Configuring IPv6 Addresses Other Than Static in Cumulus Linux

Follow

Issue

Cumulus Linux ships with different default behaviors than Debian, which can cause confusion when trying to enable IPv6 support that is not static addressing.

{{table_of_contents}}

Environment

All versions of Cumulus Linux

Resolution

While Cumulus Linux is based on Debian, because it's a network operating system (NOS), it ships with different default behaviors. This article seeks to show how to utilize several different IPv6 address types with Cumulus Linux, including:

Topology Example

This section describes how to configure the following topology:

Configuring Leaf1

You need to configure the swp1s0 interface. Add the following configuration to /etc/network/interfaces on Leaf1:

auto swp1s0
iface swp1s0

Then apply the changes with:

cumulus@switch:~$ sudo ifreload -a

Configuring Spine1

You need to configure the swp49 interface with an IPv6 address, then configure route advertisements.

To configure swp49, add the following configuration to /etc/network/interfaces:

auto swp49
iface swp49
    address 2001:db8:0::1/64

Apply the changes with:

cumulus@switch:~$ sudo ifreload -a

To configure the route advertisements in Quagga, add the following configuration to /etc/quagga/Quagga.conf:

interface swp49
 ipv6 nd prefix 2001:db8::/64
 ipv6 nd ra-interval 1
 ipv6 nd ra-lifetime 60
 ipv6 nd router-preference high
 link-detect
 no ipv6 nd suppress-ra

Note: Quagga will advertise whatever prefix is configured regardless of whether or not an interface is present in the specified prefix. It is possible to advertise prefix information for IPv6 addresses which do not reside on the interface which is sending the advertisements. 

Modify the Quagga daemons file to enable the Zebra daemon:

sudo sed -i 's/zebra=no/zebra=yes/g' /etc/quagga/daemons

Start the Quagga [and Zebra] daemon:

cumulus@switch:~$ sudo service quagga restart

Configuring an Interface as an IPv6 DHCP Client 

Note: Cumulus Linux does not support the inet6 auto method used in Debian.

Edit /etc/network/interfaces file and add the following lines:

auto swp1s0
iface swp1s0 inet6 dhcp

Configuring an Interface as an IPv6 SLAAC Interface

The use of SLAAC requires modifiying the sysctl variables that allow the interface to process ICMPv6 Router Advertisements via the accept_ra variable described on kernel.org with the following options:

accept_ra - INTEGER
	Accept Router Advertisements; autoconfigure using them.

	It also determines whether or not to transmit Router
	Solicitations. If and only if the functional setting is to
	accept Router Advertisements, Router Solicitations will be
	transmitted.

	Possible values are:
		0 Do not accept Router Advertisements.
		1 Accept Router Advertisements if forwarding is disabled.
		2 Overrule forwarding behaviour. Accept Router Advertisements
		  even if forwarding is enabled.

	Functional default: enabled if local forwarding is disabled.
			    disabled if local forwarding is enabled.

To configure the interface non-persistently/at runtime:

cumulus@switch:~$ sudo sysctl -w net.ipv6.conf.swp1s0.accept_ra=2

Note: If you're trying to remove the configuration by setting accept_ra=0, the change does not take affect immediately; rather, it doesn't occur until the interface is downed and brought back up.

To configure the interface persistently, edit /etc/network/interfaces and add the following lines:

auto swp1s0 
iface swp1s0
    post-up sysctl -w net.ipv6.conf.$IFACE.accept_ra=2 

This change should take effect immediately.

To make this setting persistent globally for the whole switch, edit the /etc/sysctl.d/local.conf file and add the following lines:

    net.ipv6.conf.all.accept_ra=2
    net.ipv6.conf.default.accept_ra=2

Configuring an Interface to Use IPv6 Temporary Addresses

In order to use temporary addresses, you must utilize a new sysctl variable called use_tempaddr, which has the following behaviors according to kernel.org:

use_tempaddr - INTEGER
	Preference for Privacy Extensions (RFC3041).
	  <= 0 : disable Privacy Extensions
	  == 1 : enable Privacy Extensions, but prefer public
	         addresses over temporary addresses.
	  >  1 : enable Privacy Extensions and prefer temporary
	         addresses over public addresses.
	Default:  0 (for most devices)
		 -1 (for point-to-point devices and loopback devices)

For the examples here, you set use_tempaddr=2, which prefers to send traffic via the temporary address. You can confirm this preference with the ip -6 route get command.

cumulus@switch:/home/cumulus$ ip addr show swp1s0
3: swp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 500
link/ether 70:72:cf:be:2e:b3 brd ff:ff:ff:ff:ff:ff
inet6 2001:db8::e0f9:6c55:ecbb:c90e/64 scope global temporary dynamic
valid_lft 602338sec preferred_lft 83338sec
inet6 2001:db8::7272:cfff:febe:2eb3/64 scope global dynamic
valid_lft 2592000sec preferred_lft 604800sec
inet6 fe80::7272:cfff:febe:2eb3/64 scope link
valid_lft forever preferred_lft forever
cumulus@leaf1:/home/cumulus$ ip -6 route get 2001:db8::1 2001:db8::1 from :: via 2001:db8::1 dev swp1s0 src 2001:db8::e0f9:6c55:ecbb:c90e metric 0 cache

To configure the interface non-persistently, run:

cumulus@switch:~$ sudo sysctl -w net.ipv6.conf.swp1s0.accept_ra=2
cumulus@switch:~$ sudo sysctl -w net.ipv6.conf.swp1s0.use_tempaddr=2

To configure the interface persistently, edit /etc/network/interfaces and add the following lines:

auto swp1s0 
iface swp1s0
    post-up sysctl -w net.ipv6.conf.$IFACE.accept_ra=2
    post-up sysctl -w net.ipv6.conf.$IFACE.use_tempaddr=2

To make this setting persistent globally for the whole switch, edit the /etc/sysctl.d/local.conf file and add the following lines:

    net.ipv6.conf.all.accept_ra=2
    net.ipv6.conf.all.use_tempaddr=2
net.ipv6.conf.default.accept_ra=2
net.ipv6.conf.default.use_tempaddr=2

Then reboot to apply the config to all interfaces.

Have more questions? Submit a request

Comments

Powered by Zendesk