This config example shows how to configure three DHCPv6 pools for a network setup, where the DHCP server is running on a remote router. This situation had emerged during my remote CCNA lesson and it found me unprepared. The main problem is with the ipv6 dhcp server POOL command, that can be executed only once, all others rewrite the previous one. The solution is to use ipv6 dhcp server automatic or just pv6 dhcp server command with some additional pool command.
Topology
Configuration runs on GNS3 emulator. The Switch runs IOSv and is primarily used for the VLAN segmentation. In R1/R2 I’m using the older ISR platform (7200 15.4 IOS). CSR-1000v is also fine. Problems are with older 12.x IOSs, that do not support ipv6 dhcp server command. DHCPv6 servers/pools are configured on R2. DHCPv6 relay and nd config flags on R1 fa0/0 subinterfaces.
Initial configuration
Initial configuration includes the setting of three VLANs, the trunk, subinterfaces, the basic IPv6 addressing and static routing.
| TheSwitch | R1 | R2 |
| ena conf t hostname TheSwitch vlan 10,20,30 span mode rapid int gi 0/1 switchport mode access switchport access vlan 10 int gi 0/2 switchport mode access switchport access vlan 20 int gi 0/3 switchport mode access switchport access vlan 30 int gi 0/0 switchport trunk encapsulation dot1q switchport mode trunk end wr mem | ena conf t ipv6 unicast-routing int f0/0 no shut int f0/0.10 encapsulation dot1q 10 ipv6 add 2001:10::1/64 ipv6 add fe80::1 link-local int f0/0.20 encapsulation dot1q 20 ipv6 add 2001:20::1/64 ipv6 add fe80::1 link-local int f0/0.30 encapsulation dot1q 30 ipv6 add 2001:30::1/64 ipv6 add fe80::1 link-local int fa0/1 ipv6 add 2001:bad:cafe::1/64 ipv6 add fe80::1 link-local no shut end wr mem | ena conf t ipv6 unicast-routing int f0/1 ipv6 add 2001:bad:cafe::2/64 ipv6 add fe80::2 link-local no shut exit ipv6 route ::/0 fa0/1 2001:bad:cafe::1 end wr mem |
Configuration of DHCPv6 server funcions
In this example I will configure on R2 router three dhcpv6 pools, one for each VLAN.
- For VLAN 10 it will be Stateless DHCPv6 config, where the server will assign the DNS IPv6 address only
- for VLAN 20 and 30 there will be two Statefull DHCPv6 servers with their own configuration, i.e. address pools and own DNS servers
The configuration can be broken down into the following three steps:
- Create the IPV6 DHCP Pool (R2)
- Configure \ Apply the pool to an interface (R2 fa0/0 interface)
- Configure relay agent and ND config flags (on R1’s subinterfaces)
- Configure the clients for DHCP
Configuring Stateless DHCPv6 server
In this case the client uses SLACC process (for default-gateway IPv6 address, subnet mask, subnet prefix) and the statelless DHCPv6 server on R2 that will provides the additional configuration (DNS and domain name):
Create a pool on the R2 router
ipv6 dhcp pool VLAN10-pool dns-server 2001:db8:AAAA:AAAA::1 domain-name example-1.com
The on R2 go to interface fa0/1 and start the DHCP server:
R2(config)# int fa0/1
R2(config-if)#ipv6 dhcp server ?
WORD Name of IPv6 DHCP pool
automatic Automatically find pool
<cr>
R2(config-if)# ipv6 dhcp server automatic
Finally, we need to go on R1 VLAN 10 subinterface and configure the relay agent to forward DHCPv6 messages and other-config-flag that will inform hosts that they should use DHCPv6 for non-address configurations.
R1(config)#int fa 0/0.10 R1(config-subif)#ipv6 dhcp relay destination 2001:bad:cafe::2 R1(config-subif)#ipv6 nd other-config-flag
Nice. Now i’m going to my host (AplineLinux – 1) and I will start DHCPv6 process
gns:~# udhcpc6
udhcpc6: started, v1.32.1
udhcpc6: sending discover
udhcpc6: sending discover
udhcpc6: sending discover
udhcpc failed to get a DHCP lease
So, the main problem with this configuration is, that it does not work. This we may see when we start the debugging on R2. We may see, the DHCP requests are coming, however the R2 router is not able to select correct pool (see yellow highlighted text). We may see, that the request has arrived from the R1’s fa0/1 interface (comparing to DHCPv4 this is different), not from the Vlan 10 subinterface.
R2#debug ipv6 dhcp detail IPv6 DHCP debugging is on (detailed) R2# *Mar 6 12:11:18.575: IPv6 DHCP: Received RELAY-FORWARD from 2001:BAD:CAFE::1 on FastEthernet0/1 *Mar 6 12:11:18.579: IPv6 DHCP: detailed packet contents *Mar 6 12:11:18.579: src 2001:BAD:CAFE::1 (FastEthernet0/1) *Mar 6 12:11:18.579: dst 2001:BAD:CAFE::2 (FastEthernet0/1) *Mar 6 12:11:18.583: type RELAY-FORWARD(12), hop 0 *Mar 6 12:11:18.583: link 2001:10::1 *Mar 6 12:11:18.583: peer FE80::E33:68FF:FE45:0 *Mar 6 12:11:18.583: option RELAY-MSG(9), len 54 *Mar 6 12:11:18.587: type SOLICIT(1), xid 11902521 *Mar 6 12:11:18.587: option ELAPSED-TIME(8), len 2 *Mar 6 12:11:18.587: elapsed-time 148 *Mar 6 12:11:18.587: option CLIENTID(1), len 10 *Mar 6 12:11:18.591: 000300010C3368450000 *Mar 6 12:11:18.591: option IA-NA(3), len 12 *Mar 6 12:11:18.591: IAID 0x3B2F3949, T1 0, T2 0 *Mar 6 12:11:18.591: option ORO(6), len 4 *Mar 6 12:11:18.595: DNS-SERVERS,DOMAIN-LIST *Mar 6 12:11:18.595: option UNKNO R2#WN(39), len 2 *Mar 6 12:11:18.595: option INTERFACE-ID(18), len 4 *Mar 6 12:11:18.595: 0x0000000A *Mar 6 12:11:18.595: option REMOTEID(37), len 22 *Mar 6 12:11:18.595: 0x0000000902000000000A000A00030001CA018FBC0008 *Mar 6 12:11:18.595: IPv6 DHCP: Option UNKNOWN(39) is not processed *Mar 6 12:11:18.595: IPv6 DHCP: Matching pool cannot be found
Good message is, that the request contains the link address of R1 subinterface, that received the DHCP request (green highlight). This information we will use on R2 as the pointer to the correct pool from which the DHCP server should assign information. So, configure
R2(config)#ipv6 dhcp pool VLAN10-pool R2(config-dhcpv6)# link-address 2001:10::1/64
Now it should work:. When I re-initiate DHCPv6 process on the host, I may see promising output on R2
*Mar 6 12:25:50.131: IPv6 DHCP: detailed packet contents *Mar 6 12:25:50.131: src 2001:BAD:CAFE::2 *Mar 6 12:25:50.131: dst 2001:BAD:CAFE::1 (FastEthernet0/1) *Mar 6 12:25:50.131: type RELAY-REPLY(13), hop 0 *Mar 6 12:25:50.131: link 2001:10::1 *Mar 6 12:25:50.131: peer FE80::E33:68FF:FE45:0 *Mar 6 12:25:50.131: option RELAY-MSG(9), len 51 *Mar 6 12:25:50.131: type ADVERTISE(2), xid 11975709 *Mar 6 12:25:50.131: option SERVERID(2), len 10 *Mar 6 12:25:50.131: 00030001CA028FE30008 *Mar 6 12:25:50.131: option CLIENTID(1), len 10 *Mar 6 12:25:50.131: 000300010C3368450000 *Mar 6 12:25:50.131: option STATUS-CODE(13), len 15 *Mar 6 12:25:50.131: status code NOADDRS-AVAIL(2) *Mar 6 12:25:50.131: status message: NOADDRS-AVAIL *Mar 6 12:25:50.131: option INTERFACE-ID(18), len 4 *Mar 6 12:25:50.135: 0x0000000A *Mar 6 12:25:50.135: IPv6 DHCP: Sending RELAY-REPLY to 2001:BAD R2#:CAFE::1
Verification
On AlpineLinux host number 1 I will initiate dhcpv6 process
gns:~# udhcpc6 udhcpc6: started, v1.32.1 udhcpc6: sending discover udhcpc6: received DHCP NAK (65) udhcpc received DHCP NAK
NAK message is not a problem, as it is regarding of address initiation, that is not performed with Stateless DHCP.
IP address command
gns:~# ip a show dev eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 0c:33:68:45:00:00 brd ff:ff:ff:ff:ff:ff
inet6 2001:10::e33:68ff:fe45:0/64 scope global dynamic
valid_lft 2591975sec preferred_lft 604775sec
inet6 fe80::e33:68ff:fe45:0/64 scope link
valid_lft forever preferred_lft forever
Configuring Statefull DHCPv6 server
Now, respecting mentioned, I will configure statefull DHCPv6 server on R2 with two pools, For VLAN 20 first
! for VLAN 20 ipv6 dhcp pool VLAN20-pool address prefix 2001:20::/64 link-address 2001:20::1/64 dns-server 2001:DB8:BBBB:BBBB::1 domain-name example-2.com
and the pool for VLAN 30 then
! for VLAN 30 ipv6 dhcp pool VLAN30-pool address prefix 2001:30::/64 link-address 2001:30::1/64 dns-server 2001:DB8:CCCC:CCCC::1 domain-name example-3.com
Finally, we need to go on R1 and configure the relay agent that will forward DHCPv6 messages, and manage-config-flag that will inform hosts that they should use DHCPv6 for all configurations.
! VLAN 20 R1(config)#int fa 0/0.20 R1(config-subif)#ipv6 dhcp relay destination 2001:bad:cafe::2 R1(config-subif)#ipv6 nd managed-config-flag ! and ! VLAN 30 R1(config)#int fa 0/0.30 R1(config-subif)#ipv6 dhcp relay destination 2001:bad:cafe::2 R1(config-subif)#ipv6 nd managed-config-flag
Verification
For AlpineLinux host number 2:
gns:~# udhcpc6 udhcpc6: started, v1.32.1 udhcpc6: sending discover udhcpc6: sending select udhcpc6: IPv6 obtained, lease time 172800
the IP address command
gns:~# ip a show dev eth0 2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 0c:b4:e4:e9:00:00 brd ff:ff:ff:ff:ff:ff inet6 2001:20::eb4:e4ff:fee9:0/64 scope global dynamic valid_lft 2591835sec preferred_lft 604635sec inet6 fe80::eb4:e4ff:fee9:0/64 scope link valid_lft forever preferred_lft forever
and finally DNS and domain information:
gns:~# less /etc/resolv.conf
where we may see
search example-2.com nameserver 2001:0db8:bbbb:bbbb:0000:0000:0000:0001
If the output is incorrect restart the hostname service
/etc/init.d/hostname.sh stop /etc/init.d/hostname.sh start
The same we should see for the third Linux host.
Verification on DHCP server
R2#sh ipv dhcp pool DHCPv6 pool: VLAN10-pool Link-address prefix: 2001:10::1/64 DNS server: 2001:DB8:AAAA:AAAA::1 Domain name: example-1.com Active clients: 0 DHCPv6 pool: VLAN20-pool Address allocation prefix: 2001:20::/64 valid 172800 preferred 86400 (1 in use, 0 conflicts) Link-address prefix: 2001:20::1/64 DNS server: 2001:DB8:BBBB:BBBB::1 Domain name: example-2.com Active clients: 1 DHCPv6 pool: VLAN30-pool Address allocation prefix: 2001:30::/64 valid 172800 preferred 86400 (1 in use, 0 conflicts) Link-address prefix: 2001:30::1/64 DNS server: 2001:DB8:CCCC:CCCC::1 Domain name: example-3.com Active clients: 1