MTU option of IPv6 router advertisement ignored

I recently turned up an IPv6 tunnel from Hurricane Electric (http://tunnelbroker.net/) to my home router, which is a Cisco 1921 ISR. The IPv6 tunnel works great, save for one small problem. That being that the MTU of the tunnel is 1480 and the MTU on my Mac is 1500. If I manually set the MTU on my Mac to 1480, everything works as expected. However, part of IPv6 autoconfig is setting the MTU for situations like this where there is a tunnel or the more common PPPoE, both of which require a lower MTU. The router is configured to set this option, and I can see it via tcpdump and radvdump:
[root@strongbad]# tcpdump -i en0 -n -XX icmp6
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on en0, link-type EN10MB (Ethernet), capture size 65535 bytes
11:36:09.218626 IP6 fe80::ca9c:1dff:fed6:17a0 > ff02::1: ICMP6, router advertisement, length 64
    0x0000: 3333 0000 0001 c89c 1dd6 17a0 86dd 6e00 33............n.
    0x0010: 0000 0040 3aff fe80 0000 0000 0000 ca9c ...@:...........
    0x0020: 1dff fed6 17a0 ff02 0000 0000 0000 0000 ................
    0x0030: 0000 0000 0001 8600 1266 4000 0708 0000 .........f@.....
    0x0040: 0000 0000 0000 0101 c89c 1dd6 17a0 0501 ................
    0x0050: 0000 0000 05c8 0304 40c0 0027 8d00 0009 ........@..'....
    0x0060: 3a80 0000 0000 2001 0470 e9ba 0001 0000 :........p......
    0x0070: 0000 0000 0000                           ......
[root@strongbad]# radvdump
# radvd configuration generated by radvdump 1.6
# based on Router Advertisement from fe80::ca9c:1dff:fed6:17a0
# received by interface en0
interface en0
    AdvSendAdvert on;
    # Note: {Min,Max}RtrAdvInterval cannot be obtained with radvdump
    AdvManagedFlag off;
    AdvOtherConfigFlag off;
    AdvReachableTime 0;
    AdvRetransTimer 0;
    AdvCurHopLimit 64;
    AdvDefaultLifetime 1800;
    AdvHomeAgentFlag off;
    AdvDefaultPreference medium;
    AdvSourceLLAddress on;
    AdvLinkMTU 1480;
    prefix 2001:470:e9ba:1::/64
        AdvValidLifetime 2592000;
        AdvPreferredLifetime 604800;
        AdvOnLink on;
        AdvAutonomous on;
        AdvRouterAddr off;
    }; # End of prefix definition
}; # End of interface definition
You can plainly see the MTU is at 1500, when it should be 1480:
[root@strongbad]# ifconfig en0
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    ether 00:16:cb:ab:af:0d
    inet6 fe80::216:cbff:feab:af0d%en0 prefixlen 64 scopeid 0x4
    inet 192.168.1.44 netmask 0xffffff00 broadcast 192.168.1.255
    inet6 2001:470:e9ba:1:216:cbff:feab:af0d prefixlen 64 autoconf
    media: autoselect (1000baseT <full-duplex>)
    status: active
[root@strongbad]# netstat -in
Name Mtu   Network       Address            Ipkts Ierrs    Opkts Oerrs Coll
lo0   16384 <Link#1>                        800471     0   800471     0     0
lo0   16384 ::1/128     ::1                 800471     -   800471     -     -
lo0   16384 fe80::1%lo0 fe80:1::1           800471     -   800471     -     -
lo0   16384 127           127.0.0.1         800471     -   800471     -     -
gif0* 1280 <Link#2>                             0     0        0     0     0
stf0* 1280 <Link#3>                             0     0        0     0     0
en0   1500 <Link#4>    00:16:cb:ab:af:0d 24352460     0 36285322     0     0
en0   1500 fe80::216:c fe80:4::216:cbff: 24352460     - 36285322     -     -
en0   1500 192.168.1     192.168.1.44    24352460     - 36285322     -     -
en0   1500 2001:470:e9 2001:470:e9ba:1:2 24352460     - 36285322     -     -
fw0   2030 <Link#5>    00:1c:b3:ff:fe:9b:6d:d0        0     0        0     0     0
en1   1500 <Link#6>    00:1c:b3:b0:41:f0        0     0        0     0     0
vmnet 1500 <Link#7>    00:50:56:c0:00:01        0     0        0     0     0
vmnet 1500 172.16.130/24 172.16.130.1           0     -        0     -     -
vmnet 1500 <Link#8>    00:50:56:c0:00:08        0     0        0     0     0
vmnet 1500 172.16.123/24 172.16.123.1           0     -        0     -     -
On my Mac in System Preferences > Network > Ethernet > Advanced > Ethernet the "Configure" value is set to "Automatically". I discovered a manual sysctl setting that looked promising, but had no noticeable effect:
[root@strongbad]# sysctl -w net.inet6.ip6.accept_rtadv=1
net.inet6.ip6.accept_rtadv: 0 -> 1
I'm running the latest version of Snow Leopard (10.6.7) on my Mac, and there doesn't appear to be any updates for it. Just for fun, here's the kernel banner:
[root@strongbad]# uname -a
Darwin strongbad.local 10.7.0 Darwin Kernel Version 10.7.0: Sat Jan 29 15:17:16 PST 2011; root:xnu-1504.9.37~1/RELEASE_I386 i386
Any ideas on how to get my Mac to honor the MTU in IPv6 router advertisements and set the MTU automatically?
Thanks in advance,
-Lex

I was wrong. The MTU in IPv6 router advertisements is not ignored by my Mac. In fact, it works great. A few things threw me off here:
1. The IPv6 MTU is not relected in ifconfig and netstat output if it's different than IPv4.
2. The MTU size was wrong. The IPv6 MTU also has to account for ADSL PPPoE overhead the same as any other protocol. PPPoE adds 8 bytes overhead per packet. That means with the 6in4 tunneling overhead of 20 bytes, the true MTU for an IPv6 packet over a 6in4 tunnel over PPPoE is 1472.
3. The firewall was correctly configured to pass ICMPv6, so PMTUD was working. However, this created the illusion that some destinations were working and some were not. I wrongly assumed that mucking with the MTU to and from 1480 was making a difference. In reality, it was PMTUD doing its thing, albeit slowly and on a strict destination by destination basis.
In sum, setting the MTU on the router interface closest to my Mac to 1472, made it all work beautifully. I had to wait for a few route advertisements to pass by, but my Mac did end up doing the right thing.
One last thing worth noting. On a Cisco router, setting the "ipv6 mtu" to something non-default will be reflected in the IPv6 route advertisements it sends out.
Hope this helps,
-Lex

Similar Messages

Support for IPv6 Router Advertisement Option for DNS Configuration RFC 5006

Hi everyone, do you know that whether Cisco routers support “IPv6 Router Advertisement Option for DNS Configuration RFC 5006” currently, is there any roadmap for this support? Thanks for your help!

No, this is not currently supported, and the last I heard, there is no roadmap for this until it becomes a standard (as opposed to being experimental).

[NEW] radvd: Linux IPv6 Router Advertisement Daemon

PKGBUILD:
pkgname=radvd pkgver=0.7.2
pkgrel=1
pkgdesc="Linux IPv6 Router Advertisement Daemon"
url="http://v6web.litech.org/radvd/"
license="GPL"
depends=()
makedepends=()
conflicts=()
replaces=()
backup=()
install=
source=("http://v6web.litech.org/radvd/dist/$pkgname-$pkgver.tar.gz") md5sums=('26ea468b2323e44cf827ae5f84d18dc8')
build() {
cd $startdir/src/$pkgname-$pkgver ./configure --prefix=/usr --sysconfdir=/etc
make || return 1 make prefix=$startdir/pkg/usr install
can some mod edit my post, to make it look better? i can't manage to erase those blanks

I was wrong. The MTU in IPv6 router advertisements is not ignored by my Mac. In fact, it works great. A few things threw me off here:
1. The IPv6 MTU is not relected in ifconfig and netstat output if it's different than IPv4.
2. The MTU size was wrong. The IPv6 MTU also has to account for ADSL PPPoE overhead the same as any other protocol. PPPoE adds 8 bytes overhead per packet. That means with the 6in4 tunneling overhead of 20 bytes, the true MTU for an IPv6 packet over a 6in4 tunnel over PPPoE is 1472.
3. The firewall was correctly configured to pass ICMPv6, so PMTUD was working. However, this created the illusion that some destinations were working and some were not. I wrongly assumed that mucking with the MTU to and from 1480 was making a difference. In reality, it was PMTUD doing its thing, albeit slowly and on a strict destination by destination basis.
In sum, setting the MTU on the router interface closest to my Mac to 1472, made it all work beautifully. I had to wait for a few route advertisements to pass by, but my Mac did end up doing the right thing.
One last thing worth noting. On a Cisco router, setting the "ipv6 mtu" to something non-default will be reflected in the IPv6 route advertisements it sends out.
Hope this helps,
-Lex

Why is my WRT610 sending IPv6 router advertisements?

Set up my new WRT610N over the weekend. Generally working ok, but I'm having trouble with my IPv6 tunnel setup. Started seeing a new prefix show up on my inside boxes, one that is in the IPv6 6to4 range, and appropriate for my external IP address. Do a little digging with a packet sniffer, and it looks like the 610N is sending out Router Advertisements every 10 seconds or so advertising the 6to4 IPv6 prefix and itself as a IPv6 router. Anyone else see this? Is there a way to turn it off?
OK, Bonus points to Linksys for having some v6 support, but it'd be nice if there were some knobs to adjust it or turn it off.
System is running firmware 1.00.00 B18. Here's the text of the packet capture:
Ethernet II, Src: Cisco-Li_62:99:40 (00:22:6b:62:99:40), Dst: IPv6mcast_00:00:00
:01 (33:33:00:00:00:01)
    Destination: IPv6mcast_00:00:00:01 (33:33:00:00:00:01)
        Address: IPv6mcast_00:00:00:01 (33:33:00:00:00:01)
        .... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast)
        .... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
    Source: Cisco-Li_62:99:40 (00:22:6b:62:99:40)
        Address: Cisco-Li_62:99:40 (00:22:6b:62:99:40)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
    Type: IPv6 (0x86dd)
Internet Protocol Version 6
    0110 .... = Version: 6
        [0110 .... = This field makes the filter "ip.version == 6" possible: 6]
    .... 0000 0000 .... .... .... .... .... = Traffic class: 0x00000000
    .... .... .... 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000
    Payload length: 56
    Next header: ICMPv6 (0x3a)
    Hop limit: 255
    Source: fe80::222:6bff:fe62:9940 (fe80::222:6bff:fe62:9940)
    Destination: ff02::1 (ff02::1)
Internet Control Message Protocol v6
    Type: 134 (Router advertisement)
    Code: 0
    Checksum: 0x8226 [correct]
    Cur hop limit: 64
    Flags: 0x58
        0... .... = Not managed
        .1.. .... = Other
        ..0. .... = Not Home Agent
        ...1 1... = Router preference: Low
    Router lifetime: 1800
    Reachable time: 0
    Retrans timer: 0
    ICMPv6 Option (Prefix information)
        Type: Prefix information (3)
        Length: 32
        Prefix length: 64
        Flags: 0xc0
            1... .... = Onlink
            .1.. .... = Auto
            ..0. .... = Not router address
            ...0 .... = Not site prefix
        Valid lifetime: 30
        Preferred lifetime: 20
        Prefix: 2002:62eb:e012::
    ICMPv6 Option (Source link-layer address)
        Type: Source link-layer address (1)
        Length: 8
        Link-layer address: 00:22:6b:62:99:40

I'm seeing the issue on multiple computers and operating systems, all connected to the router. My systems are reacting appropriately to a IPv6 router advertisement by adding an IP address to their ethernet interfaces with the advertised prefix, unfortunately, it's one that doesn't work to reach normal IPv6 addresses.
On my unix based systems (linux, Mac OS X), I've been able to work around the issue by putting in a filter blocking icmp6 from the IPv6 link layer address of the linksys router, but I don't have that option on all my systems.

Problem to disable IPV6 Router Advertisements suppress command

Hello:
I Have a Cisco 877 with IOS:
Cisco IOS Software, C870 Software (C870-ADVIPSERVICESK9-M), Version 12.4(24)T6, RELEASE SOFTWARE (fc2)
I am implementing Hurricane Electric Tunnel Broker, but actually to do this test I have disconnected the Wan Interface , and It only has a Windows 7 host connected to port FastEthernet 0, through vlan1:
FONTENLAS#show ip interface brief Interface                  IP-Address      OK? Method Status                ProtocolATM0                       unassigned      YES NVRAM administratively down down ATM0.1                     unassigned      YES unset administratively down down    Dialer0                    unassigned      YES NVRAM up                    up      FastEthernet0              unassigned      YES unset up                    up      FastEthernet1              unassigned      YES unset up                    down    FastEthernet2              unassigned      YES unset up                    down    FastEthernet3              unassigned      YES unset up                    down    NVI0                       unassigned      YES unset administratively down down    Tunnel0                    unassigned      YES NVRAM up                    down    Vlan1                      172.16.1.1      YES NVRAM up                    up      FONTENLAS#pingFONTENLAS#ping 172.16.1.2Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 172.16.1.2, timeout is 2 seconds:.!!!!Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/4 msFONTENLAS#
I have configured an IPV6 address on Interface Vlan1, but I don't want that the prefix to be distributed through Autoconfiguration, so I have configured on interface Vlan1 the command: nd ra suppress as I show you
FONTENLAS#show run interface vlan 1Building configuration...Current configuration : 187 bytes!interface Vlan1 ip address 172.16.1.1 255.255.255.0 ip nat inside ip virtual-reassembly ip tcp adjust-mss 1412 ipv6 address 2001:470:1F15:EE2::/64 eui-64 ipv6 nd ra suppressendFONTENLAS#
As result, the router doesn't send its periodical Router Advertisements , but when the host is restarted, it sends a Router Solicitation message and the Router answers with Router Advertisement (that is making me crazy, because I understand it musn't send RA messages with suppres command configured)
That's what happens when I restart the connected Host:
FE80::219:AAFF:FEC2:30BC -> Router Link Local Address
FE80::7004:6BEB:4C26:79ED -> Host Link Local Address
FONTENLAS#show ipv6 interface brief ATM0                       [administratively down/down]    unassignedATM0.1                     [administratively down/down]    unassignedDialer0                    [up/up]    unassignedFastEthernet0              [up/up]    unassignedFastEthernet1              [up/down]    unassignedFastEthernet2              [up/down]    unassignedFastEthernet3              [up/down]    unassignedNVI0                       [administratively down/down]    unassignedTunnel0                    [up/down]    FE80::219:AAFF:FEC2:30BC    2001:470:1F14:EE2::2Vlan1                      [up/up]    FE80::219:AAFF:FEC2:30BC    2001:470:1F15:EE2:219:AAFF:FEC2:30BCFONTENLAS#show run interface vlan 1Building configuration...Current configuration : 187 bytes!interface Vlan1 ip address 172.16.1.1 255.255.255.0 ip nat inside ip virtual-reassembly ip tcp adjust-mss 1412 ipv6 address 2001:470:1F15:EE2::/64 eui-64 ipv6 nd ra suppressendFONTENLAS#*Mar 2 11:09:51.945: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to down*Mar 2 11:09:51.945: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down*Mar 2 11:09:51.945: ICMPv6-ND: L3 down on Vlan1*Mar 2 11:09:51.949: IPv6-Address: Address 2001:470:1F15:EE2:219:AAFF:FEC2:30BC/64 is down on Vlan1*Mar 2 11:09:51.949: ICMPv6-ND: Linklocal FE80::219:AAFF:FEC2:30BC on Vlan1, Down*Mar 2 11:09:51.949: IPv6-Address: Address FE80::219:AAFF:FEC2:30BC/10 is down on Vlan1*Mar 2 11:09:52.949: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to down*Mar 2 11:09:54.497: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up*Mar 2 11:09:54.501: ICMPv6-ND: L2 came up on Vlan1*Mar 2 11:09:54.501: IPv6-Addrmgr-ND: DAD request for FE80::219:AAFF:FEC2:30BC on Vlan1*Mar 2 11:09:54.501: ICMPv6-ND: Sending NS for FE80::219:AAFF:FEC2:30BC on Vlan1*Mar 2 11:09:54.505: ICMPv6: Sent N-Solicit, Src=::, Dst=FF02::1:FFC2:30BC*Mar 2 11:09:55.489: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up*Mar 2 11:09:55.501: IPv6-Addrmgr-ND: DAD: FE80::219:AAFF:FEC2:30BC is unique.*Mar 2 11:09:55.501: ICMPv6-ND: Sending NA for FE80::219:AAFF:FEC2:30BC on Vlan1*Mar 2 11:09:55.501: ICMPv6-ND: L3 came up on Vlan1*Mar 2 11:09:55.501: IPv6-Addrmgr-ND: DAD request for 2001:470:1F15:EE2:219:AAFF:FEC2:30BC on Vlan1*Mar 2 11:09:55.501: ICMPv6-ND: Sending NS for 2001:470:1F15:EE2:219:AAFF:FEC2:30BC on Vlan1*Mar 2 11:09:55.501: ICMPv6-ND: Linklocal FE80::219:AAFF:FEC2:30BC on Vlan1, Up*Mar 2 11:09:55.501: ICMPv6: Sent N-Advert, Src=FE80::219:AAFF:FEC2:30BC, Dst=FF02::1*Mar 2 11:09:55.501: ICMPv6: Sent N-Solicit, Src=::, Dst=FF02::1:FFC2:30BC*Mar 2 11:09:55.501: IPv6-Address: Address FE80::219:AAFF:FEC2:30BC/10 is up on Vlan1*Mar 2 11:09:56.490: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up*Mar 2 11:09:56.502: IPv6-Addrmgr-ND: DAD: 2001:470:1F15:EE2:219:AAFF:FEC2:30BC is unique.*Mar 2 11:09:56.502: ICMPv6-ND: Sending NA for 2001:470:1F15:EE2:219:AAFF:FEC2:30BC on Vlan1*Mar 2 11:09:56.502: IPv6-Address: Address 2001:470:1F15:EE2:219:AAFF:FEC2:30BC/64 is up on Vlan1*Mar 2 11:09:56.506: ICMPv6: Sent N-Advert, Src=2001:470:1F15:EE2:219:AAFF:FEC2:30BC, Dst=FF02::1*Mar 2 11:10:22.596: ICMPv6: Received R-Solicit, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::2*Mar 2 11:10:22.596: ICMPv6-ND: Received RS on Vlan1 from FE80::7004:6BEB:4C26:79ED*Mar 2 11:10:22.596: ICMPv6-ND: Sending solicited RA on Vlan1*Mar 2 11:10:22.596: ICMPv6-ND: Sending RA from FE80::219:AAFF:FEC2:30BC to FE80::7004:6BEB:4C26:79ED on Vlan1*Mar 2 11:10:22.600: ICMPv6-ND:     MTU = 1500*Mar 2 11:10:22.600: ICMPv6-ND:     prefix = 2001:470:1F15:EE2::/64 onlink autoconfig*Mar 2 11:10:22.600: ICMPv6-ND:             2592000/604800 (valid/preferred)*Mar 2 11:10:22.600: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:10:22.604: ICMPv6-ND: STALE -> DELAY: FE80::7004:6BEB:4C26:79ED*Mar 2 11:10:22.604: ICMPv6: Sent R-Advert, Src=FE80::219:AAFF:FEC2:30BC, Dst=FE80::7004:6BEB:4C26:79ED*Mar 2 11:10:22.604: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:10:23.096: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:10:25.452: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:10:25.452: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:10:25.456: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:10:25.592: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:10:25.764: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:10:25.768: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:10:26.096: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:10:27.605: ICMPv6-ND: DELAY -> PROBE: FE80::7004:6BEB:4C26:79ED*Mar 2 11:10:27.605: ICMPv6-ND: Sending NS for FE80::7004:6BEB:4C26:79ED on Vlan1*Mar 2 11:10:27.609: ICMPv6: Sent N-Solicit, Src=FE80::219:AAFF:FEC2:30BC, Dst=FE80::7004:6BEB:4C26:79ED*Mar 2 11:10:27.609: ICMPv6: Received N-Advert, Src=FE80::7004:6BEB:4C26:79ED, Dst=FE80::219:AAFF:FEC2:30BC*Mar 2 11:10:27.609: ICMPv6-ND: Received NA for FE80::7004:6BEB:4C26:79ED on Vlan1 from FE80::7004:6BEB:4C26:79ED*Mar 2 11:10:27.609: ICMPv6-ND: PROBE -> REACH: FE80::7004:6BEB:4C26:79ED*Mar 2 11:10:28.753: ICMPv6: Received N-Solicit, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::1:FFC2:30BC*Mar 2 11:10:28.753: ICMPv6-ND: Received NS for FE80::219:AAFF:FEC2:30BC on Vlan1 from FE80::7004:6BEB:4C26:79ED*Mar 2 11:10:28.757: ICMPv6-ND: Sending NA for FE80::219:AAFF:FEC2:30BC on Vlan1*Mar 2 11:10:28.761: ICMPv6: Sent N-Advert, Src=FE80::219:AAFF:FEC2:30BC, Dst=FE80::7004:6BEB:4C26:79ED*Mar 2 11:10:38.219: ICMPv6: Received N-Solicit, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::1:FFC2:30BC*Mar 2 11:10:38.219: ICMPv6-ND: Received NS for FE80::219:AAFF:FEC2:30BC on Vlan1 from FE80::7004:6BEB:4C26:79ED*Mar 2 11:10:38.219: ICMPv6-ND: Sending NA for FE80::219:AAFF:FEC2:30BC on Vlan1*Mar 2 11:10:38.223: ICMPv6: Sent N-Advert, Src=FE80::219:AAFF:FEC2:30BC, Dst=FE80::7004:6BEB:4C26:79ED*Mar 2 11:10:39.619: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:10:40.095: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:11:10.114: ICMPv6-ND: REACH -> STALE: FE80::7004:6BEB:4C26:79EDFONTENLAS#
So the result is that the Host obtains again the prefix through Autoconfiguration from RA router message.
I haved looked for new cli commands on the router to prevent this but I haven't found any other. The more I had got is to configure the commands (specially the first one):
ipv6 nd prefix default no-advertise
ipv6 nd managed-config-flag
so now, the router doesn't send the Prefix on RA messages, but it continues answering to RS Host Messages with its RA message. And I don't want that, because although It doesn't send the prefix with "nd prefix default no-advertise" command, it sends the MTU and the Default Gateway to the router
and I don't want that because later I want to deploy a Windows Server in the same LAN to do that function (Dhcp server, DNS server...)
That's what happens (Router sends again RA)
FONTENLAS#show run interface vlan 1Building configuration...Current configuration : 253 bytes!interface Vlan1 ip address 172.16.1.1 255.255.255.0 ip nat inside ip virtual-reassembly ip tcp adjust-mss 1412 ipv6 address 2001:470:1F15:EE2::/64 eui-64 ipv6 nd prefix default no-advertise ipv6 nd managed-config-flag ipv6 nd ra suppressendFONTENLAS#*Mar 2 11:26:15.067: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to down*Mar 2 11:26:15.067: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down*Mar 2 11:26:15.067: ICMPv6-ND: L3 down on Vlan1*Mar 2 11:26:15.071: IPv6-Address: Address 2001:470:1F15:EE2:219:AAFF:FEC2:30BC/64 is down on Vlan1*Mar 2 11:26:15.071: ICMPv6-ND: Linklocal FE80::219:AAFF:FEC2:30BC on Vlan1, Down*Mar 2 11:26:15.071: IPv6-Address: Address FE80::219:AAFF:FEC2:30BC/10 is down on Vlan1*Mar 2 11:26:16.068: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to down*Mar 2 11:26:17.700: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up*Mar 2 11:26:17.704: ICMPv6-ND: L2 came up on Vlan1*Mar 2 11:26:17.704: IPv6-Addrmgr-ND: DAD request for FE80::219:AAFF:FEC2:30BC on Vlan1*Mar 2 11:26:17.704: ICMPv6-ND: Sending NS for FE80::219:AAFF:FEC2:30BC on Vlan1*Mar 2 11:26:17.708: ICMPv6: Sent N-Solicit, Src=::, Dst=FF02::1:FFC2:30BC*Mar 2 11:26:18.692: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up*Mar 2 11:26:18.704: IPv6-Addrmgr-ND: DAD: FE80::219:AAFF:FEC2:30BC is unique.*Mar 2 11:26:18.704: ICMPv6-ND: Sending NA for FE80::219:AAFF:FEC2:30BC on Vlan1*Mar 2 11:26:18.704: ICMPv6-ND: L3 came up on Vlan1*Mar 2 11:26:18.704: IPv6-Addrmgr-ND: DAD request for 2001:470:1F15:EE2:219:AAFF:FEC2:30BC on Vlan1*Mar 2 11:26:18.704: ICMPv6-ND: Sending NS for 2001:470:1F15:EE2:219:AAFF:FEC2:30BC on Vlan1*Mar 2 11:26:18.704: ICMPv6-ND: Linklocal FE80::219:AAFF:FEC2:30BC on Vlan1, Up*Mar 2 11:26:18.704: ICMPv6: Sent N-Advert, Src=FE80::219:AAFF:FEC2:30BC, Dst=FF02::1*Mar 2 11:26:18.704: ICMPv6: Sent N-Solicit, Src=::, Dst=FF02::1:FFC2:30BC*Mar 2 11:26:18.704: IPv6-Address: Address FE80::219:AAFF:FEC2:30BC/10 is up on Vlan1*Mar 2 11:26:19.692: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up*Mar 2 11:26:19.704: IPv6-Addrmgr-ND: DAD: 2001:470:1F15:EE2:219:AAFF:FEC2:30BC is unique.*Mar 2 11:26:19.704: ICMPv6-ND: Sending NA for 2001:470:1F15:EE2:219:AAFF:FEC2:30BC on Vlan1*Mar 2 11:26:19.704: IPv6-Address: Address 2001:470:1F15:EE2:219:AAFF:FEC2:30BC/64 is up on Vlan1*Mar 2 11:26:19.708: ICMPv6: Sent N-Advert, Src=2001:470:1F15:EE2:219:AAFF:FEC2:30BC, Dst=FF02::1*Mar 2 11:26:44.958: ICMPv6: Received R-Solicit, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::2*Mar 2 11:26:44.958: ICMPv6-ND: Received RS on Vlan1 from FE80::7004:6BEB:4C26:79ED*Mar 2 11:26:44.958: ICMPv6-ND: Sending solicited RA on Vlan1*Mar 2 11:26:44.958: ICMPv6-ND: Sending RA from FE80::219:AAFF:FEC2:30BC to FE80::7004:6BEB:4C26:79ED on Vlan1*Mar 2 11:26:44.962: ICMPv6-ND:     Managed address configuration*Mar 2 11:26:44.962: ICMPv6-ND:     MTU = 1500*Mar 2 11:26:44.962: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:26:44.966: ICMPv6-ND: STALE -> DELAY: FE80::7004:6BEB:4C26:79ED*Mar 2 11:26:44.966: ICMPv6: Sent R-Advert, Src=FE80::219:AAFF:FEC2:30BC, Dst=FE80::7004:6BEB:4C26:79ED*Mar 2 11:26:45.458: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:26:47.879: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:26:47.879: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:26:47.883: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:26:47.955: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:26:48.187: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:26:48.191: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:26:48.459: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:26:49.967: ICMPv6-ND: DELAY -> PROBE: FE80::7004:6BEB:4C26:79ED*Mar 2 11:26:49.967: ICMPv6-ND: Sending NS for FE80::7004:6BEB:4C26:79ED on Vlan1*Mar 2 11:26:49.971: ICMPv6: Sent N-Solicit, Src=FE80::219:AAFF:FEC2:30BC, Dst=FE80::7004:6BEB:4C26:79ED*Mar 2 11:26:49.971: ICMPv6: Received N-Advert, Src=FE80::7004:6BEB:4C26:79ED, Dst=FE80::219:AAFF:FEC2:30BC*Mar 2 11:26:49.971: ICMPv6-ND: Received NA for FE80::7004:6BEB:4C26:79ED on Vlan1 from FE80::7004:6BEB:4C26:79ED*Mar 2 11:26:49.971: ICMPv6-ND: PROBE -> REACH: FE80::7004:6BEB:4C26:79ED*Mar 2 11:26:51.620: ICMPv6: Received N-Solicit, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::1:FFC2:30BC*Mar 2 11:26:51.620: ICMPv6-ND: Received NS for FE80::219:AAFF:FEC2:30BC on Vlan1 from FE80::7004:6BEB:4C26:79ED*Mar 2 11:26:51.624: ICMPv6-ND: Sending NA for FE80::219:AAFF:FEC2:30BC on Vlan1*Mar 2 11:26:51.628: ICMPv6: Sent N-Advert, Src=FE80::219:AAFF:FEC2:30BC, Dst=FE80::7004:6BEB:4C26:79ED*Mar 2 11:27:02.606: ICMPv6: Received N-Solicit, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::1:FFC2:30BC*Mar 2 11:27:02.606: ICMPv6-ND: Received NS for FE80::219:AAFF:FEC2:30BC on Vlan1 from FE80::7004:6BEB:4C26:79ED*Mar 2 11:27:02.606: ICMPv6-ND: Sending NA for FE80::219:AAFF:FEC2:30BC on Vlan1*Mar 2 11:27:02.610: ICMPv6: Sent N-Advert, Src=FE80::219:AAFF:FEC2:30BC, Dst=FE80::7004:6BEB:4C26:79ED*Mar 2 11:27:03.486: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:27:03.954: ICMPv6: Received type 143, Src=FE80::7004:6BEB:4C26:79ED, Dst=FF02::16*Mar 2 11:27:32.477: ICMPv6-ND: REACH -> STALE: FE80::7004:6BEB:4C26:79EDFONTENLAS#
So I would like to know If I making some mistake or some missconfiguration with this?
Maybe I haven't the correct knowless about how Slacc Autoconfiguration should work (Isn't right that with suppress comand configured the router shouldn't send any RA message ?), or maybe it's a problem with this IOS version. I'm gettin crazy with this.
This router has 24 Mb Flash, so If it's a problem with IOS version, I don't know which one to put on it because I think 15.X versions exceed 24Mb
Thanks for reading this large post and for helping
Kind regards
Pablo JC

Hi Harold:
Thanks so much for your answer.
Unfortunately, this Router has 128/24 Dram, but IOS 15.1(3)T3 requires 193/32.
Related to your answer I have found this link
Where it is explained:
CSCth90147
Symptoms: Router will respond to an RS with an RA.
Conditions: The symptom is observed when you configure the ipv6 nd ra suppress command. This command is only intended to suppress periodic mcast RAs. The router will still respond to unicast RS (that is intended behavior).
Workaround: Use an ACL to block the reception of RS packets.
I have read in another web that other possible solution is to use configuren the nd ra lifetime messages as 0.
I have combined several commands in this way:
interface Vlan1
ip address 172.16.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1412
ipv6 address 2001:470:1F15:EE2::/64 eui-64
ipv6 nd prefix default no-advertise
ipv6 nd managed-config-flag
ipv6 nd ra suppress
ipv6 nd ra lifetime 0
end
With:
ipv6 nd ra suppress -> The router won't send periodical RA messages
ipv6 nd prefix default no-advertise -> The router won't publish the prefix in message RA that it send answering host RS
ipv6 nd ra lifetime 0 -> Does this prevent that the rest of the configuration send by RA could stay in hosts
ipv6 nd managed-config-flag
What do you thing about this configuration? I know it's a bit dirtier than using an ACL to block the reception of RS packet, but could it done the same function?
Kind regards
Thanks for reading

IPV6 Router Advertisement issue

Just wondering if anyone else has ran into this. I have a number of Macs at home, but my primary machine is a new MBP Retina. I have a Juniper SRX 210 firewall that is configured as an IPV6 RA and IPV4 DHCP server. I have no issues getting both V4 and V6 addresses. However, with this particular machine, if it sleeps, it usually loses its V6 RA address. I have to go into Prefs, where I still see it most times mind you, and then select a manual address, apply, revert and apply and then it works just fine again. I have my older MBP (1.5 years old) that I cloned, and I don't seem to have the problem on it (or at least I never noticed it when I was using it a lot), but it was also not on Mav most of the time (only upgraded to Mav before I migrated it to the new MBP). This is all using wired ethernet as I work from my home office so it usually is sitting on my desk. Anyway, if anyone has any thoughts or suggestions on this one, I would appreciate it. Thanks.

No, this is not currently supported, and the last I heard, there is no roadmap for this until it becomes a standard (as opposed to being experimental).

Reassigning IPv6 temporary address when it receives router advertisements

Hi everybody.
I've just met a problem with IPv6 connectivity.
*My environment*
I list my environment that I tested as follows.
1. MacBook Pro (A)
OS Version: 10.6.4
Card Type: AirPort Extreme (0x14E4, 0x93)
Firmware Version: Broadcom BCM43xx 1.0 (5.10.131.16.1)
IPv6 temporary address setting: net.inet6.ip6.use_tempaddr=1
2. AP+Router
TimeCapsule
N.B., I experienced same problem under other sets of router and access point (Cisco's ones). So, let me skip to write the detail of this.
3. MacBook Pro (B) (No problem with this Laptop)
OS Version: 10.6.4
Card Type: AirPort Extreme (0x168C, 0x87)
Firmware Version: Atheros 5416: 2.0.19.10
IPv6 temporary address setting: net.inet6.ip6.use_tempaddr=1
N.B., All user data and settings are transferred to MacBook Pro (A). I think the difference between these two MacBooks is about hardwares.
*The problem*
1. Connect the MacBook Pro (A) to AP+Router.
2. Receive IPv6 router advertisement from the router. (router lifetime=1800, valid lifetime=2592000, preferred lifetime=604800)
3. Assign both IPv6 EUI-64 address and temporary address.
4. Receive IPv6 router advertisement from the router again, 70 sec after previous one.
5. Both the EUI-64 and temporary addresses are removed, and then same EUI-64 address and _new_ temporary address are assigned.
The problem here is that MacBook Pro (A) configures _new_ temporary address, or it removes old temporary address. This causes additional issues on TCP connections because TCP sessions become no longer available after the temporary address has changed.
This problem is not experienced my old MacBook Pro (B); i.e., it keeps the temporary address even after receiving router advertisements.
All the data and setting in MacBook Pro (A) are transferred from MacBook Pro (B).
Therefore, I think the problem is due to hardwares.
I prefer to use IPv6 because I'm in a networking group and also prefer to use temporary addresses.
Do you experience same problem or any suggestions to me?
If you need additional environment description, please ask me.
Thank you in advance, and sorry for my poor English.
Message was edited by: scyphus

This bug has been stealthily fixed in the update http://support.apple.com/kb/HT4250 today, though I have received no reply from Apple bug reporter site.

BGP default route advertisement - change preference

hi guys,
I would appreciate some assistance here. We have a primary head office & a DR site. Routers at both sites connect to our carrier for an IP VPN service using BGP. BGP configs on each router advertise a default route 0.0.0.0.
#sh ip bgp neighbors x.x.x.x advertised-routes
BGP table version is 358, local router ID is x.x.x.x
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Originating default network 0.0.0.0
Issue is, some of our remote sites prefer the DR router path for traffic destined to internet.
We are advertising multiple default routes to our carrier, and based on feedback from carrier, route with lowest MED is preferred.
This brings me to what i need to change from my side. Need to change the route preference so that from our remote offices, only the route to head office is preferred with DR site the least preferred route. I know there are multliple ways of doing this, however keen to get input from the experts out there.
DR site router has this BGP config currently applied:
router bgp XXXXX
bgp log-neighbor-changes
redistribute connected
redistribute ospf 1 match internal external 1 external 2
neighbor x.x.x.x remote-as XXXX
neighbor x.x.x.x default-originate
neighbor x.x.x.x soft-reconfiguration inbound
neighbor x.x.x.x route-map IMPORT-POLICY in
neighbor x.x.x.x route-map OPI-route-advertisement out
default-information originate
Removing the "neighbor x.x.x.x default-originate" is not an option, as we need to have the ability to failover to DR at any point.
Thanks in advance & if you need any further info pls advise.
Rama

