IPv6 stateless address auto-configuration (SLAAC)
FortiGate can easily obtain an IPv6 address on any given interface using SLAAC (stateless address auto-configuration). SLAAC is designed only for IP assignments and does not provide DNS server addresses to hosts. See RFC 4862 for more information.
Use one of the following options to obtain a DNS server address:
In this example, the Enterprise Core FortiGate is connected to the First Floor FortiGate. The Enterprise Core FortiGate has SLAAC enabled, which allows the First Floor FortiGate to automatically obtain an IPv6 address using the auto-configuration IPv6 address option.
To enable IPv6 auto-configuration:
-
Configure SLAAC on the Enterprise Core FortiGate:
config system interface edit "port5" config ipv6 set ip6-address 2001:db8:d0c:1::1/64 set ip6-send-adv enable config ip6-prefix-list edit 2001:db8:d0c:1::/64 next end end next end
-
Configure the First Floor FortiGate to automatically obtain an IPv6 address:
config system interface edit "port5" config ipv6 set autoconf enable end next end
-
Verify that the First Floor FortiGate automatically generated an IPv6 address:
# diagnose ipv6 address list | grep port5 dev=4 devname=port5 flag= scope=0 prefix=64 addr=2001:db8:d0c:1:20c:29ff:fe4d:f83d preferred=604419 valid=2591619 cstamp=976270 tstamp=979470