[c-nsp] strange ipv6 problems on 3550 SVI
Tóth András
diosbejgli at gmail.com
Mon Mar 22 11:01:59 EDT 2010
Hi.
According to my tests, IPv6 is somewhat supported on the 3550 with
12.2(44)SE1 and SE2, however only in software. The switch can send out
IPv6 packets (that's why you are seeing EIGRP adjacency established
for a short time) but cannot receive any (that's why EIGRP adjacency
is flapping), which means it drops inbound IPv6 packets sent to the
switch itself because the hardware seemingly cannot understand them. I
also checked this behavior with Wireshark.
debug ipv6 packet
Mar 22 15:38:43: IPV6: source 2001:xxxx:xxxx:xxxx::2 (local)
Mar 22 15:38:43: dest FF02::1:FF00:2 (Vlan2)
Mar 22 15:38:43: traffic class 224, flow 0x0, len 72+8, prot 58,
hops 255, originating
Mar 22 15:38:43: IPv6: Sending on Vlan2
The interesting part is that IPv6 tunneling (GRE mode, because ipv6ip
mode cannot be selected) is working on the 3550 with the above IOS
versions. Enable ipv6 unicast-routing and create a tunnel interface,
assign an IPv6 address to it and set an IPv6 capable router's IPv4
address as the tunnel destination. It will work because the switch
will receive IPv4 packets and the IPv6 packets encapsulated into them
are processed by the CPU.
ipv6 unicast-routing
interface Tunnel6
no ip address
ipv6 address 2001:xxxx:xxxx:xxxx:6::2/112
ipv6 enable
tunnel source 192.168.1.5
tunnel destination 192.168.1.7
end
ipv6 route ::/0 2001:xxxx:xxxx:xxxx:6::1
c3550#ping 2001:xxxx:xxxx:xxxx::1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:xxxx:xxxx:xxxx::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
Best regards,
Andras
On Fri, Mar 19, 2010 at 5:22 PM, Matthew Huff <mhuff at ox.com> wrote:
> Bingo!
>
> Yes, I agree, it's worse. I knew the 3550 only did ipv6 in software, but this was going to be a low packet count test. Something things "seem" to work, but not really.
>
> Oh well, that division budgets won't be available to upgrade that switch until after Sept 2011, so it will have to wait.
>
More information about the cisco-nsp
mailing list