I'm having a heck of a time with my setup. And more confused after looking through the forum discussions.
I have a cable modem connected to a Cisco 1811 Router (fa0) with a built-in switch. It receives a DHCP address from RoadRunner.
Then an XP(SP2) PC connected to one of the switch ports.
The router is running IOS v 12.4(22)T. No security zones or policy-maps are enabled.
I can telnet to the router and can ping ipv6.google.com successfully.
The XP PC gets an IPv4 address via DHCP, 192.168.6.13. It is a new PC, no AV or firewall enabled.
I have issued the XP IPv6 recommended commands from the tunnel details page. I believe this is for the PC to terminate one end of the tunnel but my router handles it instead.
In looking at the "IPv6 if" command I only see FE80: addresses associated with the interfaces so it is not getting a 2001: address from the router. (Should it?)
I tried the "ipv6 nd prefix 2001:470:5:1f4::/64 inf inf" command as mentioned in another thread but it didn't seem to make a difference.
I also tried a manual address on the PC of "ipv6 adu 2/2001:470:d859::2" but no change.
I did issue the "ipv6 rtu ::/0 2/::209.51.161.58 pub" command on the PC.
I just seem to be missing that last step that would tie it all together to get packets to the router and into the tunnel. The PC cannot ping any ipv6 addresses on the router.
My Cisco certification is ashamed of me. :(
Here is a boatload of info from my router and PC:
Info about the tunnel from HE page:
Server IPv4: 209.51.161.58
Client IPv4: 75.183.52.248 (no worries about publishing this address)
Server IPv6: 2001:470:4:1f4::1/64
Client IPv6: 2001:470:4:1f4::2/64
Routed /48: 2001:470:d859::/48
Routed /64: 2001:470:5:1f4::/64
=== Cisco Router Config ===
interface Tunnel0
description Hurricane Electric IPv6 Tunnel Broker
no ip address
ipv6 address 2001:470:4:1F4::2/64
ipv6 enable
tunnel source 75.183.52.248
tunnel destination 209.51.161.58
tunnel mode ipv6ip
!
interface FastEthernet0
description WAN outside facing cable modem
ip address dhcp client-id FastEthernet0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
ipv6 nd ra suppress [tried both with and without]
interface Vlan1
description VLAN toward PC's
ip address 192.168.6.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
ipv6 address 2001:470:D859::1/64
ipv6 enable
!
ip nat inside source list 1 interface FastEthernet0 overload
!
access-list 1 permit 192.168.6.0 0.0.0.255
!
ipv6 route ::/0 Tunnel0
=== End Cisco Router Config ===
=== Cisco IPv6 Interface Info ===
sho ipv6 int tunnel0
Tunnel0 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::4BB7:34F8
No Virtual link-local address(es):
Description: Hurricane Electric IPv6 Tunnel Broker
Global unicast address(es):
2001:470:4:1F4::2, subnet is 2001:470:4:1F4::/64
Joined group address(es):
FF02::1
FF02::1:FF00:2
FF02::1:FFB7:34F8
MTU is 1480 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds (using 25725)
Default router is FE80::21A:A0FF:FE0E:832E on Vlan1
sho ipv6 int fa0
[nothing shown]
sho ipv6 int vlan1
Vlan1 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::213:C4FF:FEF4:7AC6
No Virtual link-local address(es):
Description: VLAN toward PC's
Global unicast address(es):
2001:470:D859::1, subnet is 2001:470:D859::/48
Joined group address(es):
FF02::1
FF02::1:FF00:1
FF02::1:FFF4:7AC6
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds (using 33475)
Default router is FE80::21A:A0FF:FE0E:832E on Vlan1
=== End Cisco IPv6 Interface Info ===
=== Cisco IPv6 Route Table ===
sho ipv6 route
IPv6 Routing Table - Default - 7 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, M - MIPv6, R - RIP, D - EIGRP
EX - EIGRP external
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
S ::/0 [1/0]
via Tunnel0, directly connected
C 2001:470:4:1F4::/64 [0/0]
via Tunnel0, directly connected
L 2001:470:4:1F4::2/128 [0/0]
via Tunnel0, receive
C 2001:470:5:1F4::/64 [0/0]
via Vlan1, directly connected
C 2001:470:D859::/48 [0/0]
via Vlan1, directly connected
L 2001:470:D859::1/128 [0/0]
via Vlan1, receive
L FF00::/8 [0/0]
=== End Cisco IPv6 Route Table ===
=== Output of Router Debug ipv6 icmp ===
[ Where is this coming from? Looks like my side, runs continously]
004310: *Dec 3 03:38:37.551 UTC: ICMPv6: Received N-Solicit, Src=2001:470:4:1F4
::1, Dst=2001:470:4:1F4::2
004311: *Dec 3 03:38:37.551 UTC: ICMPv6: Sent N-Advert, Src=2001:470:4:1F4::2,
Dst=2001:470:4:1F4::1
004312: *Dec 3 03:38:38.551 UTC: ICMPv6: Received N-Solicit, Src=2001:470:4:1F4
::1, Dst=2001:470:4:1F4::2
004313: *Dec 3 03:38:38.551 UTC: ICMPv6: Sent N-Advert, Src=2001:470:4:1F4::2,
Dst=2001:470:4:1F4::1
=== End Output of Router Debug ipv6 icmp ===
=== Output of [PC] ipv6 if command ===
[ with ipv6 adu 2/2001:470:d859::2 command ]
Interface 5: Teredo Tunneling Pseudo-Interface
Guid {B1995C5C-70C3-4C73-85AF-1C6B05ECDE92} zones: link 5 site 2 cable unplugged uses
Neighbor Discovery uses Router Discovery routing preference 2 link-layer address:
0.0.0.0:0 preferred link-local fe80::ffff:ffff:fffd, life infinite multicast
interface-local ff01::1, 1 refs, not reportable multicast link-local ff02::1, 1
refs, not reportable link MTU 1280 (true link MTU 1280) current hop limit 128
