04-Layer 3 Configuration Guide

HomeSupportConfigure & DeployConfiguration GuidesH3C Access Controllers Configuration Guides(E3703P61 R2509P61 R3709P61 R2609P61 R3509P61)-6W10204-Layer 3 Configuration Guide
04-DHCPv6 Configuration
Title Size Download
04-DHCPv6 Configuration 426.85 KB

Contents

DHCPv6 overview· 1

Basic concepts· 1

DHCPv6 address/prefix assignment 2

Rapid assignment involving two messages· 2

Assignment involving four messages· 2

Address/prefix lease renewal 3

Protocols and standards· 3

Configuring the DHCPv6 server 5

Overview·· 5

IPv6 address assignment 5

IPv6 prefix assignment 5

DHCPv6 address pool 6

Address/prefix selection· 6

Configuration prerequisites· 6

DHCPv6 server configuration task list 7

Enabling the DHCPv6 server 7

Configuring IPv6 prefix assignment 7

Configuration guidelines· 7

Configuration procedure· 8

Configuring IPv6 address assignment 8

Configuring non-temporary IPv6 address assignment 9

Configuring temporary IPv6 address assignment 9

Configuring network parameter assignment 10

Configuring parameters in a DHCPv6 address pool 10

Configuring a DHCPv6 option group for parameter assignment 11

Enabling the DHCPv6 server on an interface· 12

Configuring IPv6 prefix assignment for stateless address autoconfiguration· 12

Displaying and maintaining the DHCPv6 server 13

DHCPv6 server configuration examples· 14

IPv6 prefix and configuration parameters assignment configuration example· 14

IPv6 address and configuration parameters assignment configuration example· 16

Static IPv6 address and prefix assignment configuration example· 19

Dynamic IPv6 address and prefix assignment configuration example· 22

Configuring the DHCPv6 relay agent 26

Overview·· 26

Configuration prerequisites· 27

Configuration guidelines· 27

Configuration procedure· 27

Displaying and maintaining the DHCPv6 relay agent 28

DHCPv6 relay agent configuration example· 28

Network requirements· 28

Configuration procedure· 29

Verifying the configuration· 29

Configuring the DHCPv6 client 31

Configuration guidelines· 31

DHCPv6 client configuration task list 31

Configuring address acquisition· 31

Configuring prefix acquisition· 32

Displaying and maintaining the DHCPv6 client 32

DHCPv6 client configuration examples· 32

IPv6 prefix acquisition configuration example· 32

IPv6 address acquisition configuration example· 34

Configuring DHCPv6 snooping· 36

Overview·· 36

Enabling DHCPv6 snooping· 37

Configuring a DHCPv6 snooping trusted port 37

Setting the maximum number of DHCPv6 snooping entries· 38

Displaying and maintaining DHCPv6 snooping· 38

DHCPv6 snooping configuration example· 38

Network requirements· 39

Configuration procedure· 39

Verifying the configuration· 40

 


DHCPv6 overview

The Dynamic Host Configuration Protocol for IPv6 (DHCPv6) provides a framework to assign IPv6 prefixes, IPv6 addresses, and other configuration parameters to hosts.

Support for this feature depends on the device model. For more information, see About the H3C Access Controllers Configuration Guides.

Basic concepts

Multicast addresses used by DHCPv6

DHCPv6 uses the multicast address FF05::1:3 to identify all DHCPv6 servers on the site-local scope, and uses the multicast address FF02::1:2 to identify all DHCPv6 servers and relay agents on the link-local scope.

DUID

A DHCP unique identifier (DUID) uniquely identifies a DHCPv6 device (DHCPv6 client, server, or relay agent). A DHCPv6 device adds its DUID in a sent packet.

The DUID includes many types. The device supports only the DUID based on link-layer address (DUID-LL) defined in RFC 3315.

Figure 1 shows the DUID-LL format, where:

·     DUID typeThe device supports the DUID type of DUID-LL with the value of 0x0003.

·     Hardware typeThe device supports the hardware type of Ethernet with the value of 0x0001.

·     Link layer address—Takes the value of the bridge MAC address of the device.

Figure 1 Format of DUID-LL

 

IA

Identified by an IAID, an Identity Association (IA) provides a construct for managing the obtained addresses, prefixes, and other configuration parameters assigned from a server to a client. A client can have more than one IA assigned to it (for example, one for each of its interfaces) to manage the addresses, prefixes, and other configuration parameters obtained by the interfaces.

IAID

An IAID uniquely identifies an IA. It is chosen by the client and must be unique among the IAIDs on the client.

Binding

The DHCPv6 server uses bindings to record the configuration information assigned to DHCPv6 clients, including the IPv6 address/prefix, client DUID, IAID, valid lifetime, preferred lifetime, and lease expiration time.

PD

The DHCPv6 server creates a Prefix Delegation (PD) for each assigned prefix to record the IPv6 prefix, client DUID, IAID, valid lifetime, preferred lifetime, and lease expiration time.

DHCPv6 address/prefix assignment

A process of DHCPv6 address/prefix assignment involves two or four messages.

Rapid assignment involving two messages

As shown in Figure 2, the rapid assignment involving two messages operates as follows:

1.     The DHCPv6 client sends out a Solicit message that contains a Rapid Commit option, requesting that rapid assignment of address/prefix and other configuration parameters should be preferred.

2.     If the DHCPv6 server supports rapid assignment, it responds with a Reply message containing the assigned IPv6 address/prefix and other configuration parameters. If the DHCPv6 server does not support rapid assignment, Assignment involving four messages is implemented.

Figure 2 Rapid assignment involving two messages

 

Assignment involving four messages

Figure 3 shows the process of IPv6 address/prefix assignment involving four messages.

Figure 3 Assignment involving four messages

 

The assignment involving four messages operates as follows:

1.     The DHCPv6 client sends out a Solicit message, requesting an IPv6 address/prefix and other configuration parameters.

2.     If the Solicit message does not contain a Rapid Commit option, or if the DHCPv6 server does not support rapid assignment even though the Solicit message contains a Rapid Commit option, the DHCPv6 server responds with an Advertise message, informing the DHCPv6 client of the assignable address/prefix and other configuration parameters.

3.     The DHCPv6 client might receive multiple Advertise messages offered by different DHCPv6 servers. It then selects an offer according to the receiving sequence and server priority, and sends a Request message to the selected server for the confirmation of assignment.

4.     The DHCPv6 server sends a Reply message to the client, confirming that the address/prefix and other configuration parameters are assigned to the client.

Address/prefix lease renewal

The IPv6 address/prefix assigned by the DHCPv6 server has a lease time, which depends on the valid lifetime. When the valid lifetime of the IPv6 address/prefix expires, the DHCPv6 client cannot use the IPv6 address/prefix any longer. To continue using the IPv6 address/prefix, the DHCPv6 client has to renew the lease time.

As shown in Figure 4, at T1, the DHCPv6 client sends a Renew message to the DHCPv6 server. The recommended value of T1 is half the preferred lifetime. Then the DHCPv6 server responds with a Reply message, informing the client about whether or not the lease is renewed.

Figure 4 Using the Renew message for address/prefix lease renewal

 

As shown in Figure 5, if the DHCPv6 client receives no response from the DHCPv6 server after sending out a Renew message at T1, it multicasts a Rebind message to all DHCPv6 servers at T2 (that is, when 80% of the preferred lifetime expires). Then the DHCPv6 server responds with a Reply message, informing the client about whether or not the lease is renewed.

If the DHCPv6 client receives no response from the DHCPv6 servers, the client stops using the address/prefix when the valid lifetime expires.

Figure 5 Using the Rebind message for address/prefix lease renewal

 

For more information about the valid lifetime and the preferred lifetime, see "Configuring IPv6 basics."

Protocols and standards

·     RFC 3736, Stateless Dynamic Host Configuration Protocol (DHCP) Service for IPv6

·     RFC 3315, Dynamic Host Configuration Protocol for IPv6 (DHCPv6)

·     RFC 2462, IPv6 Stateless Address Autoconfiguration

·     RFC 3633, IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6

 


Configuring the DHCPv6 server

Overview

A DHCPv6 server can assign IPv6 addresses or IPv6 prefixes to DHCPv6 clients.

IPv6 address assignment

As shown in Figure 6, the DHCPv6 server assigns IPv6 addresses, domain name, DNS server addresses, and other configuration parameters to DHCPv6 clients.

The IPv6 addresses assigned to the clients fall into the following types:

·     Temporary IPv6 addresses—Internally used and frequently changed without lease renewal.

·     Non-temporary IPv6 addresses—Normally used by DHCP clients.

Figure 6 IPv6 address assignment

 

IPv6 prefix assignment

As shown in Figure 7, the DHCPv6 server assigns an IPv6 prefix to the DHCPv6 client. The client advertises the prefix information in an RA message so that hosts on the subnet can automatically configure their IPv6 addresses by using the prefix.

Figure 7 IPv6 prefix assignment

 

DHCPv6 address pool

The DHCP server selects IPv6 addresses, IPv6 prefixes, DNS server addresses, and other parameters from an address pool and assigns them to the DHCP clients.

Address allocation mechanisms

DHCPv6 supports the following address allocation mechanisms:

·     Static address allocation—To implement static address allocation for a client, create a DHCPv6 address pool, and manually bind the DUID and IAID of the client to an IPv6 address in the DHCPv6 address pool. When the client requests an IPv6 address, the DHCPv6 server assigns the IPv6 address in the static binding to the client.

·     Dynamic address allocation—To implement dynamic address allocation for clients, create a DHCPv6 address pool, specify a subnet for the pool, and divide the subnet into temporary and non-temporary IPv6 address ranges. Upon receiving a DHCP request, the DHCPv6 server selects an IPv6 address from the temporary or non-temporary IPv6 address range based on the address type specified in the client request.

Prefix allocation mechanisms

DHCPv6 supports the following prefix allocation mechanisms:

·     Static prefix allocationTo implement static prefix allocation for a client, create a DHCPv6 address pool, and manually bind the DUID and IAID of the client to an IPv6 prefix in the DHCPv6 address pool. When the client requests an IPv6 prefix, the DHCPv6 server assigns the IPv6 prefix in the static binding to the client.

·     Dynamic prefix allocation—To implement dynamic prefix allocation for clients, create a DHCPv6 address pool and a prefix pool, specify a subnet for the address pool, and apply the prefix pool to the address pool. Upon receiving a DHCP request, the DHCPv6 server dynamically selects an IPv6 prefix from the prefix pool in the address pool.

Address/prefix selection

The DHCPv6 server observes the following principles to select an IPv6 address or prefix for a client:

1.     If there is an address pool where an IPv6 address or prefix is statically bound to the DUID or IAID of the client, the DHCPv6 server selects this address pool and assigns the statically bound IPv6 address or prefix and other configuration parameters to the client.

2.     If the receiving interface has an address pool, the DHCP server selects an IPv6 address or prefix and other configuration parameters from this address pool.

3.     If there is no static address pool and the receiving interface has no address pool, the DHCPv6 server selects an address pool in the following way:

¡     If the client and the server reside on the same subnet, the DHCP server matches the IPv6 address of the receiving interface against the subnets of all address pools, and selects the address pool with the longest-matching subnet.

¡     If the client and the server reside on different subnets (a DHCPv6 relay agent is in-between), the DHCPv6 server matches the IPv6 address of the DHCPv6 relay agent interface closest to the client against the subnets of all address pools, and selects the address pool with the longest-matching subnet.

Configuration prerequisites

Before you configure the DHCPv6 server, enable IPv6 by using the ipv6 command. For more information about the ipv6 command, see Layer 3—IP Services Command Reference.

DHCPv6 server configuration task list

 

Enabling the DHCPv6 server

Step

Command

Remarks

1.     Enter system view.

system-view

N/A

2.     Enable the DHCPv6 server function.

ipv6 dhcp server enable

Disabled by default.

 

Configuring IPv6 prefix assignment

Use one of the following methods to configure IPv6 prefix assignment:

·     Configure a static IPv6 prefix binding in an address pool—If you bind a DUID and an IAID to an IPv6 prefix, the DUID and IAID in a request must match those in the binding before the DHCPv6 server can assign the IPv6 prefix to the DHCPv6 client. If you only bind a DUID to an IPv6 prefix, the DUID in the request must match the DUID in the binding before the DHCPv6 server can assign the IPv6 prefix to the DHCPv6 client.

·     Apply a prefix pool to an address pool—The DHCPv6 server dynamically assigns an IPv6 prefix from the address pool to a DHCPv6 client.

Configuration guidelines

·     To configure multiple static IPv6 prefix bindings, use the static-bind prefix command multiple times.

·     An IPv6 prefix can be bound to only one DHCPv6 client. You cannot use the static-bind prefix command to modify the DUID, IAID, preferred lifetime, and valid lifetime of an existing static IPv6 prefix binding. To do so, you must remove the static IPv6 prefix binding first.

·     Only one prefix pool can be applied to an address pool.

·     An non-existing prefix pool can be applied to an address pool, but no prefix can be assigned from the prefix pool until the prefix pool is created.

·     You cannot use the prefix-pool command to modify an applied prefix pool, and its preferred lifetime and valid lifetime. To do so, you must remove the application of the prefix pool first.

Configuration procedure

To configure IPv6 prefix assignment:

 

Step

Command

Remarks

1.     Enter system view.

system-view

N/A

2.     Create a prefix pool.

ipv6 dhcp prefix-pool prefix-pool-number prefix { prefix/prefix-len | prefix-number } assign-len assign-len

This step is required for dynamic prefix assignment.

By default, no prefix pool is configured.

A non-existing IPv6 prefix can be specified, but the prefix pool takes effect only after the IPv6 prefix is created.

For information about IPv6 prefix configuration, see "Configuring IPv6 basics."

3.     Create a DHCPv6 address pool and enter its view.

ipv6 dhcp pool pool-number

By default, no DHCPv6 address pool is configured.

4.     Specify an IPv6 subnet for dynamic address assignment.

network { network-address/prefix-length | prefix prefix-number [ sub-prefix/sub-prefix-length ] } [ preferred-lifetime preferred-lifetime valid-lifetime valid-lifetime ]

This step is optional if you want to apply an address pool to the DHCPv6 server when enabling the DHCPv6 server on the interface.

By default, no IPv6 subnet is configured for dynamic address assignment.

5.     Configure static or dynamic prefix assignment.

·     Configure a static prefix binding:
static-bind prefix
prefix/prefix-len duid duid [ iaid iaid ] [ preferred-lifetime preferred-lifetime valid-lifetime valid-lifetime ]

·     Apply the prefix pool to the address pool:
prefix-pool
prefix-pool-number [ preferred-lifetime preferred-lifetime valid-lifetime valid-lifetime ]

Use at least one command.

By default, no static or dynamic prefix assignment is configured for an address pool.

 

Configuring IPv6 address assignment

Use one of the following methods to configure IPv6 address assignment:

·     Configure a static IPv6 address binding in an address pool

If you bind a DUID and an IAID to an IPv6 address, the DUID and IAID in a request must match those in the binding before the DHCPv6 server can assign the IPv6 address to the requesting DHCPv6 client. If you only bind a DUID to an IPv6 address, the DUID in a request must match the DUID in the binding before the DHCPv6 server can assign the IPv6 address to the requesting client.

·     Specify a subnet and address ranges in an address pool

¡     Non-temporary address assignment—The server selects addresses from the non-temporary address range specified by the address range command. If no non-temporary address range is specified, the server selects addresses on the subnet specified by the network command.

¡     Temporary address assignment—The server selects addresses from the temporary address range specified by the temporary address range command. If no temporary address range is specified in the address pool, the DHCPv6 server cannot assign temporary addresses to clients.

Configuring non-temporary IPv6 address assignment

Follow these guidelines when you configure non-temporary IPv6 address assignment:

·     To configure multiple static IPv6 address bindings, use the static-bind address command multiple times.

·     An IPv6 address can be bound to only one DHCPv6 client. You cannot use the static-bind address command to modify the DUID, IAID, preferred lifetime and valid lifetime of a static IPv6 address binding. To do so, you must remove the static binding first.

·     You cannot use the network command to configure the same subnet in different address pools.

·     In the same address pool, the temporary address range and address range cannot overlap.

To configure non-temporary IPv6 address assignment:

 

Step

Command

Description

1.     Enter system view.

system-view

N/A

2.     Create a DHCPv6 address pool and enter its view.

ipv6 dhcp pool pool-number

By default, no DHCPv6 address pool exists.

3.     Create a static binding.

static-bind address ipv6-address/addr-prefix-length duid duid [ iaid iaid ] [ preferred-lifetime preferred-lifetime valid-lifetime valid-lifetime ]

Use at least one step.

By default, no static binding or dynamic address allocation is configured.

4.     Configure dynamic address allocation.

·     Specify an IPv6 subnet for dynamic assignment:
network { network-address/prefix-length | prefix prefix-number [ sub-prefix/sub-prefix-length ] } [ preferred-lifetime preferred-lifetime valid-lifetime valid-lifetime ]

·     Specify a non-temporary IPv6 address range (optional):
address range start-ipv6-address end-ipv6-address [ preferred-lifetime preferred-lifetime valid-lifetime valid-lifetime ]

 

Configuring temporary IPv6 address assignment

Step

Command

Description

1.     Enter system view.

system-view

N/A

2.     Create a DHCPv6 address pool and enter its view.

ipv6 dhcp pool pool-number

By default, no DHCPv6 address pool exists.

3.     Specify an IPv6 subnet for dynamic assignment.

network { network-address/prefix-length | prefix prefix-number [ sub-prefix/sub-prefix-length ] } [ preferred-lifetime preferred-lifetime valid-lifetime valid-lifetime ]

By default, no IPv6 subnet is configured for dynamic address assignment.

4.     Specify a temporary IPv6 address range.

temporary address range start-ipv6-address end-ipv6-address [ preferred-lifetime preferred-lifetime valid-lifetime valid-lifetime ]

By default, no temporary address range is specified.

In the same address pool, the temporary address range and address range cannot overlap.

 

Configuring network parameter assignment

In addition to IPv6 prefixes and IPv6 addresses, you can configure other configuration parameters in a DHCPv6 address pool, such as DNS server address, client domain name, SIP server address and domain name, self-defined options, and AFTR address.

Use one of the following methods to configure network parameter assignment:

·     Configure configuration parameters in the DHCPv6 address pool.

·     Create a DHCPv6 option group, configure configuration parameters in the group, and apply the option group to the DHCPv6 address pool.

Configuration parameters in the address pool take precedence over these in the DHCPv6 option group.

You can configure up to eight DNS server addresses, one domain name suffix, eight SIP server addresses, and eight SIP server domain names in an address pool or a DHCPv6 option group.

Configuring parameters in a DHCPv6 address pool

Step

Command

Remarks

1.     Enter system view.

system-view

N/A

2.     Create a DHCPv6 address pool and enter its view.

ipv6 dhcp pool pool-number

By default, no DHCPv6 address pool exists.

3.     Specify an IPv6 subnet for dynamic assignment.

network { network-address/prefix-length | prefix prefix-number [ sub-prefix/sub-prefix-length ] } [ preferred-lifetime preferred-lifetime valid-lifetime valid-lifetime ]

This step is optional if you apply an address pool when enabling the DHCPv6 server on the interface.

By default, no IPv6 subnet is specified for dynamic address assignment.

4.     Specify a DNS server address.

dns-server ipv6-address

Optional.

By default, no DNS server address is specified.

5.     Specify a domain name suffix.

domain-name domain-name

Optional.

By default, no domain name suffix is specified.

6.     Specify the IPv6 address or domain name of a SIP server.

sip-server { address ipv6-address | domain-name domain-name }

Optional.

By default, no SIP server address or domain name is specified.

7.     Specify the AFTR address.

ds-lite address ipv6-address

Optional.

By default, no AFTR address is specified.

8.     Specify the self-defined DHCPv6 option.

option code hex hex-string

Optional.

By default, no self-defined DHCPv6 option is configured.

 

Configuring a DHCPv6 option group for parameter assignment

A DHCPv6 option group can be static or dynamic.

·     A static DHCPv6 option group is manually created by the ipv6 dhcp option-group command.

·     A dynamic DHCPv6 option group is dynamically created when the DHCPv6 client obtains an IP address, prefix, and configuration parameters from the server. For information about dynamic DHCPv6 option group configuration, see "Configuring the DHCPv6 client."

To configure a DHCPv6 option group for parameter assignment:

 

Step

Command

Remarks

1.     Enter system view.

system-view

N/A

2.     Create a static DHCPv6 option group and enter its view.

ipv6 dhcp option-group option-group-number

By default, no static DHCPv6 option group exists.

3.     Configure a DNS server address.

dns-server ipv6-address

Optional.

By default, no DNS server address is configured.

4.     Configure a domain name suffix.

domain-name domain-name

Optional.

By default, no domain name suffix is configured.

5.     Configure the IPv6 address or domain name of a SIP server.

sip-server { address ipv6-address | domain-name domain-name }

Optional.

By default, no SIP server address or domain name is specified.

6.     Specify the AFTR address.

ds-lite address ipv6-address

Optional.

By default, no AFTR address is specified.

7.     Specify the self-defined DHCPv6 option.

option code hex hex-string

Optional.

By default, no self-defined DHCPv6 option is configured.

8.     Exit to system view.

quit

N/A

9.     Create a DHCPv6 address pool and enter its view.

ipv6 dhcp pool pool-number

By default, no DHCPv6 address pool exists.

10.     Specify an IPv6 subnet for dynamic assignment.

network { network-address/prefix-length | prefix prefix-number [ sub-prefix/sub-prefix-length ] } [ preferred-lifetime preferred-lifetime valid-lifetime valid-lifetime ]

This step is optional if you apply an address pool when enabling the DHCPv6 server on the interface.

By default, no IPv6 subnet is configured for dynamic address assignment.

11.     Apply the option group to the address pool.

option-group option-group-number

By default, no option group is applied to the address pool.

 

Enabling the DHCPv6 server on an interface

Follow these guidelines when you enable the DHCPv6 server on an interface:

·     An interface cannot serve as a DHCPv6 server and DHCPv6 relay agent at the same time.

·     Do not enable DHCPv6 server and DHCPv6 client on the same interface.

·     Only one address pool can be applied to an interface.

·     A non-existing address pool can be applied to an interface, but the server cannot assign any prefix, address, or other configuration information from the address pool until the address pool is created.

·     When implementing static address/prefix allocation, the DHCPv6 server searches all address pools instead of the address pool applied to the interface.

·     If you use the ipv6 dhcp server command multiple times, the most recent configuration takes effect.

To enable the DHCPv6 server on an interface:

 

Step

Command

Remarks

1.     Enter system view.

system-view

N/A

2.     Enter interface view.

interface interface-type interface-number

N/A

3.     Enable the DHCPv6 server on the interface.

ipv6 dhcp server [ allow-hint | apply pool pool-number | preference preference-value | rapid-commit ] *

Disabled by default.

 

Configuring IPv6 prefix assignment for stateless address autoconfiguration

Perform this task to configure the DHCPv6 server to assign IPv6 prefixes to DHCPv6 clients for stateless address autoconfiguration. When receiving an RS message from a client, the DHCPv6 server sends back an IPv6 prefix in an RA message to the client for stateless address autoconfiguration.

To configure IPv6 prefix assignment for stateless address autoconfiguration:

 

Step

Command

Remarks

1.     Enter system view.

system-view

N/A

2.     Enter interface view.

interface interface-type interface-number

N/A

3.     Configure the DHCPv6 server to assign IPv6 prefixes to clients for stateless address autoconfiguration.

ipv6 nd ra separate-delegation dhcp-pool prefix-pool-number

Disabled by default.

 

Displaying and maintaining the DHCPv6 server

Task

Command

Remarks

Display the DUID of the local device.

display ipv6 dhcp duid [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display information about DHCPv6 option groups.

display ipv6 dhcp option-group [ option-group-number ] [ | { begin | exclude | include } regular-expression ]

Available in user view.

Display DHCPv6 address pool information.

display ipv6 dhcp pool [ pool-number ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display prefix pool information.

display ipv6 dhcp prefix-pool [ prefix-pool-number ] ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display DHCPv6 server information on an interface.

display ipv6 dhcp server [ interface interface-type interface-number ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display information about IPv6 address conflicts.

display ipv6 dhcp server conflict [ address ipv6-address | pool pool-number ] ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display information about expired IPv6 addresses.

display ipv6 dhcp server expired [ address ipv6-address | pool pool-number ] ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display information about IPv6 address bindings.

display ipv6 dhcp server ip-in-use [ address ipv6-address | pool pool-number ] ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display information about IPv6 prefix bindings.

display ipv6 dhcp server pd-in-use [ pool pool-number | prefix prefix/prefix-len | prefix-pool prefix-pool-number ] ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display packet statistics on the DHCPv6 server.

display ipv6 dhcp server statistics [ | { begin | exclude | include } regular-expression ]

Available in any view.

Clear information about IPv6 address conflicts.

reset ipv6 dhcp server conflict [ address ipv6-address | pool pool-number ] ]

Available in user view.

Clear binding information about lease-expired IPv6 addresses.

reset ipv6 dhcp server expired [ address ipv6-address | pool pool-number ] ]

Available in user view.

Clear information about IPv6 address bindings.

reset ipv6 dhcp server ip-in-use [ address ipv6-address | pool pool-number ] ]

Available in user view.

Clear information about IPv6 prefix bindings.

reset ipv6 dhcp server pd-in-use [ pool pool-number | prefix prefix/prefix-len | prefix-pool prefix-pool-number ] ]

Available in user view.

Clear packets statistics on the DHCPv6 server.

reset ipv6 dhcp server statistics

Available in user view.

 

DHCPv6 server configuration examples

IPv6 prefix and configuration parameters assignment configuration example

Network requirements

As shown in Figure 8, AC serves as a DHCPv6 server, and assigns the IPv6 prefix, DNS server address, domain name suffix, SIP server address, and SIP server domain name to the DHCPv6 clients. The IPv6 address of AC is 1::1/64.

