Configuring IPv6 on a Juniper SRX
Within this article we will provide the steps required to enable IPv6 on a Juniper SRX device.
First of all we enable IPv6 forwarding. Once this is added you will need to reboot the device.
set security forwarding-options family inet6 mode flow-based
You can confirm that IPv6 forwarding is enabled once the device has rebooted by running,
root@240> show security flow status Flow forwarding mode: Inet forwarding mode: flow based Inet6 forwarding mode: flow based MPLS forwarding mode: drop ISO forwarding mode: drop Flow trace status Flow tracing status: off
Next we configure the interface with an IPv6 address. In this example we configure both a global and link-local based IPv6 address.
set interfaces reth0 unit 0 family inet6 address 2a00:1b30:2401:d4::1/64
set interfaces reth0 unit 0 family inet6 address fe80::d41/64
set interfaces reth1 unit 0 family inet6 address 2a00:1b30:2401:d5::1/64
set interfaces reth1 unit 0 family inet6 address fe80::d51/64
NOTE In a typical scenario you would not configure a link-local (fe80::) and just leave the system to generate a link-local address using EUI64. This was only added to this example as a matter of completeness.
We then set our default gateway. You can use either a link-local or global address. If you use a link-local address you (as shown below) will need to specify the interface.
set routing-options rib inet6.0 static route ::/0 qualified-next-hop fe80::140 interface reth0.0
The main caveat you may find is around packet captures. Support for packet capturing on an reth based interface was only added to X45-D30 and X46-D25 within the 12.1 code train.