reachable time 18500ms (base 30000ms) retransmission interval 1000ms DAD transmits
0 default site prefix length 48
Interface 4: Ethernet: Local Area Connection
Guid {7E905548-1BB2-4088-8D94-0062222259BA} uses Neighbor Discovery uses Router
Discovery link-layer address: 00-1a-a0-0e-83-2e preferred link-local
fe80::21a:a0ff:fe0e:832e, life infinite multicast interface-local ff01::1, 1
refs, not reportable multicast link-local ff02::1, 1 refs, not reportable
multicast link-local ff02::1:ff0e:832e, 1 refs, last reporter link MTU 1500 (true
link MTU 1500) current hop limit 128 reachable time 29000ms (base 30000ms)
retransmission interval 1000ms DAD transmits 1 default site prefix length 48
Interface 3: 6to4 Tunneling Pseudo-Interface
Guid {A995346E-9F3E-2EDB-47D1-9CC7BA01CD73} does not use Neighbor Discovery does not
use Router Discovery routing preference 1 link MTU 1280 (true link MTU 65515)
current hop limit 128 reachable time 42500ms (base 30000ms) retransmission
interval 1000ms DAD transmits 0 default site prefix length 48
Interface 2: Automatic Tunneling Pseudo-Interface
Guid {48FCE3FC-EC30-E50E-F1A7-71172AEEE3AE}
does not use Neighbor Discovery does not use Router Discovery routing preference 1
EUI-64 embedded IPv4 address: 0.0.0.0 router link-layer address: 0.0.0.0
preferred global 2001:470:d859::2, life infinite (manual) preferred link-local
fe80::5efe:192.168.6.13, life infinite link MTU 1280 (true link MTU 65515) current
hop limit 128 reachable time 21000ms (base 30000ms) retransmission interval 1000ms
DAD transmits 0 default site prefix length 48
Interface 1: Loopback Pseudo-Interface
Guid {6BD113CC-5EC2-7638-B953-0B889DA72014} zones: link 1 site 3
does not use Neighbor Discovery does not use Router Discovery link-layer address:
preferred link-local ::1, life infinite preferred link-local fe80::1, life
infinite link MTU 1500 (true link MTU 4294967295) current hop limit 128 reachable
time 19500ms (base 30000ms) retransmission interval 1000ms DAD transmits 0
default site prefix length 48
== End Output of [PC] ipv6 if command ===
Hoping someone can provide a life-giving spark. Thank you in advance for helping me get some sleep.
Kevin Long, CCSP
w00t! Driving in the IPv6 lane on the Information SuperHighway.
I wanted to share what I have learned this evening on my network setup.
My last post was very long so this one only contains the important items.
My XP PC was not getting any routable addresses from the router. I created an IPv6 DHCP pool on the router.
I did an "netsh int ipv6 uninstall", reboot, and then a "netsh int ipv6 install" to clear out all of the configs I did last night.
To see if any routes appeared I did "netsh int ipv6 show route" and they were there.
So, after getting your router configured just install IPv6 and you should be good to go.
To make sure this actually was the correct way to do things I deleted the v6DHCP commands and rebooted the PC. No v6 addresses were given. I added the v6DHCP lines back to the router and I received my 2001: addresses.
Note: I turned (Cisco) debugging on for the v6DHCP and did not see any addresses being given out but without them nothing worked.
I ask the moderator to edit my post if they feel it contains incorrect information.
Good luck.
Kevin
All comment lines start with !!!.
!!! important parts of the IOS config
ipv6 unicast-routing
ipv6 cef
!!! set up the v6 DHCP pool
ipv6 dhcp pool poolv6
!!! use the Routed /64 address from your tunnel
!!! the 005004... part came from a sample config I found
!!! Unknown what it actually does or stands for
prefix-delegation 2001:470:5:1F4::/64 0005000400F1A4D07003
prefix-delegation pool prefix-pool lifetime 1800 60
!!! this dns address came from www.internic.net/zones/named.root
dns-server 2001:503:BA3E::2:30
domain-name yourdomain.com
!!! this config is directly from the HE sample config for Cisco IOS
interface Tunnel0
description Hurricane Electric IPv6 Tunnel Broker
no ip address
ipv6 address 2001:470:4:1F4::2/64
ipv6 enable
tunnel source 75.183.52.248
tunnel destination 209.51.161.58
tunnel mode ipv6ip
!
!!! Cisco interface to cable modem - no changes
interface FastEthernet0
description WAN interface facing cable modem
ip address dhcp client-id FastEthernet0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
ipv6 nd ra suppress
!
interface Vlan1
description VLAN toward PC's
ip address 192.168.6.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!!! use your Routed /48 address with a 1 on the end
ipv6 address 2001:470:D859::1/48
ipv6 enable
!!! use your Routed /64 address
ipv6 nd prefix 2001:470:5:1F4::/64 infinite infinite
!!! use the DHCP pool on this interface
ipv6 dhcp server poolv6
!!! static route from HE sample config
ipv6 route ::/0 Tunnel0
Kevin,
Do you have to use DHCP? I was under the impression that autoconfigure would work through a Cisco device.
hi, with this config do you have ipv4/ipv6 connectivity through the internet? i can ping ipv4 addresses from th cisco but not from the pc hosts. you dont need ipv6 dhcp, stateless ipv6 works ok, you can enable security extenxions on the hosts to avoid the mac address to be shown.