AC assigns prefix 2001:0410:0201::/48 to the client whose DUID is 00030001CA0006A40000, and assigns prefixes ranging from 2001:0410::/48 to 2001:0410:FFFF::/48 (excluding 2001:0410:0201::/48) to other clients. The DNS server address is 2::2:3. The domain name suffix is aaa.com. The SIP server address is 2:2::4, and the domain name of the SIP server is bbb.com.

Configuration considerations

To configure the DHCPv6 server:

·     Enable IPv6 and DHCPv6 server.

·     Create a prefix pool containing prefix 2001:0410::/32 with the length of the assigned prefix being 48, so that the server assigns clients the prefixes ranging from 2001:0410::/48 to 2001:0410:FFFF::/48.

·     Create an address pool. Configure a static prefix in the address pool and have the prefix pool referenced by the address pool. Configure other configuration parameters.

·     Enable the DHCPv6 server on the interface that connects to the clients and apply the address pool to the interface.

Figure 8 Network diagram

 

Configuration procedure

# Configure basic functions of the AC. For more information, see WLAN Configuration Guide. (Details not shown.)

# Enable IPv6 and DHCPv6 server.

<AC> system-view

[AC] ipv6

[AC] ipv6 dhcp server enable

# Configure the IPv6 address of VLAN-interface 2.

[AC] interface vlan-interface 2

[AC-Vlan-interface2] ipv6 address 1::1/64

[AC-Vlan-interface2] quit

# Create and configure prefix pool 1.

[AC] ipv6 dhcp prefix-pool 1 prefix 2001:0410::/32 assign-len 48

# Create address pool 1.

[AC] ipv6 dhcp pool 1

# Apply prefix pool 1 to address pool 1, and set the preferred lifetime to one day, the valid lifetime to three days.

[AC-dhcp6-pool-1] prefix-pool 1 preferred-lifetime 86400 valid-lifetime 259200

# In address pool 1, bind prefix 2001:0410:0201::/48 to DUID 00030001CA0006A40000. Set the preferred lifetime to one day and the valid lifetime to three days.

[AC-dhcp6-pool-1] static-bind prefix 2001:0410:0201::/48 duid 00030001CA0006A40000 preferred-lifetime 86400 valid-lifetime 259200

# Specify the DNS server address as 2:2::3.

[AC-dhcp6-pool-1] dns-server 2:2::3

# Specify the domain name suffix as aaa.com.

[AC-dhcp6-pool-1] domain-name aaa.com

# specify the SIP server address as 2:2::4, and the domain name of the SIP server as bbb.com.

[AC-dhcp6-pool-1] sip-server address 2:2::4

[AC-dhcp6-pool-1] sip-server domain-name bbb.com

[AC-dhcp6-pool-1] quit

# Enable the DHCPv6 server on interface VLAN-interface 2, apply address pool 1 to the interface, enable desired address/prefix assignment and rapid address/prefix assignment, and set the precedence to the highest.

[AC] interface Vlan-interface 2

[AC-Vlan-interface2] ipv6 dhcp server apply pool 1 allow-hint preference 255 rapid-commit

Verifying the configuration

# Display DHCPv6 server configuration information on VLAN-interface 2.

[AC-Vlan-interface2] display ipv6 dhcp server interface Vlan-interface 2

Using pool: 1

Preference value: 255

Allow-hint: Enabled

Rapid-commit: Enabled

# Display information about DHCPv6 address pool 1.

[AC-Vlan-interface2] display ipv6 dhcp pool 1

Pool: 1

  Static bindings:

    Prefix: 2001:410:201::/48

      DUID: 00030001CA0006A40000

      IAID: 0xA1A1A1A1

      Preferred lifetime 86400 sec, valid lifetime 2592000 sec

  Prefix pool: 1

    Preferred lifetime 86400 sec, valid lifetime 2592000 sec

  DNS server addresses:

    2:2::3

  Domain names:

    aaa.com

  SIP server addresses:

    2:2::4

  SIP server domain names:

    bbb.com

# Display information about prefix pool 1.

[AC-Vlan-interface2] display ipv6 dhcp prefix-pool 1

Prefix: 2001:410::/32

Assigned length: 48

Total prefix number: 65536

Available: 65535

In-use: 0

Static: 1

# After the client whose DUID is 00030001CA0006A40000 obtains an IPv6 prefix, display binding information on the DHCPv6 server.

[AC-Vlan-interface2] display ipv6 dhcp server pd-in-use

Total number: 1

Prefix                                      Type      Pool Expiration time

2001:410:201::/48                           Static(C) 1    Jul 10 2011 19:45:01

# After the other client obtains an IPv6 prefix, display binding information on the DHCPv6 server.

[AC-Vlan-interface2] display ipv6 dhcp server pd-in-use

Total number: 2

Prefix                                      Type      Pool Expiration time

2001:410:201::/48                           Static(C) 1    Jul 10 2011 19:45:01

2001:410::/48                               Auto(C)   1    Jul 10 2011 20:44:05

IPv6 address and configuration parameters assignment configuration example

Network requirements

As shown in Figure 9, AC at 1::1/64 serves as a DHCPv6 server, and assigns IPv6 addresses, DNS server address, domain name suffix, SIP server address, and SIP server domain name to DHCPv6 clients.

AC assigns address 12:34:56::A/48 to the client with the DUID 00030001CA0006A40000, and assigns addresses from the subnet 12:34:56::/48 (excluding 12:34:56::A/48) to other clients.

The DNS server address is 2:2::3. The domain name suffix aaa.com. The SIP server address is 2:2::4, and the domain name of the SIP server is bbb.com.

Configuration considerations

To configure the DHCPv6 server:

·     Enable IPv6 and DHCPv6 server.

·     Create a static DHCPv6 option group and configure configuration parameters in the group.

·     Create and configure an address pool.

Create a static binding so that the server can assign the specific address to the specified client. Specify a subnet 12:34:56::/48 for dynamic assignment. Apply the DHCPv6 option group to the address pool.

·     Enable the DHCPv6 server on the interface that connects to the clients.

Figure 9 Network diagram

 

Configuration procedure

# Configure basic functions of the AC. For more information, see WLAN Configuration Guide. (Details not shown.)

# Enable IPv6 and the DHCPv6 server.

<AC> system-view

[AC] ipv6

[AC] ipv6 dhcp server enable

# Configure the IPv6 address of VLAN-interface 2.

[AC] interface vlan-interface 2

[AC-Vlan-interface2] ipv6 address 12:34:56::1/48

[AC-Vlan-interface2] quit

# Create a static DHCPv6 option group 1.

[AC] ipv6 dhcp option-group 1

# Specify the DNS server address as 2:2::3.

[AC-dhcp6-option-group1] dns-server 2:2::3

# Specify the domain name suffix as aaa.com.

[AC-dhcp6-option-group1] domain-name aaa.com

# Specify the SIP server address as 2:2::4, and the domain name of the SIP server as bbb.com.

[AC-dhcp6-option-group1] sip-server address 2:2::4

[AC-dhcp6-option-group1] sip-server domain-name bbb.com

[AC-dhcp6-option-group1] quit

# Create address pool 1.

[AC] ipv6 dhcp pool 1

# In address pool 1, bind IPv6 address 12:34:56::A/48 to DUID 00010006498D43220001. Set the preferred lifetime to one day and valid lifetime to three days.

[AC-dhcp6-pool-1] static-bind address 12:34:56::A/48 duid 00010006498d43220001 preferred-lifetime 86400 valid-lifetime 259200

# Specify a subnet 12:34:56::/48, and set the preferred lifetime to 1 day and valid lifetime to three days.

[AC-dhcp6-pool-1] network 12:34:56::/48 preferred-lifetime 86400 valid-lifetime 259200

# Apply option group 1 to address pool 1.

[AC-dhcp6-pool-1] option-group 1

[AC-dhcp6-pool-1] quit

# Enable the DHCPv6 server on interface VLAN-interface 2, apply address pool 1 to the interface, enable the desired address/prefix assignment and rapid address/prefix assignment, and set the precedence to the highest.

[AC] interface Vlan-interface 2

[AC-Vlan-interface2] ipv6 dhcp server apply pool 1 allow-hint preference 255 rapid-commit

[AC-Vlan-interface2] quit

Verifying the configuration

# Display DHCPv6 server configuration on VLAN-interface 2.

[AC] display ipv6 dhcp server interface Vlan-interface 2

Using pool: 1

Preference value: 255

Allow-hint: Enabled

Rapid-commit: Enabled

# Display information about DHCPv6 option group 1.

[AC] display ipv6 dhcp option-group 1

DHCPv6 option group: 1

  Type: Static

  DNS server addresses:

    2:2::3

  Domain names:

    aaa.com

  SIP server addresses:

    2:2::4

  SIP server domain names:

    bbb.com

# Display information about DHCPv6 address pool 1.

[AC] display ipv6 dhcp pool 1

Pool: 1

  Network: 12:34:56::/48

    Preferred lifetime 86400 sec, valid lifetime 259200 sec

  Static bindings:

    Address: 12:34:56::A/48

      DUID: 00010006498D43220001

      IAID: Not configured

      Preferred lifetime 86400 sec, valid lifetime 259200 sec

  Option group: 1

# After the client whose DUID is 00010006498D43220001 obtains an IPv6 address, display binding information on the DHCPv6 server.

[AC] display ipv6 dhcp server ip-in-use address 12:34:56::a

Pool: 1

Client: FE80::1EBD:B9FF:FEE3:BD84

Type: Static(C)

DUID: 00010006498D43220001

IAID: 0x1

Address: 12:34:56::A

  Preferred lifetime 86400 sec, valid lifetime 259200 sec

  Will expire at Apr 29 2011 15:43:35 (259064 seconds left)

# After the other client obtains an IPv6 address, display binding information on the DHCPv6 server.

[AC] display ipv6 dhcp server ip-in-use

Total number: 2

Address                                     Type      Pool Expiration time

12:34:56::A                                 Static(C) 1    Apr 29 2011 15:43:35

12:34:56::4                                 Auto(C)   1    Apr 29 2011 15:47:53

Static IPv6 address and prefix assignment configuration example

Network requirements

As shown in Figure 10, AC at 12:34:56::1/48 serves as a DHCPv6 server, and assigns IPv6 prefixes and addresses, DNS server address, domain name suffix, SIP server address, and SIP server domain name to DHCPv6 clients.

AC assigns prefix in the range of 12:34::/48 to 12:34:FFFF::/48 and addresses in the subnet 12:34:56::/48 to clients.

The DNS server address is 2:2::3. The domain name suffix is aaa.com. The SIP server address is 2:2::4, and the domain name of the SIP server is bbb.com.

Network considerations

To configure the DHCPv6 server:

·     Enable IPv6 and DHCPv6 server.

·     Create a static IPv6 prefix.

·     Create a static DHCPv6 option group, and configure parameters in the group.

·     Specify the static prefix to create a prefix pool.

·     Create an address pool.

Apply the prefix pool to the address pool so that the DHCPv6 server can dynamically select a prefix from the prefix pool and assign it to a client. Apply the static prefix to the network subnet so that the server can assign an IP address to the client. To achieve network parameters assignment, apply the DHCPv6 option group to the address pool.

·     Enable the DHCPv6 server on the interface that connects to the clients.

Figure 10 Network diagram

 

Configuration procedure

# Configure basic functions of the AC. For more information, see WLAN Configuration Guide. (Details not shown.)

# Enable IPv6 and DHCPv6 server on AC.

<AC> system-view

[AC] ipv6

[AC] ipv6 dhcp server enable

# Configure the IPv6 address of interface VLAN-interface 2.

[AC] interface Vlan-interface 2

[AC-Vlan-interface2] ipv6 address 12:34:56::1/48

[AC-Vlan-interface2] quit

# Create static IPv6 prefix 12:34::/32 with prefix ID 1.

[AC] ipv6 prefix 1 12:34::/32

# Create a static DHCPv6 option group 1.

[AC] ipv6 dhcp option-group 1

# Specify the DNS server address as 2:2::3.

[AC-dhcp6-option-group1] dns-server 2:2::3

# Specify the domain name suffix as aaa.com.

[AC-dhcp6-option-group1] domain-name aaa.com

# Specify the SIP server address as 2:2::4, and the domain name of the SIP server as bbb.com.

[AC-dhcp6-option-group1] sip-server address 2:2::4

[AC-dhcp6-option-group1] sip-server domain-name bbb.com

[AC-dhcp6-option-group1] quit

# Create prefix pool 1 that contains the prefix with the ID 1 and specify the length of prefixes to be assigned as 48. Prefix pool 1 can assign prefixes in the range of 12:34::/48 to 12:34:FFFF::/48.

[AC] ipv6 dhcp prefix-pool 1 prefix 1 assign-len 48

# Create address pool 1.

[AC] ipv6 dhcp pool 1

# Specify a static prefix with prefix ID 1 so that addresses in the subnet 12:34:56::/48 are assignable. Set the preferred lifetime to one day, and valid lifetime to three days.

[AC-dhcp6-pool-1] network prefix 1 0:0:56::/48 preferred-lifetime 86400 valid-lifetime 259200

# Apply prefix pool 1 to address pool 1, and set the preferred lifetime to one day and the valid lifetime to three days.

[AC-dhcp6-pool-1] prefix-pool 1 preferred-lifetime 86400 valid-lifetime 259200

# Apply DHCPv6 option group 1 to address pool 1.

[AC-dhcp6-pool-1] option-group 1

[AC-dhcp6-pool-1] quit

# Enable the DHCPv6 server on interface VLAN-interface 2, apply address pool 1 to the interface, enable the desired address/prefix assignment and rapid address/prefix assignment, and set the precedence to the highest.

[AC] interface Vlan-interface 2

[AC-Vlan-interface2] ipv6 dhcp server apply pool 1 allow-hint preference 255 rapid-commit

[AC-Vlan-interface2] quit

Verifying the configuration

# Display DHCPv6 server configuration information on VLAN-interface 2.

[AC] display ipv6 dhcp server interface Vlan-interface 2

Using pool: 1

Preference value: 255

Allow-hint: Enabled

Rapid-commit: Enabled

# Display information about DHCPv6 address pool 1.

[AC] display ipv6 dhcp pool 1

Pool: 1

  Network: 12:34:56::/48

    Preferred lifetime 86400 sec, valid lifetime 259200 sec

  Prefix pool: 1

    Preferred lifetime 86400 sec, valid lifetime 259200 sec

  Option group: 1

# Display information about DHCPv6 option group 1.

[AC] display ipv6 dhcp option-group 1

DHCPv6 option group: 1

  Type: Static

  DNS server addresses:

    2:2::3

  Domain names:

    aaa.com

  SIP server addresses:

    2:2::4

  SIP server domain names:

    bbb.com

# After a client obtains an IPv6 prefix, display IPv6 prefix binding information.

[AC] display ipv6 dhcp server pd-in-use

Total number: 1

Prefix                                      Type      Pool Expiration time

12:34::/48                                  Auto(C)   1    Apr 29 2011 17:07:38

# After a client obtains an IPv6 address, display IPv6 address binding information.

[AC] display ipv6 dhcp server ip-in-use

Total number: 1

Address                                     Type      Pool Expiration time

12:34:56::A                                 Auto(C)   1    Apr 29 2011 17:06:58

Dynamic IPv6 address and prefix assignment configuration example

Network requirements

As shown in Figure 11, Switch serves as a DHCPv6 server, and assigns an IPv6 prefix, DNS server address, domain name suffix, SIP server address, and SIP server domain name to the DHCPv6 client, AC. The DNS server address is 2:2::3. The domain name suffix is aaa.com. The SIP server address is 2:2::4, and the domain name of the SIP server is bbb.com.

With the configuration obtained from Switch, AC serves as a DHCPv6 server and assigns IP prefixes in the range of 12:34::/48 to 12:34:FFFF::/48 and addresses in the subnet 12:34:56::/48 to DHCPv6 clients.

Configuration considerations

·     To configure Switch:

a.     Enable IPv6.

b.     Enable the DHCPv6 server.

c.     Create a prefix pool.

d.     Create an address pool, and specify a prefix pool so that Switch can assign a prefix to AC.

e.     Enable the DHCPv6 server on VLAN-interface 2 that connects to AC.

·     To configure AC that serves as the DHCPv6 client:

a.     Enable IPv6.

b.     Configure interface VLAN-interface 2 to use DHCPv6 for IPv6 prefix acquisition, and specify the prefix ID as 1 and option group ID as 1.

·     To configure AC that serves as the DHCPv6 server:

a.     Enable the DHCPv6 server.

b.     Specify the dynamic prefix to create a prefix pool.

c.     Create an address pool.

Apply the prefix pool to the address pool so that the DHCPv6 server can dynamically select a prefix from the prefix pool and assign it to a client. Apply the dynamic prefix to the network subnet so that the server can assign an IP address to the client. To achieve network parameters assignment, specify the dynamically crated DHCPv6 option group for the address pool.

d.     Enable the DHCPv6 server on the interface VLAN-interface 3 that connects to the clients.

Figure 11 Network diagram

 

Configuration procedure

1.     Configure Switch:

# Enable IPv6.

<Switch> system-view

[Switch] ipv6

# Enable the DHCPv6 server.

[Switch] ipv6 dhcp server enable

# Configure the IPv6 address of interface VLAN-interface 2.

[Switch] interface Vlan-interface 2

[Switch-Vlan-interface2] ipv6 address 1::1/64

[Switch-Vlan-interface2] quit

# Create prefix pool 1.

[Switch] ipv6 dhcp prefix-pool 1 prefix 12:34::/32 assign-len 32

# Apply prefix pool 1 to address pool 1, and set the preferred lifetime to one day and the valid lifetime to three days.

[Switch] ipv6 dhcp pool 1

[Switch-dhcp6-pool-1] prefix-pool 1 preferred-lifetime 86400 valid-lifetime 259200

# Specify the DNS server address as 2:2::3.

[Switch-dhcp6-pool-1] dns-server 2:2::3

# Specify the domain name suffix as aaa.com.

[Switch-dhcp6-pool-1] domain-name aaa.com

# Specify the SIP server address as 2:2::4, and the domain name of the SIP server as bbb.com.

[Switch-dhcp6-pool-1] sip-server address 2:2::4

[Switch-dhcp6-pool-1] sip-server domain-name bbb.com

[Switch-dhcp6-pool-1] quit

# Enable the DHCPv6 server on interface VLAN-interface 2, apply address pool 1 to the interface, enable the desired address/prefix assignment and rapid address/prefix assignment, and set the precedence to the highest.

[Switch] interface Vlan-interface 2

[Switch-Vlan-interface2] ipv6 dhcp server apply pool 1 allow-hint preference 255 rapid-commit

[Switch-Vlan-interface2] quit

2.     Configure AC as the DHCPv6 client:

# Enable IPv6.

<AC> system-view

[AC] ipv6

# Configure interface VLAN-interface 2 to use DHCPv6 for IPv6 prefix acquisition, and specify the prefix ID as 1 and option group ID as 1.

[AC] interface Vlan-interface 2

[AC-Vlan-interface2] ipv6 dhcp client pd 1 rapid-commit option-group 1

[AC-Vlan-interface2] quit

3.     Configure AC as the DHCPv6 server:

# Enable the DHCPv6 server.

[AC] ipv6 dhcp server enable

# Configure an IPv6 address for interface VLAN-interface 3.

[AC] interface Vlan-interface 3

[AC-Vlan-interface3] ipv6 address 12:34:56::1/48

[AC-Vlan-interface3] quit

# Create a prefix pool and specify the prefix ID 1.

[AC] ipv6 dhcp prefix-pool 1 prefix 1 assign-len 48

# Create address pool 1, specify the prefix ID 1, and set the preferred lifetime to one day, and valid lifetime to three days.

[AC] ipv6 dhcp pool 1

[AC-dhcp6-pool-1] network prefix 1 0:0:56::/48 preferred-lifetime 86400 valid-lifetime 259200

# Apply prefix pool 1 to address pool 1, and set the preferred lifetime to one day and the valid lifetime to three days.

[AC-dhcp6-pool-1] prefix-pool 1 preferred-lifetime 86400 valid-lifetime 259200

# Apply option group 1 to the address pool.

[AC-dhcp6-pool-1] option-group 1

[AC-dhcp6-pool-1] quit

# Enable the DHCPv6 server on interface VLAN-interface 3, apply address pool 1 to the interface, enable the desired address/prefix assignment and rapid address/prefix assignment, and set the precedence to the highest.

[AC] interface Vlan-interface 3

[AC-Vlan-interface3] ipv6 dhcp server apply pool 1 allow-hint preference 255 rapid-commit

[AC-Vlan-interface3] quit

Verifying the configuration

# Display DHCPv6 server configuration on VLAN-interface 2 of Switch. Similar output is displayed if you display the DHCPv6 configuration on VLAN-interface 2 of AC.

<Switch> display ipv6 dhcp server interface Vlan-interface 2

Using pool: 1

Preference value: 255

Allow-hint: Enabled

Rapid-commit: Enabled

# After AC obtains an IPv6 prefix and network configurations, display IPv6 prefix information.

<AC> display ipv6 prefix 1

Number: 1

Type  : Dynamic

Prefix: 12:34::/32

  Preferred lifetime 86400 sec, valid lifetime 259200 sec

# Display information about DHCPv6 option group 1 on AC.

<AC> display ipv6 dhcp option-group 1

DHCPv6 option group: 1

  Type: Dynamic

  DNS server addresses:

    2:2::3

  Domain names:

    aaa.com

  SIP server addresses:

    2:2::4

  SIP server domain names:

    bbb.com

# Display information about DHCPv6 address pool 1 on AC.

<AC> display ipv6 dhcp pool 1

Pool: 1

  Network: 12:34:56::/48

    Preferred lifetime 86400 sec, valid lifetime 259200 sec

  Prefix pool: 1

    Preferred lifetime 86400 sec, valid lifetime 259200 sec

  Option group: 1

# After DHCP client obtains an IPv6 prefix, display IPv6 prefix binding information on AC.

<AC> display ipv6 dhcp server pd-in-use

Total number: 1

Prefix                                      Type      Pool Expiration time

12:34::/48                                  Auto(C)   1    Apr 29 2011 17:07:38

# After DHCP client obtains an IPv6 address, display IPv6 address binding information on AC.

<AC> display ipv6 dhcp server ip-in-use

Total number: 1

Address                                     Type      Pool Expiration time

12:34:56::3                                 Auto(C)   1    Apr 29 2011 17:06:58

 


Configuring the DHCPv6 relay agent

Overview

A DHCPv6 client usually uses a multicast address to contact the DHCPv6 server on the local link to obtain an IPv6 address and other configuration parameters. As shown in Figure 12, if the DHCPv6 server resides on another subnet, the DHCPv6 client can contact the server through a DHCPv6 relay agent, so you do not need to deploy a DHCPv6 server on each subnet.

Figure 12 Typical DHCPv6 relay agent application

 

Figure 13 shows how the DHCPv6 client obtains an IPv6 address and other network configuration parameters from the DHCPv6 server through the DHCPv6 relay agent, using the process of rapid assignment involving two messages as an example.

1.     The DHCPv6 client sends a Solicit message containing the Rapid Commit option to the multicast address FF02::1:2 of all the DHCPv6 servers and relay agents.

2.     After receiving the Solicit message, the DHCPv6 relay agent encapsulates the message into the Relay Message option of a Relay-forward message, and sends the message to the DHCPv6 server.

3.     After obtaining the Solicit message from the Relay-forward message, the DHCPv6 server selects an IPv6 address and other required parameters, and adds them to the reply that is encapsulated within the Relay Message option of a Relay-reply message. The DHCPv6 server then sends the Relay-reply message to the DHCPv6 relay agent.

4.     The DHCPv6 relay agent obtains the reply from the Relay-reply message and sends the reply to the DHCPv6 client.

Then the DHCPv6 client uses the IPv6 address and other configuration parameters assigned by the DHCPv6 server to perform network configuration.

Figure 13 Operating process of a DHCPv6 relay agent

 

Configuration prerequisites

Before you configure the DHCPv6 relay agent, enable IPv6 by using the ipv6 command in system view.

Configuration guidelines

·     You can specify up to eight DHCPv6 servers for an interface. After receiving requests from DHCPv6 clients, the DHCPv6 relay agent forwards the requests to all the specified DHCPv6 servers.

·     If the DHCPv6 server address is a link-local address or link-scoped multicast address on the local link, you must specify an outgoing interface by using the interface keyword in the ipv6 dhcp relay server-address command. Otherwise, DHCPv6 packets might fail to be forwarded to the DHCPv6 server.

·     After you remove all the specified DHCPv6 servers from an interface with the undo ipv6 dhcp relay server-address command, DHCPv6 relay agent is disabled on the interface.

·     An interface cannot serve as a DHCPv6 relay agent and DHCPv6 server at the same time.

·     Do not enable the DHCPv6 relay agent and DHCPv6 client on the same interface.

Configuration procedure

To configure the DHCPv6 relay agent:

 

Step

Command

Remarks

1.     Enter system view.

system-view

N/A

2.     Enter interface view.

interface interface-type interface-number

N/A

3.     Enable DHCPv6 relay agent on the interface and specify a DHCPv6 server.

ipv6 dhcp relay server-address ipv6-address [ interface interface-type interface-number ]

By default, DHCPv6 relay agent is disabled and no DHCPv6 server is specified on the interface.

 

Displaying and maintaining the DHCPv6 relay agent

Task

Command

Remarks

Display the DUID of the local device.

display ipv6 dhcp duid [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display DHCPv6 server addresses specified on the DHCPv6 relay agent.

display ipv6 dhcp relay server-address { all | interface interface-type interface-number } [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display packet statistics on the DHCPv6 relay agent.

display ipv6 dhcp relay statistics [ | { begin | exclude | include } regular-expression ]

Available in any view.

Clear packets statistics on the DHCPv6 relay agent.

reset ipv6 dhcp relay statistics

Available in user view.

 

DHCPv6 relay agent configuration example

Network requirements

As shown in Figure 14, DHCPv6 clients reside in network 1::/64, and the IPv6 address of the DHCPv6 server is 2::2/64. The DHCPv6 client and server must communicate through a DHCPv6 relay agent (AC).

AC acts as the gateway of network 1::/64. It sends RA messages to notify the hosts to obtain IPv6 addresses and other configuration parameters through DHCPv6. For more information about RA messages, see "Configuring IPv6 basics."

Figure 14 Network diagram

 

Configuration procedure

1.     Configure AC as a DHCPv6 relay agent:

# Configure basic functions of the AC. For more information, see WLAN Configuration Guide. (Details not shown.)

# Enable IPv6.

<AC> system-view

[AC] ipv6

# Configure the IPv6 addresses of VLAN-interface 2 and VLAN-interface 3.

[AC] interface vlan-interface 2

[AC-Vlan-interface2] ipv6 address 2::1 64

[AC-Vlan-interface2] quit

[AC] interface vlan-interface 2

[AC-Vlan-interface2] ipv6 address 1::1 64

# Enable DHCPv6 relay agent and specify the DHCPv6 server address on interface VLAN-interface 3.

[AC-Vlan-interface3] ipv6 dhcp relay server-address 2::2

2.     Configure AC as a gateway:

# Enable AC to send RA messages and turn on the M and O flags.

[AC-Vlan-interface3] undo ipv6 nd ra halt

[AC-Vlan-interface3] ipv6 nd autoconfig managed-address-flag

[AC-Vlan-interface3] ipv6 nd autoconfig other-flag

Verifying the configuration

# Display DHCPv6 server address information on AC.

[AC-Vlan-interface3] display ipv6 dhcp relay server-address all

Interface: Vlan3

Server address(es)                             Output Interface

2::2

# Display packet statistics on the DHCPv6 relay agent.

[AC-Vlan-interface3] display ipv6 dhcp relay statistics

Packets dropped               :  0

    Error                     :  0

    Excess of rate limit      :  0

Packets received              :  14

    SOLICIT                   :  0

    REQUEST                   :  0

    CONFIRM                   :  0

    RENEW                     :  0

    REBIND                    :  0

    RELEASE                   :  0

    DECLINE                   :  0

    INFORMATION-REQUEST       :  7

    RELAY-FORWARD             :  0

    RELAY-REPLY               :  7

Packets sent                  :  14

    ADVERTISE                 :  0

    RECONFIGURE               :  0

    REPLY                     :  7

    RELAY-FORWARD             :  7

    RELAY-REPLY               :  0

 


Configuring the DHCPv6 client

With DHCP client enabled, an interface uses DHCP to obtain configuration parameters such as an IPv6 address, an IPv6 prefix from the DHCP server.

A DHCPv6 client can use DHCPv6 to complete the following:

·     Obtain an IPv6 address and configuration parameters, and create a DHCPv6 option group for the parameters.

·     Obtain an IPv6 prefix and configuration parameters, and create a DHCPv6 option group for the parameters.

Configuration guidelines

·     To make the DHCPv6 client successfully obtain IPv6 address, IPv6 prefix, and configuration parameters through DHCPv6, make sure the DHCPv6 server is available.

·     Use the ipv6 command to enable IPv6 on the DHCPv6 client. For more information about the command, see "Configuring IPv6 basics."

·     Do not enable the DHCPv6 client and DHCPv6 server, or the DHCPv6 client and DHCPv6 relay agent on the same interface.

DHCPv6 client configuration task list

 

Configuring address acquisition

Step

Command

Remarks

1.     Enter system view.

system-view

N/A

2.     Enter interface view.

interface interface-type interface-number

N/A

3.     Configure the interface to use DHCPv6 for IP address acquisition.

ipv6 address dhcp-alloc [ option-group group-number | rapid-commit ] *

By default, An interface does not use DHCPv6 for IP address acquisition.

 

Configuring prefix acquisition

 

Step

Command

Remarks

1.     Enter system view.

system-view

N/A

2.     Enter interface view.

interface interface-type interface-number

N/A

3.     Configure the interface to use DHCPv6 for IPv6 prefix acquisition.

ipv6 dhcp client pd prefix-number [ option-group group-number | rapid-commit ] *

By default, the interface does not use DHCPv6 for IPv6 prefix acquisition.

 

Displaying and maintaining the DHCPv6 client

Task

Command

Remarks

Display DHCPv6 client information.

display ipv6 dhcp client [ interface interface-type interface-number ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display DHCPv6 client statistics.

display ipv6 dhcp client statistics [ interface interface-type interface-number ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display the DUID of the local device.

display ipv6 dhcp duid [ | { begin | exclude | include } regular-expression ]

Available in any view.

Clear DHCPv6 client statistics.

reset ipv6 dhcp client statistics [ interface interface-type interface-number ]

Available in user view.

 

DHCPv6 client configuration examples

IPv6 prefix acquisition configuration example

Network requirements

The DHCPv6 client AC uses DHCPv6 to obtain an IPv6 prefix, the DNS server address, domain name suffix, SIP server address, and domain name of the SIP server.

Configure AC to create an IPv6 prefix based on the obtained prefix and create a DHCPv6 option group for the obtained configuration parameters.

Figure 15 Network diagram

 

Configuration procedure

Before you make the following configuration, configure the DHCPv6 server. For information about DHCPv6 server, see "Configuring the DHCPv6 server."

# Enable IPv6.

<AC> system-view

[AC] ipv6

# Configure the IPv6 address of VLAN-interface 2.

[AC] interface vlan-interface 2

[AC-Vlan-interface2] ipv6 address 1::2/48

# Configure VLAN-interface 2 to use DHCPv6 to obtain an IPv6 prefix and configuration parameters, and enable rapid prefix assignment. With the obtained prefix and parameters, the client automatically creates a DHCPv6 option group.

[AC-Vlan-interface2] ipv6 dhcp client pd 1 rapid-commit option-group 1

[AC-Vlan-interface2] quit

Verifying the configuration

# Display DHCPv6 client information. The output shows that AC has obtained an IPv6 prefix and configuration parameters.

[AC] display ipv6 dhcp client

Vlan-interface2:

  Type: Stateful client requested for prefix

    State: OPEN

    IAID: 0xf0019

    Preferred server:

      Reachable via address: FE80::200:5EFF:FE0A:2303

      DUID: 00030001000fe20a0a00

    Prefix: 12:34::/32

      Preferred lifetime 90 sec, valid lifetime 90 sec

      T1 45 sec, T2 72 sec

      Will expire at Jul 18 2011 10:04:03

    DNS server addresses:

      2000::FF

    Domain names:

      example.com

    SIP server addresses:

      2:2::4

    SIP server domain names:

      bbb.com

# Display Ipv6 prefix information.

[AC] display ipv6 prefix 1

Number: 1

Type  : Dynamic

Prefix: 12:34::/32

  Preferred lifetime 90 sec, valid lifetime 90 sec

# Display information about dynamic DHCPv6 option group 1.

[AC] display ipv6 dhcp option-group 1 

DHCPv6 option group: 1

  Type: Dynamic

  DNS server addresses:

    2000::FF

  Domain names:

    example.com

  SIP server addresses:

    2:2::4

  SIP server domain names:

    bbb.com

IPv6 address acquisition configuration example

Network requirements

The DHCPv6 client AC uses DHCPv6 to obtain an IPv6 address, the DNS server address, domain name suffix, SIP server address, and domain name of the SIP server.

Configure AC to create a DHCPv6 option group for the obtained configuration parameters.

Figure 16 Network diagram

 

Configuration procedure

Before you make the following configuration, configure the DHCPv6 server. For information about DHCPv6 server, see "Configuring the DHCPv6 server."

# Enable IPv6.

<AC> system-view

[AC] ipv6

# Configure VLAN-interface 2 to use DHCPv6 to obtain an IPv6 prefix and configuration parameters, and enable rapid address assignment. With the obtained address and parameters, the client automatically creates a DHCPv6 option group.

[AC] interface vlan-interface 2

[AC-Vlan-interface2] ipv6 address dhcp-alloc rapid-commit option-group 1

[AC-Vlan-interface2] quit

Verifying the configuration

# Display DHCPv6 client information. The output shows that AC has obtained an IPv6 address and configuration parameters.

[AC] display ipv6 dhcp client

Vlan-interface2:

  Type: Stateful address client

    State: OPEN

    IAID: 0xf0019

    Preferred server:

      Reachable via address: FE80::200:5EFF:FE0A:2303

      DUID: 00030001000fe20a0a00

    Address: 1:2::2

       Preferred lifetime 60 sec, valid lifetime 60 sec

       T1 30 sec, T2 48 sec

       Will expire at Jul 18 2011 10:06:57

    DNS server addresses:

      2000::FF

    Domain names:

      example.com

    SIP server addresses:

      2:2::4

    SIP server domain names:

      bbb.com

# Display information about dynamic DHCPv6 option group 1.

[AC] display ipv6 dhcp option-group 1 

DHCPv6 option group: 1

  Type: Dynamic

  DNS server addresses:

    2000::FF

  Domain names:

    example.com

  SIP server addresses:

    2:2::4

  SIP server domain names:

    bbb.com

# Display IPv6 address information.

[AC] display ipv6 interface brief

*down: administratively down

(s): spoofing

Interface                                Physical   Protocol   IPv6 Address

Vlan-interface2                          up         up         1:2::2

 


Configuring DHCPv6 snooping

DHCPv6 snooping works between the DHCPv6 client and server or between the DHCPv6 client and relay agent. It cannot work between the DHCP server and DHCP relay agent.

You can configure only Layer 2 Ethernet interfaces or Layer 2 aggregate interfaces as DHCPv6 snooping trusted ports. For more information about aggregate interfaces, see Layer 2 Configuration Guide.

Overview

DHCPv6 snooping is security feature with the following functions:

·     Guaranteeing that DHCPv6 clients obtain IPv6 addresses from authorized DHCPv6 servers

·     Recording IP-to-MAC mappings of DHCPv6 clients

Guaranteeing that DHCPv6 clients obtain IPv6 addresses from authorized DHCPv6 servers

If DHCPv6 clients obtain invalid IPv6 addresses and network configuration parameters from an unauthorized DHCPv6 server, they are unable to communicate with other network devices. With DHCPv6 snooping, the ports of a device can be configured as trusted or untrusted to make sure the clients obtain IPv6 addresses only from authorized DHCPv6 servers:

·     TrustedA trusted port forwards DHCPv6 messages normally.

·     UntrustedAn untrusted port discards reply messages from any DHCPv6 server.

Figure 17 Trusted and untrusted ports

 

A DHCPv6 snooping device's port that is connected to an authorized DHCPv6 server, DHCPv6 relay agent, or another DHCPv6 snooping device should be configured as a trusted port to forward reply messages from the authorized DHCPv6 server. Other ports are configured as untrusted so that they do not forward reply messages from unauthorized DHCPv6 servers. This makes sure that the DHCPv6 client can obtain an IPv6 address from the authorized DHCPv6 server only.

As shown in Figure 17, configure the port that connects to the DHCPv6 server as a trusted port, and other ports as untrusted.

Recording IP-to-MAC mappings of DHCPv6 clients

DHCPv6 snooping reads DHCPv6 messages to create and update DHCPv6 snooping entries, including MAC addresses of clients, IPv6 addresses obtained by the clients, ports that connect to DHCPv6 clients, and VLANs to which the ports belong. You can use the display ipv6 dhcp snooping user-binding command to view the IPv6 address obtained by each client, so you can manage and monitor the clients' IPv6 addresses.

Enabling DHCPv6 snooping

To allow clients to obtain IPv6 addresses from an authorized DHCPv6 server, enable DHCPv6 snooping globally and configure trusted and untrusted ports properly. To record DHCPv6 snooping entries for a VLAN, enable DHCPv6 snooping for the VLAN.

To enable DHCPv6 snooping:

 

Step

Command

Remarks

1.     Enter system view.

system-view

N/A

2.     Enable DHCPv6 snooping globally.

ipv6 dhcp snooping enable

Disabled by default.

3.     Enter VLAN view.

vlan vlan-id

N/A

4.     Enable DHCPv6 snooping for the VLAN.

ipv6 dhcp snooping vlan enable

Optional.

Disabled by default.

 

Configuring a DHCPv6 snooping trusted port

After enabling DHCPv6 snooping globally, you can specify trusted and untrusted ports for a VLAN as needed. A DHCPv6 snooping trusted port normally forwards DHCPv6 packets. A DHCPv6 snooping untrusted port discards any DHCPv6 reply message received from a DHCPv6 server. Upon receiving a DHCPv6 request from a client in the VLAN, the DHCPv6 snooping device forwards the packet through trusted ports rather than any untrusted port in the VLAN, reducing network traffic.

Follow these guidelines when you configure a DHCPv6 snooping trusted port:

·     You must specify a port connected to an authorized DHCPv6 server as trusted to make sure DHCPv6 clients can obtain valid IPv6 addresses. The trusted port and the ports connected to the DHCPv6 clients must be in the same VLAN.

·     If a Layer 2 Ethernet interface is added to an aggregation group, the DHCPv6 snooping configuration of the interface does not take effect until the interface quits from the aggregation group.

To configure a DHCPv6 snooping trusted port:

 

Step

Command

Remarks

1.     Enter system view.

system-view

N/A

2.     Enter interface view.

interface interface-type interface-number

N/A

3.     Configure the port as trusted.

ipv6 dhcp snooping trust

By default, all ports of the device with DHCPv6 snooping globally enabled are untrusted.

 

Setting the maximum number of DHCPv6 snooping entries

Perform this optional task to prevent an interface from learning too many DHCPv6 snooping entries and to save system resources.

To set the maximum number of DHCPv6 snooping entries:

 

Step

Command

Remarks

1.     Enter system view.

system-view

N/A

2.     Enter interface view.

interface interface-type interface-number

N/A

3.     Set the maximum number of DHCPv6 snooping entries that the interface can learn.

ipv6 dhcp snooping max-learning-num number

Optional.

By default, the number of DHCPv6 snooping entries learned by an interface is not limited.

 

Displaying and maintaining DHCPv6 snooping

Task

Command

Remarks

Display DHCPv6 snooping trusted ports.

display ipv6 dhcp snooping trust [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display DHCPv6 snooping entries.

display ipv6 dhcp snooping user-binding { ipv6-address | dynamic } [ | { begin | exclude | include } regular-expression ]

Available in any view.

Clear DHCPv6 snooping entries.

reset ipv6 dhcp snooping user-binding { ipv6-address | dynamic }

Available in user view.

 

DHCPv6 snooping configuration example

ACs have either 10 GE or GE interfaces. Table 1 identifies the Ethernet interfaces (GigabitEthernet 1/0/1, in this example) on different types of ACs.

If the AC is an AC module installed on a switch, make sure the internal Ethernet interface that connects the switch to the AC module has correct settings, including in particular VLAN settings.

Table 1 AC Ethernet interfaces

Hardware

AC Ethernet interfaces

AC modules (installed in a switch)

LSQM1WCMD0

LSRM1WCM3A1

LSUM3WCMD0

LSUM1WCME0

The internal Ethernet interface that connects the AC module to the switch.

Wireless switches

WX3024E

WX3010E

The internal Ethernet interface that connects the AC engine to the switching engine.

ACs

WX6103

The internal Ethernet interface that connects the MPU to the switching module.

WX5002V2

WX5004

WX3510E

WX3540E

WX5510E

Any Ethernet interface on the AC.

WX2540E

WAC360

WAC361

Any LAN or WAN interfaces on the AC.

WX5540E

The internal Ethernet interface that connects the AC engine to the switching engine.

 

Network requirements

As shown in Figure 18, AC is connected to a DHCPv6 server (Switch) through GigabitEthernet 1/0/1, and is connected to DHCPv6 clients through GigabitEthernet 1/0/2. These two interfaces belong to VLAN 2. Configure AC to do the following:

·     Forwarding DHCPv6 reply messages received only on GigabitEthernet 1/0/1.

·     Recording the IP-to-MAC mappings for DHCPv6 clients.

Figure 18 Network diagram

 

Configuration procedure

# Configure basic functions of the AC. For more information, see WLAN Configuration Guide. (Details not shown.)

# Enable DHCPv6 snooping globally.

<AC> system-view

[AC] ipv6 dhcp snooping enable

# Add GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2 to VLAN 2.

[AC] vlan 2

[AC-vlan2] port gigabitethernet1/0/1 gigabitethernet1/0/2

# Enable DHCPv6 snooping for VLAN 2.

[AC-vlan2] ipv6 dhcp snooping vlan enable

[AC] quit

# Configure GigabitEthernet 1/0/1 as a DHCPv6 snooping trusted port.

[AC] interface gigabitethernet1/0/1

[AC-GigabitEthernet1/0/1] ipv6 dhcp snooping trust

Verifying the configuration

After completing the configuration, connect GigabitEthernet 1/0/2 to a DHCPv6 client and GigabitEthernet 1/0/1 to a DHCPv6 server (Switch). The DHCPv6 client obtains an IPv6 address from Switch, but cannot obtain any IPv6 address from the unauthorized DHCPv6 server. You can use the display ipv6 dhcp snooping user-binding command to view the DHCPv6 snooping entries on AC.

 

  • Cloud & AI
  • InterConnect
  • Intelligent Computing
  • Intelligent Storage
  • Security
  • SMB Products
  • Intelligent Terminal Products
  • Product Support Services
  • Technical Service Solutions
All Services
  • Resource Center
  • Policy
  • Online Help
  • Technical Blogs
All Support
  • Become A Partner
  • Partner Policy & Program
  • Global Learning
  • Partner Sales Resources
  • Partner Business Management
  • Service Business
All Partners
  • Profile
  • News & Events
  • Online Exhibition Center
  • Contact Us
All About Us
新华三官网