To Configure an IPv6 Interface
(Host Mode)Before the security device can receive or transmit IPv6 traffic, you must configure at least one interface for IPv6 operation. Dual-stack architecture allows you to configure any Ethernet interface as an IPv6 interface, an IPv4 interface, or both.
Interface ID (64-bit HEX): This value, also known as the EUI-ID, is a 64-bit hex interface identifier. Immediately after you define the IPv6 interface, the security device automatically generates this address from the interface MAC address. You can also set the EUI-ID manually.
Link-Local Address: (Read-only) IPv6 networks use link-local addresses to allow communication between neighboring hosts that reside on the same link. When you initiate a new IPv6 interface, the security device uses the EUI-ID to automatically generate the link-local address for that interface. IPv6 networks use these addresses for tasks performed on the link level, such as neighbor discovery and router advertisement.
Unicast Address <n> / Prefix: The unicast addresses are prefixes you assign to the interface. Other IPv6 devices can use these addresses to access the interface.
Path-MTU: While an IPv4 interface uses the Maximum Transmission Unit (MTU), an IPv6 interface (in router mode) uses the Path-MTU (PMTU) in combination with the MTU. When the interface attempts to transmit a packet to a destination host through a router that has a link MTU smaller than the packet size, the router returns a Packet Too Big (PTB) error message. When the interface receives this message, it lowers the PMTU setting to the MTU of the router. It then resumes transmission, sizing the outgoing packets according to the new PMTU value.
Host Mode and Router Mode
If you configure the interface for host mode, it functions as an IPv6 host. The interface accepts RA (Router Advertisement) messages from other devices and broadcasts RS (Router Solicitation) messages to other devices.
If you configure the interface for router mode, it functions as an IPv6 router. This allows on-link hosts to perform address autoconfiguration by sending RS (Router Solicitation) messages to the interface and receiving RA (Router Advertisements) messages in reply. The hosts use the parameters in the RAs to generate IPv6 addresses and to perform other autoconfigurations.
To Configure an IPv6 Interface
(Host Mode)
Note: The interface configuration options you see depend upon the NetScreen device model and on certain configuration selections, such as the zone to which the interface is bound.
On the Interface List page, click Edit for the physical (Ethernet) interface you want to configure, and then enter the necessary information:
Interface Name: (Read-only) The name of a physical interface is composed of the media type, slot number (for some NetScreen devices), and port number, for example, ethernet3/2 or ethernet2.
Enable IPv6: Enable.
Mode: Select Host.
Unicast addresses: Enter at least one unicast address.
Configure the Neighbor Reachability settings.
For information on these settings, see Neighbor Discovery and Host Autoconfiguration.
Click OK.
To Configure an IPv6 Interface
(Router Mode)
Note: The interface configuration options you see depend upon the NetScreen device model and on certain configuration selections, such as the zone to which the interface is bound.
On the Interface List page, click Edit for the physical (Ethernet) interface you want to configure, and then enter the necessary information:
Interface Name: (Read-only) The name of a physical interface is composed of the media type, slot number (for some NetScreen devices), and port number, for example, ethernet3/2 or ethernet2.
Enable IPv6: Enable.
Mode: Select Router.
Unicast addresses: Enter at least one unicast address.
Configure the Neighbor Reachability and Address Autoconfiguration settings.
For information on these settings, see Neighbor Discovery and Host Autoconfiguration.
Click OK.