1 ipv6 @ cisco systems alan lee cisco systems alan lee cisco systems

47
1 IPv6 @ Cisco Systems Alan Lee Cisco Systems

Upload: jason-lang

Post on 20-Jan-2016

221 views

Category:

Documents


1 download

TRANSCRIPT

Page 1: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

1

IPv6 @ Cisco SystemsIPv6 @ Cisco Systems

Alan Lee

Cisco Systems

Alan Lee

Cisco Systems

Page 2: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

2Cisco Internal Use Only

A need for IPv6?A need for IPv6?

• IETF IPv6 WG began in early 90s, to solve addressing growth issues, but

CIDR, NAT,… were developed

• IPv4 32 bits address = 4 billion hosts

~40% of the IPv4 address space is still unallocated

BUT …

• IP is everywhere

Data, Voice, Audio and Video integration is a Reality

Regional Registries apply a strict allocation control

Addressing scheme is not optimum as for any

• So, let’s play with Numbers and focus on Applications

Page 3: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

3Cisco Internal Use Only

Why a larger address space is needed

Why a larger address space is needed

• Overall Internet is still growing at 400%/year worldwide~320 million users in 2000, ~550 million by 2005

• Emerging population/geopolitical & Address spaceStandford University has more address space than overall China

How to move to e-Economy without Global Internet access ??

• 400 million mobile phone users in 2000, over 1 billion by 2005UMTS Release 5 is Internet Mobility, 1/3 of 1B should get connected

• ~1 Billion cars in 2010, 15% should get GPS and Yellow Page services

• Billion of new Internet appliances for Home usersAlways-On

Page 4: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

4Cisco Internal Use Only

Explosion of New Internet Appliances

Explosion of New Internet Appliances

Page 5: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

5Cisco Internal Use Only

Coming Back to an End-to-End Architecture

Coming Back to an End-to-End Architecture

GlobalAddressing

Realm

Always-on Devices Need an Address

When You Call Them

New Technologies/Applications for Home Users‘Always-on’—Cable, DSL, Ethernet@home, Wireless,…

New Technologies/Applications for Home Users‘Always-on’—Cable, DSL, Ethernet@home, Wireless,…

Page 6: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

6Cisco Internal Use Only

IPv6 MarketsIPv6 Markets

• Academic : now

Internet-II (Abilene, vBNS+), Canarie*3, Renater-II, Surfnet, DFN, CERNET,… 6REN/6TAP

• Geographies & Politics: Now

Prime Minister of Japan called for IPv6 (taxes reduction)

EEC summit PR advertised IPv6 as the way to go for Europe

President Clinton signed an Executive Memorandum on 3G

• Wireless (PDA, Mobile, Car,...): now-to-2003

Multiple phases before deployment

RFP -> Integration -> trial -> commercial

Requires ‘client devices’, eg. IPv6 handset ?

Page 7: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

7Cisco Internal Use Only

IPv6 MarketsIPv6 Markets

• Home Networking: CY2002?

Set-top box/Cable/xDSL/Ether@Home

Residential Voice over IP gateway

• Gaming (10B$ market): 2001-2002?

Sony, Sega, Nintendo, Microsoft

• Consumer PC: H2 CY 2001-2003

• Enterprise: H2 CY 2001-2003

Requires Microsoft IPv6 support, as well as other O.S. & Applications

• Service Providers: NowService Providers: Now

Regional ISP, Carriers, Mobile ISP, and Greenfield ISP’s

Page 8: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

8Cisco Internal Use Only

Integration of IPv6 ServicesIntegration of IPv6 Services

The UbiquitousThe UbiquitousInternetInternet

Large Address Space

Auto-ConfigurationEnhanced Mobility

Page 9: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

9Cisco Internal Use Only

IPv6 AddressesBootstrap phaseIPv6 AddressesBootstrap phase

• Where to get address space?

Real IPv6 address space now allocated by APNIC, ARIN and RIPE NCC

APNIC 2001:0200::

ARIN 2001:0400::

RIPE NCC 2001:0600::

6Bone 3FFE::

Have a look at http://wwwin.cisco.com/ios/ipv6 for more information

Page 10: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

10Cisco Internal Use Only

IPv6 Address SpaceCurrent AllocationsIPv6 Address SpaceCurrent Allocations

• APNIC (whois.apnic.net)CONNECT-AU-19990916 2001:210::/35

WIDE-JP-19990813 2001:200::/35

NUS-SG-19990827 2001:208::/35

KIX-KR-19991006 2001:220::/35

ETRI-KRNIC-KR-19991124 2001:230::/35

NTT-JP-19990922 2001:218::/35

HINET-TW-20000208 2001:238::/35

IIJ-JPNIC-JP-20000308 2001:240::/35

CERNET-CN-20000426 2001:250::/35

INFOWEB-JPNIC-JP-2000502 2001:258::/35

JENS-JP-19991027 2001:228::/35

BIGLOBE-JPNIC-JP-20000719 2001:260::/35

6DION-JPNIC-JP-20000829 2001:268::/35

DACOM-BORANET-20000908 2001:270::/35

ODN-JPNIC-JP-20000915 2001:278::/35

KOLNET-KRNIC-KR-20000927 2001:280::/35

HANANET-KRNIC-KR-20001030 2001:290::/35

TANET-TWNIC-TW-20001006 2001:288::/35 January 5th, 2001

SONYTELECOM-JPNIC-JP-20001207 2001:298::/35

TTNET-JPNIC-JP-20001208 2001:2A0::/35

CCCN-JPNIC-JP-20001228 2001:02A8::/35

IMNET-JPNIC-JP-20000314 2001:0248::/35

KORNET-KRNIC-KR-20010102 2001:02B0::/35 • ARIN (whois.arin.net)ESNET-V6 2001:0400::/35

ARIN-001 2001:0400::/23

VBNS-IPV6 2001:0408::/35

CANET3-IPV6 2001:0410::/35

VRIO-IPV6-0 2001:0418::/35

CISCO-IPV6-1 2001:0420::/35

QWEST-IPV6-1 2001:0428::/35

DEFENSENET 2001:0430::/35

ABOVENET-IPV6 2001:0438::/35

SPRINT-V6 2001:0440::/35

UNAM-IPV6 2001:0448::/35

GBLX-V6 2001:0450::/35

Page 11: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

11Cisco Internal Use Only

IPv6 Address SpaceCurrent AllocationsIPv6 Address SpaceCurrent Allocations

• RIPE (whois.ripe.net)UK-BT-19990903 2001:0618::/35

CH-SWITCH-19990903 2001:0620::/35

AT-ACONET-19990920 2001:0628::/35

UK-JANET-19991019 2001:0630::/35

DE-DFN-19991102 2001:0638::/35

NL-SURFNET-19990819 2001:0610::/35

RU-FREENET-19991115 2001:0640::/35

GR-GRNET-19991208 2001:0648::/35

EU-UUNET-19990810 2001:0600::/35

DE-TRMD-20000317 2001:0658::/35

FR-RENATER-20000321 2001:0660::/35

EU-EUNET-20000403 2001:0670::/35

DE-IPF-20000426 2001:0678::/35

DE-NACAMAR-20000403 2001:0668::/35

DE-XLINK-20000510 2001:0680::/35

DE-ECRC-19991223 2001:0650::/35

FR-TELECOM-20000623 2001:0688::/35

PT-RCCN-20000623 2001:0690::/35

SE-SWIPNET-20000828 2001:0698::/35

PL-ICM-20000905 2001:06A0::/35

DE-SPACE-19990812 2001:0608::/35

BE-BELNET-20001101 2001:06A8::/35

SE-SUNET-20001218 2001:06B0::/35

IT-CSELT-20001221 2001:06B8::/35

SE-TELIANET-20010102 2001:06C0::/35

Page 12: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

12Cisco Internal Use Only

IPv6 @Cisco SystemsIPv6 @Cisco Systems

• Co-chair of IETF IPv6 WG

• Well Known Cisco 6Bone router

~ 50 tunnels with other companies acts as 6to4 Relay

• ‘Founding Member’ of the IPv6 Forum

• Official CCO IPv6 page is www.cisco.com/ipv6

Cisco IPv6 Statement of Direction published last June

Cisco IOS IPv6 EFT available for free since 3 years

~around 500 sites running Worldwide

Page 13: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

13Cisco Internal Use Only

IPv6 ForumIPv6 Forum

• 98 companies

Cisco is a founding member

Regularly speaking at every summit

• www.ipv6forum.com

• Mission is to promote IPv6 not to specify it (IETF)

• Global and Regional summit

U.S.,Japan, Spain, Middle-East, Canada, Korea,...

Page 14: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

14Cisco Internal Use Only

IPv6 @Cisco SystemsIPv6 @Cisco Systems

• Official Cisco IPv6 prefix registered to ARIN

Done by MIS to study Multi-Homing

2001:0420::/35

• Cisco IOS IPv6 Training is ready to be delivered

Spread IPv6 knowledge to Customers, Partners and Cisco S.E.

• Ready to deliver a commercial release of Cisco IOS IPv6

Page 15: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

15Cisco Internal Use Only

Phase IIIBeyond Mid-2001Phase IIIBeyond Mid-2001

Phase IIMid-2001

Phase IIMid-2001

Phase IIOS 12.2(1)TQ1 CY 2001

Phase IIOS 12.2(1)TQ1 CY 2001 Early Adopter DeploymentEarly Adopter Deployment

Production Backbone Deployment

Production Backbone Deployment

Enhanced IPv6 ServicesEnhanced IPv6 Services

Market TargetMarket TargetIOS ReleaseIOS Release

Cisco IOS Roadmap:The Confluence of IPv4/IPv6

Cisco IOS Roadmap:The Confluence of IPv4/IPv6

IOS upgrade =Free IPv6 support

Page 16: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

16Cisco Internal Use Only

Where is the IPv6 roadmap coming from?

Where is the IPv6 roadmap coming from?

Support the features set required by other standard

bodies, eg. 3GPP/UMTS, MWIF

Develop Cisco IPv6 AddedValue features to promote

our Solutions

Add support for new IPv6 developments coming from

IETF WG when it makes sense

Provide same func. between IPv4 and IPv6 Features

but it is time to forget some old IPv4 features

Listening our CustomersListening our Customers

Page 17: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

17Cisco Internal Use Only

Cisco IOS IPv6 TeamCisco IOS IPv6 Team

• IOS Europe

Main IPv6 components for IOS

IPv6 D.E. Manager is Trevor Warwick

CEFv6 done in CEF team

• Ottawa

Port on 12.0ST for GSR support

CEFv6 coordination

Dev. Test help

• San Jose

NAT-PT, Routing (OSPF & E-IGRP), Multicast, TMBU,...

Page 18: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

18Cisco Internal Use Only

Phase IFunc. SpecsENG-61696IOS 12.2(1)TQ1 CY 2001

Any router able to run this releaseCisco 800 toCisco 7500

Phase IFunc. SpecsENG-61696IOS 12.2(1)TQ1 CY 2001

Any router able to run this releaseCisco 800 toCisco 7500

IPv6 Basic specification (RFC 2460)ICMPv6, Neighbor DiscoveryStateless auto-configuration

RIPv6 (RFC 2080)Multi-Protocol extensions for BGP4

(RFC 2545 & 2858)Configured and Automatic Tunnels

6to4 TunnelStandard Access List

IPv6 over Ethernet (10/100/1000Mb/s),FDDI, Cisco HDLC, ATM and FR PVC,

PPP (Serial, POS, ISDN)Ping, Traceroute, Telnet, TFTP,

IPv6 Basic specification (RFC 2460)ICMPv6, Neighbor DiscoveryStateless auto-configuration

RIPv6 (RFC 2080)Multi-Protocol extensions for BGP4

(RFC 2545 & 2858)Configured and Automatic Tunnels

6to4 TunnelStandard Access List

IPv6 over Ethernet (10/100/1000Mb/s),FDDI, Cisco HDLC, ATM and FR PVC,

PPP (Serial, POS, ISDN)Ping, Traceroute, Telnet, TFTP,

IPv6 Features SupportedIPv6 Features SupportedIOS ReleaseIOS Release

Cisco IOS IPv6 Phase ICisco IOS IPv6 Phase I

IOS upgrade =Free IPv6 support

Page 19: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

19Cisco Internal Use Only

Phase II PRDENG-70706Available on IOS 12.2(3)T or (4)T

Target EFT dates in ()

Under evaluation:12.0ST for GSRand 12.2S?

Phase II PRDENG-70706Available on IOS 12.2(3)T or (4)T

Target EFT dates in ()

Under evaluation:12.0ST for GSRand 12.2S?

i/IS-ISv6 (Q1 CY01)CEFv6/dCEFv6 (Q3 CY01)

Dial (Q2 CY01)Extended Access List (Q3 CY01)

NAT-PT (Q2 CY01)IPv6 Edge router (6PE) over MPLS

(Q3 CY01)DNS AAAA client (Q1 CY01)

IPv6 MIB Phase I Sustaining

i/IS-ISv6 (Q1 CY01)CEFv6/dCEFv6 (Q3 CY01)

Dial (Q2 CY01)Extended Access List (Q3 CY01)

NAT-PT (Q2 CY01)IPv6 Edge router (6PE) over MPLS

(Q3 CY01)DNS AAAA client (Q1 CY01)

IPv6 MIB Phase I Sustaining

IPv6 Features under developmentIPv6 Features under developmentIOS ReleaseIOS Release

Cisco IOS IPv6 Phase IICisco IOS IPv6 Phase II

Page 20: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

20Cisco Internal Use Only

Phase IIIno PRD yet

Target EFT: End of CY01, H1 CY02

All IOS team should think ‘IPv6’ at this time

Phase IIIno PRD yet

Target EFT: End of CY01, H1 CY02

All IOS team should think ‘IPv6’ at this time

OSPFv3: DE doing an evaluationE-IGRP: DE doing an evaluation

Mobile IPv6: Home Agent prototype currently under development

IPsec: mandated by IPv6 specs,Authentication required by OSPFv3 and Mobile IP Binding Association

IPv6 Multicast: MLD and PIMv6 SM as first candidates

OSPFv3: DE doing an evaluationE-IGRP: DE doing an evaluation

Mobile IPv6: Home Agent prototype currently under development

IPsec: mandated by IPv6 specs,Authentication required by OSPFv3 and Mobile IP Binding Association

IPv6 Multicast: MLD and PIMv6 SM as first candidates

Evaluation of IPv6 Phase III FeaturesEvaluation of IPv6 Phase III FeaturesIOS ReleaseIOS Release

Cisco IOS IPv6 Phase IIICisco IOS IPv6 Phase III

Page 21: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

21Cisco Internal Use Only

Phase IIIno PRD yet

Target EFT: End of CY01, H1 CY02

All IOS team should think ‘IPv6’ at this time

Phase IIIno PRD yet

Target EFT: End of CY01, H1 CY02

All IOS team should think ‘IPv6’ at this time

IPv6 QoS: Not different from IPv4(Diff. Serv. & RSVP). May be time toget rid from old IOS IPv4 features?

UMTS Rel. 5 requirements should gethigh priority.

Statistics (ala Netflow): Customers want to gather IPv6 statistics such

as IPv6 Src/Dst addresses, AS number & Bytes count

Tunnels

IPv6 QoS: Not different from IPv4(Diff. Serv. & RSVP). May be time toget rid from old IOS IPv4 features?

UMTS Rel. 5 requirements should gethigh priority.

Statistics (ala Netflow): Customers want to gather IPv6 statistics such

as IPv6 Src/Dst addresses, AS number & Bytes count

Tunnels

Evaluation of IPv6 Phase III FeaturesEvaluation of IPv6 Phase III FeaturesIOS ReleaseIOS Release

Cisco IOS IPv6 Phase IIICisco IOS IPv6 Phase III

Page 22: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

22Cisco Internal Use Only

Phase IIIno PRD yet

Target EFT: End of CY01, H1 CY02

All IOS team should think ‘IPv6’ at this time

Phase IIIno PRD yet

Target EFT: End of CY01, H1 CY02

All IOS team should think ‘IPv6’ at this time

Hardware Acceleration: See other presentations. Project in-progresson HFR, GSR, Cat.6K, DSBU L3SW.

Need IPv6 on ESR, 7200/NSEEncapsulation: review needed for

DPT, Cable and DSL, Network Management: SNMP over

IPv6, MIB update (RFC 2851)

Hardware Acceleration: See other presentations. Project in-progresson HFR, GSR, Cat.6K, DSBU L3SW.

Need IPv6 on ESR, 7200/NSEEncapsulation: review needed for

DPT, Cable and DSL, Network Management: SNMP over

IPv6, MIB update (RFC 2851)

Evaluation of IPv6 Phase III FeaturesEvaluation of IPv6 Phase III FeaturesIOS ReleaseIOS Release

Cisco IOS IPv6 Phase IIICisco IOS IPv6 Phase III

Page 23: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

23Cisco Internal Use Only

Open Topics!!!Open Topics!!!

• They are Technical and non-technical problems but have to be solved for the future acceptance of our IPv6 solutions

• IPv6 market acceptance versus development schedule

• IOS release and IPv6

T Train - ST Train - S Train - mainline

• What could be the future IPv6 routing table size?

• What is the IPv6 performance level needed, based on REAL IPv6 traffic expectations versus marketing competition?

Next 12 months?, 24 months?

Page 24: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

24Cisco Internal Use Only

Open Topics!!!Open Topics!!!

• IPv6 mandates IPsec, what is the role of an IPv6 Firewall?

Customers still want a single point of control/management

What should be the right Cisco platforms to terminate IPv6 IPsec tunnels?

• IPv6 QoS features set development priority

Dependent of Applications such as 3G, RVoIP,...

• Native IPv6 Network Management

IPv6 & Commercial O.S., N.M.S software, Java, SNMP, MIB update

what’s about COPS, AAA, OSS,…?

Page 25: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

25Cisco Internal Use Only

Open Topics!!!Open Topics!!!

• Transition Tools, which ones?

NAT support?

• Mobile IPv6 Services

Focus on Clients, Applications and Network design

• Interoperability and TAC support

How to reproduce all issues

Role of Professional Services

• Others ?

Page 26: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

26Cisco Internal Use Only

Deployment of IPv6 Services: What our Customers are saying !

Satisfy Business Drivers, aka. Applications requiring end-to-end IPv6 traffic forwarding, geographies with registry allocations issues

No Flag Day

No Performance Penalty, implementation must be scalable and reliable, but …

Minimize operational upgrade costs and training expenses

Investment Protection & Low startup cost

Incremental value-add Upgrade/Deployment

Preserve IPv6 - IPv4 connectivity/transparency

Starting with Edge upgrades enable IPv6 service offerings nowStarting with Edge upgrades enable IPv6 service offerings now

Page 27: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

27Cisco Internal Use Only

Deployment scenarioDeployment scenario

• Many ways to deliver IPv6 services to End Users

Most important is End to End IPv6 traffic forwarding

• IPv6 over IPv4 tunnels

• Separate native IPv6

no impact on IPv4 traffic & revenues

various data link layers ATM, FR, Serial, Sonet/SDH, WDM

• Dual stack Networks

IPv6 over MPLS or IPv4-IPv6 Dual Stack Routers

Page 28: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

28Cisco Internal Use Only

IPv6 Tunnels over IPv4 or MPLS Infrastructure

IPv4 Enterprise

• IPv6 over IPv4 Internet

ala 6Bone

• Any Cisco IOS 12.2(1)T routers can be used as IPv6 Edge

6to4 Tunnel

• Leveraging defined Tunneling Technology

• No impact on existing IPv4 or MPLS backbones

Edge IPv6 Infrastructure:

IPv6 Enterprise

IPv6 Enterprise

IPv6 Enterprise

IPv6 Enterprise

IPv6 over IPv4 Internet:IPv6 over IPv4 Internet:

Mobile DataMobile Data

Mobile DataMobile Data

Service ProviderIPv4 or MPLS Backbone

Service ProviderIPv4 or MPLS Backbone

Translating Gateway

Translating Gateway

Translating Gateway

Translating Gateway

Page 29: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

29Cisco Internal Use Only

Native IPv6 over Dedicated Links

IPv6 Enterprise

IPv6 Enterprise

IPv6 Enterprise

TranslatingGateway

• Native IPv6 over dedicated infrastructures

No impact on IPv4 traffic and revenues

• Any Cisco IOS 12.2(1)T routers can be configured

ATM & Frame Relay PVC’s

Serial Lines, Sonet/SDH, FE/GE

• GSR 12000 with Sonet/SDH interfaces can get IPv6 support

Today, EFT on private 12.0ST branch

• IPv6 over FE/GE, ATM or Sonet/SDH can run over an optical infrastructure (dedicated lamda)

Service Provider Service Provider ATM/FR/WDM ATM/FR/WDM

BackboneBackbone

Page 30: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

30Cisco Internal Use Only

IPv6 Edge Router (6PE) over MPLS

IPv6 Edge Router (6PE) over MPLS

144.254.0.0

2001:0421::

2001:0420::

P P

PP 6PE

6PE IPv4

IPv6

IPv6

192.76.170.0

134.95.0.0

2001:0621::

IPv46PE

6PEIPv4

IPv6

2001:0620::

IPv6

MP-iBGP sessions

v6

v6

v6

v6

v4

v4

v4

• Many Carriers, large ISP and Mobile SP have invested on MPLS solutions

• Core devices may be ATM switches, GSR or competitor nodes• Leverages of MPLS features, eg. MPLS/VPN, TE, CoS,...

• UMTS Release 5 requires IPv6• GSM, GPRS and UMTS Release 99 needs circuit switching as well as IP

• Multiple implementation’s options to integrate IPv6• IPv6 on CE, IPv6 over AToM, IPv6 Edge router (6PE)IPv6 Edge router (6PE), native IPv6 MPLS• 6PE allows the SP to offer IPv6 at lower cost and risk

OC48/192

Page 31: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

31Cisco Internal Use Only

Dual Stack IPv4-IPv6 backbone

Dual Stack IPv4-IPv6 backbone

• May require IPv4-IPv6 Hardware Forwarding

• Memory size for IPv4 and IPv6 routing tables

• Should IPv4 and IPv6 route to a single dual-stack edge router the same?

• Dual stack management?

• IPv4 and IPv6 traffic should not impact each other.

IPv4/v6 Enterprise

IPv4/v6 Enterprise

IPv6 Enterprise

Service Provider Service Provider IPv4/IPv6IPv4/IPv6BackboneBackbone

TranslatingGateway

IPv6Router

IPv4Enterprise

IPv4Enterprise

Page 32: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

32Cisco Internal Use Only

Native IPv6-Only BackboneNative IPv6-Only Backbone

• Will require:

IPv4 over IPv6 Tunnels for IPv4 traffic

Hardware forwarding for IPv6

NAT-PT for IPv4-IPv6 communications

Network Managementover IPv6

IPv6 Intranet

IPv4 Tunnel

IPv4/v6 IntranetMobile IPv6

IPv4 Intranet

IPv6 Intranet

IPv6 BackboneIPv6 Backbone

Translating Gateway

Translating Gateway

Translating Gateway

Translating Gateway

Page 33: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

33Cisco Internal Use Only

Initial ConfigurationInitial Configuration

version 12.1

no service single-slot-reload-enable

service nagle

!

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

!

hostname ipv6-router

!

logging buffered 4096 debugging

logging rate-limit console 10 except errors

!

Page 34: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

34Cisco Internal Use Only

Initial ConfigurationInitial Configuration

aaa new-modelaaa authentication login vty group tacacs+ enableenable secret <removed>!clock timezone PST -8clock summer-time PDT recurring last Sun Mar 1:00 last Sun ip subnet-zerono ip fingerip ftp source-interface Fddi0ip ftp username <removed>ip ftp password <removed>ip domain-name cisco.comip name-server <ipv4>ip dhcp smart-relay!no ip bootp serverip multicast-routing!

Page 35: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

35Cisco Internal Use Only

IPv6 Configured TunnelsIPv6 Configured Tunnels

ipv6 unicast-routing!! Tunnel0 use RIPv6 for routinginterface Tunnel0 description <removed> no ip address ipv6 unnumbered Ethernet0 ipv6 rip 6bone enable destination IP address tunnel source Fddi0 tunnel destination <ipv4> tunnel mode ipv6ip!! Tunnel1 use BGP4+ 6BONE peer-groupinterface Tunnel1 description <removed> no ip address ipv6 address 3FFE:700:20:1::12/126 tunnel source Fddi0 tunnel destination <ipv4> tunnel mode ipv6ip

Page 36: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

36Cisco Internal Use Only

IPv6 Configured TunnelsIPv6 Configured Tunnels

! Tunnel2 use BGP4+ 6BONE peer-groupinterface Tunnel2 description <removed> no ip address ipv6 address 3FFE:C00:E:10::1/126 tunnel source Fddi0 tunnel destination <ipv4> tunnel mode ipv6ip!! Tunnel3 use static routeinterface Tunnel3 description <removed> no ip address ipv6 address 3FFE:C00:E:0:1::5/126 tunnel source Fddi0 tunnel destination <ipv4> tunnel mode ipv6ip!

Page 37: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

37Cisco Internal Use Only

6to4 Tunnel6to4 Tunnel

! Tunnel47 use BGP4+ with no peer-groupinterface Tunnel47 description <removed> no ip address ipv6 address 3FFE:3600::B/127 tunnel source Fddi0 tunnel destination <ipv4> tunnel mode ipv6ip!! Skipped about 50 configured tunnels! Next one is 6to4 tunnel! Router can be 6to4 relay with 2002::/16 static routeinterface Tunnel2002 no ip address no ip redirects ipv6 address 2002:X:X::1/128 ipv6 address FE80::60:3E11:6770:3E link-local tunnel source Fddi0 tunnel mode ipv6ip 6to4

Page 38: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

38Cisco Internal Use Only

Interface ConfigurationInterface Configuration

! Physical interfaces with ipv4 and/or ipv6 addressesinterface Ethernet0 ip address <ipv4> 255.255.255.248 no ip route-cache no ip mroute-cache no keepalive media-type 10BaseT ipv6 enable ipv6 address 3FFE:C00:0:1::/64 eui-64 ipv6 rip 6bone enable!interface Ethernet1 ip address <ipv4> 255.255.255.248 no ip route-cache no ip mroute-cache media-type 10BaseT!interface Fddi0 ip address <ipv4> 255.255.255.224 no ip route-cache no ip mroute-cache no keepalive ipv6 address 3FFE:C00:0:2::/64 eui-64

Page 39: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

39Cisco Internal Use Only

EIGRP for IPv4 and BGP+ for IPv6EIGRP for IPv4 and BGP+ for IPv6

router eigrp 109 network <ipv4> auto-summary no eigrp log-neighbor-changes!router bgp 109!! Disable ipv4 unicast to support other address families! no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 6BONE peer-group neighbor 3FFE:700:20:1::11 remote-as 293 neighbor 3FFE:C00:E:10::2 remote-as 7610!

Page 40: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

40Cisco Internal Use Only

IPv6 Address FamilyIPv6 Address Family

address-family ipv6 neighbor 6BONE activate neighbor 6BONE send-community neighbor 6BONE override-capability-neg neighbor 6BONE prefix-list bgp-in in neighbor 6BONE prefix-list aggregate out neighbor 6BONE route-map SET6TO4COMMUNITY out!! Most neighbors should use peer-group! neighbor 3FFE:700:20:1::11 peer-group 6BONE neighbor 3FFE:C00:E:10::2 peer-group 6BONE!

Page 41: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

41Cisco Internal Use Only

End of BGP4+End of BGP4+

! Neighbors not using peer-group! neighbor 3FFE:3600::A activate neighbor 3FFE:3600::A send-community neighbor 3FFE:3600::A override-capability-neg neighbor 3FFE:3600::A prefix-list bgp-in in neighbor 3FFE:3600::A prefix-list aggregate out neighbor 3FFE:3600::A route-map SET6TO4COMMUNITY out! bgp dampening 30 1000 2000 60!! This is the 6to4 address space. network 2002::/16!! This is Cisco's pTLA for the 6bone network 3FFE:C00::/24! exit-address-family

Page 42: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

42Cisco Internal Use Only

IPv4 Access ListsIPv4 Access Lists

ip classlessip tacacs source-interface Fddi0no ip http server!logging trap debugginglogging facility local6logging <removed>!! IPv4 VTY access-list!access-list 198 permit ip <removed> anyaccess-list 198 deny ip any any log!

Page 43: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

43Cisco Internal Use Only

IPv6 Static Routes and RIPv6IPv6 Static Routes and RIPv6

! 2002::/16 points to the 6to4 tunnelipv6 route 2002::/16 Tunnel2002!! static route for Cisco's Site-Local-Addressipv6 route 3FFE:C00:E::/48 Null0!! static route for a site with no routing protocolipv6 route 3FFE:C00:800E::/48 Tunnel3!! static route for our /24 pTLA from the 6boneipv6 route 3FFE:C00::/24 Null0!! RIPv6ipv6 router rip 6bone!

Page 44: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

44Cisco Internal Use Only

IPv6 Access-listsIPv6 Access-lists

! IPv6 access-list to protect the vty portsipv6 access-list vty deny ::/0 any!! Prefix-list for BGP4+ peersipv6 prefix-list aggregate seq 5 deny 3FFE:C00::/24 ge 25ipv6 prefix-list aggregate seq 10 permit ::/0 le 48!ipv6 prefix-list bgp-in seq 5 deny 5F00::/8 le 128ipv6 prefix-list bgp-in seq 10 deny ::/0ipv6 prefix-list bgp-in seq 15 deny ::/1ipv6 prefix-list bgp-in seq 20 deny ::/2ipv6 prefix-list bgp-in seq 25 deny ::/3 ge 4ipv6 prefix-list bgp-in seq 30 permit ::/0 le 128!! 6to4 address space is tagged with no-exportipv6 prefix-list 6to4 seq 5 permit 2002::/16!route-map SET6TO4COMMUNITY permit 10 match ipv6 address prefix-list 6to4 set community no-export!route-map SET6TO4COMMUNITY permit 20!

Page 45: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

45Cisco Internal Use Only

Ending ConfigurationEnding Configuration

tacacs-server host <removed>tacacs-server host <removed>tacacs-server timeout 15banner motd <removed>!line con 0 exec-timeout 3 0 transport input noneline aux 0 transport input allline vty 0 4 ipv6 access-list vty in access-class 198 in exec-timeout 0 0 login authentication vty!exception core-file <removed>exception protocol ftpexception dump <removed>ntp clock-period 17179631ntp source Fddi0ntp update-calendarntp server <removed>end

Page 46: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

46Cisco Internal Use Only

Further ReferencesFurther References

• wwwin.cisco.com/ios/ipv6

• www.cisco.com/ipv6

• ipv6-interest

• cs-ipv6

Page 47: 1 IPv6 @ Cisco Systems Alan Lee Cisco Systems Alan Lee Cisco Systems

47Presentation_ID © 1999, Cisco Systems, Inc. www.cisco.com