Good Evening,
Enno and I spent the first day on Cisco Live Europe in Berlin today attending the “Advanced Practical Knowledge for Enterprise Deploying IPv6” technical breakout held by Tim Martin and Jim Bailey. It was a good breakout session, and thanks again Tim for the honorable mention of our work in your slides! We really appreciate it. Like last year, we were curious how the Wifi network was setup this year as I face a corresponding task for Troopers in March, with some major changes in comparison to the last years. The Wifi infastructure in Berlin looked very similar to the one from last year in Milan, we had the “standard” Cisco Live SSID as well as an IPv6-only (with NAT64 as translation mechanism) SSID. The standard SSID looked identical to last year with the exception that now the RA Throttling feature on the WLC was active from the beginning! Neither the M nor the O flag are set which means that my client has to use the legacy protocol to resolve AAAA records. As I am running Windows, it does not support RA option 25 but the option wasn’t included in the RAs anyway. The preference was configured to the default “medium”. One thing I noticed, but haven’t had a chance to ask Andrew Yourtchenko, was that for the legacy (IPv4) connection they use HSRPv2 as an FHRP protocol (indicated by the MAC address 00:00:0c:9f:f0:01 I received from the gateway) but for IPv6 I received Router Advertisements from two different MAC addresses (which both belong to Cisco, so I don’t think anyone sent spoofed RAs). I am curious about the reasoning for this approach 🙂
What i also encountered was that the Peer-to-Peer Blocking feature was apparently not enabled on the SSID as I was able to enumerate approx. 1600 active clients at the time. No worries, I haven’t done anything else, just was curious whether the feature was activated or not…
In comparison, the NAT64 SSID provided option 25 in the RAs (which, of course, makes sense as you have to provide a DNS server for DNS64) as well as stateless DHCP (O-Flag) so that my Windows client could receive a DNS server and connect to legacy-only resources from the NAT64 SSID.
Looking forward to the rest of the week with exciting content and socializing with the IPv6 folks!
So long,
Christopher