An experimental study in using natural admixture as an alternative for chemic...
Analyzing dhc pv6 stateful and stateless
1. 16/11/2020 Analyzing DHCPv6 Stateful and Stateless
https://learningnetwork.cisco.com/s/blogs/a0D3i0000033K6zEAE/analyzing-dhcpv6-stateful-and-stateless 1/11
VIP PERSPECTIVES (/S/TOPIC/0TO3I000000924BGAA/VIP%20PERSPECTIVES)
Analyzing DHCPv6 Stateful and Stateless
8 months ago by Ing_Percy (/s/prole/0053i000002nCpWAAU)
At this time, I would like to share a concise description of the concepts and operation of DHCPv6 by analyzing a laboratory using Cisco
Routers and a PC. It is always necessary to mention that the verication of the concepts of Cisco networking must be carried out in the
rst instance with real equipment. In case the equipment is not available, you can use an emulator like GNS3 and nally you can use a
software like Cisco Packet Tracer (the latter is more prone to bugs, especially in more complex topologies).
Previous concepts
We know that in studies about networks, we start with the IPv4 protocol. We learn about static IP addressing on our devices and then
about dynamic IP addressing on hosts using the DHCP protocol. It is now reected in IPv6 networks where global unicast addresses can
be congured manually or dynamically. However, for IPv6 networks we have two dynamic allocation methods:
* Stateless address Autoconguration (SLAAC)
* Dynamic Host Conguration Protocol for IPv6 (DHCPv6)
If we talk briey about SLAAC, it is a method by which a host can get an IPv6 global unicast address without a DHCPv6 server. The base
of SLAAC is in ICMPv6 which is much more robust than the ICMP of IPv4. Basically, SLAAC uses the following ICMPv6 messages to
provide IPv6 addressing:
* Router Solicitation message (RS): When a client is congured to get its addressing information automatically via SLAAC, it sends an RS
message to the router. This message is sent to the multicast address of all IPv6 routers FF02::2. It is the ICMPv6 message type 133.
* Router Advertisement message (RA): The Routers send RA messages to provide IPv6 addressing information to clients. This message
includes the prex and the prex length of the local segment. A router sends an RA message periodically (congurable between 4 and
1800 seconds) or in response to an RS message. By default, Cisco routers send RA messages every 200 seconds. RA messages are
always sent to the multicast address of all IPv6 nodes FF02::1. It is the ICMPv6 message type 134.
The Cisco Learning Network (/s)
Certications Communities Webinars & Videos Study Resources About/Help Store (https://learningnetworkstore.cisco
Follow Like
2. 16/11/2020 Analyzing DHCPv6 Stateful and Stateless
https://learningnetwork.cisco.com/s/blogs/a0D3i0000033K6zEAE/analyzing-dhcpv6-stateful-and-stateless 2/11
As the name implies, SLAAC is a stateless service. It means there is no server that maintains the network address information. It also
does not know which IPv6 addresses are being used and which ones are available. Here the use of DHCPv6 comes into action. The
decision of how a client will be able to obtain IPv6 addressing information automatically will depend on what is established within the RA
message. For this, we will use two ags which are the Managed address conguration ag (M ag) and the Other conguration ag (O
ag).
Using dierent combinations of the M and O ags, the RA messages establish one of the three addressing options:
* SLAAC (Only using the RA messages)
* DHCPv6 Stateless (RA and DHCPv6 messages)
* DHCPv6 Stateful (Only using the DHCPv6 messages)
Note that although the RA message denes how the client can get an IPv6 address dynamically, the Client's operating system may
choose to ignore the RA message and use only the services of a DHCPv6 server.
SLAAC is the default option on Cisco routers. Both the M ag and the O ag are set to 0 (bit) in the RA message. On the client, the IPv6
global unicast address is created by combining the Prex given by the RA message and the interface ID using EUI-64 or a randomly
generated value as occurs in PCs that use the Windows operating system.
If there were previous modications of the M and O ags in a device, we can reset the interface to operate only with SLAAC with the
following conguration in interface mode:
Router (cong-if) # no ipv6 nd managed-cong-ag
Router (cong-if) # no ipv6 nd other-cong-ag
DHCPv6 Stateless
The DHCPv6 stateless option informs the client to use the information in the RA message to get the IPv6 addressing, but additional
conguration parameters are available from a DHCPv6 server. (for example, IPv6 address of the DNS Server). It is dened with this name
because the DHCPv6 server does not maintain any client status information (such as the list of available and assigned IPv6 addresses).
For DHCPv6 Stateless, the O ag is set to 1 (bit) and the M ag is left at the default setting of 0 (bit). The value of the O ag = 1 is used
to inform the client that additional conguration information is available from a DHCPv6 server.
To modify the RA message sent from the interface of a router to indicate DHCPv6 Stateless, use the following command:
Router (cong-if) # ipv6 nd other-cong-ag
DHCPv6 Stateful
This option is the most similar to DHCP that we study in IPv4 networks. In this case, the RA message informs the customer that he
should not use the information of its message and all IPv6 addressing information and additional conguration parameters must be
obtained from a DHCPv6 Server Stateful. It is dened with this name because the DHCPv6 server maintains IPv6 status information. (List
of assigned IPv6 addresses, for example)
The M ag indicates if the DHCPv6 Stateful should be used or not. The O ag is not involved and it can be ignored. The following
command is used to change the M ag from 0 to 1 and so, indicate the DHCPv6 Stateful:
Router (cong-if) # ipv6 nd managed-cong-ag
DHCPV6 - Additional characteristics:
* DHCPv6 has a 4-way negotiation process. Use the following messages:
- REQUEST: A client sends this message to locate DHCPv6 servers using the multicast address FF02::1:2 which is the multicast address
of all DHCPv6 Servers.
- ADVERTISE: The servers respond to the Request messages with an Advertise message (unicast) that provides addressing information
to the Client.
- REQUEST: The client sends this message to the Server conrming the addresses provided and any other parameters.
- REPLY: The server ends the process with this message containing the assigned IPv6 address and the respective conguration
parameters.
* The DHCPv6 Server uses UDP port 547 and DHCPv6 Client uses UDP port 546
* DHCPv6 can be implemented in two forms:
3. 16/11/2020 Analyzing DHCPv6 Stateful and Stateless
https://learningnetwork.cisco.com/s/blogs/a0D3i0000033K6zEAE/analyzing-dhcpv6-stateful-and-stateless 3/11
- Rapid-Commit: the DHCP client gets the conguration parameters from the server through a quick exchange of two messages (Solicit
and Reply).
- Normal-commit: the DHCP client exchanges four messages (Solicit, Advertise, Request and Reply).
By default, normal-commit is used.
* In summary a comparison of messages between DHCPv4 and DHCPv6 is shown:
* Consider this summary table with the options for obtaining IPv6 address dynamically using RA messages:
DHCPv6 Stateful Analysis Topology
In this example, we have the following topology with a router and a real PC. Note that the "ipv6 unicast-routing" command is required on
router R1 as it is necessary to send ICMPv6 RA messages.
Note that in our conguration of the DHCPv6 pool, a default gateway was not specied, as was the case in IPv4 with the “default-router”
command. This happens because the router automatically sent its own local link address (FE80::1) as the default gateway through the
RA message we saw in the topology shown.
We can see in the following “show” commands, in rst place, the name of the DHCPv6 pool and the congured parameters and second
place, we do not see any output since we do not have a DHCPv6 Client that has received an IPv6 address.
The DHCPv6 Unique Identier (DUID) is used by DHCPv6 to identify the DHCPv6 Client and Server. There is only one DUID per Client and
only one DIUD per Server.
4. 16/11/2020 Analyzing DHCPv6 Stateful and Stateless
https://learningnetwork.cisco.com/s/blogs/a0D3i0000033K6zEAE/analyzing-dhcpv6-stateful-and-stateless 4/11
In this case, we see other “show” commands where we see the DUID of the DHCPv6 Server and also the eect of having the M ag = 1
that indicates that the Hosts must use DHCPv6 to get a Global Unicast IPv6 address that has the characteristic of being routable
addresses.
The initial conguration of the PC is shown:
Applying the “no shutdown” command to the interface G1 of router R1, we will rst see the dynamic IPv6 addressing was gotten and the
conguration parameters assigned to the PC:
5. 16/11/2020 Analyzing DHCPv6 Stateful and Stateless
https://learningnetwork.cisco.com/s/blogs/a0D3i0000033K6zEAE/analyzing-dhcpv6-stateful-and-stateless 5/11
The PCs that operate in Windows generate by default a random Interface ID value for the auto-conguration of IPv6 with SLAAC instead
of the EUI-64 method. However, we can disable through the Windows CMD in Administrator mode with the following command: “netsh
interface ipv6 set global randomizeidentiers=disabled”
Now we will see the outputs of the “show” commands of router R1:
And we have the captures of the DHCPv6 messages using Wireshark:
SOLICIT
7. 16/11/2020 Analyzing DHCPv6 Stateful and Stateless
https://learningnetwork.cisco.com/s/blogs/a0D3i0000033K6zEAE/analyzing-dhcpv6-stateful-and-stateless 7/11
REPLY
If we analyze these captures, we see that this information completely coincides with the outputs obtained on Router R1 and the Client
(Host)
DHCPv6 Stateless Analysis Topology
For this example, we have the following topology with two routers implemented in GNS3. Take into account that the "ipv6 unicast-
routing" command is required on router R1, the case is dierent with the router R2 because it will act as Client.
Seeing the following “show” command on router R1, which is the DHCP Stateless Server. In this case we see the eect of having the O
ag = 1 that indicates that hosts must use SLAAC to get a Global Unicast IPv6 address and for other conguration parameters we must
use DHCPv6.
8. 16/11/2020 Analyzing DHCPv6 Stateful and Stateless
https://learningnetwork.cisco.com/s/blogs/a0D3i0000033K6zEAE/analyzing-dhcpv6-stateful-and-stateless 8/11
We have the initial conguration of router R2, which is DHCPv6 Client, where we see its IPv6 link-local address, we also see the DUID of
the DHCPv6 Client and the MAC address of its interface. Note that part of the DUID value is formed using the MAC address.
Applying the "no shutdown" command to the Interface f0/0 of router R2, we will rst see as it gets the IPv6 addressing via SLAAC and
the conguration parameters from the DHCPv6 Stateless server:
In the DHCPv6 Stateless Server (R1), we have no control of the IPv6 addresses assigned by SLAAC. The "show" commands prove it:
9. 16/11/2020 Analyzing DHCPv6 Stateful and Stateless
https://learningnetwork.cisco.com/s/blogs/a0D3i0000033K6zEAE/analyzing-dhcpv6-stateful-and-stateless 9/11
And we have the capture of the following messages using Wireshark:
RA message
DHCPv6 messages
The "Information-request" message is sent by the Client to request the conguration parameters without assigning an IPv6 address to
this Client.
We can see the "Reply" message that is sent by the DHCPv6 Stateless Server with the conguration parameters to the Client.
10. 16/11/2020 Analyzing DHCPv6 Stateful and Stateless
https://learningnetwork.cisco.com/s/blogs/a0D3i0000033K6zEAE/analyzing-dhcpv6-stateful-and-stateless 10/11
If we analyze these captures, we see that this information completely coincides with the outputs obtained in the DHCP Stateless Server
(R1) and the Client (R2)
There is really much more to deepen about IPv6 networks and especially the DHCPv6 protocol. However with this article I want to
motivate the compatriots of my country, Peru and the members of this excellent community from all over the world to continue studying,
practicing with laboratories and using blogs or videos on the Internet as additional material. Don't study to pass only one exam, but also
that it can be part of your working life and enjoy doing what you like to do, which is to be a professional expert in Cisco network
technologies. I am sure that if we strive to improve as human beings and as professionals, we can contribute to the development of our
countries.
Author
Ing_Percy (/s/prole/0053i000002nCpWAAU)
Post
Share an update... Share
Sort by:
Most Recent Activity Search this feed...
Rigo - SysAdmin (/s/prole/0053i000001yCjvAAE) updated this record.
March 24, 2020 at 5:44 PM (/s/feed/0D53i00000R9WtDCAV)
Author
Micheline Murphy to Percy Luis Venturo Huares
Like Comment
9 comments 106 views