Configure an IPv6 Interface

The information in this section can help you configure an IPv6 interface to make IPv6 active on the interface and fine-tune IPv6 neighbor discovery to control the frequency of protocol traffic.

By default, IPv6 forwarding is enabled on an interface.

Compared to IPv4/ARP, the IPv6 neighbor discovery mechanism maintains more protocol state, timers, and protocol traffic overhead.

There are two important tunable parameters for IPv6 ND that can control the frequency of protocol traffic:
  • ipv6 interface reachable-time

  • ipv6 interface retransmit-timer

Before you begin

  • Before you can assign an IPv6 address to the interface, you must configure an IPv6 interface for a VLAN or brouter port.

    You must configure a VLAN before you can give the VLAN an interface identifier or an IPv6 address.

    The switch supports port-based and IPv6 protocol-based VLANs.

    For information about how to configure VLANs, see the followings:

Procedure

  1. Enter Interface Configuration mode:

    enable

    configure terminal

    interface GigabitEthernet {slot/port[/sub-port][-slot/port[/sub-port]][,...]} or interface vlan <1–4059>

    Note

    Note

    If the platform supports channelization and the port is channelized, you must also specify the sub-port in the format slot/port/sub-port.

  2. Create IPv6 interface:

    ipv6 interface

  3. Configure optional parameters to meet your requirements:
    1. Enable IPv6 router advertisement on the interface:

      ipv6 nd send-ra

    2. Configure the maximum number of hops before packets drop:

      ipv6 interface hop-limit <1–255>

    3. Configure the link-local address:

      ipv6 interface link—local WORD<0–19>

    4. Configure the mac offset:

      ipv6 interface mac-offset <MAC-offset>

    5. Configure the maximum transmission unit (MTU):

      ipv6 interface mtu <1280–9500>

    6. Configure an interface description:

      ipv6 interface name WORD<0–255>

    7. Configure the time a neighbor is considered reachable after receiving a reachability confirmation:

      ipv6 interface reachable-time <1–3600000>

    8. Configure the time between retransmissions of neighbor solicitation messages to a neighbor when resolving the address or when probing the reachability of a neighbor:

      ipv6 interface retransmit-timer <1-4294967295>

    9. Configure a brouter port as part of an IPv6 VLAN:

      ipv6 interface vlan <1-4059>

    10. Configure the interface to perform IPv6 unicast reverse path forwarding:
      • To enable urpf-mode boot flag, enter:

        boot config flags urpf-mode

      • To configure unicast reverse path forwarding, enter:

        ipv6 rvs-path-chk mode {strict|exist-only}

Example

Note

Note

In contrast to IPv6 interface creation and address assignment in EDM, you use the ipv6 interface CLI command to create an interface and specify a single global address in one step.

Create and administratively enable the interface:

Switch:1>enable
Switch:1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Switch:1(config)#interface gigabitethernet 1/4
Switch:1(config-if)#ipv6 interface enable

Variable Definitions

Use the data in the following table to use the ipv6 interface command.

Variable

Value

hop-limit <1–255>

Configures the maximum hops. The default is 64.

link-local WORD<0–19>

Specifies the 64-bit interface ID used to calculate the actual link-local address as a name up to 19 characters long.

mac-offset <MAC-offset>

Use mac-offset to request a particular MAC for an IPv6 VLAN.

Note:

This parameter applies only to VLANs.

You can specify a MAC offset when you configure IPv6 on a VLAN, or the system can assign a MAC address from within the available range.

Specifies a number by which to offset the MAC address from the chassis MAC address. This ensures that each IP address has a different MAC address. If you omit this variable, a unique MAC offset is automatically generated. Different hardware platforms support different ranges. To see which range is available on the switch, use the CLI command completion Help.

mtu <1280–9500>

Configures the maximum transmission unit for the interface: 1280–1500, 1850, or 9500. This value must be the same for all addresses defined on this interface.

The default is 1500.

Different hardware platforms support different MTU values. To see what values your switch supports, use the CLI command completion help.

name WORD<0–255>

Assigns a descriptive name. The network management system also configures this string.

reachable-time <0–3600000>

Controls how long IPv6 neighbor entries learned on an interface remain in the REACHABLE state (as described in RFC 4861).

The system randomizes the value you configure, per RFC specifications, to be 50%-150% of the configured value.

By default the reachable-time base value is 30 seconds, with an actual 15-45 second range when you consider the randomization factor.

The default is 3000 milliseconds

retransmit-timer <0–4294967295>

Controls the time, in milliseconds, between retransmission of Neighbor Solicitation messages when the system attempts to resolve or reconfirm the reachability of an IPv6 neighbor.

By default, the system sends three Neighbor Solicitation messages with a one second interval between each message. If the system does not receive a corresponding Neighbor Advertisement within an interval equal to 3 X retransmit-timer milliseconds, the system declares the IPv6 neighbor unreachable.

Tip:

You can increase the retransmit-timer to extend the interval that the switch waits until it declares the neighbor unreachable. For example: a retransmit-timer value of 5000 means the switch waits 3 X 5000 milliseconds which equals 15000 milliseconds or 15 seconds.

The default is 1000 milliseconds

vlan <1-4059>

Specifies the VLAN ID in the range of 1 to 4059. By default, VLAN IDs 1 to 4059 are configurable and the system reserves VLAN IDs 4060 to 4094 for internal use. On switches that support the vrf-scaling and spbm-config-mode boot configuration flags, if you enable these flags, the system also reserves VLAN IDs 3500 to 3998. VLAN ID 1 is the default VLAN and you cannot create or delete VLAN ID 1.

This value corresponds to the lower 12 bits of the IEEE 802.1Q VLAN tag.

Use the data in the following table to use the ipv6 rvs-path-chk command.

Variable

Value

mode {strict|exist-only}

Specifies the mode for Unicast Reverse Path Forwarding (uRPF).

In strict mode, uRPF checks whether the source IP address of the incoming packet exists in the FIB. If the incoming interface is not the best reverse path, the packet check fails and uRPF drops the packet.

In exist-only mode, uRPF checks whether the source IP address of the incoming packet exists in the FIB. The packet is dropped only if the source address is not reachable via any interface on that router.

Use the data in the following table to use the interface command.

Variable

Value

<1-4059>

Specifies the VLAN ID in the range of 1 to 4059. By default, VLAN IDs 1 to 4059 are configurable and the system reserves VLAN IDs 4060 to 4094 for internal use. On switches that support the vrf-scaling and spbm-config-mode boot configuration flags, if you enable these flags, the system also reserves VLAN IDs 3500 to 3998. VLAN ID 1 is the default VLAN and you cannot create or delete VLAN ID 1.

{slot/port[/sub-port][-slot/port[/sub-port]][,...]}

Identifies the slot and port in one of the following formats: a single slot and port (slot/port), a range of slots and ports (slot/port-slot/port), or a series of slots and ports (slot/port,slot/port,slot/port). If the platform supports channelization and the port is channelized, you must also specify the sub-port in the format slot/port/sub-port.