SAVI configuration
SAVI overview
Source Address Validation (SAVI) is applied on access devices. SAVI creates a table of bindings between
addresses and ports through other features such as ND snooping, DHCPv6 snooping, and IP Source
Guard, and uses those bindings to check the validity of the source addresses of DHCPv6 protocol
packets, ND protocol packets, and IPv6 data packets.
SAVI can be used in the following address assignment scenarios:
•
DHCPv6-only: The hosts connected to the SAVI-enabled device obtain addresses only through
DHCPv6.
SLAAC-only: The hosts connected to the SAVI-enabled device obtain addresses only through
•
Stateless Address Autoconfiguration (SLAAC).
DHCPv6+SLAAC: The hosts connected to the SAVI-enabled device obtain addresses through
•
DHCPv6 and SLAAC.
The following section describes SAVI configurations in these address assignment scenarios.
After a port is down, the switch can wait for a period of delay time before deleting the DHCPv6
snooping entries and ND snooping entries for that port. The deletion delay time is configurable. This
delay ensures a valid IPv6 user to access the port for the event that a port goes down and resumes
during that period.
Global SAVI configuration
Follow these steps to configure SAVI globally:
To do...
Enter system view
Enable the SAVI function
Setting the deletion delay
time for SAVI.
Set the time to wait for a
duplicate address detection
(DAD) NA
Use the command...
system-view
ipv6 savi strict
ipv6 savi down-delay time
ipv6 savi dad-delay value
325
Remarks
––
Required
Disabled by default.
The default setting is 30 seconds.
Optional
One second by default.
If no DAD NA is received within the specified
time when the corresponding ND snooping
entry is in detect state, the ND snooping entry
changes to bound state.