discussion: Enabling IPv6 on Cisco 6500/7600 breaks IPv4 Internet connectivity
Jared Mauch
jared at puck.nether.net
Tue Jun 26 16:10:03 CEST 2012
On Jun 26, 2012, at 1:36 AM, Mikael Abrahamsson wrote:
> In case of PFC3B(-XL), this is also of interest once IPv6 traffic is flowing:
>
> <http://mailman.nanog.org/pipermail/nanog/2011-September/040653.html>
>
> PFC3B will by default punt IPv6 packets with fragmentation header to RP
> and route them there, with the obvious performance penalty this incurs.
>
> Workaround is to change this behaviour, meaning ACLs won't work for
> packets with fragmentation header anymore:
>
> #platform ipv6 acl fragment hardware ?
> drop Drop IPv6 fragments at hardware
> forward Forward IPv6 fragments at hardware
>
> PFC3C is supposed to not be affected.
I'm once again reminded of something I observed. Make sure you disable ipv6 redirects on all interfaces. This has significant performance penalty. On 6500/sup720 this should be easy to do with interface range command.
- jared
More information about the ipv6-ops
mailing list