ipv6

Profile Config Commands

Configures IPv6 routing components, such as default gateway, DNS server forwarding, name server, routing standards, etc.

These IPv6 settings are applied to all devices using this profile.

You can also configure IPv6 settings on a device, using the device‘s configuration mode.

Note

Note

The IPv6 settings configured at the profile/device level are global configuration settings and not interface-specific.

Supported in the following platforms:

  • Access Points — AP505i, AP510i/e, AP560i/h
  • Service Platforms — NX5500, NX7500, NX9500, NX9600, VX9000

Syntax

ipv6 [default-gateway|dns-server-forward|hop-limit|mld|name-server|nd-reachable-time|neighbor|ns-interval|ra-convert|route|ula-reject-route|unicast-routing]
ipv6 [default-gateway <IPv6> {vlan <VLAN-ID>}|dns-server-forward|hop-limit <1-255>|name-server <IPv6>|nd-reachable-time <5000-3600000>|ns-interval <1000-3600000>|ula-reject-route|unicast-routing]
ipv6 ra-convert {throttle interval <3-1800> max-RAs <1-256>}
ipv6 mld snooping {forward-unknown-multicast|querier}
ipv6 mld snooping {forward-unknown-multicast}
ipv6 mld snooping {querier} {max-response-time <1-25000>|query-interval <1-18000>|robustness-variable <1-7>|timer expiry <60-300>|version <1-2>}
ipv6 neighbor [<IPv6>|timeout]
ipv6 neighbor <IPv6> <MAC> [<INTF-NAME>|pppoe1|vlan <1-4094>|wwan1] {dhcp-server| router}
ipv6 neighbor timeout <15-86400>
ipv6 route <DEST-IPv6-PREFIX/PREFIX-LENGTH> <IPv6-GATEWAY-ADDRESS> {vlan <VLAN-ID>}

Parameters

ipv6 [default-gateway <IPv6> {vlan <VLAN-ID>}|dns-server-forward|hop-limit <1-255>|name-server <IPv6>|nd-reachable-time <5000-3600000>|ns-interval <1000-3600000>|ula-reject-route|unicast-routing]
ipv6 Configures IPv6 routing components
default-gateway <IPv6> {vlan <VLAN-ID>} Configures IPv6 default gateway‘s address in the ::/0 format
  • vlan <VLAN-ID> – Optional. Specify the VLAN interface‘s ID through which the default gateway is accessible.
dns-server-forward Enables DNS server forwarding. This command enables the forwarding of DNS queries to DNS servers outside of the network. This feature is disabled by default.
hop-limit <1-255> Configures the IPv6 hop count limit
  • <1-255> – Specify a value between 1 - 255. The default is 64.
name-server <IPv6> Configures the IPv6 name server‘s address
  • <IPv6> – Specify the address of the IPv6 name server.
nd-reachable-time <5000-3600000> Configures the time, in milliseconds, that a neighbor is assumed to be reachable after having received neighbor discovery (ND) confirmation for their reachability
  • <5000-3600000> – Specify a value from 5000 - 3600000 milliseconds. The default is 30,000 milliseconds.
ns-interval <1000-3600000> Configures the interval, in milliseconds, between two consecutive retransmitted neighbor solicitation (NS) messages. NS messages are sent by a node to determine the link layer address of a neighbor, or verify a neighbor is still reachable via a cached link-layer address.
  • <1000-3600000> – Specify a value from 1000 - 3600000. The default is 1000 milliseconds.
ula-reject-route Installs a "reject" route for Unique Local Address (ULA) prefixes. This ensures that site-border routers and firewalls do not forward packets with ULA source or destination addresses outside of the site, unless explicitly configured with routing information about specific /48 or longer Local IPv6 prefixes. This option is disabled by default.

The ULA is an IPv6 address used in private networks for local communication within a site (for example a company, campus, or within a set of branch office networks). These site local addresses are IPv6 addresses that fall in the block fc00::/7, defined in RFC 4193.

unicast-routing Enables IPv6 unicast routing. This feature is enabled by default.
ipv6 ra-convert {throttle interval <3-1800> max-RAs <1-256>}
ipv6 Configures IPv6 routing components
ra-convert {throttle interval <3-1800> max-RAs <1-256> Enables conversion of multicast router advertisements (RAs) to unicast RAs at the dot11 layer. This feature is disabled by default.
  • throttle – Optional. Throttles multicast RAs before converting to unicast
    • interval <3-1800> – Throttles multicast RAs for a specified time period. Specify the interval from 3 - 1800 seconds. The default is 3 seconds.
      • max-RAs <1-256> – Specifies the maximum number of RAs per IPv6 router during the specified throttle interval. Specify a value from 1 - 256. The default is 1.
ipv6 mld snooping {forward-unknown-multicast}
ipv6 Configures IPv6 routing components
mld snooping forward-unknown-multicast Enables multicast listener discovery (MLD) protocol snooping. This feature is disabled by default.

When enabled, IPv6 devices (access point, wireless controller, or service platform) can examine MLD messages exchanged between hosts and multicast routers to discern which hosts are receiving multicast group traffic. Based on the information gathered these devices forward multicast traffic only to those interfaces connected to interested receivers instead of flooding traffic to all interfaces. This prevents VLANs from getting flooded with IPv6 multicast traffic.

  • forward-unknown-multicast – Optional. Enables unknown multicast forwarding. This feature is enabled by default.
ipv6 mld snooping {querier} {max-response-time <1-25000>|query-interval <1-18000>|robustness-variable <1-7>|timer expiry <60-300>|version <1-2>}
ipv6 Configures IPv6 routing components
mld snooping querier Enables MLD protocol snooping
  • querier – Optional. Enables the on-board MLD querier. When enabled, IPv6 devices send query messages to discover which network devices are members of a given multicast group.This option is disabled by default.
max-response-time <1-25000> `Configures the MLD querier‘s maximum query response time. This is the time for which the querier waits before sending a responding report. Queriers use MLD reports to join and leave multicast groups and receive group traffic.
  • <1-25000> – Specify a value from 1 - 25000 milliseconds. The default is 10 milliseconds.
query-interval <1-18000> Configures the interval, in seconds, between two consecutive MLD querier‘s queries

The robustness variable is an indication of how susceptible the subnet is to lost packets. MLD can recover from robustness variable minus 1 lost MLD packets.

  • <1-18000> – Specify a value from 1 - 18000 seconds. The default is 60 seconds.
robustness-variable <1-7> Configures the MLD IGMP robustness variable. This value is used by the sender of a query.
  • <1-7> – Select a value from 1 - 7. The default is 2.
timer expiry <60-300> Configures the MLD other querier (any external querier) timeout
  • <60-300> – Specify a value from 60 - 300 seconds. The default is 60 seconds.
version <1-2> Configures the MLD querier‘s version. MLD version 1 is based on IGMP version 2 for IPv4. MLD version 2 is based on IGMP version 3 for IPv4 and is fully backward compatible. IPv6 multicast uses MLD version 2.
  • <1-2> – Select the MLD version from 1 - 2. The default is 2.
ipv6 neighbor <IPv6> <MAC> [<INTF-NAME>|pppoe1|vlan <1-4094>|wwan1] {dhcp-server|router}
ipv6 Configures IPv6 routing components
neighbor Configures static IPv6 neighbor entries
<IPv6> Specify the IPv6 address for which a static neighbor entry is created.
<MAC> Specify the MAC address associated with the specified IPv6 address.
[<INTF-NAME>| pppoe1| vlan <1-4094>| wwan1] Specify the following interface settings:
  • <INTF-NAME> – Selects the layer 3 router interface. Specify the interface name.
  • pppoe1 – Selects the PPP over Ethernet interface
  • vlan <1-4094> – Selects the VLAN interface. Specify the VLAN interface index.
  • wwan1 – Selects the wireless WAN interface
{dhcp-server|router} After specifying interface type, you can optionally specify the device type for this neighbor solicitation.
  • dhcp-server – Optional. States this neighbor entry is for a DHCP server
  • router – Optional. States this neighbor entry is for a router
ipv6 neighbor timeout <15-86400>
neighbor Configures static IPv6 neighbor entries
timeout <15-86400> Configures the timeout, in seconds, for the static neighbor entries
  • <15-86400> – Specify a value from 15 - 86400 seconds. The default is 3600 seconds.
ipv6 route <DEST-IPv6-PREFIX/PREFIX-LENGTH> <IPv6-GATEWAY-ADDRESS> {vlan <VLAN-ID>}
ipv6 Configures IPv6 routing components
route Configures the static routes

These routes are maintained in the IPv6 Forwarding Information Base (FIB).

To view FIB6 routing entries, use the service > show fib6 > <TABLE-ID> command.

<DEST-IPv6-PREFIX/PREFIX-LENGTH> Specify the IPv6 destination prefix (IPV6 network) and the prefix length.
<IPv6-GATEWAY-ADDRESS> Specify the IPv6 gateway‘s address.
vlan <VLAN-ID> Optional. specify the VLAN interface‘s ID (through which the defalut gateway is accessible)

This parameter is needed only if the gateway address is a link local address.

Example

nx9500-6C8809(config-profile-TestRFS4000)#ipv6 default-gateway 2001:10:10:10:10:10:10:2

nx9500-6C8809(config-profile-TestRFS4000)#ipv6 dns-server-forward

nx9500-6C8809(config-profile-TestRFS4000)#ipv6 mld snooping

nx9500-6C8809(config-profile-TestRFS4000)#show context
profile rfs4000 TestRFS6000
 ipv6 mld snooping
 ipv6 dns-server-forward
 ipv6 default-gateway 2001:10:10:10:10:10:10:2
 no autoinstall configuration
 no autoinstall firmware
 crypto ikev1 policy ikev1-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 --More--
nx9500-6C8809(config-profile-TestRFS4000)#

Related Commands

no Disables or reverts IPv6 settings to their default