Cisco DHCPv6 Server Configuration

In this tutorial we’ll take a look at DHCPv6 so we can automatically assign IPv6 addresses to our hosts. The functionality of DHCPv6 is the same as DHCP for IPv4 but there are some differences. First of all, DHCPv6 supports two different methods:

  • Stateful configuration
  • Stateless configuration (also known as SLAAC…StateLess AutoConfiguration)

The stateful version of DHCPv6 is pretty much the same as for IPv4. Our DHCPv6 server will assign IPv6 addresses to all DHCPv6 clients and it will keep track of the bindings. In short, the DHCPv6 servers knows exactly what IPv6 address has been assigned to what host.

Stateless works a bit different…the DHCPv6 server does not assign IPv6 addresses to the DHCPv6 clients, this is done through autoconfiguration. The DHCPv6 server is only used to assign information that autoconfiguration doesn’t….stuff like a domain-name, multiple DNS servers and all the other options that DHCP has to offer.

The other difference is the number of messages that DHCPv6 uses:

  • Normal: 4 messages called solicit, advertise, request and reply.
  • Rapid: 2 messages, only solicit and reply.

By default it uses normal mode, if you want the rapid mode you have to enable it on both the DHCPv6 server and client.

You might be wondering why there is a normal and rapid mode, so did I…RFC 4039 says that the rapid mode is useful in “high mobility” networks where clients come and go often. The overhead of 4 messages might not be required so 2 messages is enough to do the job. If you have multiple DHCPv6 servers (for redundancy) then you need to use the normal mode (4 messages). Seeing the advantage of both modes might be fun for a tutorial in the future, for now…let’s start with the basics and configure our DHCPv6 server!

DHCPv6 Server Configuration

To demonstrate DHCPv6 I will use the following topology:

DHCPv6 Server Stateful Stateless Example

Our DHCPv6 router has two interfaces, the one connected to R1 will be used for stateful DHCPv6 and the interface connected to R2 will be used for stateless. You can also see the prefixes that I will use.

Before you can do anything with IPv6, make sure that unicast routing is enabled:

DHCPV6(config)#ipv6 unicast-routing

Now we can configure the DHCPv6 pools…

DHCPv6 Stateful Configuration

Let’s configure the stateful pool, it is similar to doing this for IPv4:

DHCPV6(config)#ipv6 dhcp pool STATEFUL
DHCPV6(config-dhcpv6)#address prefix 2001:1111:1111:1111::/64
DHCPV6(config-dhcpv6)#dns-server 2001:4860:4860::8888
DHCPV6(config-dhcpv6)#domain-name NETWORKLESSONS.LOCAL

The pool is called “STATEFUL” and besides the prefix I configured a DNS server (that’s google DNS) and a domain name. To activate this, we have to make some changes to the interface:

DHCPV6(config)#interface FastEthernet 0/0
DHCPV6(config-if)#ipv6 address 2001:1111:1111:1111::1/64
DHCPV6(config-if)#ipv6 dhcp server STATEFUL
DHCPV6(config-if)#ipv6 nd managed-config-flag
DHCPV6(config-if)#ipv6 nd prefix 2001:1111:1111:1111::/64 14400 14400 no-autoconfig

On the interface you have to add the ipv6 dhcp server command and tell it what pool it has to use. The ipv6 nd managed-config-flag sets a flag in the router advertisement that tells the hosts that they could use DHCPv6. The last command that ends with no-autoconfig tells the hosts not to use stateless configuration.

That’s all we have to do on the DHCPv6 server, let’s move on to the stateless configuration.

DHCPv6 Stateless Configuration

First we’ll make a pool:

DHCPV6(config)#ipv6 dhcp pool STATELESS
DHCPV6(config-dhcpv6)#dns-server 2001:4860:4860::8888
DHCPV6(config-dhcpv6)#domain-name NETWORKLESSONS.LOCAL

As you can see I didn’t configure a prefix…I don’t have to since autoconfiguration will be used by the client to fetch the prefix. Let’s enable it on the interface:

DHCPV6(config)#interface FastEthernet 0/1
DHCPV6(config-if)#ipv6 address 2001:2222:2222:2222::2/64
DHCPV6(config-if)#ipv6 dhcp server STATELESS
DHCPV6(config-if)#ipv6 nd other-config-flag

We use the same command to activate the pool on the interface but there is one extra item. The ipv6 nd other-config-flag is required as it will inform clients through RA (Router Advertisement) messages that they have to use DHCPv6 to receive extra information like the domain name and DNS server after they used autoconfiguration.

That’s all we have to do on the server, you can view the DHCPv6 pools like this if you want:

DHCPV6#show ipv6 dhcp pool 
DHCPv6 pool: STATEFUL
  Address allocation prefix: 2001:1111:1111:1111::/64 valid 172800 preferred 86400 (0 in use, 0 conflicts)
  DNS server: 2001:4860:4860::8888
  Domain name: NETWORKLESSONS.LOCAL
  Active clients: 0
DHCPv6 pool: STATELESS
  DNS server: 2001:4860:4860::8888
  Domain name: NETWORKLESSONS.LOCAL
  Active clients: 0

You can see both pools, our stateful pool with the prefix and the stateless pool without. Before I configure the clients, I will enable a debug so we can see some of the messages in realtime:

DHCPV6#debug ipv6 dhcp 
   IPv6 DHCP debugging is on

Let’s configure the clients now…

DHCPv6 Client Configuration

R1 will be the stateful client and R2 is the stateless client, let’s do R1 first…

DHCPv6 Stateful Client Configuration

There are two things that we have to do, first you need to enable IPv6 on the interface and secondly, tell it to get an IPv6 address through DHCP:

R1(config)#interface FastEthernet 0/0
R1(config-if)#ipv6 enable 
R1(config-if)#ipv6 address dhcp 

Let’s see if it has an IPv6 address:

R1#show ipv6 interface brief
FastEthernet0/0            [up/up]
    FE80::21D:A1FF:FE8B:36D0
    2001:1111:1111:1111:255A:E159:32AF:5E42

That’s looking good, you can see that it has an IPv6 address with the 2001:1111:1111:1111::/64 prefix. There’s another nice command that shows us what else we received:

R1#show ipv6 dhcp interface FastEthernet 0/0
FastEthernet0/0 is in client mode
  Prefix State is IDLE
  Address State is OPEN
  Renew for address will be sent in 11:59:10
  List of known servers:
    Reachable via address: FE80::216:C7FF:FEBE:EC8
    DUID: 000300010016C7BE0EC8
    Preference: 0
    Configuration parameters:
      IA NA: IA ID 0x00030001, T1 43200, T2 69120
        Address: 2001:1111:1111:1111:255A:E159:32AF:5E42/128
                preferred lifetime 86400, valid lifetime 172800
                expires at Jul 19 2014 08:30 PM (172750 seconds)
      DNS server: 2001:4860:4860::8888
      Domain name: NETWORKLESSONS.LOCAL
      Information refresh time: 0
  Prefix Rapid-Commit: disabled
  Address Rapid-Commit: disabled

The show ipv6 dhcp interface command shows us what DNS and domain information we received, this is looking good. Meanwhile you can see this on the server:

DHCPV6#
IPv6 DHCP: Received SOLICIT from FE80::21D:A1FF:FE8B:36D0 on FastEthernet0/0
IPv6 DHCP: Using interface pool STATEFUL
IPv6 DHCP: Creating binding for FE80::21D:A1FF:FE8B:36D0 in pool STATEFUL
IPv6 DHCP: Binding for IA_NA 00030001 not found
IPv6 DHCP: Allocating IA_NA 00030001 in binding for FE80::21D:A1FF:FE8B:36D0
IPv6 DHCP: Looking up pool 2001:1111:1111:1111::/64 entry with username '00030001001DA18B36D000030001'
IPv6 DHCP: Poolentry for user not found
IPv6 DHCP: Allocated new address 2001:1111:1111:1111:255A:E159:32AF:5E42
IPv6 DHCP: Allocating address 2001:1111:1111:1111:255A:E159:32AF:5E42 in binding for FE80::21D:A1FF:FE8B:36D0, IAID 00030001
IPv6 DHCP: Updating binding address entry for address 2001:1111:1111:1111:255A:E159:32AF:5E42
IPv6 DHCP: Setting timer on 2001:1111:1111:1111:255A:E159:32AF:5E42 for 60 seconds
IPv6 DHCP: Source Address from SAS FE80::216:C7FF:FEBE:EC8

