disabling client use of SLAAC

Eric Vyncke (evyncke) evyncke at cisco.com
Fri Mar 5 10:45:30 CET 2010


You need indeed to send the RA with the prefix marked as not to be used for autoconfig.

ipv6 nd prefix 2001:db8::/64 no-autoconfig


> -----Original Message-----
> From: ipv6-ops-bounces+evyncke=cisco.com at lists.cluenet.de [mailto:ipv6-ops-
> bounces+evyncke=cisco.com at lists.cluenet.de] On Behalf Of Mikael Abrahamsson
> Sent: vendredi 5 mars 2010 10:25
> To: ipv6-ops at lists.cluenet.de
> Subject: disabling client use of SLAAC
> Hi.
> We're trying out deployment scenarios and the first one was to try to
> mimic our current model with DHCPv4 but move that to DHCPv6.
> We have successfully gotten a 1841 using IOS 15.0(1)M to do DHCPv6
> relaying to a wide-dhcp6-server running on a linux machine and in this
> combination handing out IPv6 addresses statefully.
> On the cisco router we have:
> interface FastEthernet0/1
>   encapsulation dot1Q 11
>   ipv6 address YY:XX::1/64
>   ipv6 enable
>   ipv6 nd autoconfig default-route
>   ipv6 nd managed-config-flag
>   ipv6 nd other-config-flag
>   ipv6 nd ra interval 10
>   ipv6 dhcp relay destination XX:YY::ZZ
> On a linux ubuntu 9.10 machine (2.6.31 kernel) the default when running
> wide-dhcpv6-client is that it will get stateful IPv6 address from the
> dhcp6s scope and successfully set /etc/resolv.conf with information
> received via DHCPv6. It will also successfully get the on-wire prefix from
> RAs, and everything is fine and dandy apart from that the client by
> default will still do SLAAC as well, and so it gets two IPv6 addresses,
> one with SLAAC and one from DHCP. Putting 0 into
> /proc/sys/net/ipv6/conf/eth0/autconf will stop SLAAC, so then it does what
> we want, but would like to avoid changing defaults in the OS. We haven't
> tested Win7.
> Looking at the RAs from the router, it has the "auto" flag set on the
> prefix info option, is this the flag that indicates if SLAAC is ok or not?
> I have not been able to find any information on this and if indeed that
> flag tells clients if SLAAC should be done or not, then how do I disable
> that flag in the router?
> The M and O flags says "get info via DHCP", but it seems they don't mean
> "do NOT use SLAAC" if I read http://www.ietf.org/rfc/rfc2462.txt
> correctly?
> So bottom line, how to make clients not use SLAAC with a Cisco router?
> --
> Mikael Abrahamsson    email: swmike at swm.pp.se

More information about the ipv6-ops mailing list