SlideShare a Scribd company logo

7 slaac-rick graziani

Download as PPTX, PDF
Alejandro Reyes
Alejandro Reyes

cisco

Technology
1 of 36
7: SLAAC (Stateless Address Autoconfiguration) Rick Graziani Cabrillo College Rick.Graziani@cabrillo.edu
© For more information please check out my Cisco Press book and video series: IPv6 Fundamentals: A Straightforward Approach to Understanding IPv6 • By Rick Graziani • ISBN-10: 1-58714-313-5 IPv6 Fundamentals LiveLessons: A Straightforward Approach to Understanding IPv6 • By Rick Graziani • ISBN-10: 1-58720-457-6
7.1: Introduction to SLAAC and ICMPv6 ND
© Dynamic IPv6 Address Allocation • DHCPv6 and SLAAC with DHCPv6 are discussed in Lesson 8. Global Unicast Manual Dynamic Static IPv6 unnumbered Static + EUI 64 SLAAC DHCPv6 SLAAC + DHCPv6 Similar to IPv4 unnumbered Stateless Stateful DHCPv6-PD
© DHCP Server Dynamic IPv4 Address Allocation DHCP Client I need an IPv4 addressing information from a DHCP server. Here is your IPv4 address, subnet mask, default gateway and DNS server addresses.
© ICMPv6 Internet Control Message Protocol for IPv6 • Described in RFC 4443 • Much more robust than ICMP for IPv4 • Contains new functionality and improvements. • More than just “messaging” but “how IPv6 conducts business”. • Including ICMPv6 Neighbor Discovery (RFC 4861) – used in dynamic address allocation. • Note: ICMPv6 is discussed in detail in Lesson 9, ICMPv6 ND in Lesson 10.
© “Introducing” ICMPv6 Neighbor Discovery ICMPv6 informational messages used by Neighbor Discovery (RFC 4861): • Router Solicitation Message • Router Advertisement Message • Used for dynamic address allocation. • Neighbor Solicitation Message • Neighbor Advertisement Message • Used with address resolution (IPv4 ARP) and with DAD • Redirect Message (Similar to ICMPv4) Router-Device Messaging Device-Device Messaging
© It Begins with the RA Message • An ICMPv6 Router Advertisement (RA) suggests to all IPv6 devices on the link how it will receive IPv6 Address Information. • Sent periodically by an IPv6 router or… • … when the router receives a Router Solicitation message from a host. DHCPv6 Server ICMPv6 Router Advertisement ICMPv6 Router Solicitation Multicast: To all IPv6 routers, I need IPv6 address information Multicast: To all IPv6 devices, let me suggest to you how to do this … I might not even be needed. 
© It Begins with the RA Message Router Advertisement (RA) Message • Part of ICMPv6 (Internet Control Message Protocol for IPv6) • RA messages are sent by an “IPv6 router” • An IPv6 router (ipv6 unicast-routing command): • Forwards IPv6 Packets • Enables IPv6 static and dynamic routing • Sends ICMPv6 Router Advertisements • Note: Routers can be configured with IPv6 addresses without being an IPv6 router. DHCPv6 Server ICMPv6 Router Advertisement Router(config)# ipv6 unicast-routing
© Router Advertisement: 3 Options DHCPv6 Server RA Router(config)# ipv6 unicast-routing Option 1: SLAAC – No DHCPv6 (Default on Cisco routers) “I’m everything you need (Prefix, Prefix-length, Default Gateway)” Option 2: SLAAC + Stateless DHCPv6 for DNS address “Here is my information but you need to get other information such as DNS addresses from a DHCPv6 server.” (DNS can be in RA) Option 3: All addressing except default gateway use DHCPv6 “I can’t help you. Ask a DHCPv6 server for all your information.” DHCPv6 Option 1 and 2: Stateless Address Autoconfiguration • DHCPv6 Server does not maintain state of addresses Option 3: Stateful Address Configuration • Address received from DHCPv6 Server • Options 2 and 3 are discussed in Lesson 8.
© RA Message Options The type of Router Advertisement option depends on two RA flags: Other Configuration Flag and Managed Configuration Flag • Default: Both flags are set to 0 (Option 1) • Use me (RA) for all your addressing information, no additional information available via DHCPv6. • Other Configuration Flag when set to “1” (Option 2) • Use me (RA) for your address but you need to get OTHER information from a stateless DHCPv6 server. • Managed Configuration Flag when set to “1” (Option 3) • The client needs to get ALL of it’s MANAGED information from a stateful DHCPv6 server, except default gateway. • Note: Two other flags include the autonomous address-configuration flag and on-link flag. (“A” Flag discussed in lesson 8, “L” Flag beyond the scope of this video.) DHCPv6 Server ICMPv6 Router Advertisement Option 1, 2, or 3
© RA Message Options DHCPv6 Server ICMPv6 Router Advertisement Option 1, 2, or 3 Option Other Configuration (“O”) Flag Managed Configuration (“M”) Flag Option 1: SLAAC – No DHCPv6 (Default on Cisco routers) 0 0 Option 2: SLAAC + Stateless DHCPv6 for DNS address 1 0 Option 3: All addressing except default gateway use DHCPv6 0 1 • Configuring Flags discussed in Lesson 8.
© SLAAC: Stateless Address Autoconfiguration DHCPv6 Server Router(config)# ipv6 unicast-routing ICMPv6 Router Advertisement • Prefix and other information SLAAC (Stateless Address Autoconfiguration) • Allows a device to create its own IPv6 global unicast address without the services of a DHCPv6 server. • Prefix: From the Router Advertisement (RA). • Interface ID: • EUI-64 • Random 64-bit value 2001:DB8:CAFE:1::/64 I know the network prefix from the RA. I just need to come up with my own Interface ID for my GUA!
© DHCPv6 DHCPv6 Server Ignoring the RA Message? • The ICMPv6 Router Advertisement suggests to the host how to get its address automatically. • Can a host ignore an ICMPv6 Router Advertisement? • Host operating systems can include the option of ignoring the Router Advertisement from the router and only use the stateful services of a DHCPv6 server (or what ever it wants to do). • However, hosts can’t ignore the default gateway (source of RA) unless manually configured. ICMPv6 Router Advertisement Link-local address
7.2: Creating the Interface ID: EUI-64 or Random Value
© Obtaining an IPv6 Address Automatically
© Note: Domain name and DNS server list may be included if router (and end system) support RFC 6106 IPv6 RA Options for DNS Configuration. SLAAC Option 1 – RA Message To: FF02::1 (All-IPv6 devices) From: FE80::1 (Link-local address) Prefix: 2001:DB8:CAFE:1:: Prefix-length: /64 RA 1 MAC: 00-19-D2-8C-E0-4C Prefix: 2001:DB8:CAFE:1:: Prefix-length: /64 Default Gateway: FE80::1 Global Unicast Address: 2001:DB8:CAFE:1: + Interface ID 2001:DB8:CAFE:1::/64 EUI-64 Process or Random 64-bit value 2 DHCPv6 Server 3 SLAAC: Stateless Address Autoconfiguration
© SLAAC: Interface ID Global Routing Prefix 64-bit Interface ID 16-bit Subnet ID /64/48 EUI-64 Process Randomly Generated Number (Privacy Extension) SLAAC Operating System EUI-64 Random 64-bit Windows XP, Server 2003 ✔ Windows Vista and newer ✔ MAC OSX ✔ Linux ✔ DHCPv6 Server Default OS behavior can be changed. Known instead of unknown © Copyright DOC RABE Media Man in paper bag on head © Copyright binik
© Note: Domain name and DNS server list may be included if router (and end system) support RFC 6106 IPv6 RA Options for DNS Configuration. SLAAC Option 1 – RA Message To: FF02::1 (All-IPv6 devices) From: FE80::1 (Link-local address) Prefix: 2001:DB8:CAFE:1:: Prefix-length: /64 RA 1 MAC: 00-19-D2-8C-E0-4C Prefix: 2001:DB8:CAFE:1:: Prefix-length: /64 Default Gateway: FE80::1 Global Unicast Address: 2001:DB8:CAFE:1: + Interface ID 2001:DB8:CAFE:1::/64 EUI-64 Process or Random 64-bit value 2 DHCPv6 Server 3 SLAAC: EUI-64 Option
© Modified EUI-64 Format (Extended Unique Identifier–64) 00 19 D2 8C E0 4C OUI (24 bits) Device Identifier (24 bits) 00 19 D2 8C E0 4CFF FE 19 D2 8C E0 4CFF FE0000 000000 U/L bit flipped 0000 0010 02 19 D2 8C E0 4CFF FE Insert FF-FE
© PC> ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: IPv6 Address. . . . . . . . : 2001:db8:cafe:1:0219:d2ff:fe8c:e04c Link-local IPv6 Address . . : fe80::0219:d2ff:fe8c:e04c Default Gateway . . . . . : fe80::1 Router Advertisement EUI-64 A 64-bit Interface ID and the EUI-64 process accommodates: • The IEEE specification for a 64-bit MAC address • 64-bit boundary processing Verifying SLAAC on the PC Using EUI-64 Why. The Dude looking at the red question mark © Copyright jojje11
© SLAAC: Random 64-bit Interface ID Global Routing Prefix 64-bit Interface ID 16-bit Subnet ID /64/48 EUI-64 Process Randomly Generated Number (Privacy Extension) SLAACOperating System EUI-64 Random 64-bit Windows XP, Server 2003 ✔ Windows Vista and newer ✔ MAC OSX ✔ Linux ✔ DHCPv6 Server Known instead of unknown © Copyright DOC RABE Media Man in paper bag on head © Copyright binik
© PC-Windows7> ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: IPv6 Address. . . . . . . . : 2001:db8:cafe:1:50a5:8a35:a5bb:66e1 Link-local IPv6 Address . . : fe80::50a5:8a35:a5bb:66e1 Default Gateway . . . . . : fe80::1 Router Advertisement EUI-64 Verifying SLAAC on the PC Using Privacy Extension No FF-FE
© SLAAC: Including the DNS Server in the RA * DNS Server Router(config)# ipv6 unicast-routing ICMPv6 Router Advertisement • Prefix and other information G0/1 2001:DB8:CAFE:1::/64 Router(config)# ipv6 unicast-routing Router(config)# interface gigabitethernet 0/1 Router(config-if)# ipv6 nd ra dns server 2001:db8:cafe:1::99 600 2001:DB8:CAFE:1::99 Configures a DNS server with an IPv6 address of 2001:DB8::CAFE:1::1 to be advertised in an RA with a lifetime of 600 seconds.
© Global Unicast - 2001:db8:cafe:1:0219:d2ff:fe8c:e04c Link-local - fe80::50a5:8a35:a5bb:66e1 Neighbor Advertisement? Neighbor Solicitation Ensuring Unique Unicast Addresses Not received = unique address Received = duplicate address • SLAAC is stateless, no entity (DHCPv6 server) maintaining a state address- to-device mappings. • How can we guarantee the address is unique? • Duplicate Address Detection (DAD) • Once required for all unicast addresses (static or dynamic), RFC was updated that DAD is only recommended. • /64 Interface IDs!
7.3: Configuring a Router as a SLAAC Client
© Routers versus IPv6 Routers • A router (not enabled as an IPv6 router): • Configure IPv6 addresses • Member of All-IPv6 devices multicast group • An IPv6 router: • Same as a non-IPv6 router • Member of All-IPv6 routers multicast group • Sends ICMPv6 Router Advertisement messages • Can enable IPv6 routing protocols • Forward IPv6 packets (transiting the router) Router IPv6 Router 2001:DB8:CAFE:1::1/64 FE80::1 2001:DB8:CAFE:1::1/64 FE80::1 FF02::1 (All-IPv6 devices) FF02::1 (All-IPv6 devices) FF02::2 (All-IPv6 routers) ICMPv6 Router Advertisement Forward IPv6 Packets RIPng OSPFv3 EIGRP for IPv6 Router(config)# ipv6 unicast-routing
© R1 Client Client(config)# interface gig 0/1 Client(config-if)# ipv6 enable ! Not needed Client(config-if)# ipv6 address autoconfig default Client(config-if)# no shutdown Gig 0/1Gig 0/1 R1(config)# interface gig 0/1 R1(config-if)# ipv6 address 2001:db8:cafe:1::1/64 R1(config-if)# ipv6 address fe80::1 link-local R1(config-if)# no shutdown R1(config-if)# exit R1(config)# ipv6 unicast-routing Configuring the Router as a Client 2001:DB8:CAFE:1::/64 ICMPv6 Router Advertisement “IPv6 Router” Link-local address created Now I can accept RA messages and get a GUA automatically!
© R1 ClientGig 0/1Gig 0/1 ::1 R1# show ipv6 interface gigabitethernet 0/1 GigabitEthernet0/1 is up, line protocol is up IPv6 is enabled, link-local address is FE80::1 Global unicast address(es): 2001:DB8:CAFE:1::1, subnet is 2001:DB8:CAFE:1::/64 Joined group address(es): FF02::1 FF02::2 FF02::FB FF02::1:FF00:1 ND router advertisements are sent every 200 seconds Hosts use stateless autoconfig for addresses. Verifying the RA Message 2001:DB8:CAFE:1::/64 ICMPv6 Router Advertisement Partial output FE80::1
© R1 ClientGig 0/1Gig 0/1 ::1 Client# show ipv6 interface brief GigabitEthernet0/1 [up/up] FE80::8A5A:92FF:FE3B:29E1 2001:DB8:CAFE:1:8A5A:92FF:FE3B:29E1 <Rest of output omitted> Client# show interface gigabitethernet 0/1 GigabitEthernet0/1 is up, line protocol is up Hardware is CN Gigabit Ethernet, address is 885a.923b.29e1 (bia 885a.923b.29e1) <Rest of output omitted> Verifying the Client (Router) Is Using SLAAC/EUI-64 2001:DB8:CAFE:1::/64 ICMPv6 Router Advertisement FE80::1 EUI-64
© R1 ClientGig 0/1Gig 0/1 ::1 Client# show ipv6 route IPv6 Routing Table - default - 4 entries Codes: C - Connected, L - Local, S - Static, U - Per-user Static route IA - ISIS interarea, IS - ISIS summary, D - EIGRP, EX - EIGRP external ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr - Redirect O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ND ::/0 [2/0] via FE80::1, GigabitEthernet0/1 NDp 2001:DB8:CAFE:1::/64 [2/0] via GigabitEthernet0/1, directly connected <Rest of output omitted> Router versus “IPv6 Router” 2001:DB8:CAFE:1::/64 ICMPv6 Router Advertisement Partial output FE80::1 Default route learned via Neighbor Discovery (SLAAC) Prefix learned via Neighbor Discovery (SLAAC)
7.4: IPv6 Enabled Clients and Your Network
© You Are Probably Already Running IPv6 • Windows Vista or later, Mac OSX, Linux already running IPv6 • Potential DoS or MITM attack, even if the router is not IPv6 enabled. • Even if the router is not IPv6 enabled, your clients are mostly like are! • I can still do a DoS attack on clients or perhaps even still to a MITM attack. • There are mitigation techniques such as RA Guard. R1 Rogue RA RS IPv4 IPv6IPv4 IPv6 IPv4 IPv6 I need an IPv6 prefix Here is an IPv6 prefix and gateway People Icon: Occupations set 5 © Copyright Fredy Sujono
© SLAAC with DHCPv6 Global Unicast Manual Static IPv6 unnumbered Static + EUI 64 SLAAC DHCPv6 SLAAC + DHCPv6 Similar to IPv4 unnumbered Stateless Stateful DHCPv6-PD Dynamic Stateful Lesson 8
© For more information please check out my Cisco Press book and video series: IPv6 Fundamentals: A Straightforward Approach to Understanding IPv6 • By Rick Graziani • ISBN-10: 1-58714-313-5 IPv6 Fundamentals LiveLessons: A Straightforward Approach to Understanding IPv6 • By Rick Graziani • ISBN-10: 1-58720-457-6
7: SLAAC (Stateless Address Autoconfiguration) Rick Graziani Cabrillo College Rick.Graziani@cabrillo.edu

Recommended

Arp and rarp
Arp and rarpArp and rarp
Arp and rarpराहुल खेडेकर
 
Arp and rarp
Arp and rarpArp and rarp
Arp and rarp1991shalu
 
MPLS (Multiprotocol Label Switching)
MPLS (Multiprotocol Label Switching)MPLS (Multiprotocol Label Switching)
MPLS (Multiprotocol Label Switching)Netwax Lab
 
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017Bruno Teixeira
 
VRRP (virtual router redundancy protocol)
VRRP (virtual router redundancy protocol)VRRP (virtual router redundancy protocol)
VRRP (virtual router redundancy protocol)Netwax Lab
 
Subnet Mask
Subnet MaskSubnet Mask
Subnet MaskNetProtocol Xpert
 
8051 addressing modes
8051 addressing modes8051 addressing modes
8051 addressing modesVima Mali
 
MPLS (Multi-Protocol Label Switching)
MPLS (Multi-Protocol Label Switching)MPLS (Multi-Protocol Label Switching)
MPLS (Multi-Protocol Label Switching)Vipin Sahu
 

Recommended

Arp and rarp
Arp and rarpArp and rarp
Arp and rarpराहुल खेडेकर
 
Arp and rarp
Arp and rarpArp and rarp
Arp and rarp1991shalu
 
MPLS (Multiprotocol Label Switching)
MPLS (Multiprotocol Label Switching)MPLS (Multiprotocol Label Switching)
MPLS (Multiprotocol Label Switching)Netwax Lab
 
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017Bruno Teixeira
 
VRRP (virtual router redundancy protocol)
VRRP (virtual router redundancy protocol)VRRP (virtual router redundancy protocol)
VRRP (virtual router redundancy protocol)Netwax Lab
 
Subnet Mask
Subnet MaskSubnet Mask
Subnet MaskNetProtocol Xpert
 
8051 addressing modes
8051 addressing modes8051 addressing modes
8051 addressing modesVima Mali
 
MPLS (Multi-Protocol Label Switching)
MPLS (Multi-Protocol Label Switching)MPLS (Multi-Protocol Label Switching)
MPLS (Multi-Protocol Label Switching)Vipin Sahu
 
Operand and Opcode | Computer Science
Operand and Opcode | Computer ScienceOperand and Opcode | Computer Science
Operand and Opcode | Computer ScienceTransweb Global Inc
 
Internet control message protocol
Internet control message protocolInternet control message protocol
Internet control message protocolasimnawaz54
 
Address resolution protocol (ARP)
Address resolution protocol (ARP)Address resolution protocol (ARP)
Address resolution protocol (ARP)NetProtocol Xpert
 
Physical Layer of ISO-OSI model and Devices
Physical Layer of ISO-OSI model and DevicesPhysical Layer of ISO-OSI model and Devices
Physical Layer of ISO-OSI model and DevicesShahid Khan
 
SMTP Simple Mail Transfer Protocol
SMTP Simple Mail Transfer ProtocolSMTP Simple Mail Transfer Protocol
SMTP Simple Mail Transfer ProtocolSIDDARAMAIAHMC
 
6lowpan
6lowpan6lowpan
6lowpanDwarakanath Tulasi
 
Ip address and subnetting
Ip address and subnettingIp address and subnetting
Ip address and subnettingIGZ Software house
 
Segment Routing: A Tutorial
Segment Routing: A TutorialSegment Routing: A Tutorial
Segment Routing: A TutorialAPNIC
 
Multi-Protocol Label Switching
Multi-Protocol Label SwitchingMulti-Protocol Label Switching
Multi-Protocol Label Switchingseanraz
 
Presentation on arp protocol
Presentation on arp protocolPresentation on arp protocol
Presentation on arp protocolMohd. Ahmad Siddiqi
 
IPv6 Fundamentals
IPv6 FundamentalsIPv6 Fundamentals
IPv6 FundamentalsMatt Bynum
 
Mobile transportlayer
Mobile transportlayerMobile transportlayer
Mobile transportlayerRahul Hada
 
IP Addressing & subnetting strategy
IP Addressing & subnetting strategyIP Addressing & subnetting strategy
IP Addressing & subnetting strategyMustafa Salam
 
Mpls Services
Mpls ServicesMpls Services
Mpls ServicesKristof De Brouwer
 
Classless subnetting
Classless subnettingClassless subnetting
Classless subnettingUniversidad Tecnica de Ambato
 
HDLC(high level data link control)
HDLC(high level data link control)HDLC(high level data link control)
HDLC(high level data link control)Anand Biradar
 
5. icmp
5. icmp5. icmp
5. icmpSwati Arora
 
Ccna training report
Ccna training reportCcna training report
Ccna training reportTalvinder Singh
 
TFTP - Trivial File Transfer Protocol
TFTP - Trivial File Transfer ProtocolTFTP - Trivial File Transfer Protocol
TFTP - Trivial File Transfer ProtocolPeter R. Egli
 
Token bus
Token busToken bus
Token busDenver Rockfreak
 
I pv6 autoconfig20c
I pv6 autoconfig20cI pv6 autoconfig20c
I pv6 autoconfig20cFrederic Bovy
 
FolderTrislotPetrochemie2015_Lowres
FolderTrislotPetrochemie2015_LowresFolderTrislotPetrochemie2015_Lowres
FolderTrislotPetrochemie2015_LowresCorey Brightwell
 

More Related Content

What's hot

Operand and Opcode | Computer Science
Operand and Opcode | Computer ScienceOperand and Opcode | Computer Science
Operand and Opcode | Computer ScienceTransweb Global Inc
 
Internet control message protocol
Internet control message protocolInternet control message protocol
Internet control message protocolasimnawaz54
 
Address resolution protocol (ARP)
Address resolution protocol (ARP)Address resolution protocol (ARP)
Address resolution protocol (ARP)NetProtocol Xpert
 
Physical Layer of ISO-OSI model and Devices
Physical Layer of ISO-OSI model and DevicesPhysical Layer of ISO-OSI model and Devices
Physical Layer of ISO-OSI model and DevicesShahid Khan
 
SMTP Simple Mail Transfer Protocol
SMTP Simple Mail Transfer ProtocolSMTP Simple Mail Transfer Protocol
SMTP Simple Mail Transfer ProtocolSIDDARAMAIAHMC
 
Segment Routing: A Tutorial
Segment Routing: A TutorialSegment Routing: A Tutorial
Segment Routing: A TutorialAPNIC
 
Multi-Protocol Label Switching
Multi-Protocol Label SwitchingMulti-Protocol Label Switching
Multi-Protocol Label Switchingseanraz
 
IPv6 Fundamentals
IPv6 FundamentalsIPv6 Fundamentals
IPv6 FundamentalsMatt Bynum
 
Mobile transportlayer
Mobile transportlayerMobile transportlayer
Mobile transportlayerRahul Hada
 
IP Addressing & subnetting strategy
IP Addressing & subnetting strategyIP Addressing & subnetting strategy
IP Addressing & subnetting strategyMustafa Salam
 
HDLC(high level data link control)
HDLC(high level data link control)HDLC(high level data link control)
HDLC(high level data link control)Anand Biradar
 
TFTP - Trivial File Transfer Protocol
TFTP - Trivial File Transfer ProtocolTFTP - Trivial File Transfer Protocol
TFTP - Trivial File Transfer ProtocolPeter R. Egli
 

What's hot (20)

Operand and Opcode | Computer Science
Operand and Opcode | Computer ScienceOperand and Opcode | Computer Science
Operand and Opcode | Computer Science
 
Internet control message protocol
Internet control message protocolInternet control message protocol
Internet control message protocol
 
Address resolution protocol (ARP)
Address resolution protocol (ARP)Address resolution protocol (ARP)
Address resolution protocol (ARP)
 
Physical Layer of ISO-OSI model and Devices
Physical Layer of ISO-OSI model and DevicesPhysical Layer of ISO-OSI model and Devices
Physical Layer of ISO-OSI model and Devices
 
SMTP Simple Mail Transfer Protocol
SMTP Simple Mail Transfer ProtocolSMTP Simple Mail Transfer Protocol
SMTP Simple Mail Transfer Protocol
 
6lowpan
6lowpan6lowpan
6lowpan
 
Ip address and subnetting
Ip address and subnettingIp address and subnetting
Ip address and subnetting
 
Segment Routing: A Tutorial
Segment Routing: A TutorialSegment Routing: A Tutorial
Segment Routing: A Tutorial
 
Multi-Protocol Label Switching
Multi-Protocol Label SwitchingMulti-Protocol Label Switching
Multi-Protocol Label Switching
 
Presentation on arp protocol
Presentation on arp protocolPresentation on arp protocol
Presentation on arp protocol
 
IPv6 Fundamentals
IPv6 FundamentalsIPv6 Fundamentals
IPv6 Fundamentals
 
Mobile transportlayer
Mobile transportlayerMobile transportlayer
Mobile transportlayer
 
IP Addressing & subnetting strategy
IP Addressing & subnetting strategyIP Addressing & subnetting strategy
IP Addressing & subnetting strategy
 
Mpls Services
Mpls ServicesMpls Services
Mpls Services
 
Classless subnetting
Classless subnettingClassless subnetting
Classless subnetting
 
HDLC(high level data link control)
HDLC(high level data link control)HDLC(high level data link control)
HDLC(high level data link control)
 
5. icmp
5. icmp5. icmp
5. icmp
 
Ccna training report
Ccna training reportCcna training report
Ccna training report
 
TFTP - Trivial File Transfer Protocol
TFTP - Trivial File Transfer ProtocolTFTP - Trivial File Transfer Protocol
TFTP - Trivial File Transfer Protocol
 
Token bus
Token busToken bus
Token bus
 

Viewers also liked

FolderTrislotPetrochemie2015_Lowres
FolderTrislotPetrochemie2015_LowresFolderTrislotPetrochemie2015_Lowres
FolderTrislotPetrochemie2015_LowresCorey Brightwell
 
ETC Teaching plans
ETC Teaching plansETC Teaching plans
ETC Teaching plansETC
 
Reactors used in jhbbrefining & petrochemistry
Reactors used in jhbbrefining & petrochemistryReactors used in jhbbrefining & petrochemistry
Reactors used in jhbbrefining & petrochemistryNhat Cao
 
Methanol Flowsheets - A Competitive Review
Methanol Flowsheets - A Competitive ReviewMethanol Flowsheets - A Competitive Review
Methanol Flowsheets - A Competitive ReviewGerard B. Hawkins
 
Isothermal Methanol Converter (IMC) UA Distribution Analysis
Isothermal Methanol Converter (IMC) UA Distribution AnalysisIsothermal Methanol Converter (IMC) UA Distribution Analysis
Isothermal Methanol Converter (IMC) UA Distribution AnalysisGerard B. Hawkins
 
Methanol Synthesis - Theory and Operation
Methanol Synthesis - Theory and OperationMethanol Synthesis - Theory and Operation
Methanol Synthesis - Theory and OperationGerard B. Hawkins
 

Viewers also liked (8)

I pv6 autoconfig20c
I pv6 autoconfig20cI pv6 autoconfig20c
I pv6 autoconfig20c
 
FolderTrislotPetrochemie2015_Lowres
FolderTrislotPetrochemie2015_LowresFolderTrislotPetrochemie2015_Lowres
FolderTrislotPetrochemie2015_Lowres
 
ETC Teaching plans
ETC Teaching plansETC Teaching plans
ETC Teaching plans
 
Reactors used in jhbbrefining & petrochemistry
Reactors used in jhbbrefining & petrochemistryReactors used in jhbbrefining & petrochemistry
Reactors used in jhbbrefining & petrochemistry
 
Methanol Converter Types
Methanol Converter TypesMethanol Converter Types
Methanol Converter Types
 
Methanol Flowsheets - A Competitive Review
Methanol Flowsheets - A Competitive ReviewMethanol Flowsheets - A Competitive Review
Methanol Flowsheets - A Competitive Review
 
Isothermal Methanol Converter (IMC) UA Distribution Analysis
Isothermal Methanol Converter (IMC) UA Distribution AnalysisIsothermal Methanol Converter (IMC) UA Distribution Analysis
Isothermal Methanol Converter (IMC) UA Distribution Analysis
 
Methanol Synthesis - Theory and Operation
Methanol Synthesis - Theory and OperationMethanol Synthesis - Theory and Operation
Methanol Synthesis - Theory and Operation
 

Similar to 7 slaac-rick graziani

Deploying IPv6 in OpenStack Environments
Deploying IPv6 in OpenStack EnvironmentsDeploying IPv6 in OpenStack Environments
Deploying IPv6 in OpenStack EnvironmentsShannon McFarland
 
Analyzing dhc pv6 stateful and stateless
Analyzing dhc pv6 stateful and statelessAnalyzing dhc pv6 stateful and stateless
Analyzing dhc pv6 stateful and statelessMarco Canales NAveda
 
Getting started with IPv6
Getting started with IPv6Getting started with IPv6
Getting started with IPv6Private
 
Dynamic Host Configuration Protocol
Dynamic Host Configuration ProtocolDynamic Host Configuration Protocol
Dynamic Host Configuration Protocolnewbie2019
 
IPv6 networking training sduffy v3
IPv6 networking training sduffy v3IPv6 networking training sduffy v3
IPv6 networking training sduffy v3Shane Duffy
 
Implementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud TenantImplementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud TenantShixiong Shang
 
IPv6 - Jozi Linux User Group Presentation
IPv6 - Jozi Linux User Group PresentationIPv6 - Jozi Linux User Group Presentation
IPv6 - Jozi Linux User Group PresentationJumping Bean
 
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...Louis Göhl
 
CCNA2 Verson6 Chapter8
CCNA2 Verson6 Chapter8CCNA2 Verson6 Chapter8
CCNA2 Verson6 Chapter8Chaing Ravuth
 
OpenStack Icehouse Over IPv6
OpenStack Icehouse Over IPv6OpenStack Icehouse Over IPv6
OpenStack Icehouse Over IPv6Shixiong Shang
 
Module (8) DHCP Server.pptx
Module (8) DHCP Server.pptxModule (8) DHCP Server.pptx
Module (8) DHCP Server.pptxGeorgeThoreJr
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 8
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 8CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 8
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 8Waqas Ahmed Nawaz
 
CCNA DHCP (Dynamic Host Control Protocol)
CCNA DHCP (Dynamic Host Control Protocol)CCNA DHCP (Dynamic Host Control Protocol)
CCNA DHCP (Dynamic Host Control Protocol)Networkel
 
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...gogo6
 
Neighbor Discovery Deep Dive – IPv6-Networking-Referat
Neighbor Discovery Deep Dive – IPv6-Networking-ReferatNeighbor Discovery Deep Dive – IPv6-Networking-Referat
Neighbor Discovery Deep Dive – IPv6-Networking-ReferatDigicomp Academy AG
 
IPv6 Security - Hacker Halted 2013
IPv6 Security - Hacker Halted 2013IPv6 Security - Hacker Halted 2013
IPv6 Security - Hacker Halted 2013Zivaro Inc
 

Similar to 7 slaac-rick graziani (20)

Deploying IPv6 in OpenStack Environments
Deploying IPv6 in OpenStack EnvironmentsDeploying IPv6 in OpenStack Environments
Deploying IPv6 in OpenStack Environments
 
Dhc pv4
Dhc pv4Dhc pv4
Dhc pv4
 
IPV6 IPv6 Routing Lab By Rob Hamm
IPV6 IPv6 Routing Lab By Rob HammIPV6 IPv6 Routing Lab By Rob Hamm
IPV6 IPv6 Routing Lab By Rob Hamm
 
Analyzing dhc pv6 stateful and stateless
Analyzing dhc pv6 stateful and statelessAnalyzing dhc pv6 stateful and stateless
Analyzing dhc pv6 stateful and stateless
 
Getting started with IPv6
Getting started with IPv6Getting started with IPv6
Getting started with IPv6
 
Dynamic Host Configuration Protocol
Dynamic Host Configuration ProtocolDynamic Host Configuration Protocol
Dynamic Host Configuration Protocol
 
IPv6 DHCP
IPv6 DHCPIPv6 DHCP
IPv6 DHCP
 
Fedv6tf-fhs
Fedv6tf-fhsFedv6tf-fhs
Fedv6tf-fhs
 
IPv6 networking training sduffy v3
IPv6 networking training sduffy v3IPv6 networking training sduffy v3
IPv6 networking training sduffy v3
 
Implementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud TenantImplementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud Tenant
 
IPv6 - Jozi Linux User Group Presentation
IPv6 - Jozi Linux User Group PresentationIPv6 - Jozi Linux User Group Presentation
IPv6 - Jozi Linux User Group Presentation
 
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...
 
CCNA2 Verson6 Chapter8
CCNA2 Verson6 Chapter8CCNA2 Verson6 Chapter8
CCNA2 Verson6 Chapter8
 
OpenStack Icehouse Over IPv6
OpenStack Icehouse Over IPv6OpenStack Icehouse Over IPv6
OpenStack Icehouse Over IPv6
 
Module (8) DHCP Server.pptx
Module (8) DHCP Server.pptxModule (8) DHCP Server.pptx
Module (8) DHCP Server.pptx
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 8
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 8CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 8
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 8
 
CCNA DHCP (Dynamic Host Control Protocol)
CCNA DHCP (Dynamic Host Control Protocol)CCNA DHCP (Dynamic Host Control Protocol)
CCNA DHCP (Dynamic Host Control Protocol)
 
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
 
Neighbor Discovery Deep Dive – IPv6-Networking-Referat
Neighbor Discovery Deep Dive – IPv6-Networking-ReferatNeighbor Discovery Deep Dive – IPv6-Networking-Referat
Neighbor Discovery Deep Dive – IPv6-Networking-Referat
 
IPv6 Security - Hacker Halted 2013
IPv6 Security - Hacker Halted 2013IPv6 Security - Hacker Halted 2013
IPv6 Security - Hacker Halted 2013
 

Recently uploaded

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 

Recently uploaded (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 

7 slaac-rick graziani

  • 1. 7: SLAAC (Stateless Address Autoconfiguration) Rick Graziani Cabrillo College Rick.Graziani@cabrillo.edu
  • 2. © For more information please check out my Cisco Press book and video series: IPv6 Fundamentals: A Straightforward Approach to Understanding IPv6 • By Rick Graziani • ISBN-10: 1-58714-313-5 IPv6 Fundamentals LiveLessons: A Straightforward Approach to Understanding IPv6 • By Rick Graziani • ISBN-10: 1-58720-457-6
  • 3. 7.1: Introduction to SLAAC and ICMPv6 ND
  • 4. © Dynamic IPv6 Address Allocation • DHCPv6 and SLAAC with DHCPv6 are discussed in Lesson 8. Global Unicast Manual Dynamic Static IPv6 unnumbered Static + EUI 64 SLAAC DHCPv6 SLAAC + DHCPv6 Similar to IPv4 unnumbered Stateless Stateful DHCPv6-PD
  • 5. © DHCP Server Dynamic IPv4 Address Allocation DHCP Client I need an IPv4 addressing information from a DHCP server. Here is your IPv4 address, subnet mask, default gateway and DNS server addresses.
  • 6. © ICMPv6 Internet Control Message Protocol for IPv6 • Described in RFC 4443 • Much more robust than ICMP for IPv4 • Contains new functionality and improvements. • More than just “messaging” but “how IPv6 conducts business”. • Including ICMPv6 Neighbor Discovery (RFC 4861) – used in dynamic address allocation. • Note: ICMPv6 is discussed in detail in Lesson 9, ICMPv6 ND in Lesson 10.
  • 7. © “Introducing” ICMPv6 Neighbor Discovery ICMPv6 informational messages used by Neighbor Discovery (RFC 4861): • Router Solicitation Message • Router Advertisement Message • Used for dynamic address allocation. • Neighbor Solicitation Message • Neighbor Advertisement Message • Used with address resolution (IPv4 ARP) and with DAD • Redirect Message (Similar to ICMPv4) Router-Device Messaging Device-Device Messaging
  • 8. © It Begins with the RA Message • An ICMPv6 Router Advertisement (RA) suggests to all IPv6 devices on the link how it will receive IPv6 Address Information. • Sent periodically by an IPv6 router or… • … when the router receives a Router Solicitation message from a host. DHCPv6 Server ICMPv6 Router Advertisement ICMPv6 Router Solicitation Multicast: To all IPv6 routers, I need IPv6 address information Multicast: To all IPv6 devices, let me suggest to you how to do this … I might not even be needed. 
  • 9. © It Begins with the RA Message Router Advertisement (RA) Message • Part of ICMPv6 (Internet Control Message Protocol for IPv6) • RA messages are sent by an “IPv6 router” • An IPv6 router (ipv6 unicast-routing command): • Forwards IPv6 Packets • Enables IPv6 static and dynamic routing • Sends ICMPv6 Router Advertisements • Note: Routers can be configured with IPv6 addresses without being an IPv6 router. DHCPv6 Server ICMPv6 Router Advertisement Router(config)# ipv6 unicast-routing
  • 10. © Router Advertisement: 3 Options DHCPv6 Server RA Router(config)# ipv6 unicast-routing Option 1: SLAAC – No DHCPv6 (Default on Cisco routers) “I’m everything you need (Prefix, Prefix-length, Default Gateway)” Option 2: SLAAC + Stateless DHCPv6 for DNS address “Here is my information but you need to get other information such as DNS addresses from a DHCPv6 server.” (DNS can be in RA) Option 3: All addressing except default gateway use DHCPv6 “I can’t help you. Ask a DHCPv6 server for all your information.” DHCPv6 Option 1 and 2: Stateless Address Autoconfiguration • DHCPv6 Server does not maintain state of addresses Option 3: Stateful Address Configuration • Address received from DHCPv6 Server • Options 2 and 3 are discussed in Lesson 8.
  • 11. © RA Message Options The type of Router Advertisement option depends on two RA flags: Other Configuration Flag and Managed Configuration Flag • Default: Both flags are set to 0 (Option 1) • Use me (RA) for all your addressing information, no additional information available via DHCPv6. • Other Configuration Flag when set to “1” (Option 2) • Use me (RA) for your address but you need to get OTHER information from a stateless DHCPv6 server. • Managed Configuration Flag when set to “1” (Option 3) • The client needs to get ALL of it’s MANAGED information from a stateful DHCPv6 server, except default gateway. • Note: Two other flags include the autonomous address-configuration flag and on-link flag. (“A” Flag discussed in lesson 8, “L” Flag beyond the scope of this video.) DHCPv6 Server ICMPv6 Router Advertisement Option 1, 2, or 3
  • 12. © RA Message Options DHCPv6 Server ICMPv6 Router Advertisement Option 1, 2, or 3 Option Other Configuration (“O”) Flag Managed Configuration (“M”) Flag Option 1: SLAAC – No DHCPv6 (Default on Cisco routers) 0 0 Option 2: SLAAC + Stateless DHCPv6 for DNS address 1 0 Option 3: All addressing except default gateway use DHCPv6 0 1 • Configuring Flags discussed in Lesson 8.
  • 13. © SLAAC: Stateless Address Autoconfiguration DHCPv6 Server Router(config)# ipv6 unicast-routing ICMPv6 Router Advertisement • Prefix and other information SLAAC (Stateless Address Autoconfiguration) • Allows a device to create its own IPv6 global unicast address without the services of a DHCPv6 server. • Prefix: From the Router Advertisement (RA). • Interface ID: • EUI-64 • Random 64-bit value 2001:DB8:CAFE:1::/64 I know the network prefix from the RA. I just need to come up with my own Interface ID for my GUA!
  • 14. © DHCPv6 DHCPv6 Server Ignoring the RA Message? • The ICMPv6 Router Advertisement suggests to the host how to get its address automatically. • Can a host ignore an ICMPv6 Router Advertisement? • Host operating systems can include the option of ignoring the Router Advertisement from the router and only use the stateful services of a DHCPv6 server (or what ever it wants to do). • However, hosts can’t ignore the default gateway (source of RA) unless manually configured. ICMPv6 Router Advertisement Link-local address
  • 15. 7.2: Creating the Interface ID: EUI-64 or Random Value
  • 16. © Obtaining an IPv6 Address Automatically
  • 17. © Note: Domain name and DNS server list may be included if router (and end system) support RFC 6106 IPv6 RA Options for DNS Configuration. SLAAC Option 1 – RA Message To: FF02::1 (All-IPv6 devices) From: FE80::1 (Link-local address) Prefix: 2001:DB8:CAFE:1:: Prefix-length: /64 RA 1 MAC: 00-19-D2-8C-E0-4C Prefix: 2001:DB8:CAFE:1:: Prefix-length: /64 Default Gateway: FE80::1 Global Unicast Address: 2001:DB8:CAFE:1: + Interface ID 2001:DB8:CAFE:1::/64 EUI-64 Process or Random 64-bit value 2 DHCPv6 Server 3 SLAAC: Stateless Address Autoconfiguration
  • 18. © SLAAC: Interface ID Global Routing Prefix 64-bit Interface ID 16-bit Subnet ID /64/48 EUI-64 Process Randomly Generated Number (Privacy Extension) SLAAC Operating System EUI-64 Random 64-bit Windows XP, Server 2003 ✔ Windows Vista and newer ✔ MAC OSX ✔ Linux ✔ DHCPv6 Server Default OS behavior can be changed. Known instead of unknown © Copyright DOC RABE Media Man in paper bag on head © Copyright binik
  • 19. © Note: Domain name and DNS server list may be included if router (and end system) support RFC 6106 IPv6 RA Options for DNS Configuration. SLAAC Option 1 – RA Message To: FF02::1 (All-IPv6 devices) From: FE80::1 (Link-local address) Prefix: 2001:DB8:CAFE:1:: Prefix-length: /64 RA 1 MAC: 00-19-D2-8C-E0-4C Prefix: 2001:DB8:CAFE:1:: Prefix-length: /64 Default Gateway: FE80::1 Global Unicast Address: 2001:DB8:CAFE:1: + Interface ID 2001:DB8:CAFE:1::/64 EUI-64 Process or Random 64-bit value 2 DHCPv6 Server 3 SLAAC: EUI-64 Option
  • 20. © Modified EUI-64 Format (Extended Unique Identifier–64) 00 19 D2 8C E0 4C OUI (24 bits) Device Identifier (24 bits) 00 19 D2 8C E0 4CFF FE 19 D2 8C E0 4CFF FE0000 000000 U/L bit flipped 0000 0010 02 19 D2 8C E0 4CFF FE Insert FF-FE
  • 21. © PC> ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: IPv6 Address. . . . . . . . : 2001:db8:cafe:1:0219:d2ff:fe8c:e04c Link-local IPv6 Address . . : fe80::0219:d2ff:fe8c:e04c Default Gateway . . . . . : fe80::1 Router Advertisement EUI-64 A 64-bit Interface ID and the EUI-64 process accommodates: • The IEEE specification for a 64-bit MAC address • 64-bit boundary processing Verifying SLAAC on the PC Using EUI-64 Why. The Dude looking at the red question mark © Copyright jojje11
  • 22. © SLAAC: Random 64-bit Interface ID Global Routing Prefix 64-bit Interface ID 16-bit Subnet ID /64/48 EUI-64 Process Randomly Generated Number (Privacy Extension) SLAACOperating System EUI-64 Random 64-bit Windows XP, Server 2003 ✔ Windows Vista and newer ✔ MAC OSX ✔ Linux ✔ DHCPv6 Server Known instead of unknown © Copyright DOC RABE Media Man in paper bag on head © Copyright binik
  • 23. © PC-Windows7> ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: IPv6 Address. . . . . . . . : 2001:db8:cafe:1:50a5:8a35:a5bb:66e1 Link-local IPv6 Address . . : fe80::50a5:8a35:a5bb:66e1 Default Gateway . . . . . : fe80::1 Router Advertisement EUI-64 Verifying SLAAC on the PC Using Privacy Extension No FF-FE
  • 24. © SLAAC: Including the DNS Server in the RA * DNS Server Router(config)# ipv6 unicast-routing ICMPv6 Router Advertisement • Prefix and other information G0/1 2001:DB8:CAFE:1::/64 Router(config)# ipv6 unicast-routing Router(config)# interface gigabitethernet 0/1 Router(config-if)# ipv6 nd ra dns server 2001:db8:cafe:1::99 600 2001:DB8:CAFE:1::99 Configures a DNS server with an IPv6 address of 2001:DB8::CAFE:1::1 to be advertised in an RA with a lifetime of 600 seconds.
  • 25. © Global Unicast - 2001:db8:cafe:1:0219:d2ff:fe8c:e04c Link-local - fe80::50a5:8a35:a5bb:66e1 Neighbor Advertisement? Neighbor Solicitation Ensuring Unique Unicast Addresses Not received = unique address Received = duplicate address • SLAAC is stateless, no entity (DHCPv6 server) maintaining a state address- to-device mappings. • How can we guarantee the address is unique? • Duplicate Address Detection (DAD) • Once required for all unicast addresses (static or dynamic), RFC was updated that DAD is only recommended. • /64 Interface IDs!
  • 26. 7.3: Configuring a Router as a SLAAC Client
  • 27. © Routers versus IPv6 Routers • A router (not enabled as an IPv6 router): • Configure IPv6 addresses • Member of All-IPv6 devices multicast group • An IPv6 router: • Same as a non-IPv6 router • Member of All-IPv6 routers multicast group • Sends ICMPv6 Router Advertisement messages • Can enable IPv6 routing protocols • Forward IPv6 packets (transiting the router) Router IPv6 Router 2001:DB8:CAFE:1::1/64 FE80::1 2001:DB8:CAFE:1::1/64 FE80::1 FF02::1 (All-IPv6 devices) FF02::1 (All-IPv6 devices) FF02::2 (All-IPv6 routers) ICMPv6 Router Advertisement Forward IPv6 Packets RIPng OSPFv3 EIGRP for IPv6 Router(config)# ipv6 unicast-routing
  • 28. © R1 Client Client(config)# interface gig 0/1 Client(config-if)# ipv6 enable ! Not needed Client(config-if)# ipv6 address autoconfig default Client(config-if)# no shutdown Gig 0/1Gig 0/1 R1(config)# interface gig 0/1 R1(config-if)# ipv6 address 2001:db8:cafe:1::1/64 R1(config-if)# ipv6 address fe80::1 link-local R1(config-if)# no shutdown R1(config-if)# exit R1(config)# ipv6 unicast-routing Configuring the Router as a Client 2001:DB8:CAFE:1::/64 ICMPv6 Router Advertisement “IPv6 Router” Link-local address created Now I can accept RA messages and get a GUA automatically!
  • 29. © R1 ClientGig 0/1Gig 0/1 ::1 R1# show ipv6 interface gigabitethernet 0/1 GigabitEthernet0/1 is up, line protocol is up IPv6 is enabled, link-local address is FE80::1 Global unicast address(es): 2001:DB8:CAFE:1::1, subnet is 2001:DB8:CAFE:1::/64 Joined group address(es): FF02::1 FF02::2 FF02::FB FF02::1:FF00:1 ND router advertisements are sent every 200 seconds Hosts use stateless autoconfig for addresses. Verifying the RA Message 2001:DB8:CAFE:1::/64 ICMPv6 Router Advertisement Partial output FE80::1
  • 30. © R1 ClientGig 0/1Gig 0/1 ::1 Client# show ipv6 interface brief GigabitEthernet0/1 [up/up] FE80::8A5A:92FF:FE3B:29E1 2001:DB8:CAFE:1:8A5A:92FF:FE3B:29E1 <Rest of output omitted> Client# show interface gigabitethernet 0/1 GigabitEthernet0/1 is up, line protocol is up Hardware is CN Gigabit Ethernet, address is 885a.923b.29e1 (bia 885a.923b.29e1) <Rest of output omitted> Verifying the Client (Router) Is Using SLAAC/EUI-64 2001:DB8:CAFE:1::/64 ICMPv6 Router Advertisement FE80::1 EUI-64
  • 31. © R1 ClientGig 0/1Gig 0/1 ::1 Client# show ipv6 route IPv6 Routing Table - default - 4 entries Codes: C - Connected, L - Local, S - Static, U - Per-user Static route IA - ISIS interarea, IS - ISIS summary, D - EIGRP, EX - EIGRP external ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr - Redirect O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ND ::/0 [2/0] via FE80::1, GigabitEthernet0/1 NDp 2001:DB8:CAFE:1::/64 [2/0] via GigabitEthernet0/1, directly connected <Rest of output omitted> Router versus “IPv6 Router” 2001:DB8:CAFE:1::/64 ICMPv6 Router Advertisement Partial output FE80::1 Default route learned via Neighbor Discovery (SLAAC) Prefix learned via Neighbor Discovery (SLAAC)
  • 32. 7.4: IPv6 Enabled Clients and Your Network
  • 33. © You Are Probably Already Running IPv6 • Windows Vista or later, Mac OSX, Linux already running IPv6 • Potential DoS or MITM attack, even if the router is not IPv6 enabled. • Even if the router is not IPv6 enabled, your clients are mostly like are! • I can still do a DoS attack on clients or perhaps even still to a MITM attack. • There are mitigation techniques such as RA Guard. R1 Rogue RA RS IPv4 IPv6IPv4 IPv6 IPv4 IPv6 I need an IPv6 prefix Here is an IPv6 prefix and gateway People Icon: Occupations set 5 © Copyright Fredy Sujono
  • 34. © SLAAC with DHCPv6 Global Unicast Manual Static IPv6 unnumbered Static + EUI 64 SLAAC DHCPv6 SLAAC + DHCPv6 Similar to IPv4 unnumbered Stateless Stateful DHCPv6-PD Dynamic Stateful Lesson 8
  • 35. © For more information please check out my Cisco Press book and video series: IPv6 Fundamentals: A Straightforward Approach to Understanding IPv6 • By Rick Graziani • ISBN-10: 1-58714-313-5 IPv6 Fundamentals LiveLessons: A Straightforward Approach to Understanding IPv6 • By Rick Graziani • ISBN-10: 1-58720-457-6
  • 36. 7: SLAAC (Stateless Address Autoconfiguration) Rick Graziani Cabrillo College Rick.Graziani@cabrillo.edu

Editor's Notes

  1. More in lesson 4
  2. Option 1 technically isn’t everything as there’s no DNS server or domain name info (RFC 6106). Need both the router to support the sending of the info and the end system to know what to do w/ it. For option 3, you still need to control the SLAAC process w/ the RA’s (e.g. how the prefix in the RA should be used) otherwise the end system will end up a DHCP and SLAAC address
  3. The ipv6 nd prefix 2001:DB8:CAFE:120::/64 no-autoconfig command (set A flag off), coupled with the M flag set on, succeeds in getting Windows 7 to just populate one address, while still installing a default route on the client. no-autoconfig (Optional) Indicates to hosts on the local link that the specified prefix cannot be used for IPv6 autoconfiguration. The prefix will be advertised with the A-bit clear. When autoconfiguration is “on” (by default), it indicates to hosts on the local link that the specified prefix can be used for IPv6 autoconfiguration. The configuration options affect the L-bit and A-bit settings associated with the prefix in the IPv6 ND Router Advertisement, and presence of the prefix in the routing table, as follows: Default L=1 A=1 In Routing Table no-onlink L=0 A=1 In Routing Table no-autoconfig L=1 A=0 In Routing Table no-onlink no-autoconfig L=0 A=0 In Routing Table off-link L=0 A=1 Not in Routing Table off-link no-autoconfig L=0 A=0 Not in Routing Table A-bit – Autonomous Address Autoconfiguration Flag tells the node it should perform stateless address assignment (SLAAC RFC 4862) L-bit – On-Link Flag tells the node that the prefix listed in the RA is the local IPv6 address M-bit – Managed Address Config Flag tells the host if it should use stateful DHCPv6 (RFC 3315) to acquire its address and other DHCPv6 options O-bit – Other Config Flag tells the host that there is other information the router can provide, such as DNS information defined in Stateless DHCPv6 (RFC 3736) RFC 4862 = "autonomous address-configuration flag", indicates whether or not the option even applies to stateless autoconfiguration. If it does, additional option fields contain a subnet prefix, together with lifetime values, indicating how long addresses created from the prefix remain preferred and valid.
  4. ipv6 nd ra dns-suffix ipv6.vmwcs.com To configure the IPv6 router advertisement of DNS server addresses on an interface, use the ipv6 nd ra dns server command in interface configuration mode. To remove the IPv6 router advertisement of DNS server addresses, use the no form of this command. ipv6 nd ra dns server ipv6-address seconds no ipv6 nd ra dns server ipv6-address Syntax Description seconds The amount of time (in seconds) that the Domain Naming System (DNS) server is advertised in an IPv6 router advertisement (RA). The range is from 200 to 4294967295. Command Default The DNS server is not advertised in an IPv6 RA. Command Modes Interface configuration (config-if) Command History Release Modification Cisco IOS XE Release 3.9S This command was introduced. Usage Guidelines You can use the ipv6 nd ra dns server command to configure up to eight DNS server addresses in an RA. If you configure a seconds value of zero, the DNS server will no longer be used. Examples The following example configures a DNS server with an IPv6 address of 2001:DB8:1::1 to be advertised in an RA with a lifetime of 600 seconds: Router(config)# interface ethernet 0/0 Router(config-if)# ipv6 nd ra dns server 2001:DB8:1::1 600
  5. Check your OS for the default…. Most operating systems provide options to use use either one. Cisco router configured as a client will use EUI-64. More on the router as a client in Lesson 8 when we discuss SLAAC and DHCPv6.
  6. As of now Cisco only supports DNS server advertisement not domain name on IOS XE. To configure the IPv6 router advertisement of DNS server addresses on an interface, use the ipv6 nd ra dns server command in interface configuration mode. To remove the IPv6 router advertisement of DNS server addresses, use the no form of this command. ipv6 nd ra dns server ipv6-address seconds no ipv6 nd ra dns server ipv6-address Syntax Description seconds The amount of time (in seconds) that the Domain Naming System (DNS) server is advertised in an IPv6 router advertisement (RA). The range is from 200 to 4294967295. Command Default The DNS server is not advertised in an IPv6 RA. Command Modes Interface configuration (config-if) Command History Release Modification Cisco IOS XE Release 3.9S This command was introduced. Usage Guidelines You can use the ipv6 nd ra dns server command to configure up to eight DNS server addresses in an RA. If you configure a seconds value of zero, the DNS server will no longer be used. Examples The following example configures a DNS server with an IPv6 address of 2001:DB8:1::1 to be advertised in an RA with a lifetime of 600 seconds: Router(config)# interface ethernet 0/0 Router(config-if)# ipv6 nd ra dns server 2001:DB8:1::1 600
  7. Insert FFFE gives us a 64 bit Interface ID IPv6 64-bit interface IDs are on a 64 bit boundary and accommodate IEEE specification for 64 bit MAC addresses IEEE has chosen FFFE as a reserved value which can only appear in EUI-64 generated from the an EUI-48 MAC address. IEEE's Guidelines for EUI-64 Registration Authority, Reason for U/L bit flipped can be found in RFC 4291 IP Version 6 Addressing Architecture
  8. FF-FE – more than likely EUI-64 Link local address is usually the same process Default gateway – link-local address
  9. Check your OS for the default…. Most operating systems provide options to use use either one.
  10. Documentation states that only an IPv6 router can forward IPv6 packets, however IOS does allow you to configure IPv6 static routes and it forwards IPv6 packets using those routes.
  11. Client router acting as an IPv6 client host. Ipv6 enable command – necessary to create link-local address, thus enabling it as an IPv6 interface. Remember, a device must have at least a link-local address to be an IPv6 device. Ipv6 address autoconfig – enables the router to accept and process Router Advertisements on the interface
  12. FE80::1 is the source IPv6 address of the RA
  13. Notice the link-local address also used EUI-64
  14. Client also learned the default gateway (or default route) from R1’s RA ND FE80::1 is the source IPv6 address of the RA