| Home Prev |  cOS Core 15.00.01 Administration Guide
|
Next |
|---|
cOS Core supports DHCPv6, the equivalent of IPv4 DHCP for IPv6. DHCPv6 support is described in the three sections that follow:
Overview
Any interface can be configured to be a DHCPv6 client. This means that whenever cOS Core restarts or when the DHCPv6 enabled configuration is saved and activated, the interface will automatically try to retrieve an IPv6 lease from an external DHCPv6 server. Only the following interface types support the DHCPv6 client function:This section will use the generic term interface to mean any of the above types.
Addresses Received in a Server Lease
The lease received from a DHCPv6 server will contain the following:An IPv6 address for the interface.
The addresses of up to three IPv6 DNS servers. cOS Core will only use the first two. The third will be discarded.
As explained later in the section, the IPv6 network address and IPv6 gateway address can also be automatically retrieved if the interface property Router Discovery is enabled.
Address Book Objects Created
The following is a list of the IPv6 address book objects that will be created when the DHCP client is enabled on, for example, the if1 interface:The DHCP client mechanism not only creates these objects but also assigns them to the relevant property in the interface. Using the Router Discovery option is discussed later in this section.
Enabling DHCPv6
First IPv6 must be enabled on the specific interface by using the Enable IPv6 checkbox. By default, this property is disabled.Once IPv6 is enabled, the DHCPv6 client is enabled by changing the IPv6 Assignment Method option from Static to DHCPv6.
In addition, a number of other properties can be optionally specified for DHCPv6 client enabled interface:
Preferred IP
This is a suggestion sent to the DHCPv6 server for what the interface IP should be.
Preferred Lifetime and Valid Lifetime
These are suggestions sent to the DHCPv6 server for what the lifetimes should be for an IP. The lower limit for these values in cOS Core is 7600 seconds and the Valid Lifetime should always be greater than the Preferred Lifetime. The meaning of these two settings is explained further in Section 5.6.3, DHCPv6 Server.
Lease Filter
This a range of acceptable IPv6 addresses that can be assigned to the interface. If the offered lease does not contain this address, it is rejected.
Server Filter
This is a range of IPv6 addresses for servers from which cOS Core will accept leases.
Enable DHCPv6 Prefix Delegation
Prefix Delegation is used for receiving a Prefix range, e.g a /56 Prefix, from a DHCPv6 Server. Prefix Delegation is explained further in Section 5.6.2, Prefix Delegation
By default, this option is disabled which means that the DHCPv6 client feature will only set the IPv6 address for the interface and the IPv6 addresses of DNS servers, while the network address and the gateway addresses must be set manually by the administrator.
When the Router Discovery option is enabled, a complete set of client addresses will be provided by the DHCPv6 process including the IPv6 network and the IPv6 gateway address. This is similar to the standard way that IPv4 functions.
![[Tip]](images/tip.png) |
Tip: An ISP will have a correct IPv6 connection method |
|---|---|
|
When connecting to an ISP using IPv6, check with the ISP how cOS Core should be configured. Using the DHCP client with Router Discovery enabled may be required by the ISP to retrieve the IPv6 address for the ISP's gateway as well as for the IPv6 network. |
The Router Discovery option can also be used when automatically configuring the IPv6 address of the interface, with the DHCP client function disabled. This usage is described in Section 3.2, IPv6 Support.
Assigned DNS Servers
The lease granted by a DHCPv6 server can contain up to three IPv6 addresses of DNSv6 servers. However, cOS Core will only use the first and second of these which are sometimes known as the Primary, and Secondary servers. If a third server is present in the lease it will be ignored.The DNSv6 addresses obtained from the DHCP server will be stored in two properties of the interface configuration object which are called DHCPv6DNS1 and DHCPv6DNS2.
Created DNS Address Objects
For the first DNSv6 server address in a lease, cOS Core will automatically create a new IPv6 address book object with the name <interface>_dns6_<num>, where <interface> is the interface receiving the lease and <num> is the order number of the DNSv6 server in the lease.For example, if the interface receiving the DHCPv6 lease is the WAN interface then the address book object created for the first lease will be named WAN_dns6_1. If the lease contains a second DNSv6 server address, this will be called WAN_dns6_2 and so on.
The DNSv6 server addresses can be configured statically for cOS Core. If this is done, these manually configured addresses take precedence over addresses received in a lease. However, cOS Core will still automatically create the address book objects of the form <interface>_dns6_<num> for each DHCPv6 server address received in the lease. This precedence of statically defined DNS addresses is discussed further in Section 3.10, DNS.
Behavior on Lease Expiry
When a DHCP lease ends and is not renewed, any address book objects created by the DHCPv6 mechanism will remain in the address book. However, the values of the address book objects associated with an interface will be affected as follows:Network and gateway objects will retain the values that were last allocated by DHCPv6.
All other objects will be set to the IPv6 unspecified address (::/128).
Example 5.6. DHCPv6 Client Setup
This example shows how to enable DHCPv6 on the WAN interface. It is assumed that IPv6 has already been enabled for the interface.
Command-Line Interface
Device:/> set Interface Ethernet WAN IPv6Assignment=DHCPv6
RouterDiscovery=Yes
InControl
Follow similar steps to those used for the Web Interface below.
Web Interface
Prefix Delegation is used for receiving a Prefix range, e.g a /56 Prefix, from a DHCPv6 Server. From the received Prefix, cOS Core delegates smaller /64 Prefixes to locally configured networks.
On the local interface, the delegated prefix can be advertised/announced to clients connected to the interface via Router Advertisement and/or a DHCPv6 server configured on the interface.
In conclusion, Prefix Delegation can be used to hand out a network and IP address from an Internet Service Provider (ISP) to connected clients behind the firewall based on the received network prefix. Each firewall interface can then be assigned its own part of the address range, such as a /64 subnet per interface.
Brief Description
Below is a brief example in three steps on how Prefix Delegation operates. WAN would be the name of the external interface towards the Internet of the firewall and LAN would be the name of the local interface where clients are located.Enable The DHCPv6 client and Prefix Delegation on the WAN Interface
Enable the DHCP client in order to receive an IPv6 lease from e.g. a service provider and Prefix Delegation in order to have cOS Core add an additional Prefix Delegation request to the lease request towards the service provider. This is done in order to request a larger network range from the service provider that can later be used for clients behind the LAN interface.
The WAN interface can be considered to be the Source of network and IP addresses that can then be forwarded to clients behind other interfaces, in this example LAN.
Enable Delegated IPv6 Assignment Method on the LAN Interface
Enabling this option on the LAN interface and selecting the Delegation Interface to be the WAN interface informs the LAN interface where to retrieve IP addresses from using Prefix Delegation. The LAN interface can be considered to be the Destination.
Configure a DHCPv6 server on the LAN Interface
Configuring a DHCPv6 server on the LAN interface allows the delegated prefix received from the WAN interface to be distributed to clients on the local network. In addition to IP addresses, the DHCPv6 server can provide clients with essential configuration details, such as DNS server information.
Next, a more in-depth explanation of Prefix Delegation and its settings is provided.
Prefix Delegation (DHCPv6 Client Interface)
To enable Prefix Delegation, the IPv6 DHCP client must first be enabled on the interface facing the DHCPv6 server, e.g. the Internet Service Provider. For more details about the client see Section 5.6.1, DHCPv6 Client.Once the IPv6 DHCP client is enabled, the option Enable DHCPv6 Prefix Delegation needs to be enabled. In addition, a number of other properties can be optionally specified for a Prefix Delegation client enabled interface:
Preferred Prefix Network:
If set, this will included a Preferred Prefix Network request to the DHCPv6 server. It will be up to the DHCPv6 server to decide if it will grant the preferred request or not. If not granted, cOS Core will accept what the DHCPv6 server is offering.
Prefix Length
Similar to the previous option, using this option will include a preferred Prefix Length in the lease request to the IPv6 DHCP server. If not granted, cOS Core will accept what the DHCPv6 server is offering.
Request IP Address From DHCPv6 Server
In addition to Prefix Delegation, cOS Core may also need its own IPv6 address. This is where the Request IP address from DHCPv6 server setting comes into play. By enabling this setting, the DHCPv6 client asks the server not only for a prefix but also for a specific IPv6 address for itself.
DHCPv6 IP Assignment method
If the option Request IP Address From DHCPv6 Server is not used the DHCPv6 IP Assignment method must be configured to be one of the following:
Prefix (default)
Combines the static IP with the received prefix to create a full IPv6 address, following the standard defined in RFC-8415.
IPOnly
Uses only the configured static IP as the IPv6 address, without combining it with any prefix received from the DHCPv6 server.
Auto
Automatically generates the IPv6 address by combining the received prefix with the device's unique identifier, following the EUI-64 standard.
Prefix Delegation (Delegated Interface)
Once a DHCPv6 client interface has Prefix Delegation enabled, other interfaces can now be designated as Delegated interface. These interfaces can be considered the receiver interfaces that obtain IP addresses from a DHCPv6 Client-enabled interface with Prefix Delegation. The addresses are then further forwarded to clients situated behind one or more of these interfaces.The following options are mandatory:
Delegation Interface:
Interface with DHCPv6 client configured to retrieve IPv6 Prefix Delegation from a DHCPv6 server.
IPv6 Prefix Delegated Subnet Index
Index within the Prefix received from the DHCPv6 Server that will be assigned to this interface to form a /64 network. E.g Received Prefix 2001:db8:8:300::/56 and Subnet Index 1 creates the Prefix/Network 2001:db8:8:301::/64.
IPv6 Prefix Interface ID
IPv6 Prefix Interface ID used for the lowest 64 bits on an IP address. For example: 1111:2222:3333:4444. The IPv6 Prefix Interface ID uniquely identifies the cOS Core firewall on a network segment and is combined with the delegated prefix to form a complete IPv6 address. This ID must be specified to ensure the correct lower 64 bits of the address, allowing the firewall to be uniquely identified within the assigned prefix.
Additional Information Regarding Interface ID
An IPv6 address is a 128-bit number that is separated into two components: the network identifier and the interface identifier. The below image shows the correlation between Network Identifier and Interface Identifier where "N" is the prefix.
In the same way that an IPv4 address is separated into the network and host portion based on a subnet mask an IPv6 address is separated into the network identifier and the interface identifier based on the prefix.
An IPv6 address with a prefix of /64 will have a network identifier of 64 bits and an interface identifier of 128-64 = 64 bits. Similarly, an IPv6 address with a prefix of /96 will have a network identifier of 96 bits and an interface identifier of 128-96=32 bits.
Example:
| Description | Value |
|---|---|
| Prefix received from DHCPv6 Server: | 2001:db8:8:300::/56 (2001:db8:8:300::-2001:db8:8:3ff:ffff:ffff:ffff:ffff) |
| IPv6 Prefix Delegated Subnet Index: | 1 |
| IPv6 Prefix Interface ID: | 1111:2222:3333:4444 |
| Resulting Interface Prefix | 2001:db8:8:301::/64 |
| Resulting Interface IP | 2001:db8:8:301:1111:2222:3333:4444 |
Auto Route Creation and Router Advertisement
Lastly, on the advanced tab the option for "Automatically add a route for this interface using the given network" and "Enable Router Advertisement for this interface" needs to be enabled.Additional Information About the Router Advertisement Option
Enabling Router Advertisement (RA) on the delegated LAN interface is crucial for distributing the IPv6 prefix received through Prefix Delegation to the clients on the local network. The RA messages allow the LAN clients to receive the network prefix, default gateway, and other necessary configuration parameters. This enables the clients to automatically configure their IPv6 addresses through Stateless Address Autoconfiguration (SLAAC) or to obtain additional information if DHCPv6 is also used.
Without enabling RA, the clients on the LAN would not be aware of the IPv6 network prefix, preventing proper IPv6 address configuration and connectivity.
Enabling both checkboxes will auto-create a Router Advertisement Policy. For more information about RA see Section 3.2, IPv6 Support.
Prefix Delegation (DHCPv6 Server)
The DHCPv6 server can be set to use a IPv6AddressPool that is dynamically updated with the Delegated Prefix of the interface combined with the configured Address Range. To accomplish this, enable the option Delegated Address Pool on the DHCPv6 server along with the following options:Delegated Interface:
A single interface that must be set to be a Delegated interface.
Delegated IPv6 Address Range:
The lowest 64 bits/half of every address in the IP Pool, e.g 1111:2222:3333:2 - 1111:2222:3333:100.
Delegated IPv6 Address Pool (optional):
The resulting IPv6 Address Pool dynamically updated. An address object will be created if left empty.
Example:
| Description | Value |
|---|---|
| Delegated Prefix: | 2001:db8:8:301 |
| Delegated IPv6 Address Range: | 1111:2222:3333:2 - 1111:2222:3333:100 |
| Resulting IP Pool: | 2001:db8:8:301:1111:2222:3333:2- 2001:db8:8:301:1111:2222:3333:100 |
If the Delegation Interface running the DHCPv6 client does not receive a Prefix from the external DHCPv6 server, the inner DHCPv6 Server address pool will be cleared, and the server will switch to passive mode, not responding to incoming DHCP requests. This will happen during normal system start until the DHCPv6 client has received a lease from the DHCPv6 server.
Using a DHCPv6 Server or Not
Whether to use a DHCPv6 server depends on requirements. Not using a DHCPv6 server is possible, as clients can retrieve an IP address and network information using Router Discovery (RD) with Stateless Address Autoconfiguration (SLAAC). This behavior depends on the client configuration.However, neither SLAAC nor Prefix Delegation provides DNS server information for clients. Using a DHCPv6 server in conjunction with Prefix Delegation allows clients to receive DNS server information along with their IP configuration.
If a dual-stack configuration (using both IPv4 and IPv6) is in place and a DNS server is provided by, for example, an IPv4 DHCP server, setting up a DHCPv6 server may not be necessary, as the IPv4 DNS server can also be used to resolve IPv6 addresses.
Finally, using a DHCPv6 server allows for greater control over the IP address pool. Instead of clients self-assigning IPv6 addresses based on the prefix received in RA, the DHCPv6 server centrally manages address assignments from a defined pool. By specifying a range in the Use Delegated IPv6 Address Pool field, the server generates IPv6 addresses by combining the lowest 64 bits of the specified range with the delegated prefix assigned to the interface. This can ensure that IP address assignments are predictable and managed according to the administrators wishes.
Question: What happens if the LAN interface is configured with Prefix Delegation and a DHCPv6 Server at the same time? Risk of IP conflicts? Which takes precedence over the other?
Conflicts:
Typically, there is no conflict because PD (using SLAAC) and DHCPv6 have different mechanisms for assigning addresses. When PD is enabled, clients use SLAAC to self-configure their addresses based on the prefix advertised in RAs. In contrast, when a DHCPv6 server is configured, it assigns specific addresses to clients from the delegated pool. These mechanisms are independent and should not result in overlapping addresses.
Precedence:
If SLAAC is enabled, clients will use the prefix information (received through Router Discovery) to autoconfigure their own addresses.
If DHCPv6 is also available, and the RA flags indicate that DHCPv6 should be used for stateful address assignment or for additional settings (like DNS), clients will query the DHCPv6 server for further information.
