3
edits
This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!
(Created page with "= This page will walk you through getting IPv6 to work correctly on your Cisco device = == Enable IPv6 routing on your router == <pre> #conf t #ipv6 source-route #ipv6 unicast-...") |
No edit summary |
||
(17 intermediate revisions by 6 users not shown) | |||
<pre>
</pre>
<pre>
</pre>
EDIT - Feb 2015 - Above didn't work for me, alternative config below
<pre>
! Feb 2015 - Cisco 1841 / FTTC
! LAN Port (I used default /64 on clueless)
!
interface FastEthernet0/0
ipv6 address 2001:8B0:xx:xxxx::1/64
ipv6 enable
ipv6 nd other-config-flag
ipv6 dhcp server ipv6dhcp_pool
!
! Below gives out IPv6 DNS to clients
!
ipv6 dhcp pool ipv6dhcp_pool
dns-server 2001:8B0::2020
dns-server 2001:8B0::2021
</pre>
<pre>
</pre>
02/11/2011
The above config didn't work for me I had to create a new /64 via Clueless and add this here as an IP address
<pre>
ipv6 nd prefix <your_slash_64>::1/64
</pre>
I would also add the following traffic-filter to the dialer interface
<pre>
ipv6 traffic-filter outboundfilters-ipv6 out
</pre>
EDIT Feb 2015 - Alternative config below
<pre>
! Feb 2015 - Cisco 1841 / FTTC
! WAN
!
interface Dialer0
ipv6 address dhcp rapid-commit
ipv6 enable
</pre>
<pre>
</pre>
02/11/2011
I would use the following access-list - I would advise against allowing any IPv6 ICMP into the network unless absolutely necessary and then only allow on a case-by-case basis
<pre>
ipv6 access-list adsl-ipv6
! This only allows in IPv6 traffic which originated from our local network
! No need for a deny at the end as an implicit deny is the default
evaluate tcptraffic-out-ipv6
evaluate udptraffic-out-ipv6
evaluate icmptraffic-out-ipv6
ipv6 access-list outboundfilters-ipv6
! This only creates a reflexive access-list that adsl-ipv6 uses to allow traffic back in
! No need for a deny at the end as an implicit deny is the default
permit tcp any any reflect tcptraffic-out-ipv6 timeout 30
permit icmp any any reflect icmptraffic-out-ipv6 timeout 30
permit udp any any reflect udptraffic-out-ipv6 timeout 30
interface dialer<n>
ipv6 traffic-filter adsl-ipv6 in
ipv6 traffic-filter outboundfilters-ipv6 out
</pre>
If you include the "deny any any" line a "show access-lists ..." will show the number of
packets that have hit that line. Thus you can tell if a problem exists because
the packets are not passing through the access list or failure to communicate is
because of some other problem.
[[Category:3rd Party Routers|Cisco]] [[Category:IPv6]]
|
edits