Professional Documents
Culture Documents
SANOG V
Dhaka, Bangladesh
11 February 2005
• Available on
ftp://ftp-eng.cisco.com
/pfs/seminars/SANOG5-IPv6-Tutorial.pdf
And on the SANOG5 website
• Feel free to ask questions any time
• Introduction to IPv6
• IPv6 Routing
• OSPFv3
• BGP for IPv6
• IPv6 Filtering
• Integration & Transition
• Deployment
• Internet population
~600 million users in Q4 CY2002
~945M by end CY 2004 – only 10-15%
How to address the future Worldwide population? (~9B in CY
2050)
• Emerging Internet countries need address space, e.g.:
China uses more than a /7 today
China would need more than a /4 of IPv4 address space if
every student (320M) is to get an IPv4 address
U nite d K in gd om
S w e d en P O L -3 4 CESnet
T he N etherlands
R enater G re e ce G R net
A u stria
6N ET C O RE A T M L in k STM 16 PO S
ST M 1 PO S (over L2 tunnel)
• Market segments
Mobile phone industry goes to IP: 3GPP/3GPP2/MWIF
Wireless service providers have had IPv4 address requests
rejected for long term business plan
Vertical markets need the infrastructure: Police, Army, Fire
Department, Transports
Some 802.11 Hot Spots already offer an IPv6 connectivity
• Commercial services need a phased approach
R&D (03), Trial (04-05), Deployment (06 & beyond)
• Key driver is the client’s device & application
Symbian 7.0, Microsoft Pocket PC 4.1, Netfront 3.x,…
Global
Addressing
Realm
Fragment Next
Identification Flags Payload Length Hop Limit
Offset Header
IPv4 = 32 bits
IPv4
32 bits
= 4,294,967,296 possible addressable devices
IPv6
128 bits: 4 times the size in bits
38
= 3.4 x 10 possible addressable devices
= 340,282,366,920,938,463,463,374,607,431,768,211,456
∼ 5 x 1028 addresses per person on the planet
SANOG V © 2005, Cisco Systems, Inc. All rights reserved. 23
How Was The IPv6 Address Size Chosen?
001
Registry
ISP prefix
Site prefix
LAN prefix
Only
Customer announces
no 1 the /32
ISP prefix
2001:0410:0001:/48
2001:0410::/32
2001:0410:0002:/48
• Larger address space enables:
Aggregation of prefixes announced in the global routing
table
Efficient and scalable routing
But current Internet multihoming solution breaks this model
00 90 27 17 FC 0F
FF FE
64 bits version 00 90 27 FF FE 17 FC 0F
1 = unique
Uniqueness of the MAC 000000X0 where X=
0 = not unique
X=1
Eui-64 address 02 90 27 FF FE 17 FC 0F
LAN: 2001:410:213:1::/64
Ethernet0
interface Ethernet0
ipv6 address 2001:410:213:1::/64 eui-64
MAC address: 0060.3e47.1530
Mac address:
00:2c:04:00:FE:56
Mac address:
00:2c:04:00:FE:56
Host auto-configured
address is: Sends NEW network-type
NEW prefix received + information (prefix, default
route, …)
SAME link-layer address
• Broadcasts in IPv4
Interrupts all devices on the LAN even if the intent of
the request was for a subset
Can completely swamp the network (“broadcast
storm”)
• Broadcasts in IPv6
Are not used and replaced by multicast
• Multicast
Enables the efficient use of the network
Multicast address range is much larger
IPv4 IPv6
• Security
Nothing IPv4 doesn’t do – IPSec runs in both
but IPv6 mandates IPSec
• QoS
Nothing IPv4 doesn’t do –
Differentiated and Integrated Services run in both
So far, Flow label has no real use
• V6ops
Replaces ngtrans working group
Focus moved to IPv6 operations from developing
transition tools and techniques
• Multi6
Focus on multihoming for IPv6
Little progress apart from defining the problem
Router1# Area 0
interface Ethernet0
ipv6 address 2001:1:1:1::1/64 Router2
ipv6 ospf 1 area 0
LAN1: 2001:1:1:1::/64
interface Ethernet1
Eth0
ipv6 address 2001:2:2:2::2/64
ipv6 ospf 1 area 1
Router1
Eth1
ipv6 router ospf 1
router-id 1.1.1.1 LAN2: 2001:2:2:2::/64
area 1 range 2001:2:2::/48
Area 1
Router1#
interface ethernet-1
ip address 10.1.1.1 255.255.255.0
ipv6 address 2001:0001::45c/64
LAN1: 2001:0001::45c/64 ip router isis
ipv6 router isis
Ethernet-1
interface ethernet-2
Router1 ip address 10.2.1.1 255.255.255.0
Ethernet-2 ipv6 address 2001:0002::45a/64
ip router isis
LAN2: 2001:0002::45a/64 ipv6 router isis
router isis
address-family ipv6
redistribute static
Dual IPv4/IPv6 configuration. exit-address-family
net 42.0001.0000.0000.072c.00
Redistributing both IPv6 static routes redistribute static
and IPv4 static routes.
SANOG V © 2005, Cisco Systems, Inc. All rights reserved. 64
Multi-Topology IS-IS extensions
• Multi-Topology ID Values
Multi-Topology ID (MT ID) standardized and in use in Cisco IOS:
MT ID #0 – “standard” topology for IPv4/CLNS
MT ID #2 – IPv6 Routing Topology.
SANOG V © 2005, Cisco Systems, Inc. All rights reserved. 65
Cisco IOS Multi-Topology ISIS
configuration example
Router1#
interface ethernet-1
Area B ip address 10.1.1.1 255.255.255.0
ipv6 address 2001:0001::45c/64
ip router isis
ipv6 router isis
isis ipv6 metric 20
LAN1: 2001:0001::45c/64
interface ethernet-2
Ethernet-1
ip address 10.2.1.1 255.255.255.0
Router1 ipv6 address 2001:0002::45a/64
ip router isis
Ethernet-2 ipv6 router isis
isis ipv6 metric 20
LAN2: 2001:0002::45a/64
router isis
• The optional keyword transition may net 49.0000.0100.0000.0000.0500
be used for transitioning existing IS- metric-style wide
IS IPv6 single SPF mode to MT IS-IS !
• Wide metric is mandated for Multi- address-family ipv6
Topology to work multi-topology
exit-address-family
Router1 Router2
AS 65001 AS 65002
3ffe:b00:c18:2:1::F 3ffe:b00:c18:2:1::1
Router1#
interface Ethernet0
ipv6 address 3FFE:B00:C18:2:1::F/64
!
router bgp 65001
bgp router-id 10.10.10.1
no bgp default ipv4-unicast
neighbor 3FFE:B00:C18:2:1::1 remote-as 65002
address-family ipv6
neighbor 3FFE:B00:C18:2:1::1 activate
neighbor 3FFE:B00:C18:2:1::1 prefix-list bgp65002in in
neighbor 3FFE:B00:C18:2:1::1 prefix-list bgp65002out out
exit-address-family
LSA
LSA type
Function Code
Router-LSA 1 0x2001
Network-LSA 2 0x2002
Inter-Area-Prefix-LSA 3 0x2003
Inter-Area-Router-LSA 4 0x2004
AS-External-LSA 5 0x4005
Group-membership-LSA 6 0x2006
Type-7-LSA 7 0x2007
Link-LSA 8 0x0008
Intra-Area-Prefix-LSA 9 0x2009
• Similar to OSPFv2
Prefixing existing Interface and Exec mode commands
with “ipv6”
• Exec mode
[no] show ipv6 ospf [<process ID>]
clear ipv6 ospf [<process ID>]
• General purpose
[no] debug ipv6 ospf packets
[no] debug ipv6 ospf retransmission
[no] debug ipv6 ospf tree
SANOG V © 2005, Cisco Systems, Inc. All rights reserved. 81
OSPFv3 configuration example
Area 0
Router1#
interface Ethernet0 Router2
ipv6 address 2001:1:1:1::1/64
ipv6 ospf 1 area 0 LAN1: 2001:1:1:1::/64
Area 0
Router2
LS age: 1714
LS Type: Inter Area Prefix Links
Link State ID: 0
Advertising Router: 1.1.1.1
LS Seq Number: 80000006
Checksum: 0x25A0
Length: 36
Metric: 1
Prefix Address: 2001:2:2:2::
Prefix Length: 64, Options: None
LS age: 283
Options: (IPv6 Router, Transit Router, E-Bit, No Type 7-to-5, DC)
LS Type: Link-LSA (Interface: Loopback0)
Link State ID: 11 (Interface ID)
Advertising Router: 3.3.3.3
LS Seq Number: 80000007
Checksum: 0xF1DD
Length: 60
Router Priority: 1
Link Local Address: FE80::205:5FFF:FEAC:1808
Number of Prefixes: 2
Prefix Address: 2001:1:1:3::
Prefix Length: 64, Options: None
Prefix Address: 2001:1:1:3::
Prefix Length: 64, Options: None
SANOG V © 2005, Cisco Systems, Inc. All rights reserved. 85
OSPFv3 on IPv6 Tunnels over IPv4
interface Tunnel0
no ip address
ipv6 address 2001:0001::45A/64
ipv6 address FE80::10:7BC2:ACC9:10 link-local
ipv6 router ospf 1 area 0
IPv6
Network
tunnel source Ethernet1
tunnel destination 10.42.2.1
tunnel mode ipv6ip
! IPv6 Tunnel
ipv6 router ospf 1
IPv4 IPv6
Backbone Tunnel
IPv6
IPv6 Tunnel
interface Tunnel0 Network
no ip address IPv6
ipv6 address 2001:0001::45C/64 Network
ipv6 address FE80::10:7BC2:B280:11 link-local
ipv6 router ospf 1 area 0
tunnel source Ethernet2
tunnel destination 10.42.1.1
tunnel mode ipv6ip
!
ipv6 router ospf 1
• RFC2858
Defines Multi-protocol Extensions for BGP4
Enables BGP to carry routing information of
protocols other than IPv4
e.g. MPLS, IPv6, Multicast etc
• RFC2545
Use of BGP Multiprotocol Extensions for IPv6
Inter-Domain Routing
SANOG V © 2005, Cisco Systems, Inc. All rights reserved. 89
Adding IPv6 to BGP…
• Independent operation
One RIB per protocol
e.g. IPv6 has its own BGP table
Distinct policies per protocol
• Peering sessions can be shared when the
topology is congruent
A
C
B
AS1 AS2
• TCP Interaction
BGP runs on top of TCP
This connection could be set up either over IPv4 or IPv6
• Router ID
When no IPv4 is configured, an explicit bgp router-id
needs to be configured
BGP identifier is a 32 bit integer currently generated from
the router identifier – which is generated from an IPv4
address on the router
This is needed as a BGP identifier, this is used as a tie
breaker, and is send within the OPEN message
SANOG V © 2005, Cisco Systems, Inc. All rights reserved. 95
BGP Configuration
network 2003:3:2::/64
network 2003:3:3::/64
Router A AS 1 A
:1
router bgp 1
no bgp default ipv4 unicast
bgp router-id 1.1.1.1 3ffe:b00:ffff:2/64
neighbor 3ffe:b00:ffff:2::2 remote-as 2
!
address-family ipv6
neighbor 3ffe:b00:ffff:2::2 activate AS 2
network 2003:3:2::/64 :2
network 2003:3:3::/64 B
!
Router A A
AS 1 e2
interface e2
ipv6 address 2001:412:ffco:1::1/64
!
router bgp 1
no bgp default ipv4 unicast
bgp router-id 1.1.1.1
neighbor fe80::260:3eff:c043:1143 remote-as 2
neighbor fe80::260:3eff:c043:1143 update source e2
address-family ipv6
neighbor fe80::260:3eff:c043:1143 activate
neighbor fe80::260:3eff:c043:1143 route-map next-hop out
!
route-map next-hop permit 5
set ipv6 next-hop 2001:412:ffco:1::1
! AS 2
B
fe80::260:3eff:c043:1143
SANOG V © 2005, Cisco Systems, Inc. All rights reserved. 98
BGP Configuration
Filtering Prefixes
3ffe:b00:c18:2:1::f
AS 1
AS 2
router bgp 1
no bgp default ipv4-unicast
neighbor 3FFE:B00:C18:2:1::1 remote-as 2 3ffe:b00:c18:2:1::2
neighbor 3FFE:B00:C18:2:1::2 remote-as 3
! AS 3
address-family ipv6
neighbor 3FFE:B00:C18:2:1::1 activate
neighbor 3FFE:B00:C18:2:1::1 prefix-list in-filter in
neighbor 3FFE:B00:C18:2:1::1 route-map fromAS2 in
neighbor 3FFE:B00:C18:2:1::2 activate
neighbor 3FFE:B00:C18:2:1::2 prefix-list in-filter in
network 3FFE:B00::/24
exit-address-family
!
route-map fromAS2 permit 10
set local-preference 120
SANOG V © 2005, Cisco Systems, Inc. All rights reserved. 100
BGP Configuration
Carrying IPv4 inside IPv6 peering
• Example
router bgp 1
neighbor 3ffe:b00:ffff:2::2 remote-as 2
!
