Example: Configuring DHCPv6 snooping-based dynamic IPv6SG prefix bindings

Network configuration

As shown in Figure 156, the host (the DHCPv6 client) obtains an IPv6 prefix from the DHCPv6 server. Perform the following tasks:

Figure 156: Network diagram

Procedure

  1. Configure DHCPv6 snooping.

    # Enable DHCPv6 snooping globally.

    <Device> system-view
    [Device] ipv6 dhcp snooping enable
    

    # Configure HundredGigE 1/0/2 as a trusted interface.

    [Device] interface hundredgige 1/0/2
    [Device-HundredGigE1/0/2] ipv6 dhcp snooping trust
    [Device-HundredGigE1/0/2] quit
    

    # Enable recording DHCPv6 snooping prefix entries on HundredGigE 1/0/1.

    [Device] interface hundredgige 1/0/1
    [Device-HundredGigE1/0/1] ipv6 dhcp snooping pd binding record
    
  2. Enable IPv6SG.

    # Enable IPv6SG on HundredGigE 1/0/1 and verify the source IP address and MAC address for dynamic IPv6SG.

    [Device-HundredGigE1/0/1] ipv6 verify source ip-address mac-address
    [Device-HundredGigE1/0/1] quit
    

Verifying the configuration

# Display dynamic IPSGv6 bindings generated based on DHCPv6 snooping entries.

[Device] display ipv6 source binding pd
Total entries found: 1
IPv6 prefix          MAC address    Interface               VLAN
2001:410:1::/48      0010-9400-0004 HGE1/0/1                 1

HundredGigE 1/0/1 will filter packets based on the IPSGv6 binding.