IPv6 Stateless Address Autoconfiguration (SLAAC) is one method of dynamic addressing, in addition to DHCP, where endpoints receive IPv6 addresses dynamically without the need for a DHCP server. SLAAC has no equivalent in IPv4.
In this section, we will discuss and demonstrate how SLAAC works.
IPv6 Dyanimc Addressing and SLAAC
IPv6 Dynamic Address Assignment Methods
In IPv4, DHCP is the only method for dynamic address assignment, and it requires a DHCP server to be configured. However, in IPv6, addresses can be assigned to endpoints without using the DHCP service, through a feature called Stateless Address Autoconfiguration (SLAAC), which is enabled by default.
It is referred to as stateless because there is no record of which IPv6 address is assigned to which MAC address.
There are actually three methods for dynamic addressing, and each will be discussed in a separate lesson:
SLAAC: Addresses are assigned to endpoints locally using Router Advertisements (RA) information and EUI-64 mechanism.
DHCP: Both addresses and static parameters like domain name and DNS servers are assigned through a DHCP server.
SLAAC + DHCP: Addresses are assigned via SLAAC, but static parameters such as the domain name and DNS servers are provided by the DHCP server.
Please note that in IPv6, the default gateway is always assigned through Router Advertisements (RA), which we will discuss in upcoming lessons.
Method | Description | Address Assignment | Additional Information |
---|---|---|---|
SLAAC | Addresses are assigned locally using Router Advertisements (RA) information and EUI-64 mechanism. | Assigned through RA (no DHCP) | Default gateway assigned via RA; no DHCP server required. |
DHCP | Both addresses and static parameters (e.g., domain name, DNS servers) are assigned by a DHCP server. | Assigned through DHCP server | Requires a configured DHCP server to manage IP assignments. |
SLAAC + DHCP | Addresses are assigned via SLAAC, while static parameters (e.g., domain name, DNS servers) are provided by a DHCP server. | Address via SLAAC; static info via DHCP | Combines SLAAC and DHCP for complete network configuration. |
In this section, we will focus on the first method: SLAAC.
Router Advertisement Overview
The SLAAC process relies on periodic “Router Advertisements” (RAs), which are part of the Neighbor Discovery Protocol (NDP). We have not yet discussed NDP and its components, but they will be covered in upcoming lessons.
To understand how SLAAC works, it’s helpful to have a basic understanding of the Router Advertisement process. Routers send RAs periodically and in response to “Router Solicitations” sent by endpoints.
Router Advertisements are sent with the source set to the link-local address of the router’s interface and the destination set to ff02::1
. This ensures that all endpoints on the link receive the Router Advertisement message.
In each Router Advertisement, the router provides prefixes and prefix lengths used on that link. endpoints use this information to locally assign IPv6 addresses within the same prefix.
In addition to prefixes and prefix lengths, RAs include three flags that instruct clients on how to dynamically receive addresses:
A (Auto-Configuration) Flag: Each prefix in the RA has an A flag, which is set by default. This flag indicates that endpoints can locally assign addresses based on SLAAC for that prefix.
M (Managed) Flag: There is only one M flag in the RA, not per prefix, and it is set to 0 by default. When set to 1, it indicates that endpoints must use DHCPv6 to obtain their addresses.
O (Other Configuration) Flag: This flag indicates that other configuration parameters, such as domain names and DNS servers, are available and should be obtained through DHCPv6.
These flags can be controlled using cisco IOS commands that we will cover shortly.
RA meaningful Dynamic Addressing Flags
Typically, there are three meaningful combinations of RA dynamic addressing flags that are commonly used:
SLAAC (default):
A=1
(on),O=0
(off),M=0
(off)
This means the endpoint will assign its address locally using SLAAC and EUI-64, which will be discussed shortly.SLAAC with Stateless DHCPv6:
A=1
(on),O=1
(on),M=0
(off)
This means the endpoint will assign its address locally using SLAAC and EUI-64, but other static parameters, such as domain names and DNS servers, are provided through Stateless DHCPv6.Stateful DHCPv6:
A=0
(off),O=0
(off),M=1
(on)
This indicates that both the address and other parameters are dynamically assigned via the DHCPv6 process. In other words, the endpoint must initiate the DHCPv6 process to request its IPv6 address.
Other combinations of flags may exist but are less common. For instance, if both the A
and M
flags are set, the endpoint would use both SLAAC and DHCPv6 for address assignment, which is generally not a typical configuration.
Configuration | A Flag | O Flag | M Flag | Description |
---|---|---|---|---|
SLAAC (default) | 1 (on) | 0 (off) | 0 (off) | Endpoint assigns its address locally using SLAAC and EUI-64. Other parameters are not assigned through DHCPv6. |
SLAAC with Stateless DHCPv6 | 1 (on) | 1 (on) | 0 (off) | Endpoint assigns its address locally using SLAAC and EUI-64, but other static parameters (e.g., domain name, DNS servers) are assigned through Stateless DHCPv6. |
Stateful DHCPv6 | 0 (off) | 0 (off) | 1 (on) | Address and other parameters are dynamically assigned through the DHCPv6 process. The endpoint must initiate the DHCPv6 process to request its IPv6 address. |
Other Combinations | Varies | Varies | Varies | Other flag combinations are less common. For example, if both A and M flags are set, the endpoint uses both SLAAC and DHCPv6 for address assignment. |
SLAAC Process
Now that the endpoint has received the prefix, prefix length, and dynamic addressing flags through the Router Advertisement, assuming the flags are set to their default values (A=1, M=0, O=0), the endpoint will assign an address locally. It does this by combining the prefix (or prefixes) learned from the Router Advertisement with an interface identifier, which is generated either using the EUI-64 method or a randomly generated number, as we discussed in Lesson 4: IPv6 Link-Local Address and Lesson 5: IPv6 Globally Unique Address.
IPv6 stateless address autoconfiguration (SLAAC) demonstration
To demonstrate the SLAAC process and the effect of Router Advertisement dynamic addressing flags, I prepared a lab with two IOS routers—one acting as a client and the other as the router sending Router Advertisement messages.
I configured three IPv6 addresses on the router:
A link-local address:
fe80::1
A globally unique address:
2001:AA:BB:CC::1/64
A unique local address:
FD00:AA:BB:CC::1/64
On the client, I enabled the interface using “no
shutdown
” command and allowed the IPv6 address to be assigned via the SLAAC process using the ipv6
address autoconfig
command in interface configuration mode.
# Router
ipv6 unicast-routing
!
interface Ethernet0/0
no shutdown
ipv6 address FE80::1 link-local
ipv6 address 2001:AA:BB:CC::1/64
ipv6 address FD00:AA:BB:CC::1/64
# Client
interface Ethernet0/0
no shutdown
ipv6 address autoconfig
Router Advertisement Packet Capture
If we capture the traffic between the client and the router for the Router Advertisement (RA), we observe that:
The source address of the RA is
fe80::1
, the link-local address of the router’seth0/0
interface.The destination address is
ff02::1
, which is a multicast address for all nodes on the local network, ensuring that all clients receive the RA.
Since two prefixes are configured on the router (2001:AA:BB:CC::/64
and FD00:AA:BB:CC::/64
), the RA contains two prefix sections—one for each prefix. Each prefix has an “A” flag (Autonomous Address Configuration) that is enabled by default, allowing the endpoint to automatically assign an IPv6 address from that prefix using the SLAAC process.
However, the “M” (Managed) and “O” (Other) flags are globally set to 0 by default, meaning:
M flag (0): No DHCPv6 is required for address assignment.
O flag (0): No additional information such as domain names or DNS servers will be provided by DHCPv6.
Verifying SLAAC process
Afterward, when you check the IP addresses on the client using the show
ipv6 interface brief
command, you will see three IPv6 addresses:
Link-local address, automatically assigned using the
fe80::/64
prefix and an interface identifier generated via the EUI-64 mechanism.Globally unique address, based on the
2001:AA:BB:CC::/64
prefix and SLAAC process.Unique local address, based on the
FD00:AA:BB:CC::/64
prefix and SLAAC process.
Client#show ipv6 interface brief
Ethernet0/0 [up/up]
FE80::A8BB:CCFF:FE00:200
2001:AA:BB:CC:A8BB:CCFF:FE00:200
FD00:AA:BB:CC:A8BB:CCFF:FE00:200
!
Client#show int eth0/0
Ethernet0/0 is up, line protocol is up
Hardware is AmdP2, address is aabb.cc00.0200 (bia aabb.cc00.0200)
...
Both the globally unique and unique local addresses are derived from the prefixes advertised by the router, and their interface identifiers are generated using the EUI-64 mechanism. The presence of “FFFE” in the middle of the interface identifier indicates that it was indeed generated using the EUI-64 process.
Disable SLAAC per prefix with clearing A Flag
As the final demonstration, we can disable the auto-configuration (A) flag for specific prefixes if we do not want endpoints to assign IPv6 addresses from those prefixes using the SLAAC process.
By default, the A flag is enabled for all prefixes, allowing SLAAC to assign addresses. To disable it, we use the ipv6
nd prefix ... no-autoconfig
command.
For example, I used the command ipv6 nd prefix
2001:AA:BB:CC::/64 0 0 no-autoconfig
to disable the A flag for the 2001:AA:BB:CC::/64
prefix. The 0
0
values represent the valid lifetime and preferred lifetime of the prefix, which we’ll discuss in an upcoming section. For simplicity, I set them to 0
in this demonstration.
After capturing a new Router Advertisement packet, you’ll notice that the A flag for the 2001:AA:BB:CC::/64
prefix has changed from 1
to 0
.
Additionally, if we check the IPv6 addresses on the client after disabling and re-enabling the interface, you’ll see that the client no longer has an IPv6 address from the 2001:AA:BB:CC::/64
prefix.