BRKRST-1301 14444_04_2008_c1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

1

An Introduction to IPv6

BRKRST-1301

BRKRST-1301 14444_04_2008_c1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

2

© 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

1

Why IPv6?

BRKRST-1301 14444_04_2008_c1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

3

A Need for IPv6?
IETF IPv6 WG began in early 90s, to solve addressing growth issues, but
CIDR, NAT,…were developed

IPv4 32 bit address = 4 billion hosts
~40% of the IPv4 address space is still unused which is different from unallocated The rising of Internet connected device and appliance will eventually deplete the IPv4 address space

IP is everywhere
Data, voice, audio and video integration is a reality Regional registries apply a strict allocation control

So, only compelling reason: More IP addresses
BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

4

© 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

2

IP Address Allocation History
The H-D ratio (RFC 3194) is the measure of allocation inefficiency; adjusting the raw numbers from the RIRs to compensate for their historical allocation efficiency of 87% matches the published IANA pool
1981—IPv4 protocol published 1985 ~ 1/16 of total space 1990 ~ 1/8 of total space 1995 ~ 1/3 of total space 2000 ~ 1/2 of total space 2005 ~ 1/4 of total space remaining 2007 ~ 1/5 of total space remaining

256 192 160 128 96 64 32 0

IANA Policy - RIRs Allocated Pool for 12-24 Months Distribution 224 Projections based on Jan 2000 to current

IPv4 Address Pool
Collective RIR Pool Window IANA Pool

RIR TOTAL ARIN

Historic

RIPE APNIC LACNIC AFRINIC

This despite increasingly intense conservation effort

See Article in the Internet Protocol Journal
http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_8-3/ipj_8p _ pj_ pj_ 3.pdf

PPP/DHCP address sharing NAT (network address translation) CIDR (classless inter-domain routing) plus some address reclamation

Theoretical limit of 32-bit space: ~4 billion devices, Practical limit of 32-bit space: ~250 million devices (RFC 3194) U.S. DoC IPv6 RFC http://www.ntia.doc.gov/ntiahome/ntiageneral/ipv6/comme ntsindex.html
BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

5

Why Not NAT
It was created as a temp solution NAT breaks the end-to-end model Growth of NAT has slowed down growth of transparent applications No easy way to maintain states of NAT in case of node failures NAT break security NAT complicates mergers, double NATing is needed for devices to communicate with each other

BRKRST-1301 14444_04_2008_c1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

6

© 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

3

IPv6 Technology

BRKRST-1301 14444_04_2008_c1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

7

IPv4 and IPv6 Header Comparison
IPv4 Header
Version IHL Type of Service Total Length Flags Fragment Offset Version

IPv6 Header
Traffic Class Flow Label

Identification Time to Live Protocol

Header Checksum

Payload Length

Next Header

Hop Limit

Source Address Destination Address Options Padding

Source Address

Legend

Field’s Name Kept from IPv4 to IPv6 Fields Not Kept in IPv6 Name and Position Changed in IPv6 New Field in IPv6

Destination Address

BRKRST-1301 14444_04_2008_c1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

8

© 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

4

Extension Headers Base header Next Header = 0 Extension E t i Header … = 43 Next Header Last Extension Header Next Header = 17 1st IPv6 Base Header (40 octets) 0 or more Extension Headers Data IPv6 Packet Next Header N t H d = 17 Ext Hd L E t Hdr Length th Ext Hdr Data BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. link-specific fragmentation and reassembly must be used Implementations are expected to perform path MTU discovery to send packets bigger than 1280 Minimal implementation can omit PMTU discovery as long as all packets kept ≤ 1280 octets A hop-by-hop option supports transmission of “jumbograms” with up to 232 octets of payload. Cisco Systems.scr 5 . All rights reserved. Inc. All rights reserved. Inc. Presentation_ID. All rights reserved. Inc. payload is normally 216 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Cisco Public 10 MTU Issues Minimum link MTU for IPv6 is 1280 octets (vs. 68 octets for IPv4) => on links with MTU < 1280. Cisco Public 12 © 2006.

Inc.scr 6 . Inc. All rights reserved. All rights reserved. Cisco Public 15 © 2006.IPv6 Addressing BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. All rights reserved. Cisco Systems. Cisco Public 14 IPv6 Addressing BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Presentation_ID.

All rights reserved. Cisco Public 17 Addressing Prefix Representation Representation of prefix is just like CIDR In this representation you attach the prefix length Like v4 address: 198. Inc.0.10.scr 7 . Trailing zeros are not omitted 2001:0db8:0012::/48 = 2001:db8:12::/48 2001:db8:1200::/48 ≠ 2001:db8:12::/48 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Presentation_ID. All rights reserved. All rights reserved. Inc. Cisco Public 18 © 2006. Cisco Systems.0/16 V6 address is represented the same way: 2001:db8:12::/48 Only leading zeros are omitted. Inc.Addressing Format Representation 16-bit hexadecimal numbers Numbers are separated by (:) Hex numbers are not case sensitive Abbreviations are possible Leading zeros in contiguous block could be represented by (::) Example: 2001:0db8:0000:130F:0000:0000:087C:140B 2001:0db8:0:130F::87C:140B Double colon only appears once in the address BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.

Inc. Cisco Systems. Presentation_ID.scr 8 . All rights reserved. Inc. Duplicate Address Detection DAD) BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.1 in IPv4 Identifies self Unspecified address representation 0:0:0:0:0:0:0:0=> :: Used as a placeholder when no address available (Initial DHCP request. Cisco Public 19 IPv6—Addressing Model Addresses are assigned to interfaces Change from IPv4 mode: Interface “expected” to have multiple addresses Addresses have scope Link Local Unique Local Global Global Unique Local Link Local Addresses have lifetime Valid and preferred lifetime BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc.0. All rights reserved. All rights reserved.0.IPv6 Address Representation Loopback address representation 0:0:0:0:0:0:0:1 0:0:0:0:0:0:0:1=> ::1 Same as 127. Cisco Public 20 © 2006.

Cisco Public 23 © 2006. All rights reserved. Inc. Presentation_ID. Inc.scr 9 . Cisco Systems. All rights reserved. Cisco Public 22 Aggregatable Global Unicast Addresses Provider 3 45 Bits Site 16 Bits Host 64 Bits Global Routing Prefix SLA Interface ID 001 Aggregatable Global Unicast Addresses Are: Addresses for generic use of IPv6 Structured as a hierarchy to keep the aggregation BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. One-to-one-of-many delivery to a single interface in the set that is closest No more broadcast addresses BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved. Inc.Types of IPv6 Addresses Unicast Address of a single interface. One-to-many delivery to all interfaces in the set Anycast Address of a set of interfaces. One-to-one delivery to One to one single interface Multicast Address of a set of interfaces.

Cisco Systems. Inc. Cisco Public 24 Link-Local 128 Bits Remaining 54 Bits 1111 1110 10 FE80::/10 Interface ID 10 Bits Link-Local Addresses Used for: Mandatory Address for Communication between two IPv6 device (like ARP but at Layer 3) Automatically assigned by Router as soon as IPv6 is enabled Also used for Next-Hop calculation in Routing Protocols Only Link Specific scope Remaining 54 bits could be Zero or any manual configured value BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc.scr 10 . All rights reserved.Unique-Local 128 Bits Global ID 40 Bits 1111 110 FC00::/7 Subnet ID 16 Bits Interface ID 7 Bits Unique-Local Addresses Used for: Local communications Inter-site VPNs Not routable on the Internet BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Presentation_ID. All rights reserved. Inc. All rights reserved. Cisco Public 25 © 2006.

Presentation_ID.IPv6 Multicast Address IP multicast address has a prefix FF00::/8 (1111 1111). Cisco Public 27 © 2006.org/assignments/ipv6-multicast-addresses BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Cisco Public Some Well Known Multicast Addresses Address FF01::1 FF02::1 FF01::2 FF02::2 FF05::2 FF02::1:FFXX:XXXX Scope Node-Local Node Local Link-Local Node-Local Link-Local Site-Local Link-Local Meaning All Nodes All Nodes All Routers All Routers All Routers Solicited-Node Note that 02 means that this is a permanent address and has link scope More details at http://www. All rights reserved. Inc. Inc. Inc. the second octet defines the lifetime and scope of the multicast address 8-bit 4-bit 4-bit 112-bit 1111 1111 Lifetime 0 1 Lifetime Scope Group-ID Scope If Permanent If Temporary 1 2 5 8 E Node Link Site Organization Global 26 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved. All rights reserved.iana.scr 11 . Cisco Systems.

All rights reserved. Inc. f th replacement of ARP for the l t f ARP. Presentation_ID. All rights reserved.Multicast Mapping over Ethernet IPv6 Multicast Address FF02 0000 0000 0000 0000 0001 FF17 FC0F Corresponding Ethernet Address Multicast Prefix for Ethernet Multicast 33 33 FF 17 FC 0F Mapping of IPv6 multicast address to Ethernet pp g address is: 33:33:<last 32 bits of the IPv6 multicast address> BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.scr 12 . All rights reserved. Cisco Systems. and DAD Used in neighbor solicitation messages Multicast address with a link-local scope Solicited-node multicast consists of prefix + lower 24 bits from unicast. Cisco Public 28 Solicited-Node Multicast Address For each unicast and anycast address configured there is a corresponding solicited-node multicast This is Thi i specially used f t i ll d for two purpose. Inc. FF02::1:FF: BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. Cisco Public 29 © 2006.

number of DAD attempts: 1 ND reachable ti h bl time i 30000 milliseconds is illi d ND advertised reachable time is 0 milliseconds ND advertised retransmit interval is 0 milliseconds ND router advertisements are sent every 200 seconds ND router advertisements live for 1800 seconds Hosts use stateless autoconfig for addresses.Router Interface R1#sh ipv6 int e0 Ethernet0 is up. All rights reserved. line protocol is up IPv6 is enabled. © 2006. All rights reserved. Cisco Public 30 IPv6 Prefix Allocation Hierarchy and Policy Example IANA 2001::/3 AfriNIC ::/12 to::/23 APNIC ::/12 to::/23 ARIN ::/12 to::/23 LACNIC ::/12 to::/23 RIPE NCC ::/12 to::/23 ISP ISP ISP/32 /32 /32 ISP ISP ISP/32 /32 /32 ISP ISP ISP/32 /32 /32 ISP ISP ISP/32 /32 /32 ISP ISP ISP/32 /32 /32 Site Site /48 Site /48 /48 BRKRST-1301 14444_04_2008_c1 Site Site /48 Site /48 /48 Cisco Public Site Site /48 Site /48 /48 Site Site /48 Site /48 /48 Site Site /48 Site /48 /48 33 © 2008 Cisco Systems. All rights reserved. Inc. link-local address is FE80::200:CFF:FE3A:8B18 No global unicast address is configured Joined group address(es): FF02::1 FF02::2 Solicited-Node Multicast Address FF02::1:FF3A:8B18 MTU is 1500 bytes ICMP error messages limited to one every 100 milliseconds ICMP redirects are enabled ND DAD is enabled.scr 13 . Cisco Systems. Inc. Presentation_ID. Inc. R1# BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.

g. Inc. Cisco Public 36 © 2006. Cisco Public 35 IPv6 Interface Identifier Cisco uses the EUI-64 format to do stateless auto-configuration auto configuration This format expands the 48 bit MAC address to 64 bits by inserting FFFE into the middle 16 bits 00 00 90 90 27 FF 00 90 27 FF FE FE 17 FC 0F 27 17 FC 17 0F FC 0F To make sure that the chosen 1 = Unique address is from 000000U0 Where U= 0 = Not Unique a unique Ethernet MAC niq e U=1 address.. Ethernet address) Auto-generated pseudo-random number ( (to address p privacy concerns) y ) Assigned via DHCP Manually configured BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Cisco Systems. Inc. All rights reserved. the universal/ local (“u” bit) is set to 1 02 90 27 FF FE 17 FC 0F for global scope and 0 for local scope BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. or expanded from a 48-bit MAC address (e.) Lowest-Order 64-bit field of unicast address may be assigned in several different ways: Auto-configured from a 64-bit EUI-64. All rights reserved. All rights reserved.IPv6 Address Allocation Process Partition of Allocated IPv6 Address Space (Cont.scr 14 . Inc. Presentation_ID.

Inc. Cisco Public 38 © 2006.ICMPv6 and Neighbor Discovery BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved. All rights reserved.scr 15 . Presentation_ID. Cisco Public 37 ICMPv6 Internet Control Message Protocol version 6 RFC 2463 Modification of ICMP from IPv4 Message types are similar (but different types/codes) Destination unreachable (type 1) Packet too big (type 2) Time exceeded (type 3) Parameter problem (type 4) Echo request/reply (type 128 and 129) BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. All rights reserved. Cisco Systems. Inc.

Router advertisement (ICMPv6 type 134) 3. Presentation_ID. originated from node on link local with hop limit of 255 Consists of IPv6 header.Neighbor Discovery Replaces ARP. All rights reserved. Cisco Public 41 © 2006. Cisco Public 40 Neighbor Discovery Neighbor discovery uses ICMPv6 messages. All rights reserved. All rights reserved. auto configuration of addresses Duplicate Address Detection (DAD) BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. router discovery) Reachability of neighbors Hosts use it to discover routers. and neighbor discovery options Five neighbor discovery messages 1. ICMP (redirects. Inc.scr 16 . Neighbor solicitation (ICMPv6 type 135) 4. Redirect (ICMPV6 type 137) BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. ICMPv6 header. Neighbor advertisement (ICMPv6 type 136) 5. neighbor discovery header. Router solicitation (ICMPv6 type 133) 2. Cisco Systems.

All rights reserved.scr 17 . Cisco Public 43 © 2006.Router Solicitation and Advertisement 1. 2 RA 1—ICMP Type = 133 (RS) Src = link-local address (FE80::1/10) Dst = all-routers multicast address (FF02::2) Query = please send RA 2—ICMP Type = 134 (RA) Src = link-local address (FE80::2/10) Dst = all-nodes multicast address (FF02::1) Data = options. All rights reserved. Inc. Inc. Cisco Systems. subnet prefix. autoconfig flag Router solicitations (RS) are sent by booting nodes to request RAs for configuring the interfaces Routers send periodic Router Advertisements (RA) to the all-nodes multicast address BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Presentation_ID. All rights reserved. lifetime. 1 RS 2. Inc. Cisco Public 42 Neighbor Solicitation and Advertisement A B Neighbor Solicitation ICMP type = 135 Src = A Dst = Solicited-node multicast of B Data = link-layer address of A Query = what is your link address? Neighbor Advertisement ICMP type = 136 Src = B Dst = A Data = link-layer address of B A and B can now exchange packets on this link BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.

Cisco Systems. Cisco Public 44 Contents of NA L3 Source: IPv6 Link-Local Address of source L3 Destination: IPv6 Link-Local Address of destination Link-Layer address requested In the NS message BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc.Contents of NS L2 Destination: L2 multicast address corresponding to target IPv6 Solicited Node Address L3 Source: IPv6 Link-Local Address of source L3 Destination: Solicited Node Address corresponding to target IPv6 address of destination IPv6 Link-Local Address of destination BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Cisco Public 45 © 2006. Inc. All rights reserved. All rights reserved.scr 18 . Inc. Presentation_ID. All rights reserved.

Cisco Public 47 © 2006. Inc. All rights reserved. Cisco Systems. Inc.scr 19 . Host B BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Cisco Public 46 Multicast Neighbor Advertisement (Response) Ethernet Header • Destination MAC is 33-33-00-00-00-01 IPv6 Header IP 6 H d • Source Address is FE80::2:260:8FF:FE52:F9D8 • Destination Address is FF02::1 • Hop limit is 255 Neighbor Advertisement Header • Target Address is FE80::2:260:8FF:FE52:F9D8 Neighbor Discovery Option • Target Link-Layer Address is 00-60-08-52-F9-D8 Host A Tentative IP: FE80::2:260:8FF:FE52:F9D8 Neighbor Ad ti N i hb Advertisement t MAC: 00-60-08-52-F9-D8 IP: FE80::2:260:8FF:FE52:F9D8 Host B BRKRST-1301 14444_04_2008_c1 Send multicast Neighbor Advertisement © 2008 Cisco Systems. Inc.Multicast Neighbor Solicitation— For Duplicate Address Detection (DAD) Ethernet Header 33-33-FF-52-F9-D8 • Dest MAC is 33 33 FF 52 F9 D8 IPv6 Header • Source Address is :: • Destination Address is FF02::1:FF52:F9D8 • Hop limit is 255 Neighbor Solicitation Header • Target Address is FE80::2:260:8FF:FE52:F9D8 Host A Tentative IP: FE80::2:260:8FF:FE52:F9D8 Send multicast Neighbor Solicitation Neighbor Solicitation Host A uses DAD to verify the existence of a duplicate address before assigning the address to its interface. All rights reserved. All rights reserved. Presentation_ID.

Inc. Cisco Public 49 © 2006. Inc. …) Larger Address Space Enables: The use of link-layer addresses inside the address space Autoconfiguration with “no collisions” Offers “plug and play” BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. All rights reserved. All rights reserved. Presentation_ID. Cisco Public 48 Autoconfiguration Mac Address: 00:2c:04:00:FE:56 Host Autoconfigured Address Is: Prefix Received + Link-Layer Address Sends Network-Type Information (Prefix.Redirect A B R2 R1 Src = A Dst IP = 2001:db8:C18:2::1 Dst Ethernet = R2 (default router) Redirect: Src = R2 Dst = A Data = good router = R1 2001:db8:C18:2::/64 Redirect is used by a router to signal the reroute of a packet to a better router BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Default Route. All rights reserved.scr 20 . Cisco Systems.

) Router Configuration after Renumbering: interface Ethernet0 ipv6 nd prefix 2001:db8:c18:1::/64 43200 0 ipv6 nd prefix 2001:db8:c18:2::/64 43200 43200 or: interface Ethernet0 ipv6 nd prefix 2001:db8:c18:1::/64 at Jul 31 2008 23:59 Jul 20 2008 23:59 ipv6 nd prefix 2001:db8:c18:2::/64 43200 43200 New Network Prefix: 2001:db8:c18:2::/64 Deprecated Prefix: 2001:db8:c18:1::/64 Router Advertisements Host Configuration: Autoconfiguring IPv6 Hosts BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Cisco Public 50 Renumbering (Cont.Renumbering Mac Address: 00:2c:04:00:FE:56 Host Autoconfigured Address Is: New Prefix Received + Link-Layer Address Sends New Network-Type Information (Prefix. All rights reserved.scr 21 . Inc. with normal lifetimes Larger Address Space Enables: Renumbering. Inc. Inc. All rights reserved. Default Route. with short lifetimes lif ti New prefix (to be used). Cisco Systems. deprecated address 2001:db8:c18:1:260:8ff:fede:8fbe preferred address 2001:db8:c18:2:260:8ff:fede:8fbe Cisco Public 51 © 2006. Presentation_ID. All rights reserved. …) Data = Two prefixes: Current prefix (to be deprecated). using autoconfiguration and multiple addresses BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.

All rights reserved. Cisco Systems. Presentation_ID. Inc. Inc. All rights reserved. Cisco Public 53 © 2006. All rights reserved.scr 22 . Inc. Cisco Public 52 DNS Basics DNS is a database managing Resource Records (RR) Stockage of RR from various types—IPV4 and IPV6: Start of Authority (SoA) Name Server Address—A and AAAA Pointer—PTR DNS is an IP application It uses either UDP or TCP on top of IPv4 or IPv6 References RFC3596: DNS Extensions to Support IP Version 6 RFC3363: Representing Internet Protocol Version 6 Addresses in Domain Name system (DNS) RFC3364: Tradeoffs in Domain Name System (DNS) Support for Internet Protocol version 6 (IPv6) BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.DHCP and DNS for IPv6 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.

0. then examines router advertisements to determine if DHCP can be used If no router found or if DHCP can be used.0.arpa.0.in-addr.0.b.0. Link-local scope) FF05::1:3 = All DHCP Servers (Site-local scope) DHCP Messages: Clients listen UDP port 546.c.0.0.0. All rights reserved.scr 23 .1.test AAAA 2001:db8:C18:1::2 IP address to hostname PTR record: 1. then DHCP Solicit message is sent to the All-DHCP-Agents multicast address Using the link-local address as the source address link local Multicast addresses used: FF02::1:2 = All DHCP Agents (servers or relays.0.abc.0. 8.0. Cisco Public 54 DHCPv6 Updated version of DHCP for IPv4 Supports new addressing Can be used for renumbering DHCP Process is same as in IPv4.ip6.test. but.abc.0. PTR record: 2.d.1.IPv6 and DNS IPv4 IPv6 Hostname to IP address A record: www.2.1.0.0. Client first detect the presence of routers on the link If found. BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Presentation_ID.0.0.1 AAAA record: www.0.168.0.abc.0.abc.30. All rights reserved.test.0. Inc.30. A 192.0. Inc.0. Inc.8. All rights reserved. Cisco Systems. PTR www.192.test.arpa PTR www. Cisco Public 55 © 2006. servers and relay agents listen on UDP port 547 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.168.

DHCPv6 exchange for all other configuration settings settings.scr 24 . All rights reserved. Inc. then sends DHCPv6 SOLICIT BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Router Advertisement (RA) sent.Managing DHCPv6 via Router Advertisement (Stateful Autoconfig) RAs Can Be Used to Control DHCPv6 Client Behavior 1. Client autoconfigures address based on prefix option in RA. All rights reserved. Inc. Presentation_ID. Inc. Cisco Public 57 © 2006. Cisco Systems. Cisco Public 56 Stateless DHCPv6 Stateless DHCPv6 normally combines stateless autoconfiguration for address assignment. containing link prefix. Client sends DHCPv6 SOLICIT BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Router Advertisement (RA) sent with “Use Stateful Autoconfiguration Flag” = ON DHCPv6-Serv-1 Core Router DHCPv6-Relay-3 DHCPv6-Relay-1 DHCPv6-Client-1 2. also with “Other configuration flag” = ON DHCPv6-Serv-1 Core Router DHCPv6-Relay-3 DHCPv6-Relay-1 DHCPv6-Client-1 2. 1. All rights reserved.

RADIUS Responds with User’s Prefix(es) 2.Router Advertisement PE ISP ISP Provisioning System E1 DHCP Client CPE E0 DHCP Server Host Source of RA PE CPE Router User of RA CPE E1 Host A Bit A 0 1 M/O Bits M/O 11 01 Operation Don’t Do Stateless Address Assignment Do Stateless Address Assignment Operation Use Dhcpv6 for Address + Other Config. Inc. and Sends an RA. CPE Sends a DHCP REPLY Containing Request Options CPE E0 DHCP Server Host 6. Cisco Public 58 Prefix/Options Assignment PE ISP ISP Provisioning System E1 DHCP Client 1. Host Autonomously Configures Its Own Link-Local Address BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. PE Sends DHCP REPLY with Prefix Delegation Options 5. Inc. Host Configures Addresses Based on the Prefixes Received in the RA. All rights reserved. Cisco Public DHCP ND/DHCP 59 © 2006. CPE Sends DHCP Solicit with ORO = PD 3.e. (i. Inc. All rights reserved.. O-bit Is Set to On 7. It Sends a DHCP Information-request Message. As the O-bit Is on. 5 CPE Configures Addresses from The Prefix on Its Downstream Interfaces. PE Sends RADIUS Request for the User 4. Presentation_ID. (i. Cisco Systems.scr 25 . with an ORO = DNS AAA BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.e. Stateful Dhcpv6) Use Dhcpv6 for Other Config Config. All rights reserved. Stateless Dhcpv6) Stateless (RFC2462) RS Are Sent by Booting Nodes to Request RAs for Configuring the Interfaces..

255. Cisco Public 61 IOS IPv6 Addressing Examples (1) Manual Interface Identifier Fast0/0 ipv6 unicast-routing ! interface FastEthernet0/0 ip address 10.255. Inc. All rights reserved. All rights reserved.1. All rights reserved.0 ip pim sparse-mode duplex auto d l speed auto ipv6 address 2006:1::1/64 ipv6 enable ipv6 nd ra-interval 30 ipv6 nd prefix 2006:1::/64 300 300 ! BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.IPv6 Configurations BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. Presentation_ID. Cisco Public 62 © 2006.1 255.151. Inc. Cisco Systems.scr 26 .

505e.1 255. Cisco Public 64 © 2006.255.9460) reachable time is 0 milliseconds ND advertised retransmit interval is 0 milliseconds ND router advertisements are sent every 30 seconds ND router advertisements live for 1800 seconds Hosts use stateless autoconfig for addresses. All rights reserved. Inc. Inc. r1# BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. line protocol is up IPv6 is enabled.505e. line milliseconds Hardware ND advertisedis AmdFE.IOS IPv6 Addressing Examples (1) Manual Interface Identifier r1#sh ipv6 int fast0/0 FastEthernet0/0 is up.505e. Presentation_ID.9460 FF02::1:FF5E:9460 MTU is 1500 bytes ICMP error messages limited to one every 100 milliseconds ICMP redirects are enabled r1#sh int fast0/0 ND DAD is enabled.scr 27 . Inc. Cisco Systems. subnet is 2006:1::/64 Joined group address(es): FF02::1 FF02::2 FF02::1:FF00:1 MAC Address : 0007. address is 0007. All rights reserved.1.255.0 ip pim sparse-mode duplex auto speed auto ipv6 address 2006:1::/64 eui-64 ipv6 enable ipv6 nd ra-interval 30 ipv6 nd prefix 2006:1::/64 300 300 ! BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. number of DAD attempts: 1 FastEthernet0/0 is 30000 protocol is up ND reachable timeis up. Cisco Public 63 IOS IPv6 Addressing Examples (2) EUI-64 Interface Identifier Fast0/0 ipv6 unicast-routing ! interface FastEthernet0/0 ip address 10.9460 (bia 0007.151. link-local address is FE80::207:50FF:FE5E:9460 Global unicast address(es): ( ) 2006:1::1. All rights reserved.

r1# BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. subnet is 2006:1::/64 Joined group address(es): FF02::1 MAC Address : 0007. link-local address is FE80::207:50FF:FE5E:9460 Global unicast address(es): 2006:1::207:50FF:FE5E:9460. All rights reserved.505e. All rights reserved.505e. up. Cisco Public 66 © 2006. Cisco Public 65 IPv6 Routing BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved. line protocol is up IPv6 is enabled.505e.scr 28 . Cisco Systems.9460 (bia 0007.9460) ND reachable is AmdFE. Inc. line protocol is up Hardware time is address is 0007. Inc. Presentation_ID.IOS IPv6 Addressing Examples (2) EUI-64 Interface Identifier r1#sh ipv6 int fast0/0 FastEthernet0/0 is up.9460 FF02::2 FF02::1:FF5E:9460 MTU is 1500 bytes ICMP error messages limited to one every 100 milliseconds r1#sh int fast0/0 ICMP redirects are enabled FastEthernet0/0 ND DAD is enabled is number of DAD attempts: 1 enabled. 30000 milliseconds ND advertised reachable time is 0 milliseconds ND advertised retransmit interval is 0 milliseconds ND router advertisements are sent every 30 seconds ND router advertisements live for 1800 seconds Hosts use stateless autoconfig for addresses. Inc.

All rights reserved. Inc.Static Routing BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. Presentation_ID.scr 29 . Cisco Public 67 Static Routing ipv6 route ipv6-prefix/prefix-length {ipv6-address | interface-type interface-number [ipv6-address]} [administrative-distance] [administrative-multicast-distance | unicast | multicast] [tag tag] Examples: Forward packets for network 2001:DB8::/32 through 2001:DB8:1:1::1 with an administrative distance of 10 Router(config)# ipv6 route 2001:DB8::/32 2001:DB8:1:1::1 10 Default route to 2001:DB8:1:1::1 Router(config)# ipv6 route ::/0 2001:DB8:1:1::1 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Cisco Systems. All rights reserved. All rights reserved. Cisco Public 68 © 2006. Inc.

Cisco Systems. Inc. Inc. Metric will have 0xFF. NH must be link local BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Presentation_ID. split-horizon.RIPng (RFC 2080) BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.scr 30 . All rights reserved. All rights reserved. UDP port (521) etc. multicast based (FF02::9). All rights reserved. hop limit of 15. Cisco Public 70 © 2006. Updated features f IP 6 U d t df t for IPv6 IPv6 prefix & prefix len Special Handling for the NH Route tag and prefix len for NH is all 0. Inc. Cisco Public 69 Enhanced Routing Protocol Support RIPng Overview RFC 2080 command version must be zero Route Tag IPv6 IP 6 prefix fi command version must be zero Address Family Identifier IPv4 Address Subnet Mask Next Hop Metric route tag prefix len metric Similar characteristics as IPv4 Distance-vector.

All rights reserved. version=1. Cisco Public Link-Local src Address 71 Access-List BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. All rights reserved. dport=521. Inc. mbz=0. Inc.scr 31 . metric=1. All rights reserved. Presentation_ID. prefix=::/0 Multicast All RIP-Routers BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. #rte=1 tag=0. Cisco Public 72 © 2006.Enhanced Routing Protocol Support RIPng Configuration and Display ::/0 Router 2 Ethernet0 = 2001:db8:c18:1:260:3eff:fe47:1530 LAN1: 2001:db8:c18:1::/64 Ethernet0 Router 1 Ethernet1 LAN2: 2001:db8:c18:2::/64 Router2# ipv6 router rip RT0 interface Ethernet0 ipv6 address 2001:db8:c18:1::/64 eui-64 ipv6 rip RT0 enable ipv6 rip RT0 default-information originate Router1# oute # ipv6 router rip RT0 interface Ethernet0 ipv6 address 2001:db8:c18:1::/64 eui-64 ipv6 rip RT0 enable Interface Ethernet1 ipv6 address 2001:db8:c18:2::/64 eui-64 ipv6 rip RT0 enable Router2# debug ipv6 rip oute # p 6 p RIPng: Sending multicast update on Ethernet0 for RT0 src=FE80::260:3eff:fe47:1530 dst=FF02::9 (Ethernet0) sport=521. length=32 command=2. Cisco Systems.

Cisco IOS Standard Access Lists When Used for Traffic Filtering. All rights reserved. Cisco Systems.scr 32 . Presentation_ID. Inc. Cisco Public 73 IPv6 Access-List Example Filtering outgoing traffic from unique-local source addresses 2001:0db8:c18:2::/64 fc00:0:0:2::/64 ipv6 access-list blocksite deny fc00:0:0:2::/64 any ipv6 access-list blocksite permit any any interface Ethernet0 ipv6 traffic-filter blocksite out IPv6 Internet Ethernet0 Global prefix: 2001:0db8:c18:2::/64 Unique-local prefix: fc00:0:0:2::/64 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. All rights reserved. All rights reserved. Cisco Public 74 © 2006. Inc. IPv6 Standard Access Control Lists (ACL) Offers the Following Functions: Can filter traffic based on source and destination address Can filter traffic inbound or outbound on a specific interface Can add priority to the ACL Implicit “deny all” at the end of access list BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.

to avoid order dependencies when upgrading hosts.Deployment BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. basically falling into three categories: 1. All rights reserved.scr 33 . Inc. Tunneling techniques. Cisco Public 76 © 2006. Inc. Dual-stack techniques. to allow IPv4 and IPv6 to co-exist in the same devices and networks 2. Presentation_ID. Cisco Public 75 IPv4-IPv6 Transition/Coexistence A wide range of techniques have been identified and implemented. routers. Inc. Cisco Systems. to allow IPv6-only devices to communicate with IPv4-only devices Expect all of these to be used. in combination BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved. or regions 3. Translation techniques. All rights reserved.

scr 34 . Cisco Public 77 Cisco IOS Dual Stack Configuration router# ipv6 unicast-routing Dual Stack Dual-Stack Router IPv6 and IPv4 Network IPv4: 192. Inc.1 interface Ethernet0 ip address 192. TFTP. the router is dual-stacked Telnet.168.168. Traceroute.Dual Stack Approach Application IPv6-Enable Application TCP UDP TCP UDP Preferred Method on Application’s Servers Frame Protocol ID IPv4 IPv6 IPv4 IPv6 0x0800 0x86dd 0x0800 0x86dd Data Link (Ethernet) Data Link (Ethernet) Dual Stack Node Means: Both IPv4 and IPv6 stacks enabled Applications can talk to both Choice of the IP version is based on name lookup and application preference BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.99. Inc.0 ipv6 address 2001:db8:213:1::/64 eui-64 IPv6: 2001:db8:213:1::/64 eui-64 Cisco IOS® Is IPv6-Enable: If IPv4 and IPv6 are configured on one interface. All rights reserved. SSH. Presentation_ID. Ping. All rights reserved. DNS client. BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc.255. etc.99.255. All rights reserved.1 255. Cisco Public 79 © 2006. Cisco Systems.

Cisco Systems. All rights reserved. Inc. Inc. IP Native IP over data link layers ATM PVC. ISATAP BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved. compatible IPv6 address.Tunneling BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Sonet/SDH. g p 6to4. MPLS. Ethernet Some new techniques Automatic tunnels using IPv4 . Inc.scr 35 . Frame Relay PVC. Cisco Public 80 Tunneling Many Ways to Do Tunneling Some ideas same as before GRE. All rights reserved. Presentation_ID. Cisco Public 81 © 2006. Serial. dWDM Lambda.

Manually Configured GRE Tunnel Dual-Stack Router1 IPv6 Network Dual-Stack Router2 IPv6 Network IPv4: 192. Presentation_ID.168.30.scr 36 .168.30. All rights reserved.99.168.1 tunnel destination 192. All rights reserved.30.99.168.168.1 tunnel mode ipv6ip router2# interface Tunnel0 ipv6 enable ipv6 address 2001:db8:c18:1::2/127 tunnel source 192. Cisco Public 82 Manually Configured IPv6 over IPv4 Tunnel Dual-Stack Router1 IPv6 network IPv4 IP 4 Dual-Stack Router2 IPv6 network IPv4: 192.99.1 tunnel mode ipv6ip BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.1 tunnel mode gre ipv6 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. Inc.168.30.30.1 IPv6: 2001:db8:800:1::2 IPv4 IP 4 IPv4: 192.99.168.1 tunnel mode gre ipv6 router2# interface Tunnel0 ipv6 enable ipv6 address 2001:db8:c18:1::2/128 tunnel source 192.1 IPv6: 2001:db8:800:1::3 IPv4: 192.168.1 tunnel destination 192.1 IPv6: 2001:db8:800:1::3 router1# interface Tunnel0 ipv6 enable ipv6 address 2001:db8:c18:1::3/128 tunnel source 192.168.1 tunnel destination 192.99.168. All rights reserved.168. Cisco Systems.168.99.30.1 tunnel destination 192.1 IPv6: 2001:db8:800:1::2 router1# interface Tunnel0 ipv6 enable ipv6 address 2001:db8:c18:1::3/127 tunnel source 192. Cisco Public 83 © 2006. Inc.

Inc. Inc. they are multipoint tunnels IPv4 is embedded in the IPv6 address is used to find the other end of the tunnel Address format is 2002:IPv4 address:: BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Cisco Public 84 Automatic 6to4 Tunnels Automatic 6to4 tunnel allows isolated IPv6 domains to connect over an IPv4 network Unlike the manual 6to4 the tunnels are not point-topoint. Cisco Systems. All rights reserved. All rights reserved. Inc.scr 37 .6to4 Tunneling BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Presentation_ID. All rights reserved. Cisco Public 85 © 2006.

1 2002:c0a8:1e01::2 Tunnel: IPv6 in IPv4 Packet IPv4 Header IPv6 Header IPv6 Data S(v4)=192. Presentation_ID.1 S(v6)=2002:c0a8:6301::1 D(v6)=2002:c0a8:1e01::2 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.30.168. Inc.99. All rights reserved.168. Inc. Cisco Systems. Public IPv4 Address /48 SLA /64 Interface ID Cisco Public 86 Automatic 6to4 Tunnel (RFC 3056) S=2002:c0a8:6301::1 D=2002:c0a8:1e01::2 IPv6 H d IP 6 Header IPv6 Host A IPv6 D t IP 6 Data 6to4 Router IPv4 S=2002:c0a8:6301::1 D=2002:c0a8:1e01::2 IPv6 H d IP 6 Header 6to4 Router IPv6 D t IP 6 Data IPv6 Host B IPv6 Network 2002:c0a88:6301::1 192.99.1 6to4 Router IPv4 192.30.99.1 D(v4)=192.1 Network Prefix: 2002:c0a8:1e01::/48 6to4 Router IPv6 IP 6 Network IPv6 Host B 6to4: Is an automatic tunnel method Gives a prefix to the attached IPv6 network 2002 /16 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.1 IPv6 Network 192. Cisco Public 87 © 2006.168.scr 38 .168. Inc. All rights reserved.Automatic 6to4 Tunnel (RFC 3056) IPv6 Host A IPv6 IP 6 Network Network Prefix: 2002:c0a8:6301::/48 = = 192. All rights reserved.168.30.168.

255. All rights reserved. Cisco Public 88 Automatic 6to4 Relay IPv6 Internet 6to4 Router1 IPv6 Network 6to4 Relay IPv6 Site Network IPv4 Network Prefix: 2002:c0a8:6301::/48 192.168. Cisco Systems.255.168.168.168.0 interface Tunnel0 ipv6 unnumbered Ethernet0 tunnel source Ethernet1 tunnel mode ipv6ip 6to4 ipv6 route 2002::/16 Tunnel0 E0 IPv4 6to4 Router2 E0 IPv6 Network Network Prefix: 192.1 255.99.1 192.30.99.1 255. Presentation_ID.scr 39 . All rights reserved.0.0 interface Tunnel0 ipv6 unnumbered Ethernet0 tunnel source Ethernet1 tunnel mode ipv6ip 6to4 ipv6 route 2002::/16 Tunnel0 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.Automatic 6to4 Configuration 6to4 Router1 IPv6 Network Network Prefix: 2002:c0a8:6301::/48 = router1# interface Ethernet0 ipv6 address 2002:c0a8:6301:1::/64 eui-64 Interface Ethernet1 ip address 192. Cisco Public 90 © 2006. Inc.30. Inc.1 2002:c0a8:1e01::/48 = router2# interface Ethernet0 ipv6 address 2002:c0a8:1e01:1::/64 eui-64 Interface Ethernet1 ip address 192.1 192.99. Inc.168.0.1 Network Prefix: 2002:c0a8:1e01::/48 = = 6to4 Relay: Is a gateway to the rest of the IPv6 Internet Is a default router BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved.30.168.

Presentation_ID.168.255. All rights reserved. Inc. All rights reserved.0.Automatic 6to4 Relay Configuration 6to4 Router1 IPv6 Network E0 IPv4 6to4 Relay IPv6 Internet IPv6 Network 192.1 255.168.scr 40 . Cisco Public 92 © 2006.1 Network Prefix: 2002:c0a8:6301::/48 = router1# interface Ethernet0 ipv6 address 2002:c0a8:6301:1::/64 eui-64 Interface Ethernet1 ip address 192. Cisco Public 91 Automatic 6to4 Tunnels Requirements for 6to4 Border router must be dual stack with a global IPv4 address Interior routing protocol for IPv6 is required DNS for IPv6 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved. Inc.99.0 interface Tunnel0 no ip address ipv6 unnumbered Ethernet0 tunnel source Ethernet1 tunnel mode ipv6ip 6to4 ipv6 route 2002::/16 Tunnel0 ipv6 route ::/0 2002:c0a8:1e01::1 BRKRST-1301 14444_04_2008_c1 IPv6 Address: 2002:c0a8:1e01::1 © 2008 Cisco Systems. Cisco Systems. Inc.99.

ISATAP Tunneling BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. Cisco Public 93 Intrasite Automatic Tunnel Address Protocol RFC 4214 To deploy a router is identified that carries ISATAP services ISATAP routers need to have at least one IPv4 interface and 0 or more IPv6 interface DNS entries are created for each of the ISATAP routers IPv4 addresses Hosts will automatically discover ISATAP routers and can get access to global IPv6 network Host can apply the ISATAP service before all this operation but its interface will only have a link local v6 address until the first router appears BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. All rights reserved. Cisco Public 95 © 2006.scr 41 . Inc. All rights reserved. Presentation_ID. Cisco Systems. All rights reserved.

1.1.1 Use Static Config if DNS use is not desired: C:\>netsh interface ipv6 isatap set router 10.2. Cisco Public 97 © 2006.1. All rights reserved. Cisco Public 96 IPv6 Campus ISATAP Configuration Supported in Windows XP Pro SP1 and others ISATAP connections look like one flat network Create DNS “A” record for “ISATAP” = 10.scr 42 . Inc. Presentation_ID. All rights reserved. Inc. All rights reserved.1 Currently ISATAP does not support multicast!! ISATAP Address Format: 64-bit Unicast Prefix 0000:5EFE: 32-bit Interface ID IPv4 Address 32-bit 2001:DB8:C003:111F:0:5EFE:10. Cisco Systems.1. Inc.Intrasite Automatic Tunnel Address Protocol Use IANA’s OUI 00-00-5E and Encode IPv4 Address as Part of EUI-64 64-bit Unicast Prefix 0000:5EFE: 32-bit IPv4 Address 32-bit Interface Identifier (64 bits) ISATAP is used to tunnel IPv4 within as administrative domain (a site) to create a virtual IPv6 network over a IPv4 network Supported in Windows XP Pro SP1 and others BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.1.100 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.

1.1.1. Inc.123.20. All rights reserved.31. Cisco Public 99 © 2006. Presentation_ID.1.scr 43 .123.Client Configuration (Linux): ISATAP Tunnels Linux Client L3 Switch IPv6 L3 IPv6 Not Supported Switch/Router IPv6-enabled Requires Kernel support q pp for ISATAP—USAGI Modified IProute package—USAGI Must configure ISATAP router—not automatic 10.200 IPv4 Destination: 206.100 IPv6 Source: fe80::5efe:ce7b:1fc8 IPv6 Destination: fe80::5efe:ce7b:1464 ISATAP Prefix: 2001:db8:ffff :2::/64 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.100—IPv6 address Host IP Router IP # ip tunnel add is0 mode isatap 10.20.100—Client IPv4 address 2001:DB8:C003:111f:0:5efe:10. Inc.123.200 IPv6 Source: fe80::5efe:ce7b:1464 IPv6 Destination: fe80::5efe:ce7b:1fc8 6 es a o e80 5e e ce b c8 Send me ISATAP Prefix ICMPv6 Type 134 (RA) IPv4 Source: 206.1.1. All rights reserved. Inc.1 ttl 64 # ip link set is0 up BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved.1.1.100 v4any 30. Cisco Systems.31.100 IPv4 Destination: 206.123. Cisco Public 98 Automatic Advertisement of ISATAP Prefix ISATAP Host A IPv4 Network ISATAP Tunnel ISATAP Router 1 E0 IPv6 Network ICMPv6 Type 133 (RS) IPv4 Source: 206.

Automatic Address Assignment of Host and Router ISATAP Host A IPv4 Network ISATAP Tunnel 206.123.31. BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved. Cisco Public 101 © 2006.200 fe80::5efe:ce7b:1fc8 2001:db8:ffff:2::5efe:ce7b:1fc8 The tunnel source command must point to an interface with an IPv4 address configured Configure the ISATAP IPv6 address. All rights reserved.123. Cisco Public 100 Automatic Configuring ISATAP ISATAP Host A IPv4 Network ISATAP Tunnel 206.100 fe80::5efe:ce7b:1464 2001:db8:ffff:2::5efe:ce7b:1464 ISATAP Router 1 E0 IPv6 Network 206. The IPv4 packets of the IPv6 encapsulated packets use IPv4 source and destination address.scr 44 . ISATAP host A encapsulates IPv6 packets in IPv4. and prefixes t b advertised j t as d fi to be d ti d just you would with a native IPv6 interface The IPv6 address has to be configured as an EUI-64 address since the last 32 bits in the interface identifier is used as the IPv4 destination address BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.20. All rights reserved.31.200 fe80::5efe:ce7b:1fc8 2001:db8:ffff:2::5efe:ce7b:1fc8 ISATAP host A receives the ISATAP prefix 2001:db8:ffff:2::/64 from ISATAP Router 1 When ISATAP host A wants to send IPv6 packets to 2001:db8:ffff:2::5efe:ce7b:1fc8.20.100 fe80::5efe:ce7b:1464 2001:db8:ffff:2::5efe:ce7b:1464 ISATAP-router1# ! interface Ethernet0 ip address 206. Cisco Systems. Inc. Inc.123.255. Inc.255.0 ! interface Tunnel0 ipv6 address 2001:db8:ffff:2::/64 eui-64 no ipv6 nd suppress-ra tunnel source Ethernet0 tunnel mode ipv6ip isatap ISATAP Router 1 E0 IPv6 Network 206.123.31.123. Presentation_ID.200 255.

Inc. Inc. content switching modules) NAT-PT (Network Address Translation–Protocol Translation) as an option to front-end IPv4-only server—Note: NAT-PT IS being moved to experimental Place NAT-PT box as close to IPv4 only server as possible Be very aware of performance and manageability issues BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.e. Presentation_ID. Cisco Systems. All rights reserved.scr 45 . Cisco Public 104 © 2006. Inc. All rights reserved. All rights reserved.. Cisco Public 103 Legacy Services (IPv4 Only) NAT–PT IPv6-Only Segment IPv6-only Host IPv4-Only Segment S t Legacy IPv4 Server IPv6-Enabled Network IPv6 Server Many of the non-routing/switching products do not yet support IPv6 (i.Translation BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.

Cisco Systems.168.1.10 Dst: 192. Inc.10 2 Src: 192. Inc.3(14)T DNS interface F tEth i t f FastEthernet0/0 t0/0 ipv6 address 2001:DB8:C003:1::1/64 ipv6 cef ipv6 nat ! interface FastEthernet0/1 ip address 192.168.10 192.10 3 Src: 192.168. © 2006. All rights reserved.100 F0/1 NAT Prefix 2010::/96 F0/0 2001:DB8:C003:1::/64 2001:DB8:C003:1::10 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.0/24 .1.scr 46 .10 Dst: 192.10 2010::10 ! ipv6 nat v6v4 source route-map MAP1 pool V4POOL ipv6 nat v6v4 pool V4POOL 192.1 255.168.168.255. Cisco Public NAT-PT Packet Flow IPv4 Interface DNS 192.1.2.2. Inc.10 Cisco Public NAT-PT IPv6 Interface IPv6 Host 2001:DB8:C003:1::10 1 Src: 2001:DB8:C003:1::10 Dst: 2010::10 4 Src: 2010::10 Dst: 2001:DB8:C003:1::10 106 Dynamic Static BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.1.1.Configuring Cisco IOS NAT-PT NAT-PT enables communication between IPv6-only and IPv4-only nodes CEF switching in 12.10 prefix-length 24 ! route-map MAP1 permit 10 match interface FastEthernet0/0 105 . All rights reserved.168. All rights reserved.0 ipv6 nat prefix 2010::/96 ipv6 nat ! ipv6 nat v4v6 source 192. Presentation_ID.2.168.168.2.100 2010::100 ipv6 nat v4v6 source 192.1.255.168.1 192.1.168.168.

Inc. All rights reserved. Presentation_ID. test and then test some more! Integration can be done per Application (Dual Stack or Tunneled) Microsoft Vista and Longhorn have IPv6 enabled by default and preferred over IPv4 Things to consider: Don’t assume your favorite vendor/app/gear has an IPv6 plan Full parity between IPv4 and IPv6 is still a ways off Watch the standards and policies: http://www.html Enterprise and SP Deployment Scenarios: ISP IPv6 Deployment Scenarios in Broadband Access Networks (RFC 4779) Scenarios and Analysis for Introducing IPv6 into ISP Networks (RFC 4029) IPv6 Enterprise Network Scenarios (RFC 4057) Procedures for Renumbering an IPv6 Network without a Flag Day (RFC 4192) BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.arin.org and http://www. All rights reserved.ietf.scr 47 . Cisco Systems. Cisco Public 108 © 2006.net/policy/proposals/2006_4. All rights reserved. Inc. Cisco Public 107 Q and A BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.Conclusion IPv6 is real! Start now rather than later Purchase f th f t P h for the future Start moving legacy application towards IPv6 support Test. Inc.

html Cisco IOS IPv6 Product Manager pgrosset@cisco.com/en/US/products/sw/iosswrel/products_abc_ios_overview. Presentation_ID. All rights reserved.pdf ICMPv6 Packet Types and Codes TechNote http://www. All rights reserved.com/warp/customer/732/Tech/ipv6/elearning/ IPv6 Access Services http://www. All rights reserved. Cisco Public 109 Recommended Reading Continue your Cisco Live learning experience with further reading from Cisco Press Check the Recommended Reading flyer for suggested books Available Onsite at the Cisco Company Store BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.html IPv6 e-Learning [requires CCO username/password] http://www.com/warp/public/732/Tech/ipv6/docs/ipv6_access_wp_v2.cisco. Cisco Systems.More Information CCO IPv6 http://www.cisco.com BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. Inc.cisco.com/warp/customer/105/icmpv6codes. Cisco Public 110 © 2006.cisco.com/ipv6 The ABC of IPv6 http://www.cisco.scr 48 . Inc.

scr 49 .cisco-live. Complete your session evaluation online now (open a browser through our wireless network to access our portal) or visit one of the Internet stations throughout the Convention Center. Presentation_ID. Inc. Receive 20 Passport points for each session evaluation you complete. Inc. Don’t forget to activate your Cisco Live virtual account for access to all session material on-demand and return for our live virtual event in October 2008. BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Go to the Collaboration Zone in World of Solutions or visit www. Winners announced daily. Inc. Cisco Public 112 © 2006. Cisco Public 111 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Cisco Systems.com. All rights reserved. All rights reserved.Complete Your Online Session Evaluation Give us your feedback and you could win fabulous prizes. All rights reserved.

Sign up to vote on this title
UsefulNot useful