Cisco IOS Supports RFC 6106 (RDNSS)

When Enno Rey mentioned RFC 6106 support (why does it matter?) on Cisco IOS during the opening presentation of Troopers 2014 IPv6 security summit I got interested but remained a bit skeptical. When Eric Vyncke (sitting in the audience) started nodding, I knew it must be there. Finding the feature in IOS documentation turned out to be mission impossible.

First try: Google for “RFC 6106 Cisco IOS”. Got a number of hits on Cisco Support Community (and an old blog post of mine), all of them yammering about lack of RFC 6106 support. Also found a new buzzword to look for: RDNSS.

Second try: Google for “RDNSS Cisco IOS”. Same results.

Third try: “RDNSS site:cisco.com” and “RFC 6106 site:cisco.com”. No better

Time to dig into the documentation. IPv6 configuration guides were not exactly useful – no mention of RA and DNS in the same sentence.

Gateway of last resort: IPv6 command reference for IOS XE (IOS XE is usually the first one to get the cool features). I guessed the new gem must be hidden somewhere in the ipv6 nd ra configuration. BINGO! RFC 6106 support is available in IOS XE 3.9S and later and configured with ipv6 nd ra dns server address interface configuration command.

Of course I had to try to figure out where my other searches went wrong, so I searched for “ipv6 nd ra dns server” on cisco.com. Results: a number of useless hits and IPv6 command reference. It looks like nobody took the time to write a configuration guide explaining the new feature.

Looking for more IPv6 goodies?

Check out IPv6 resources page (warning: work in progress) on ipSpace.net.

5 comments:

  1. Question is: Which client operating systems support RFC6106. I know of Linux and BSD (if the right software is installed). Last time I checked Windows was not supported. Haven't checked my android tablet / phone recently.

    ReplyDelete
  2. Hi Ivan,

    On IOS, it is supported in T train since 15.4(1)T and S train (since 15.3(2)S).At least that's what was told to me from a Cisco employee 2 week ago. Haven't verified it myself

    Cheers,
    Christopher

    ReplyDelete
  3. According to the sixth column on this page (http://en.wikipedia.org/wiki/Comparison_of_IPv6_support_in_operating_systems), there are many client O/Ss with RDNSS support, which is great news.

    ReplyDelete
  4. So I've been working with IPv6 for about 3 years now, and the one thing that comes to mind particularly in this case and others is that in creating IPv6, the various group representatives involved were more interested in getting their name on RFC papers by solving problems that had already been solved 30 years ago.

    Is is just me or do we the so called "Internet Generation" of engineers lack the ability to recognise that if something is not broken, don't try and fix it. I know DHCPv4 was not perfect, but it is very well tested and battle hardened for use in the wider Internet. Sure there are some use cases that it has trouble meeting but at the end of the day wouldn't it be better trying to build on that then trying to re-invent things from scratch for the sake of a RFC recognition.

    ReplyDelete
    Replies
    1. In this case, it was a bit different. RA was created before DHCPv4, and DNS was configured manually in those (pre-DHCP) days. It just took _way_ longer for IPv6 to get anything close to feature parity with IPv4.

      Delete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.