address-family ipv4
neighbor 3ffe:b00:ffff:2::2 activate
neighbor 3ffe:b00:ffff:2::2 route-map ipv4 in
!
route-map ipv4 permit 10
set ip next-hop 131.108.1.1
• Logging
(conf-ipv6-acl)# permit tcp any any log-input
(conf-ipv6-acl)# permit ipv6 any any log
• Time based
(conf)# time-range bar
(conf-trange)# periodic daily 10:00 to 13:00
(conf-trange)# ipv6 access-list tin
(conf-ipv6-acl)# deny tcp any any eq www time-range bar
(conf-ipv6-acl)# permit ipv6 any any
• Reflect
A reflexive ACL is created dynamically, when traffic matches a permit
entry containing the reflect keyword.
The reflexive ACL mirrors the permit entry and times out (by default
after 3 mins), unless further traffic matches the entry (or a FIN is
detected for TCP traffic).
The timeout keyword allows setting a higher or lower timeout value.
Reflexive ACLs can be applied to TCP, UDP, SCTP and ICMPv6.
• Evaluate
Apply the packet against a reflexive ACL.
Multiple evaluate statements are allowed per ACL.
The implicit deny any any rule does not apply at the end of a reflexive
ACL; matching continues after the evaluate in this case.
[no] evaluate
Evaluate the dynamically created acl via the permit reflect keyword.
[no] remark
User description of an ACL.
Router1#
interface ethernet-0
ipv6 address 2000::45a/64
ipv6 traffic-filter In in
ipv6 traffic-filter Out out
interface ethernet-1
2000::45a/64 ipv6 address 2001::45a/64
Ethernet-0 ipv6 traffic-filter Ext-out out
FW#
interface ethernet0/0
ipv6 address 2001:0001::45a/64
ipv6 traffic-filter dmz-in6 in
interface ethernet0/1
DMZ 2001:0001::45a/64 ipv6 address 2001:0002::45a/64
ipv6 traffic-filter internal-in6 in
ipv6 traffic-filter internal-out6 out
ethernet0/0 interface serial0/0
ipv6 address 2001:0003::45a/64
Internet Serial0/0
ipv6 traffic-filter exterior-in6 in
FW ipv6 traffic-filter exterior-out6 out
2001:0003::45a/64 ethernet0/1
ipv6 access-list vty
deny ipv6 any any log-input
2001:0002::45a/64 Internal line vty 0 4
ipv6 access-class vty in
www.a.com
=*? IPv4
3ffe:b00::1
DNS 10.1.1.1 IPv6
Server
3ffe:b00::1
• In a dual stack case, an application that:
Is IPv4 and IPv6-enabled
Asks the DNS for all types of addresses
Chooses one address and, for example, connects to
the IPv6 address
SANOG V © 2005, Cisco Systems, Inc. All rights reserved. 126
IOS IPv6 DNS Client Support
Router A
Query=www.example.org Type=AAAA DNS
B server
Resp=3ffe:b00:ffff:1::1 Type=AAAA
Done
OR
Non-existent
Query=www.example.org Type=A
Resp=192.168.30.1 Type=A
router#
Dual-Stack ipv6 unicast-routing
Router interface Ethernet0
IPv6 and IPv4 ip address 192.168.99.1 255.255.255.0
Network ipv6 address 2001:410:213:1::1/64
IPv4: 192.168.99.1
IPv6: 2001:410:213:1::1/64
• IPv6-enable router
If IPv4 and IPv6 are configured on one interface, the
router is dual-stacked
Telnet, Ping, Traceroute, SSH, DNS client, TFTP,…
Dual-Stack Dual-Stack
Router1 Router2
IPv6 IPv4 IPv6
Network Network
6to4 6to4
Router1 Router2
IPv6 E0 IPv4 E0 IPv6
Network Network
192.168.99.1 192.168.30.1
Network prefix: Network prefix:
2002:c0a8:6301::/48 2002:c0a8:1e01::/48
= =
router2#
• 6to4 Tunnel: interface Loopback0
ip address 192.168.30.1 255.255.255.0
Is an automatic tunnel method ipv6 address 2002:c0a8:1e01:1::/64 eui-64
Gives a prefix to the attached interface Tunnel0
no ip address
IPv6 network ipv6 unnumbered Ethernet0
tunnel source Loopback0
2002::/16 assigned to 6to4 tunnel mode ipv6ip 6to4
Requires one global IPv4 address ipv6 route 2002::/16 Tunnel0
on each Ingress/Egress site
SANOG V © 2005, Cisco Systems, Inc. All rights reserved. 134
6to4 Relay
6to4 6to4
IPv6
Router1 Relay
IPv4 Internet
IPv6
Network
192.168.99.1 IPv6
Network prefix: Network
IPv6 address:
2002:c0a8:6301::/48
= 2002:c0a8:1e01::1
router1#
interface Loopback0
ip address 192.168.99.1 255.255.255.0 • 6to4 relay:
ipv6 address 2002:c0a8:6301:1::/64 eui-64
interface Tunnel0 Is a gateway to the rest of
no ip address the IPv6 Internet
ipv6 unnumbered Ethernet0
tunnel source Loopback0 Default router
tunnel mode ipv6ip 6to4 Anycast address (RFC 3068) for
ipv6 route 2002::/16 Tunnel0 multiple 6to4 Relay
ipv6 route ::/0 2002:c0a8:1e01::1
• Tunnel broker:
Tunnel information is sent via http-ipv4
SANOG V © 2005, Cisco Systems, Inc. All rights reserved. 136
ISATAP – Intra Site Automatic Tunnel
Addressing Protocol
A 192.168.2.1
IPv6 Network IPv4 Network
ISATAP fe80::5efe:c0a8:0201
192.168.4.1
fe80::5efe:c0a8:0401
3ffe:b00:ffff:5efe:c0a8:0401
1. Potential router list (PRL): 192.168.4.1
2. IPv6 over IPv4 tunnel Src Addr Dest Addr
fe80::5efe:c0a8:0201 fe80::5efe:c0a8:0401
Prefix = 3ffe:b00:ffff::/64
Lifetime, options
A fe80::5efe:c0a8:0201
IPv6 Network IPv4 Network
ISATAP 3ffe:b00:ffff:5efe:c0a8:0201
192.168.4.1 192.168.3.1
fe80::5efe:c0a8:0401 B fe80::5efe:c0a8:0301
3ffe:b00:ffff:5efe:c0a8:0401
3ffe:b00:ffff:5efe:c0a8:0301
A
3ffe:b00:ffff::/64
IPv6 Network
ISATAP
B fe80::/64
• Translation
NAT-PT (RFC 2766 & RFC 3152)
TCP-UDP Relay (RFC 3142)
DSTM (Dual Stack Transition Mechanism)
• API
BIS (Bump-In-the-Stack) (RFC 2767)
BIA (Bump-In-the-API)
• ALG
SOCKS-based Gateway (RFC 3089)
NAT-PT (RFC 2766 & RFC 3152)
• NAT-PT
(Network Address Translation – Protocol
Translation)
RFC 2766 & RFC 3152
• Allows native IPv6 hosts and applications to
communicate with native IPv4 hosts and
applications, and vice versa
• Easy-to-use transition and co-existence
solution
IPv4 IPv6
Interface
NAT-PT Interface
172.16.1.1 2001:0420:1987:0:2E0:B0FF:FE6A:412C
IPv4 IPv6
Interface
NAT-PT Interface
3 4
NAT-PT
DNS v4
Ethernet-2
DNS query
Ethernet-1
DNS query
DNS v6 Host A
• Enabling NAT-PT
[no] ipv6 nat
• Debug commands
debug ipv6 nat
debug ipv6 nat detailed
• TCP translations time out after 24 hours, unless a RST or FIN is seen
on the stream, in which case it times after 1 minute
[no] ipv6 nat translation tcp-timeout <seconds>
[no] ipv6 nat translation finrst-timeout <seconds>
[no] ipv6 nat translation icmp-timeout <seconds>
SANOG V © 2005, Cisco Systems, Inc. All rights reserved. 151
Cisco IOS NAT-PT configuration example
interface ethernet-1
ipv6 address 2001:2::10/64
ipv6 nat
.200 LAN2: 192.168.1.0/24 !
interface ethernet-2
Ethernet-2 ip address 192.168.1.1 255.255.255.0
ipv6 nat prefix 2010::/96
ipv6 nat
!
ipv6 nat v6v4 source 2001:2::1 192.168.2.1
Ethernet-1 ipv6 nat v4v6 source 192.168.1.200 2010::60
NATed prefix 2010::/96 !
LAN1: 2001:2::/64
2001:2::1
DNS
interface ethernet-1
ipv6 address 2001:2::10/64
ipv6 nat
.200 .100 !
interface ethernet-2
Ethernet-2 ip address 192.168.1.1 255.255.255.0
ipv6 nat
ipv6 nat prefix 2010::/96
!
NATed prefix 2010::/96 Ethernet-1 ipv6 nat v4v6 source 192.168.1.100 2010::1
!
ipv6 nat v6v4 source route-map map1 pool v4pool1
ipv6 nat v6v4 pool v4pool1 192.168.2.1 192.168.2.10
prefix-length 24
LAN1: 2001:2::/64 !
route-map map1 permit 10
match interface Ethernet-2
2001:2::1 LAN2: 192.168.1.0/24
Ethernet-2
Router1
Ethernet-1 NATed prefix 2010::/96
LAN1: 2001:2::/64
2001:2::1
LAN1: 2001:2::/64
2001:2::1
• Points of note:
ALG per application carrying IP address
No End to End security
no DNSsec
no IPsec because different address realms
• Conclusion
Easy IPv6 / IPv4 co-existence mechanism
Enable applications to cross the protocol barrier
• OpenSSH
Uses IPv6 transport before IPv4 transport if
IPv6 address available
• Mozilla/Firefox
Supports IPv6, but still hampered by broken
IPv6 nameservers
Early adopter
Registering for an
IPv6 prefix
Testing
Deploying
Production
How long do you need for each phase of an IPv6 deployment project?
• Campus scenario
Enterprise
Upgrade all layer 3 devices
Leased Line, to allow IPv6 hosts
DSL, FTTH deployment anywhere,
similar to IPX/IP environment
• ISP
ENT/SOHO Access technologies may
Residential have IPv4 dependencies, eg.
for User’s management
Dial, DSL,
FTTH, Cable Transparent IPv4-IPv6
access services
Core may not go dual-stack
before sometimes to avoid a
SOHO full network upgrade
Residential IPv4/v6 Servers
DNS, Web, News,…
Dual Stack
2001:0620:: v6 MP-iBGP sessions v6 2001:0420::
IPv4-IPv6 CE
routers
145.95.0.0 v4 v6 2001:0421::
P P Dual Stack
6PE 6PE
IPv4-IPv6
2001:0621:: v6 routers
CE P P
v4 192.254.10.0
6PE 6PE CE
192.76.10.0 v4 CE IPv4
IPv6 MPLS IPv6
Legacy mobile
Alternative signaling
Access Applications & Network
Network Services *)
SCP
CSCF
Multimedia
R-SGW IP Networks
GPRS Mh Ms
Mw
Access CAP
Cx
Mm
HSS *)
Network PS Domain
Gr
CSCF
Mg
Gi Mr Gi
EIR
MRF
IM Domain
Gf
TE MT BSS/GRAN Gb Gc Gi MGCF T-SGW *)
MPLS offers R Um Iu
Mc
A SGSN GGSN
ATM + IP + IPv6 Iu 1
Gn
Gi
Iu
switching TE MT UTRAN
MGW MGW
PSTN/
Legacy/External
R Uu Nb
2
Mc Mc
Iu Nc
MS Circuit MSC server GMSC server T-SGW *)
• Application’s focus
When will the IPv6 traffic be
important enough?
• Requires
Full Network upgrade (software &
potentially hardware)
Native IPv6 Network Management IPv6-Only
Solutions Infrastructure
Enhanced IPv6 services availability
Multicast, QoS, security,…
Transport IPv4 through tunnels
over IPv6
IPv4 traffic requirements?
Phases Benefits
IPv6 Tunnels Low cost, low risk to offer IPv6 services. No
over IPv4 infrastructure change. Has to evolve when many
IPv6 clients get connected
Dedicated Data Natural evolution when connecting many IPv6
Link layers for customers. Require a physical infrastructure to share
Native IPv6 between IPv4 and IPv6 but allow separate operations
MPLS 6PE Low cost, low risk , it requires MPLS and MP-BGP4.
No need to upgrade the Core devices , keep all MPLS
features (TE, IPv4-VPN)
Dual stack Requires a major upgrade. Valid on Campus or Access
networks as IPv6 hosts may be located anywhere
Residential
6Bone
Enterprise
SANOG V © 2005, Cisco Systems, Inc. All rights reserved. 177
Still a lot to do…
• +100 companies
Cisco is a founding member
• www.ipv6forum.com
• Mission is to promote IPv6 not to specify it (IETF)
• Holds and supports the ‘IPv6 summit’ in many
countries around the World
• Available on
ftp://ftp-eng.cisco.com
/pfs/seminars/SANOG5-IPv6-Tutorial.pdf
And on the SANOG5 website
• Feel free to ask questions any time