Wired Intelligent Edge

 View Only

AOS-CX IPv6 - Link Local Addresses (Part 2)

This thread has been viewed 31 times
  • 1.  AOS-CX IPv6 - Link Local Addresses (Part 2)

    Posted Oct 05, 2022 06:14 PM
    The objective of this post is to help understand and discuss AOS-CX IPv6 - Link Local Addresses.
    Part 1 can be found here https://community.arubanetworks.com/discussion/aos-cx-ipv6-link-local-addresses?ReturnUrl=%2fcommunity-home%2fdigestviewer%3fcommunitykey%3d22dc38ea-a1e1-4059-b55e-a622fedecf32

    LLAs can also be used for routing, the main benefit is: network admins no longer have to deal with IPv6 subnet planning for the routed inter switch links.
    Just enable dynamic LLA on these links and routing peers can be established.
    You could utilize static LLA if you wanted deterministic IPs.

    We will use this topology and OSPFv3/IBGP in our example.

    As OSPFv3/BGP requires an IPv4 router ID, each switch has Lo0 with a /32 IPv4 address assigned to it for this purpose.
    GUA /128 IPv6 addresses are added to the same loopbacks to verify IPv6 routing.

    Here are configs for each AOS-CX switch, you will notice it's simpler (compared to IPv4 OSPFv2) as the only IPs are loopback related.

    Switch1
    ==========
    interface 1/1/4
     no shutdown
     ipv6 address link-local
     ipv6 ospfv3 1 area 0.0.0.0
    !
    interface loopback 0
     ip address 192.168.1.1/32
     ipv6 address 2001:db8:beef::1/128
     ipv6 ospfv3 1 area 0.0.0.0
    !
    router ospfv3 1
     router-id 192.168.1.1
     area 0.0.0.0


    Switch2
    ==========
    interface 1/1/49
     no shutdown
     ipv6 address link-local
     ipv6 ospfv3 1 area 0.0.0.0
    !
    interface 1/1/50
     no shutdown
     ipv6 address link-local
     ipv6 ospfv3 1 area 0.0.0.0
    !
    interface loopback 0
     ip address 192.168.1.2/32
     ipv6 address 2001:db8:beef::2/128
     ipv6 ospfv3 1 area 0.0.0.0
    !
    router ospfv3 1
     router-id 192.168.1.2
     area 0.0.0.0

    Switch3
    ==========
    interface 1/1/4
     no shutdown
     ipv6 address link-local
     ipv6 ospfv3 1 area 0.0.0.0
    !
    interface loopback 0
     ip address 192.168.1.3/32
     ipv6 address 2001:db8:beef::3/128
     ipv6 ospfv3 1 area 0.0.0.0
    !
    router ospfv3 1
     router-id 192.168.1.3
     area 0.0.0.0


    We verify OSPFv3 neighbors come up as expected, IPv4 neighbor ID is seen, while neighbor address is LLA.
    Switch2# sh ipv6 ospfv3 nei
    VRF : default Process : 1
    ===================================================

    Total Number of Neighbors: 2

    Neighbor ID Priority State Interface
    -------------------------------------------------------
    192.168.1.1 1 FULL/BDR 1/1/49
    Neighbor address fe80::5480:2801:10fe:f900

    192.168.1.3 1 FULL/DR 1/1/50
    Neighbor address fe80::5480:2801:10fe:2900



    GUA routes are advertised and learnt as expected with LLA as nexthop.
    Switch1# sh ipv6 route

    Displaying ipv6 routes selected for forwarding

    Origin Codes: C - connected, S - static, L - local
    R - RIP, B - BGP, O - OSPF
    Type Codes: E - External BGP, I - Internal BGP, V - VPN, EV - EVPN
    IA - OSPF internal area, E1 - OSPF external type 1
    E2 - OSPF external type 2

    VRF: default

    Prefix                                          Nexthop                                      Interface         VRF(egress)        Origin/        Distance/        Age
                                                                                                                                             Type            Metric
    ---------------------------------------------------------------------------------------------------------------------------------------------------------
    2001:db8:beef::1/128               -                                                    loopback0      -                          L                  [0/0]                 -
    2001:db8:beef::2/128              fe80::9020:c201:c4ba:d800       1/1/4               -                          O                 [110/1]            00h:03m:58s
    2001:db8:beef::3/128              fe80::9020:c201:c4ba:d800       1/1/4               -                          O                 [110/2]            00h:03m:49s

    Total Route Count : 3


    Pings between loopbacks work as expected.
    Switch1# ping6 2001:db8:beef::3 source 2001:db8:beef::1
    PING 2001:db8:beef::3(2001:db8:beef::3) from 2001:db8:beef::1 : 100 data bytes
    108 bytes from 2001:db8:beef::3: icmp_seq=1 ttl=63 time=0.179 ms
    108 bytes from 2001:db8:beef::3: icmp_seq=2 ttl=63 time=0.180 ms


    Traceroute output from Switch1 to Switch3 display loopbacks, this helps view the path/routers used.
    Switch1# traceroute6 2001:db8:beef::3
    traceroute to 2001:db8:beef::3 (2001:db8:beef::3) from 2001:db8:beef::1, 30 hops max, 3 sec. timeout, 3 probes, 24 byte packets
    1 2001:db8:beef::2 (2001:db8:beef::2) 0.2573 ms 0.2376 ms 0.1277 ms
    2 2001:db8:beef::3 (2001:db8:beef::3) 0.1701 ms 0.1899 ms 0.1135 ms



    For IBGP, loopbacks are recommended for peering.
    Since loopbacks are advertised and learnt via OSPFv3, we can establish IBGP between Switch1 and Switch3 using loopbacks as both source/destination.
    Switch1# sh run bgp
    router bgp 65001
     bgp router-id 192.168.1.1
     neighbor 2001:db8:beef::3 remote-as 65001
     neighbor 2001:db8:beef::3 update-source loopback 0
     address-family ipv6 unicast
      neighbor 2001:db8:beef::3 activate

    Switch3# sh run bgp
    router bgp 65001
     bgp router-id 192.168.1.3
     neighbor 2001:db8:beef::1 remote-as 65001
     neighbor 2001:db8:beef::1 update-source loopback 0
     address-family ipv6 unicast
      neighbor 2001:db8:beef::1 activate

    We verify IBGP is establised between Switch1 and Switch3.
    Switch1# sh bgp ipv6 unicast summary
    Codes: * Dynamic Neighbor
    VRF : default
    BGP Summary
    -----------
    Local AS : 65001 BGP Router Identifier : 192.168.1.1
    Peers : 1 Log Neighbor Changes : No
    Cfg. Hold Time : 180 Cfg. Keep Alive : 60
    Confederation Id : 0

    Neighbor             Remote-AS   MsgRcvd MsgSent Up/Down Time  State                AdminStatus
    2001:db8:beef::3
                                 65001            3              3             00h:00m:18s      Established     Up


    You might be wondering if LLA can be used for EBGP.
    The answer is no, as seen below.
    Switch1(config)# router bgp 65001
    Switch1(config-bgp)# neighbor fe80::2 remote-as 65002
    Link local address is not allowed for neighbor configuration


    If you have questions, let's discuss!

    ------------------------------
    DWan
    ------------------------------