Cisco Sg3008 Manual
Have a look at the manual Cisco Sg3008 Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 53 Cisco manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
IP Configuration IPv6 Management and Interfaces Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 305 17 •Configuration Path Name—Path to configuration file on the configuration server received from the DHCPv6 server. IPv6 Tunnel Tunnels enable transmission of IPv6 packets over IPv4 networks. Each tunnel has a source IPv4 address and a destination IPv4 address. The IPv6 packet is encapsulated between these addresses. ISATAP Tunnels The type of tunnel that can be configured on the device is called an Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) tunnel, which is a point-to-multi- point tunnel. The source address is the IPv4 address (or one of the IPv4 addresses) of the device. When configuring an ISATAP tunnel, the destination IPv4 address is provided by the router. Note the following: •An IPv6 link local address is assigned to the ISATAP interface. The initial IP address is assigned to the interface, which is then activated. •If an ISATAP interface is active, the ISATAP router IPv4 address is resolved via DNS by using ISATAP-to-IPv4 mapping. If the ISATAP DNS record is not resolved, the ISATAP host name-to-address mapping is searched for in the host mapping table. •When the ISATAP router IPv4 address is not resolved via the DNS process, the ISATAP IP interface remains active. The system does not have a default router for ISATAP traffic until the DNS process is resolved. Configuring Tunnels NOTETo configure a tunnel, first configure an IPv6 interface as a tunnel in the IPv6 Interfaces page.
IP Configuration IPv6 Management and Interfaces 306 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 17 To configure an IPv6 tunnel: STEP 1In Layer 2 system mode, click Administration > Management Interface > IPv6 Tunnel. In Layer 3 system mode, click IP Configuration > IPv6 Management and Interfaces > IPv6 Tunnel. STEP 2Enter values for the following fields: •Tunnel Number—Displays the automatic tunnel router domain number. •Tunnel Type—Always ISATAP. •Source IPv4 Address—The IPv4 address of the selected interface on the current device used to form part of the IPv6 address. - Auto—Automatically selects the lowest IPv4 address from among all of its configured IPv4 interfaces on the device. This option is equivalent to the Interface option in Layer 3, because in Layer 2 there is only one interface. NOTEIf the IPv4 address is changed, the local address of the tunnel interface is also changed. - None—Disable the tunnel. - Manual—Enter the IPv4 source address to be used. The IPv4 address configured must be one of the IPv4 addresses of the devices IPv4 interfaces. - Interface—(In Layer 3) Select the IPv4 interface to be used. •ISATAP Router Name—A global string that represents a specific automatic tunnel router domain name. The name can either be the default name (ISATAP) or a user defined name. •ISATAP Solicitation Interval—The number of seconds between ISATAP router solicitations messages, when there is no active ISATAP router. The interval can be the default value or a user defined interval. •ISATAP Robustness—Used to calculate the interval for the DNS or router solicitation queries. The larger the number, the more frequent the queries. NOTEThe ISATAP tunnel is not operational if the underlying IPv4 interface is not in operation.
IP Configuration IPv6 Management and Interfaces Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 307 17 STEP 3Click Apply. The tunnel is saved to the Running Configuration file. Defining IPv6 Addresses To assign an IPv6 address to an IPv6 Interface: STEP 1In Layer 2 system mode, click Administration > Management Interface > IPv6 Addresses. In Layer 3 system mode, click IP Configuration > IPv6 Management and Interfaces > IPv6 Addresses. STEP 2To filter the table, select an interface name, and click Go. The interface appears in the IPv6 Address Table. STEP 3Click Add. STEP 4Enter values for the fields. •IPv6 Interface—Displays the interface on which the IPv6 address is to be defined . If an * is displayed, this means that the IPv6 interface is not enabled but has been configured. •IPv6 Address Type—Select the type of the IPv6 address to add. -Link Local—An IPv6 address that uniquely identifies hosts on a single network link. A link local address has a prefix of FE80, is not routable, and can be used for communication only on the local network. Only one link local address is supported. If a link local address exists on the interface, this entry replaces the address in the configuration. -Global—An IPv6 address that is a global Unicast IPV6 type that is visible and reachable from other networks. •IPv6 Address—In Layer 2, the device supports a singleIPv6 interface. In addition to the default link local and Multicast addresses, the device also automatically adds global addresses to the interface based on the router advertisements it receives. The device supports a maximum of 128 addresses at the interface. Each address must be a valid IPv6 address that is specified in hexadecimal format by using 16-bit values separated by colons.You cannot configure an IPv6 addresses directly on an ISATAP tunnel interface.
IP Configuration IPv6 Management and Interfaces 308 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 17 •Prefix Length—The length of the Global IPv6 prefix is a value from 0-128 indicating the number of the high-order contiguous bits of the address comprise the prefix (the network portion of the address). •EUI-64—Select to use the EUI-64 parameter to identify the interface ID portion of the Global IPv6 address by using the EUI-64 format based on a device MAC address. STEP 5Click Apply. The Running Configuration file is updated. IPv6 Default Router List The IPv6 Default Router List page enables configuring and viewing the default IPv6 router addresses. This list contains the routers that are candidates to become the device default router for non-local traffic (it may be empty). The device randomly selects a router from the list. The device supports one static IPv6 default router. Dynamic default routers are routers that have sent router advertisements to the device IPv6 interface. When adding or deleting IP addresses, the following events occur: •When removing an IP interface, all the default router IP addresses are removed. Dynamic IP addresses cannot be removed. •An alert message appears after an attempt is made to insert more than a single user-defined address. •An alert message appears when attempting to insert a non-link local type address, meaning fe80:. To define a default router: STEP 1In Layer 2 system mode, click Administration > Management Interface > IPv6 Default Router List. In Layer 3 system mode, click IP Configuration > IPv6 Management and Interfaces > IPv6 Default Router List. This page displays the following fields for each default router: •Default Router IPv6 Address—Link local IP address of the default router. •Interface—Outgoing IPv6 interface where the default router resides. •Type—The default router configuration that includes the following options:
IP Configuration IPv6 Management and Interfaces Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 309 17 -Static—The default router was manually added to this table through the Add button. -Dynamic—The default router was dynamically configured. STEP 2Click Add to add a static default router. STEP 3Enter the following fields: •Link Local Interface—Displays the outgoing Link Local interface. •Default Router IPv6 Address—The IP address of the default router STEP 4Click Apply. The default router is saved to the Running Configuration file. Defining IPv6 Neighbors Information The IPv6 Neighbors page enables configuring and viewing the list of IPv6 neighbors on the IPv6 interface. The IPv6 Neighbor Table (also known as IPv6 Neighbor Discovery Cache) displays the MAC addresses of the IPv6 neighbors that are in the same IPv6 subnet as the device. This is the IPv6 equivalent of the IPv4 ARP Table. When the device needs to communicate with its neighbors, the device uses the IPv6 Neighbor Table to determine the MAC addresses based on their IPv6 addresses. This page displays the neighbors that were automatically detected or manually configured entries. Each entry displays to which interface the neighbor is connected, the neighbor ’s IPv6 and MAC addresses, the entry type (static or dynamic), and the state of the neighbor. To define IPv6 neighbors: STEP 1In Layer 2 system mode, click Administration > Management Interface > IPv6 Neighbors. In Layer 3 system mode, click IP Configuration > IPv6 Management and Interfaces > IPv6 Neighbors. You can select a Clear Table option to clear some or all of IPv6 addresses in the IPv6 Neighbors Table. •Static Only—Deletes the static IPv6 address entries. •Dynamic Only—Deletes the dynamic IPv6 address entries.
IP Configuration IPv6 Management and Interfaces 310 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 17 •All Dynamic & Static—Deletes the static and dynamic address entries IPv6 address entries. The following fields are displayed for the neighboring interfaces: •Interface—Neighboring IPv6 interface type. •IPv6 Address—IPv6 address of a neighbor. •MAC Address—MAC address mapped to the specified IPv6 address. •Type—Neighbor discovery cache information entry type (static or dynamic). •State—Specifies the IPv6 neighbor status. The values are: - Incomplete—Address resolution is working. The neighbor has not yet responded. - Reachable—Neighbor is known to be reachable. - Stale—Previously-known neighbor is unreachable. No action is taken to verify its reachability until traffic must be sent. - Delay—Previously-known neighbor is unreachable. The interface is in Delay state for a predefined Delay Time. If no reachability confirmation is received, the state changes to Probe. - Probe—Neighbor is no longer known to be reachable, and Unicast Neighbor Solicitation probes are being sent to verify the reachability. •Router—Specifies whether the neighbor is a router (Ye s or No). STEP 2To add a neighbor to the table, click Add. STEP 3Enter values for the following fields: •Interface—The neighboring IPv6 interface to be added. •IPv6 Address—Enter the IPv6 network address assigned to the interface. The address must be a valid IPv6 address. •MAC Address—Enter the MAC address mapped to the specified IPv6 address. STEP 4Click Apply. The Running Configuration file is updated. STEP 5To change the type of an IP address from Dynamic to Static, select the address, click Edit and use the Edit IPv6 Neighbors page.
IP Configuration IPv6 Management and Interfaces Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 311 17 IPv6 Prefix List When First Hop Security is configured, it is possible to define rules for filtering based on IPv6 prefixes. These lists can be defined in the IPv6 Prefix List page. Prefix lists are configured with permit or deny keywords to either permit or deny a prefix based on a matching condition. An implicit deny is applied to traffic that does not match any prefix-list entry. A prefix-list entry consists of an IP address and a bit mask. The IP address can be for a classful network, a subnet, or a single host route. The bit mask is a number from 1 to 32. Prefix lists are configured to filter traffic based on a match of an exact prefix length or a match within a range when the ge and le keywords are used. The Greater Than and Lower Than parameters are used to specify a range of prefix lengths and provide more flexible configuration than using only the network/ length argument. A prefix list is processed using an exact match when neither the Greater Than nor Lower Than parameter is specified. If only the Greater Than parameter is specified, the range is the value entered for Greater Than to a full 32- bit length. If only Lower Than is specified, the range is from the value entered for the network/length argument to the Lower Than. If both the Greater Than and Lower Than arguments are entered, the range is between the values used for Greater Than and Greater Than. To create a prefix list: STEP 1(In Layer 3) Click IP Configuration > IPv6 Management Interfaces > IPv6 Prefix List. -or (In Layer 2)Click Administration > IPv6 Management Interfaces > IPv6 Prefix List. STEP 2Click Add. STEP 3Enter the following fields: •List Name—Select one of the following options: -Use Existing List—Select a previously-defined list to add a prefix to it. -Create New List—Enter a name to create a new list.
