• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

How do you add IPv6 DNS Servers to Cisco IOS configuration?

Started by PatrickDickey, May 02, 2011, 03:22:48 PM

Previous topic - Next topic

PatrickDickey

Quote from: NewtonNet on May 20, 2011, 11:27:51 AM
Hi Patrick,

How did you get on with this issue?

As far as my understanding goes, the 'ip name-server' command is to enable the router to perform DNS lookups, and is not used (passed) to the client to use. For IPv4 DHCP this is instead done with the 'dns-server' sub-command within 'ip dhcp' and so I am curious how to achieve similar with IPv6.

Unfortunately I don't have any kit to hand to test this out right now hence why I am curious as to how you got on.

Mathew


You are correct (I believe) in what ip nameserver does.  I added those servers, and still have the same issues.  So, I think I need to configure dhcp (ipv6) on my router.  I'll do that this weekend.  One other question that I have is this:  When I set up my "default-gateway", would it be the eth1 address (LAN), Tunnel0 address, or the :1 address on my tunnelbroker account? (I'm thinking it's the eth1 address with my default route set, but I want to make sure before I start hacking into it).

Have a great day:)
Patrick.

jgeorge

Your default router needs to be on the same subnet as your hosts, so use the IPv6 address of eth1 on your router. The tunnel IP subnet should never appear outside of the router that establishes it.

Cheers,

Joe

NewtonNet

Quote from: PatrickDickey on May 20, 2011, 04:18:22 PMYou are correct (I believe) in what ip nameserver does.  I added those servers, and still have the same issues.  So, I think I need to configure dhcp (ipv6) on my router.  I'll do that this weekend.

Yes - I've just done this and can confirm it works. Details below if interested.

I opted to continue with stateless autoconfiguration on my clients and use DHCPv6 only for additional parameter configuration, including DNS server settings. The first task was therefore to configure the router to offer a DHCPv6 service with the Hurricane Electric's IPv6 DNS recursive resolver (2001:470:20::2):

ipv6 dhcp pool IPv6DHCPPOOL
dns-server 2001:470:20::2

interface Ethernet0
ipv6 dhcp server IPv6DHCPPOOL


For my Linux (Debian) clients I had to install 'wide-dhcpv6-client'. Having done this a packet trace showed the 4-part solicit/advertise/request/reply dialogue with the DNS recursive server address included. I've yet to look into how to get Windows clients to do similar.

Mathew

PatrickDickey

Quote from: NewtonNet on May 21, 2011, 08:03:36 AM
Quote from: PatrickDickey on May 20, 2011, 04:18:22 PMYou are correct (I believe) in what ip nameserver does.  I added those servers, and still have the same issues.  So, I think I need to configure dhcp (ipv6) on my router.  I'll do that this weekend.

Yes - I've just done this and can confirm it works. Details below if interested.

I opted to continue with stateless autoconfiguration on my clients and use DHCPv6 only for additional parameter configuration, including DNS server settings. The first task was therefore to configure the router to offer a DHCPv6 service with the Hurricane Electric's IPv6 DNS recursive resolver (2001:470:20::2):

ipv6 dhcp pool IPv6DHCPPOOL
dns-server 2001:470:20::2

interface Ethernet0
ipv6 dhcp server IPv6DHCPPOOL


For my Linux (Debian) clients I had to install 'wide-dhcpv6-client'. Having done this a packet trace showed the 4-part solicit/advertise/request/reply dialogue with the DNS recursive server address included. I've yet to look into how to get Windows clients to do similar.

Mathew

Hi Mathew,

Looking at your configuration for the ipv6 dhcp, my one question is where do your computers get their ip addresses from?  Do they get them from the dns-server (Tunnelbroker) or did you configure that portion (but leave the code out)?  I'll blame lack of sleep, if it's an obvious answer. ;)

I'm guessing that if they get them through the dns-server command, I won't be able to use stateless autoconfiguration (as my dns-servers will be OpenDNS, while my tunnel will be through tunnelbroker).

Have a great weekend:)
Patrick.

NewtonNet

Quote from: PatrickDickey on May 21, 2011, 08:22:16 AMLooking at your configuration for the ipv6 dhcp, my one question is where do your computers get their ip addresses from?  Do they get them from the dns-server (Tunnelbroker) or did you configure that portion (but leave the code out)?  I'll blame lack of sleep, if it's an obvious answer. ;)

They create their own addresses by combining their MAC addresses with the network prefix sent out by the router (in its router advertisements that are sent out periodically, and when asked to by clients). In particular, they don't get them via DHCP.

Happy to elaborate if it still doesn't make sense!

Mathew

PatrickDickey

Quote from: NewtonNet on May 21, 2011, 01:16:35 PM
Quote from: PatrickDickey on May 21, 2011, 08:22:16 AMLooking at your configuration for the ipv6 dhcp, my one question is where do your computers get their ip addresses from?  Do they get them from the dns-server (Tunnelbroker) or did you configure that portion (but leave the code out)?  I'll blame lack of sleep, if it's an obvious answer. ;)

They create their own addresses by combining their MAC addresses with the network prefix sent out by the router (in its router advertisements that are sent out periodically, and when asked to by clients). In particular, they don't get them via DHCP.

Happy to elaborate if it still doesn't make sense!

Mathew

That makes sense to me.  However, in trying things out, I found out that this is a moot thread. I'm running IOS 12.3(25) and ipv6 dhcp isn't an option (ipv6 local pool [i]poolname prefix[/i] is though).  I'll have to upgrade to a new router (I'm running a Cisco 2514) or at least to the 12.4 IOS version in order to do it.

Thanks for your help. I'll mark this as solved, and hopefully someone else can use the information for their setup.

Have a great day:)
Patrick.

sttun

Well here is what works for me:

ipv6 dhcp pool <pool name>
dns-server <address>
dns-server <address>
exit

now apply this to the wanted interface(s)
Repeat next code block for every interface you want v6 dns servers on clients
interface <interface name>
ipv6 dhcp-server <pool name>
exit


Remeber to save the config
Hope this helps


NewtonNet

Yes, that's what we ended up doing (see post #17).

Cheers,

Mathew

sttun

Well that's what i get for not looking carefully, did not notice page 2 lol.
Anyway gled you got it to work. I am exploring the world of IOS myself ATM, I got myself a 892W about a month ago. The first thing op after basic ipv4 (+ nat, grr I hate nat) was to get tthe HE tunnel u p (even before wlan lol). Hmm I went slightly OT here hope you don't mind :)

NewtonNet

Not at all - the more we talk about it the better we'll all get I reckon!  :)

Mathew

UltraZero

I have a question for you.

Are you trying to use the IPv6 version of this....   

at the prompt

config t
ip dns server xxx.xxx.xxx.xxx  ???

I don't see an IPv6 version of this command on the router under Cisco IOS v12.3.

I might be off base, but, that is what your question sounds like you were asking..

Thanks

antillie

I think the command you are looking for is this:

cerberus(config)#ip name-server ?
  A.B.C.D     Domain server IP address (maximum of 6)
  X:X:X:X::X  Domain server IP address (maximum of 6)

So you can specify IPv6 DNS servers for the router itself to use in at least IOS 12.4 or later, depending on the image feature set of course. This particular image is:

Cisco IOS Software, C2600 Software (C2600-ADVENTERPRISEK9-M), Version 12.4(25d), RELEASE SOFTWARE (fc1)
...
System image file is "flash:c2600-adventerprisek9-mz.124-25d.bin"

UltraZero

Hmm. 

Well Antillie, I see what you are doing.  You are telling the Router to go to specific DNS servers that are specified.  I was creating a DNS server locally.  This way, (IP name-server is still used) this way, all requests can be kept locally except for the one device which would go out and fulfill requests.

As for DHCP,  unless one has a lot of systems on a home network that change IPv6 addresses, I don't see the need.  Not to mention, if implementing eui-64, won't your mac address be used in the IP address which kinda notifies all of who you are (Association of IP address/mac address service provider, etc, etc)

I have many machines on my network which don't change locations,  (Maybe a laptop, but, I have multiple configs to accomplish this) so, static addresses work for me.  When something goes wrong, it's easy to trace.   All equipment is documented and Most are in my internal DNS (except for a few test MS servers, legacy Novell 4.x and  Linux/BSD boxes)  Old but fun stuff.  Can't seem to kill the Novell box.  That darn thing just takes abuse like you can't believe and it won't crash. The longest uptime is over a year with no issues (LOL) (oh oh.. Don't get me started on the old stuff)   ;D ;D