IPv6 Summarization Question

Similar Messages

• IPv6 address questions

  I'm having trouble understanding IPv6 addresses. In IPv4 the CIDR slash notation means what subnet the address is in. But a /48 in IPv6 does not mean subnet. I have no idea what it means. For instance I've seen the address 2001:0:1:5::1/64, and I have no idea what the /64 means. Can someone explain it?
  Link local address: it's not enough to put an FE80 to identify this kind of address, but for some reason, they decided to put FFFE in the middle of the ipv6 address. What were they thinking? Why do they need to identify this kind of address TWICE within the address, AND why couldn't they put the FFFE at the end or the beginning, but instead they put it right in the middle? WTF?
  3 types of addresses? What why? with that many bits in an address there's no reason to have 3 of them. Theres enough for everyone.
  Illogical allocation of bits. A global ip address reserves the last 64 bits for the host ip. This is equivalent to 18 quintillion hosts on ONE SUBNET! YEAH RIGHT! There's no way that's even remotely logical, feasible, or practical. The more I look at IPv6 notation, the more I think my 5th grader could have come up with a better design.
  Also, why didn't they adopt the OSI model of addressing, like in ISIS. That has more than enough addresses for everyone.
  Obviously i'm missing the point completely on IPv6. It sounds like the most unthoughtful pile of rubbish ever conceived. So can someone please direct me to a place or explain what the thought process was when creating this new addressing scheme?
  bonus points: what happened to ipv5, and what was ipv1,ipv2,ipv3? I think the inventor should have called it IPv2000, because he really went overboard.

  Hi Richee,
  ISPs generally give ipv6 addresses to companies with /48 prefix length.
  The company receiving this can create its own subnets within the /48 and /64 range.
  The last 64 for bits of the address are generally used to insert the mac-address of the local interface when using stateless auto-configuration, but you can use it for subnetting as well, if you configure your addresses manually.
  For the other questions I think this link could give you more info:
  http://www.cisco.com/en/US/tech/tk872/tsd_technology_support_protocol_home.html
  And one more little addition:
  Nothing is perfect in this universe. Everything can be considered good or bad, it is just a question of viewpoint.
  Try to look at ipv6 from both viewpoints. You will have surprises.
  Cheers:
  Istvan

• IPv6 DNS Questions with DirectAccess

  Hey,
  I'm hoping someone can answer some fundamental questions that I am having around DirectAccess for a customer that I'm working with.  We are putting in Direct Access with a more complicated scenario, but there are some fundamental questions about IPv6
  that I cannot quite get answered.  We have the tunnel established over IPHTTPS, however, I am not able to resolve internal resources.
  We have a red x next to the DNS Monitoring in the Operations Console.  DNS64 is green. 
  1) I know that you don't need IPv6 on our internal servers to use DirectAccess.  However, in this situation they have IPv6 unbound from the NICs on all the servers except for the DA server (and the Windows 7 clients).
  2) Brings me to the DNS question.  Internal DNS servers do not have IPv6 bound to the NIC and they do not register AAAA records in DNS.  Does that pose any issues with the NRPT?
  Thanks for your help!
  Bob

  Hello,
  After talking with Microsoft support here was the actual issue.
  First, the issue around the DNS going red:
  Set-DAClientDnsConfiguration -DnsSuffix '.internal.company.com' -DnsIPAddress @('ipv6 address of the DA server') -Verbose -ComputerName 'DAServer.internal.company.com’
  That fixed that issue, however, we were still having issues with the routing to internal servers. 
  We did the following further troubleshooting with Microsoft,
  We checked if client was able to get to the IPv6 address of the server – failed
  Checked if the client was able to get to the IPHTTPS address of the server – worked
  On the DA server itself, we were unable to ping the IPv6 address of the server      (fd58:c2f1:4a56:5555::1). We tried pinging this IP address using the IPHTTPS address on the DA server and that failed
  as well.
  Since we were unable to get to the IP address on the server itself, we just removed and re-added      the IPv6 address of the server, on the Internal NIC, and we were then able to ping the server’s IPv6
  address.
  But, clients were still unable to connect.
  So we realized that the forwarding must have not been enabled on the NICs.
  We checked for Forwarding being enabled on the IPHTTPS and Internal interface of the DA server
  and found that this was not enabled on the Internal interface.
  Once we enabled this, client machine was then able to connect to internal resources over Direct Access.
  To enable forwarding on the NIC we ran the below command,
  netsh int ipv6 set int <interface_id> forwarding=enabled
  Thanks,
  Bob

• IPv6 - Newb Question (BGP Advertisement)

  Hi Everyone - Quick question on IPv6 subnetting
  If we are allocated a /32 from an RIR (eg 2001:0DB0::/32), and we advertise the /32 to our upstream Inet providers - Assigning
  2001:0DB0:0:10::1/64 to a loop Interface, we *should* be able to reach the Upstream providers IPv6 addresses with a source of the loop interface(As the /64 is within the /32 subnet)?
  Cheers.

  Hi John,
  Correct. You should be able to use that technique to perform initial testing for your ipv6 connectivity. You can use extended ping for instance to specify the loopback interface as the source address.
  Regards

• IPv6 address question

  Good morning everyone,
  I need to find this address:
  fe80::404d:9415:115a:f39c
  It looks like a link local address.  But there is no ffee inserted between the 6th and 10th bits where the mac address would be inserted.  Can I find the mac address from this IP address?
  Thanks
  Shane

  If the address is being seen on a span port, your best bet might be snooping ICMPv6 neighbor solicitation packets with that address as the source.  It's probably a windows-7 box somewhere; other vendors such as Apple or Linux tend to use the EUI-64 mappings on their link-local addresses.   In an Active Directory environment you can use group policy to discourage use of v6 privacy addresses by windows systems.
  Depending on your DNS infrastructure, the dual-stack (presumably) box might be registering 6to4 or other AAAA records.   The 6to4 case is only likely if it's IPv4 address is public, rather than rfc-1918 private.
  For SNMP, I shouldn't have said ports; you want the MIB that lets you query the neighbor discovery table of whatever is doing the vlan routing; be that a switch, firewall, or an actual router.
  An example of a European university doing this sort of monitoring is described at:
    http://www.terena.org/activities/campus-bp/pdf/gn3-na3-t4-cbpd132.pdf
  FYI, if you have dual-stack devices on your network, I presume you are filtering for rogue RA devices and rogue DHCPv6 servers, e.g. on our client switchs we define:
  ip access-list extended v4client
  deny   udp any eq bootps any eq bootpc
  deny   icmp any any redirect
  permit ip any any
  ipv6 access-list v6client
    deny udp any eq 547 any eq 546
    deny icmp any any router-advertisement
    deny icmp any any redirect
    permit ipv6 any any
  and then on the client device interface switchports we filter:
  ip access-group v4client in
  ipv6 traffic-filter v6client in
  This requires v6 allocations in the TCAM of course, e.g.
     sdm prefer dual-ipv4-and-ipv6 default
  -- Jim Leinweber, WI State Lab of Hygiene

• IPv6 ASN question

  Hi Harold,
  We were just issued our IPv6 address block by Arin, and it came with three ASNs. Could you provide any information on why there are three (instead of just one)?  Also, would I use one of those ASNs for my EIGRP routing on the inside or are those only for use with my BGP routing to our ISPs? (in other words, can I use a private ASN for EIGRP on the inside or will that mess things up?) Thanks much!

  EIGRP AS number isn't related to BGP AS number.  As a general rule, to communicate with other ISPs via BGP you need a public AS number given to you by someone like arin.  You can pick whatever AS number you like to use for EIGRP.  Your EIGRP AS number has no bearing whatsoever on your BGP AS number.  They can be the same, or they can be different.
  hth

• IPv4 vs. IPv6 programming question

  I have a machine that I believe is running only IPv6 and here is why, when I try to compile and run this example I found on the internet:
  import java.net.*;
  import java.io.*;
  public class ip
  public static void main ( String[] args ) throws IOException
  String hostname;
  BufferedReader input = new BufferedReader ( new InputStreamReader(System.in) );
  System.out.print("\n");
  System.out.print("Host name: ");
  hostname = input.readLine();
  try
  InetAddress ipaddress = InetAddress.getByName(hostname);
  System.out.println("IP address: " + ipaddress.getHostAddress());
  catch ( UnknownHostException e )
  System.out.println("Could not find IP address for: " + hostname);
  When I run the example and type in liveupdate.symantec.com I get this from the program:
  Host name: liveupdate.symantec.com
  Could not find IP address for: liveupdate.symantec.com
  If I run it like this java –Djava.net.preferIPv4Stack=true ip I get the following results:
  Host name: liveupdate.symantec.com
  IP address: 207.148.159.25
  Can someone here help explain what the system property java.net.preferIPv4Stack=true means? And which way should I change the code so that it will work without having to set this system property?
  Thank you very much for your time

  ... and it's crossposted there. Locking this thread.

• IPv6 config question

  What am I missing? If I leave my network 10.5.5 configuration in it's default (automatic) mode the net interface is configured as
  inet6 fe80::21e:c2ff:fe15:f0f6%en0 prefixlen 64 scopeid 0x4
  My system will not respond to neighbor solicitation from another host. If I configure the IPv6 router, address, and prefix manually then ifconfig shows NO v6 configuration. The only way to get ipv6 to work is apparently to manually ifconfig the interface, in my case using
  ifconfig en0 inet6 alias ipv6-address-goes-here/64
  I'm sure I'm doing something wrong.... but what? If a manual ifconfig is necessary where is the best place to put it so the command will be run whenever the box is rebooted.
  Thanks for any advice.
  // marc

  It turned out to be a server issue.

• Basic IPV6 setup question

  I am experimenting with IPV6 and have three devices in my test network.  They are setup as follows:
  UC520 using BVI:   FD:0:0:1::1/64
  Windows Server1:  FD:0:0:1::5/64
  Windows Server2:  FD:0:0:1::6/64
  I am using the following commands on the Cisco
  ipv6 unicast-routing
  ipv6 cef
  int BVI100
    ipv6 address FD:0:0:1::1/64
    ipv6 enable
  The Windows servers can ping each other, the Cisco can ping itself.  However I can't get pings from either Windows server to the Cisco.  I also tried pinging the Cisco using link-local IP but that doesn't work either.  Seems like I am missing something very basic, or so I hope.
  Any ideas?
  Thanks,

  Here's what that looks like:
  UC520#
  UC520#ping fd:0:0:1::1
  Type escape sequence to abort.
  Sending 5, 100-byte ICMP Echos to FD:0:0:1::1, timeout is 2 seconds:
  Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/4 ms
  UC520#ping fd:0:0:1::5
  Type escape sequence to abort.
  Sending 5, 100-byte ICMP Echos to FD:0:0:1::5, timeout is 2 seconds:
  Success rate is 0 percent (0/5)
  UC520#sho ipv6 nei
  UC520#sho ipv6 int bvi100
  BVI100 is up, line protocol is up
    IPv6 is enabled, link-local address is FE80::21C:58FF:FEE4:52A0
    No Virtual link-local address(es):
    Description: Test LAN
    Global unicast address(es):
      FD:0:0:1::1, subnet is FD:0:0:1::/64
    Joined group address(es):
      FF02::1
      FF02::2
      FF02::1:FF00:1
      FF02::1:FFE4:52A0
    MTU is 1500 bytes
    ICMP error messages limited to one every 100 milliseconds
    ICMP redirects are enabled
    ICMP unreachables are sent
    ND DAD is not supported
    ND reachable time is 30000 milliseconds (using 30000)
    Hosts use stateless autoconfig for addresses.
  UC520#

• IPv6 Support Question

  I'm trying to run a small Android app which requires link-local IPv6 communication over a WiFi link. Unfortunately, my BB Z10 seems to ignore IPv6 settings of the network device.
  I have enabled IPv6 support for the WiFi link, but in the advanced network view I don't see any IPv6 address.
  Trying to use ping with IPv6 results in an error message showing the available command line options of the ping6 utility. Any suggestions how to get this work?
  My OS version is 10.2.1.2141.

  No. Usually the ISP will assign you an IPv6 prefix which you can use in your LAN. You will still need a router. More than ever. Only instead of assigning private IP addresses in your LAN you can assign public IP addresses to your devices, i.e. you don't need NAT anymore.
  Anything else would make networking much more complicated. Just image you have a few dozen random IPv6 assigned directly by your ISP (i.e. a few dozen active internet connections). The ISP must keep track of each IPv6 address. And for your LAN network you must also know what is in your LAN and what not. It could well be the the IPv6 address of your printer today is assigned to somebody else tomorrow..

• Configure IPv6 ACL Extensions for Hop by Hop Filtering

  I have IPv6 ACL questions and concerns.  The following code is an example:
  ipv6  access-list inbound-to-enclave
       remark block IPv6 DO Invalid Options
        deny 60 any any dest-option-type 5
       deny 60 any any dest-option-type 194
       deny 60 any any dest-option-type 195
  I see that dest-option-type became available in IOS release 12.4(2)T.  I can't tell if this option was added to later releases of 12.2.  Also, is it available in all releases of 15.x.
  I am guessing that if a version of the IOS that is used is prior to 12.4(2)T that the default action will be to pass this traffic, correct?  Thank you for any assistance that you can provide.

  Hi Forrest,
  This is correct. By default, this traffic would be allowed.
  Regards

• Firefox hangs -- no fixes work -- even if I uninstall it, it stays open in task manager!

  UPDATE 2: Disregard update 1: The problem's still there: If the computer goes into sleep or hibernate, Firefox hangs when I wake it up and the problem proceeds as described. I think it's something to do with Firefox sync and/or various add-ons. I suppose I should now try the long process of gradually allowing sync permissions and add-ons until I find the particular one(s) that are causing the problem but I'd prefer not to! Any other sugestions?
  UPDATE: This problem now seems to be fixed. I tried a clean install and it seems to be working, so far. The only difference is I'm no longer using AdBlock plus (coincidentally and unrelatedly), so it's possible that's what was causing the problem.
  I'm running the latest vesion of Firefox on Windos 7 (32bit). It always works fine for the first few webpages but then hangs forever. Specifically, it appears to be loading the webpage, but nothing happens, not even the 'failed to load page'.
  If at this point I close Firefox, it gives me the 'Firefox is running but not responding' message. If I try and close Firefox from task manager (which continues to show it using a big chunk of memory -- bigger than when it's actually running!), nothing happens.
  At this point I'd tried all the obvious things: Refreshing Firefox, disabling add ons, etc. (there's no reason this should've been the problem since I use sync to run Firefox on Android and on another Windows 7 computer (64bit)). So I tried to uninstall Firefox, then reinstall it. When I went to run my newly-installed browser... Firefox was STILL running! I tried this again, from scratch, and found that it really was still open according to Task Manager, despite not appearing in the list of installed programs in the Control Panel!
  So to summarise:
  1) Firefox stops working after a while and hangs
  2) It refuses to close even if it isn't actually on the PC anymore
  3) The only way for me to fix this, so far, is to reboot my computer every time Firefox hangs... Which is all the time.

  Anyone with very similar problems, please see my posts above.
  '''Please start your own question using this'''
  *'''[https://support.mozilla.org/en-US/questions/new/desktop/fix-problems?search=Firefox+36.0.1+hangs+on+close+down+%28%2Fquetions%2F1051108%29#summarize-question special link]'''
  Other contributors will recognise it as relating to this thread, and it cuts out a couple of steps.
  Please try to give full troubleshooting information.
  ===Hi berndf,===
  Sorry you are having problems.
  I know this can not be affecting everyone. I have tried Fx36.0.1 on Windows 7 and do not notice any particular problems, although it may possibly sometimes take a few minutes for Firefox to fully close down. I do not think there is a very big surge in this sort of question being seen on the forum.
  If you don't mind please start your own question, that way we get your full details and can try to solve your problem.
  It is probable that there are multiple possible causes of this sort of issue.
  I often try to avoid using Windows. Must admit I am not sure why processes may exist but not allow Task Manager to kill them (Presumbly we are talking ''firefox.exe'' here running under your own user name and not some system process)
  That is straying into a Windows topic, but it is directly relevant. Any Windows expert wish to enlighten me please ?

• Message not being delivered.

  i'm working in my test lab system.
  I have 2008 DC with Exchange 2007, 2010 and now 2013.
  before installing the 2013 message delivery between 2007 and 2010 worked without issues.
  however after installing 2013 message delivery between 2010 to 2007 stopped. 2013 to itself fails. 2007 to 2010 works but not to 2013.
  i'm struggling to find all possible causes and solutions. I can't work out all of the 2013 changes to message tracking yet but the 2010 message tracking shows that the ip address of the servers are ipv6. as of yet I have not configured any ipv6 addresses
  so maybe this is part of the problem or not. i'm trying to deal with the message delivery issue and also look into *how to step-by-step* configure ipv6 too.
  question 1: what do I need to look into the issue of the Exchange message delivery failures. then I will have to look into setup ipv6 properly.

  Hi,
  According to your description,the mail flow issue may be related to the lost AD object "First Administrative Group". Thus,let's firstly try to restore the object by Active Directory Administrative Center. And here is a reference you can refer to:
  http://blogs.technet.com/b/canitpro/archive/2013/04/11/step-by-step-utilizing-active-directory-recycle-bin-to-restore-a-deleted-object.aspx
  Additionally, for the mail flow issue, we can try the basic troubleshooting method to narrow down the cause.
  1. Check if all transport services are working properly and we can try to restart them to have a test.
  2. Check the mailflow with Telnet and confirm the basic error code.
  Thanks,
  Angela Shi
  TechNet Community Support

• EA6900 Update and Two Suggestions for Future Firmware "Nice to Haves"

  Hey, first off, I've been a user of Linksys Routers for many years now, so I am familiar with the different settings and other selections that you generally see on the firmware pages.  As to the EA6900, I am very, very PLEASED with how this router initially set up, along with the different pages in it's firmware.  With the one exception noted below, the pages and the various settings "flow" very well.  This baby is up and kickin and the house is literally dripping in both 2.4 and 5 GHz RF.  The DHCP Reservation and MAC Wireless Filtering Tables worked without a hitch.  The setup for FTP and NAS was simple!  BTW, the setup for FTP shares is far easier than what we had to do using the EA3000 firmware.  Kudos there!  I am using the router associated with a server that is hosting about 25 different wired devices throughout the house, with a Cisco SG-200-08 Smart Switch behind the router for the LAN, which is load balancing on a Teamed (2 NIC'S) 2GB Adapter .  The router grabbed Comcast's Native IPv6 and set that up flawlessly.  Here is the information on how all that went (read from the bottom up): http://www.dslreports.com/forum/r28693387-IPv6-Dumb-Questions-About-My-IPv6-Goat-Roped-Hookup  Information on how the netwrk worked in Teaming  and LAG mode is here: https://supportforums.cisco.com/message/4071888#4071888
  OK:, So, Mr. Linksys Firmware Developer, whoever and wherever you are, I have two suggestions on the user GUI that would make everyone's life a little easier next time the firmware is updated:
  1.  Please make it so numbers, particularly MAC and IPv6 numbers, can be copied and then pasted to another place in the firmware.  For example, in the Information tab of the Device Settings section, I should be able to copy MAC and IP numbers and then be able to paste them, say, in the DHCP Reservation Table. Other Linksys device firmware allowed for this.
  2.  For goodness sakes, PLEASE don't nest the Diagnostics tab under the Troubleshooting group.  It drives me nuts to think that getting the router's status, to ping or traceroute, or to do a firmware backup would be found in "Troubleshooting".  Suggest that all y'all just remove the Diagnostics tab to the far left side of the application and have that item as its own stand-alone group!
  Then I will be most happy.  As if it really matters, BUT I wanted to give all y'all my perspective from a user way down in the day-to-day weeds. A most happy Boy otherwise.
  Crazy Jumpin jack
  Marietta, GA
  Crazy Jumpin Jack (Gregory)

  Hi Crazy Jack, 
  We'll get the Team into your suggestions and commendations. Appreciate the feedback. We hope to see you help out in the Community as well. 
  Regards,
  24JUAN80
  Linksys Support Community Moderator
  The Search Function is your friend.... and Google too.
  How to Secure your Network
  How to Upgrade Routers Firmware
  Setting-Up a Router with DSL Internet Service
  Setting-Up a Router with Cable Internet Service
  How to Hard Reset or 30/30/30 your Router

• Why does firefox crash everytime I use it

  Every time I use firefox regardless of what site Im on, it crashes every single time, I do not understand why. I have automatic updates on my computer that update once a week. I had no problems what so ever until Tuesday July 11th, after my computer updated, now I cannot use firefox for any thing. Can you please help, this is very aggravating?

  EVERYONE <br />
  <u>Please start your own thread if you have a crash.</u>
  # Use this [https://support.mozilla.org/en-US/questions/new/desktop/fix-problems/search?search=Why+does+Firefox+Crash+everytime+I+open+multiple+tabs%3F+%28%2Fquestions%2F968746%29#summarize-question special link] if it is only after multiple tabs are opened. (Look at the related questions some may well have solutions that work for you)
  #* otherwise use this quick and direct [https://support.mozilla.org/en-US/questions/new/desktop/fix-problems/form?search=Crashes+Firefox+24+%28%2Fquestions%2F968746%29&step=aaq-question link]
  #Please try to post from Firefox (Obviously that may not be possible if it crashes on startup)
  # Follow the prompts to provide troubleshooting information whilst you post your question.
  # Include a couple of Crash IDs <br /> You will need to navigate to''about:crashes'' and look for ID s begim=nningwith '''bp-'''<br /> see [[Firefox crashes - Troubleshoot, prevent and get help fixing crashes]]
  # Try Firefox in Firefox's safemode
  #* see [[Troubleshoot Firefox issues using Safe Mode]]
  #* does that help ?
  #* If you crash in safe mode please include the crash IDs from a safemode crash
  #If you have already posted in this thread, or have crashes after a opening multiple tabs you may wish to post back to confirm you have started a thread so others may see your progress.
  ANYONE WITH NORTON SOFTWARE
  Someone has already mentioned Norton in this thread. Please note there is a known issue with some Norton software sometimes implicated in Firefox 24 crashes. Norton themselves are asking for more information.
  * Please see https://community.norton.com/t5/Norton-Toolbar-Norton-Identity/Firefox-24-still-crashes-when-the-NIS-toolbar-is-enabled/td-p/1023987
  * Note Norton forum has Mixed content, you will need to disable Firefox protection when a shield appears in the location bar or you will not see the correct forum navigation. I am sure Norton are aware of this.