What is the best way to configure DHCPv6 on Cisco IOS.
I need help setting up DHCP pools
DHCP and router broadcasting on an interface
and specifying how it is to route.
I believe I have my zone-security configured properly. I just need help figuring out how to configure it all properly.
interface Tunnel0
description Hurricane Electric IPv6 Tunnel Broker
no ip address
zone-member security OUTSIDE
ipv6 address 2001:470:XXX8:AB::2/64
ipv6 enable
tunnel source GigabitEthernet0/0
tunnel mode ipv6ip
tunnel destination 66.XXX.XXX.XXX
!
interface GigabitEthernet0/1.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
zone-member security vlan20
no cdp enable
ipv6 address 2001:470:XXX9:AB:2000::1/68
ipv6 enable
ipv6 nd prefix 2001:470:XXX9:AB:2000::/68 14400 14400 no-autoconfig
ipv6 nd managed-config-flag
ipv6 dhcp server vlan20
!
ipv6 dhcp pool vlan20
address prefix 2001:470:XXX9:AB:2000::/68
dns-server 2620:119:35::35
dns-server 2620:119:53::53
!
ipv6 access-list ip620-TO-OUTSIDE
permit ipv6 2001:470:XXX9:AB:2000::/68 any
control-plane host
!
ipv6 route ::/0 Tunnel0
I can ping ipv6 and traceroute ipv6 from the router. I get ipv6 addresses on my hosts and my hosts can ping eachother. but no route to the internet.
Help?
Update. I can also ping my tunnel ip from my dhcp hosts.
NASA#show ipv6 cef switching stati
Reason Drop Punt Punt2Host
RP LES Packet destined for us 0 7398 0
RP LES Bad hop, TTL expired 0 244 0
RP LES Features 47099 0 0
RP LES Link-local source address 1 1612 0
RP LES Neighbor resolution req 39 0 0
RP LES Total 47139 9254 0
still struggling
Do you have "ipv6 unicast routing" enabled on your router? (or something close to that)
Quote from: cholzhauer on January 20, 2020, 06:36:42 AM
Do you have "ipv6 unicast routing" enabled on your router? (or something close to that)
"ipv6 unicast-routing"
Yes.
https://pastebin.com/UsDCfjpF
My zone based firewall config