Although the two biggest reasons why networks might migrate from IPv4 to IPv6 are the need for more addresses and mandates from government organizations, at least IPv6 includes some attractive features and migration tools. Some of those IPv6 advantages are:
- Address assignment features:IPv6 supports a couple of methods for dynamic address assignment, including DHCP and Stateless Autoconfiguration.
- Built-in support for address renumbering:IPv6 supports the ability to change the public IPv6 prefix used for all addresses in an Enterprise, using the capability to
advertise the current prefix with a short timeout and the new prefix with a longer lease life.
- Built-in support for mobility:IPv6 supports mobility such that IPv6 hosts can move around the Internetwork and retain their IPv6 address without losing current
- Provider independent and dependent public address space:ISPs can assign public IPv6 address ranges (dependent), or companies can register their own public
address space (independent).
- Aggregation:IPv6’s huge address space makes for much easier aggregation of blocks of addresses in the Internet, making routing in the Internet more efficient.
- No need for NAT/PAT:The huge public IPv6 address space removes the need for NAT/PAT, which avoids some NAT-induced application problems and makes for more efficient routing.
- IPsec:Unlike IPv4, IPv6 requires that every IPv6 implementation support IPsec. IPv6 does not require that each device use IPsec, but any device that implements IPv6 must also have the ability to implement IPsec.
- Header improvements:Although it might seem like a small issue, the IPv6 header actually improves several things compared to IPv4. In particular, routers do not need to recalculate a header checksum for every packet, reducing per-packet overhead. Additionally, the header includes a flow label that allows for easy identification of packets sent over the same single TCP or UDP connection.
- No broadcasts:IPv6 does not use Layer 3 broadcast addresses, instead relying on multicasts to reach multiple hosts with a single packet.
- Transition tools: the IPv6 has many rich tools to help with the transition from IPv4 to IPv6.
IPv6 addresses also provide flexibility not found in IPv4, including the following features:
- Stateless autoconfiguration—IPv6 provides address autoconfiguration that includes the device’s data link layer address in the IPv6 address for “plug-and-play” functionality. (A version of the stateful dynamic host control protocol [DHCP] is also provided; the DHCP server keeps track of the state of the DHCP client.)
- Prefix renumbering—IPv6 allows simplified mechanisms for address and prefix renumbering. The router advertises the new prefix and the other devices on the network can begin to use the new information. This process can be made nondisruptive to the hosts on the network by manipulating valid and preferred timers for eachIPv6 address.
- Multiple addresses per interface—IPv6 interfaces can have multiple addresses of various types assigned to them; these addresses can be used simultaneously.
- Link-local addresses—IPv6 devices automatically create a link-local address on each interface; these addresses are used for many purposes. For example, the interior gateway protocols (IGPs) use a link-local address as the next hop when they are exchanging routing updates.
- Provider-dependent or provider-independent addressing—Because there are so many addresses available, enterprises can use addresses from an ISP, or use their own provider-independent addressing space.
Global Unicast Addressing, Routing, and Subnetting
The original Internet design called for all organizations to register and be assigned one or more public IP networks (Class A, B, or C). By registering to use a particular public network number, the company or organization using that network was assured by the numbering authorities that no other company or organization in the world would be using the same addresses. As a result, all hosts in the world would have globally unique IP addresses.
The Internet grew tremendously. It became clear by the early 1990s that something had to be done:
- CIDR and NAT/PAT : the shortage of public addresses all the public IP networks would be sortly assigned, and no more existed.
- size of the routing tables: the IP routing tables in Internet routers were becoming too large for the router technology of that day. So, the
The address assignment strategy for IPv6 is elegant, but simple, and can be roughly summarized as follows:
■ Public IPv6 addresses are grouped (numerically) by major geographic region.
■ Inside each region, the address space is further subdivided by ISPs inside that region.
■ Inside each ISP in a region, the address space is further subdivided for each customer.
The same organizations handle this address assignment for IPv6 as for IPv4. The Internet Corporation for Assigned Network Numbers (ICANN, www.icann.org) owns the process, with the Internet Assigned Numbers Authority (IANA) managing the process.
The IPv6 global address assignment plan results in more efficient routing.
