beautypg.com

Manual configuration, Stateless address autoconfiguration – H3C Technologies H3C SecPath F1000-E User Manual

Page 112

background image

12

To do…

Use the command…

Remarks

Enter system view

system-view

Enter interface view

interface interface-type
interface-number

Configure the interface to
generate an IPv6 address in

EUI-64 format

ipv6 address
ipv6-address/prefix-length
eui-64

Required
By default, no IPv6 site-local address
or global unicast address is

configured on an interface.

Manual configuration

Follow these steps to specify an IPv6 address manually for an interface:

To do...

Use the command...

Remarks

Enter system view

system-view

Enter interface view

interface interface-type
interface-number

Configure an IPv6 address
manually

ipv6 address { ipv6-address
prefix-length |

ipv6-address/prefix-length }

Required
By default, no IPv6 site-local address
or global unicast address is

configured on an interface.

Stateless address autoconfiguration

Follow these steps to configure an interface to generate an IPv6 address by using stateless address

autoconfiguration:

To do...

Use the command...

Remarks

Enter system view

system-view

Enter interface view

interface interface-type
interface-number

Configure an IPv6 address to be
generated through stateless

address autoconfiguration

ipv6 address auto

Required
By default, no IPv6 site-local address
or global unicast address is

configured on an interface.

NOTE:

Using the undo ipv6 address auto command on an interface will remove all IPv6 global unicast addresses
automatically generated on the interface.

With stateless address autoconfiguration enabled on an interface, the device automatically generates an

IPv6 global unicast address by using the address prefix information in the received RA message and the
interface ID. On an IEEE 802 interface (such as an Ethernet interface or a VLAN interface), the interface

ID is generated based on the MAC address of the interface, and is globally unique. As a result, the

interface ID portion of the IPv6 global address remains unchanged and thus exposes the sender. An

attacker can further exploit communication details such as the communication peer and time. To fix the

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: