8.2.4.4 Lab – Troubleshooting DHCPv6 Answers

Jul 13, 2022 Last Updated: Jul 13, 2022 CCNA 2 Exam Answers, CCNA v6 No Comments
Tweet Share Pin it

8.2.4.4 Lab – Troubleshooting DHCPv6 (Instructor Version)

Instructor Note: Red font color or Gray highlights indicate text that appears in the instructor copy only.

Topology

8.2.4.4 Lab - Troubleshooting DHCPv6 Answers 2

Addressing Table

Device Interface IPv6 Address Prefix Length Default Gateway
R1 G0/1 2001:DB8:ACAD:A::1 64 N/A
S1 VLAN 1 Assigned by SLAAC 64 Assigned by SLAAC
PC-A NIC Assigned by SLAAC and DHCPv6 64 Assigned by SLAAC

Objectives

Part 1: Build the Network and Configure Basic Device Settings
Part 2: Troubleshoot IPv6 Connectivity
Part 3: Troubleshoot Stateless DHCPv6

Background / Scenario

The ability to troubleshoot network issues is a very useful skill for network administrators. It is important to understand IPv6 address groups and how they are used when troubleshooting a network. Knowing what commands to use to extract IPv6 network information is necessary to effectively troubleshoot.

In this lab, you will load configurations on R1 and S1. These configurations will contain issues that prevenStateless DHCPv6 from functioning on the network. You will troubleshoot R1 and S1 to resolve these issues.

Note: The routers used with CCNA hands-on labs are Cisco 1941 Integrated Services Routers (ISRs) with Cisco IOS Release 15.2(4)M3 (universalk9 image). The switches used are Cisco Catalyst 2960s with Cisco IOS Release 15.0(2) (lanbasek9 image). Other routers, switches and Cisco IOS versions can be used. Depending on the model and Cisco IOS version, the commands available and output produced might vary from what is shown in the labs. Refer to the Router Interface Summary Table at the end of this lab for the correct interface identifiers.

Note: Make sure that the router and switch have been erased and have no startup configurations. If you are unsure, contact your instructor.

Instructor Note: Refer to the Instructor Lab Manual for the procedures to initialize and reload devices.

Note: The default bias template used by the Switch Database Manager (SDM) does not provide IPv6 address capabilities. Verify that SDM is using either the dual-ipv4-and-ipv6 template or the lanbase-routing template. The new template will be used after reboot even if the configuration is not saved.

S1# show sdm prefer

Follow this configuration to assign the dual-ipv4-and-ipv6 template as the default SDM template:

S1# config t
S1(config)# sdm prefer dual-ipv4-and-ipv6 default
S1(config)# end
S1# reload

Required Resources

  • 1 Router (Cisco 1941 with Cisco IOS Release 15.2(4)M3 universal image or comparable)
  • 1 Switch (Cisco 2960 with Cisco IOS Release 15.0(2) lanbasek9 image or comparable)
  • 1 PC (Windows 7, Vista, or XP with terminal emulation program, such as Tera Term)
  • Console cables to configure the Cisco IOS devices via the console ports
  • Ethernet cables as shown in the topology

Part 1: Build the Network and Configure Basic Device Settings

In Part 1, you will set up the network topology and clear any configurations if necessary. You will configure basic settings on the router and switch. Then you will load the provided IPv6 configurations before you start troubleshooting.

Step 1: Cable the network as shown in the topology.

Step 2: Initialize and reload the router and the switch.

Step 3: Configure basic settings on the router and switch.

a. Disable DNS lookup.

b. Configure device names as shown in the topology.

c. Encrypt plain text passwords.

d. Create a MOTD banner warning users that unauthorized access is prohibited.

e. Assign class as the encrypted privileged EXEC mode password.

f. Assign cisco as the console and vty passwords and enable login.

g. Configure logging synchronous to prevent console messages from interrupting command entry.

Step 4: Load the IPv6 configuration to R1.

ip domain name ccna-lab.com
! ipv6 unicast-routing
ipv6 dhcp pool IPV6POOL-A
dns-server 2001:DB8:ACAD:CAFE::A
domain-name ccna-lab.com
interface g0/0
no ip address
shutdown
duplex auto
speed auto
interface g0/1
no ip address
duplex auto
speed auto
ipv6 address FE80::1 link-local
ipv6 address 2001:DB8:ACAD:A::11/64
! no ipv6 address 2001:db8:acad:a::11/64
! ipv6 address 2001:db8:acad:a::1/64
! ipv6 nd other-config-flag
! ipv6 dhcp server IPV6POOL-A
! no shutdown
end

Step 5: Load the IPv6 configuration to S1.

interface range f0/1-24
shutdown
!interface range f0/5-6
! no shutdown
interface range g0/1-2
shutdown
interface Vlan1
shutdown
! ipv6 address autoconfig
! no shutdown
end

Step 6: Save the running configurations on R1 and S1.

Step 7: Verify that IPv6 is enabled on PC-A.

Verify that IPv6 has been enabled in the Local Area Connection Properties window on PC-A.

Part 2: Troubleshoot IPv6 Connectivity

In Part 2, you will test and verify Layer 3 IPv6 connectivity on the network. Continue troubleshooting the network until Layer 3 connectivity has been established on all devices. Do not continue to Part 3 until you have successfully completed Part 2.

Step 1: Troubleshoot IPv6 interfaces on R1.

a. According to the topology, which interface must be active on R1 for network connectivity to be established? Record any commands used to identify which interfaces are active.
_______________________________________________________

G0/1
R1# show ip interface brief

b. If necessary, take the steps required to bring up the interface. Record the commands used to correct the configuration errors and verify that the interface is active.
_______________________________________________________

R1(config)# interface g0/1
R1(config-if)# no shutdown

c. Identify the IPv6 addresses configured on R1. Record the addresses found and the commands used to view the IPv6 addresses.
_______________________________________________________
2001:DB8:ACAD:A::11/64
show ipv6 interface or show ipv6 interface g0/1. Show run interface g0/1 can also be used.

d. Determine if a configuration error has been made. If any errors are identified, record all the commands used to correct the configuration.
________________________________________________________

R1(config)# interface g0/1
R1(config-if)# no ipv6 address 2001:db8:acad:a::11/64
R1(config-if)# ipv6 address 2001:db8:acad:a::1/64

e. On R1, what multicast group is needed for SLAAC to function?
_________________________________________________________
All-routers multicast group (FF02::2)

f. What command is used to verify that R1 is a member of that group?
_________________________________________________________
show ipv6 interface or show ipv6 interface g0/1

R1# show ipv6 interface
GigabitEthernet0/1 is down, line protocol is down
  IPv6 is tentative, link-local address is FE80::1 [TEN]
  No Virtual link-local address(es):
  Global unicast address(es):
    2001:DB8:ACAD:A::1, subnet is 2001:DB8:ACAD:A::/64 [TEN]
  Joined group address(es):
    FF02::1
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ICMP unreachables are sent
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds (using 30000)
  ND advertised reachable time is 0 (unspecified)
  ND advertised retransmit interval is 0 (unspecified)
  ND router advertisements are sent every 200 seconds
  ND router advertisements live for 1800 seconds
  ND advertised default router preference is Medium
  Hosts use stateless autoconfig for addresses.

g. If R1 is not a member of the multicast group that is needed for SLAAC to function correctly, make the necessary changes to the configuration so that it joins the group. Record any commands necessary to correct the configurations errors.
_____________________________________________________

R1(config)# ipv6 unicast-routing

h. Re-issue the command to verify that interface G0/1 has joined the all-routers multicast group (FF02::2).

Note: If you are unable to join the all-routers multicast group, you may need to save your current configuration and reload the router.

Step 2: Troubleshoot S1.

a. Are the interfaces needed for network connectivity active on S1? ______No

Record any commands that are used to activate necessary interfaces on S1.
______________________________________________________

S1(config)# interface range f0/5-6
S1(config-if)# no shutdown
S1(config-if)# interface vlan 1
S1(config-if)# no shutdown

b. What command could you use to determine if an IPv6 unicast address has been assigned to S1?
______________________________________________________
Issue the show ipv6 interface or show ipv6 interface vlan1 command.

c. Does S1 have an IPv6 unicast address configured? If so, what is it?
______________________________________________________
No IPv6 address has been assigned.

d. If S1 is not receiving a SLAAC address, make the necessary configuration changes to allow it to receive one. Record the commands used.
______________________________________________________

S1(config)# interface vlan 1
S1(config-if)# ipv6 address autoconfig

e. Re-issue the command that verifies that the interface now receives a SLAAC address.

f. Can S1 ping the IPv6 unicast address assigned to the G0/1 interface assigned to R1?
______________________________________________________
Yes, S1 should be able to ping the 2001:db8:acad:a::1 IPv6 address.

Step 3: Troubleshoot PC-A.

a. Issue the command used on PC-A to verify the IPv6 address assigned. Record the command.
______________________________________________________
ipconfig /all

b. What is the IPv6 unicast address SLAAC is providing to PC-A?
______________________________________________________
If all the changes were made to R1 and S1, PC-A should receive an IPv6 address with the 2001:db8:acad:a::/64 prefix.

c. Can PC-A ping the default gateway address that was assigned by SLAAC?
______________________________________________________
Yes, PC-A should be able to ping the FE80::1 address.

d. Can PC-A ping the management interface on S1?
______________________________________________________
Yes, PC-A should be able to ping the IPv6 address assigned to VLAN 1. This address can be found by issuing the show ipv6 interface vlan1 command on S1 and then looking for the IPv6 address with a prefix of 2001:db8:acad:a::/64.

Note: Continue troubleshooting until you can ping R1 and S1 from PC-A.

Part 3: Troubleshoot Stateless DHCPv6

In Part 3, you will test and verify that Stateless DHCPv6 is working correctly on the network. You will need to use the correct IPv6 CLI commands on the router to determine if Stateless DHCPv6 is working. You may want to use debug to help determine if the DHCP server is being solicited.

Step 1: Determine if Stateless DHCPv6 is functioning correctly.

a. What is the name of the IPv6 DHCP pool? How did you determine this?
_____________________________________________________
IPV6POOL-A. Issue the show ipv6 dhcp pool command to determine the name of the DHCPv6 Server pool. You can also issue the show run | section ipv6 dhcp command to see this information.

R1# show ipv6 dhcp pool
DHCPv6 pool: IPV6POOL-A
  DNS server: 2001:DB8:ACAD:CAFE::A
  Domain name: ccna-lab.com
  Active clients: 0

b. What network information is listed in the DHCPv6 pool?
_____________________________________________________
A DNS server is listed with a 2001:DB8:ACAD:CAFE::A, and a domain name is listed as ccna-lab.com.

c. Was the DHCPv6 information assigned to PC-A? How did you determine this?
_____________________________________________________
No, this can be determined by issuing an ipconfig /all command at the command prompt on PC-A.

Step 2: Troubleshoot R1.

a. What commands can be used to determine if R1 is configured for Stateless DHCPv6?
_____________________________________________________
The show ipv6 interface command can be use to determine if an interface has the Stateless DHCPv6 flag set. The show run command can also be used to view the configuration on the interface.

R1# show ipv6 interface
GigabitEthernet0/1 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::1
  No Virtual link-local address(es):
  Global unicast address(es):
    2001:DB8:ACAD:A::1, subnet is 2001:DB8:ACAD:A::/64
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:FF00:1
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ICMP unreachables are sent
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds (using 30000)
  ND advertised reachable time is 0 (unspecified)
  ND advertised retransmit interval is 0 (unspecified)
  ND router advertisements are sent every 200 seconds
  ND router advertisements live for 1800 seconds
  ND advertised default router preference is Medium
  Hosts use stateless autoconfig for addresses.

b. Is the G0/1 interface on R1 in Stateless DHCPv6 mode?
_______________________________________________________
No. The interface is not part of the all-DHCPv6 Servers group because the FF02::1:2 group address is not listed. It also does not mention the state of the DHCP server at the bottom of the output.

c. What command can be used to have R1 join the all-DHCPv6 server group?
_______________________________________________________
Issue the command ipv6 dhcp server IPV6POOL-A on interface G0/1.

