SLAAC Overview

Not every network has or needs access to a DHCPv6 server. But every device in an IPv6 network needs a GUA. The SLAAC method enables hosts to create their own unique IPv6 global unicast address without the services of a DHCPv6 server.

SLAAC is a stateless service. This means there is no server that maintains network address information to know which IPv6 addresses are being used and which ones are available.

SLAAC uses ICMPv6 RA messages to provide addressing and other configuration information that would normally be provided by a DHCP server. A host configures its IPv6 address based on the information that is sent in the RA. RA messages are sent by an IPv6 router every 200 seconds.

A host can also send a Router Solicitation (RS) message requesting that an IPv6-enabled router send the host an RA.

SLAAC can be deployed as SLAAC only, or SLAAC with DHCPv6.


Enabling SLAAC

Refer to the following topology to see how SLAAC is enabled to provide stateless dynamic GUA allocation.

Verify IPv6 Addresses

The output of the show ipv6 interface command displays the current settings on the G0/0/1 interface.

As highlighted, R1 has been assigned the following IPv6 addresses:

  • Link-local IPv6 address – fe80::1
  • GUA and subnet – 2001:db8:acad:1::1 and 2001:db8:acad:1::/64
  • IPv6 all-nodes group – ff02::1
R1# show ipv6 interface G0/0/1
GigabitEthernet0/0/1 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::1
  No Virtual link-local address(es):
  Description: Link to LAN
  Global unicast address(es):
    2001:DB8:ACAD:1::1, subnet is 2001:DB8:ACAD:1::/64
  Joined group address(es):
(output omitted)

Enable IPv6 Routing

Although the router interface has an IPv6 configuration, it is still not yet enabled to send RAs containing address configuration information to hosts using SLAAC.

To enable the sending of RA messages, a router must join the IPv6 all-routers group using the ipv6 unicast-routing global config command, as show in the output.

R1(config)# ipv6 unicast-routing
R1(config)# exit

Verify SLAAC is Enabled

The IPv6 all-routers group responds to the IPv6 multicast address ff02::2. You can use the show ipv6 interface command to verify if a router is enabled as shown, in the output.

An IPv6-enabled Cisco router sends RA messages to the IPv6 all-nodes multicast address ff02::1 every 200 seconds.

R1# show ipv6 interface G0/0/1 | section Joined
  Joined group address(es):

SLAAC Only Method

The SLAAC only method is enabled by default when the ipv6 unicast-routing command is configured. All enabled Ethernet interfaces with an IPv6 GUA configured will start sending RA messages with the A flag set to 1, and the O and M flags set to 0, as shown in the figure.

The A = 1 flag suggests to the client that it create its own IPv6 GUA using the prefix advertised in the RA. The client can create its own Interface ID using either Extended Unique Identifier method (EUI-64) or have it randomly generated.

The O =0 and M=0 flags instruct the client to use the information in the RA message exclusively. The RA includes the prefix, prefix-length, DNS server, MTU, and default gateway information. There is no further information available from a DHCPv6 server.

diagram shows that with SLAAC only the router has the A flag set to 1 in the RA