+(65) 8344 4290 Ciscodumps.net@gmail.com Room 907, Block B, Baoneng Entrepreneurship Center, Guangrong Road, Hongqiao District, Tianjin

ThinkMo EDU Share – network 4.Fundamentals of DHCPv6

蒂娜 No Comments 10/15/2022

ThinkMo EDU Share – network 4.Fundamentals of DHCPv6

Working principle of DHCPv6

DHCPv6 automatic allocation is divided into DHCPv6 stateful automatic allocation and DHCPv6 stateless automatic allocation.

1.DHCPv6 is automatically allocated with status. DHCPv6 server automatically configures IPv6 address/prefix, and allocates network configuration parameters such as DNS, NIS and SNTP servers.

2.DHCPv6 stateless automatic allocation. The IPv6 address of the host is still automatically generated by route advertisement, and the DHCP server only allocates configuration parameters other than IPv6 address, including DNS, NIS, SNTP server address and other parameters.

DHVPv6 is automatically allocated with status.

IPv6 host obtains IPv6 address and other configuration parameters (such as IPv6 address of DNS server, etc.) by stateful DHCPv6.

The process of DHCPv6 server assigning addresses/prefixes to clients can be divided into two categories:

1.DHCPv6 four-step interactive allocation process.

2.Two-step interactive fast allocation process of 2.DHCPv6.

DHCPv6 four-step interaction:

Four-step interaction is often used when there are multiple DHCPv6 servers in the network. At first, the DHCPv6 client sends Solicit messages through multicast to locate the DHCPv6 servers that can provide services for it. After receiving the Advertise messages from several DHCPv6 servers, it selects a server that assigns its address and configuration information according to the priority of the DHCPv6 servers, and then completes the address application and assignment process through the Request/Reply message interaction.

If the DHCPv6 server is not configured to enable two-step interaction, the server will use four-step interaction to assign the address and configuration information to the client, regardless of whether the Rapid Commit option is included in the client message.

The four-step interactive address allocation process of DHCPv6 is as follows:

Figure: Four-step interactive address allocation process of DHCPv6

The four-step interactive address allocation process of DHCPv6 is as follows:

1.DHCPv6 client sends a Solicit message, requesting DHCPv6 server to allocate IPv6 address and network configuration parameters for it.

  1. If the Solicite message does not carry the Rapid Commit option, or the Solicite message carries the Rapid Commit option, but the server does not support the fast allocation process, the DHCPv6 server will reply to the Advertise message to inform the client of the address and network configuration parameters that can be allocated to it.
  2. If the DHCPv6 client receives the Advertise message replied by multiple servers, it selects the server with the highest priority according to the server priority and other parameters in the Advertise message, and sends a Request multicast message to all servers, which carries the DUID of the selected DHCPv6 server.
  3. The 4.DHCPv6 server replies the Reply message to confirm that the address and network configuration parameters are allocated to the client.

DHCPv6 two-step interaction:

Two-step interaction is often used when there is only one DHCPv6 server in the network. At first, the DHCPv6 client sends the Solicit message through multicast to locate the DHCPv6 server that can provide services for it. After receiving the Solicit message from the client, the DHCPv6 server assigns its address and configuration information, directly responds to the Reply message, and completes the address application and assignment process.

Two-step exchange can improve the efficiency of DHCPv6 process, but in a network with multiple DHCPv6 servers, multiple DHCPv6 servers can assign IPv6 addresses to DHCPv6 clients and respond to Reply messages, but the clients can only use the IPv6 address and configuration information assigned by one of the servers. To prevent this from happening, the administrator can configure whether the DHCPv6 server supports two-step interactive address allocation.

  1. if the configuration of 1.DHCPv6 server enables two-step interaction, and the client message also contains the Rapid Commit option, the server will allocate the address and configuration information to the client by two-step interaction.
  2. If the DHCPv6 server does not support fast address allocation, it will allocate IPv6 address and other network configuration parameters to the client in a four-step interactive way.

The two-step interactive address allocation process of DHCPv6 is as follows:

Figure: Two-step interactive address allocation process of DHCPv6

The two-step interactive address allocation process of DHCPv6 is as follows:

  1. the 1.DHCPv6 client carries the Rapid Commit option in the sent Solicit message, which indicates that the client wants the server to quickly assign its address and network configuration parameters.
  2. After the 2.DHCPv6 server receives the Solicit message, it will process it as follows:

(1) if the DHCPv6 server supports fast address allocation, it will directly return the Reply message to allocate IPv6 address and other network configuration parameters to the client, and the Replay message also carries the Rapid Commit option.

(2) If the DHCPv6 server does not support the fast allocation process, the IPv6 address/prefix and other network configuration parameters are allocated to the client in a four-step interactive way.

DHCPv6 stateless automatic allocation:

IPv6 nodes can obtain configuration parameters (including DNS, SIP, SNTP and other server configuration information, excluding IPv6 addresses) through DHCPv6 stateless mode.

The stateless working process of DHCPv6 is shown in the following figure:

Figure: stateless working process of DHCPv6

The stateless working process of DHCPv6 is as follows:

  1. the DHCPv6 client sends the Information-Request message to the DHCPv6 server by multicast, which carries the Option Request option, which specifies the configuration parameters that the DHCPv6 client needs to obtain from the dhcpv6 server.
  2. After receiving the Information-Request message, the DHCPv6 server allocates network configuration parameters to the DHCPv6 client, and sends a Reply message in unicast, returning the network configuration parameters to the DHCP V6 client. DHCPv6 client completes stateless configuration of DHCPv6 client according to the parameters provided by the received Reply message.

Working principle of DHCPv6 PD:

DHCPv6 prefix agent DHCPv6 PD(Prefix Delegation) is a prefix assignment mechanism proposed by Cisco Company and standardized in RFC3633. In a hierarchical network topology, IPv6 address allocation at different levels is generally specified manually. Manually configuring IPv6 addresses is not scalable, which is not conducive to the unified planning and management of IPv6 addresses.

Through the DHCPv6 prefix proxy mechanism, the downstream network device does not need to manually specify the IPv6 address prefix of the user-side link. It only needs to apply for prefix allocation to the upstream network device, and the upstream network device can allocate the appropriate address prefix to the downstream device. The downstream device further automatically subdivides the obtained prefix (the general prefix length is less than 64) into subnet segments with 64 prefix length, and then sends the subdivided address prefix to the user link directly connected to the IPv6 host through route announcement (RA), thus realizing the address automatic configuration of the IPv6 host.

The working process of DHCPv6 PD is shown in the following figure:

Figure: Working principle of DHCPv6 PD

The four-step interactive address allocation process of DHCPv6 PD is as follows:

1.DHCPv6 PD client sends Solicit message, requesting DHCPv6 PD server to assign IPv6 address prefix to it.

  1. If the Solicite message does not carry the Rapid Commit option, or the Solicite message carries the Rapid Commit option, but the server does not support the fast allocation process, the DHCPv6 server will reply to the Advertise message to inform the client of the IPv6 address prefix that can be allocated to it.
  2. If the DHCPv6 client receives the Advertise message replied by multiple servers, it selects the server with the highest priority according to the server priority and other parameters in the Advertise message, and sends a Request message to the server, requesting the server to confirm the allocation of address prefix.
  3. The DHCPv6 PD server replies the Reply message to confirm that the IPv6 address prefix is allocated to the DHCP V6PD client for use.

Working principle of DHCPv6 relay:

The DHCPv6 client forwards the message through DHCPv6 relay to obtain IPv6 address/prefix and other network configuration parameters (such as IPv6 address of DNS server, etc.).

The working process of DHCPv6 relay is shown in the following figure:

Figure: Working principle of DHCPv6 relay

The working interaction process of DHCPv6 relay is as follows:

  1. the DHCPv6 client sends a request message with the destination address FF02::1:2 (multicast address) to all DHCPv6 servers and dhcpv6 relays.
  2. according to DHCPv6 relay forwarding messages, there are two situations as follows:

(1) If the DHCPv6 relay and the DHCPv6 client are located on the same link, that is, the DHCPv6 relay is the first hop relay of the DHCPv6 client, and the relay forwards the message directly from the client, then the DHCPv6 relay is actually the IPv6 gateway device of the client. After receiving the message from the client, the DHCPv6 relay encapsulates it in the Relay Message Option of the Relay-Forward message, and sends the Relay-Forward message to the DHCPv6 server or the next-hop relay.

(2) If the DHCPv6 relay and the DHCPv6 client are not on the same link, the message received by the relay is a Relay-Forward message from other relays. The relay constructs a new Relay-Forward message and sends the Relay-Forward message to the DHCPv6 server or the next-hop relay.

  1. The DHCPv6 server parses the request of the DHCPv6 client from the Relay-Forward message, selects the IPv6 address and other configuration parameters for the DHCPv6 client, constructs a reply message, encapsulates the reply message in the relay message option of the Relay-Reply message, and sends the Relay-Reply message to the DHCP V6 relay.
  2. The DHCPv6 relay parses the response of the DHCPv6 server from the Relay-Reply message and forwards it to the DHCP V6 client. If the DHCPv6 client receives responses from multiple DHCPv6 servers, it selects one DHCPv6 server according to the server priority in the message, and then obtains IPv6 address and other network configuration parameters from the DHCPv6 server.

IPv6 address/prefix allocation and update principle:

Priority of IPv6 address allocation:

DHCPv6 server selects IPv6 addresses/prefixes for DHCPv6 clients in the following order.

  1. select IPv6 address pool.

The interface of DHCPv6 server can be bound with IPv6 address pool, which will be selected by DHCPv6 server to allocate addresses/prefixes to DHCPv6 clients under the interface. For the relay scenario, the interface of the DHCPv6 server may not bind the IPv6 address pool, but select the address pool that belongs to the same link range as the configured network prefix or IPv6 address prefix in the address pool according to the first “link-address” field in the message that is not 0 (identifying the link range where the DHCPv6 client is located).

  1. Select IPv6 address/prefix

After determining the address pool, the DHCPv6 server will assign IPV6 addresses/prefixes to DHCPv6 clients according to the following steps:

(1) If an address/prefix is specified for the client in the address pool, the address/prefix that matches the DUID of the client is preferentially selected from the address pool and assigned to the client.

(2) If the IA option in the client message carries a valid address/prefix, select the address/prefix from the address pool and assign it to the client. If the address/prefix is not available in the address pool, another free address/prefix is allocated to the client. If the IPV6 prefix length is greater than the specified allocation length, it will be allocated according to the specified allocation length.

(3) Select the free address/prefix from the address pool and assign it to the client. The reserved address (for example, the anycast address defined in RFC 2526), the conflicting address, and the assigned address can no longer be assigned to the client.

(4) If there is no suitable IPv6 address/prefix to allocate, the allocation fails.

Update of DHCPv6 address lease:

The address assigned by the DHCPv6 server to the DHCPv6 client has a lease, and the lease consists of the lifetime (including the preferred lifetime and the effective lifetime of the address) and the lease renewal point (T1, T2 of IA). After the valid lifetime of the address expires, the DHCPv6 client can no longer use the address. Before the expiration of the valid lifetime, if the DHCPv6 client wants to continue to use this address, it needs to update the address lease.

In order to prolong the effective life and preferred life of the address associated with IA, the DHCPv6 client sends a Renew message containing IA options to the server at T1, where the IA options carry the IA address options that need to be renewed. If the DHCPv6 client has not received the response message of the lease renewal message at T1, then at T2, the DHCPv6 client continues to renew the address to the DHCPv6 server through the Rebind message.

The update process of T1 address lease is as follows:

  1. the 1.DHCPv6 client sends a Renew message at T1 (the recommended value is 0.5 times of the priority lifetime) to update the address lease.

2.DHCPv6 server responds to Reply message.

(1) if the DHCPv6 client can continue to use the address, the DHCPv6 server responds to the Reply message of successful renewal, informing the DHCPv6 client that the address lease has been successfully updated.

(2) If the address can no longer be assigned to the DHCPv6 client, the DHCPv6 server responds to the Reply message of contract renewal failure, and informs the DHCPv6 client that it cannot obtain a new lease.

The update process of T2 address lease is as follows:

  1. the DHCPv6 client sends a Renew request to renew the lease at T1, but does not receive a response message from the dhcpv6 server.
  1. At T2 (the recommended value is 0.8 times of the priority lifetime), the DHCPv6 client multicast and sends a Rebind message to all DHCP V6 servers to request the lease renewal.

3.DHCPv6 server responds to Reply message.

  • If the DHCPv6 client can continue to use the address, the DHCPv6 server responds to the Reply message of successful renewal, informing the DHCPv6 client that the address/prefix lease has been successfully updated.
  • If the address can no longer be assigned to the DHCPv6 client, the DHCPv6 server responds to the Reply message of renewal failure, informing the DHCPv6 client that it cannot obtain a new lease.

If the DHCPv6 client does not receive the reply message from the DHCPv6 server, the DHCPv6 client will stop using the address after the valid lifetime is reached.

IP address reservation:

DHCPv6 server supports reserved IPv6 addresses, that is, some reserved IPv6 addresses do not participate in dynamic allocation. For example, the reserved IPv6 address can be used as the IPv6 address of the DNS server.

DHCPv6 basic configuration command

address prefix

//Configure network prefix and life cycle under //IPv6 address pool view.

//infinite: Specifies that the life cycle is infinite.

//The default value of life cycle is 86400, i.e. 1 day.

capwap-ac ipv6-address

//Configure the IPv6 address of AC in IPv6 address pool view.

conflict-address expire-time expire-time

//Configure the aging time of conflicting addresses in IPv6 address pool.

//By default, the aging time of conflicting addresses under the address pool is 172800 seconds, that is, 2 days.

dhcpv6 client information-request

//Enable the interface to obtain the network configuration parameters in the way of DHCPv6 stateless automatic allocation.

//(excluding IPv6 addresses).

dhcpv6 client pd

//Configure the DHCPv6 PD client function.

//hint ipv6-address: specify the IPv6 address you want to apply for.

//hint ipv6-prefix/ipv6-prefix-length:

//Specify the IPv6 address prefix and prefix length that you want to apply for.

//rapid-commit: specify that the client interactively applies for IPv6 address prefix in two steps.

//unicast-option: specifies that the client applies for IPv6 address prefix by unicast.

//union-mode: specifies that the client uses one message to obtain the IPv6 address and prefix at the same time.

dhcpv6 duid { ll | llt | duid }

//Configure the unique identifier DUID of the DHCPv6 device.

//By default, the device generates the DUID in the form of ll.

//ll: Specifies that the device uses the link layer address (i.e. MAC address) to generate the DUID.

//llt: specifies that the device generates the DUID by adding time to the link layer address (i.e. MAC address).

dhcpv6 client renew

//Manually update the IPv6 address/prefix applied by the DHCPv6 client.

renew-time-percent rebind-time-percent

//Configure the percentage of lease renewal time and rebinding time of IPv6 address pool in the priority life cycle.

//By default, the lease renewal time of IPv6 address pool accounts for 50% of the priority life cycle.

//Rebinding time accounts for 80% of the priority life cycle.

dhcpv6 interface-id format { default | user-defined text }

//Configure the format of Interface-ID option in DHCPv6 message.

dhcpv6 packet-rate

//Enable the speed limit function of DHCPv6 message and configure the rate suppression value.

//By default, the speed limit function of DHCPv6 message is not enabled.

dhcpv6 packet-rate drop-alarm enable

//Enable the alarm function of speed-limiting discarding of DHCPv6 message.

dhcpv6 packet-rate drop-alarm threshold 100

//Configure the alarm threshold of DHCPv6 message speed limit discarding. The default value is 100 packets

dhcpv6 pool pool-name

//Create IPv6/IPv6 PD address pool or enter IPv6/IPv6 PD address pool view.

dhcpv6 relay destination

//Enable the DHCPv6 relay agent function of the interface

//and configure the IPv6 address of the DHCPv6 server or the next-hop relay agent.

dhcpv6 relay server-select group-name

//to configure the DHCPv6 server group corresponding to the DHCPv6 relay.

dhcpv6 relay source-interface

//Configure the interface address as the message source IPv6 address.

dhcpv6 remote-id format

//Configure the format of the Remote-ID option in the DHCPv6 message.

dhcpv6 remote-id insert enable

//Enable the function of inserting the remote-id option in the DHCPv6 relay message.

dhcpv6 server

//Enable the DHCPv6 server or DHCPv6 PD server function.

dhcpv6-server ipv6-address

//Configure to add members of DHCPv6 server or next-hop relay to DHCPv6 server group.

dhcpv6 server database

//Enable the DHCPv6 data saving function.

//write-delay: specify the time interval for saving DHCPv6 data.

dhcpv6 server group group-name

//Create a DHCPv6 server group and enter the DHCPv6 server group view.

dns-domain-name

//Configure the domain name suffix assigned by DHCPv6 server to DHCPv6 client.

dns-server ipv6-address

//Configure IPv6 address of DNS server.

excluded-address

//Configure the IPv6 address range in the IPv6 address pool that does not participate in automatic allocation.

information-refresh time

//Set the refresh time of configuration information allocated to the client in stateless DHCPv6 mode.

//By default, the refresh time of IPv6 address pool configuration information is 86400 seconds, that is, 24 hours.

Address IPv6 auto DHCP command

//Enable the interface to automatically obtain IPv6 address and other network configuration parameters through DHCPv6 protocol.

link-address

//Configure the network prefix under IPv6 address pool view.

lock

//Lock the IPv6 address pool.

nis-domain-name

//Configure NIS domain name suffix assigned by DHCPv6 server to DHCPv6 client

nisp-domain-name

//Configure the NISP domain name suffix assigned by DHCPv6 server to DHCPv6 client.

prefix-delegation

//Configure the proxy prefix under the address pool view.

static-bind prefix

//statically bind the address prefix to the DHCPv6 PD client under the dhcpv6 address pool.

import all

//Enable the device to dynamically allocate DNS server and SNTP server configuration information to DHCPv6 clients.

Example of DHCPv6 server and relay configuration

Experimental topology:

Figure: experimental topology of DHCPv6

Experimental requirements:

AR1 is a DHCPv6 server, and AR2 is a DHCP relay. Assign IPv6 addresses to hosts through configuration.

Profile:

AR1:

<DHCPv6>dis current-configuration

#

sysname DHCPv6

#

ipv6

#

dhcp enable

#

dhcpv6 pool pool1

address prefix 2000::/ 64

//Configure IPv6 address prefix

excluded-address 2000:: 1

#

interface GigabitEthernet0/ 0/ 0

ipv6 enable

ipv6 address 3000:: 1/ 64

dhcpv6 server pool1

#

ipv6 route- static :: 0 3000:: 2

#

return

AR2:

<Realy>dis current-configuration

#

sysname Realy

#

ipv6

#

dhcp enable

#

interface GigabitEthernet0/ 0/ 0

ipv6 enable

ipv6 address 3000:: 2/ 64

#

interface GigabitEthernet0/ 0/ 1

ipv6 enable

ipv6 address 2000:: 1/ 64

undo ipv6 nd ra halt

//Enable the router to send route advertisement information to the host.

ipv6 nd autoconfig managed-address-flag

//Set the M and O flags. The host can obtain the address by DHCPv6.

ipv6 nd autoconfig other-flag

dhcpv6 relay destination 3000:: 1

//Indicate the address of the DHCP server

#

return

Figure: Address allocation status of DHCPv6 serve

ThinkMo CCNA Dump exam information exchange group:

CCNA/CCNP/CCIE telegram study group:https://t.me/ccie_ei_lab
CCNA/CCNP/CCIE dump:
WAHTAPP:+65 83444290
WAHTAPP:+63 9750724648

ThinkMo CCNA 200-301 Tutorial VIP Exclusive:
https://www.youtube.com/playlist?list=PLIq0cWorv-oyWHaoH79460mAa3-4AWpvw

The complete EVE_NG file, free learning PDF and PPT that can be used directly, as well as video explaining the technical points are all here!

Leave a Reply

X