Cisco DHCPv6 Server Configuration

In this lesson, we’ll look at DHCPv6 so we can automatically assign IPv6 addresses to our hosts. The functionality of DHCPv6 is the same as DHCP for IPv4, but there are some differences. First of all, DHCPv6 supports two different methods:

  • Stateful configuration
  • Stateless configuration (also known as SLAAC…StateLess AutoConfiguration)

The other thing to keep in mind is that there is a difference between IPv4 and IPv6. With IPv4, a DHCP server advertises an address and the subnet mask (and optionally other things like a gateway, domain name, and DNS servers). With IPv6, we don’t do this. There is a separation of responsibilities. The DHCPv6 server can advertise an address and information like a domain name and DNS servers, but it doesn’t advertise anything related to the prefix or routing. That’s the job of the router advertisement. In practice, this means that you’ll see that a client will receive a /128 address. That’s the only thing it learns through DHCPv6. If the client needs to learn a prefix, it has to come from a router’s router advertisement.

The stateful version of DHCPv6 is pretty much the same as for IPv4. Our DHCPv6 server will assign IPv6 addresses to all DHCPv6 clients and keep track of the bindings. In short, the DHCPv6 servers know exactly what IPv6 address has been assigned to what host.

Stateless works a bit differently…the DHCPv6 server does not assign IPv6 addresses to the DHCPv6 clients; this is done through autoconfiguration. The DHCPv6 server is only used to assign information that autoconfiguration doesn’t….stuff like a domain name, multiple DNS servers, and all the other options that DHCP has to offer.

The other difference is the number of messages that DHCPv6 uses:

  • Normal: 4 messages called solicit, advertise, request and reply.
  • Rapid: 2 messages, only solicit and reply.

By default, it uses normal mode. If you want the rapid mode, you have to enable it on both the DHCPv6 server and the client.

You might be wondering why there is a normal and rapid mode.RFC 4039 says that the rapid mode is useful in “high mobility” networks where clients come and go often. The overhead of four messages might not be required, so two messages are enough to do the job. If you have multiple DHCPv6 servers (for redundancy), then you need to use the normal mode (4 messages). Seeing the advantage of both modes might be fun for a lesson in the future. For now…let’s start with the basics and configure our DHCPv6 server!

DHCPv6 Server Configuration

To demonstrate DHCPv6, I will use the following topology:

DHCPv6 Server Stateful Stateless Example

Our DHCPv6 router has two interfaces: the one connected to R1 will be used for stateful DHCPv6, and the interface connected to R2 will be used for stateless. You can also see the prefixes that I will use.

Before you can do anything with IPv6, make sure that unicast routing is enabled:

DHCPV6(config)#ipv6 unicast-routing

Now we can configure the DHCPv6 pools…

DHCPv6 Stateful Configuration

Let’s configure the stateful pool. It is similar to doing this for IPv4:

DHCPV6(config)#ipv6 dhcp pool STATEFUL
DHCPV6(config-dhcpv6)#address prefix 2001:1111:1111:1111::/64
DHCPV6(config-dhcpv6)#dns-server 2001:4860:4860::8888
DHCPV6(config-dhcpv6)#domain-name NETWORKLESSONS.LOCAL

The pool is called “STATEFUL”, and besides the prefix, I configured a DNS server (that’s Google DNS) and a domain name. To activate this, we have to make some changes to the interface:

DHCPV6(config)#interface FastEthernet 0/0
DHCPV6(config-if)#ipv6 address 2001:1111:1111:1111::1/64
DHCPV6(config-if)#ipv6 dhcp server STATEFUL
DHCPV6(config-if)#ipv6 nd managed-config-flag
DHCPV6(config-if)#ipv6 nd prefix 2001:1111:1111:1111::/64 14400 14400 no-autoconfig

On the interface, you have to add the ipv6 dhcp server command and tell it what pool it has to use. The ipv6 nd managed-config-flag sets a flag in the router advertisement that tells the hosts that they could use DHCPv6. The last command that ends with no-autoconfig tells the hosts not to use stateless configuration.

That’s all we have to do on the DHCPv6 server. Let’s move on to the stateless configuration.

DHCPv6 Stateless Configuration

First, we’ll make a pool:

DHCPV6(config)#ipv6 dhcp pool STATELESS
DHCPV6(config-dhcpv6)#dns-server 2001:4860:4860::8888
DHCPV6(config-dhcpv6)#domain-name NETWORKLESSONS.LOCAL

As you can see, I didn’t configure a prefix…I don’t have to since autoconfiguration will be used by the client to fetch the prefix. Let’s enable it on the interface:

DHCPV6(config)#interface FastEthernet 0/1
DHCPV6(config-if)#ipv6 address 2001:2222:2222:2222::2/64
DHCPV6(config-if)#ipv6 dhcp server STATELESS
DHCPV6(config-if)#ipv6 nd other-config-flag

We use the same command to activate the pool on the interface, but there is one extra item. The ipv6 nd other-config-flag is required as it will inform clients through RA (Router Advertisement) messages that they have to use DHCPv6 to receive extra information like the domain name and DNS server after they use autoconfiguration.

That’s all we have to do on the server. You can view the DHCPv6 pools like this if you want:

DHCPV6#show ipv6 dhcp pool 
DHCPv6 pool: STATEFUL
  Address allocation prefix: 2001:1111:1111:1111::/64 valid 172800 preferred 86400 (0 in use, 0 conflicts)
  DNS server: 2001:4860:4860::8888
  Domain name: NETWORKLESSONS.LOCAL
  Active clients: 0
DHCPv6 pool: STATELESS
  DNS server: 2001:4860:4860::8888
  Domain name: NETWORKLESSONS.LOCAL
  Active clients: 0

You can see both pools, our stateful pool with the prefix and the stateless pool without. Before I configure the clients, I will enable a debug so we can see some of the messages in realtime:

DHCPV6#debug ipv6 dhcp 
   IPv6 DHCP debugging is on

Let’s configure the clients now…

DHCPv6 Client Configuration

R1 will be the stateful client, and R2 will be the stateless client. Let’s do R1 first…

DHCPv6 Stateful Client Configuration

There are two things that we have to do: first, you need to enable IPv6 on the interface, and secondly, tell it to get an IPv6 address through DHCP:

R1(config)#interface FastEthernet 0/0
R1(config-if)#ipv6 enable 
R1(config-if)#ipv6 address dhcp 

Let’s see if it has an IPv6 address:

R1#show ipv6 interface brief
FastEthernet0/0            [up/up]
    FE80::21D:A1FF:FE8B:36D0
    2001:1111:1111:1111:255A:E159:32AF:5E42

That’s looking good. You can see that it has an IPv6 address with the 2001:1111:1111:1111::/64 prefix. There’s another nice command that shows us what else we received:

R1#show ipv6 dhcp interface FastEthernet 0/0
FastEthernet0/0 is in client mode
  Prefix State is IDLE
  Address State is OPEN
  Renew for address will be sent in 11:59:10
  List of known servers:
    Reachable via address: FE80::216:C7FF:FEBE:EC8
    DUID: 000300010016C7BE0EC8
    Preference: 0
    Configuration parameters:
      IA NA: IA ID 0x00030001, T1 43200, T2 69120
        Address: 2001:1111:1111:1111:255A:E159:32AF:5E42/128
                preferred lifetime 86400, valid lifetime 172800
                expires at Jul 19 2014 08:30 PM (172750 seconds)
      DNS server: 2001:4860:4860::8888
      Domain name: NETWORKLESSONS.LOCAL
      Information refresh time: 0
  Prefix Rapid-Commit: disabled
  Address Rapid-Commit: disabled

The show ipv6 dhcp interface command shows us what DNS and domain information we received, which looks good. On the DHCP server, you can use this command to see the binding we use for the client:

DHCPv6#show ipv6 dhcp binding
Client: FE80::21D:A1FF:FE8B:36D0
  DUID: 000300010016C7BE0EC8
  Username : unassigned
  VRF : default
  IA NA: IA ID 0x00020001, T1 43200, T2 69120
    Address: 2001:1111:1111:1111:255A:E159:32AF:5E42
            preferred lifetime 86400, valid lifetime 172800
            expires at Aug 19 2023 08:48 AM (172653 seconds)

The debug also shows the following information on the DHCP server:

