Which ICMPv6 message type contains network configuration information for clients that are performing Slaac?

IPv6 Client IP Address Learning

Information About IPv6 Client Address Learning

Client Address Learning is configured on device to learn the IPv4 and IPv6 address of wireless client, and the client's transition state maintained by the device on association and timeout.

Inhaltsverzeichnis Show

IPv6 Client IP Address Learning
Information About IPv6 Client Address Learning
Address Assignment Using SLAAC
Stateful DHCPv6 Address Assignment
Router Solicitation
Router Advertisement
Neighbor Discovery
Neighbor Discovery Suppression
Router Advertisement Guard
Router Advertisement Throttling
Prerequisites for IPv6 Client Address Learning
Configuring RA Throttle Policy (CLI)
Applying RA Throttle Policy on VLAN (GUI)
Applying RA Throttle Policy on a VLAN (CLI)
Configuring IPv6 Interface on a Switch (GUI)
Configuring IPv6 on Interface (CLI)
Before you begin
Configuring DHCP Pool on Switch (GUI)
Configuring DHCP Pool on Switch (CLI)
Configuring Stateless Auto Address Configuration Without DHCP on Switch (CLI)
Configuring Stateless Auto Address Configuration With DHCP on Switch
Configuring Stateless Address Auto Configuration Without DHCP on Switch (CLI)
Information About IPv6
General Guidelines
Unsupported Features
Configuring IPv6 Addressing
Creating an AP Join Profile (GUI)
Creating an AP Join Profile (CLI)
Configuring the Primary and Backup Controller (GUI)
Before you begin
Configuring Primary and Backup Controller (CLI)
Verifying IPv6 Configuration
What type of ICMPv6 message provides network addressing information to hosts using Slaac?
Which two ICMPv6 messages are used in the Slaac process?
What is router advertisement messages for IPv6?
What is RA configuration?

There are three ways for an IPv6 client to acquire IPv6 addresses:

Stateless Address Auto-Configuration (SLAAC)
Stateful DHCPv6
Static Configuration

In all of these methods, the IPv6 client always sends a neighbor solicitation Duplicate Address Detection (DAD) request to ensure that there is no duplicate IP address on the network. The device snoops on the Neighbor Discovery Protocol (NDP) and DHCPv6 packets of the client to learn about its client IP addresses.

Address Assignment Using SLAAC

The most common method for IPv6 client address assignment is SLAAC, which provides simple plug-and-play connectivity, where clients self-assign an address based on the IPv6 prefix.

SLAAC is configured as follows:

A host sends a Router Solicitation message.
The host waits for a Router Advertisement message.
The host take the first 64 bits of the IPv6 prefix from the Router Advertisement message and combines it with the 64 bit EUI-64 address (in the case of Ethernet, this is created from the MAC address) to create a global unicast message. The host also uses the source IP address, in the IP header, of the Router Advertisement message, as its default gateway.
Duplicate Address Detection is performed by the IPv6 clients to ensure that random addresses that are picked do not collide with other clients.

Note

The last 64 bits of the IPv6 address can be learned by using one of the following algorithms:

EUI-64, which is based on the MAC address of the interface
Private addresses that are randomly generated

Figure 1. Address Assignment Using SLAAC

The following Cisco IOS configuration commands from a Cisco-capable IPv6 router are used to enable SLAAC addressing and router advertisements:

ipv6 unicast-routing
interface Vlan20
description IPv6-SLAAC
ip address 192.168.20.1 255.255.255.0
ipv6 address FE80:DB8:0:20::1 linklocal
ipv6 address 2001:DB8:0:20::1/64
ipv6 enable
end

Stateful DHCPv6 Address Assignment

The use of DHCPv6 is not required for IPv6 client connectivity if SLAAC is already deployed. There are two modes of operation for DHCPv6, that is, Stateless and Stateful.

The DHCPv6 Stateless mode is used to provide clients with additional network information that is not available in the router advertisement, but not an IPv6 address, becuase this is already provided by SLAAC. This information includes the DNS domain name, DNS servers, and other DHCP vendor-specific options.

Figure 2. Stateful DHCPv6 Address Assignment

The following interface configuration is for a Cisco IOS IPv6 router implementing stateless DHCPv6 with SLAAC enabled:

ipv6 unicast-routing
ipv6 dhcp pool IPV6_DHCPPOOL
address prefix 2001:db8:5:10::/64
domain-name cisco.com
dns-server 2001:db8:6:6::1
interface Vlan20
description IPv6-DHCP-Stateless
ip address 192.168.20.1 255.255.255.0
ipv6 nd other-config-flag
ipv6 dhcp server IPV6_DHCPPOOL
ipv6 address 2001:DB8:0:20::1/64
end

Router Solicitation

A Router Solicitation message is issued by a host controller to facilitate local routers to transmit a Router Advertisement from which the controller can obtain information about local routing, or perform stateless auto configuration. Router Advertisements are transmitted periodically and the host prompts with an immediate Router Advertisement using a Router Solicitation such as - when it boots or following a restart operation.

Router Advertisement

A Router Advertisement message is issued periodically by a router or in response to a Router Solicitation message from a host. The information contained in these messages is used by a host to perform stateless auto configuration and to modify its routing table.

Neighbor Discovery

IPv6 Neighbor Discovery is a set of messages and processes that determine relationships between neighboring nodes. Neighbor Discovery replaces the Address Resolution Protocol (ARP), Internet Control Message Protocol (ICMP) Router Discovery, and ICMP Redirect used in IPv4.

IPv6 Neighbor Discovery inspection analyzes neighbor discovery messages in order to build a trusted binding table database, and IPv6 Neighbor Discovery packets that do not comply, are dropped. The neighbor binding table in the tracks each IPv6 address and its associated MAC address. Clients are removed from the table according to neighbor-binding timers.

Neighbor Discovery Suppression

The IPv6 addresses of wireless clients are cached by a device once the wireless client is in RUN state. When the device receives an NS multicast, it looks into the IPv6 addresses cached. If the target address is known to the device and belongs to one of its wireless clients, the device converts the NS from multicast to unicast and forward it to the wireless client. If the target address is not present in the cache, then device interprets that the Multicast NS is for a wired entity and forward it towards the wired side and not to the wireless client.

The same behaviour is seen for ARP request in case of IPv4 address, where the device maintains IPv4 address of the wireless client in the cache.

When neither of the configuration is enabled, and when the device receives Non-DAD or DAD NS multicast looking for an IPv6 address, and if the target address is known to the device and belongs to one of its clients, the device will convert the multicast NS to unicast NS, with the destination MAC address, replaced with client's MAC and forward the unicast packet towards client.

When full-proxy is enabled, and when the device receives Non-DAD or DAD NS multicast, looking for an IPv6 address, and if the target address is known to the device and belongs to one of its clients, the device will reply with an NA message on behalf of the client.

You can use the ipv6 nd proxy command to enable or disable DAD or full proxy.

When the device receives an DAD-NS multicast looking for an IPv6 address, and if the target address is known to the device and belongs to one of its clients, the device will reply with an NA message on behalf of the client.

When the device receives Non-DAD NS multicast looking for an IPv6 address, and if the target address is known to the device and belongs to one of its clients, the device will convert the multicast NS to unicast NS, with the destination MAC address, replaced with client's MAC and forward the unicast packet towards client.

If the device does not have the IPv6 address of a wireless client, the device does not respond with NA; instead, it forwards the NS packet to the wired side. Reason for forwarding to Wired Side is due to the assumption that all wireless client IPv6 address and the its mapped MAC address should be available in the controller and if an IPv6 address required in the NS is not available, then that address is not a wireless client address, so forwarded to wired side.

Router Advertisement Guard

The RA Guard feature increases the security of the IPv6 network by dropping router advertisements coming from wireless clients. Without this feature, misconfigured or malicious IPv6 clients could announce themselves as a router for the network, often with a high priority, which could take precedence over legitimate IPv6 routers. By default, RA guard is always enabled on the controller.

