Configuring Any Proxy ND

Any proxy ND can be deployed if two hosts are on the same network segment but different physical networks and the gateways connecting to the two hosts have the same IP address.

Context

In scenarios where servers are partitioned into VMs, to allow flexible deployment and migration of VMs on multiple servers or gateways, the common solution is to configure Layer 2 interworking between multiple gateways. However, this approach may lead to larger Layer 2 domains on the network and risks of broadcast storms. To resolve this problem, a common way is to enable any proxy ND on a VM gateway so that the gateway sends its own MAC address to the source VM and the traffic sent from the source VM to other VMs is transmitted over routes.

As shown in Figure 1, the IPv6 address of VM1 is 2001:db8:300:400::1/64, the IPv6 address of VM2 is 2001:db8:300:400::2/64, and VM1 and VM2 are on the same network segment. Device A and Device B are connected to two networks using two interface 1s with the same IPv6 address and MAC address. Because the destination IPv6 address and local IPv6 address are on the same network segment, if VM1 wants to communicate with VM2, VM1 will send an NS packet to request for VM2's MAC address. However, because VM1 and VM2 are on different physical networks, VM2 cannot receive the NS packet and therefore fails to send a reply.
Figure 1 Typical networking of any proxy ND

To address the problem, enable any proxy ND on Device A's interface 1 and Device B's interface 1.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run interface interface-type interface-number

    The interface view is displayed.

  3. Run ipv6 enable

    IPv6 is enabled on the interface.

  4. Run ipv6 address { ipv6-address prefix-length | ipv6-address/prefix-length }

    A global unicast address is configured for the interface.

  5. Run ipv6 nd proxy anyway enable

    Any proxy ND is enabled.

    • Proxy ND cannot be enabled on an interface configured with a CGA address. Otherwise, the replied NA packets that carry the CGA/RSA option may be discarded.

    • Multiple types of proxy ND can be configured in the interface view. The priorities of these proxy ND types are as follows in descending order: any proxy ND > intra-VLAN proxy ND/inter-VLAN proxy ND/local proxy ND > routed proxy ND.

    • Proxy ND is not supported for the following types of packets:
      • NS packets with a link-local address as the target address
      • DAD NS packets with the source address of all 0s
      • NS packets with the IP address of the local host as the target address.

  6. Run commit

    The configuration is committed.

Parent Topic: Configuring Proxy ND
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >