Implementing ADSL and Deploying Dial Access for IPv6

Last Updated: August 1, 2012

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Restrictions for Implementing ADSL and Deploying Dial Access for IPv6

  • ADSL and dial deployment are available for interfaces with PPP encapsulation enabled, including PPP over ATM (PPPoA), PPP over Ethernet (PPPoE), PPP over async, and PPP over ISDN.
  • Network Address Translation (NAT) is not supported for IPv6 TACACS servers in Cisco IOS Release 15.1(1)S.

Information About Implementing ADSL and Deploying Dial Access for IPv6

Address Assignment for IPv6

A Cisco router configured with IPv6 will advertise its IPv6 prefixes on one or more interfaces, allowing IPv6 clients to automatically configure their addresses. In IPv6, address assignment is performed at the network layer, in contrast to IPv4 where a number of functions are handled in the PPP layer. The only function handled in IPv6 control protocol is the negotiation of a unique interface identifier. Everything else, including Domain Name Server (DNS) server discovery, is done within the IPv6 protocol itself.

Contrary to IPv4 address assignment, an IPv6 user will be assigned a prefix, not a single address. Typically, the ISP assigns a 64- or 48-bit prefix.

In IPv6, ISPs assign long-lived prefixes to users, which has some impact on the routing system. In typical IPv4 environments, each network access server (NAS) has a pool of 24-bit addresses and users get addresses from this pool when dialing in. If a user dials another point of presence (POP) or is connected to another NAS at the same POP, a different IPv4 address is assigned.

Addresses for IPv6 are assigned using two methods:

Stateless Address Autoconfiguration

Assigning addresses using the stateless address autoconfiguration method can be used only to assign 64-bit prefixes. Each user is assigned a 64-bit prefix, which is advertised to the user in a router advertisement (RA). All addresses are automatically configured based on the assigned prefix.

A typical scenario is to assign a separate 64-bit prefix per user; however, users can also be assigned a prefix from a shared pool of addresses. Using the shared pool limits addresses to only one address per user.

This method works best for the cases where the customer provider edge (CPE) router is a single PC or is limited to only one subnet. If the user has multiple subnets, Layer 2 (L2) bridging, multilink subnets or proxy RA can be used. The prefix advertised in the RA can come from an authorization, authentication, and accounting (AAA) server, which also provides the prefix attribute, can be manually configured, or can be allocated from a prefix pool.

The Framed-Interface-Id AAA attribute influences the choice of interface identifier for peers and, in combination with the prefix, the complete IPv6 address can be determined.

Prefix Delegation

Prefix delegation uses Dynamic Host Configuration Protocol (DHCP). When the user requests a prefix from the prefix delegator, typically the NAS, the prefix is allocated.

An IPv6 prefix delegating router selects IPv6 prefixes to be assigned to a requesting router upon receiving a request from the client. The delegating router might select prefixes for a requesting router in the following ways:

  • Static assignment based on subscription to an ISP
  • Dynamic assignment from a pool of available prefixes
  • Selection based on an external authority such as a RADIUS server using the Framed-IPv6-Prefix attribute.
DHCP SIP Server Options

Two DHCP for IPv6 Session Initiation Protocol (SIP) server options describe a local outbound SIP proxy: one carries a list of domain names, the other a list of IPv6 addresses. These two options can be configured in a DHCPv6 configuration pool.

AAA over IPv6

Vendor-specific attributes (VSAs) are used to support AAA over IPv6. Cisco VSAs are inacl, outacl, prefix, and route.

You can configure prefix pools and pool names by using the AAA protocol. Customers can deploy an IPv6 RADIUS server or a TACACS+ server to communicate with Cisco devices.

RADIUS over IPv6

The following RADIUS attributes, as described in RFC 3162, are supported for IPv6:

  • Framed-Interface-Id
  • Framed-IPv6-Pool
  • Framed-IPv6-Prefix
  • Framed-IPv6-Route
  • Login-IPv6-Host

The following RADIUS attributes are also supported for IPv6:

  • Delegated-IPv6-Prefix (RFC 4818)
  • Delegated-IPv6-Prefix-Pool
  • DNS-Server-IPv6-Address
  • IPv6 ACL
  • IPv6_DNS_Servers
  • IPv6 Pool
  • IPv6 Prefix#
  • IPv6 Route

The attributes listed above can be configured on a RADIUS server and downloaded to access servers, where they can be applied to access connections.

RADIUS Per-User Attributes for Virtual Access in IPv6 Environments

The following IPv6 attributes for RADIUS attribute-value (AV) pairs are supported for virtual access:

Framed-Interface-Id

The Framed-Interface-Id attribute indicates the IPv6 interface identifier to be configured. This per-user attribute is used during the IPv6CP negotiations and may be used in access-accept packets. If the Interface-Identifier IPv6CP option has been successfully negotiated, this attribute must be included in an Acc-0Request packet as a hint by the NAS to the server that it would prefer that value.

Framed-IPv6-Pool

The Framed-IPv6-Pool attribute is a per-user attribute that contains the name of an assigned pool that should be used to assign an IPv6 prefix for the user. This pool should either be defined locally on the router or defined on a RADIUS server from which pools can be downloaded.

Framed-IPv6-Prefix

The Framed-IPv6-Prefix attribute performs the same function as the Cisco VSA--it is used for virtual access only and indicates an IPv6 prefix (and corresponding route) to be configured. This attribute is a per-user attribute and lets the user specify which prefixes to advertise in Neighbor Discovery Router Advertisement messages. The Framed-IPv6-Prefix attribute may be used in access-accept packets and can appear multiple times. The NAS will create a corresponding route for the prefix.

To use this attribute for DHCP for IPv6 prefix delegation, create a profile for the same user on the RADIUS server. The username associated with the second profile has the suffix "-dhcpv6."

The Framed-IPv6-Prefix attribute in the two profiles is treated differently. If a NAS needs both to send a prefix in router advertisements (RAs) and delegate a prefix to a remote user's network, the prefix for RA is placed in the Framed-IPv6-Prefix attribute in the user's regular profile, and the prefix used for prefix delegation is placed in the attribute in the user's separate profile.

Framed-IPv6-Route

The Framed-IPv6-Route attribute performs the same function as the Cisco VSA: It is a per-user attribute that provides routing information to be configured for the user on the NAS. This attribute is a string attribute and is specified using the ipv6 route command.

IPv6 ACL

You can specify a complete IPv6 access list. The unique name of the access list is generated automatically. The access list is removed when its user logs out. The previous access list on the interface is reapplied.

The inacl and outacl attributes allow you to a specific existing access list configured on the router. The following example shows ACL number 1 specified as the access list:

cisco-avpair = "ipv6:inacl#1=permit 2001:DB8:cc00:1::/48",
cisco-avpair = "ipv6:outacl#1=deny 2001:DB8::/10",
IPv6 Pool

For RADIUS authentication, the IPv6 Pool attribute extends the IPv4 address pool attributed to support the IPv6 protocol. It specifies the name of a local pool on the NAS from which to get the prefix and is used whenever the service is configured as PPP and whenever the protocol is specified as IPv6. Note that the address pool works in conjunction with local pooling. It specifies the name of the local pool that has been preconfigured on the NAS.

IPv6 Prefix

The IPv6 Prefix# attribute lets you indicate which prefixes to advertise in Neighbor Discovery Router Advertisement messages. When the IPv6 Prefix# attribute is used, a corresponding route (marked as a per-user static route) is installed in the routing information base (RIB) tables for the given prefix.

cisco-avpair = "ipv6:prefix#1=2001:DB8::/64",
cisco-avpair = "ipv6:prefix#2=2001:DB8::/64",
IPv6 Route

The IPv6 route attribute allows you to specify a per-user static route. A static route is appropriate when the Cisco IOS software cannot dynamically build a route to the destination. See the description of the ipv6 route command for more information about building static routes.

The following example shows the IPv6 route attribute used to define a static route:

cisco-avpair = "ipv6:route#1=2001:DB8:cc00:1::/48",
cisco-avpair = "ipv6:route#2=2001:DB8:cc00:2::/48",
Login-IPv6-Host

The Login-IPv6-Host attribute is a per-user attribute that indicates the IPv6 system with which to connect the user when the Login-Service attribute is included.

TACACS+ Over an IPv6 Transport

An IPv6 server can be configured to use TACACS+. Both IPv6 and IPv4 servers can be configured to use TACACS+ using a name instead of an IPv4 or IPv6 address.

IPv6 Prefix Pools

The function of prefix pools in IPv6 is similar to that of address pools in IPv4. The main difference is that IPv6 assigns prefixes rather than single addresses.

As in IPv4, a pool or a pool definition in IPv6 can be configured locally or it can be retrieved from an AAA server. Overlapping membership between pools is not permitted.

Once a pool is configured, it cannot be changed. If you change the configuration, the pool will be removed and re-created. All prefixes previously allocated will be freed.

Prefix pools can be defined so that each user is allocated a 64-bit prefix or so that a single prefix is shared among several users. In a shared prefix pool, each user may receive only one address from the pool.

How to Configure ADSL and Deploy Dial Access in IPv6

Configuring the NAS

SUMMARY STEPS

1.    enable

2.    configure terminal

3.    hostname name

4.    aaa new-model

5.    aaa authentication ppp {default | list-name} method1 [method2...]

6.    aaa authorization configuration default {radius | tacacs+

7.    show ipv6 route [ipv6-address | ipv6-prefix / prefix-length | protocol | interface-type interface-number

8.    virtual-profile virtual-template number

9.    interface serial controller-number : timeslot

10.    encapsulation encapsulation-type

11.    exit

12.    dialer-group group-number

13.    ppp authentication protocol1 [protocol2...] [if-needed] [list-name | default] [callin] [one-time] [optional]

14.    interface virtual-template number

15.    ipv6 enable

16.    dialer-list dialer-group protocol protocol-name {permit | deny | list access-list-number | access-group}

17.    radius-server host {hostname | ip-address} [test username user-name] [auth-port port-number] [ignore-auth-port] [acct-port port-number] [ignore-acct-port] [timeout seconds] [retransmit retries] [key string] [alias {hostname | ip-address}] [idle-time seconds


DETAILED STEPS
  Command or Action Purpose
Step 1
enable


Example:

Router> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
configure terminal


Example:

Router# configure terminal

 

Enters global configuration mode.

 
Step 3
hostname name


Example:

Router(config)# hostname cust1-53a

 

Specifies the hostname for the network server.

 
Step 4
aaa new-model


Example:

Router(config)# aaa new-model

 

Enables the AAA server.

 
Step 5
aaa authentication ppp {default | list-name} method1 [method2...]


Example:

Router(config)# aaa authentication ppp default if-needed group radius

 

Specifies one or more AAA authentication methods for use on serial interfaces that are running PPP.

 
Step 6
aaa authorization configuration default {radius | tacacs+


Example:

Router(config)# aaa authorization configuration default radius

 

Downloads configuration information from the AAA server.

 
Step 7
show ipv6 route [ipv6-address | ipv6-prefix / prefix-length | protocol | interface-type interface-number


Example:

Router(config)# show ipv6 route

 

Shows the routes installed by the previous commands.

 
Step 8
virtual-profile virtual-template number


Example:

Router(config)# virtual-profile virtual-template 1

 

Enables virtual profiles by virtual interface template.

 
Step 9
interface serial controller-number : timeslot


Example:

Router(config)# interface serial 0:15

 

Specifies a serial interface created on a channelized E1 or channelized T1 controller (for ISDN PRI, channel-associated signaling, or robbed-bit signaling).

This command also puts the router into interface configuration mode.

 
Step 10
encapsulation encapsulation-type


Example:

Router(config-if)# encapsulation ppp

 

Sets the encapsulation method used by the interface.

 
Step 11
exit


Example:

Router(config-if)# exit

 

Returns to global configuration mode.

