Eui-64 ipv6 addressing, Manual configuration, Stateless address autoconfiguration – H3C Technologies H3C S10500 Series Switches User Manual

110

EUI-64 IPv6 addressing

Follow these steps to configure an interface to generate an EUI-64 IPv6 address:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Enter interface view

interface interface-type
interface-number

—

Configure the interface to
generate an EUI-64 IPv6

address

ipv6 address
ipv6-address/prefix-length eui-64

Required
By default, no IPv6 global unicast
address is configured on an interface.

Manual configuration

Follow these steps to specify an IPv6 address manually for an interface:

To do...

Use the command...

Remarks

Enter system view

system-view

—

Enter interface view

interface interface-type
interface-number

—

Configure an IPv6 address
manually

ipv6 address { ipv6-address
prefix-length |
ipv6-address/prefix-length }

Required
By default, no IPv6 global unicast

address is configured on an interface.

Stateless address autoconfiguration

Follow these steps to configure an interface to generate an IPv6 address by using stateless address

autoconfiguration:

To do...

Use the command...

Remarks

Enter system view

system-view

—

Enter interface view

interface interface-type

interface-number

—

Configure an IPv6 address to be
generated through stateless
address autoconfiguration

ipv6 address auto

Required
By default, no IPv6 global unicast

address is configured on an interface.

NOTE:

Using the undo ipv6 address auto command on an interface removes all IPv6 global unicast addresses
automatically generated on the interface.

With stateless address autoconfiguration enabled on an interface, the device automatically generates an

IPv6 global unicast address by using the address prefix information in the received RA message and the

interface ID. On an IEEE 802 interface (such as a VLAN interface), the interface ID is generated based

on the MAC address of the interface, and is globally unique. As a result, the interface ID portion of the

IPv6 global address remains unchanged and exposes the sender. An attacker can further exploit

communication details such as the communication peer and time.
To fix the vulnerability, configure the temporary address function that enables the system to generate and

use temporary IPv6 addresses with different interface ID portions on an interface. With this function