IPv6 and Junos - Stateless Address Autoconfiguration (SLAAC)
Table of Contents
From my research and testing, I’ve notice there are a few ways you can set IPv6 addresses to hosts. Essentially you have 3 methods; manually setting a Static IP address, Using Stateful Dynamic Address allocation via a DHCPv6 server, or by using Stateless Dynamic Address allocation. The first two methods are pretty standard as addressing with IPv4 is done this way however, the last method is new method that comes with IPv6 and this is actually known as Stateless Address Autoconfiguration (SLAAC)
. SLAAC, as its name suggestions, allows a host to auto configure itself without any manual intervention.
RFC4862 describe the SLAAC as:
The IPv6 stateless autoconfiguration mechanism requires no manual configuration of hosts, minimal (if any) configuration of routers, and no additional servers. The stateless mechanism allows a host to generate its own addresses using a combination of locally available information and information advertised by routers. Routers advertise prefixes that identify the subnet(s) associated with a link, while hosts generate an “interface identifier” that uniquely identifies an interface on a subnet. An address is formed by combining the two. In the absence of routers, a host can only generate link-local addresses. However, link-local addresses are sufficient for allowing communication among nodes attached to the same link.
In essence, when using SLAAC to get the full 128-bit IPv6 address, it uses the 64-bit prefix that is advertised by the host or router for the first half, then in conjunction with the EUI-64 process, is able to allocation the second 64-bit of the address.
The EUI-64 process in a nutshell, is the method of extending the 48-bit MAC Address and making it into a 64-bit value. This is done by splitting the 48-bit address into two 24-bit halves and adding the 16-bit hex value
0xFFFE
in middle to create the last 64-bits
Configuring SLAAC⌗
Enabling SLAAC with Junos is pretty straightforward. For my example, I’ve got an EX4200 connected to an Ubuntu 14.04LTS ESXi host in Vlan 200.
Before enabling the switch, the host’s interface has to be set to auto
marquk01@km-vm1:~$ cat /etc/network/interfaces
{...}
# This is an autoconfigured IPv6 interface
iface eth0 inet6 auto
auto eth1
iface eth1 inet6 auto
Once that’s done, to make sure no address was learnt as I configured the switch, the interface was disabled using ifdown
.
With the switch configuration, under the protocol router-advertisement
stanza, the interface and the prefix (first 64-bits) that will be advertised need to be set. Additionally I enabled a traceoption to see the process from the switch’s perspective.
Interface Configuration⌗
{master:0}\[edit\]
marquk01@EX4200-A# show interfaces vlan unit 200
family inet6 {
address 2001:192:168:2::1/64;
}
Enabling SLAAC⌗
{master:0}\[edit protocols router-advertisement\]
marquk01@EX4200-A# show
traceoptions {
file RA.log;
flag all;
}
interface vlan.200 {
prefix 2001:192:168:2::/64;
}
Verification⌗
With that SLAAC has been enabled, simple isn’t it :)
Now, back on the host, I re-enabled the interface using ifup
. By using ifconfig
we can see that the IPv6 address has been auto configured onto the host.
marquk01@km-vm1:~$ ifconfig -a eth1
eth1 Link encap:Ethernet HWaddr 00:0c:29:4f:26:c5
inet addr:192.31.1.2 Bcast:192.31.1.255 Mask:255.255.255.0
inet6 addr: 2001:192:168:2:20c:29ff:fe4f:26c5/64 Scope:Global
inet6 addr: fe80::20c:29ff:fe4f:26c5/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:40 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:563 (563.0 B) TX bytes:2334 (2.3 KB)
By looking closer at the ifconfig output, we can see how the EUI-64 process has been used to allocate the IPv6 address, as well as its link-local address:
eth1 Link encap:Ethernet HWaddr 00:0c:29:4f:26:c5
inet6 addr: 2001:192:168:2:20c:29ff:fe4f:26c5/64 Scope:Global
inet6 addr: fe80::20c:29ff:fe4f:26c5/64 Scope:Link
On the switch, by running the commands: show ipv6 neighbours
, we can see the hosts’ link-local and SLAAC allocated addresses, both discovered by the Neighbour Discovery Protocol (NDP)
. And show ipv6 router-advertisement
, which shows how many RA’s and RS’ have been sent and received by the switch.
IPv6 Neighbors⌗
{master:0}
marquk01@EX4200-A> show ipv6 neighbors
IPv6 Address Linklayer Address State Exp Rtr Secure Interface
2001:192:168:2:20c:29ff:fe4f:26c5
00:0c:29:4f:26:c5 stale 1110 no no vlan.200
fe80::20c:29ff:fe4f:26c5 00:0c:29:4f:26:c5 stale 1039 no no vlan.200
Router Advertisement⌗
{master:0}
marquk01@EX4200-A> show ipv6 router-advertisement
Interface: vlan.200
Advertisements sent: 4, last sent 00:04:45 ago
Solicits received: 2, last received 00:04:46 ago
Advertisements received: 0
When we look further at the traceoption, we can see the request from the host sent out Router Solicitation (RS) via its link-local address, to the destination of ff02::2 for the presence of routers (in this case a switch) on the link. The switch replies by sending a Router Advertisement (RA) to ff02::1 with the Router’s presence and link prefixes, MTU, and hop limits.
Apr 7 06:29:13.002388 background dispatch running job ipv6_ra_delete_interface_config_job for task Router-Advertisement
Apr 7 06:29:13.002436 task_job_delete: delete background job ipv6_ra_delete_interface_config_job for task Router-Advertisement
Apr 7 06:29:13.002473 background dispatch completed job ipv6_ra_delete_interface_config_job for task Router-Advertisement
Apr 7 06:29:48.645889 ipv6_ra_receive_solicit: received solicit from fe80::20c:29ff:fe4f:26c5
Apr 7 06:29:48.646013 ipv6_ra_receive_solicit: task Router-Advertisement src fe80::20c:29ff:fe4f:26c5 dst ff02::2 hdr 0x26fc000 count 16 intf 0x283c0e8
Apr 7 06:29:48.646086 task_timer_reset: reset Router-Advertisement_ipv6ra
Apr 7 06:29:48.646137 task_timer_set_oneshot_latest: timer Router-Advertisement_ipv6ra interval set to 0.426219
Apr 7 06:29:49.073743 task_job_create_foreground: create job ipv6 ra for task Router-Advertisement
Apr 7 06:29:49.073857 foreground dispatch running job ipv6 ra for task Router-Advertisement
Apr 7 06:29:49.073978 ipv6_ra_send_advertisement: sending advertisement for ifl 73 to ff02::1
Apr 7 06:29:49.074018 (519322) sending advertisement for ifl 73
Apr 7 06:29:49.074106 ifa 0x28383f0 2001:192:168:2::1/64
Apr 7 06:29:49.074942 --> sent 56 bytes
The ff02::1 and ff02::2 addresses are well-known IPv6 Multicast addresses that a host sends out to a RS, to all devices within the
all-host multicast group
for ff02::2, and for a router, the address ff02::1 is used to reply RS with RA. Although this process could be compared to the IPv4 broadcast address 255.255.255.255, its important to remember that broadcasts are not accepted by any IPv6 protocol.
SLAAC is a really useful way of easily enabling IPv6 across your network and let the host and devices auto configure themselves. In addition, as the EUI-64 process is key to SLAAC, as long as you keep a record of the MAC Addresses of each device, you’ll always be able to know what address goes with what device. Of course, there will be situations where Static or DHCP addressing will be more suitable however; if you need to quickly enable your network with IPv6 then SLAAC is the way to go!