Wednesday, September 26, 2012

IPv6 neighbor discovery on Nexus 7000

If you attach multiple devices directly to a Nexus 7000 switch and expect them to communicate with each other over IPv6 in the same VLAN, you really want to set no ip igmp snooping optimise-multicast-flood. Otherwise they can communicate with the L3 interface on the switch, but not with the others. All your attempts to do neighbor discovery fail, as this runs over multicast and non-IPv4 multicast is dropped due to this setting. Sadly it's on by default, so you need to apply this fix on any Nexus 7k where you want to do serious IPv6 switching on.

Friday, September 21, 2012

IPv6 PBR on Catalyst 6500

The lesson of the day is: Better avoid IPv6 PBR on Cisco Catalyst 6500. It will be handled in software on Sup720/VSS720 if you assign a policy route-map to a Switch Virtual Interface (SVI) according to the documentation. Which only leaves routed ports as ones where hardware switching is supposed to happen. L3 VLAN interfaces and sub-interfaces are both SVIs and hence all IPv6 traffic that matches the PBR rules will be punted to the RP. The Sup2T supervisor does not support IPv6 PBR at all at this time.