IPv6 Configuration Example
The following example configures and enables an IPv6 address on a GigaVUE‑HC3 node. It also configures an IPv6 address for a TACACS+ server, which is the remote authenticator.
To configure an IPv6 address for an LDAP server, use the CLI command host ldap host instead of tacacs-server host in Step 13.
In this example, the IPv6 network prefix is 2001:db8::/120.
Step |
Description |
Command |
|||
|
Use the configuration jump-start wizard on the GigaVUE‑HC3 to specify the eth0 Management interface, enable DHCP on eth0, enable IPv6, enable IPv6 autoconfig on eth0, and enable DHCPv6 on eth0. |
(config) # configuration jump-startGigaVUE‑OS configuration wizardStep 1: Hostname? [gigamon1]Step 2: Management Interface <eth0> ? [eth0]Step 3: Use DHCP on eth0 interface? [no] yesStep 4: Enable IPv6? [no] yesStep 5: Enable IPv6 autoconfig (SLAAC) on eth0 interface? [no] yesStep 6: Enable DHCPv6 on eth0 interface? [no] yesStep 7: Enable secure cryptography? [no]Step 8: Enable secure passwords? [no]Step 9: Minimum password length? [8]Step 10: Admin password?Please enter a password. Password is a must.Step 10: Admin password?Step 10: Confirm admin password?Step 11: Cluster enable? [no]You have entered the following information:To change an answer, enter the step number to return to.Otherwise hit <enter> to save changes and exit.<enter> |
|||
|
Verify that IPv6 is supported and enabled. Note: If no is displayed for either IPv6 supported or admin enabled, IPv6 communication will fail. Issue the CLI command in Step 3. |
(config) # show ipv6 IPv6 summary IPv6 supported: yes IPv6 admin enabled: yes IPv6 interface count: 1 |
|||
|
(Optional) If no is displayed for either IPv6 supported or admin enabled, issue the following CLI command. |
(config) # ipv6 enable |
|||
|
Configure an IPv6 address for eth0 in the same subnet as the TACACS+ server. |
(config) # interface eth0 ipv6 address 2001:db8:a0b:12f0::17/120 |
|||
|
Enable the eth0 interface. |
(config) # interface eth0 ipv6 enable |
|||
|
Verify the IPv6 address. |
(config) # show interface eth0 Interface eth0 status:... IPv6 enabled: yes ... IPv6 address: 2001:db8:a0b:12f0::17/120 |
|||
|
Add an IPv6 static route. Routing is essential to IPv6 communications. Ensure that all IPv6 addresses are routable and are on the same subnet. Also ensure your network switches, routers, and firewalls are configured in such way to allow IPv6 packets to reach their destination. |
(config) # ipv6 route 2001:db8:a0b::/120 eth0 |
|||
|
Verify the IPv6 routing table. |
(config) # show ipv6 route |
|||
|
Destination prefix Gateway Interface Source ----------------------------------------------------------------- ::/0 :: eth0 static 2001:db8:a0b:12f0::/120 :: eth0 static :: eth0 interface 2001:db8:a0b:12f0::17/120 :: lo local |
||||
|
Ping the host default gateway from the GigaVUE node to verify the endpoints. If you do not get a response, check the connections and routing. |
(config) # ping6 -I eth0 2001:db8:a0b:12f0::1 |
|||
|
Configure TACACS+ as the default AAA login. |
(config) # aaa authentication login default tacacs+ |
|||
|
Verify the authentication configuration. Also verify that the default user is external. |
(config) # show aaa AAA authorization: Default User: external Map Order: remote-first Authentication method(s): tacacs+ local
|
|||
|
Verify that the external user has a password set. |
(config) # show usernames USERNAME FULL NAME ACCOUNT STATUS admin System Administrator Password set
|
|||
|
Configure the IPv6 address for the TACACS+ server. |
(config) # tacacs-server host 2001:db8:a0b:12f0::11 key gigamon enable |
|||
|
Verify the TACACS+ server IPv6 address. |
(config) # show tacacs ... TACACS+ servers: 2001:db8:a0b:12f0::11:49
|
|||
|
Ping the TACACS+ server to verify that it is reachable. |
(config) # ping6 -I eth0 2001:db8:a0b:12f0::11 |