Although there might be hundreds of ISPs operating in north America, and hundreds of thousands of Enterprise customers of those ISPs, and tens of millions of individual customers of those ISPs, all the public IPv6 addresses can be from one (or a few) very large address blocks–requiring only one (or a few) routes on the Internet routers in other parts of the world.
Conventions for Representing IPv6 Addresses
IPv6 conventions use 32 hexadecimal numbers, organized into 8 quartets of 4 hex digits separated by a colon, to represent a 128-bit IPv6 address
2340:1111:AAAA:0001:1234:5678:9ABC:1234hex bin dec
1 2 3 4 5 6 7 8
0 0000 0
1 0001 1
2 0010 2
A 1010 10
F 1111 15
To make things a little easier, two conventions allow you to shorten what must be typed for an IPv6 address:
■ Omit the leading 0s in any given quartet.
■ Represent one or more consecutive quartets of all hex 0s with “::” but only for one such occurrence in a given address.
“::” abbreviation, meaning “one or more quartets of all 0s,” cannot be used twice because that would be ambiguous.
So, the abbreviation FE00::1::56 would not be valid.
Conventions for Writing IPv6 Prefixes
Classful IPv4 addressing means that the class rules always identify part of the address as the network part.
For example, the written value 22.214.171.124/24 (or 126.96.36.199 255.255.255.0) means 16 network bits (because the address is in a class B network), 8 host bits (because the mask has 8 binary 0s), leaving 8 subnet bits.
The same value, interpreted with classless rules, means prefix 188.8.131.52, prefix length 24.
Classless addressing and classful addressing just give slightly different meaning to the same numbers.
IPv6 uses a classless view of addressing, with no concept of classful addressing.
Like IPv4, IPv6 prefixes list some prefix value, a slash, and then a numeric prefix length.
2000:1234:5678:9ABC:1234:5678:9ABC:1111/64If the prefix length is not a multiple of 16, then the boundary between the prefix and the interface ID (host) part of the address is inside a quartet
/64 means that the prefix (subnet) in which this address resides is the subnet that includes all addresses that begin with the same first 64 bits as the address.
2000::/3 - All addresses whose first 3 bits are equal to the first 3 bits of hex number 2000 (bits are 001).
incorrect 2000/3 (omits ::) 2::/3 (omits the trailing 0s in the first quartet)
2340:1140::/26 All addresses whose first 26 bits match the listed hex number.
incorrect 2340:114::/26 (omits trailing 0 in the second quartet
2340:1111::/32 All addresses whose first 32 bits match the listed hex number.
incorrect 2340:1111/32 (omits ::)
Global Unicast Prefix Assignment Example
IPv6 standards reserve the range of addresses inside the 2000::/3 prefix as global unicast addresses. This address range includes all IPv6 addresses that begin with binary 001, or as more easily recognized, all IPv6 addresses that begin with a 2 or 3.
1) assume that IANA assigns prefix 2340::/12 to ARIN
The process starts with IANA, who owns the entire IPv6 address space and assigns the rights to registry prefixto one of the RIRs (ARIN in this case, in North America).
2) ARIN might assign site prefix2340:1111::/32 to NA-ISP1
NA-ISP1 asks ARIN for a prefix assignment
3) NA-ISP1 assigns Company1 the site prefix 2340:1111:AAAA::/48
Company1 asks its ISP, NA-ISP1, for the assignment of an IPv6 prefix, 2340:1111:AAAA::/48 which is a large range of addresses: 2^80 in this case
The /48 prefix assigned to a single company is called either a global routing prefix or a site prefix.
Subnetting Global Unicast IPv6 Addresses Inside an Enterprise
From a classless perspective, you can view the IPv6 addresses as follows:
■ The prefix assigned to the Enterprise by the ISP (the global routing prefix) acts like the prefix assigned for IPv4.
■ The Enterprise engineer extends the prefix length, borrowing host bits, to create a subnet part of the address with which to identify individual subnets.
■ The remaining part of the addresses on the right, called either the interface ID or host part, works just like the IPv4 host part, uniquely identifying a host inside a subnet.
|IPv6 subnetting - creating a 16-bit subnet part of the address structure|
The 16-bit subnet field allows for 2^16, or 65,536, subnets–overkill for all but the very largest organizations or companies.
The host field is seemingly even more overkill: 2^64 hosts per subnet, which is more than 1,000,000,000,000,000,000 addresses per subnet.
Registry prefix By IANA to an RIR 2340::/12
ISP prefix By an RIR to an ISP 2340:1111/32
Site prefix or global routing prefix By an ISP or registry to a customer(site) 2340:1111:AAAA/48
Subnet prefix By an Enterprise engineer for each individual link 2340:1111:AAAA:0001/64
Assigning IPv6 Global Unicast Addresses
IPv6 actually has four major options for IPv6 global unicast address assignment.
Each method can use dynamic processes or static configuration, and each method can differ in terms of how a host or router gathers the other pertinent information (such as DNS IP addresses).
1) Statefull DHCP
IPv6 hosts can use stateful DHCP to learn and lease an IP address and corresponding prefix length (mask) and the DNS IP address(es) (without IP address of the default router).
The concept works basically like DHCP for IPv4; the host sends a (multicast) packet searching for the DHCP server. When a server replies, the DHCP client sends a message asking for a lease of an IP address, and the server replies, listing an IPv6 address, prefix length, and DNS IP addresses. (Note that Stateful DHCPv6 does not supply the default router information, instead relying on Neighbor Discovery Protocol between the client and local routers.)
The names and formats of the actual DHCP messages have changed quite a bit from IPv4 to IPv6, so DHCPv4 and DHCPv6 actually differ in detail, but the basic process remains the same.
DHCPv4 servers retain state information about each client, such as the IP address leased to that client, and the length of time for which the lease is valid. In other words, DHCPv4 tracks the current state of DHCP clients.
DHCPv6 servers happen to have two operational modes:
- stateful, in which the server does track state information, and
- stateless, in which the server does not track any state information.
Stateful DHCPv6 servers fill the same role as the older DHCPv4 servers, whereas stateless DHCPv6 servers fill a different purpose as one part of the stateless autoconfiguration process.
The multicast address FF02::1:2 - "All DHCP servers and relay agents on the local network segment" (defined in RFC 3315) (longhand FF02:0000:0000:0000:0000:0000:0001:0002) has been reserved in IPv6 to be used by hosts to send packets to an unknown DHCP server, with the routers working to forward these packets to the appropriate DHCP server.
2) Stateless Autoconfiguration
Stateless autoconfiguration allows a host to automatically learn the key pieces of addressing information–prefix, host,
and prefix length–plus the default router IP address and DNS IP addresses.
- IPv6 NDP - Neighbor Discovery Protocol (NDP), particularly the router solicitation and router advertisement messages, to learn the prefix, prefix length, and default router.
- Some math to derive the interface ID (host ID) portion of the IPv6 address, using a format called EUI-64
- Stateless DHCP to learn the DNS IPv6 addresses
IPv6 NDP performs several functions which are listed below;
- Router Discovery – The ability for a node to discover local routers on a network segment without the aid of a DHCP server.
- Parameter Discovery – The ability for a node to discover link parameters such as MTU and hop limits for its links.
- Prefix Discovery – The ability for a node to discover the prefix or prefixes assigned to a specific IPv6 link.
- Address Autoconfiguration – The ability for a node to determine its full unique i address without the aid of a DHCP server.
- Duplicated Address Detection (DAD) – The ability for a node to determine rather or not an IPv6 address it attempts to use already exist.
- Address Resolution – The ability for a node to discover the link-layer addresses of other node(s) on a link without the use of Address Resolution Protocol (ARP).
- Next-Hop Determination – The ability for a node to determine the next link-layer hop on a network link; a local node or router destination.
- Neighbor Unreachability Detection – The ability for a node to determine when a neighboring device on the network link is no longer reachable.
- Redirect – The ability for a router to notify a host that a better path exist to reach a given destination.
Five new ICMPv6 messages are defined in RFC2461 which you be aware. These messages which are listed below are responsible for the operation of NDP:
- Router Advertisement (RA) – An RA is a message that originates from a Router, (Cisco or non-Cisco) to advertise their existence on a network link. These RA’s also include link parameters and are sent automatically periodically and in response of a Router Solicitation (RS) message.
- Router Solicitation (RS) – These messages originate from host nodes to request that any router on the link respond with a RA.
- Neighbor Solicitation (NS) – These messages are sent from a node requesting the link layer address of another node and also used by the duplicate address detection and neighbor unreachability detection mechanisms.
- Neighbor Advertisement (NA) – These messages are sent in response to a NS message. If a node changes its link-layer address then a NA can be used to send an unsolicited advertisement to advertise its new address.
- Redirect – These messages are used in the same fashion as IPv4 ICMP redirects however they have been migrated from ICMP in IPv4 to native operation NDP which uses ICMPv6 to function.
The IPv6 Neighbor Discovery Protocol (NDP) has many functions:
- Router Discovery (IPv6 hosts can automatically locate default routers on the link)
This is accomplished through the use of two ICMPv6 messages: Router Solicitation (type 133) and Router Advertisement (type 134). When first joining a link, an IPv6 host multicasts a router solicitation to the all routers multicast group, and each router active on the link responds by sending a router advertisement with its address to the all nodes group.
- Prefix Discovery
IPv6 host to automatically configure itself with an address from a prefix learned from a local router through prefix discovery. This is done by concatenating a candidate learned prefix with the EUI-64 address of the host's interface. In this manner, a host can achieve stateless autoconfiguration.
- Address Resolution (like ARP in IPv4)
In a process very similar to router discovery, two ICMPv6 messages are used: Neighbor Solicitation (type 135) and Neighbor Advertisement (type 136). A host seeking the link layer address of a neighbor multicasts a neighbor solicitation and the neighbor (if online) responds with its link layer address in a neighbor advertisement.
- Next-Hop Determination
As in IPv4, next-hop determination is simply a procedure for performing longest-match lookups on the host routing table and, for off-link destinations, the selection of a default router.
- Neighbor Unreachability Detection
NDP is able to determine the reachability of a neighbor by examining clues from upper-layer protocols (for example, received TCP acknowledgments), or by actively reperforming address resolution (via ICMPv6) when certain thresholds are reached.
- Duplicate Address Detection (DAD)
When a host first joins a link, it multicasts neighbor solicitations for its own IPv6 address for a short period before attempting to use that address to communicate. If it receives a neighbor advertisement in response, the host realizes that another neighbor on the link is already using that address. The host will mark the address as a duplicate and will not use it on the link.
Note that this process is similar to IPv4 gratuitous ARP requests, but NDP elegantly allows for detection of two hosts with the same address before both hosts are actively sending traffic from the address.
The source address of this packet is the unspecified address "::"
A fifth type of ICMPv6 message, the Redirect (type 137), is used by routers to either point hosts toward a more preferable router, or to indicate that the destination actually resides on link. ICMPv4 provides the same capability with its own redirect message.
RA contains http://tools.ietf.org/html/rfc4861 :
- Prefix Information ( Prefix with Valid Lifetime and Preferred Lifetime)
The 32-bit valid lifetime is the number of seconds that the prefix should be considered on-link and that autoconfigured addresses using the prefix can be used. The 32-bit preferred lifetimeis the number of seconds that autoconfigured addresses using this prefix are preferred. Addresses configured via stateless autoconfiguration can be used until the preferred lifetime expires. If RAs stop coming, the preferred lifetime eventually expires and the address becomes “deprecated.” New sessions will not use deprecated addresses but should choose “preferred” (nondeprecated) addresses, if available. However, existing sessions will continue to use the deprecated address. Eventually, the “valid lifetime” also runs out, and the deprecated address is removed from the interface, dropping any sessions that are still using the address.
valid lifetime (if expired -> IPv6 addr not usable time) > preferred lifetime (usable if expired)
preferred lifetime - the length of time that a valid address is preferred (i.e., the time until deprecation). When the preferred lifetime expires, the address becomes deprecated.
valid lifetime - the length of time an address remains in the valid state (i.e., the time until invalidation). The valid lifetime must be greater than or equal to the preferred lifetime. When the valid lifetime expires, the address becomes invalid.
So once the preferred time expire the address is still useable but it is deprectated and you should switch over to another address.
Once the valid lifetime expires it is no longer useable at all.
- Redirected Header
- MTU option (type 5), which informs hosts of the IP MTU to use. For example, this value is typically set to 1500 for Ethernet networks. However, not all link types have a standardized MTU size. Including this option ensures all hosts know the correct MTU to use.
Router advertisements also specify the default value hosts should use for the IPv6 hop count. This isn't an option, but a field built into the router advertisement message header.
An ICMP Router advertisement message is sent as a multicast. Each router address/preference level pair is considered an entry in the list.
Each router periodically multicasts a Router Advertisement from each of its multicast interfaces, announcing the IP address(es) of that interface. Hosts discover the addresses of their neighboring routers simply by listening for advertisements. When a host attached to a multicast link starts up, it may multicast a Router Solicitation to ask for immediate advertisements, rather than waiting for the next periodic ones to arrive; if and only if no advertisements are forthcoming, the host may retransmit the solicitation a small number of times, but then must desist from sending any more solicitations.
Interface Command: no ipv6 nd suppress-ra -Send router advertisment messages.More detailed:
Interface Command: ipv6 nd suppress-ra -Don't send router advertisment messages.Interface Command: ipv6 nd prefix ipv6prefix [valid-lifetime] [preferred-lifetime] [off-link] [no-autoconfig] [router-address]
Configuring the IPv6 prefix to include in router advertisements. Several prefix specific optional parameters and flags may follow:
- valid-lifetime - the length of time in seconds during what the prefix is valid for the purpose of on-link determination. Value infinite represents infinity (i.e. a value of all one bits (
- preferred-lifetime - the length of time in seconds during what addresses generated from the prefix remain preferred. Value infinite represents infinity. Range:
- off-link - indicates that advertisement makes no statement about on-link or off-link properties of the prefix. Default: not set, i.e. this prefix can be used for on-link determination.
- no-autoconfig - indicates to hosts on the local link that the specified prefix cannot be used for IPv6 autoconfiguration. Default: not set, i.e. prefix can be used for autoconfiguration.
- router-address - indicates to hosts on the local link that the specified prefix contains a complete IP address by setting R flag. Default: not set, i.e. hosts do not assume a complete IP address is placed.
- One function allows IPv6 hosts to multicast a message that asks all routers on the link to announce two key pieces of information: the IPv6 addresses of routers willing to act as a default gateway and all known IPv6 prefixes on the link. This process uses ICMPv6 messages called a Router Solicitation (RS) and a Router Advertisement (RA).
- Some router connected to that same LAN must already be configured for IPv6. The router must have an IPv6 address configured, and it must be configured to route IPv6 traffic.
The RS asks all routers to respond to the questions
- “What IPv6 prefixs) is used on this subnet?” and
- “What is the IPv6 address(s) of any default routers on this subnet?”
IPv6 allows for multiple prefixes and multiple default routers to be listed in the RA message;
Because IPv6 dosent have any broadcast, by defining a different multicast IPv6 address for different functions, an IPv6 host that has no need to participate in a particular function can simply ignore those particular multicasts, reducing the impact to the host.
Multicast destination FF02::2 FF02::1NDP Example
Meaning of address All routers on this link All IPv6 nodes on this link
|New IPv6 host (Client1) with FE80::101 link-local IP, appear on LAN|
|IPv6 NDP process and packets|
Solicited-Node multicast addresses are used in Neighbor Discovery Protocol for obtaining the layer 2 link-layer addresses of other nodes.
Every IPv6 host will have at least one such address per interface.
A Solicited-Node multicast address is created by taking the last 24 bits of a unicast or anycast address and appending them to the prefix ff02:0:0:0:0:1:ff00::/104.
The result of this process is the IPv6 link-local solicited node multicast address that the Neighbor Solicitation packet is sent to.
2. MLD is used by IPv6 routers for discovering multicast listeners on a directly attached link, much like IGMP is used in IPv4.
3. Neighbor Advertisement (Type 136) is set to FF02::1 All nodes on the local network segment
R1(config)# interface gigabitethernet 0/0
R1(config-if)# ipv6 nd prefix 2001:abad:beef::/64
The ipv6 nd prefix command allows control over the individual parameters per prefix, including whether or not the prefix should be advertised.
By default, prefixes configured as addresses on an interface using the ipv6 address command are advertised in router advertisements. If you configure prefixes for advertisement using the ipv6 nd prefix command, then only these prefixes are advertised.
To automatically create a guaranteed-unique interface ID, IPv6 defines a method to calculate a 64-bit interface ID derived from that host’s MAC address. Because the burned-in MAC address should be literally globally unique, the derived interface ID should also be globally unique as well.
Universally administered and locally administered addresses are distinguished by setting the second-least-significant bit of the most significant byte (7th bit of MAC) of the address.
|7th and 8th bit of MAC address|
7th bit of MAC - U/L bit (universal/local
If 0, the MAC is global unique
if 1, the MAC is locally administered (manually set by administrator).
8th bit of MAC - unicast/multicast
0000'0000 00-e0-fc-9b-2c-ec 00:18:82 Huawei Technologies Co., Ltd.
0010'1000 28-6e-d4-f2-6f-59 00:E0:FC HUAWEI TECHNOLOGIES CO., LTD.
0000'0000 00-18-82-b1-7c-1b 28:6E:D4 HUAWEI TECHNOLOGIES CO.,LTD
1111'1100 fc-48-ef-c3-0f-d5 FC:48:EF HUAWEI TECHNOLOGIES CO.,LTD
0000'0000 Hardware is i82543 (Livengood), address is 0022.0c80.4008 (bia 0022.0c80.4008)
0000'0000 Hardware is C6k 1000Mb 802.3, address is 001a.6cd8.8319 (bia 001a.6cd8.8319)
0000'0000 Hardware is EtherChannel, address is 0013.1ab7.653c (bia 0013.1ab7.653c)
1101'0100 NIC d4:85:64:c7:xx:xx
Realtek NIC using Vlans on Windows OS
“A universally administered address is uniquely assigned to a device by its manufacturer; these are sometimes called “burned-in addresses” (BIA). The first three octets (in transmission order) identify the organization that issued the identifier and are known as the Organizationally Unique Identifier (OUI). The following three (MAC-48 and EUI-48) or five (EUI-64) octets are assigned by that organization in nearly any manner they please, subject to the constraint of uniqueness. The IEEE expects the MAC-48 space to be exhausted no sooner than the year 2100; EUI-64s are not expected to run out in the foreseeable future.
A locally administered address is assigned to a device by a network administrator, overriding the burned-in address. Locally administered addresses do not contain OUIs.
The 71st bit of a IPv6 address is the inverted ‘u’ (universal/local) bit and is used to determine whether the address is universally or locally administered.
Finding the DNS IP Addresses Using Stateless DHCP
- The stateless DHCP server function in IPv6 solves one particular problem: It supplies the DNS server IPv6 address(es) to clients. Because all hosts typically use the same small number of DNS servers, the stateless DHCP server does not need to keep track of any state information. An engineer simply configures the stateless DHCP server to know the IPv6 addresses of the DNS servers, and the servers tells any host or other device that asks, keeping no record of the process.
- Hosts that use stateless autoconfig also use stateless DHCP to learn the DNS server IPv6 addresses.
4) Static IPv6 Address Configuration
Two options exist for static configuration of IPv6 addresses:
- configure the entire 128-bit IPv6 address,
- configure the 64-bit prefix and tell the device to use an EUI-64 calculation for the interface ID portion of the address.
Both options result in the host or router interface knowing its full 128-bit IPv6 address and prefix length.
When a host uses either form of static IPv6 address configuration, the host does not need to statically configure the other key pieces of information (default router and DNS IP addresses). The host can use the usual NDP process to discover any default routers and stateless DHCP to discover the DNS IPv6 addresses.
When a router uses static IPv6 address configuration, it may still use stateless DHCP to learn the DNS IP addresses.
In IPv4, routers handle fragmentation, causing a variety of processing issues.
IPv6 routers no longer perform fragmentation; instead, a discovery process is used by the source IPv6 device to determine the optimum MTU to use during a given session. In this discovery process, the source IPv6 device attempts to send a packet at the size that is specified by the upper IP layers, for example, the transport and application layers. If the source IPv6 device receives an Internet Control Message Protocol for IPv6 (ICMPv6) “packet too big” message, it retransmits the MTU discover packet with a smaller MTU. This process is repeated until the device receives a response that the discover packet arrived intact. The device then sets the MTU for the session.
The ICMPv6 “packet too big” message contains the proper MTU size for the path.
Devices perform an MTU discovery every 5 minutes to see whether the MTU has increased along the path. Application and transport layers for IPv6 accept MTU reduction notifications from the IPv6 layer.
If for some reason these upper layers do not accept the notifications, IPv6 has a mechanism for source devices to fragment packets that are too large. However, upper layers are encouraged to avoid sending messages that require fragmentation.
IPv6 NDP (analogue of show IPv4 ARP)
The Neighbor Cache contains information maintained by the Neighbor Unreachability Detection algorithm.
A key piece of information is a neighbor's reachability state, which is one of five possible values:INCOMPLETE Address resolution is in progress and the link-layer address of the neighbor has not yet been determined.
REACHABLE Roughly speaking, the neighbor is known to have been reachable recently (within tens of seconds ago).
STALE The neighbor is no longer known to be reachable but until traffic is sent to the neighbor, no attempt should be made to verify its reachability.
DELAY The neighbor is no longer known to be reachable, and traffic has recently been sent to the neighbor. Rather than probe the neighbor immediately, however, delay sending probes for a short while in order to give upper-layer protocols a chance to provide reachability confirmation.
PROBE The neighbor is no longer known to be reachable, and unicast Neighbor Solicitation probes are being sent to verify reachability.
R2# sh ipv6 neighborsSTALE state means that these addresses were reachable previously, but the Reachable Time has expired since the last confirmation of their reachability.
IPv6 Address Age Link-layer Addr State Interface
FE80::C802:1EFF:FE8D:6 4 ca02.1e8d.0006 STALE Fa0/1
FE80::C800:1EFF:FE8D:8 4 ca00.1e8d.0008 STALE Fa0/0
R1# IPv6 Address Age Link-layer Addr State Interface
FE80::11 0 ccef.48ca.6c08 REACH Po46.1146
FE80::12 0 ccef.48ca.0d00 REACH Po46.1147
After the Reachable Time expires (30 seconds by default) without further 2-way reachability confirmation, the state of the entry changes back to STALE:
Mar 1 03:48:12.179: ICMPv6-ND: REACH -> STALE: FE80::1
Client-2#clear ipv6 neighbors
*Jun 24 08:37:53.567: ICMPv6-ND: STALE -> DELETE: 2001::1
Client-2#sh ipv6 nei
R1# debug ipv6 nd
ICMP Neighbor Discovery events debugging is on
*May 21 08:30:51.522: ICMPv6-ND: Request to send RA for FE80::C800:1EFF:FE8D:8
*May 21 08:30:51.522: ICMPv6-ND: Sending RA from FE80::C800:1EFF:FE8D:8 to FF02::1 on FastEthernet0/0
*May 21 08:30:51.526: ICMPv6-ND: MTU = 1500
*May 21 08:30:58.278: ICMPv6-ND: Received RA from FE80::C801:1EFF:FE8D:8 on FastEthernet0/0
NDP discovered results
R2# show ipv6 routers
Router FE80::C800:1EFF:FE8D:8 on FastEthernet0/0, last update 0 min
Hops 64, Lifetime 1800 sec, AddrFlag=0, OtherFlag=0, MTU=1500
Reachable time 0 (unspecified), Retransmit time 0 (unspecified)
Router FE80::C802:1EFF:FE8D:6 on FastEthernet0/1, last update 2 min
Hops 64, Lifetime 1800 sec, AddrFlag=0, OtherFlag=0, MTU=1500
Reachable time 0 (unspecified), Retransmit time 0 (unspecified)
R2#sh ipv6 protocols
IPv6 Routing Protocol is "connected"
IPv6 Routing Protocol is "ospf 1"
Interfaces (Area 0):
Interfaces (Area 1):
R2#sh ipv6 route
IPv6 Routing Table - Default - 5 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
O FEC0:1::1/128 [110/1]
via FE80::C800:1EFF:FE8D:8, FastEthernet0/0
LC FEC0:2::2/128 [0/0]
via Loopback1, receive
O FEC0:3::3/128 [110/1]
via FE80::C802:1EFF:FE8D:6, FastEthernet0/1
OI FEC0:4::4/128 [110/2]
via FE80::C802:1EFF:FE8D:6, FastEthernet0/1
L FF00::/8 [0/0]
via Null0, receive
R2#sh ipv6 cef
receive for Null0
nexthop FE80::C800:1EFF:FE8D:8 FastEthernet0/0
receive for Loopback1
nexthop FE80::C802:1EFF:FE8D:6 FastEthernet0/1
nexthop FE80::C802:1EFF:FE8D:6 FastEthernet0/1
go to IPv6 part 2