IP Configuration IPv6 Management and Interfaces 312 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 17 •Sequence Number—Specifies the place of the prefix within the prefix list. Select one of the following options: -Auto Numbering—Puts the new IPV6 prefix after the last entry of the prefix list. The sequence number equals the last sequence number plus 5. If the list is empty the first prefix-list entry is assigned the number 5 and subsequent prefix list entries increment by 5. -User Defined—Puts the new IPV6 prefix into the place specified by the parameter. If an entry with the number exists, it is replaced by the new one. •Rule Type—Enter the rule for the prefix list: -Permit—Permits networks that matches the condition. -Deny—Denies networks that matches the condition. -Description—Te x t . •IPv6 Prefix—IP route prefix. •Prefix Length—IP route prefix length. •Greater Than—Minimum prefix length to be used for matching. Select one of the following options: -No Limit—No minimum prefix length to be used for matching. -User Defined—Minimum prefix length to be matched. •Lower Than—Maximum prefix length to be used for matching. Select one of the following options: -No Limit—No maximum prefix length to be used for matching. -User Defined—Maximum prefix length to be matched. •Description—Enter a description of the prefix list. STEP 4Click Apply to save the configuration to the Running Configuration file. Viewing IPv6 Route Tables The IPv6 Forwarding Table contains the various routes that have been configured. One of these routes is a default route (IPv6 address:0) that uses the default router selected from the IPv6 Default Router List to send packets to destination devices that are not in the same IPv6 subnet as the device. In addition to the default route,
IP Configuration IPv6 Management and Interfaces Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 313 17 the table also contains dynamic routes that are ICMP redirect routes received from IPv6 routers by using ICMP redirect messages. This could happen when the default router the device uses is not the router for traffic to which the IPv6 subnets that the device wants to communicate. To view IPv6 routes: To view IPv6 routing entries in Layer 2 system mode: STEP 1Click Administration > Management Interface > IPv6 Routes. -or To view IPv6 routing entries in Layer 3 system mode: Click IP Configuration > IPv6 Management and Interfaces > IPv6 Routes. This page displays the following fields: •IPv6 Address—The IPv6 subnet address. •Prefix Length—IP route prefix length for the destination IPv6 subnet address. It is preceded by a forward slash. •Interface—Interface used to forward the packet. •Next Hop—Address where the packet is forwarded. Typically, this is the address of a neighboring router. It can be one of the following types. -Link Local—An IPv6 interface and IPv6 address that uniquely identifies hosts on a single network link. A link local address has a prefix of FE80, is not routable, and can be used for communication only on the local network. Only one link local address is supported. If a link local address exists on the interface, this entry replaces the address in the configuration. -Global—An IPv6 address that is a global Unicast IPV6 type that is visible and reachable from other networks. -Point-to-Point—A Point-to-point tunnel. •Metric—Value used for comparing this route to other routes with the same destination in the IPv6 router table. All default routes have the same value. •Lifetime—Time period during which the packet can be sent, and resent, before being deleted. •Route Type—How the destination is attached, and the method used to obtain the entry. The following values are:
IP Configuration IPv6 Management and Interfaces 314 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 17 -Local—A directly-connected network whose prefix is derived from a manually-configured device’s IPv6 address. - Dynamic—The destination is an indirectly-attached (remote) IPv6 subnet address. The entry was obtained dynamically via the ND or ICMP protocol. - Static—The entry was manually configured by a user. DHCPv6 Relay DHCPv6 Relay is used for relaying DHCPv6 messages to DHCPv6 servers. It is defined in RFC 3315. When the DHCPv6 client is not directly connected to the DHCPv6 server, a DHCPv6 relay agent (the device) to which this DHCPv6 client is directly- connected encapsulates the received messages from the directly-connected DHCPv6 client, and forwards them to the DHCPv6 server. In the opposite direction, the relay agent decapsulates packets received from the DHCPv6 server and forwards them, towards the DHCPv6 client. The user must configure the list DHCP servers to which packets are forwarded. Two sets of DHCPv6 servers can be configured: •Global Destinations—Packets are always relayed to these DHCPv6 servers. •Interface List—This is a per-interface list of DHCPv6 servers. When a DHCPv6 packet is received on an interface, the packet is relayed both to the servers on the interface list (if it exists) and to the servers on the global destination list. Dependencies with Other Features The DHCPv6 client and DHCPv6 relay functions are mutually exclusive on an interface. Global Destinations To configure a list of DHCPv6 servers to which all DHCPv6 packets are relayed: