Introduction to IPv6 - SCTE San Diegoscte-sandiego.org/Docs/Introduction to IPv6-SCTE...
Transcript of Introduction to IPv6 - SCTE San Diegoscte-sandiego.org/Docs/Introduction to IPv6-SCTE...
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID
Introduction to IPv6Murthy DevarakondaSystems [email protected]
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 2
Why IPv6?
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 3
A Need for IPv6? IETF IPv6 working group began in early 90s, to solve
addressing growth issues, butCIDR, NAT, DHCP(temporary use allocations)…were developed
IPv4 32 bit address = ~4 billion hosts~40% of the IPv4 address space is still unused which is different from unallocated(e.g. IBM is allocated with 8.0.0.0/8 subnet and it can support 16 million hosts)The rising of Internet connected device and appliance will eventually deplete the IPv4 address space
IP is everywhereData, voice, audio and video integration is a realityRegional registries apply a strict allocation control
So, only compelling reason: More IP addresses
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 4
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 5
IP Address Allocation History
The Host-Density ratio (RFC 3194) is the measure of allocation inefficiency; 1981—IPv4 protocol published
1985 ~ 1/16 of total space
1990 ~ 1/8 of total space
1995 ~ 1/3 of total space
2000 ~ 1/2 of total space
2005 ~ 1/4 of total space remaining
2007 ~ 1/5 of total space remaining
This despite increasingly intense conservation effortPPP/DHCP, NAT (network address translation)
CIDR (classless inter-domain routing) plus some address reclamation
Theoretical limit of 32-bit space: ~4 billion devices,Practical limit of 32-bit space: ~250 million devices (RFC 3194)
As of 3 February 2011, the global free pool of IPv4 addresses is fully depleted, meaning all 256 /8 IPv4 address blocks have been distributed to the five RIRs
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 6
Why Not NAT
It was created as a temp solution
NAT breaks the end-to-end model
Growth of NAT has slowed down growth of transparent applications
No easy way to maintain states of NAT in case of node failures
NAT break security
NAT complicates mergers, double NATing is needed for devices to communicate with each other
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 7
IPv6 Technology
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 8
Version IHL Type of Service Total Length
Identification Flags Fragment Offset
Time to Live Protocol Header Checksum
Source Address
Destination Address
Options Padding
Version Traffic Class Flow Label
Payload Length Next Header Hop Limit
Source Address
Destination Address
IPv4 Header IPv6 Header
IPv4 and IPv6 Header Comparison
- Field name kept from IPv4 to IPv6
- Fields not kept in IPv6
- Name and position changed in IPv6
- New field in IPv6
Legend
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 9
IPv4/IPv6 Technology Comparison
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 10
MTU Issues
Minimum link MTU for IPv6 is 1280 octets(vs. 68 octets for IPv4)
=> on links with MTU < 1280, link-specificfragmentation and reassembly must be used
Implementations are expected to perform path MTU discovery to send packets bigger than 1280
Minimal implementation can omit PMTU discovery as long as all packets kept ≤ 1280 octets
A hop-by-hop option supports transmission of “jumbo grams” with up to 232 octets of payload; payload is normally 216
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 11
D:\>ping -l 1500 toshiba-redhat
Pinging toshiba-redhat [3ffe:c15:c003:1114:210:a4ff:fec7:5fcf]
Request timed out.Reply from 3ffe:c15:c003:1114:210:a4ff:fec7:5fcf : time=3msReply from 3ffe:c15:c003:1114:210:a4ff:fec7:5fcf : time=3msReply from 3ffe:c15:c003:1114:210:a4ff:fec7:5fcf : time=3ms
netsh interface ipv6>show destinationcacheInterface 6: LANPMTU Destination Address Next Hop Address---- --------------------------------------------- --------------------------1480 3ffe:c15:c003:1112::1 3ffe:c15:c003:1112::1
1500TooBig
1480
12 3
1480
1
2
3
Path MTU Discovery
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 12
IPv6 Addressing
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 13
IPv6 Addressing
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 14
IPv6 Addressing
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 15
Addressing Format
16-bit hexadecimal numbers
Numbers are separated by (:)
Hex numbers are not case sensitive
Abbreviations are possibleLeading zeros in contiguous block could be represented by (::)Example:
2001:0db8:0000:130F:0000:0000:087C:140B2001:0db8:0:130F::87C:140B
Double colon only appears once in the address
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 16
Addressing – Prefix Representation
Representation of prefix is just like CIDR
In this representation you attach the prefix length
Like v4 address:198.10.0.0/16
V6 address is represented the same way:2001:db8:12::/48
Only leading zeros are omitted. Trailing zeros are not omitted
2001:0db8:0012::/48 = 2001:db8:12::/482001:db8:1200::/48 ≠ 2001:db8:12::/48
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 17
IPv6 Address Representation
Loopback address representation0:0:0:0:0:0:0:1=> ::1Same as 127.0.0.1 in IPv4Identifies self
Unspecified address representation0:0:0:0:0:0:0:0=> ::Used as a placeholder when no address available (Initial DHCP request, Duplicate Address Detection DAD)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 18
IPv6—Addressing Model
Addresses are assigned to interfacesChange from IPv4 mode:
Interface “expected” to have multiple addresses
Addresses have scopeLink LocalUnique LocalGlobal
Addresses have lifetimeValid and preferred lifetime
Link LocalUnique LocalGlobal
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 19
Addressing
Type Binary Hex
Aggregatable Global Unicast Address 001 2 or 3
Link Local Unicast Address 1111 1110 10 FE80::/10
Unique Local Unicast Address
1111 11001111 1101
FC00::/7FC00::/8(registry)
FD00::/8 (no registry)
Multicast Address 1111 1111 FF00::/8
Some Special Addresses
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 20
Types of IPv6 Addresses
UnicastAddress of a single interface. One-to-one delivery to single interface
MulticastAddress of a set of interfaces. One-to-many delivery to all interfaces in the set
AnycastAddress of a set of interfaces. One-to-one-of-many delivery to a single interface in the set that is closest
No more broadcast addresses
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 21
Global Unicast Addresses
Global Unicast Addresses Are: Addresses for generic use of IPv6
Structured as a hierarchy to keep the aggregation
001 (2)
011 (3)
64 Bits3 45 Bits 16 Bits
Provider Site Host
Global Routing Prefix Subnet ID Interface ID
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 22
Global ID 40 Bits
Unique-Local
Unique-Local Addresses Used for: Local communications
Inter-site VPNs
Not routable on the Internet
Subnet ID
16 Bits
128 Bits
Interface ID
1111 110
FC00::/7
7 Bits
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 23
Remaining 54 Bits
Link-Local
Link-Local Addresses Used for: Mandatory Address for Communication between two IPv6 device
(like ARP but at Layer 3) Automatically assigned by Router as soon as IPv6 is enabled Also used for Next-Hop calculation in Routing Protocols Only Link Specific scope Remaining 54 bits could be Zero or any manual configured value
128 Bits
Interface ID
1111 1110 10
FE80::/10
10 Bits
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 24
IPv6 Multicast Address
IP multicast address has a prefix FF00::/8 (1111 1111); the second octet defines the lifetime and scope of the multicast address
8-bit 4-bit 4-bit 112-bit
1111 1111 Lifetime Scope Group-ID
Lifetime0 If Permanent1 If Temporary
Scope1 Node2 Link5 Site8 OrganizationE Global
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 25
IPv6 – Valid and Preferred LifetimesFastEthernet0/0 is up, line protocol is upGlobal unicast address(es): 2001:DB8:1111::A1A1, subnet is 2001:DB8:1111::/64Valid lifetime 43192 preferred lifetime 20192
GlobalTentative Preferred Deprecated Invalid
Valid
Time
Preferred Lifetime
Valid Lifetime
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 26
Address Scope Meaning
FF01::1 Node-Local All Nodes
FF02::1 Link-Local All Nodes
FF01::2 Node-Local All Routers
FF02::2 Link-Local All Routers
FF05::2 Site-Local All Routers
FF02::1:FFXX:XXXX Link-Local Solicited-Node
Some Well Known Multicast Addresses
Note that 02 means that this is a permanent address and has link scope
More details at http://www.iana.org/assignments/ipv6-multicast-addresses
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 27
Solicited-Node Multicast Address
For each unicast and anycast address configured there is a corresponding solicited-node multicast
This is specially used for two purpose, for the replacement of ARP, and Duplicate Address Detection (DAD)
Used in neighbor solicitation messages
Multicast address with a link-local scope
Solicited-node multicast consists of prefix + lower 24 bits from unicast, FF02::1:FF:
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 28
R1#sh ipv6 int e0Ethernet0 is up, line protocol is upIPv6 is enabled, link-local address is FE80::200:CFF:FE3A:8B18No global unicast address is configuredJoined group address(es):
FF02::1FF02::2FF02::1:FF3A:8B18
MTU is 1500 bytesICMP error messages limited to one every 100 millisecondsICMP redirects are enabledND DAD is enabled, number of DAD attempts: 1ND reachable time is 30000 millisecondsND advertised reachable time is 0 millisecondsND advertised retransmit interval is 0 millisecondsND router advertisements are sent every 200 secondsND router advertisements live for 1800 secondsHosts use stateless autoconfig for addresses.
R1#
Router Interface
Solicited-Node Multicast Address
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 29
Anycast
Anycast allows a source node to transmit IP datagrams to a single destination node out of a group destination nodes with same subnet id based on the routing metrics
Only routers should respond to anycast addresses
Routers along the path to the destination just process the packets based on network prefix
Routers configured to respond to anycast packets will do so when they receive a packet send to the anycast address
Anycast Address Assignment
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 30
Anycast Address
Syntactical the same as a Unicast address
Is one-to-nearest type of address
Has a current limited use
111111X111111… 111Prefix
128 bits
7 bits
Anycast ID0 If EUI-64 Format
1 If Non-EUI-64 FormatX =
00000Prefix
128 bits
Reserved Subnet Anycast Address (RFC 2526)
Subnet Router Anycast Address (RFC 4291)
n bits (128-n) bits
Use Example: Mobile IPv6Home-Agent Anycast Address
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 31
IPv6 Prefix Allocation Hierarchy
Site/48Site
/48
ISP/32ISP
/32
IANA2001::/3
APNIC::/12 to::/23
AfriNIC::/12 to::/23
ARIN::/12 to::/23
LACNIC::/12 to::/23
RIPE NCC::/12 to::/23
ISP/32
Site/48
Site/48Site
/48
ISP/32ISP
/32ISP/32
Site/48
Site/48Site
/48
ISP/32ISP
/32ISP/32
Site/48
Site/48Site
/48
ISP/32ISP
/32ISP/32
Site/48
Site/48Site
/48
ISP/32ISP
/32ISP/32
Site/48
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 32
IPv6 Address Allocation Process
Lowest-Order 64-bit field of unicast address may be assigned in several different ways:
Auto-configured from a 64-bit EUI-64, or expanded from a 48-bit MAC address (e.g., Ethernet address)Auto-generated pseudo-random number(to address privacy concerns)Assigned via DHCPManually configured
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 33
IPv6 Interface Identifier
Cisco uses the EUI-64 format to do stateless auto-configuration
This format expands the 48 bit MAC address to 64 bits by inserting FFFE into the middle 16 bits
To make sure that the chosen address is from a unique Ethernet MAC address, the universal/local (“u” bit) is set to 1 for global scope and 0 for local scope
00 90 27 FF FE 17 FC 0F
FF FE
00 90 27 17 FC 0F
00 90 27 17 FC 0F
000000U0 Where U=1 = Unique
0 = Not Unique
02 90 27 FF FE 17 FC 0F
U = 1
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 34
DHCP and DNS for IPv6
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 35
IPv4/IPv6 Provisioning Comparison
Function IPv4 IPv6
Address Assignment DHCPv4 DHCPv6, SLAAC, Reconfiguration
Address Resolution ARP, RARP NS, NA
Router DiscoveryICMP Router
DiscoveryRS, RA
Name Resolution DNSv4 DNSv6
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 36
Replaces ARP, ICMP (redirects, router discovery)
Reachability of neighbors
Hosts use it to discover routers, auto configuration of addresses
Duplicate Address Detection (DAD)
Neighbor Discovery
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 37
Neighbor Discovery – Router Solicitations
1—ICMP Type = 133 (RS)Src = link-local address (FE80::1/10) Dst = all-routers multicast address (FF02::2)Query = please send RA
2. RA1. RS
2—ICMP Type = 134 (RA)Src = link-local address (FE80::2/10)Dst = all-nodes multicast address (FF02::1)Data = options, subnet prefix, lifetime, autoconfigflag
• Router solicitations (RS) are sent by booting nodes to request RAs for configuring the interfaces
• Routers send periodic Router Advertisements (RA) to the all-nodes multicast address
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 38
Neighbor Solicitation and Advertisement
A and B can now exchange packets on this link
Neighbor SolicitationICMP type = 135
Src = A Dst = Solicited-node multicast of B Data = link-layer address of A Query = what is your link address?
Neighbor AdvertisementICMP type = 136 Src = B Dst = A Data = link-layer address of B
A B
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 39
Auto-configuration
Sends Network-Type Information (Prefix, Default Route, …)
Host AutoconfiguredAddress Is:Prefix Received + Link-Layer Address
Mac Address: 00:2c:04:00:FE:56
Larger Address Space Enables:• The use of link-layer addresses inside the address
space• Auto-configuration with “no collisions”• Offers “plug and play”
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 40
DHCPv6DHCPv6 is an updated version of DHCPv4
Supports new addressing of IPv6Allows for more control and management than SLAACUsed for Service Provider Prefix Delegation to customersCan be used in conjunction with DDNSRatified in RFC 3315
There are several DHCP v6 implementations availableCisco IOS softwareCisco Network RegistrarMicrosoft Windows Server 2008Dibbler and ISC (Linux, BSD, Solaris)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 41
DHCPv6 OperationDHCPv6 operates in a similar manner to DHCPv4 with the following
exceptions:
• Client first detects the presence of routers on the link
• If found, the client examines the router advertisements to determine if DHCP can be employed
• If no router is found and/or DHCP is allowed to be used then the client:Sends DHCP SOLICT message to the all-DHCP-agents multicast addressUses the link-local address as the source address.
DHCPv6 Server
• Similar in function to DHCPv4
• Clients get address assigned
• Servers keep track of bindings
• Can operate in a stateless or state full manner. Stateless only assigns information not handled via SLAAC such and DNS, SIP server, etc.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 42
DHCPv6 Prefix Delegation• Service provider allocates block of addresses for delegation to customers
• Customer receives a prefix (e.g., /56)
• Router assigns /64 prefixes to LAN interfaces
• The CPE on the “WAN” side will act as a DHCP client, acquire the prefix and then assign smaller prefixes to its own interfaces. It will then serve as an IPv6 router on these interfaces
• Indirectly the Service Provider is providing an addressing scheme for the customer’s internal network.
ISP Network and InternetISP Network and Internet
DelegatingRouter
DHCP
HOST A
HOST B
DHCP ClientDHCP Server
CPERouter
RA SLAAC Client
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 43
DNS Basics
DNS is a database managing Resource Records (RR)Stockage of RR from various types—IPV4 and IPV6:
Start of Authority (SoA)Name Server Address—A and AAAAPointer—PTR
DNS is an IP applicationIt uses either UDP or TCP on top of IPv4 or IPv6
ReferencesRFC3596: DNS Extensions to Support IP Version 6RFC3363: Representing Internet Protocol Version 6 Addresses in Domain Name system (DNS)RFC3364: Tradeoffs in Domain Name System (DNS) Support for Internet Protocol version 6 (IPv6)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 44
IPv4 IPv6
Hostname to IP address
A record:www.abc.test. A 192.168.30.1
IPv6 and DNS
AAAA record: www.abc.test AAAA 2001:db8:C18:1::2
IP address to hostname
PTR record: 2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.8.1.c.0.8.b.d.0.1.0.0.2.ip6.arpa PTR www.abc.test.
PTR record:1.30.168.192.in-addr.arpa. PTR
www.abc.test.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 45
Router Advertisement
Stateless (RFC2462)RS Are Sent by Booting Nodes to Request RAs for Configuring the Interfaces; Host Autonomously Configures Its Own Link-Local Address
Source of RA
User of RA
A Bit M/O Bits
A Operation M/O Operation
PECPE
E10 Don’t Do Stateless
Address Assignment 11 Use Dhcpv6 for Address + Other Config. (i.e., Stateful Dhcpv6)
CPE Router Host 1 Do Stateless Address
Assignment 01 Use Dhcpv6 for Other Config. (i.e., Stateless Dhcpv6)
CPEHost
ISP Provisioning SystemDHCP Client DHCP Server
E0E1PE
ISP
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 46
Prefix/Options Assignment
DHCP ND/DHCPAAA
1. CPE Sends DHCP Solicit with ORO = PD
2. PE Sends RADIUS Request for the User
3. RADIUS Responds with User’s Prefix(es)
4. PE Sends DHCP REPLY with Prefix Delegation Options
5. CPE Configures Addresses from The Prefix on Its Downstream Interfaces, and Sends an RA. A-bit, O-bit are set to On
6. Host Configures Addresses Based on the Prefixes Received in the RA. As the O-bit Is on, It Sends a DHCP Information-request Message, with an ORO = DNS7. CPE Sends a DHCP REPLY
Containing Request Options
Host
ISP Provisioning System
E0E1PE
ISP
DHCP Client DHCP Server
CPE
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 47
Deployment
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 48
IPv4-IPv6 Transition/Coexistence
A wide range of techniques have been identified and implemented, basically falling into three categories:
1. Dual-stack techniques, to allow IPv4 and IPv6 toco-exist in the same devices and networks
2. Tunneling techniques, to avoid order dependencies when upgrading hosts, routers, or regions
3. Translation techniques, to allow IPv6-only devices to communicate with IPv4-only devices
Expect all of these to be used, in combination
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 49
Dual Stack Approach
Dual Stack Node Means: Both IPv4 and IPv6 stacks enabled Applications can talk to both Choice of the IP version is based on name lookup and application
preference
TCP UDP
IPv4 IPv6
Application
Data Link (Ethernet)
0x0800 0x86dd
TCP UDP
IPv4 IPv6
IPv6-Enabled Application
Data Link (Ethernet)
0x0800 0x86dd Frame Protocol ID
Preferred Method on
Application’s Servers
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 50
Host Running Dual Stack
In a Dual Stack Case, an Application that: Is IPv4 and IPv6-enabled Asks the DNS for all types of addresses Chooses one address and, for example, connects to the IPv6 address
DNS Server IPv6
www.a.com = * ?
2001:db8::1
2001:db8::110.1.1.1
IPv4
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 51
Cisco IOS Dual Stack Configuration
Cisco IOS® Is IPv6-Ready: If IPv4 and IPv6 are configured on one interface, the router is dual-stacked
Telnet, Ping, Traceroute, SSH, DNS client, TFTP, etc.
IPv6 and IPv4 Network
Dual-Stack Router
IPv4: 192.168.99.1
IPv6: 2001:db8:213:1::/64 eui-64
router#ipv6 unicast-routing
interface Ethernet0ip address 192.168.99.1 255.255.255.0ipv6 address 2001:db8:213:1::/64 eui-64
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 52
IPv6 Using a Dual Stack Backbone
IPv4/IPv6Core
IPv4/IPv6Core
CE
IPv6IPv4
PE P P PE CE IPv4IPv4
IPv6IPv6
IPv6 configured interface
IPv4 configured interface
Some or all interfaces in clouddual configured
IPv6 + IPv4CoreIPv4 + IPv6 Edge IPv4 and/or IPv4 edgeDual Stack App
• All P + PE routers are capable of IPv4+IPv6 support
• Two IGPs supporting IPv4 and IPv6
• Memory considerations for larger routing tables
• Native IPv6 multicast support
• All IPv6 traffic routed in global space
• Good for content distribution and global services (Internet)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 53
IPv6 Dual Stack Configuration
IPv4/IPv6Core
IPv4/IPv6Core
CE
IPv6IPv4IPv6IPv4
PE P P PE CE IPv4IPv4
IPv6IPv6
IPv6 + IPv4CoreIPv4 + IPv6 Edge IPv4 and/or IPv4 edgeDual Stack App
ipv6 unicast-routinginterface Ethernet0ip address 192.168.99.1 255.255.255.0ipv6 address 2001:db8:213:1::1/64
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 54
Manually Configured IPv6 over IPv4 Tunnel
IPv4
IPv6 Network IPv6 Network
Dual-Stack Router2Dual-Stack Router1
IPv4: 192.168.99.1 IPv6: 2001:db8:800:1::3
IPv4: 192.168.30.1IPv6: 2001:db8:800:1::2
router1#
interface Tunnel0ipv6 enableipv6 address 2001:db8:c18:1::3/127tunnel source 192.168.99.1tunnel destination 192.168.30.1tunnel mode ipv6ip
router2#
interface Tunnel0ipv6 enableipv6 address 2001:db8:c18:1::2/127tunnel source 192.168.30.1tunnel destination 192.168.99.1tunnel mode ipv6ip
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 55
Manually Configured GRE Tunnel
IPv4
IPv6 Network IPv6 Network
Dual-Stack Router2Dual-Stack Router1
IPv4: 192.168.99.1IPv6: 2001:db8:800:1::3
IPv4: 192.168.30.1IPv6: 2001:db8:800:1::2
router1#
interface Tunnel0ipv6 enableipv6 address 2001:db8:c18:1::3/128tunnel source 192.168.99.1tunnel destination 192.168.30.1tunnel mode gre ipv6
router2#
interface Tunnel0ipv6 enableipv6 address 2001:db8:c18:1::2/128tunnel source 192.168.30.1tunnel destination 192.168.99.1tunnel mode gre ipv6
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 56
6rd
IPv4Backbone Network
IPv4Backbone Network
RG
IPv6/IPv4IPv6/IPv4
IPv4 Backbone Network
6rd tunnel IPv6 InternetIPv6 Internet
6rd BR
• Native dual stack IPv4/IPv6 in the home• Simple, stateless and automatic IPv6-in-IPv4 encapsulation• IPv6 traffic follows IPv4 routing between CE and 6rd BR• Standardized in RFC 5969• BR are placed at the IPv6 edge and addressed via anycast
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 57
DSLite (IPv6 ISP Network)
IPv6Backbone Network
IPv6Backbone Network
CPE (B4)
RFC1918RFC1918
IPv6 Backbone Network
IPv4 Tunnel IPv4 InternetIPv4 Internet
BR (AFTR)NAT44
• 4over6 Tunnel• V4 to V4 CGN• Nothing special required with DNS• Does require CPE support
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 58
NAT64 (IPv6 ISP and Customer Network)
IPv6Backbone Network
IPv6Backbone Network
CPE
IPv6IPv6
IPv6 Backbone Network
IPv4 InternetIPv4 Internet
NAT64
DNS64
• Used when backbone is IPv6 and clients are IPv6 only• Allows IPv6 endpoint to access the IPv4 Internet• Requires DNS64• No CPE or network modifications required
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 59
Resources
http://www.cisco.com/web/solutions/netsys/ipv6/index.html
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 60