 
Step 12
dialer-group group-number


Example:

Router(config)# dialer-group 1

 

Controls access by configuring an interface to belong to a specific dialing group.

 
Step 13
ppp authentication protocol1 [protocol2...] [if-needed] [list-name | default] [callin] [one-time] [optional]


Example:

Router(config)# ppp authentication chap

 

Enables Challenge Handshake Authentication Protocol (CHAP) or Password Authentication Protocol (PAP) or both and specifies the order in which CHAP and PAP authentication are selected on the interface.

 
Step 14
interface virtual-template number


Example:

Router(config)# interface virtual-template 1

 

Creates a virtual template interface that can be configured and applied dynamically in creating virtual access interfaces.

 
Step 15
ipv6 enable


Example:

Router(config)# ipv6 enable

 

Enables IPv6 processing on an interface that has not been configured with an explicit IPv6 address.

 
Step 16
dialer-list dialer-group protocol protocol-name {permit | deny | list access-list-number | access-group}


Example:

Router(config)# dialer-list 1 protocol ipv6 permit

 

Defines a dial-on-demand routing (DDR) dialer list for dialing by protocol or by a combination of a protocol and a previously defined access list.

 
Step 17
radius-server host {hostname | ip-address} [test username user-name] [auth-port port-number] [ignore-auth-port] [acct-port port-number] [ignore-acct-port] [timeout seconds] [retransmit retries] [key string] [alias {hostname | ip-address}] [idle-time seconds


Example:

Router(config)# radius-server host 172.17.250.8 auth-port 1812 acct-port 1813 key testing123

 

Specifies a RADIUS server host.

 

Configuring the Remote CE Router

SUMMARY STEPS

1.    enable

2.    configure terminal

3.    hostname name

4.    interface bri number . subinterface-number [multipoint | point-to-point]

5.    encapsulation encapsulation-type

6.    ipv6 address autoconfig [default

7.    isdn switch-type switch-type

8.    ppp authentication {protocol1 [protocol2...]} [if-needed] [list-name | default] [callin] [one-time]

9.    ppp multilink [bap | required]

10.    exit

11.    dialer-list dialer-group protocol protocol-name {permit | deny | list access-list-number | access-group}

12.    ipv6 route ipv6-prefix / prefix-length {ipv6-address | interface-type interface-number ipv6-address]} [administrative-distance] [administrative-multicast-distance | unicast| multicast] [tag tag


DETAILED STEPS
  Command or Action Purpose
Step 1
enable


Example:

Router> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
configure terminal


Example:

Router# configure terminal

 

Enters global configuration mode.

 
Step 3
hostname name


Example:

Router(config)# hostname cust1-36a

 

Specifies the hostname for the network server.

 
Step 4
interface bri number . subinterface-number [multipoint | point-to-point]


Example:

Router(config)# interface bri 1.0

 

Configures a BRI interface.

 
Step 5
encapsulation encapsulation-type


Example:

Router(config-if)# encapsulation ppp

 

Sets the encapsulation method used by the interface.

 
Step 6
ipv6 address autoconfig [default


Example:

Router(config-if)# ipv6 address autoconfig

 

Indicates that the IPv6 address will be generated automatically.

 
Step 7
isdn switch-type switch-type


Example:

Router(config-if)# isdn switch-type basic-net3

 

Specifies the central office switch type on the ISDN interface.

 
Step 8
ppp authentication {protocol1 [protocol2...]} [if-needed] [list-name | default] [callin] [one-time]


Example:

Router(config-if)# ppp authentication chap

 

Enables Challenge Handshake Authentication Protocol (CHAP) or Password Authentication Protocol (PAP) or both and specifies the order in which CHAP and PAP authentication are selected on the interface.

 
Step 9
ppp multilink [bap | required]


Example:

Router(config-if)# ppp multilink

 

Enables Multilink PPP (MLP) on an interface and, optionally, enables Bandwidth Allocation Control Protocol (BACP) and Bandwidth Allocation Protocol (BAP) for dynamic bandwidth allocation.

 
Step 10
exit


Example:

Router(config-if)# exit

 

Exits interface configuration mode and returns to global configuration mode.

 
Step 11
dialer-list dialer-group protocol protocol-name {permit | deny | list access-list-number | access-group}


Example:

Router(config)# dialer-list 1 protocol ipv6 permit

 

Defines a dial-on-demand routing (DDR) dialer list for dialing by protocol or by a combination of a protocol and a previously defined access list.

 
Step 12
ipv6 route ipv6-prefix / prefix-length {ipv6-address | interface-type interface-number ipv6-address]} [administrative-distance] [administrative-multicast-distance | unicast| multicast] [tag tag


Example:

Router(config)# ipv6 route 2001:DB8::1/128 BRI1/0

 

Establishes static IPv6 routes.

  • Use one command for each route.
 

Configuring the DHCPv6 Server to Obtain Prefixes from RADIUS Servers

Before You Begin

Before you perform this task, you must configure the AAA client and PPP on the router.


SUMMARY STEPS

1.    enable

2.    configure terminal

3.    interface type number

4.    ipv6 nd prefix framed-ipv6-prefix


DETAILED STEPS
  Command or Action Purpose
Step 1
enable


Example:

Router> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
configure terminal


Example:

Router# configure terminal

 

Enters global configuration mode.

 
Step 3
interface type number


Example:

Router(config)# interface ethernet 0/0

 

Specifies an interface type and number, and places the router in interface configuration mode.

 
Step 4
ipv6 nd prefix framed-ipv6-prefix


Example:

Router(config-if)# ipv6 nd prefix framed-ipv6-prefix

 

Adds the prefix in a received RADIUS framed IPv6 prefix attribute to the interface's neighbor discovery prefix queue.

 

Configuring DHCPv6 AAA and SIP Options

SUMMARY STEPS

1.    enable

2.    configure terminal

3.    ipv6 dhcp pool poolname

4.    prefix-delegation aaa [method-list method-list] [lifetime]

5.    sip address ipv6-address

6.    sip domain-name domain-name


DETAILED STEPS
  Command or Action Purpose
Step 1
enable


Example:

Router> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
configure terminal


Example:

Router# configure terminal

 

Enters global configuration mode.

 
Step 3
ipv6 dhcp pool poolname


Example:

Router(config)# ipv6 dhcp pool pool1

 

Configures a DHCP for IPv6 configuration information pool and enters DHCP for IPv6 pool configuration mode.

 
Step 4
prefix-delegation aaa [method-list method-list] [lifetime]


Example:

Router(config-dhcp)# prefix-delegation aaa method-list list1

 

Specifies that prefixes are to be acquired from AAA servers.

 
Step 5
sip address ipv6-address


Example:

Router(config-dhcp)# sip address 2001:DB8::2

 

Configures a SIP server IPv6 address to be returned in the SIP server's IPv6 address list option to clients.

 
Step 6
sip domain-name domain-name


Example:

Router(config-dhcp)# sip domain sip1.cisco.com

 

Configures a SIP server domain name to be returned in the SIP server's domain name list option to clients.

 

Configuring TACACS+ over IPv6

Configuring the TACACS+ Server over IPv6

SUMMARY STEPS

1.    enable

2.    configure terminal

3.    tacacs server name

4.    address ipv6 ipv6-address

5.    key [0 | 7] key-string

6.    port [number

7.    send-nat-address

8.    single-connection

9.    timeout seconds


DETAILED STEPS
  Command or Action Purpose
Step 1
enable


Example:

Router> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
configure terminal


Example:

Router# configure terminal

 

Enters global configuration mode.

 
Step 3
tacacs server name


Example:

Router(config)# tacacs server server1

 

Configures the TACACS+ server for IPv6 and enters TACACS+ server configuration mode.

 
Step 4
address ipv6 ipv6-address


Example:

Router(config-server-tacacs)# address ipv6 2001:DB8:3333:4::5

 

Configures the IPv6 address of the TACACS+ server.

 
Step 5
key [0 | 7] key-string


Example:

Router(config-server-tacacs)# key 0 key1

 

Configures the per-server encryption key on the TACACS+ server.

 
Step 6
port [number


Example:

Router(config-server-tacacs)# port 12

 

Specifies the TCP port to be used for TACACS+ connections.

 
Step 7
send-nat-address


Example:

Router(config-server-tacacs)# send-nat-address

 

Sends a client's post-NAT address to the TACACS+ server.

 
Step 8
single-connection


Example:

Router(config-server-tacacs)# single-connection

 

Enables all TACACS packets to be sent to the same server using a single TCP connection.

 
Step 9
timeout seconds


Example:

Router(config-server-tacacs)# timeout 10

 

Configures the time to wait for a reply from the specified TACACS server.

 

Specifying the Source Address in TACACS+ Packets

SUMMARY STEPS

1.    enable

2.    configure terminal

3.    ipv6 tacacs source-interface type number


DETAILED STEPS
  Command or Action Purpose
Step 1
enable


Example:

Router> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
configure terminal


Example:

Router# configure terminal

 

Enters global configuration mode.

 
Step 3
ipv6 tacacs source-interface type number


Example:

Router(config)# ipv6 tacacs source-interface GigabitEthernet 0/0/0

 

Specifies an interface to use for the source address in TACACS+ packets.

 

Configuring TACACS+ Server Group Options

SUMMARY STEPS

1.    enable

2.    configure terminal

3.    aaa group server tacacs+ group-name

4.    server name server-name

5.    server-private {ip-address | name | ipv6-address} [nat] [single-connection] [port port-number] [timeout seconds] [key [0 | 7] string]


DETAILED STEPS
  Command or Action Purpose
Step 1
enable


Example:

Router> enable

 

Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2
configure terminal


Example:

Router# configure terminal

 

Enters global configuration mode.

 
Step 3
aaa group server tacacs+ group-name


Example:

Router(config)# aaa group server tacacs+ group1

 

Groups different TACACS+ server hosts into distinct lists and distinct methods.

 
Step 4
server name server-name


Example:

Router(config-sg-tacacs+)# server name server1

 

Specifies an IPv6 TACACS+ server.

 
Step 5
server-private {ip-address | name | ipv6-address} [nat] [single-connection] [port port-number] [timeout seconds] [key [0 | 7] string]


Example:

Router(config-sg-tacacs+)# server-private 2001:DB8:3333:4::5 port 19 key key1

 

Configures the IPv6 address of the private TACACS+ server for the group server.

 

Configuration Examples for Implementing ADSL and Deploying Dial Access for IPv6

Example Implementing ADSL and Deploying Dial Access for IPv6

NAS Configuration

This configuration for the ISP NAS shows the configuration that supports access from the remote CE router. 

hostname cust1-53a
  aaa new-model
  aaa authentication ppp default if-needed group radius
  aaa authorization network default group radius 
  virtual-profile virtual-template 1
  interface Serial0:15
   encapsulation ppp
   dialer-group 1
   ppp authentication chap
  !
  interface Virtual-Template1
   ipv6 enable
  !
  dialer-list 1 protocol ipv6 permit
  radius-server host 172.17.250.8 auth-port 1812 acct-port 1813 key testing123

Remote CE Router Configuration

This configuration for the remote customer edge router shows PPP encapsulation and IPv6 routes defined. 

hostname cust-36a
  interface BRI1/0
   encapsulation ppp
   ipv6 enable
   isdn switch-type basic-net3
   ppp authentication chap optional
   ppp multilink
  !
  dialer-list 1 protocol ipv6 permit
  ipv6 route 2001:DB8::1/128 BRI1/0
  ipv6 route ::/0 2001:DB8::1

RADIUS Configuration

This RADIUS configuration shows the definition of AV pairs to establish the static routes. 

  campus1 Auth-Type = Local, Password = mypassword
                User-Service-Type = Framed-User,
                Framed-Protocol = PPP,
                cisco-avpair = ipv6:inacl#1=permit 2001:DB8:0::/64 any,
                cisco-avpair = ipv6:route=2001:DB8:1::/64,
                cisco-avpair = ipv6:route=2001:DB8:2::/64,
                cisco-avpair = ipv6:prefix=2001:DB8:1::/64 0 0 onlink autoconfig,
                cisco-avpair = ipv6:prefix=2001:DB8:2::/64 0 0 onlink autoconfig,
                cisco-avpair = ip:route=10.0.0.0 255.0.0.0,

Additional References

Related Documents

Related Topic

Document Title

IPv6 supported feature list

"Start Here: Cisco IOS Software Release Specifics for IPv6 Features ," Cisco IOS IPv6 Configuration Guide

IPv6 basic connectivity

"Implementing IPv6 Addressing and Basic Connectivity, " Cisco IOS IPv6 Configuration Guide

IPv6 commands: complete command syntax, command mode, defaults, usage guidelines, and examples

Cisco IOS IPv6 Command Reference

Certification authority and interoperability, RA proxy

"Security Overview ," Cisco IOS Security Configuration Guide

RADIUS server configuration

"Security Overview ," Cisco IOS Security Configuration Guide

Standards

Standards

Title

No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.

--

MIBs

MIBs

MIBs Link

None

To locate and download MIBs for selected platforms, Cisco software releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs

RFCs

RFCs

Title

RFC 3162

RADIUS and IPv6

RFC 3177

IAB/IESG Recommendations on IPv6 Address

RFC 3319

Dynamic Host Configuration Protocol (DHCPv6) Options for Session Initiated Protocol (SIP) Servers

Technical Assistance

Description

Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html

Feature Information for Implementing ADSL and Deploying Dial Access for IPv6

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Table 1 Feature Information for Implementing ADSL and Deploying Dial Access for IPv6

Feature Name

Releases

Feature Information

AAA Support for Cisco VSA IPv6 Attributes

12.2(13)T 12.3 12.3(2)T 12.4 12.4(2)T

Vendor-specific attributes (VSAs) were developed to support AAA for IPv6.

AAA Support for RFC 3162 IPv6 RADIUS Attributes

12.3(4)T 12.4 12.4(2)T

The AAA attributes for IPv6 are compliant with RFC 3162 and require a RADIUS server capable of supporting RFC 3162.

DHCP for IPv6 Prefix Delegation via AAA

12.2(18)SXE 12.3(14)T 12.4 12.4(2)T

Enhanced IPv6 Features for ADSL and Dial Deployment

12.2(13)T 12.3 12.3(2)T 12.4 12.4(2)T

Several features were enhanced to enable IPv6 to use ADSL and dial deployment.

IPv6 Prefix Pools

12.2(13)T 12.3 12.3(2)T 12.4 12.4(2)T

The function of prefix pools in IPv6 is similar to that of address pools in IPv4. The main difference is that IPv6 assigns prefixes rather than single addresses.

PPPoA

12.2(13)T 12.3 12.3(2)T 12.4 12.4(2)T

ADSL and dial deployment is available for interfaces with PPP encapsulation enabled, including PPPoA.

PPPoE

12.2(13)T 12.3 12.3(2)T 12.4 12.4(2)T

ADSL and dial deployment is available for interfaces with PPP encapsulation enabled, including PPPoE.

RADIUS over IPv6

12.2(58)SE 15.2(1)T

This feature is supported.

SSO - PPPoE IPv6

12.2(33)XNE

This feature is supported in Cisco IOS Release 12.2(33)XNE.

TACACS+ over IPv6

12.2(33)SXJ 12.2(58)SE 15.1(1)S 15.2(1)T

TACACS+ over IPv6 is supported.

The following commands were introduced or modified by this feature: aaa group server tacacs+, address ipv6 (TACACS+), ipv6 tacacs source-interface, key (TACACS+), port (TACACS+), send-nat-address, server name (IPv6 TACACS+), server-private (TACACS+), single-connection, tacacs server, timeout (TACACS+).

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

© 2012 Cisco Systems, Inc. All rights reserved.