The original Japanese version is available here.
I was a bit busy this time, so I asked my boss to get me a ticket. He boasted, ‘Leave it to me because it’ll be cheaper!’ and even though I wasn’t feeling great about it, I asked him to get my tickets. The purpose was to help move our office in Atlanta, USA. This was around the time when e-tickets were starting to be used commonly. I think my boss wanted to try it out too, but as they say, I should know better. It was a trip to Atlanta via Amsterdam. 🙁 It must have been cheaper that way 🙁 Why did we have to go such a roundabout way? 🙁 To make matters worse, it was cloudy the whole way there and back, so the flight was a bit disorienting.
So, I had previously tested DHCPv6, and for further experiments, I needed the ability to freely use the M-bit and O-bit of RA, but the ISP router did not have that feature. I was considering equipment that could freely change the RA of IPv6, but the Cisco ISR router I had used before was sold on Yahoo Auctions, and I thought about simulating the router in GNS3, but it didn’t work easily, as my memory was vague since I last took CCNP or CCSP many years ago, and the GNS3 I downloaded quickly didn’t work well. Suddenly, I remembered the Catalyst Switch we were using at home. Although it was running on old firmware, I remembered that the relatively new firmware was already packed into the flash, and I had been thinking about updating it when I had time, but it had disappeared into the depths of my memory. The IOS that was running was V12, but the IOS that was packed into the flash was V15. I was impressed by several things about this. The switch’s uptime, which I saw in show version, was over seven years. I almost cried when I understood it had been bravely supporting our home network 🙂 I was also impressed by Japan’s power situation. Looking at the offices and data centers connected to the company’s network, there are power outages somewhere every few months. Although there are mandatory inspections of the electrical facilities in Japanese office buildings, it is a measure to prevent unexpected stops, so I cannot complain about it. Other than that, everything is an unexpected stop 🙁 Let’s go back in time!
myhome>sh ver
Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 15.0(2)SE9, RELEASE SOFTWARE (fc1)
I think it’s reasonably new 🙂 With this version of IOS, IPv6 should work, so I want to get IPv6 working and try manipulating RA options to use DHCPv6. I naturally thought there would be release notes, but switches like the Catalyst 2960G are no longer even on cisco.com. So let’s check it ourselves.
First, let’s look at the environment. DNS is running on the server dhcp and the server pokemon. DHCPd and the problematic DHCPv6d are running on the server dhcp and the server package.
In this state, let’s try starting a Windows 10 VM. As before, there is a global address and a link-local address for the default gateway calculated from the prefix distributed by the ISP router.
Login to the switch and become the administrator.
There is nothing special about the configuration, it’s very ordinary. Since this switch has also become a part of my experimentation setup, I think I can write an article on its integration with TACACS or RADIUS. Also, I want to find time to run GNS3 as well.
As for IPv6, nothing is currently running.
So, I thought let’s try to set up IPv6 according to the textbook… but the command is not there 🙁
Actually, the switch has several profiles, so let’s take a look at them.
Here it is! Let’s switch to the IPv4 and IPv6 Dual Stack profile. When looking at the list of profiles, I had a sudden question: What happens when we want to use IPv6 QoS when using IP phones with IPv6? But that’s beside the point. When we change the profile, a reboot is necessary. Please wait a moment…
I’ll check the IPv6 situation again after the restart. However, nothing has changed.
Let’s refocus and try to enable IPv6. Then, let’s take a look at the status of the main vlan99 interface.
Well, it’s so simple 🙂 We will get the IPv6 address from the ISP router. The command reads as getting IPv6 address automatically and adding the default gateway to the routing table.
Now, as for the IPv6 situation, it looks like this. Link-local and global addresses have been assigned.
Since the default gateway should be in the routing table, let’s ping Google’s DNS to check.
Let’s start up a Windows 10 VM in this state. As you can see, there’s almost no difference, but one thing is that there are now two default gateways for IPv6. Since there are two devices sending out RAs, two routers will be visible. This method is often used when replacing network equipment or replacing network lines, among other things. If you stop the RA from the ISP router (assuming you can stop it), the ISP router information will time out and disappear, and only the other router (in this case, a switch) will be visible, allowing the network to transition without stopping.
Now, let’s move on to the main experiment. Let’s set the M-bit in the RA sent from the Catalyst switch. The command for that is as follows. There is also an O-bit option, but according to the RFC we read earlier, if there is an M-bit, the O-bit will only be used for reference. So, we will only set the M-bit.
When you start the Windows 10 VM in this state, oh yes, another IPv6 address appears.
