Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Example: Delegating the DHCPv6 Prefix

    Consider a scenario in which a number of devices on a home network are connected to a customer premises equipment, CPE1, which is the requesting router. CPE1 is connected using a PPP link to the provider edge device, PE1, which is an E Series router operating as the DHCPv6 server or delegating router. After the IPv6 link is formed between CPE1 and PE1 and the IPv6 link-local address is created, CPE1 requests and obtains prefixes that are shorter than /64 (usually of length, /48) from PE1.

    CPE1 is connected to the home network. CPE1 divides the single delegated prefix that it received from PE1 into multiple /64 prefixes and assigns one /64 prefix to each of the links in the home network. The address allocation mechanism in the subscriber network can be performed using ICMPv6 Neighbor Discovery in router advertisements, DHCPv6, or a combination of these two methods.

    When PE1 receives a request for prefix delegation from CPE1, PE1 assigns prefixes from the list of unallocated prefixes in the IPv6 local pool.

    The following sections of this example show how to delegate the DHCPv6 prefix:

    Order of Preference in Determining the Local Address Pool for Allocating Prefixes

    You can configure multiple local address pools on a virtual router. When multiple pools are configured, the pool that is used to allocate the prefix to the requesting router is selected using the following order of preference:

    • If a pool name is returned by the RADIUS server in the Framed-IPv6-Pool attribute or in the Delegated-Ipv6-Pool attribute (VSA 26-161), that pool is used to delegate the prefix to the client.
    • If the aaa dhcpv6-ndra-pool override command is not configured, and if the RADIUS server returns a pool name in the Framed-IPv6-Pool attribute, that pool name is used to delegate the prefix to the client.
    • If the aaa dhcpv6-ndra-pool override command is configured, and if the RADIUS server returns a pool name in the Delegated-Ipv6-Pool attribute (VSA 26-161), that pool name is used to delegate the prefix to the client.
    • If the RADIUS server does not return the pool name, the pool name configured in the AAA domain map (Ipv6-Prefix-Pool-Name) is used to delegate the prefix to the client.
    • If no local address pool name is configured in the AAA domain map, the IPv6 address of the interface on which the request was received is used to determine the pool.
    • If the interface address matches with any of the prefix ranges configured in the IPv6 local address pool on the router, that pool is used to delegate the prefix to the client.

    Order of Preference in Allocating Prefixes and Assigning DNS Addresses to Requesting Routers

    Prefix delegation can be configured at the interface level and at the router level. Also, certain VSA attributes returned in the RADIUS Access-Accept message from the authentication server can impact the selection of the prefix to be assigned to the requesting router. The level of preference attached to each of these prefix delegation configurations is crucial. The delegating router uses the following order of preference to determine the source from which the DHCPv6 prefix is delegated to the requesting router from the DHCPv6 server:

    1. An interface that is configured for prefix delegation is given priority over the RADIUS attributes returned in the Access-Accept message or the prefixes configured in the IPv6 local address pool on the delegating router.
    2. The RADIUS server might return one or more of the following attributes in the Access-Accept message in response to the client authentication request:
      • Ipv6-NdRa-Prefix (VSA 26-129)
      • Framed-IPv6-Prefix (RADIUS IETF attribute 97)
      • Delegated-IPv6-Prefix (RADIUS IETF attribute 123)
      • Framed-IPv6-Pool (RADIUS IETF attribute 100)
      • Delegated-Ipv6-Pool (VSA 26-161)

      If any of the first three attributes are returned, then the prefix contained in those attributes is used and the pool name in the Framed-IPv6-Pool/Delegated-Ipv6-Pool attribute is ignored. For example, if both the Delegated-IPv6-Prefix or Framed-IPv6-Prefix, and Framed-IPv6-Pool/Delegated-Ipv6-Pool attributes are returned from the RADIUS server, the DHCPv6 prefix delegation mechanism uses the Delegated-IPv6-Prefix attribute to advertise the prefix to clients.

    3. If prefix delegation is not configured at the interface level and if no prefix is returned from the attribute in the RADIUS Access-Accept message, the prefix configured in the IPv6 local pool is delegated to the requesting router.

    If you configured a list of IPv6 DNS servers and a string of domain names in the IPv6 local address pool, the order of preference in returning the DNS server address or domain name to the requesting client in the DHCPv6 response is as follows:

    • Information returned from the RADIUS server for DNS servers only
    • Information from the pool
    • Locally configured DNS attributes

    Published: 2014-08-20