DHCPV6#
IPv6 DHCP: Received SOLICIT from FE80::21D:A1FF:FE8B:36D0 on FastEthernet0/0
IPv6 DHCP: Using interface pool STATEFUL
IPv6 DHCP: Creating binding for FE80::21D:A1FF:FE8B:36D0 in pool STATEFUL
IPv6 DHCP: Binding for IA_NA 00030001 not found
IPv6 DHCP: Allocating IA_NA 00030001 in binding for FE80::21D:A1FF:FE8B:36D0
IPv6 DHCP: Looking up pool 2001:1111:1111:1111::/64 entry with username '00030001001DA18B36D000030001'
IPv6 DHCP: Poolentry for user not found
IPv6 DHCP: Allocated new address 2001:1111:1111:1111:255A:E159:32AF:5E42
IPv6 DHCP: Allocating address 2001:1111:1111:1111:255A:E159:32AF:5E42 in binding for FE80::21D:A1FF:FE8B:36D0, IAID 00030001
IPv6 DHCP: Updating binding address entry for address 2001:1111:1111:1111:255A:E159:32AF:5E42
IPv6 DHCP: Setting timer on 2001:1111:1111:1111:255A:E159:32AF:5E42 for 60 seconds
IPv6 DHCP: Source Address from SAS FE80::216:C7FF:FEBE:EC8

IPv6 DHCP: Sending ADVERTISE to FE80::21D:A1FF:FE8B:36D0 on FastEthernet0/0
IPv6 DHCP: Received REQUEST from FE80::21D:A1FF:FE8B:36D0 on FastEthernet0/0
IPv6 DHCP: Using interface pool STATEFUL
IPv6 DHCP: Looking up pool 2001:1111:1111:1111::/64 entry with username '00030001001DA18B36D000030001'
IPv6 DHCP: Poolentry for user found
IPv6 DHCP: Found address 2001:1111:1111:1111:255A:E159:32AF:5E42 in binding for FE80::21D:A1FF:FE8B:36D0, IAID 00030001
IPv6 DHCP: Updating binding address entry for address 2001:1111:1111:1111:255A:E159:32AF:5E42
IPv6 DHCP: Setting timer on 2001:1111:1111:1111:255A:E159:32AF:5E42 for 172800 seconds
IPv6 DHCP: Source Address from SAS FE80::216:C7FF:FEBE:EC8
IPv6 DHCP: Sending REPLY to FE80::21D:A1FF:FE8B:36D0 on FastEthernet0/0

Above, you can see the four messages (solicit, advertise, request, and reply) because we are using normal mode. Let’s switch the server and client to rapid mode so you can see the difference:

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You’ve Ever Spent on Your Cisco Career!
  • Full Access to our 799 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

579 Sign Ups in the last 30 days

satisfaction-guaranteed
100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Forum Replies

  1. Nice info, thanx!!

    A couple of questions, for stateful:

    1. why did was the ‘ipv6 nd managed-config-flag’ not added to interface f0/0, so the RA sends the “M” flag for clients to make a DHCPv6 Solicit message request?

    2. why was ‘ipv6 nd prefix 2001:1111:1111:1111::/64 no-autoconfig’ not added to interface f0/0 so the RA does not send an “A” flag to tell clients not to autoconfig an addr (SLAAC off)?

    Thanx…Jeff

  2. Hello RENE,
    Thank you for your nice posts.
    I have some questions about adressing a network in IPv6:
    Is there any rules to address an IPv6 network?
    Can we for example use some small subnets such as /120 or should we always work with /64?
    And if we are using stateful, shoud we use /64?
    Thank you for your help

  3. Thank you Marek. Nice Doc

  4. Hi Jeff,

    I just did some debugging and updated the post.

    By default, Cisco routers only have the A flag enabled…the M flag is disabled and as a result my Windows 7 and Ubuntu client both preferred SLAAC instead of DHCPv6.

    I enabled the M flag and Windows 7 and Ubuntu both prefer DHCPv6 instead of SLAAC then…having the A flag enabled or disabled didn’t matter but it sounds like a good idea to keep it disabled anyway.

    Thanks :slight_smile:

    Rene

84 more replies! Ask a question or join the discussion by visiting our Community Forum