For IPv6 address setup see Network address setup#DHCPv6
For IPv6 DNS services see System Management#Configuring DNS
For SLAAC router advertisements see IPv6 Router Advertisements
For DHCPv6 server configuration see DHCP server
For DHCPv6 relay configuration see DHCP relay
- 1 IPv6 specific system commands
- 2 IPv6 default route
IPv6 specific system commands
Several IPv6 specific configuration commands are available:
- Disable IPv6 globally
- Disable IPv6 address assignment
- Disable IPv6 packet forwarding
- Disable IPv6 on an interface when DAD fails
Additional operational commands:
- Reset a IPv6 address from the ND cache
- Reset ND cache for specific interface
- Display IPv6 ND cache
Disable IPv6 globally
Disable IPv6 functionality on the system:
# set system ipv6 blacklist
Reenable IPv6 functionality:
# delete system ipv6 blacklist
Show IPv6 functionality status:
# show system ipv6
Disable IPv6 address assignment
Disable IPv6 address assignment on all interfaces:
# set system ipv6 disable
Reenable IPv6 address assignment on all interfaces:
# delete system ipv6 disable
Show IPv6 disabling configuration:
# show system ipv6 disable
Disable IPv6 packet forwarding
Disable IPv6 forwarding on all interfaces: (Note: IPv6 forwarding can also be disabled on a per-interface basis by using the interfaces <interface> ipv6 disable-forwarding command)
# set system ipv6 disable-forwarding
Reenable IPv6 forwarding:
# delete system ipv6 disable-forwarding
Show the current IPv6 forwarding configuration:
# show system ipv6 disable-forwarding
Disable IPv6 on an interface when DAD fails
Disable IPv6 operation on an interface when Duplicate Addess Detection (DAD) fails for a link-local address. By default, after a DAD fails, the duplicate address is not assigned to the interface but IPv6 continues to operate. To change this default behaviour:
# set system ipv6 strict-dad
Leave IPv6 operational when DAD fails:
# delete system ipv6 strict-dad
Show DAD failure configuration:
# show system ipv6 strict-dad
Reset a IPv6 address from the ND cache
Removes/resets a specific IPv6 address from the IPv6 neighbour discovery (ND) cache:
$ reset ipv6 neighbors address <IPv6 address>
Reset ND cache for specific interface
Reset the IPv6 ND cache for a specific interface:
$ reset ipv6 neighbors interface <interface>
Display IPv6 ND cache
Show the system's IPv6 ND cache:
$ show ipv6 neigbors
Possible states are:
- - Address resolution is currently being performed on this entry, a neighbour solicitation message has been sent but no reply has been received yet.
- - The neighbour is reachable and path is operational.
- - Timeout on reachability confirmation from the neighbour.
- - Timeout on reachability confirmation from the neighbour, TCP is allowed to confirm the neighbour.
- - A solicitation was sent and the system is waiting for a response.
- - Reachability state detection failed.
- - Neighbour entry is valid, no validation attempts will be carried out. Can be removed from the cache after lifetime expiration.
- - Neighbour entry is valid indefinitely and should remain in cache.
- - No state defined.
IPv6 default route
$ set protocols static route6 ::/0 next-hop <gateway link-local address>
Or if you are using PPPoE, you can use interface based routing:
$ set protocols static interface-route6 ::/0 next-hop-interface ppp0