Logo

dev-resources.site

for different kinds of informations.

How to Configure a DHCPv6 Server on a Cisco Router

Published at
8/6/2023
Categories
cisco
ccna
network
Author
esmeralda
Categories
3 categories in total
cisco
open
ccna
open
network
open
Author
9 person written this
esmeralda
open
How to Configure a DHCPv6 Server on a Cisco Router

Image description

Hello! How are you doing?

In this post, you will learn how to configure:

  • a stateless DHCPv6 server
  • a stateless DHCPv6 client
  • a stateful DHCPv6 server
  • a stateful DHCPv6 client
  • a DHCPv6 relay agent
  • and how to verify a DHCPv6 server and relay agent

To better understand this topic, you must have a solid understanding of IPv6, SLAAC (Stateless Address Auto-Configuration), ICMPv6, and what is a stateless and stateful DCHPv6 server.

In simple words, a stateless DHCPv6 server doesn’t provide IPv6 addresses. It offers only information such as the DNS server list and domain name. Therefore, the server doesn’t keep track of the addresses allocated. On the other hand, a stateful DHCPv6 server provides IPv6 addresses and other information to hosts, which means, the server maintains all the information.

Taking into consideration that you already have knowledge of ICMPv6 messages, Router Solicitation (RS) and Router Advertisement (RA), I will only share a brief summary of RA flags that are important to remember for these configurations.

RA messages establish how a client obtains IPv6 addressing information automatically. There are 3 options for assigning addresses:

1- SLAAC (Only using the RA messages)

2- Stateless DHCPv6 (RA and DHCPv6 messages)

3- Stateful DHCPv6 (Only using the DHCPv6 messages)

RA messages are able to establish how addressing will be assigned by using flags:

  • A — Autonomous Address Autoconfiguration Flag: if it is set to 1, SLAAC is used to auto-generate a Global Unicast Address (GUA). If it is set to 0, auto-configuration is not allowed.
  • M — Managed Address Configuration Flag: if it is set to 1, all information (GUA, a DNS server list, and domain name) will be obtained from a stateful DHCPv6 server.
  • O — Other Configuration Flag: if it is set to 1, hosts can obtain a DNS server list and domain name from a stateless DHCPv6 server.

It is important to remember that the DHCPv6 server will never provide default gateways. The default gateway will be the Link-Local Address (LLA) of the RA.

1- How to configure a stateless DHCPv6 server

In a stateless DHCPv6 server, the router will provide SLAAC and DHCPv6 services. SLAAC uses ICMPv6 RA messages to provide addressing and other information to a client, which means, the router will send RAs informing the client of the prefix and prefix length to form the Global Unicast Address (GUA). In addition to that, a stateless DHCPv6 server will only provide some information such as the DNS server list and domain name.

Image description

Step 1: Enable IPv6 routing

R1(config)#ipv6 unicast-routing

Step 2: Define the DHCPv6 pool name.

R1(config)#ipv6 dhcp pool STATELESS-POOL
R1(config-dhcpv6)#

It helps when troubleshooting to put the pool name in upper case. Also, as you can see above, when entering the command we will enter in the subconfig mode of the dhcpv6 pool.

Step 3: Configure the DHCPv6 pool

R1(config-dhcpv6)#dns-server 2001:ab7:abcd:1::254
R1(config-dhcpv6)#domain-name example.com
R1(config-dhcpv6)#exit
R1(config)#

This information is entered to provide additional information to the future client.

Step 4: Add the DHCPv6 pool to an interface

R1(config)#int g0/0/0
R1(config-if)#ipv6 address fe80::1 link-local
R1(config-if)#ipv6 address 2001:ab7:abcd:1::1/64
R1(config-if)#ipv6 nd other-config-flag
R1(config-if)#ipv6 dhcp server STATELESS-POOL
R1(config-if)#no shut
R1(config-if)#end
R1#

The DHCPv6 pool must be added to the interface using the command < ipv6 dhcp server pool-name>.

The O flag needs to be manually changed to 1 and we do it by running the command . The A flag is by default 1, meaning that clients have to use SLAAC to create their own GUA.

Moreover, the RA messages indicate that additional information will be available in a stateless DHCPv6 server.

Step 5: Verify if hosts are receiving IPv6 addressing.

Here we can see that the PC (host) is receiving IPv6 addressing and default gateway information. Also, the DNS server information came from the stateless DHCPv6 server.

Image description

Step 6: Verify the interface

When we run the command we can see the interface is creating its own GUA because the A flag is set to 1, which means, it is using SLAAC. In addition, as the O flag is set to 1, the interface will use stateless DHCP to obtain other information such as the DNS server.

R1#show ipv6 int gigabitEthernet 0/0/0
GigabitEthernet0/0/0 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::1
No Virtual link-local address(es):
Global unicast address(es):
2001:AB7:ABCD:1::1, subnet is 2001:AB7:ABCD:1::/64
Joined group address(es):
FF02::1
FF02::2
FF02::1:2
FF02::1:FF00:1
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds
ND advertised reachable time is 0 (unspecified)
ND advertised retransmit interval is 0 (unspecified)
ND router advertisements are sent every 200 seconds
ND router advertisements live for 1800 seconds
ND advertised default router preference is Medium
Hosts use stateless autoconfig for addresses.
Hosts use DHCP to obtain other configuration.

2- How to configure a stateless DHCPv6 client

A router can also be a DHCPv6 client and obtain an IPv6 configuration from a DHCPv6 server.

Step 1: Enable IPv6 routing

R2(config)#ipv6 unicast-routing
R2(config)#

Step 2: Configure the client router to use SLAAC

The command allows automatic configuration of IPv6 address using SLAAC.

R2(config)#int g0/0/0
R2(config-if)#ipv6 address autoconfig
R2(config-if)#

Step 3: Verify if the client router was assigned a GUA.

We can run the command to verify the host configuration.

We can see that the interface g0/0/0 was assigned a valid GUA.

Image description

Step 4: Verify if the client router received other DHCPv6 information

Running the command show ipv6 dhcp interface g0/0/0 shows us that DNS and the domain name were learned. However, in packet tracer, this command is not supported.

3- How to configure a stateful DHCPv6 server

Configuring a stateful DHCPv6 server is similar to configuring a stateless server. The only difference is that a stateful server will provide IPv6 addresses, track the pool availability and each assignment as well as resolve duplicated addresses.

A stateful server behaves like DHCPv4, even though there are some major differences. For instance, in DHCPv6, the default gateway is provided by the routers that send Router Advertisements whereas in DHCPv4 the server is the one providing that.

Image description

Step 1: Enable IPv6 routing

R1(config)#ipv6 unicast-routing
R1(config)#

Step 2: Define a DHCPv6 pool name

The command to do this is . We run it in global config mode.

R1(config)#ipv6 dhcp pool STATEFUL-POOL
R1(config-dhcpv6)#

**
Step 3: Configure the DHCPv6 pool**

After we create a pool name, we go to the DHCPv6 config mode. In this example, R1 is responsible for providing IPv6 addresses, the DNS server, and domain name information. Furthermore, we run the command

to indicate the prefix of addresses to be allocated by the server. Therefore, we have to enter this information.

In this example, I am using the Google Public DNS IPv6 address.

R1(config-dhcpv6)#address prefix 2001:ab7:abcd:1::/64
R1(config-dhcpv6)#dns-server 2001:4860:4860::8888
R1(config-dhcpv6)#domain-name example.com
R1(config-dhcpv6)#

Step 4: Add the DHCPv6 pool to an interface

In this part of the process, we add the DHCPv6 pool to the interface so that the router can answer DHCPv6 solicitations with the information from its pool. The command is .

