DHCPv6 client or server has a unique identifier, that is, a DHCP Unique Identifier
(DUID). There are several modes to generate DUIDs. The lengths of DUIDs are different.
Not each message needs to carry a DUID, so a DUID is contained in the option information.
Identity Association (IA) is an abstract concept used by DHCPv6 servers and clients to
identify, group and management multiple addresses. A network interface needs at lest
one IA to manage the IPv6 address information obtained on this interface. An IA must
be associated with a unique network interface. Different IAs are identified by IAIDs. The
IPv6 address information allocated by DHCPv6 is contained in IAs. An IA can carry the
information of several addresses.
DHCPv6 uses UDP to transport the protocol packets. The detection port on clients is
Port 546, and the detection port on servers and relays is Port 547. Clients always use
multicast packets to start interactions. DHCPv6 defines two multicast addresses. One is
the multicast address (FF05::1:3) of all local DHCP servers, and the other is the multicast
address (FF02::1:2) of all servers and relay agents.
There are the following types of standard DHCPv6 messages.
l Solicit message (1): A client uses Solicit messages to locate the position of a server.
l Advertise message (2): A server sends an Advertise message to reply a Solicit. An
Advertise message contains the allocated address and option information.
l Request message (3): A client sends a Request message to a specified server to
request an address and configuration information.
l Confirm message (4): A client sends Confirm messages to any reachable server to
check whether the current IPv6 address it obtained is suitable for the connected links.
l Renew message (5): A client uses Renew messages to extend the address lease
term and update other configuration information.
l Rebind message (6): If the renew message is not replied, a client will use a Rebind
message to extend the address lease term and update other configuration information.
l Reply message (7): A server uses Reply message to respond Request, Renew,
Rebind, Release, Decline and Information-request messages. A Reply message can
carry an address and configuration information. In an exception, a Reply message
also can carry the status code information of an error.
l Release message (8): When a client sends a Release message to a server that
allocates an address for this client, the client does not use the address (or addresses)
any longer.
l Decline message (9): When a client sends a Decline message to a server, the address
(or addresses) has (have) been used on a link (or links).
l Reconfigure message (10): A server can send a Reconfigure message to a client to
hint the configuration information that the client can update.
l Information-request message (11): A client sends an Information-request message to
a sever to request configuration information without requesting an IP address.
l Relay-forward message (12): A relay agent sends a Relay-forward message to a
server to replay information.
21-2

Chapter 21 DHCPv6 Configuration
l Relay-reply message (13): A server sends a Relay-reply message carrying the

information that will be sent to a client to a rely agent.
Figure 21-2 shows the interaction procedure of DHCPv6 messages in a standard network
environment.
Figure 21-2 DHCPv6 Protocol Message Interaction
21.2 Configuring DHCPv6

Configuring the DHCPv6 Server
To configure the DHCPv6 server on the ZXR10 5960, perform the following steps:
1 ZXR10(config)#dhcp ipv6 Enters DHCPv6 configuration

mode.
21-3

2 ZXR10(config-dhcpv6)#enable Enables the embedded

DHCPv6 function.
ZXR10(config-dhcpv6)#disable Disables the DHCPv6 process.
3 ZXR10(config-dhcpv6)#interface <interface-vlan> Enters DHCPv6 interface

configuration mode.
ZXR10(config-dhcpv6)#server max-user <1-48000> Configures the maximum

number of users on the
DHCPv6 server.
ZXR10(config-dhcpv6)#server single-user-quota {[addr Configures the maximum

ess <max-address-number>]|[prefix <max-prefix-number>]} number of addresses that can
be assigned to a DHCP client
and the maximum number of
associated address prefixes.
ZXR10(config-dhcpv6)#server rapid-redial Enables the sending of a

notification to the DHCP server
after a DHCPv6 client is
re-connected to the server and
has an address assigned.
ZXR10(config-dhcpv6-if-vlanX)#mode {server | relay} Enables DHCPv6 working

mode of an interface.
4 ZXR10(config)#ipv6 addr-pool <pool-name> Enters IPv6 address pool

configuration mode.
ZXR10(config-ipv6-addr-pool)#addr-range Configures the range of the

<start-ipv6><end-ipv6>[vrf-instance <vrf-name>] IPv6 address pool.
ZXR10(config-ipv6-addr-pool)#exclude-range Configures IPv6 reserved

<start-ipv6><end-ipv6>[vrf-instance <vrf-name>] addresses.
ZXR10(config-ipv6-addr-pool)#conflict-time <timeout> Configures the release time of

conflict addresses in the IPv6
address pool, the default value
is 30 minutes.
ZXR10(config-ipv6-addr-pool)#lock This locks the IPv6 address

pool. By default, the address
pool is not locked.
ZXR10(config-ipv6-addr-pool)#threshold <percent> Configures the alarm threshold

of the IPv6 address pool, the
default threshold is 100%.
21-4

5 ZXR10(config)#ipv6 prefix-pool <pool-name> Enters IPv6 prefix-pool

configuration mode.
ZXR10(config-ipv6-prefix-pool)#lock This locks the IPv6 prefix-pool.

By default, the IPv6 prefix-pool
is not locked.
ZXR10(config-ipv6-prefix-pool)#prefix-delegation Configures an IPv6

<ipv6 prefix-delegation><prefix-length>[vrf-instance prefix-delegation.
<vrf-name>]
ZXR10(config-ipv6-prefix-pool)#threshold <percent> Configures the alarm threshold

of the IPv6 prefix-pool. The
default threshold is 100%.
ZXR10(config-ipv6-prefix-pool)#exclude-prefix Configures an IPv6

<ipv6-prefix-delegation><prefix-length>[ vrf-instance exclude-prefix.
<vrf-name>]
6 ZXR10(config-dhcpv6)#pool <pool-name> Enters DHCPv6 address

pool configuration mode form
DHCPv6 configuration mode.
ZXR10(config-dhcpv6-pool)#address-pool <pool-name> Binds a specified IPv6

address-pool to a DHCPv6
pool.
ZXR10(config-dhcpv6-pool)#address-lifetime Specifies the life time of the

{<valid-lifetime>| infinite}{<preferred-lifetime>| infinite} address-pool.
ZXR10(config-dhcpv6-pool)#prefix-pool <pool-name> Binds the specified prefix-pool

to the dhcpv6 pool.
ZXR10(config-dhcpv6-pool)#prefix-lifetime Specifies the lifetime for the

{<valid-lifetime>| infinite}{<preferred-lifetime>| infinite} prefix-pool.
ZXR10(config-dhcpv6-pool)#binding <c Configures a static binding

lient-duid>{address <ipv6-address>| prefix between a client-DUID, an
<ipv6-prefix-delegation>}[vrf-instance <vrf-name>] assigned IPv6 address, and an
assigned prefix.
ZXR10(config-dhcpv6-pool)#option <code>[description Configures DHCPv6 options.

<WORD>]{fqdn <WORD>| ascii <WORD>| hex <WORD>|
ipv6-address <IPv6-address>[<IPv6-address>|[<IPv6-addre
ss>|[<IPv6-address>|[<IPv6-address>|[<IPv6-address>|[<IPv6
-address>|[<IPv6-address>]]}
ZXR10(config-dhcpv6-pool)#dns-server Configures the address of an

<server-number><server-ipv6> IPv6 DNS server.
ZXR10(config-dhcpv6-pool)#domain-name Configures the domain name

<server-number><domain-name> of an IPv6 DNS server.
21-5

ZXR10(config-dhcpv6-pool)#preference Configures the server

<preference-value> preference. The range of
the preference is 1-255.
ZXR10(config-dhcpv6-pool)#aftr address Configures the aftr address.

<ipv6-address>[option-code-value <option_code>] Range: 1-65535
ZXR10(config-dhcpv6-pool)#aftr fqdn <Tunnel endpoint Configures the aftr domain

name>[option-code-value < option_code >] name. Range: 1-65535.
ZXR10(config-dhcpv6-pool)#server-unicast-address Configures the unicast address

<ipv6-address> of the server.
7 ZXR10(config-dhcpv6)#policy <policy-name><priority> Enters DHCPv6 policy

configuration mode from
DHCPv6 configuration mode
and configures the priority of
the policy. The range of the
priority is 1-5.
ZXR10(config-dhcpv6-policy)#dhcpv6-pool This binds a DHCPv6 policy to

<pool-name> a DHCPv6 address pool.
ZXR10(config-dhcpv6-policy)#link-addrss Configures a DHCPv6 policy

<ipv6-address> link-address.

configuration mode.
ZXR10(config-dhcpv6-if-vlanX)#server policy Configures a DHCPv6 server

<policy-name> policy on the interface.
ZXR10(config-dhcpv6-if-vlanX)#enable server-unicast Enables unicast on a DHCPv6

interface.
ZXR10(config-dhcpv6-if-vlanX)#dscp <0-63> Configures the IPv6 Traffic

Class option carried in the
message replied from the
DHCP server to DHCP relay.
<start-ipv6> The start IP address of the IPv6 address pool.
<end-ipv6> The end IP address of the IPv6 address pool.
vrf-instance <vrf-name> IPv6 address pool in the VRF instance.
<timeout> The time before releasing conflicted addresses for the IPv6
address pool. Range: 1-18000 minutes, default: 30 minutes.
21-6

<threshold> Alarm threshold of the IPv6 address pool. Range: 50-100,

default: 100.
<valid-lifetime> The valid life time of the address pool, in the unit of second,
in the range of 60-4294967295
<preferred-lifetime> The preferred life time of the address pool, in the unit of
second, in the range of 60-4294967295
<server-number> DNS server number, value 1 or 2
<Tunnel endpoint name> Domain name. Range: 1–32 characters.
Configuring a DHCPv6 Relay

To configure a DHCPv6 relay on the ZXR10 5960, perform the following steps:
1 ZXR10(config)#dhcp ipv6 Enters DHCPv6 configuration

mode.
2 ZXR10(config-dhcpv6)#enable Enables the embedded

DHCPv6 function.
ZXR10(config-dhcpv6)#disable Disables the embedded

DHCPv6 function.
3 ZXR10(config-dhcpv6)#relay server group <number> Enters DHCPv6 relay server

group configuration mode from
ZXR10(config-dhcpv6)#relay max-user <1-48000> Configures the maximum

number of users on the DHCP
relay.
ZXR10(config-dhcpv6-server-group)#algorithm Configures the DHCPv6 relay

{normal | first | round-robin} server to use a policy. The
default forwarding mode is
normal.
ZXR10(config-dhcpv6-server-group)#server <server-no Configures the DHCPv6 relay

><server-ipv6>[interface <interface-name>][master][dscp server to trust information.
<0-63>]
ZXR10(config-dhcpv6-server-group)#deadtime <time> Configures the unavailable

duration after the DHCPv6
relay server fails sending.
21-7

ZXR10(config-dhcpv6-server-group)#description Configures the description of a

<descript-string> DHCP relay server.
ZXR10(config-dhcpv6-server-group)#max-retry Configures the number of retry

<limit-value> attempts that the DHCPv6
relay server group applies
for address from an external
DHCPv6 server. The default
number is 10.
4 ZXR10(config-dhcpv6)#relay policy <policy-name> Enters DHCPv6 relay policy

configuration mode from
ZXR10(config-dhcpv6-policy-group)#default Configures the DHCPv6 relay

server-group <number> server group bound to the
DHCPv6 relay policy group by
default.
5 ZXR10(config-dhcpv6)#relay intfid-format {china-tel | Configures the interface-ID

dsl-forum | user-configuration} format of the DHCPv6 relay.
ZXR10(config-dhcpv6)#relay remote-id <num><name> Configures the global

remote-ID of a relay. It is not
allowed to run this command.
By default, the value is not
configured.

configuration mode.
ZXR10(config-dhcpv6-if-vlanX)#relay agent Configures IP address of an

<ipv6-address> DHCPv6 agent on an interface.
ZXR10(config-dhcpv6-if-vlanX)#relay interface-id Configures an interface-ID

<word> of a DHCPv6 relay on an
interface. The ID is valid
when the interface-ID format is
user-configuration.
The interface-ID is a string with
1-16 characters.
ZXR10(config-dhcpv6-if-vlanX)#relay policy Configures a DHCPv6 relay

<policy-name> policy of an interface.
21-8

{normal | first | round-robin} Normal mode is to forward to all servers. First mode is
master/slave mode. Round-robin is load sharing mode. The
default mode is normal.
<server-no> Server number, range: 1-5.
[master] Master server
china-tel | dsl-forum | china-tel: China Telecommunication mode

user-configuration dsl-forum: DSL forum mode
user-configuration: user configuration mode
By default, L3 interface index is used directly.
<num> Enterprise number, range: 0-4294967295.
<name> Remote-ID string, range: 1-32 characters.
21.3 Maintaining DHCPv6

To maintain DHCPv6, run the following commands:
Command Function
ZXR10#show ipv6 dhcp server user [interface Shows the client information on a DHCPv6
<interface-name>]|[summary] server.
ZXR10#show ipv6 dhcp relay user [interface Shows the client information on a DHCPv6
<interface-name>]|[summary] relay.
ZXR10#show running-config dhcpv6 Displays the DHCPv6 information
summary Displays the number of statistics instead of the

detailed contents.
The following is a sample output from the show ipv6 dhcp server user command:
ZXR10#show ipv6 dhcp server user
Client DUID: 0001000113CB5B3A002127A242AA
IA NA: IA ID 2720473344, T1 500, T2 800
Address: 100::2
preferred lifetime 1000 seconds, valid lifetime 1000 seconds
expires at 16:28:51 07/16/2010 (918 seconds)
21-9

DUID Unique identifier of a client.
IA NA IA type. IA NA means a temporary address. IA PD means

allocated by a prefix.
IA ID IA identifier.
T1 Recommended Renew interval.
T2 Recommended Rebind interval.
21.4 DHCPv6 Configuration Examples

21.4.1 DHCPv6 Server Configuration Instance
As shown in Figure 21-3, S1 acts as both DHCP server and the default gateway. The PC
obtains an IP address dynamically through DHCP.
Figure 21-3 DHCPv6 Server Configuration Instance
The configuration requirements of S1 are described below.

l In global configuration mode, configure an IPv6 address, an IPv6 pool, a DHCPv6
pool and a DHCPv6 policy. Enable DHCPv6 function.
l In interface configuration mode, configure an IP address and DHCP server mode.
Bind the DHCPv6 policy.
1. Enable IPv6 on the interface and configure an IPv6 address.
2. Configure an IPv6 address pool and configure related parameters such as the range
of the address pool.
3. Enable DHCPv6 globally.
4. Configure DHCPv6 pool. The DHCPv6 pool needs to bind to an IP pool. Configures
DNS, lease time and other parameters.
5. Configure DHCPv6 policy. The DHCPv6 policy is a policy option. Many priorities are
supported by a name for policy management.
6. Configure a DHCPv6 server. Configure server mode in DHCPv6 interface
configuration mode. Bind the policy.
21-10

Configuration on S1:
S1(config)#switchvlan-configuration
S1(config-swvlan)#interface xgei-0/1/1/1
S1(config-swvlan-if-xgei-0/1/1/1)#switchport access vlan 10
S1(config-swvlan-if-xgei-0/1/1/1)#exit
S1(config-swvlan)#exit
S1(config-if-vlan10)#ipv6 address 86::1:1/96
/*Configure an IPv6 address pool*/

S1(config)#ipv6 addr-pool zte
S1(config-ipv6-addr-pool)#addr-range 86::1:2 86::1:10
S1(config-ipv6-addr-pool)#exit
/*Enable DHCPv6*/
S1(config)#dhcp ipv6
S1(config-dhcpv6)#enable
/*Bind the IPv6 address pool to the DHCPv6 pool*/

S1(config-dhcpv6)#pool zte
S1(config-dhcpv6-pool)#address-pool zte
S1(config-dhcpv6-pool)#address-lifetime 1000 seconds 1000 seconds
S1(config-dhcpv6-pool)#exit
/*Bind the DHCPv6 pool to the DHCPv6 policy*/

S1(config-dhcpv6)#policy zte 1
S1(config-dhcpv6-policy)#dhcpv6-pool zte
S1(config-dhcpv6-policy)#exit
/*Configure server mode in interface configuration mode and bind the policy*/
S1(config-dhcpv6)#interface vlan10
S1(config-dhcpv6-if-vlan10)#mode server
S1(config-dhcpv6-if-vlan10)#server policy zte
S1(config-dhcpv6-if-vlan10)#exit
Check the configuration of the IPv6 address pool on S1, as shown below.
S1#show ipv6 addr-pool configure zte

PoolName Lock Begin End Vrf Used Free Exclude
21-11

zte no 86::1:2 86::1:10 0 15 0

RangeTotal:1
Check the DHCPv6 configuration on S1, as shown below.