Port on which the frame is received
IPv6 source address
Prefix list

Trusted or Untrusted ports for receiving the router advertisement guard messages
Trusted/Untrusted IPv6 source addresses of the router advertisement sender
Trusted/Untrusted Prefix list and Prefix ranges
Router preference

Router Advertisement Throttling

RA throttling allows the controller to enforce limits to the RA packets headed toward the wireless network. By enabling RA throttling, routers that send multiple RA packets can be trimmed to a minimum frequency that will still maintain an IPv6 client connectivity. If a client sends an RS packet, an RA is sent back to the client. This RA is allowed through the controller and unicast to the client. This process ensures that the new clients or roaming clients are not affected by the RA throttling.

Prerequisites for IPv6 Client Address Learning

Before configuring IPv6 client address learning, configure the clients to support IPv6.

To enable wireless IPv6 client connectivity, the underlying wired network must support IPv6 routing and an address assignment mechanism, such as SLAAC or DHCPv6. The wireless LAN controller must have L2 adjacency to the IPv6 router.

Note

The AP learns IPv6 client address based on source IP address even though Neighbor Advertisements can hold rest of the IPv6 addresses. AP won’t look into the Neighbor Advertisements to learn the IPv6 address learnt by the client. This behavior is seen only on Apple clients and not on Microsoft Windows clients.

Configuring RA Throttle Policy (CLI)

Configure RA Throttle policy to allow the enforce the limits

Procedure

	Command or Action	Purpose
Step 1	configure terminal Example: `Device# configure terminal`	Enters global configuration mode.
Step 2	ipv6 nd ra-throttler policy ra-throttler1 Example: `Device(config)# ipv6 nd ra-throttler policy ra-throttler1`	Define the router advertisement (RA) throttler policy name and enter IPv6 RA throttle policy configuration mode.
Step 3	throttleperiod 500 Example: `Device(config-nd-ra-throttle)# throttleperiod 500`	Configures the throttle period in an IPv6 RA throttler policy. Throttle period is in seconds and it is the time while the controller will not forward RA to the wireless clients.
Step 4	max-through 10 Example: `Device(config-nd-ra-throttle)# max-through 15`	Limits multicast RAs per VLAN per throttle period.
Step 5	allow-atleast 5 at-most 10 Example: `Device(config-nd-ra-throttle)# allow-atleast 5 at-most 10`	Limits the number of multicast RAs per device per throttle period in an RA throttler policy.

Applying RA Throttle Policy on VLAN (GUI)

Procedure

Step 1	Choose .
Step 2	Click Add. The Add RA Throttle Policy dialog box appears.
Step 3	Enter a name for the policy in the Name field.
Step 4	Choose the desired option from the Medium Type drop-down list.
Step 5	Enter a value in the Throttle Period field. RA throttling takes place only after the Max Through limit is reached for the VLAN or the Allow At-Most value is reached for a particular router.
Step 6	Enter a value for the Max Through field, which is the maximum number of RA packets on a VLAN that can be sent before throttling takes place. The No Limit option allows an unlimited number of RA packets through with no throttling.
Step 7	Choose an Interval Option, which allows the device to act differently based on the RFC 3775 value set in IPv6 RA packets, from the following options: Ignore—Causes the RA throttle to treat packets with the interval option as a regular RA and subject to throttling if in effect. Passthrough—Allows any RA messages with the RFC 3775 interval option to go through without throttling. Throttle—Causes the RA packets with the interval option to always be subject to rate limiting.
Step 8	Enter the minimum number of RA packets per router that can be sent as multicast before throttling takes place in the At Least Multicast RAs field.
Step 9	Enter the maximum number of RA packets per router that can be sent as multicast before throttling takes place in the At Most Multicast RAs field. The No Limit option allows an unlimited number of RA packets through the router.
Step 10	Click the Add & Apply to Device button.

Applying RA Throttle Policy on a VLAN (CLI)

Applying the RA Throttle policy on a VLAN. By enabling RA throttling, routers that send many RA packets can be trimmed to a minimum frequency that will still maintain an IPv6 client connectivity.

Procedure

Command or Action Purpose

Step 1

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 2

vlan configuration 1

Example:

Device(config)# vlan configuration 1

Configures a VLAN or a collection of VLANs and enters VLAN configuration mode.

Step 3

ipv6 nd ra throttler attach-policy ra-throttler1

Example:

Device(config-vlan)# ipv6 nd ra throttler attach-policy ra-throttler1

Attaches an IPv6 RA throttler policy to a VLAN or a collection of VLANs.

Configuring IPv6 Interface on a Switch (GUI)

Procedure

Step 1	Choose .
Step 2	Click Add.
Step 3	Enter VLAN Number, Description and MTU (Bytes).
Step 4	Enable or disable the Admin Status toggle button.
Step 5	In IP Options, check the IPv6 check box.
Step 6	Choose the type of Static address from the drop-down list and enter the Static Address.
Step 7	Check or uncheck the DHCP, Autoconfig and Act as an IPv6 DHCP client check boxes. If you check the DHCP check box, the Rapid Commit check box is displayed. Check or uncheck the Rapid Commit check box.
Step 8	Click Apply to Device.

Configuring IPv6 on Interface (CLI)

Follow the procedure given below to configure IPv6 on an interface:

Before you begin

Enable IPv6 on the client and IPv6 support on the wired infrastructure.

Procedure

	Command or Action	Purpose
Step 1	enable Example: `Device> enable`	Enables privileged EXEC mode. Enter your password, if prompted.
Step 2	configure terminal Example: `Device# configure terminal`	Enters global configuration mode.
Step 3	interface vlan vlan-id Example: `Device(config)# interface vlan 10`	Creates an interface and enters interface configuration mode.
Step 4	ip address fe80::1 link-local Example: `Device(config-if)# ip address 198.51.100.1 255.255.255.0 Device(config-if)# ipv6 address fe80::1 link-local Device(config-if)# ipv6 address 2001:DB8:0:1:FFFF:1234::5/64 Device(config-if)# ipv6 address 2001:DB8:0:0:E000::F/64`	Configures IPv6 address on the GigabitEthernet interface using the link-local option.
Step 5	ipv6 enable Example: `Device(config)# ipv6 enable`	(Optional) Enables IPv6 on the GigabitEthernet interface.
Step 6	end Example: `Device(config)# end`	Exits interface mode.

Configuring DHCP Pool on Switch (GUI)

Procedure

Step 1	Choose .
Step 2	Click the Add button. The Create DHCP Pool dialog box appears.
Step 3	Enter a pool name in the DHCP Pool Name field. The name must not be greater than 236 characters in length.
Step 4	Choose either IPv4 or IPv6 from the IP Type drop-down list.
Step 5	Enter an IP address in the Network field.
Step 6	Choose any one of the available subnet masks from the Subnet Mask drop-down list.
Step 7	Enter an IP address in the Starting ip field.
Step 8	Enter an IP address in the Ending ip field.
Step 9	Optional, set the status of the Reserved Only field to Enabled if you wish to reserve the DHCP pool.
Step 10	Choose the desired option from the Lease drop-down list.
Step 11	Selecting the User Defined option from the Lease drop-down list enables the (0-365 days), (0-23 hours), and (0-59 minutes) fields. Enter appropriate values.
Step 12	Click the Save & Apply to Device button.
Step 13	For IPv6, Enter the DNS Server, DNS Domain Name, and Ipv6 Address Allocation.

Configuring DHCP Pool on Switch (CLI)

Follow the procedure given below to configure DHCP Pool on an interface:

Procedure

	Command or Action	Purpose
Step 1	enable Example: `Device> enable`	Enables privileged EXEC mode. Enter your password if prompted.
Step 2	configure terminal Example: `Device# configure terminal`	Enters global configuration mode.
Step 3	ipv6 dhcp pool vlan-id Example: `Device(config)# ipv6 dhcp pool 21`	Enters the configuration mode and configures the IPv6 DHCP pool on the Vlan.
Step 4	address prefix 2001:DB8:0:1:FFFF:1234::/64 lifetime 300 10 Example: `Device(config-dhcpv6)# address prefix 2001:DB8:0:1:FFFF:1234::/64 lifetime 300 10`	Enters the configuration-dhcp mode and configures the address pool and its lifetime on a Vlan.
Step 5	dns-server 2001:100:0:1::1 Example: `Device(config-dhcpv6)# dns-server 2001:20:21::1`	Configures the DNS servers for the DHCP pool.
Step 6	domain-name example.com Example: `Device(config-dhcpv6)# domain-name example.com`	Configures the domain name to complete unqualified host names.
Step 7	end Example: `Device(config)# end`	Returns to privileged EXEC mode. Alternatively, you can also press Ctrl-Z to exit global configuration mode.

Configuring Stateless Auto Address Configuration Without DHCP on Switch (CLI)

Follow the procedure given below to configure stateless auto address configuration without DHCP:

Procedure

	Command or Action	Purpose
Step 1	enable Example: `Device> enable`	Enables privileged EXEC mode. Enter your password if prompted.
Step 2	configure terminal Example: `Device# configure terminal`	Enters global configuration mode.
Step 3	interface vlan 1 Example: `Device(config)# interface vlan 1`	Creates an interface and enters interface configuration mode.
Step 4	ip address fe80::1 link-local Example: `Device(config-if)# ip address 198.51.100.1 255.255.255.0 Device(config-if)# ipv6 address fe80::1 link-local Device(config-if)# ipv6 address 2001:DB8:0:1:FFFF:1234::5/64 Device(config-if)# ipv6 address 2001:DB8:0:0:E000::F/64`	Configures IPv6 address on the GigabitEthernet interface using the link-local option.
Step 5	ipv6 enable Example: `Device(config)# ipv6 enable`	(Optional) Enables IPv6 on the GigabitEthernet interface.
Step 6	no ipv6 nd managed-config-flag Example: `Device(config)# interface vlan 1 Device(config-if)# no ipv6 nd managed-config-flag`	Ensures the attached hosts do not use stateful autoconfiguration to obtain addresses.
Step 7	no ipv6 nd other-config-flag Example: `Device(config-if)# no ipv6 nd other-config-flag`	Ensures the attached hosts do not use stateful autoconfiguration to obtain non-address options from DHCP (domain etc).
Step 8	end Example: `Device(config)# end`	Returns to privileged EXEC mode. Alternatively, you can also press Ctrl-Z to exit global configuration mode.

Configuring Stateless Auto Address Configuration With DHCP on Switch

Follow the procedure given below to configure stateless auto address configuration with DHCP:

Procedure

	Command or Action	Purpose
Step 1	enable Example: `Device> enable`	Enables privileged EXEC mode. Enter your password if prompted.
Step 2	configure terminal Example: `Device# configure terminal`	Enters global configuration mode.
Step 3	interface vlan 1 Example: `Device(config)# interface vlan 1`	Creates an interface and enters interface configuration mode.
Step 4	ip address fe80::1 link-local Example: `Device(config-if)# ip address 198.51.100.1 255.255.255.0 Device(config-if)# ipv6 address fe80::1 link-local Device(config-if)# ipv6 address 2001:DB8:0:1:FFFF:1234::5/64 Device(config-if)# ipv6 address 2001:DB8:0:0:E000::F/64`	Configures IPv6 address on the GigabitEthernet interface using the link-local option.
Step 5	ipv6 enable Example: `Device(config)# ipv6 enable`	(Optional) Enables IPv6 on the GigabitEthernet interface.
Step 6	ipv6 nd prefix ipaddress Example: `ipv6 nd prefix 2001:9:3:54::/64 no-advertise`	Specifies a subnet prefix.
Step 7	no ipv6 nd managed-config-flag Example: `Device(config)# interface vlan 1 Device(config-if)# no ipv6 nd managed-config-flag`	Ensures the attached hosts do not use stateful autoconfiguration to obtain addresses.
Step 8	ipv6 nd other-config-flag Example: `Device(config-if)# no ipv6 nd other-config-flag`	Ensures the attached hosts do not use stateful autoconfiguration to obtain non-address options from DHCP (domain etc).
Step 9	ipv6 dhcp server servername Example: `ipv6 dhcp server VLAN54`	Displays the configuration parameters.
Step 10	end Example: `Device(config)# end`	Exits interface mode.

Configuring Stateless Address Auto Configuration Without DHCP on Switch (CLI)

Follow the procedure given below to configure stateless auto address configuration without DHCP:

Procedure

	Command or Action	Purpose
Step 1	enable Example: `Device> enable`	Enables privileged EXEC mode. Enter your password if prompted.
Step 2	configure terminal Example: `Device# configure terminal`	Enters global configuration mode.
Step 3	interface vlan 1 Example: `Device(config)# interface vlan 1`	Creates an interface and enters interface configuration mode.
Step 4	ip address fe80::1 link-local Example: `Device(config-if)# ip address 198.51.100.1 255.255.255.0 Device(config-if)# ipv6 address fe80::1 link-local Device(config-if)# ipv6 address 2001:DB8:0:1:FFFF:1234::5/64 Device(config-if)# ipv6 address 2001:DB8:0:0:E000::F/64`	Configures IPv6 address on the GigabitEthernet interface using the link-local option.
Step 5	ipv6 enable Example: `Device(config)# ipv6 enable`	(Optional) Enables IPv6 on the GigabitEthernet interface.
Step 6	no ipv6 nd managed-config-flag Example: `Device(config)# interface vlan 1 Device(config-if)# no ipv6 nd managed-config-flag`	Ensures the attached hosts do not use stateful autoconfiguration to obtain addresses.
Step 7	no ipv6 nd other-config-flag Example: `Device(config-if)# no ipv6 nd other-config-flag`	Ensures the attached hosts do not use stateful autoconfiguration to obtain non-address options from DHCP (domain etc).
Step 8	end Example: `Device(config)# end`	Returns to privileged EXEC mode. Alternatively, you can also press Ctrl-Z to exit global configuration mode.

Native IPv6

Information About IPv6

IPv6 is a packet-based protocol used to exchange data, voice, and video traffic over digital networks. IPv6 is based on IP, but with a much larger address space, and improvements such as a simplified main header and extension headers. The architecture of IPv6 has been designed to allow existing IPv4 users to transition easily to IPv6 while continuing to use services such as end-to-end security, quality of service (QoS), and globally unique addresses. The larger IPv6 address space allows networks to scale and provide global reachability.

Note

The features and functions that work on IPv4 networks with IPv4 addresses also work on IPv6 networks with IPv6 addresses.

General Guidelines

The Wireless Management interface should have only one static IPv6 address.
Router advertisement should be suppressed on the wireless management interface and client VLANs (if IPv6 is configured on the client VLAN).
Preferred mode is part of an AP join profile. When you configure the preferred mode as IPv6, an AP attempts to join over IPv6 first. If it fails, the AP falls back to IPv4.
You should use MAC addresses for RA tracing of APs and clients.
APs can join IPv6 controllers only with an IPv6 static address. If you have a controller with auto configurations and multiple IPv6 addresses, APs cannot join the IPv6 controllers.

Unsupported Features

UDP Lite is not supported.
AP sniffer over IPv6 is not supported.
IPv6 is not supported for the HA port interface.
Auto RF grouping over IPv6 is not supported. Only static RF grouping is supported.

Configuring IPv6 Addressing

Follow the procedure given below to configure IPv6 addressing:

Note

All the features and functions that work on IPv4 networks with IPv4 addresses will work on IPv6 networks with IPv6 addresses too.

Procedure

	Command or Action	Purpose
Step 1	configure terminal Example: `Device# configure terminal`	Enters global configuration mode.
Step 2	ipv6 unicast-routing Example: `Device(config)# ipv6 unicast-routing`	Configures IPv6 for unicasting.
Step 3	interface vlan 1 Example: `Device(config)# interface vlan 1`	Creates an interface and enters interface configuration mode.
Step 4	ipv6 address ipv6-address Example: `Device(config-if)# ipv6 address FD09:9:2:49::53/64`	Specifies a global IPv6 address.
Step 5	ipv6 enable Example: `Device(config-if)# ipv6 enable`	Enables IPv6 on the interface.
Step 6	ipv6 nd ra suppress all Example: `Device(config-if)# ipv6 nd ra suppress all`	Suppresses IPv6 router advertisement transmissions on the interface.
Step 7	exit Example: `Device(config-if)# exit`	Returns to global configuration mode.
Step 8	wireless management interface gigabitEthernet gigabitEthernet-interface- vlan 64 Example: `Device(config)# wireless management interface gigabitEthernet vlan 64`	Configures the ports that are connected to the supported APs with the wireless management interface.
Step 9	ipv6 route ipv6-address Example: `Device(config)# ipv6 route ::/0 FD09:9:2:49::1`	Specifies IPv6 static routes.

Creating an AP Join Profile (GUI)

Procedure

Step 1	Choose .
Step 2	On the AP Join Profile window, click the General tab and click Add.
Step 3	In the Name field enter, a name for the AP join profile.
Step 4	(Optional) Enter a description for the AP join profile.
Step 5	Choose .
Step 6	Under the Advanced tab, from the Preferred Mode drop-down list, choose IPv6. This sets the preferred mode of APs as IPv6.
Step 7	Click Save & Apply to Device.

Creating an AP Join Profile (CLI)

Procedure

	Command or Action	Purpose
Step 1	configure terminal Example: `Device# configure terminal`	Enters global configuration mode.
Step 2	ap profile ap-profile Example: `Device(config)# ap profile xyz-ap-profile`	Configures an AP profile and enters AP profile configuration mode.
Step 3	description ap-profile-name Example: `Device(config-ap-profile)# description "xyz ap profile"`	Adds a description for the AP profile.
Step 4	preferred-mode ipv6 Example: `Device(config-ap-profile)# preferred-mode ipv6`	Sets the preferred mode of APs as IPv6.

Configuring the Primary and Backup Controller (GUI)

Before you begin

Ensure that you have configured an AP join profile prior to configuring the primary and backup controller s.

Procedure

Step 1	Choose .
Step 2	On the AP Join Profile window, click the AP join profile name.
Step 3	In the Edit AP Join Profile window, click the CAPWAP tab.
Step 4	In the High Availability tab, under Backup Controller Configuration, check the Enable Fallback check box.
Step 5	Enter the primary and secondary controller names and IP addresses.
Step 6	Click Update & Apply to Device.

Configuring Primary and Backup Controller (CLI)

Follow the procedure given below to configure the primary and secondary controllers for a selected AP:

Procedure

	Command or Action	Purpose
Step 1	configure terminal Example: `Device# configure terminal`	Enters global configuration mode.
Step 2	ap profile profile-name Example: `Device(config)# ap profile yy-ap-profile`	Configures an AP profile and enters AP profile configuration mode.
Step 3	capwap backup primary primary-controller-name primary-controller-ip Example: `Device(config)# capwap backup primary WLAN-Controller-A 2001:DB8:1::1`	Configures AP CAPWAP parameters with the primary backup controller's name.
Step 4	ap capwap backup secondary secondary-controller-name secondary-controller-ip Example: `Device(config)# capwap backup secondary WLAN-Controller-B 2001:DB8:1::1`	Configures AP CAPWAP parameters with the secondary backup controller's name.
Step 5	syslog host ipaddress Example: `Device(config)# syslog host 2001:DB8:1::1`	Configures the system logging settings for the APs.
Step 6	tftp-downgrade tftp-server-ip imagename Example: `Device(config)# tftp-downgrade 2001:DB8:1::1 testimage`	Initiates AP image downgrade from a TFTP server for all the APs.

Verifying IPv6 Configuration

Use the following show command to verify the IPv6 configuration:

Device# show wireless interface summary

Wireless Interface Summary


Interface Name Interface Type VLAN ID IP Address      IP Netmask     MAC Address
---------------------------------------------------------------------------------------
Vlan49         Management     49      0.0.0.0       255.255.255.0    001e.f64c.1eff
                                      fd09:9:2:49::54/64

What type of ICMPv6 message provides network addressing information to hosts using Slaac?

Using SLAAC, the host sends an ICMPv6 (type 135) Router Solicitation (RS) message that requests a Router Advertisement (RA).

Which two ICMPv6 messages are used in the Slaac process?

The two ICMPv6 messages used in SLAAC are the router solicitation and the router advertisement.

What is router advertisement messages for IPv6?

The RADVD (Router Advertisement Daemon) is used for IPv6 auto-configuration and routing. When enabled, messages are sent by the router periodically and in response to solicitations. A host uses the information to learn the prefixes and parameters for the local network.

What is RA configuration?

A device periodically sends Router Advertisement (RA) messages that carry prefixes and flag bits, or responds to the router request messages with RA messages.