[c-nsp] Catalyst 6500: IPv6-enabled SVIs

Fri Nov 1 02:17:55 EDT 2013

Thank for your attention!

> What version of code are you running?
12.2(33)SXJ3

> I'm not sure this is right. We have pfc3b boxes with loads of
> IPv6-enabled SVIs and we're only using 16 ingress / 4 egress labels.
> Do you have a different ACL per SVI? Can you show the config for one of
> the SVIs?

Here is the template of such SVI:

interface Vlan3400
 ipv6 address ABCD::1/64
 ipv6 enable
 no ipv6 unreachables
 ipv6 nd managed-config-flag
 ipv6 nd other-config-flag
 no ipv6 redirects
 ipv6 dhcp relay destination ABC0::1
 ipv6 dhcp relay destination ABC1::1
end

I've tried to disable all features - switch released TCAM entry only after
'no ipv6 enable'&'no ipv6 address'. There are no any IPv6 ACLs on thise
SVIs.

> I'm not sure how we suddenly get onto multicast? What makes you think
> this is related?

I'm also not sure but there is only FF00:: in the output of 'sh tcam
interface Vlan3400 acl in ipv6':

Cat6500#sh tcam interface vlan 3400 acl in ipv6

* Global Defaults shared

-------------------------------------------------------
ICMP Neighbor Discovery Packet Types:
na - neighbor advertisement  ra - router advertisement
ns - neighbor solicit        rs - router solicit
r  - redirect

IPV6 Address Types:
full - IPv6 Full             eui - IPv6 EUI
eipv4 - IPv6 embeded IPv4
-------------------------------------------------------

Entries from Bank 0

    policy-route ipv6 0:2A02:17D0:2B00:6400::1/56(eui) FF00::/8(full)
    policy-route ipv6 2A02:17D0:2B00:6400::1/56(full) FF00::/8(full)
    permit       ipv6 any(eipv4) any
    permit       ipv6 any(eui) any
    permit       ipv6 any(full) any

Entries from Bank 1

The output of 'show platform software ipv6-multicast connected' also
demonstrates some relations between IPv6 multicast and ACL-TCAM.

-- 
Regards
Vladimir Troitskiy