Where did it come from? It came from here. Please ignore the comments, they are just comments on the original sample configuration. This one was assigned from the DHCPv6 pool of this dhcp server.
pokemon@dhcp(132)$ tail -14 dhcpd6.conf
subnet6 2001:ce8: :9e21::/64 {
pool6 {
# Two addresses available to clients
# (the third client should get NoAddrsAvail)
range6 2001:ce8: :9e21::0:1000 2001:ce8: :9e21::0:ffff;
# Use the whole /64 prefix for temporary addresses
# (i.e., direct application of RFC 4941)
range6 2001:ce8: :9e21:fffe::/96 temporary;
# Some /64 prefixes available for Prefix Delegation (RFC 3633)
prefix6 2001:ce8: :9e21:1000:: 2001:ce8: :9e21:1999:: /96;
}
}
pokemon@dhcp(133)$Let’s conduct another experiment. First, let’s release the IPv6 address to the dhcp pool. As a result, it looks like this. The address from the ISP router’s RA remains the same, and only the address from the DHCPv6 pool was returned.
Well, let’s stop the DHCPv6 on the server dhcp and try to obtain the IPv6 address again. The original address was 2001:xxxxx:0:b633, but this time it became 2001:xxxxx:1:b633.
Where did it come from? It came from here. It came from DHCPv6 on the server package.
pokemon@package(131)$ tail -15 dhcpd6.conf
subnet6 2001:ce8: :9e21::/64 {
pool6 {
# Two addresses available to clients
# (the third client should get NoAddrsAvail)
range6 2001:ce8: :9e21::1:1000 2001:ce8: :9e21::1:ffff;
# Use the whole /64 prefix for temporary addresses
# (i.e., direct application of RFC 4941)
range6 2001:ce8: :9e21:ffff::/96 temporary;
# Some /64 prefixes available for Prefix Delegation (RFC 3633)
prefix6 2001:ce8: :9e21:2000:: 2001:ce8: :9e21:2999:: /96;
}
}
pokemon@package(132)$It seems that the redundancy of DHCPv6 is working as expected. Let’s check by running ipconfig /all. There are two main IPv6 addresses: one assigned by the DHCPv6 service on the server package, and the other calculated by the ISP router’s RA. There are also two gateways: one from the ISP router and the other from the Catalyst switch
Let’s ping Google’s DNS to confirm.
We experimented with the RA and DHCPv6 behavior using the Catalyst switch this time, but this switch is not an IPv6 router, so we will change its settings to be used as a switch for home use. We will obtain the address from the ISP router and not send RA to the network. Since we are not sending RA, the M-bit setting is no longer relevant, but we will remove it to avoid confusion later.
If you save this, it will be OK.
I started dhcp’s DHCPv6 and restarted the Windows 10 VM. The IPv6 default gateway is now only the ISP router, but the address assigned by DHCPv6 is still visible.
I restarted the Windows 10 VM while the IPv6 address was released, but the address assigned by DHCPv6 remains visible. It seems that the Windows OS remembers the previously used DHCPv6 and retrieves the address. This may be because the lease period information is different. It is possible that after connecting to another network and coming back, the OS may forget about this DHCPv6, or it may not forget, which could be a problem 🙂
When I tried to boot the VMware image from before we start this experiment, DHCPv6 was not being used on this VM. I think it’s probably because the OS remembers it somewhere. Call it the Windows BUG, maybe?
When I was wandering around with the local IT colleagues in the city, I saw an unfamiliar object resembling a helicopter being sold at the entrance of a downtown bookstore. It was a drone, which was not yet popular in Japan at the time. It was a bit large, and I suspected that its controller was probably using SHF radio waves, so it was unclear whether it could be used with the radio license I possess, and I didn’t know if I could bring it into Japan. So I just passed it by. Besides, it was too expensive 🙂
as always 🙂
On the way back, we also had a layover in Amsterdam. During the flight from Atlanta, we flew northeast for a while and saw the bright lights of a big city. I said to myself, ‘Oh wings, those are the lights of New York!’ but Lindbergh may or may not have said that… Oh, wait, was it Paris he was referring to? Sorry about that.
When the humidity is high, it’s not always a bad thing. At that time, I saw a phenomenon called a Brocken specter. As we gradually lowered the altitude for landing, the aircraft was enveloped in a rainbow and gradually grew larger until it penetrated the final cloud. If you know the reason behind it, it’s not a big deal, but it’s a little mysterious 🙂
Advertisement below
コメント