IPv6 DHCP: Sending ADVERTISE to FE80::21D:A1FF:FE8B:36D0 on FastEthernet0/0
IPv6 DHCP: Received REQUEST from FE80::21D:A1FF:FE8B:36D0 on FastEthernet0/0
IPv6 DHCP: Using interface pool STATEFUL
IPv6 DHCP: Looking up pool 2001:1111:1111:1111::/64 entry with username '00030001001DA18B36D000030001'
IPv6 DHCP: Poolentry for user found
IPv6 DHCP: Found address 2001:1111:1111:1111:255A:E159:32AF:5E42 in binding for FE80::21D:A1FF:FE8B:36D0, IAID 00030001
IPv6 DHCP: Updating binding address entry for address 2001:1111:1111:1111:255A:E159:32AF:5E42
IPv6 DHCP: Setting timer on 2001:1111:1111:1111:255A:E159:32AF:5E42 for 172800 seconds
IPv6 DHCP: Source Address from SAS FE80::216:C7FF:FEBE:EC8
IPv6 DHCP: Sending REPLY to FE80::21D:A1FF:FE8B:36D0 on FastEthernet0/0

Above you can see the 4 messages (solicit, advertise, request and reply) because we are using normal mode. Let’s switch the server and client to rapid mode so you can see the difference:

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 660 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

510 Sign Ups in the last 30 days

satisfaction-guaranteed
100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags: ,


Forum Replies

  1. Hi Rene,

    Nice explanation. Crisp and to the point. I have one question though.
    How would the client identify that the Offer and the Ack message that the server sends? In other words, how would the client understand that it is the intended recipient of those messages from the DHCP server. Say, for instance two new clients are connected to the network at the same time, then there would be two sets of offer and ack messages broadcasted from the server. How would each client pick the right message?

    Cheers,
    Vj

  2. Hi Saranya,
    This topic can be a little bit confusing because there are two different layers that can perform broadcast or unicast - Layer 2 and Layer 3.

    Here is a summary of what happens at each layer for each phase:

    Phase      Layer 3      Layer 2
    Discover   Broadcast    Broadcast
    Offer      Broadcast    Unicast
    Request    Broadcast    Broadcast
    Ack        Broadcast    Unicast
    

    Note:
    Layer 3 broadcast = 255.255.255.255
    Layer 2 broadcast = FFFF.FFFF.FFFF

    You may notice that layer 3 is always broadcast. This is because the whole purpose of DHCP is for the clien

    ... Continue reading in our forum

  3. Dear Rene/Andrew,
    Thank you for this great lesson. Mr Andrew with reference to your reply # 27608 above particularly this point " Additionally, you may notice that all communication from the DHCP server at layer 2 is unicast. The reason for this is because the DHCP server obtained the client’s MAC address when the client sent out its initial Discover message.", I am still confused on where broadcast happens and where unicast happens. From the Wireshark captures above I do not see Unicast happening anywhere. Even for Offer and Ack from the server the dest mac ad

    ... Continue reading in our forum

  4. Hello Samit

    This is an excellent question and it shows that you’re thinking deeply about the subject. It is true that the DHCPOFFER when sent can technically be sent using a unicast MAC address since the MAC address of the host making the request, and thus the destination of the DHCPOFFER frame, is known. However, some operating systems and NIC drivers don’t always use this logic when operating DHCP.

    Some client implementations are unable to receive such unicast frames until the implementation has been configured with a valid IP address. Remember, when we en

    ... Continue reading in our forum

  5. Hello Swapnil

    DHCP can provide a multitude of information to hosts. The most common implementations include IP address, subnet mask, default gateway and DNS server. There are many more elements that DHCP can offer and these are called DHCP options. Some of the most common include NTP servers, log servers, cookie servers, interface MTU, default TCP TTL, NetBIOS name server and IRC chat server to name just a few.

    These options are indicated using an option number. DHCP option numbers can range any where from 0 to 255. Some of these numbers are standard vendo

    ... Continue reading in our forum

35 more replies! Ask a question or join the discussion by visiting our Community Forum