S1#show running-config dhcpv6
! <dhcpv6>
dhcp ipv6
policy zte 1
dhcpv6-pool zte
$
pool zte
address-pool zte
address-lifetime 1000 1000
$
interface vlan10
mode server
server policy zte
$
enable
$
! </dhcpv6>
After the PC user obtains an address through DHCPv6, check the user information on S1,
as shown below.
S1#show ipv6 dhcp server user
Client DUID: 000100014CFBF3DB001094000001
IA NA: IA ID 0, T1 500, T2 800
Address: 86::1:2
IA NA: IA ID 0, T1 500, T2 800
Address: 86::1:3
IA NA: IA ID 0, T1 500, T2 800
Address: 86::1:4
21-12

21.4.2 DHCPv6 Relay Configuration Instance

When a DHCP client and a server do not belong to the same network, it is necessary to
use a router connected directly to the user to act as a DHCPv6 relay.
As shown in Figure 21-4, enable DHCPv6 relay function on S1. S2 provides DHCPv6
server function. This method is usually used when there are many hosts needing DHCPv6
service.
Figure 21-4 DHCPv6 Relay Configuration Instance
The configuration requirements are described below.

l Configure an IPv6 address, a DHCPv6 server address and DHCPv6 relay mode on
the interface of S1.
l Configure an IPv6 address and DHCPv6 server mode on the interface of S2. Bind a
DHCPv6 policy on the interface of S2.
l In global configuration mode on S2, enable DHCPv6, configure an IPv6 address pool,
a DHCPv6 pool and a DHCPv6 policy, and configure a routes pointing to interface
network segment of S1.
1. Configure an IPv6 address on the interface of the relay and enable DHCPv6.
2. Configure a relay server group on the relay. Bind the group in the relay policy.
3. Configure relay agent mode on the interface connected to the PC on the relay.
4. The configuration on the server is similar to that on the server in the "DHCPv6 Server
Configuration Instance". It is necessary to specify the IPv6 address of the relay
interface in the DHCPv6 policy.
5. Configure a static route to the network segment of the relay interface on the server.
/*Configure an interface*/
21-13

S1(config-if-vlan20)#ipv6 add 87::1:1/96
/*Enable DHCPv6 function*/

/*Specify a server*/
S1(config-dhcpv6)#relay server group 1
S1(config-dhcp-server-group)#server 1 87::1:2
S1(config-dhcp-server-group)#exit
/*Configure a relay policy*/

S1(config-dhcpv6)#relay policy 1
S1(config-dhcpv6-policy-group)#default server-group 1
S1(config-dhcpv6-policy-group)#exit
/*Configure interface DHCP mode and other attributes*/

S1(config-dhcpv6-if-vlan10)#mode relay
S1(config-dhcpv6-if-vlan10)#relay agent 86::1:1
S1(config-dhcpv6-if-vlan10)#relay policy 1
S1(config-dhcpv6)#exit
/*Configure an interface*/
21-14

/*Configure an IPv6 address pool*/

S2(config)#ipv6 addr-pool zte1
S2(config-ipv6-addr-pool)#addr-range 86::1:10 86::1:50
S2(config-ipv6-addr-pool)#exit
/*Enable DHCPv6*/
/*Bind the IPv6 address pool to the DHCPv6 pool*/

S2(config-dhcpv6)#pool zte1
S2(config-dhcpv6-pool)#address-pool zte1
S2(config-dhcpv6-pool)#address-lifetime 10000 seconds 10000 seconds
S2(config-dhcpv6-pool)#exit
/*Bind the DHCPv6 pool to the DHCPv6 policy*/

S2(config-dhcpv6)#policy zte1 1
S2(config-dhcpv6-policy)#dhcpv6-pool zte1
S2(config-dhcpv6-policy)#link-address 86::1:1
S2(config-dhcpv6-policy)#exit
/*Configure DHCP mode of the interface*/

S2(config-dhcpv6-if-vlan20)#mode server
S2(config-dhcpv6-if-vlan20)#server policy zte1
! <dhcpv6>
dhcp ipv6
enable
relay policy 1
default server-group 1
$
relay server group 1
server 1 87::1:2
$
interface vlan10
mode relay
relay agent 86::1:1
relay policy 1
21-15

$
! </dhcpv6>
Check the configuration of the IPv6 address pool on S2, as shown below.
S2#show ipv6 addr-pool configure zte1
PoolName Lock Begin End Vrf Used Free Exclude
zte1 no 86::1:10 86::1:50 0 65 0
RangeTotal:1

! <dhcpv6>
dhcp ipv6
policy zte1 1
dhcpv6-pool zte1
link-address 86::1:1
$
pool zte
address-pool zte1
address-lifetime 10000 seconds 10000 seconds
$
interface vlan20
mode server
server policy zte1
$
enable
$
! </dhcpv6>
After the PC user obtains an address through DHCPv6, check the user information on S2,
as shown below.
S2#show ipv6 dhcp server user
IA NA: IA ID 0, T1 5000 T2 8000
Address: 86::1:10
IA NA: IA ID 0, T1 5000, T2 8000
Address: 86::1:11
IA NA: IA ID 0, T1 5000, T2 8000
Address: 86::1:12
21-16

21-17

21-18

Figures
Figure 1-1 IPv4 Header Format................................................................................. 1-2
Figure 1-2 IPv6 Header Format................................................................................. 1-2
Figure 1-3 Structure of an IPv6 unicast address........................................................ 1-4
Figure 1-4 IPv6 Address Configuration Example ..................................................... 1-15
Figure 3-1 Principles of the IPv6 over IPv4 Tunnel Mechanism ................................. 3-1
Figure 3-2 Principles of the IPv4 (or IPv6) over IPv4 Tunnel ..................................... 3-2
Figure 3-3 Principles of a 6in4 Tunnel ....................................................................... 3-2
Figure 3-4 Principles of a 6to4 Tunnel....................................................................... 3-3
Figure 3-5 6in4 Tunnel Configuration Example.......................................................... 3-6
Figure 3-6 6to4 Tunnel Configuration Example ......................................................... 3-8
Figure 4-1 IPv6 ACL Configuration Example ............................................................. 4-9
Figure 5-1 IPv6 Static Route Configuration Example................................................. 5-4
Figure 6-1 RIPng Configuration Example .................................................................. 6-9
Figure 7-1 OSPFv3 Configuration Example ............................................................ 7-16
Figure 7-2 OSPFv3 Configuration Example 2.......................................................... 7-18
Figure 8-1 Single-Area IS-ISv6 Configuration Example ........................................... 8-17
Figure 8-2 Multi-Area IS-ISv6 Configuration Example ............................................. 8-22
Figure 9-1 BGP4+ Route Reflector Configuration Example ....................................... 9-9
Figure 9-2 BGP4+ General Configuration Example ................................................. 9-10
Figure 10-1 IPv6 CAR SET Configuration Example................................................. 10-2
Figure 11-1 Structure of IPv6 Multicast Address on Basis of Unicast Prefix ............ 11-2
Figure 12-1 MLDv1 Configuration Example............................................................. 12-8
Figure 12-2 Static Group Configuration ................................................................. 12-10
Figure 13-1 PIM-SM Configuration Example ......................................................... 13-17
Figure 14-1 IPv6 PIM-SSM Configuration Example................................................. 14-3
Figure 15-1 Sample Networking Topology for the IPv6 Static Multicast
Configuration ........................................................................................ 15-3
Figure 16-1 ISATAP Tunnel Principle ...................................................................... 16-2
Figure 16-2 ISATAP Configuration Example............................................................ 16-3
Figure 17-1 URPF Configuration Example Topology ............................................... 17-3
Figure 21-1 Relation Among DHCPv6 Client, Relay and Server.............................. 21-1
Figure 21-2 DHCPv6 Protocol Message Interaction ................................................ 21-3

Figure 21-3 DHCPv6 Server Configuration Instance ............................................. 21-10

Figure 21-4 DHCPv6 Relay Configuration Instance............................................... 21-13
II

Tables
Table 1-1 IPv6 Address Types .................................................................................. 1-3
Table 1-2 Aggregatable Global Unicast Address Fields ............................................. 1-4
Table 1-3 Structure of the IPv6 Address Embedded With IPv4 Address .................... 1-6
Table 1-4 Structures of Link-local Address and Site-local Address ............................ 1-7
Table 1-5 Multicast Address Format .......................................................................... 1-8
Table 1-6 Multicast Scope Value ............................................................................... 1-8
Table 1-7 IPv6 Address Compression ..................................................................... 1-10
Table 7-1 Similarities and Differences Between OSPFv3 LSAs and OSPFv2
LSAs ........................................................................................................ 7-5
Table 11-1 IPv6 Multicast Address Allocation .......................................................... 11-1
III

Tables
IV

Glossary
ACL
- Access Control List
ARP
- Address Resolution Protocol
AS
- Autonomous System
BDR
- Backup Designate Router
BFD
- Bidirectional Forwarding Detection
BGP
- Border Gateway Protocol
BOOTP
- Bootstrap Protocol
BSR
- Bootstrap Router
CAR
- Committed Access Rate
DHCP
- Dynamic Host Configuration Protocol
DIS
- Designate IS
DR
- Designated Router
DUID
- DHCP Unique Identifier
IA
- Identity Association
IBGP
- Interior Border Gateway Protocol
ICMP
- Internet Control Message Protocol
IETF
- Internet Engineering Task Force

IGMP
- Internet Group Management Protocol
IGP
- Interior Gateway Protocol
IP
- Internet Protocol
IPSec
- IP Security Protocol
IPv4
- Internet Protocol version 4
IPv6
- Internet Protocol Version 6
IPX
- Internetwork Packet Exchange protocol
IS-IS
- Intermediate System-to-Intermediate System
ISATAP
- Intra-Site Automatic Tunnel Addressing Protocol
ISO
- International Organization for Standardization
ISP
- Internet Service Provider
LAN
- Local Area Network
LSA
- Link State Advertisement
LSDB
- Link-state Database
LSP
- Link State Packet
LSU
- Link State Update
MBGP
- Multiprotocol Border Gateway Protocol
MD5
- Message Digest 5 Algorithm
MLD
- Multicast Listener Discovery
VI

Glossary
MLDv2
- Multicast Listener Discovery Version 2
MSDP
- Multicast Source Discovery Protocol
MTU
- Maximum Transfer Unit
NBMA
- Non-Broadcast Multiple Access
NDP
- Neighbor Discovery Protocol
NSAP
- Network Service Access Point
OSI
- Open System Interconnection
OSPF
- Open Shortest Path First
PIM-SSM
- Protocol Independent Multicast-Source Specific Multicast
QoS
- Quality of Service
RFC
- Request For Comments
RIP
- Routing Information Protocol
RIPng
- Routing Information Protocol next generation
RP
- Rendezvous Point
RPF
- Reverse Path Forwarding
SPF
- Shortest Path First
SSM
- Source Specific Multicast
TCP/IP
- Transmission Control Protocol/Internet Protocol
TLV
- Tag, Length, Value
VII

TTL
- Time To Live
UDP
- User Datagram Protocol
URPF
- Unicast Reverse Path Forwarding
VIII

SJ-20160119164028-016-ZXR10 5960 Series (V3.02.20) All 10-Gigabit Data Center Switch Configuration Guide (IPv6)

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

SJ-20160119164028-016-ZXR10 5960 Series (V3.02.20) All 10-Gigabit Data Center Switch Configuration Guide (IPv6)

Uploaded by

Copyright:

Available Formats

ZXR10 5960 Series

All 10–Gigabit Data Center Switch

Revision No. Revision Date Revision Reason

R2.0 2017-02-28 Updated configuration commands and instances

R1.0 2016-02-28 First edition

Serial Number: SJ-20160119164028-016

Publishing Date: 2017-02-28 (R2.0)

SJ-20160119164028-016|2017-02-28 (R2.0) ZTE Proprietary and Confidential

Chapter 2 NDP Configuration.................................................................... 2-1

Chapter 3 IPv6 Tunnel Configuration ....................................................... 3-1

Chapter 4 IPv6 ACL Configuration............................................................ 4-1

Chapter 5 IPv6 Static Route Configuration .............................................. 5-1

Chapter 6 RIPng Configuration ................................................................. 6-1

SJ-20160119164028-016|2017-02-28 (R2.0) ZTE Proprietary and Confidential

Chapter 8 IS-ISv6 Configuration ............................................................... 8-1

Chapter 9 BGP4+ Configuration ............................................................... 9-1

Chapter 10 IPv6 QoS Configuration........................................................ 10-1

Chapter 11 IPv6 Multicast Configuration................................................ 11-1

Chapter 12 MLD Configuration................................................................ 12-1

Chapter 13 IPv6 PIM-SM Configuration .................................................. 13-1

SJ-20160119164028-016|2017-02-28 (R2.0) ZTE Proprietary and Confidential

Chapter 14 IPv6 PIM-SSM Configuration................................................ 14-1

Chapter 15 IPv6 Static Multicast Configuration..................................... 15-1

Chapter 16 ISATAP Tunnel Configuration .............................................. 16-1

Chapter 17 IPv6 URPF Configuration ..................................................... 17-1

Chapter 18 IPv6 Basic Configuration ..................................................... 18-1

Chapter 20 UDP6 Configuration.............................................................. 20-1

SJ-20160119164028-016|2017-02-28 (R2.0) ZTE Proprietary and Confidential

SJ-20160119164028-016|2017-02-28 (R2.0) ZTE Proprietary and Confidential

l Network planning engineers

What Is in This Manual

Chapter 1, IPv6 Address Configuration Describes IPv6 address, configuration

Chapter 2, NDP Configuration Describes NDP technology and principle,

Chapter 6, RIPng Configuration Describes RIPng technology and principle,

SJ-20160119164028-016|2017-02-28 (R2.0) ZTE Proprietary and Confidential

Chapter 8, IS-ISv6 Configuration Describes IS-ISv6 technology and principle,

Chapter 9, BGP4+ Configuration Describes BGP4+ technology and principle,

Chapter 12, MLD Configuration Describes MLD technology and principle,

SJ-20160119164028-016|2017-02-28 (R2.0) ZTE Proprietary and Confidential

Chapter 19, TCP6 Configuration Describes TCP6 principles and maintenance

Chapter 20, UDP6 Configuration Describes UDP6 principles and maintenance

Chapter 21, DHCPv6 Configuration Describes UDP6 principles, configuration

| Separates individual parameters in a series of parameters.

Danger: indicates an imminently hazardous situation. Failure to comply will result in

Warning: indicates a potentially hazardous situation. Failure to comply can result in

Caution: indicates a potentially hazardous situation. Failure to comply can result in

Notice: indicates equipment or environment safety information. Failure to comply

Note: provides additional information about a topic.

SJ-20160119164028-016|2017-02-28 (R2.0) ZTE Proprietary and Confidential

SJ-20160119164028-016|2017-02-28 (R2.0) ZTE Proprietary and Confidential

1.1 IPv6 Address Overview

SJ-20160119164028-016|2017-02-28 (R2.0) ZTE Proprietary and Confidential

Figure 1-1 IPv4 Header Format

Figure 1-2 IPv6 Header Format

SJ-20160119164028-016|2017-02-28 (R2.0) ZTE Proprietary and Confidential

Table 1-1 IPv6 Address Types

Address Type Prefix (Binary)

Unassigned addresses 00...0(128 bits)[::/128]

Loopback addresses 00...1(128 bits )[::1/128]

Multicast addresses 11111111[FF00::/8]

Link-local unicast addresses 1111111010[FE80::/10]

Global unicast addresses Others

SJ-20160119164028-016|2017-02-28 (R2.0) ZTE Proprietary and Confidential

Figure 1-3 Structure of an IPv6 unicast address