In most configurations, the RA settings control the behavior of the clients. If the RA flags indicate that clients should use SLAAC, they will prefer SLAAC. If the RA flags suggest using DHCPv6 (controlled by the Router Advertisement options Managed Flag and Other Config Flag), clients will use DHCPv6 for either address and/or DNS assignment.
![[Note]](images/note.png) |
Note: Behavior Depends on Configured Settings |
|---|---|
|
Please note that the exact behavior may vary depending on how the the administrator have configured the firewall. |
Example Setup
IPv6 and Prefix Delegation can become complex when delving into the details. To provide further explanation and examples of how IPv6 addresses and networks are formed based on a prefix received from a delegation server, see the image below:The figure shows an example of a prefix received from the service provider, which is then distributed to three different interfaces behind the firewall (G1, G2, and G3). Each interface is configured with a unique Prefix Delegated Subnet Index to ensure they receive a network range that do not overlap or interfere with each other.
On each internal interface (G1, G2 and G3), a DHCPv6 server is configured to hand out IP addresses from a Delegated IPv6 Address Range consisting of 1111:2222:3333:2 - 1111:2222:3333:100.
Question: Why is the WAN interface IP different?
When using IPv6, the WAN interface IP address is often different from the prefix that is delegated to clients behind the firewall because they serve different purposes.
The WAN IP (e.g. 2001:0db8:0008:ABCD::1234) is an address assigned directly to the firewall's external (WAN) interface by the Internet Service Provider (ISP). This address is used for communication between the firewall and external networks, including the ISP's infrastructure and the internet. In other words, it acts as the primary address for the firewall on the ISP's network.
The delegated prefix (e.g. 2001:0db8:0008:0301::/64) is a separate address range provided by the ISP specifically for use on the internal (in this case G1) network. The clients behind the firewall receive their IP addresses from this delegated prefix. For example, a client behind the firewall may have the address 2001:0db8:0008:0301:1111:2222:3333:2 as shown in the above figure.
Example 5.7. Setting up Prefix Delegation
The following example details the steps needed to set up Prefix Delegation for a simple scenario where a DHCPv6 server is situated behind the WAN interface at an Internet Service Provider (ISP) and clients are located behind the LAN interface as illustrated below.
On the WAN interface, IPv6 will be enabled as well as the DHCPv6 client and Prefix Delegation. On the LAN interface, IPv6 will be enabled and the interface designated as the Delegated interface, handing out IPv6 addresses to connected clients. Lastly, a DHCPv6 server is configured on the LAN interface that is using a Delegated IPv6 Address Pool retried from the Delegated LAN interface.
Command-Line Interface
Modify the existing WAN interface to enable IPv6, DHCPv6 client and Prefix Delegation:
Device:/> set Interface Ethernet WAN
EnableIPv6=yes
IPv6Assignment=DHCPv6
RouterDiscovery=Yes
DHCPv6PrefixDelegation=yesModify the existing LAN interface to enable IPv6 and designate it as a Delegated interface:
Device:/> set Interface Ethernet LAN
EnableIPv6=yes
IPv6Assignment=Delegated
DelegationInterface=WAN
IPv6DelegatedSubnetIndex=1
IPv6DelegatedInterfaceID=1111:2222:3333:4444
AutoInterfaceNetworkRoute=yes
EnableRouterAdvertisement=YesSetting up the DHCPv6 server on the LAN interface:
Device:/> add DHCPv6Server LAN_DHCPv6
Delegated=yes
DelegatedInterface=LAN
DelegatedIPv6AddressRange=1111:2222:3333:2-1111:2222:3333:100
DNS1=WAN_dns6_1
DNS2=WAN_dns6_2Note: WAN_dns6_1 and WAN_dns6_2 is in this example objects that the DHCPv6 client auto-created in the address book.
InControl
Follow similar steps to those used for the Web Interface below.
Web Interface
Modify the existing WAN interface to enable IPv6, DHCPv6 client and Prefix Delegation:
Modify the existing LAN interface to enable IPv6 and designate it as a Delegated interface:
Setting up the DHCPv6 server on the LAN interface:
cOS Core provides the ability to set up one or more DHCPv6 servers. Configuring these is almost identical to configuring an IPv4 DHCP server. However, there are some object properties which are available with DHCPv6 but not with standard IPv4 DHCP. These are as follows:
Rapid Commit
By default this is disabled. This option makes sense during server solicitation procedure. If the client has included a rapid commit option in the solicit message and the rapid commit setting is enabled then the DHCPv6 server responds to the solicit with a reply. The server commits the assignment of addresses before sending the reply message. The client can assume it has been assigned the addresses in the reply message and does not need to send a request message for those addresses.
If this option is left at the default value of being turned off, the server ignores the rapid commit option and acts as though no rapid commit option were present in the client's solicit message.
Preference Value
A preference value can be either sent or not sent to the client. If sending it is enabled, the default preference value is zero but this can be manually set to be between 0 and 255.
Setting the preference gives the administrator the ability to prioritize one DHCPv6 server over another. During the server solicitation procedure the client collects received advertisement messages from available DHCPv6 servers. The client typically will contact the server that sent the advertisement message with the highest server preference value.
A preference value of 255 has the highest priority and once such value is received in an advertisement message, the client will immediately begin a client initiated message exchange with the DHCPv6 Server originated the message. This value therefore should only be used in an environment with a single server since other servers will be ignored.
Preferences are often used where the administrator wants one server to be the primary with a higher preference and assigns a lower preference to other backup servers.
Send Unicast
By default, in negotiations between client and server, the client uses multicast IPv6 address as a destination for all messages. This option enables the inclusion of the server unicast option by a DHCPv6 Server in messages sent to clients. Once such an option is received by the client, it can contact the server directly using the server's IPv6 address (which is carried in the server unicast option).
This allows reduction of the network load as well as offloading to other DHCPv6 Servers available on the network.
Clear Universal Local Bit
When set to a value of Yes, this option will always clear the universal/local bit (u/l bit) in the IPv6 addresses handed out by the server so that it always has a value of zero. This flags the address as being a locally created one that should not be used universally. This setting applies to /64 networks.
The default value for this setting is No so the bit is not automatically set to zero by cOS Core.
Valid Lifetime and Preferred Lifetime
These are the lifetimes used for IPs sent to a client. The lower limit for these values in cOS Core is 7600 seconds and the Valid Lifetime should always be greater than the Preferred Lifetime.
After the Preferred Lifetime expires, the IP could be used for new or existing connections but this should be avoided unless absolutely necessary. For example, an application might have to use the IP because it is part of some unfinished processing. After the Valid Lifetime expires, the IP will become invalid and cannot be used for new or existing connections.
|
Tip: Speeding up address allocation |
|---|---|
|
If only one DHCPv6 server is configured then the process of IPv6 address allocation can be significantly speeded up by enabling rapid commit and setting the preference value of that server to be 255. With a preference value of 255, message exchange is triggered as soon as soon as the client receives the solicit message. Rapid commit allows the client to get committed addresses in the reply message during the solicit-reply message exchange with the DHCPv6 server. Together, these can significantly increase the speed of address allocation. |
Available Memory Can Limit Lease Allocation
When a DHCPv6 lease is handed out, cOS Core stores details of the lease in the firewall's local memory. There is no memory pre-allocated for this list of leases and the amount of memory used can expand from nothing up until the point that all free available memory is exhausted.When no more memory is available, cOS Core will cease to assign new leases and will behave as though there are no free IPs left in the pool. cOS Core will signal a general out-of-memory condition and this will appear on the management console. This condition would require a very large number of leases to be allocated.
Use of Delegated IPv6 Address Pool
This option is used together with Prefix Delegation. For more information see Section 5.6.2, Prefix Delegation The steps for setting up a DHCPv6 server in cOS Core are as follows:Make sure that IPv6 is enabled for the listening interface of the DHCPv6 server and that there is an IPv6 address assigned to that interface. Doing this is described in Section 3.2, IPv6 Support.
Create a new DHCPv6 Server object. This will listen on the specified interface and get the IPv6 addresses handed out from a specified IPv6 Address Pool object.
The advanced IP setting Multicast HopLimit Min must be set to a value of 1 (the default is 3).
If the firewall which acts as the DHCPv6 server is also going to send out router advertisements for the server, the following must be configured:
Add a Router Advertisement object with the same interface specified as the DCHPv6 server.
Disable the Use Global Settings option for this Router Advertisement object and enable the Managed Flag setting to signal there is a DHCPv6 server on the network. If the DHCPv6 server is providing information about DNS addresses, also enable the Other Config Flag setting.
Add a Prefix object to the Router Advertisement object. This is optional but is normally done. Normally, the prefix specified is the same as the network attached to the DHCPv6 server listening interface.
If it is undesirable that hosts on the network use the defined prefix for stateless auto-configuration, disable the Autonomous Flag setting for the Prefix object. This is probably the case since the DHCPv6 server is being added to the network.
If another device (either a Clavister firewall or third party device) on the network is going to send the router advertisements for the DHCPv6 server, that device must be similarly configured with the settings described above.
Example 5.8. DHCPv6 Server Setup
This example shows how to set up a DHCPv6 server called dhcpv6_server1 on the Ethernet interface LAN. Assume that the pool of available IP addresses is already defined by the IPv6 address object dhcpv6_range1.
The server will also use the rapid commit option and will assign itself a preference value of 100. It is assumed in this example that IPv6 has been enabled globally and also for the listening interface LAN.
Router advertisements will be generated by the same firewall and the prefix used will be 2001:DB8::/64.
Command-Line Interface
Create the server:
Device:/> add DHCPv6Server dhcpv6_server1
Delegated=No
Interface=LAN
IPv6AddressPool=dhcpv6_range1
RapidCommit=Yes
PreferenceConfigured=Yes
PreferenceValue=100Set the hop limit to 1:
Device:/> set Settings IPSettings HopLimitMinMulticast=1Create a router advertisement:
Device:/> add RouterAdvertisement Name=my_ra
Interface=LAN
UseGlobalRASettings=No
RAManagedFlag=Yes
RAOtherConfigFlag=YesChange the context to be the router advertisement:
Device:/> cc RouterAdvertisement 1Add the prefix object:
Device:/1(my_ra)> add RA_PrefixInformation Name=my_prefix
Prefix=2001:DB8::/64
RAAutonomousFlag=NoReturn to the default context:
Device:/1(my_ra)> ccInControl
Follow similar steps to those used for the Web Interface below.
Web Interface
Create the server:
Set the hop limit to 1:
Create a router advertisement:
Still within the router advertisement definition, add the prefix object:
Static DHCPv6 Hosts
Where the administrator requires a fixed relationship between a client and the assigned IP address, cOS Core allows the assignment of a given IPv6 address to a specific MAC address just as it was assigned for IPv4 as described in Section 5.3.1, Static IPv4 DHCP Hosts.Example 5.9. Static DHCPv6 Host Assignment
This example shows how to assign the IPv6 address 2001:DB8::1 to the MAC address 00-90-12-13-14-15. The example assumes that the DHCPv6 server dhcpv6_server1 has already been defined.
Command-Line Interface
First, change the category to the dhcp_ipv6_server1 context:
Device:/> cc DHCPv6Server dhcpv6_server1Add the static DHCP assignment:
Device:/dhcpv6_server1> add DHCPv6ServerPoolStaticHost
Host=2001:DB8::1
MACAddress=00-90-12-13-14-15Return to the default context:
Device:/dhcpv6_server1> cc
Device:/>
InControl
Follow similar steps to those used for the Web Interface below.
Web Interface