Hi Milan,
Thanks. Answers below:
Does it provide an MPLS backbone to you? YES
Are you using the same AS number on all your sites or different ones? Same AS
Any way, what about advertising the default route from your DR site with the site AS number prepended several times (5 times, e.g.)? That's the thing I am struggling to understand as the route-map OPI-route-advertisement already has it prepended 2 times. Shouldn't that be enough to influence which route is least preferred?
route-map OPI-route-advertisement permit 20
match ip address prefix-list xxx default-route
set as-path prepend XXXXX XXXXX
If your provider would permit that and hasn't configured his routers to ignore the AS_PATH length (as him a question), it should make the default route advertised from your DR less preferred within your backbone. Will ask.
Given this, any other thoughts/questions?
Thanks, Rama

Ipv6 route preference

Hello all, I have DA server in my network. isatap NIC is advertising ipv6 routes (include default route) for all my computers. Also I have ipv6 router, which provide access to Internet. If I look to route table on client computer, I see two IPv6 default
route with same metric. Because my DA server do not provide access to internet, I'm losing half outbound IPv6 packet to Internet (if you have two routes with same metric, your computer will use round robin for outbound packets).
Can I set preferences parameter for default route advertise on DA server?
PS If I disable advertise default route on isatap, I'll get to error in remote access management console.

It's tricky given that BGP's AD is always going to beat out EIGRP's all other things being equal. Most of the things you can do with BGP route-maps involve making one BGP route preferred over another.
You could inject the preferred path as a static route (AD = 1) to the firewall using an ip sla operation and having the static route track that. Once the ip sla operation fails, the static route is withdrawn and then the BGP-learned route (AD = 20) will take precedence.

Native Ipv6 Routing

Hi All,
I'm one of the few people who have a native IPv6 on his router but i would like to use it on all my devices on the network.
To start with I will write a small topology of my network:
(IPv4 and IPv6 Connected) -- Fritzbox 7340 - (10.0.1.1) ----- (10.0.1.2) (Airport Extreme 2007) (10.0.0.1) ----- (10.0.0.x range for home network)
When i connect my Mac directly to my Fritzbox i will get a IPv6 adres and am on the IPv6 as well as IPv4 internet
But i would like to connect to my airport instaid of directly on my router.
What u tried was : Advanced -> IPv6 -> Mode = Host and Configure ipv6 = Automatic, which was a no joy.
No mac is receiving a ipv6 adres and am not able to see which ipv6 is configured for my airport.
Then i tried Advanced -> IPv6 -> Mode = Host and Configure ipv6 = Manual,
Wan IP = 2001:My:Range::10 (which i made up)
IPV6 Default Route = 2001:My:Range::1 (which is the same as my router but is on "the other side")
Wan ipv6 prefix length = 48 ( because my range is 2001:My:Range::/48)
What am i doing wrong?

I was hoping to get some anwsers before I go buy a switch.
When you write page 183, I assume you're referring to page 173:
What's confusing is that for ipv4, the document has seperate sections for configuring ipv4 in layer 2 and layer 3 modes. Also, the doc clearly states this routing between vlan is supported in layer 3 mode:
Operating in Layer 3 mode, the switch routes traffic between the directly attached
IP subnets configured at the switch. The switch continues to bridge traffic
between devices in the same VLAN. Additional IPv4 routes for routing to non-
directly attached subnets can be configured in the IP Static Routing Page.
But for ipv6, there's only one section for layer and layer 3, and then there's this:
• IPv6 Address—The switch supports one IPv6 interface. In additional to the
default link local and multicast addresses, the device also automatically
adds global addresses to the interface based on the router advertisements
it receives. The device supports a maximum of 128 addresses at the
interface. Each address must be a valid IPv6 address that is specified in
hexadecimal format by using 16-bit values separated by colons.
Also,t here's no explicting mention of routing between the vlans for ipv6.

Can you display routes advertised and/or received in OSPF, similar to BGP command sh ip bgp neighbors x.x.x.x advertised-routes?

TOC-BP-SWa#sh ip bgp neighbors 10.14.0.3 advertised-routes
BGP table version is 1674320, local router ID is 10.14.0.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.14.0.1/32 0.0.0.0 0 32768 i
*> 147.249.37.0/24 172.20.18.1 120 0 2001 65015 65016 64823 7381 64681 i
*> 147.249.38.0/24 172.20.18.1 120 0 2001 65015 65016 64823 7381 64681 i
*> 147.249.46.0/24 172.20.18.1 120 0 2001 65015 65016 64823 7381 12159 12159 i
*> 147.249.196.0/24 172.20.18.1 120 0 2001 65015 65016 64823 64870 65124 i
*> 147.249.237.0/24 172.20.18.1 120 0 2001 65015 65016 64823 7381 64681 i
TOC-BP-SWa#sh ip bgp neighbors 10.14.0.3 received-r
Total number of prefixes 0
TOC-BP-SWa#sh ip bgp neighbors 10.14.0.2 received-r
BGP table version is 1674320, local router ID is 10.14.0.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i10.14.0.2/32 10.14.0.2 0 100 0 i
* i147.249.37.0/24 10.14.0.2 0 120 0 2001 65015 65016 64823 7381 64681 i
* i147.249.38.0/24 10.14.0.2 0 120 0 2001 65015 65016 64823 7381 64681 i
* i147.249.46.0/24 10.14.0.2 0 120 0 2001 65015 65016 64823 7381 12159 12159 i
* i147.249.196.0/24 10.14.0.2 0 120 0 2001 65015 65016 64823 64870 65124 i
* i147.249.237.0/24 10.14.0.2 0 120 0 2001 65015 65016 64823 7381 64681 i
Can this output be duplicated with an OSPF command?

Not really because OSPF does not advertise routes it sends LSAs to it's peers.
So you need to look at the OSPF database ie. -
"sh ip ospf database"
which will show you all the LSAs the router is aware of.
In terms of all the LSAs the router has received it will show all of those but it will also show you LSAs that were generated by the router itself although the advertising router IP will point to that being the case.
In terms of all the LSAs the router advertises again it depends on the area and how that has been configured.
So for example an ABR might well have external LSAs (which aren't tied to any area in the OSPF database) but that doesn't necessarily mean it is advertising them to peers within an area as it could have been configured not to.
So it gives you a good idea but you need to also work out a few things for yourself as well.
Jon

Route advertisement with AS path

Hello
We are running Multi-homed network, to influence the BGP route selection, we are using AS path attribute with route-maps.
Recently, we observed that the routes advertised on TCL network(ISP 1) were not reflected in global routing table.
For example, we have advertised a network (196.X.X.X/24) on TCL BGP peer as best path and also advertised the same network on another BGP peer with AS path pretend of 10times. But, the network is reaching via Bharti BGP (iSP 2 )peer instead of TCL peer.
Can anyone help understand as why it is preferred route is via Bharti
Thanks
Viswa Sai

Network statement in BGP configuration is used to identify which networks are being advertised. BGP process then checks the global routing table, if it sees a prefix in global routing table and with exact match (including subnet mask), only then it will advertise that network to other BGP peers.
Is this network a local network or learned from other routing protocols? If locak, make sure you enter exact mask of the network seen in routing table. If learned from other routing protocols, the better way is to selectively redistribute iGP routes into BGP using prefix-list and route-map.
As far as convergence is concerned, below is explanation:
BGP routers router will not start the BGP Best-Path calculation/selection process until they receives all NLRI from BGP peer. This will be known from UPDATE messages. End of UPDATE messages is usually identified after a KEEPALIVE message is received.
The time taken to learn new best path is directly proportional to number of NLRIs received from peers.
Only when your service provider router selects it's best path, and installs into RIB, it is going to send UPDATE message to your routers. If SP routers use line cards with Cisco distributed forwarding, it is going to populate it's FIB and then send UPDATE message.
It depends on how fast your Bharati BGP peer detects your network unreachable and sends UPDATE messages to it's peers to withdraw your network's NLRI from it's routing table.
There are ways to improve this convergence, but at service provider level. In your network, if you want faster re-convergence, static routes (with higher AD) would be a wonderful solution.
Few other ways would be to use:
Bidirectional forwarding detection (BFD)
fast neighbor failover
BGP next hop tracking
BGP best external path (IOS and vendor specific)
BGP prefix convergence (IOS and vendor specific)
Peace and Health,
Ravindra

Conditional Route Advertisement - VRF Address Family?

I would like to do conditional route advertisement within an IPv4 vrf address family but the "neighbor x advertise-map" command is not available within the vrf address family (at least in the code version I have). It is available in non-vrf address families.
Command/Config reference guides do not show any limitations regarding the command. Before I upgrade code (which may not be possible with my current platform) I wanted to see if anyone is doing this or if there is another way to accomplish the same task.
Thanks
-Ed-

Hi,
are you talking about PE->CE or PE->PE/RR ?

Ipv6 router vs router ... commands

Hi
I was just wondering whats the difference between the commands:
ipv6 router ospf 1 vs router ospfv3 1
it noticed that if you have used either one you cant use the other command even if it is in the same process.ex ipv6 router ospf 1. If i use router ospfv3 1 it will give an error prompt.
Thanks

Hi,
the ipv6 router ospf <pid> command creates a process for IPv6 only.
With the router ospfv3 <pid> command, support for Address Families was introduced (similar to AFs used by BGP, EIGRP and IS-IS), so you can run IPv4 and IPv6 under the same process.
There is an interesting Cisco Live Session where this relatively new feature was presented too: BRKRST-2337 - OSPF Deployment in Modern Networks
Cisco White Paper: OSPFv3 Support for Address Families
HTH
Rolf

Ipv6 routing ASA

Hello, I trying to ping from one interface to other interfae , submask is 116.
ASA# ping ipv6-test XXX:XXXX:1111:1:0:0:0:2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to XXXX:XXXX:1111:1::2, timeout is 2 seconds:
No route to host XXXX:XXX:1111:1::2
Success rate is 0 percent (0/1)
ASA# ping ipv6 XXXX:XXXX:1111:1:0:0:0:1001
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to XXXX:XXXX:1111:1::1001, timeout is 2 seconds:
No route to host XXXX:XXXX:1111:1::1001
Success rate is 0 percent (0/1)
This are my interfaces:
interface GigabitEthernet1/1.18
vlan 18
nameif ipv6-test
security-level 2
ip address 10.175.25.1 255.255.255.0
ipv6 address XXXX:XXXX:1111:1::1001/116
ipv6 address autoconfig
ipv6 enable
ipv6 nd suppress-ra
interface GigabitEthernet1/2
speed 100
duplex full
nameif Ipv6
security-level 1
ip address 10.176.25.1 255.255.255.0
ipv6 address XXX:XXXX:1111:1::2/116
ipv6 enable
ipv6 nd suppress-ra
And this is my IPv6 route table ...
ASA# show ipv6 route
IPv6 Routing Table - 7 entries
Codes: C - Connected, L - Local, S - Static
L   XXXX:XXXX:1111:1::2/128 [0/0]
     via ::, Ipv6
C   XXXX:XXXX:1111:1::/116 [0/0]
     via ::, Ipv6
L   XXXX:XXXX:1111:1::1001/128 [0/0]
     via ::, ipv6-test
C   XXX:XXX:1111:1::1000/116 [0/0]
     via ::, ipv6-test
L   fe80::/10 [0/0]
     via ::, Ipv6
     via ::, ipv6-test
L   ff00::/8 [0/0]
     via ::, Ipv6
     via ::, ipv6-test
S   ::/0 [0/0]
     via XXXX:XXXX:1111:1::1, Ipv6
ACls a set to any any ip.
Any idea, why i can ping between my interfaces?
Thanks

I still have the same problem, but I don´t have the problem between machines, only between ASA interfaces, I think it is a "feature" or something like this, if it isn´t a feature I don´t understant it.
Thanks

MTU option of IPv6 router advertisement ignored

Similar Messages

Maybe you are looking for