R1(config)# interface g0/1
R1(config-if)# ipv6 dhcp server IPV6POOL-A

d. Verify that the all-DHCPv6 server group is configured for interface G0/1.

R1# show ipv6 interface
GigabitEthernet0/1 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::1
  No Virtual link-local address(es):
  Global unicast address(es):
    2001:DB8:ACAD:A::1, subnet is 2001:DB8:ACAD:A::/64
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:2
    FF02::1:FF00:1
    FF05::1:3
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ICMP unreachables are sent
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds (using 30000)
  ND advertised reachable time is 0 (unspecified)
  ND advertised retransmit interval is 0 (unspecified)
  ND router advertisements are sent every 200 seconds
  ND router advertisements live for 1800 seconds
  ND advertised default router preference is Medium
  Hosts use stateless autoconfig for addresses.

e. Will PC-A receive the DHCP information now? Explain?
______________________________________________________
No, the show ipv6 interface command is still not showing that hosts are going to use DHCP to obtain other configuration information. This can be verified by issuing an ipconfig /all on PC-A.

f. What is missing from the configuration of G0/1 that causes hosts to use the DCHP server to retrieve other network information?
______________________________________________________
The ipv6 nd other-config-flag command is needed to tell hosts to use the DHCP server to retrieve other network information.

R1(config)# interface g0/1
R1(config-if)# ipv6 nd other-config-flag
R1# show ipv6 interface
GigabitEthernet0/1 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::1
  No Virtual link-local address(es):
  Global unicast address(es):
    2001:DB8:ACAD:A::1, subnet is 2001:DB8:ACAD:A::/64
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:2
    FF02::1:FF00:1
    FF05::1:3
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ICMP unreachables are sent
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds (using 30000)
  ND advertised reachable time is 0 (unspecified)
  ND advertised retransmit interval is 0 (unspecified)
  ND router advertisements are sent every 200 seconds
  ND router advertisements live for 1800 seconds
  ND advertised default router preference is Medium
  Hosts use stateless autoconfig for addresses.
  Hosts use DHCP to obtain other configuration.

g. Reset the IPv6 settings on PC-A.

  1. Open the Local Area Connection Properties window, deselect the Internet Protocol Version 6 (TCP/IPv6) check box, and then click OK to accept the change.
  2. Open the Local Area Connection Properties window again, click the Internet Protocol Version 6 (TCP/IPv6) check box, and then click OK to accept the change.

h. Issue the command to verify changes have been made on PC-A.

Note: Continue troubleshooting until PC-A receives the additional DHCP information from R1.

Reflection

1. What command is needed in the DHCPv6 pool for Stateful DHCPv6 that is not needed for Stateless DHCPv6? Why?
_________________________________________________________
The address prefix <ipv6 prefix address> command is needed for Stateful DHCPv6. Hosts receive their IPv6 unicast addresses from the DHCP server so this command is needed to provide the IPv6 prefix to use for the network.

2. What command is needed on the interface to change the network to use Stateful DHCPv6 instead of Stateless DHCPv6?
_________________________________________________________
The ipv6 nd managed-config-flag command is used to set the Stateful DHCPv6 flag. This is transmitted to all hosts on the network through the router advertisement messages sent by R1.

Router Interface Summary Table

Router Interface Summary
Router Model Ethernet Interface #1 Ethernet Interface #2 Serial Interface #1 Serial Interface #2
1800 Fast Ethernet 0/0 (F0/0) Fast Ethernet 0/1 (F0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
1900 Gigabit Ethernet 0/0 (G0/0) Gigabit Ethernet 0/1 (G0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
2801 Fast Ethernet 0/0 (F0/0) Fast Ethernet 0/1 (F0/1) Serial 0/1/0 (S0/1/0) Serial 0/1/1 (S0/1/1)
2811 Fast Ethernet 0/0 (F0/0) Fast Ethernet 0/1 (F0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
2900 Gigabit Ethernet 0/0 (G0/0) Gigabit Ethernet 0/1 (G0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
Note: To find out how the router is configured, look at the interfaces to identify the type of router and how many interfaces the router has. There is no way to effectively list all the combinations of configurations for each router class. This table includes identifiers for the possible combinations of Ethernet and Serial interfaces in the device. The table does not include any other type of interface, even though a specific router may contain one. An example of this might be an ISDN BRI interface. The string in parenthesis is the legal abbreviation that can be used in Cisco IOS commands to represent the interface.

Device Configs

Router R1 (Final)

R1#sh run
Building configuration...
Current configuration : 1829 bytes
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
enable secret 4 06YFDUHH61wAE/kLkDq9BGho1QM5EnRtoyr8cHAUg.2
!
no aaa new-model
!
memory-size iomem 10
!
ipv6 unicast-routing
ipv6 dhcp pool IPV6POOL-A
dns-server 2001:DB8:ACAD:CAFE::A
domain-name ccna-lab.com
!
ipv6 cef
!
no ip domain lookup
ip domain name ccna-lab.com
ip cef
!
multilink bundle-name authenticated
!
crypto pki token default removal timeout 0
!
redundancy
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address FE80::1 link-local
ipv6 address 2001:DB8:ACAD:A::1/64
ipv6 nd other-config-flag
ipv6 dhcp server IPV6POOL-A
!
interface Serial0/0/0
no ip address
shutdown
clock rate 2000000
!
interface Serial0/0/1
no ip address
shutdown
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
control-plane
!
banner motd ^CC
Unauthorized Access is Prohibited!
^C
!
line con 0
exec-timeout 0 0
password 7 0205085A1815
logging synchronous
login
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
password 7 104D05181604
login
transport input all
!
scheduler allocate 20000 1000
!
end

Switch S1 (Final)

S1#sh run
Building configuration...
Current configuration : 3365 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname S1
!
boot-start-marker
boot-end-marker
!
enable secret 4 06YFDUHH61wAE/kLkDq9BGho1QM5EnRtoyr8cHAUg.2
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
!
!
no ip domain-lookup
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
shutdown
!
interface FastEthernet0/2
shutdown
!
interface FastEthernet0/3
shutdown
!
interface FastEthernet0/4
shutdown
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
shutdown
!
interface FastEthernet0/8
shutdown
!
interface FastEthernet0/9
shutdown
!
interface FastEthernet0/10
shutdown
!
interface FastEthernet0/11
shutdown
!
interface FastEthernet0/12
shutdown
!
interface FastEthernet0/13
shutdown
!
interface FastEthernet0/14
shutdown
!
interface FastEthernet0/15
shutdown
!
interface FastEthernet0/16
shutdown
!
interface FastEthernet0/17
shutdown
!
interface FastEthernet0/18
shutdown
!
interface FastEthernet0/19
shutdown
!
interface FastEthernet0/20
shutdown
!
interface FastEthernet0/21
shutdown
!
interface FastEthernet0/22
shutdown
!
interface FastEthernet0/23
shutdown
!
interface FastEthernet0/24
shutdown
!
interface GigabitEthernet0/1
shutdown
!
interface GigabitEthernet0/2
shutdown
!
interface Vlan1
no ip address
ipv6 address autoconfig
!
ip http server
ip http secure-server
!
control-plane
!
banner motd ^C
Unauthorized Access is Prohibited!
^C
!
line con 0
password 7 104D000A0618
logging synchronous
login
line vty 0 4
password 7 104D000A0618
login
line vty 5 15
password 7 104D000A0618
login
!
end

 

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments