ICND1 100-105

ICND1 100-105

Stateless Autoconfiguration

Something we've already seen, a hint at, a mention of, is the stateless autoconfiguration and we did discuss stateless. Let me tell you what this means here. Stateless, just a general term, means we don't keep track of the goings on as opposed to Dynamic Host Configuration Protocol, or DHCP which had pool and a lease, essentially a reservation. Well in this case, Internet Control Message Protocol, or ICMP takes on a very useful function and we want to think of this as primarily a router-to-router function and not all that useful for getting out clients connectivity to our enterprise environment. Think about the challenge that we have of connecting up to any layer 3 network. We need a unique layer 3 address. We need to be part of the appropriate subnet and we need a unique host portion, which is called interface ID here. We would also want to know another layer 3 device so that we could send out of the network. So those are the bare minimum, subnet ID, interface ID and a router. So what we do is in fact we have baked this in to the protocol again with ICMP and what it does is, it indicates what network you should be on. So let's look a little bit at the high points here.

  • Router advertisement packet:
    • ICMP type 134
    • Source = Router link-local address
    • Destination = FF02::1 (all nodes multicast address)
    • Data = Options, prefix, lifetime, autoconfiguration flag

We have ICMP type 134, wow, there are a lot of types in ICMP for getting that high and that really is remarkable, in fact. The source is our link local ID. Let me ask you. Do you remember what a link local ID looks like?

It starts with four specific values FE80!

Destination is a multicast. Multicast, we didn't talk about this, but they all start off with FF, okay, FF02::1, using that nice shortening approach and that is the all nodes, multicast for the local link and then look at the data. Okay options, don't care about that. But prefix, that's the subnet and the subnet mask, a lifetime, so this is a really nice-to-have technology. We don't really have anything like this in IPv4. The closest thing in fact, I would say, would be Cisco Delivery Protocol, or CDP, which indicates the layer 3 device of a router on the network assuming that there is a Cisco router playing in that broadcast domain.

Now these router advertisements, they are on by default, so we turn on IP version 6 routing. We put an IP address on an interface, it's up/up, router advertisements are sent in.

But just to make sure, our clients have what is known as a router solicitation message as well and it's all part of ICMP still. Our IP version 6 devices boot up, our nodes, those end stations will send out one of these solicitation messages and they're looking for a router to send them a router advertisement, so if they haven't received one at all, this router solicitation has gone out. So then the router receives this router solicitation message and will send a router advertisement back. So we mentioned earlier, wow, there's a lot of different types, well, here's another type, ICMP type 133.

  • Router solicitation packet:
    • ICMP type 133
    • Source = :: (unspecified address)
    • Destination = FF02::2 (all-routers multicast address)

Look at the source address though. It's that unspecified address. Now why would it be unspecified? Well we don't have an IP address yet. So we use double colon in the source IP address field for the router solicitation message, but the destination field, FF02::2. The router advertisement was using ::1, which was all nodes multicast, but here the router solicitation we only want to go to routers, so it's the all routers multicast address that is used in this case. So although our routers are sending out router advertisements periodically, well that space and time between when it was sent out and this device is turned on might be too much. So our devices will automatically send out one of these router solicitation messages when they are turned on, so that way they can statelessly, statelessly autoconfigure themselves.

One of the really cool things about v6 is, it helps you build out an infrastructure rapidly and it helps you migrate to new addressing schemes just as rapidly. And so what we can do is, we can take advantage of stateless autoconfiguration on the router-to-router side and that in fact, in my opinion, is far more useful than client to router. Here's why. You don't get DNS parameters using this technology and that lack of DNS parameters is going to handcuff our clients who want to be able to go to their Cisco.com, their Google.com, their Microsoft.com, their VMware.com and they need some DNS functionality for that. But let's look at the command that does this. This is going to, say, instead of me addressing my router manually, statically, I am going to gobble up a router advertisement, join the subnet, validate that I am unique with neighbor solicitation, right? So two things playing here. We go to the interface IPv6 address, autoconfig and do we want essentially a default route added? That is a big question, okay. And the question is answered by knowing your topology. In reality, this may not be something you want. You don't just slap it on there without thinking about it. You have to think, okay, are all of the other routes this way, that I haven't statically put in? In the case of the branch router, it probably would, right? I mean, the simplistic view here is, oh, all networks are through headquarters. In reality though you have to validate this. So the core command ip address autoconfig, you'll get your unique IPv6 address that should be ready and willing to play on the appropriate subnet and then default if you want to install a default route that is paired up with the next hop IP address that you get from this. And this also affords us the renumbering. Any discussion of IPv6 mentions the ability to renumber and be multihomed. This can be used for that purpose. So if headquarters wants to start pushing out a different subnet that can be done, that absolutely can be done and in fact the branch router can be multihomed, in the sense that it could have multiple IPv6 addresses that could even be obtained from the same mechanism. So this is a pretty nice feature and it saves you from typing in that lengthy IPv6 address.