I am a little confused with the set up of this lab, specially coming from ipv4 ospf. the loopbacks have the same mask?? I know ospf considers loopbacks as hosts, but i am confused by not having to set up a global ip on interface fa0/0, on both routers. Can someone please clarify?
Thanks!
G
Hello Martha
When transitioning from IPv4 to IPv6 itās necessary to reevaluate certain issues. Itās all part of the process! Remember that routing protocols in IPv6 use the link-local addresses to exchange information. The link-local address is automatically assigned to each IPv6 enabled interface and communication between connected IPv6 devices is automatically established using these addresses. For more info on the link-local address, take a look at this lesson:
So since connectivity is established, OSPFv6 messages can be exchanged between the routers. Youāll notice that after IPv6 is enabled on the Ethernet interfaces, in the output of the show ipv6 interface brief command on each router, you see that these routers have an IP address starting with FE80 assigned to them, even though no config was applied.
As for the subnet mask or the prefix of the loopback addresses, the prefix used here is analogous to using the /32 prefix in IPv4. So you can have one loopback be assigned 192.168.55.5/32 and the loopback on the other router be assigned 192.168.55.6/32. The /128 mask simply states that the IP address belongs to a range that contains only one address: itself.
I hope this has been helpful!
Laz
1 Like
Hello.
Iāve found a question about OSPFv3 - āWhat statement about configuring OSPFv3 is true?ā
There answers are:
- the OSPFv3 routing process must be explicitly configured and enabled;
- OSPFv3 interfaces must be explicitly configured and enabled.
As for me the best answer is 2, but some men suppose the right answer is 1. Can someone please clarify?
Hello Boris
The correct answer is indeed number 2. This is because in OSPFv3, a routing process does not need to be explicitly created. By enabling OSPFv3 on an interface, you will cause a routing process and its associated configuration to be created automatically. The key word in the question is āexplicitlyā.
An OSPFv3 routing process MUST be enabled in order for it to function, but it doesnāt EXPLICITLY have to be configured, since this is automatically done if you simply enable it on an interface.
This is verified at the following Cisco documentation:
I hope this has been helpful!
Laz
1 Like
Hello Laz.
Thanks a lot
1 Like
Hi team,
If multiple ospfv3 areas are configured, I would imagine that you can use the link local addresses for the neighbour discovery and for passing route information within the specific area.
However, when multiple areas are used including transit areas (for areas not directly connected to area 0) the use of Global Unicast addresses would be needed?
I created a topology with a virtual link going through a transit area and my remote area (not connected to backbone) received the prefix from area 0 via OSPFv3, however, it couldnāt not ping the prefix and I was only using link local addresses at the time. Once I created IPV6 addresses between the routers, the ping then worked.
If you could assist with this that would be great! 
Thanks,
Andrew
Hello Andrew
This is a very interesting issue that you have found, as far as the differences in how OSPFv2 and OSPFv3 behave. If you have an OSPF topology with multiple areas, where all non-backbone areas are directly connected to area 0, you can use only link local addresses between the OSPF routers themselves. However, according to the OSPF for IPv6 RFC 5340:
The IPv6 interface address of a virtual link MUST be an IPv6
address having global scope, instead of the link-local addresses
used by other interface types. This address is used as the IPv6
source for OSPF protocol packets sent over the virtual link.
So the IPv6 address used to create the virtual link must āhave a global scopeā or in other words, must be global unicast addresses. Specifically, the two routers between which the virtual link is created, whose interfaces are in the same transit area, must have global unicast addresses configured on those interfaces in order for the virtual link to operate.
You can see an example of a virtual link being created using OSPFv3 at the following Cisco documentation:
I hope this has been helpful!
Laz
1 Like
Hi Laz,
Thank you for your reply ā This is much appreciated!
This is clear to me now.
Kindest Regards,
Andrew
1 Like
Hi Rene/Laz
- Am I right in thinking the purpose of the
ipv6 enablecommand is purely to activate the link local address on an interface? - I notice we donāt apply this command to the loopback interfaces in this lesson yet they still acquire a link local address. Is the LL address automatically active on a loopback interface?
Thanks,
Phil.
Hello Philip
Yes you are correct. If you only enable IPv6 on an interface, it will be able to send and receive IPv6 packets, and it will automatically obtain a link local address on the interface.
The reason we donāt use this command in that particular case is because weāve configured an IPv6 global unicast address on the loopback. When an interface is explicitly configured with an IPv6 address, it automatically becomes IPv6 enabled, and there is no need to issue the ipv6 enable command. Interestingly, if you issue the no ipv6 enable command on an interface with a configured IPv6 address, the command would be ignored. Notice that the interface also obtains a link local address as well. This behaviour is the same regardless of whether the interface is a looback or a physical interface.
I hope this has been helpful!
Laz
1 Like
Hey guys, great article
I setup 3x fresh routers using the instructions in the article and everything works great.
However I ran into a weird issue when setting up OSPFv3 (still following these instructions) on a network of routers already configured with IPv4 and OSPFv2. The OSPFv3 neighbours are established ok, but when I go to ping the Global Unicast address on the Loopback interface from another router, I get this error:
% Unrecognized host or address or protocol not running.
Iāve checked over the router configs and compared them to the working set of routers, and canāt see anything Iāve missed on the IPv6 side of things. I assume the issue must be to do with the fact that IPv4 is setup on the network and/or itās already running OSPFv2? (As the working set of routers is IPv6 only). In that case would there be some more configuration required to get everything working in ādual stackā or something?
Thanks for your help!
Hello Louis
This error message usually occurs when you havenāt enabled routing. If youāre pinging an IPv6 address, you have to ensure that youāve enabled IPv6 unicast routing using the command:
R2(config)#ipv6 unicast-routing
Because IPv4 routing is enabled by default on Cisco routers, this is a step that we often forget for IPv6. Take a look and see if that is your issue. If not, let us know more about your problem so we can try to help further.
I hope this has been helpful!
Laz
Hi,
is there any way to display global unicast IPv6 address as next-hop instead of link-local address when using show ipv6 route ospf?
Thanks for the support
Hello Alex
Technically speaking, thereās no rule that says that you canāt use the global unicast address as the next-hop IP. However, in the very definition of OSPFv3, it states that the link-local addresses are used for next-hop purposes. Indeed, all OSPF communication (with the exception of the case of a virtual link) takes place using the link-local addresses. Consequently, only link-local addresses are used as next hop IPs for OSPF.
Now is there a way to determine the global unicast IP address of the next-hop router from its local-link address? Unfortunately no. You can have the same link-local address for every next-hop router because the link-local addresses are only locally significant per network segment.
So a next-hop is always specified using an exit interface, and the link-local address, thus making it unique.
I hope this has been helpful!
Laz
Hallo Laz ,
why should you configure the Ipv4 Router-Id 2.2.2.2 for the Router ? is there no Router-ID for Ipv6 ?
and How the Router does accept the Router-Id (2.2.2.2) even Thought this Ip Address is not an active Address on The Router ?
Thanks .
Hello Mohammad
A router ID is simply a label. It has no routing capabilities or characteristics. By definition and by design, OSPFv3 uses a router ID that has the format of a 32 bit number expressed like an IPv4 address.
Take a look at this NetworkLessons note on the subject for more information.
I hope this has been helpful!
Laz
Please advice, what will be the best network practice in this scenarios.
- if the area zero are all layer 3 on the same subnet we would need one network for the layer three interface and one for the routed addresses OR Have 2 network statements for each site For OSPF
Scenario 2. all the 4 Locations have their gateway on the firewall, but the sites are now moving to Dark fiber(10gig between sites and 2gig DIA Socket on each site). Due to the limitation of the firewall ( does not have 10gig interface ), the plan is as follows: - configure ospf area 0(ospf routing protocol running at all MDF switch locations)
2.Configure BGP AT ALL Palo alto and MDF switches
3.configure layer 3 IP address on switch ports that CC circuit
4.Reconfigure Gateway from Firewall to the Cisco switch - A DMZ BETWEEN Firewall and Switch
6.Add PA routes into PA BGP and then Cisco routes into OSPF,Redistribute BGP into OSPF.
The goal is to route some traffic through the firewall and others directly inbetween the campus without the FW and use DMZ to route to the internet. Is this a recommended design?
Hello Temitope
Iām not sure I fully understand your questions or the specific topology of your network, however I will do my best to respond. 
If you have a single subnet to which all OSPF routers are connected, then it is via that subnet that the routers will create their OSPF neighbor peerings. In order for those to take place, you must have that subnet advertised using OSPF so that the specific interfaces will begin to exchange OSPF messages. Now if you have other subnets that you want to advertise using OSPF, you simply add your network statements as needed. Thereās no real choice here. You simply advertise the networks you want using the network statement. This can be done either as a single all-encompassing statement, where you issue a supernet network that covers all your interfaces, or you can use individual network statements to specify explicitly the networks you want to advertise.
This is definitely a solution that will give you what you need as far as taking advantage of the 10Gbps connection speeds, but you are losing the security obtained from routing that traffic through your firewalls. If that is not an issue for you since thatās inter-site communication, then OK. Another consideration is also the amount of traffic you expect between sites. Would it be more beneficial to create separate areas for each of your sites to reduce OSPF database sizes? This will depend upon the size of your network and the number of hosts and destinations within each location.
In general, this solution you propose does resolve your issue. However, you must examine the ultimate requirements of the network itself. Are they fulfilled? This is not always an easy question to answer, but it is a vital one.
I hope this has been helpful!
Laz