We also need to set the M flag (Managed Address Configuration) to 1 to tell the client to use a stateful server to create its Global Unicast Address. The command is . And if we want to set it back to the default value of 0, we run .

Besides that, we change manually the A flag to 0. By default, the value is 1. In case we have the default value as 1, that tells the operating system such as Windows, to create a GUA using SLAAC and another one from the DHCPv6. Having more than one IPv6 address is not something desirable, therefore, to inform the client to not use SLAAC we run (be aware! packet tracer might not run this command).

R1(config)#int g0/0/0
R1(config-if)#ipv6 address 2001:ab7:abcd:1::1/64
R1(config-if)#ipv6 address fe80::1 link-local
R1(config-if)#ipv6 nd managed-config-flag
R1(config-if)#ipv6 nd prefix 2001:ab7:abcd:1::/64 no-autoconfig
R1(config-if)#ipv6 dhcp server STATEFUL-POOL

Step 5: Verify if it is working

Running in the router and in the PC, we can see the IPv6 address was allocated to the PC and it is working well.

Image description

Image description

4- How to configure a stateful DHCPv6 client

Image description

A router can also be a DHCPv6 client and that is what we will see how to configure now.

Step 1: Enable IPv6 routing

R2(config)#ipv6 unicast-routing
R2(config)#

**
Step 2: Configure the client router to create an LLA**

We run the command in the interface to create an LLA without a GUA.

R2(config)#int g0/0/0
R2(config-if)#ipv6 enable
R2(config-if)#

**
Step 3: Configure the router to use DHCPv6**

The command will enable R2 to solicit an IPv6 address from a DHCPv6 server.

R2(config-if)#ipv6 address dhcp
**
Step 4: Verify if the client router is allocated with a GUA.**

The command allows us to see the host configuration.

Image description

Step 5: Verify if the router received other DHCPv6 information (DNS and domain name).

The command shows us the domain name and DNS server. However, in packet tracer this command is not supported.

5- How to verify a DHCPv6 server

To verify a DHCPv6 server we can run the commands and

Image description

Using the example of our stateful server and client configured, we will see the following results.

Image description

With we are able to see the active clients. In our example, the 2 clients are the PC and Router 2. Both are receiving a global unicast address from the stateful IPv6 server.

Image description

With the we can verify the link-local IPv6 address and global unicast address allocated by the server. The first client is the PC and the second is R2.

All this information is kept because it is a stateful server.

6- How to configure a relay agent

If a DHCPv6 server is in a different subnet of the client, the IPv6 router can be configured as a DHCPv6 relay agent.

A relay agent creates a RELAY-FORWARD message. This is sent from the client to the server and contains the original DHCPv6 message.

Image description

In this example, we have a stateful DHCPv6 server in R1 and a PC in the subnet 2001:ab7:abcd:2::/64. The PC wants to obtain an IPv6 address from the server. Thus, R2 will act as a relay agent.

To configure a relay agent we need to run the command . To be more precise, we need to run this command on the egress interface, that is, the interface that is facing the clients requesting IPv6 addresses. Also, we only specify the [interface-type] if link-local unicast is used, if we define the Global Unicast Address, we don’t need to specify the [interface type]. On top of that, we specify the IPv6 server address in the destination part of the command.

R2(config)#int g0/0/1
R2(config-if)#ipv6 nd managed-config-flag
R2(config-if)#ipv6 dhcp relay destination 2001:ab7:abcd:1::2

In packet tracer, we are not able to run this command, so you might face issues with that.

7- How to verify if the relay agent is working

To verify if the relay agent is correctly configured, you can run the following commands:

show ipv6 dhcp interface: this will show if the interface is configured in relay mode.

show ipv6 dhcp binding: this shows if any host received a IPv6 address configuration.

ipconfig /all: in a Windows host you can run this command to confirm if the IPv6 address was allocated.

Unfortunately, the packet tracer didn’t run the relay agent configuration, so I am not able to show here the output.

That was a long post, thank you for reading.

Featured ones: