Menu Close

CCNA study – How to configure multiple IPv6 DHCP pools on a remote Cisco router

This config example shows how to configure three DHCPv6 pools for a network setup, where the DHCP server is running on a remote router. This situation had emerged during my remote CCNA lesson and it found me unprepared. The main problem is with the ipv6 dhcp server POOL command, that can be executed only once, all others rewrite the previous one. The solution is to use ipv6 dhcp server automatic or just pv6 dhcp server command with some additional pool command.

Topology

Configuration runs on GNS3 emulator. The Switch runs IOSv and is primarily used for the VLAN segmentation. In R1/R2 I’m using the older ISR platform (7200 15.4 IOS). CSR-1000v is also fine. Problems are with older 12.x IOSs, that do not support ipv6 dhcp server command. DHCPv6 servers/pools are configured on R2. DHCPv6 relay and nd config flags on R1 fa0/0 subinterfaces.

Initial configuration

Initial configuration includes the setting of three VLANs, the trunk, subinterfaces, the basic IPv6 addressing and static routing.

TheSwitchR1R2
ena
conf t
hostname TheSwitch
vlan 10,20,30
span mode rapid
int gi 0/1
switchport mode access
switchport access vlan 10
int gi 0/2
switchport mode access
switchport access vlan 20
int gi 0/3
switchport mode access
switchport access vlan 30
int gi 0/0
switchport trunk encapsulation dot1q
switchport mode trunk
end
wr mem
ena
conf t
ipv6 unicast-routing
int f0/0
no shut
int f0/0.10
encapsulation dot1q 10
ipv6 add 2001:10::1/64
ipv6 add fe80::1 link-local
int f0/0.20
encapsulation dot1q 20
ipv6 add 2001:20::1/64
ipv6 add fe80::1 link-local
int f0/0.30
encapsulation dot1q 30
ipv6 add 2001:30::1/64
ipv6 add fe80::1 link-local
int fa0/1
ipv6 add 2001:bad:cafe::1/64
ipv6 add fe80::1 link-local
no shut
end
wr mem
ena
conf t
ipv6 unicast-routing
int f0/1
ipv6 add 2001:bad:cafe::2/64
ipv6 add fe80::2 link-local
no shut
exit
ipv6 route ::/0 fa0/1 2001:bad:cafe::1
end
wr mem

Configuration of DHCPv6 server funcions

In this example I will configure on R2 router three dhcpv6 pools, one for each VLAN.

  • For VLAN 10 it will be Stateless DHCPv6 config, where the server will assign the DNS IPv6 address only
  • for VLAN 20 and 30 there will be two Statefull DHCPv6 servers with their own configuration, i.e. address pools and own DNS servers

The configuration can be broken down into the following three steps:

  • Create the IPV6 DHCP Pool (R2)
  • Configure \ Apply the pool to an interface (R2 fa0/0 interface)
  • Configure relay agent and ND config flags (on R1’s subinterfaces)
  • Configure the clients for DHCP

Configuring Stateless DHCPv6 server

In this case the client uses SLACC process (for default-gateway IPv6 address, subnet mask, subnet prefix) and the statelless DHCPv6 server on R2 that will provides the additional configuration (DNS and domain name):

Create a pool on the R2 router

ipv6 dhcp pool VLAN10-pool
  dns-server 2001:db8:AAAA:AAAA::1
  domain-name example-1.com

The on R2 go to interface fa0/1 and start the DHCP server:

R2(config)# int fa0/1
R2(config-if)#ipv6 dhcp server ?
  WORD       Name of IPv6 DHCP pool
  automatic  Automatically find pool
  <cr>

R2(config-if)# ipv6 dhcp server automatic

Finally, we need to go on R1 VLAN 10 subinterface and configure the relay agent to forward DHCPv6 messages and other-config-flag that will inform hosts that they should use DHCPv6 for non-address configurations.

R1(config)#int fa 0/0.10
R1(config-subif)#ipv6 dhcp relay destination 2001:bad:cafe::2

R1(config-subif)#ipv6 nd other-config-flag

Nice. Now i’m going to my host (AplineLinux – 1) and I will start DHCPv6 process

gns:~# udhcpc6
udhcpc6: started, v1.32.1
udhcpc6: sending discover
udhcpc6: sending discover
udhcpc6: sending discover
udhcpc failed to get a DHCP lease

So, the main problem with this configuration is, that it does not work. This we may see when we start the debugging on R2. We may see, the DHCP requests are coming, however the R2 router is not able to select correct pool (see yellow highlighted text). We may see, that the request has arrived from the R1’s fa0/1 interface (comparing to DHCPv4 this is different), not from the Vlan 10 subinterface.

R2#debug ipv6 dhcp detail
IPv6 DHCP debugging is on (detailed)
R2#
*Mar 6 12:11:18.575: IPv6 DHCP: Received RELAY-FORWARD from 2001:BAD:CAFE::1 on FastEthernet0/1
*Mar 6 12:11:18.579: IPv6 DHCP: detailed packet contents
*Mar 6 12:11:18.579: src 2001:BAD:CAFE::1 (FastEthernet0/1)
*Mar 6 12:11:18.579: dst 2001:BAD:CAFE::2 (FastEthernet0/1)
*Mar 6 12:11:18.583: type RELAY-FORWARD(12), hop 0
*Mar 6 12:11:18.583: link 2001:10::1
*Mar 6 12:11:18.583: peer FE80::E33:68FF:FE45:0
*Mar 6 12:11:18.583: option RELAY-MSG(9), len 54
*Mar 6 12:11:18.587: type SOLICIT(1), xid 11902521
*Mar 6 12:11:18.587: option ELAPSED-TIME(8), len 2
*Mar 6 12:11:18.587: elapsed-time 148
*Mar 6 12:11:18.587: option CLIENTID(1), len 10
*Mar 6 12:11:18.591: 000300010C3368450000
*Mar 6 12:11:18.591: option IA-NA(3), len 12
*Mar 6 12:11:18.591: IAID 0x3B2F3949, T1 0, T2 0
*Mar 6 12:11:18.591: option ORO(6), len 4
*Mar 6 12:11:18.595: DNS-SERVERS,DOMAIN-LIST
*Mar 6 12:11:18.595: option UNKNO
R2#WN(39), len 2
*Mar 6 12:11:18.595: option INTERFACE-ID(18), len 4
*Mar 6 12:11:18.595: 0x0000000A
*Mar 6 12:11:18.595: option REMOTEID(37), len 22
*Mar 6 12:11:18.595: 0x0000000902000000000A000A00030001CA018FBC0008
*Mar 6 12:11:18.595: IPv6 DHCP: Option UNKNOWN(39) is not processed
*Mar 6 12:11:18.595: IPv6 DHCP: Matching pool cannot be found

Good message is, that the request contains the link address of R1 subinterface, that received the DHCP request (green highlight). This information we will use on R2 as the pointer to the correct pool from which the DHCP server should assign information. So, configure

R2(config)#ipv6 dhcp pool VLAN10-pool
R2(config-dhcpv6)# link-address 2001:10::1/64

Now it should work:. When I re-initiate DHCPv6 process on the host, I may see promising output on R2

*Mar 6 12:25:50.131: IPv6 DHCP: detailed packet contents
*Mar 6 12:25:50.131: src 2001:BAD:CAFE::2
*Mar 6 12:25:50.131: dst 2001:BAD:CAFE::1 (FastEthernet0/1)
*Mar 6 12:25:50.131: type RELAY-REPLY(13), hop 0
*Mar 6 12:25:50.131: link 2001:10::1
*Mar 6 12:25:50.131: peer FE80::E33:68FF:FE45:0
*Mar 6 12:25:50.131: option RELAY-MSG(9), len 51
*Mar 6 12:25:50.131: type ADVERTISE(2), xid 11975709
*Mar 6 12:25:50.131: option SERVERID(2), len 10
*Mar 6 12:25:50.131: 00030001CA028FE30008
*Mar 6 12:25:50.131: option CLIENTID(1), len 10
*Mar 6 12:25:50.131: 000300010C3368450000
*Mar 6 12:25:50.131: option STATUS-CODE(13), len 15
*Mar 6 12:25:50.131: status code NOADDRS-AVAIL(2)
*Mar 6 12:25:50.131: status message: NOADDRS-AVAIL
*Mar 6 12:25:50.131: option INTERFACE-ID(18), len 4
*Mar 6 12:25:50.135: 0x0000000A
*Mar 6 12:25:50.135: IPv6 DHCP: Sending RELAY-REPLY to 2001:BAD
R2#:CAFE::1

Verification 

On AlpineLinux host number 1 I will initiate dhcpv6 process

gns:~# udhcpc6
udhcpc6: started, v1.32.1
udhcpc6: sending discover
udhcpc6: received DHCP NAK (65)
udhcpc received DHCP NAK

NAK message is not a problem, as it is regarding of address initiation, that is not performed with Stateless DHCP.

IP address command

gns:~# ip a show dev eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 0c:33:68:45:00:00 brd ff:ff:ff:ff:ff:ff
    inet6 2001:10::e33:68ff:fe45:0/64 scope global dynamic
       valid_lft 2591975sec preferred_lft 604775sec
    inet6 fe80::e33:68ff:fe45:0/64 scope link
       valid_lft forever preferred_lft forever

Configuring Statefull DHCPv6 server

Now, respecting mentioned, I will configure statefull DHCPv6 server on R2 with two pools, For VLAN 20 first

! for VLAN 20
ipv6 dhcp pool VLAN20-pool
  address prefix 2001:20::/64
  link-address 2001:20::1/64
  dns-server 2001:DB8:BBBB:BBBB::1
  domain-name example-2.com

and the pool for VLAN 30 then

! for VLAN 30
ipv6 dhcp pool VLAN30-pool
  address prefix 2001:30::/64
  link-address 2001:30::1/64
  dns-server 2001:DB8:CCCC:CCCC::1
  domain-name example-3.com

Finally, we need to go on R1 and configure the relay agent that will forward DHCPv6 messages, and manage-config-flag that will inform hosts that they should use DHCPv6 for all configurations.

! VLAN 20
R1(config)#int fa 0/0.20
R1(config-subif)#ipv6 dhcp relay destination 2001:bad:cafe::2
R1(config-subif)#ipv6 nd managed-config-flag

! and 
! VLAN 30
R1(config)#int fa 0/0.30
R1(config-subif)#ipv6 dhcp relay destination 2001:bad:cafe::2
R1(config-subif)#ipv6 nd managed-config-flag

Verification 

For AlpineLinux host number 2:

gns:~# udhcpc6
udhcpc6: started, v1.32.1
udhcpc6: sending discover
udhcpc6: sending select
udhcpc6: IPv6 obtained, lease time 172800

the IP address command

gns:~# ip a show dev eth0
2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 0c:b4:e4:e9:00:00 brd ff:ff:ff:ff:ff:ff
inet6 2001:20::eb4:e4ff:fee9:0/64 scope global dynamic
valid_lft 2591835sec preferred_lft 604635sec
inet6 fe80::eb4:e4ff:fee9:0/64 scope link
valid_lft forever preferred_lft forever

and finally DNS and domain information:

gns:~# less /etc/resolv.conf

where we may see

search example-2.com
nameserver 2001:0db8:bbbb:bbbb:0000:0000:0000:0001

If the output is incorrect restart the hostname service

/etc/init.d/hostname.sh stop
/etc/init.d/hostname.sh start

The same we should see for the third Linux host.

Verification on DHCP server

R2#sh ipv dhcp pool
DHCPv6 pool: VLAN10-pool
Link-address prefix: 2001:10::1/64
DNS server: 2001:DB8:AAAA:AAAA::1
Domain name: example-1.com
Active clients: 0
DHCPv6 pool: VLAN20-pool
Address allocation prefix: 2001:20::/64 valid 172800 preferred 86400 (1 in use, 0 conflicts)
Link-address prefix: 2001:20::1/64
DNS server: 2001:DB8:BBBB:BBBB::1
Domain name: example-2.com
Active clients: 1
DHCPv6 pool: VLAN30-pool
Address allocation prefix: 2001:30::/64 valid 172800 preferred 86400 (1 in use, 0 conflicts)
Link-address prefix: 2001:30::1/64
DNS server: 2001:DB8:CCCC:CCCC::1
Domain name: example-3.com
Active clients: 1
Rate this post

Leave a Reply

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.