BRKRST-1301 14444_04_2008_c1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

1

An Introduction to IPv6

BRKRST-1301

BRKRST-1301 14444_04_2008_c1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

2

© 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

1

Why IPv6?

BRKRST-1301 14444_04_2008_c1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

3

A Need for IPv6?
IETF IPv6 WG began in early 90s, to solve addressing growth issues, but
CIDR, NAT,…were developed

IPv4 32 bit address = 4 billion hosts
~40% of the IPv4 address space is still unused which is different from unallocated The rising of Internet connected device and appliance will eventually deplete the IPv4 address space

IP is everywhere
Data, voice, audio and video integration is a reality Regional registries apply a strict allocation control

So, only compelling reason: More IP addresses
BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

4

© 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

2

IP Address Allocation History
The H-D ratio (RFC 3194) is the measure of allocation inefficiency; adjusting the raw numbers from the RIRs to compensate for their historical allocation efficiency of 87% matches the published IANA pool
1981—IPv4 protocol published 1985 ~ 1/16 of total space 1990 ~ 1/8 of total space 1995 ~ 1/3 of total space 2000 ~ 1/2 of total space 2005 ~ 1/4 of total space remaining 2007 ~ 1/5 of total space remaining

256 192 160 128 96 64 32 0

IANA Policy - RIRs Allocated Pool for 12-24 Months Distribution 224 Projections based on Jan 2000 to current

IPv4 Address Pool
Collective RIR Pool Window IANA Pool

RIR TOTAL ARIN

Historic

RIPE APNIC LACNIC AFRINIC

This despite increasingly intense conservation effort

See Article in the Internet Protocol Journal
http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_8-3/ipj_8p _ pj_ pj_ 3.pdf

PPP/DHCP address sharing NAT (network address translation) CIDR (classless inter-domain routing) plus some address reclamation

Theoretical limit of 32-bit space: ~4 billion devices, Practical limit of 32-bit space: ~250 million devices (RFC 3194) U.S. DoC IPv6 RFC http://www.ntia.doc.gov/ntiahome/ntiageneral/ipv6/comme ntsindex.html
BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

5

Why Not NAT
It was created as a temp solution NAT breaks the end-to-end model Growth of NAT has slowed down growth of transparent applications No easy way to maintain states of NAT in case of node failures NAT break security NAT complicates mergers, double NATing is needed for devices to communicate with each other

BRKRST-1301 14444_04_2008_c1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

6

© 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

3

IPv6 Technology

BRKRST-1301 14444_04_2008_c1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

7

IPv4 and IPv6 Header Comparison
IPv4 Header
Version IHL Type of Service Total Length Flags Fragment Offset Version

IPv6 Header
Traffic Class Flow Label

Identification Time to Live Protocol

Header Checksum

Payload Length

Next Header

Hop Limit

Source Address Destination Address Options Padding

Source Address

Legend

Field’s Name Kept from IPv4 to IPv6 Fields Not Kept in IPv6 Name and Position Changed in IPv6 New Field in IPv6

Destination Address

BRKRST-1301 14444_04_2008_c1

© 2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

8

© 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr

4

All rights reserved. Inc. Presentation_ID.scr 5 . 68 octets for IPv4) => on links with MTU < 1280. Inc. Cisco Systems. Cisco Public 10 MTU Issues Minimum link MTU for IPv6 is 1280 octets (vs. Inc. link-specific fragmentation and reassembly must be used Implementations are expected to perform path MTU discovery to send packets bigger than 1280 Minimal implementation can omit PMTU discovery as long as all packets kept ≤ 1280 octets A hop-by-hop option supports transmission of “jumbograms” with up to 232 octets of payload.Extension Headers Base header Next Header = 0 Extension E t i Header … = 43 Next Header Last Extension Header Next Header = 17 1st IPv6 Base Header (40 octets) 0 or more Extension Headers Data IPv6 Packet Next Header N t H d = 17 Ext Hd L E t Hdr Length th Ext Hdr Data BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. payload is normally 216 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Cisco Public 12 © 2006. All rights reserved. All rights reserved.

Cisco Public 14 IPv6 Addressing BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.scr 6 . Inc.IPv6 Addressing BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Cisco Public 15 © 2006. Inc. All rights reserved. All rights reserved. Inc. Cisco Systems. All rights reserved. Presentation_ID.

Presentation_ID.0.scr 7 . Cisco Public 17 Addressing Prefix Representation Representation of prefix is just like CIDR In this representation you attach the prefix length Like v4 address: 198.Addressing Format Representation 16-bit hexadecimal numbers Numbers are separated by (:) Hex numbers are not case sensitive Abbreviations are possible Leading zeros in contiguous block could be represented by (::) Example: 2001:0db8:0000:130F:0000:0000:087C:140B 2001:0db8:0:130F::87C:140B Double colon only appears once in the address BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved. Cisco Public 18 © 2006. Inc. Cisco Systems. Trailing zeros are not omitted 2001:0db8:0012::/48 = 2001:db8:12::/48 2001:db8:1200::/48 ≠ 2001:db8:12::/48 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved.0/16 V6 address is represented the same way: 2001:db8:12::/48 Only leading zeros are omitted.10. All rights reserved. Inc. Inc.

1 in IPv4 Identifies self Unspecified address representation 0:0:0:0:0:0:0:0=> :: Used as a placeholder when no address available (Initial DHCP request. All rights reserved. Inc. Cisco Public 20 © 2006.0. Presentation_ID. All rights reserved. Inc.IPv6 Address Representation Loopback address representation 0:0:0:0:0:0:0:1 0:0:0:0:0:0:0:1=> ::1 Same as 127.scr 8 . Cisco Public 19 IPv6—Addressing Model Addresses are assigned to interfaces Change from IPv4 mode: Interface “expected” to have multiple addresses Addresses have scope Link Local Unique Local Global Global Unique Local Link Local Addresses have lifetime Valid and preferred lifetime BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Duplicate Address Detection DAD) BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. Cisco Systems. All rights reserved.0.

Types of IPv6 Addresses Unicast Address of a single interface. All rights reserved. One-to-one-of-many delivery to a single interface in the set that is closest No more broadcast addresses BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.scr 9 . Cisco Public 22 Aggregatable Global Unicast Addresses Provider 3 45 Bits Site 16 Bits Host 64 Bits Global Routing Prefix SLA Interface ID 001 Aggregatable Global Unicast Addresses Are: Addresses for generic use of IPv6 Structured as a hierarchy to keep the aggregation BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. One-to-many delivery to all interfaces in the set Anycast Address of a set of interfaces. Presentation_ID. All rights reserved. All rights reserved. Inc. Cisco Systems. One-to-one delivery to One to one single interface Multicast Address of a set of interfaces. Cisco Public 23 © 2006. Inc.

scr 10 . Inc. Cisco Public 25 © 2006. Cisco Public 24 Link-Local 128 Bits Remaining 54 Bits 1111 1110 10 FE80::/10 Interface ID 10 Bits Link-Local Addresses Used for: Mandatory Address for Communication between two IPv6 device (like ARP but at Layer 3) Automatically assigned by Router as soon as IPv6 is enabled Also used for Next-Hop calculation in Routing Protocols Only Link Specific scope Remaining 54 bits could be Zero or any manual configured value BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. Cisco Systems. Presentation_ID.Unique-Local 128 Bits Global ID 40 Bits 1111 110 FC00::/7 Subnet ID 16 Bits Interface ID 7 Bits Unique-Local Addresses Used for: Local communications Inter-site VPNs Not routable on the Internet BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. All rights reserved. All rights reserved. All rights reserved.

iana. the second octet defines the lifetime and scope of the multicast address 8-bit 4-bit 4-bit 112-bit 1111 1111 Lifetime 0 1 Lifetime Scope Group-ID Scope If Permanent If Temporary 1 2 5 8 E Node Link Site Organization Global 26 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved. Cisco Systems. Cisco Public Some Well Known Multicast Addresses Address FF01::1 FF02::1 FF01::2 FF02::2 FF05::2 FF02::1:FFXX:XXXX Scope Node-Local Node Local Link-Local Node-Local Link-Local Site-Local Link-Local Meaning All Nodes All Nodes All Routers All Routers All Routers Solicited-Node Note that 02 means that this is a permanent address and has link scope More details at http://www. Cisco Public 27 © 2006. All rights reserved. All rights reserved. Inc. Presentation_ID. Inc.scr 11 .org/assignments/ipv6-multicast-addresses BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.IPv6 Multicast Address IP multicast address has a prefix FF00::/8 (1111 1111). Inc.

Inc. All rights reserved. and DAD Used in neighbor solicitation messages Multicast address with a link-local scope Solicited-node multicast consists of prefix + lower 24 bits from unicast. f th replacement of ARP for the l t f ARP. Inc. Cisco Systems. Cisco Public 28 Solicited-Node Multicast Address For each unicast and anycast address configured there is a corresponding solicited-node multicast This is Thi i specially used f t i ll d for two purpose. Cisco Public 29 © 2006. FF02::1:FF: BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved.Multicast Mapping over Ethernet IPv6 Multicast Address FF02 0000 0000 0000 0000 0001 FF17 FC0F Corresponding Ethernet Address Multicast Prefix for Ethernet Multicast 33 33 FF 17 FC 0F Mapping of IPv6 multicast address to Ethernet pp g address is: 33:33:<last 32 bits of the IPv6 multicast address> BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. Presentation_ID. All rights reserved.scr 12 .

Router Interface R1#sh ipv6 int e0 Ethernet0 is up. R1# BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.scr 13 . Inc. All rights reserved. Cisco Systems. All rights reserved. Inc. Presentation_ID. line protocol is up IPv6 is enabled. link-local address is FE80::200:CFF:FE3A:8B18 No global unicast address is configured Joined group address(es): FF02::1 FF02::2 Solicited-Node Multicast Address FF02::1:FF3A:8B18 MTU is 1500 bytes ICMP error messages limited to one every 100 milliseconds ICMP redirects are enabled ND DAD is enabled. All rights reserved. © 2006. Cisco Public 30 IPv6 Prefix Allocation Hierarchy and Policy Example IANA 2001::/3 AfriNIC ::/12 to::/23 APNIC ::/12 to::/23 ARIN ::/12 to::/23 LACNIC ::/12 to::/23 RIPE NCC ::/12 to::/23 ISP ISP ISP/32 /32 /32 ISP ISP ISP/32 /32 /32 ISP ISP ISP/32 /32 /32 ISP ISP ISP/32 /32 /32 ISP ISP ISP/32 /32 /32 Site Site /48 Site /48 /48 BRKRST-1301 14444_04_2008_c1 Site Site /48 Site /48 /48 Cisco Public Site Site /48 Site /48 /48 Site Site /48 Site /48 /48 Site Site /48 Site /48 /48 33 © 2008 Cisco Systems. number of DAD attempts: 1 ND reachable ti h bl time i 30000 milliseconds is illi d ND advertised reachable time is 0 milliseconds ND advertised retransmit interval is 0 milliseconds ND router advertisements are sent every 200 seconds ND router advertisements live for 1800 seconds Hosts use stateless autoconfig for addresses. Inc.

All rights reserved. All rights reserved. Ethernet address) Auto-generated pseudo-random number ( (to address p privacy concerns) y ) Assigned via DHCP Manually configured BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Cisco Public 35 IPv6 Interface Identifier Cisco uses the EUI-64 format to do stateless auto-configuration auto configuration This format expands the 48 bit MAC address to 64 bits by inserting FFFE into the middle 16 bits 00 00 90 90 27 FF 00 90 27 FF FE FE 17 FC 0F 27 17 FC 17 0F FC 0F To make sure that the chosen 1 = Unique address is from 000000U0 Where U= 0 = Not Unique a unique Ethernet MAC niq e U=1 address.) Lowest-Order 64-bit field of unicast address may be assigned in several different ways: Auto-configured from a 64-bit EUI-64. the universal/ local (“u” bit) is set to 1 02 90 27 FF FE 17 FC 0F for global scope and 0 for local scope BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.. Cisco Public 36 © 2006. Inc.g.IPv6 Address Allocation Process Partition of Allocated IPv6 Address Space (Cont. or expanded from a 48-bit MAC address (e. Inc. Inc. All rights reserved. Presentation_ID.scr 14 . Cisco Systems.

Cisco Public 37 ICMPv6 Internet Control Message Protocol version 6 RFC 2463 Modification of ICMP from IPv4 Message types are similar (but different types/codes) Destination unreachable (type 1) Packet too big (type 2) Time exceeded (type 3) Parameter problem (type 4) Echo request/reply (type 128 and 129) BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved. Cisco Public 38 © 2006. Cisco Systems.scr 15 . Presentation_ID. Inc. Inc.ICMPv6 and Neighbor Discovery BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved. All rights reserved. Inc.

Router solicitation (ICMPv6 type 133) 2. Inc. Cisco Systems. ICMPv6 header. Cisco Public 41 © 2006. and neighbor discovery options Five neighbor discovery messages 1. All rights reserved. All rights reserved. router discovery) Reachability of neighbors Hosts use it to discover routers. auto configuration of addresses Duplicate Address Detection (DAD) BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. Cisco Public 40 Neighbor Discovery Neighbor discovery uses ICMPv6 messages. Neighbor solicitation (ICMPv6 type 135) 4.scr 16 . All rights reserved. ICMP (redirects. Router advertisement (ICMPv6 type 134) 3. Presentation_ID. Neighbor advertisement (ICMPv6 type 136) 5. Inc. neighbor discovery header.Neighbor Discovery Replaces ARP. Redirect (ICMPV6 type 137) BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. originated from node on link local with hop limit of 255 Consists of IPv6 header.

2 RA 1—ICMP Type = 133 (RS) Src = link-local address (FE80::1/10) Dst = all-routers multicast address (FF02::2) Query = please send RA 2—ICMP Type = 134 (RA) Src = link-local address (FE80::2/10) Dst = all-nodes multicast address (FF02::1) Data = options. Presentation_ID.Router Solicitation and Advertisement 1. autoconfig flag Router solicitations (RS) are sent by booting nodes to request RAs for configuring the interfaces Routers send periodic Router Advertisements (RA) to the all-nodes multicast address BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Cisco Public 42 Neighbor Solicitation and Advertisement A B Neighbor Solicitation ICMP type = 135 Src = A Dst = Solicited-node multicast of B Data = link-layer address of A Query = what is your link address? Neighbor Advertisement ICMP type = 136 Src = B Dst = A Data = link-layer address of B A and B can now exchange packets on this link BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved. Inc. Cisco Systems. Inc. Cisco Public 43 © 2006. lifetime. All rights reserved. Inc.scr 17 . subnet prefix. 1 RS 2. All rights reserved.

Cisco Public 45 © 2006.Contents of NS L2 Destination: L2 multicast address corresponding to target IPv6 Solicited Node Address L3 Source: IPv6 Link-Local Address of source L3 Destination: Solicited Node Address corresponding to target IPv6 address of destination IPv6 Link-Local Address of destination BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.scr 18 . Inc. Cisco Systems. Cisco Public 44 Contents of NA L3 Source: IPv6 Link-Local Address of source L3 Destination: IPv6 Link-Local Address of destination Link-Layer address requested In the NS message BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved. All rights reserved. Inc. Inc. All rights reserved. Presentation_ID.

Cisco Public 47 © 2006.Multicast Neighbor Solicitation— For Duplicate Address Detection (DAD) Ethernet Header 33-33-FF-52-F9-D8 • Dest MAC is 33 33 FF 52 F9 D8 IPv6 Header • Source Address is :: • Destination Address is FF02::1:FF52:F9D8 • Hop limit is 255 Neighbor Solicitation Header • Target Address is FE80::2:260:8FF:FE52:F9D8 Host A Tentative IP: FE80::2:260:8FF:FE52:F9D8 Send multicast Neighbor Solicitation Neighbor Solicitation Host A uses DAD to verify the existence of a duplicate address before assigning the address to its interface. Inc. All rights reserved. Inc. Host B BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Cisco Systems. All rights reserved. Inc. All rights reserved. Presentation_ID.scr 19 . Cisco Public 46 Multicast Neighbor Advertisement (Response) Ethernet Header • Destination MAC is 33-33-00-00-00-01 IPv6 Header IP 6 H d • Source Address is FE80::2:260:8FF:FE52:F9D8 • Destination Address is FF02::1 • Hop limit is 255 Neighbor Advertisement Header • Target Address is FE80::2:260:8FF:FE52:F9D8 Neighbor Discovery Option • Target Link-Layer Address is 00-60-08-52-F9-D8 Host A Tentative IP: FE80::2:260:8FF:FE52:F9D8 Neighbor Ad ti N i hb Advertisement t MAC: 00-60-08-52-F9-D8 IP: FE80::2:260:8FF:FE52:F9D8 Host B BRKRST-1301 14444_04_2008_c1 Send multicast Neighbor Advertisement © 2008 Cisco Systems.

…) Larger Address Space Enables: The use of link-layer addresses inside the address space Autoconfiguration with “no collisions” Offers “plug and play” BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc.Redirect A B R2 R1 Src = A Dst IP = 2001:db8:C18:2::1 Dst Ethernet = R2 (default router) Redirect: Src = R2 Dst = A Data = good router = R1 2001:db8:C18:2::/64 Redirect is used by a router to signal the reroute of a packet to a better router BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. All rights reserved. Cisco Systems. Inc. Presentation_ID.scr 20 . Cisco Public 48 Autoconfiguration Mac Address: 00:2c:04:00:FE:56 Host Autoconfigured Address Is: Prefix Received + Link-Layer Address Sends Network-Type Information (Prefix. Cisco Public 49 © 2006. All rights reserved. Default Route. All rights reserved.

All rights reserved. with normal lifetimes Larger Address Space Enables: Renumbering. Presentation_ID. Inc. …) Data = Two prefixes: Current prefix (to be deprecated). Inc. Cisco Systems. with short lifetimes lif ti New prefix (to be used). deprecated address 2001:db8:c18:1:260:8ff:fede:8fbe preferred address 2001:db8:c18:2:260:8ff:fede:8fbe Cisco Public 51 © 2006.scr 21 . using autoconfiguration and multiple addresses BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved.Renumbering Mac Address: 00:2c:04:00:FE:56 Host Autoconfigured Address Is: New Prefix Received + Link-Layer Address Sends New Network-Type Information (Prefix. Inc. All rights reserved. Cisco Public 50 Renumbering (Cont.) Router Configuration after Renumbering: interface Ethernet0 ipv6 nd prefix 2001:db8:c18:1::/64 43200 0 ipv6 nd prefix 2001:db8:c18:2::/64 43200 43200 or: interface Ethernet0 ipv6 nd prefix 2001:db8:c18:1::/64 at Jul 31 2008 23:59 Jul 20 2008 23:59 ipv6 nd prefix 2001:db8:c18:2::/64 43200 43200 New Network Prefix: 2001:db8:c18:2::/64 Deprecated Prefix: 2001:db8:c18:1::/64 Router Advertisements Host Configuration: Autoconfiguring IPv6 Hosts BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Default Route.

DHCP and DNS for IPv6 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Cisco Public 53 © 2006. Presentation_ID. All rights reserved. Inc. Cisco Public 52 DNS Basics DNS is a database managing Resource Records (RR) Stockage of RR from various types—IPV4 and IPV6: Start of Authority (SoA) Name Server Address—A and AAAA Pointer—PTR DNS is an IP application It uses either UDP or TCP on top of IPv4 or IPv6 References RFC3596: DNS Extensions to Support IP Version 6 RFC3363: Representing Internet Protocol Version 6 Addresses in Domain Name system (DNS) RFC3364: Tradeoffs in Domain Name System (DNS) Support for Internet Protocol version 6 (IPv6) BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.scr 22 . Inc. All rights reserved. Cisco Systems. Inc. All rights reserved.

arpa PTR www.0. Presentation_ID.168.0.0. then DHCP Solicit message is sent to the All-DHCP-Agents multicast address Using the link-local address as the source address link local Multicast addresses used: FF02::1:2 = All DHCP Agents (servers or relays. Cisco Public 55 © 2006. Inc.0.arpa. BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.0.0.168.abc.0.abc.0.0.test.test.1. A 192.192.abc. then examines router advertisements to determine if DHCP can be used If no router found or if DHCP can be used. Inc. Cisco Systems.0. PTR www. All rights reserved.30.IPv6 and DNS IPv4 IPv6 Hostname to IP address A record: www.0.test AAAA 2001:db8:C18:1::2 IP address to hostname PTR record: 1.c. Link-local scope) FF05::1:3 = All DHCP Servers (Site-local scope) DHCP Messages: Clients listen UDP port 546. Client first detect the presence of routers on the link If found.abc.0.8.in-addr.0. servers and relay agents listen on UDP port 547 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.scr 23 .0. Cisco Public 54 DHCPv6 Updated version of DHCP for IPv4 Supports new addressing Can be used for renumbering DHCP Process is same as in IPv4. PTR record: 2. but.test.0.0.ip6.b.0.30. Inc.0.0.0. 8.1. All rights reserved.0.0. All rights reserved.1 AAAA record: www.d.1.2.

All rights reserved. DHCPv6 exchange for all other configuration settings settings. Client sends DHCPv6 SOLICIT BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Client autoconfigures address based on prefix option in RA.Managing DHCPv6 via Router Advertisement (Stateful Autoconfig) RAs Can Be Used to Control DHCPv6 Client Behavior 1. containing link prefix. 1. All rights reserved. Router Advertisement (RA) sent with “Use Stateful Autoconfiguration Flag” = ON DHCPv6-Serv-1 Core Router DHCPv6-Relay-3 DHCPv6-Relay-1 DHCPv6-Client-1 2. Router Advertisement (RA) sent. then sends DHCPv6 SOLICIT BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. Cisco Public 56 Stateless DHCPv6 Stateless DHCPv6 normally combines stateless autoconfiguration for address assignment. All rights reserved. Cisco Public 57 © 2006. Cisco Systems. Presentation_ID. also with “Other configuration flag” = ON DHCPv6-Serv-1 Core Router DHCPv6-Relay-3 DHCPv6-Relay-1 DHCPv6-Client-1 2. Inc. Inc.scr 24 .

RADIUS Responds with User’s Prefix(es) 2. Presentation_ID. Stateless Dhcpv6) Stateless (RFC2462) RS Are Sent by Booting Nodes to Request RAs for Configuring the Interfaces.. Stateful Dhcpv6) Use Dhcpv6 for Other Config Config. with an ORO = DNS AAA BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.e. 5 CPE Configures Addresses from The Prefix on Its Downstream Interfaces. PE Sends RADIUS Request for the User 4. Inc.scr 25 . O-bit Is Set to On 7. All rights reserved. Host Configures Addresses Based on the Prefixes Received in the RA. Cisco Public 58 Prefix/Options Assignment PE ISP ISP Provisioning System E1 DHCP Client 1. It Sends a DHCP Information-request Message. Inc. As the O-bit Is on. Inc..Router Advertisement PE ISP ISP Provisioning System E1 DHCP Client CPE E0 DHCP Server Host Source of RA PE CPE Router User of RA CPE E1 Host A Bit A 0 1 M/O Bits M/O 11 01 Operation Don’t Do Stateless Address Assignment Do Stateless Address Assignment Operation Use Dhcpv6 for Address + Other Config. All rights reserved. Host Autonomously Configures Its Own Link-Local Address BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. PE Sends DHCP REPLY with Prefix Delegation Options 5. (i. (i. CPE Sends DHCP Solicit with ORO = PD 3. Cisco Systems. CPE Sends a DHCP REPLY Containing Request Options CPE E0 DHCP Server Host 6. and Sends an RA. All rights reserved. Cisco Public DHCP ND/DHCP 59 © 2006.e.

Cisco Public 61 IOS IPv6 Addressing Examples (1) Manual Interface Identifier Fast0/0 ipv6 unicast-routing ! interface FastEthernet0/0 ip address 10.255.scr 26 . Inc. All rights reserved. Cisco Public 62 © 2006. Presentation_ID. All rights reserved.255. Cisco Systems.1.151.1 255. Inc.0 ip pim sparse-mode duplex auto d l speed auto ipv6 address 2006:1::1/64 ipv6 enable ipv6 nd ra-interval 30 ipv6 nd prefix 2006:1::/64 300 300 ! BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.IPv6 Configurations BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. All rights reserved.

505e. All rights reserved.IOS IPv6 Addressing Examples (1) Manual Interface Identifier r1#sh ipv6 int fast0/0 FastEthernet0/0 is up.505e. r1# BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.scr 27 .1.9460 FF02::1:FF5E:9460 MTU is 1500 bytes ICMP error messages limited to one every 100 milliseconds ICMP redirects are enabled r1#sh int fast0/0 ND DAD is enabled. All rights reserved. number of DAD attempts: 1 FastEthernet0/0 is 30000 protocol is up ND reachable timeis up.151.9460 (bia 0007.255. Cisco Systems.255. Inc. line protocol is up IPv6 is enabled. All rights reserved. Presentation_ID. Cisco Public 64 © 2006. address is 0007. Inc. line milliseconds Hardware ND advertisedis AmdFE. Cisco Public 63 IOS IPv6 Addressing Examples (2) EUI-64 Interface Identifier Fast0/0 ipv6 unicast-routing ! interface FastEthernet0/0 ip address 10. link-local address is FE80::207:50FF:FE5E:9460 Global unicast address(es): ( ) 2006:1::1.0 ip pim sparse-mode duplex auto speed auto ipv6 address 2006:1::/64 eui-64 ipv6 enable ipv6 nd ra-interval 30 ipv6 nd prefix 2006:1::/64 300 300 ! BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.9460) reachable time is 0 milliseconds ND advertised retransmit interval is 0 milliseconds ND router advertisements are sent every 30 seconds ND router advertisements live for 1800 seconds Hosts use stateless autoconfig for addresses.505e. Inc. subnet is 2006:1::/64 Joined group address(es): FF02::1 FF02::2 FF02::1:FF00:1 MAC Address : 0007.1 255.

subnet is 2006:1::/64 Joined group address(es): FF02::1 MAC Address : 0007. line protocol is up Hardware time is address is 0007. All rights reserved.9460 (bia 0007. Cisco Systems. link-local address is FE80::207:50FF:FE5E:9460 Global unicast address(es): 2006:1::207:50FF:FE5E:9460. Inc. line protocol is up IPv6 is enabled. Inc. Inc.9460 FF02::2 FF02::1:FF5E:9460 MTU is 1500 bytes ICMP error messages limited to one every 100 milliseconds r1#sh int fast0/0 ICMP redirects are enabled FastEthernet0/0 ND DAD is enabled is number of DAD attempts: 1 enabled.9460) ND reachable is AmdFE. r1# BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. 30000 milliseconds ND advertised reachable time is 0 milliseconds ND advertised retransmit interval is 0 milliseconds ND router advertisements are sent every 30 seconds ND router advertisements live for 1800 seconds Hosts use stateless autoconfig for addresses. Cisco Public 66 © 2006.505e.scr 28 . All rights reserved. Presentation_ID.IOS IPv6 Addressing Examples (2) EUI-64 Interface Identifier r1#sh ipv6 int fast0/0 FastEthernet0/0 is up.505e. up.505e. Cisco Public 65 IPv6 Routing BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved.

Cisco Public 68 © 2006. Inc. Inc.Static Routing BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved. All rights reserved. All rights reserved. Cisco Systems. Inc.scr 29 . Presentation_ID. Cisco Public 67 Static Routing ipv6 route ipv6-prefix/prefix-length {ipv6-address | interface-type interface-number [ipv6-address]} [administrative-distance] [administrative-multicast-distance | unicast | multicast] [tag tag] Examples: Forward packets for network 2001:DB8::/32 through 2001:DB8:1:1::1 with an administrative distance of 10 Router(config)# ipv6 route 2001:DB8::/32 2001:DB8:1:1::1 10 Default route to 2001:DB8:1:1::1 Router(config)# ipv6 route ::/0 2001:DB8:1:1::1 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.

All rights reserved. All rights reserved. hop limit of 15. Cisco Public 70 © 2006. Cisco Systems.scr 30 . Presentation_ID. Inc. multicast based (FF02::9).RIPng (RFC 2080) BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. split-horizon. Inc. Cisco Public 69 Enhanced Routing Protocol Support RIPng Overview RFC 2080 command version must be zero Route Tag IPv6 IP 6 prefix fi command version must be zero Address Family Identifier IPv4 Address Subnet Mask Next Hop Metric route tag prefix len metric Similar characteristics as IPv4 Distance-vector. NH must be link local BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Metric will have 0xFF. Updated features f IP 6 U d t df t for IPv6 IPv6 prefix & prefix len Special Handling for the NH Route tag and prefix len for NH is all 0. All rights reserved. Inc. UDP port (521) etc.

All rights reserved. metric=1. length=32 command=2. Cisco Public Link-Local src Address 71 Access-List BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved. All rights reserved.Enhanced Routing Protocol Support RIPng Configuration and Display ::/0 Router 2 Ethernet0 = 2001:db8:c18:1:260:3eff:fe47:1530 LAN1: 2001:db8:c18:1::/64 Ethernet0 Router 1 Ethernet1 LAN2: 2001:db8:c18:2::/64 Router2# ipv6 router rip RT0 interface Ethernet0 ipv6 address 2001:db8:c18:1::/64 eui-64 ipv6 rip RT0 enable ipv6 rip RT0 default-information originate Router1# oute # ipv6 router rip RT0 interface Ethernet0 ipv6 address 2001:db8:c18:1::/64 eui-64 ipv6 rip RT0 enable Interface Ethernet1 ipv6 address 2001:db8:c18:2::/64 eui-64 ipv6 rip RT0 enable Router2# debug ipv6 rip oute # p 6 p RIPng: Sending multicast update on Ethernet0 for RT0 src=FE80::260:3eff:fe47:1530 dst=FF02::9 (Ethernet0) sport=521. Cisco Public 72 © 2006. Cisco Systems. Inc. Presentation_ID. version=1. Inc. Inc. #rte=1 tag=0. mbz=0.scr 31 . dport=521. prefix=::/0 Multicast All RIP-Routers BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.

All rights reserved. All rights reserved. Cisco Public 73 IPv6 Access-List Example Filtering outgoing traffic from unique-local source addresses 2001:0db8:c18:2::/64 fc00:0:0:2::/64 ipv6 access-list blocksite deny fc00:0:0:2::/64 any ipv6 access-list blocksite permit any any interface Ethernet0 ipv6 traffic-filter blocksite out IPv6 Internet Ethernet0 Global prefix: 2001:0db8:c18:2::/64 Unique-local prefix: fc00:0:0:2::/64 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. Cisco Systems. Inc. IPv6 Standard Access Control Lists (ACL) Offers the Following Functions: Can filter traffic based on source and destination address Can filter traffic inbound or outbound on a specific interface Can add priority to the ACL Implicit “deny all” at the end of access list BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.Cisco IOS Standard Access Lists When Used for Traffic Filtering. Inc. Presentation_ID.scr 32 . Cisco Public 74 © 2006. All rights reserved.

Inc. Inc. to avoid order dependencies when upgrading hosts. Cisco Public 75 IPv4-IPv6 Transition/Coexistence A wide range of techniques have been identified and implemented. Dual-stack techniques. to allow IPv4 and IPv6 to co-exist in the same devices and networks 2. in combination BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. to allow IPv6-only devices to communicate with IPv4-only devices Expect all of these to be used. All rights reserved. Tunneling techniques. All rights reserved. Inc. Cisco Systems. Presentation_ID. basically falling into three categories: 1. or regions 3. Translation techniques.Deployment BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. routers.scr 33 . Cisco Public 76 © 2006. All rights reserved.

Cisco Public 79 © 2006. DNS client. Inc.255.168. Traceroute.168. Presentation_ID. etc.255. BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved. the router is dual-stacked Telnet. Inc.99. Cisco Systems.1 255.scr 34 .0 ipv6 address 2001:db8:213:1::/64 eui-64 IPv6: 2001:db8:213:1::/64 eui-64 Cisco IOS® Is IPv6-Enable: If IPv4 and IPv6 are configured on one interface. Ping. Cisco Public 77 Cisco IOS Dual Stack Configuration router# ipv6 unicast-routing Dual Stack Dual-Stack Router IPv6 and IPv4 Network IPv4: 192.99.Dual Stack Approach Application IPv6-Enable Application TCP UDP TCP UDP Preferred Method on Application’s Servers Frame Protocol ID IPv4 IPv6 IPv4 IPv6 0x0800 0x86dd 0x0800 0x86dd Data Link (Ethernet) Data Link (Ethernet) Dual Stack Node Means: Both IPv4 and IPv6 stacks enabled Applications can talk to both Choice of the IP version is based on name lookup and application preference BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.1 interface Ethernet0 ip address 192. TFTP. All rights reserved. Inc. SSH. All rights reserved.

dWDM Lambda. Ethernet Some new techniques Automatic tunnels using IPv4 . Cisco Public 80 Tunneling Many Ways to Do Tunneling Some ideas same as before GRE. IP Native IP over data link layers ATM PVC. compatible IPv6 address. Serial. All rights reserved. Presentation_ID. Inc. Cisco Public 81 © 2006. Inc. Frame Relay PVC.Tunneling BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. ISATAP BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved. g p 6to4. Cisco Systems. All rights reserved. Inc. Sonet/SDH. MPLS.scr 35 .

Cisco Public 83 © 2006.168.168.30.168.1 tunnel mode ipv6ip BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.1 tunnel mode gre ipv6 router2# interface Tunnel0 ipv6 enable ipv6 address 2001:db8:c18:1::2/128 tunnel source 192. Inc.168.168.1 tunnel destination 192.168. Inc.scr 36 .168.168.1 IPv6: 2001:db8:800:1::2 router1# interface Tunnel0 ipv6 enable ipv6 address 2001:db8:c18:1::3/127 tunnel source 192. All rights reserved.168.168. Presentation_ID.99.99.99.Manually Configured GRE Tunnel Dual-Stack Router1 IPv6 Network Dual-Stack Router2 IPv6 Network IPv4: 192.1 IPv6: 2001:db8:800:1::2 IPv4 IP 4 IPv4: 192. Cisco Public 82 Manually Configured IPv6 over IPv4 Tunnel Dual-Stack Router1 IPv6 network IPv4 IP 4 Dual-Stack Router2 IPv6 network IPv4: 192.99. All rights reserved.99.168.168.1 tunnel destination 192.1 tunnel destination 192.1 tunnel destination 192. Inc.1 tunnel mode gre ipv6 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved.30.30.30.30.1 tunnel mode ipv6ip router2# interface Tunnel0 ipv6 enable ipv6 address 2001:db8:c18:1::2/127 tunnel source 192.1 IPv6: 2001:db8:800:1::3 router1# interface Tunnel0 ipv6 enable ipv6 address 2001:db8:c18:1::3/128 tunnel source 192.30. Cisco Systems.99.1 IPv6: 2001:db8:800:1::3 IPv4: 192.

Cisco Systems. they are multipoint tunnels IPv4 is embedded in the IPv6 address is used to find the other end of the tunnel Address format is 2002:IPv4 address:: BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. All rights reserved. Presentation_ID.6to4 Tunneling BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. Cisco Public 85 © 2006. Cisco Public 84 Automatic 6to4 Tunnels Automatic 6to4 tunnel allows isolated IPv6 domains to connect over an IPv4 network Unlike the manual 6to4 the tunnels are not point-topoint. All rights reserved. All rights reserved.scr 37 . Inc.

99. All rights reserved. Inc.168.scr 38 . All rights reserved. Public IPv4 Address /48 SLA /64 Interface ID Cisco Public 86 Automatic 6to4 Tunnel (RFC 3056) S=2002:c0a8:6301::1 D=2002:c0a8:1e01::2 IPv6 H d IP 6 Header IPv6 Host A IPv6 D t IP 6 Data 6to4 Router IPv4 S=2002:c0a8:6301::1 D=2002:c0a8:1e01::2 IPv6 H d IP 6 Header 6to4 Router IPv6 D t IP 6 Data IPv6 Host B IPv6 Network 2002:c0a88:6301::1 192. All rights reserved.1 Network Prefix: 2002:c0a8:1e01::/48 6to4 Router IPv6 IP 6 Network IPv6 Host B 6to4: Is an automatic tunnel method Gives a prefix to the attached IPv6 network 2002 /16 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.1 S(v6)=2002:c0a8:6301::1 D(v6)=2002:c0a8:1e01::2 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.168. Cisco Systems.99. Cisco Public 87 © 2006.30.30. Inc. Inc. Presentation_ID.Automatic 6to4 Tunnel (RFC 3056) IPv6 Host A IPv6 IP 6 Network Network Prefix: 2002:c0a8:6301::/48 = = 192.99.1 IPv6 Network 192.30.168.168.1 2002:c0a8:1e01::2 Tunnel: IPv6 in IPv4 Packet IPv4 Header IPv6 Header IPv6 Data S(v4)=192.168.168.1 6to4 Router IPv4 192.1 D(v4)=192.

All rights reserved. All rights reserved.0.99.30.99.99. Presentation_ID.1 192. Inc.168.30.0 interface Tunnel0 ipv6 unnumbered Ethernet0 tunnel source Ethernet1 tunnel mode ipv6ip 6to4 ipv6 route 2002::/16 Tunnel0 E0 IPv4 6to4 Router2 E0 IPv6 Network Network Prefix: 192.168.Automatic 6to4 Configuration 6to4 Router1 IPv6 Network Network Prefix: 2002:c0a8:6301::/48 = router1# interface Ethernet0 ipv6 address 2002:c0a8:6301:1::/64 eui-64 Interface Ethernet1 ip address 192.255.168. All rights reserved. Cisco Public 88 Automatic 6to4 Relay IPv6 Internet 6to4 Router1 IPv6 Network 6to4 Relay IPv6 Site Network IPv4 Network Prefix: 2002:c0a8:6301::/48 192.168.30.1 255.168. Inc.1 Network Prefix: 2002:c0a8:1e01::/48 = = 6to4 Relay: Is a gateway to the rest of the IPv6 Internet Is a default router BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.scr 39 .1 192.168. Inc. Cisco Systems.1 255. Cisco Public 90 © 2006.1 2002:c0a8:1e01::/48 = router2# interface Ethernet0 ipv6 address 2002:c0a8:1e01:1::/64 eui-64 Interface Ethernet1 ip address 192.0 interface Tunnel0 ipv6 unnumbered Ethernet0 tunnel source Ethernet1 tunnel mode ipv6ip 6to4 ipv6 route 2002::/16 Tunnel0 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.255.0.

scr 40 .Automatic 6to4 Relay Configuration 6to4 Router1 IPv6 Network E0 IPv4 6to4 Relay IPv6 Internet IPv6 Network 192. All rights reserved. Inc.0 interface Tunnel0 no ip address ipv6 unnumbered Ethernet0 tunnel source Ethernet1 tunnel mode ipv6ip 6to4 ipv6 route 2002::/16 Tunnel0 ipv6 route ::/0 2002:c0a8:1e01::1 BRKRST-1301 14444_04_2008_c1 IPv6 Address: 2002:c0a8:1e01::1 © 2008 Cisco Systems.0. All rights reserved. Cisco Public 92 © 2006.168.99.1 255. Inc. Presentation_ID. Cisco Public 91 Automatic 6to4 Tunnels Requirements for 6to4 Border router must be dual stack with a global IPv4 address Interior routing protocol for IPv6 is required DNS for IPv6 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc.168.1 Network Prefix: 2002:c0a8:6301::/48 = router1# interface Ethernet0 ipv6 address 2002:c0a8:6301:1::/64 eui-64 Interface Ethernet1 ip address 192. Cisco Systems.255. All rights reserved.99.

All rights reserved. Presentation_ID.scr 41 . Inc. Inc. Cisco Public 93 Intrasite Automatic Tunnel Address Protocol RFC 4214 To deploy a router is identified that carries ISATAP services ISATAP routers need to have at least one IPv4 interface and 0 or more IPv6 interface DNS entries are created for each of the ISATAP routers IPv4 addresses Hosts will automatically discover ISATAP routers and can get access to global IPv6 network Host can apply the ISATAP service before all this operation but its interface will only have a link local v6 address until the first router appears BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Cisco Systems. Inc. All rights reserved. Cisco Public 95 © 2006. All rights reserved.ISATAP Tunneling BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.

Inc. All rights reserved.1. Cisco Public 96 IPv6 Campus ISATAP Configuration Supported in Windows XP Pro SP1 and others ISATAP connections look like one flat network Create DNS “A” record for “ISATAP” = 10.2. Presentation_ID.1.100 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.Intrasite Automatic Tunnel Address Protocol Use IANA’s OUI 00-00-5E and Encode IPv4 Address as Part of EUI-64 64-bit Unicast Prefix 0000:5EFE: 32-bit IPv4 Address 32-bit Interface Identifier (64 bits) ISATAP is used to tunnel IPv4 within as administrative domain (a site) to create a virtual IPv6 network over a IPv4 network Supported in Windows XP Pro SP1 and others BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.1.scr 42 .1. All rights reserved. Inc. Cisco Public 97 © 2006. All rights reserved.1 Use Static Config if DNS use is not desired: C:\>netsh interface ipv6 isatap set router 10. Inc.1.1 Currently ISATAP does not support multicast!! ISATAP Address Format: 64-bit Unicast Prefix 0000:5EFE: 32-bit Interface ID IPv4 Address 32-bit 2001:DB8:C003:111F:0:5EFE:10. Cisco Systems.

1.1.1. All rights reserved.100 IPv6 Source: fe80::5efe:ce7b:1fc8 IPv6 Destination: fe80::5efe:ce7b:1464 ISATAP Prefix: 2001:db8:ffff :2::/64 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.1.123.100—IPv6 address Host IP Router IP # ip tunnel add is0 mode isatap 10.20.1.1 ttl 64 # ip link set is0 up BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.123.20.200 IPv6 Source: fe80::5efe:ce7b:1464 IPv6 Destination: fe80::5efe:ce7b:1fc8 6 es a o e80 5e e ce b c8 Send me ISATAP Prefix ICMPv6 Type 134 (RA) IPv4 Source: 206. Inc. Cisco Systems. Inc.123.31.1.200 IPv4 Destination: 206.31. Presentation_ID.100 IPv4 Destination: 206. Cisco Public 99 © 2006. Inc.Client Configuration (Linux): ISATAP Tunnels Linux Client L3 Switch IPv6 L3 IPv6 Not Supported Switch/Router IPv6-enabled Requires Kernel support q pp for ISATAP—USAGI Modified IProute package—USAGI Must configure ISATAP router—not automatic 10. All rights reserved. All rights reserved.123.100—Client IPv4 address 2001:DB8:C003:111f:0:5efe:10. Cisco Public 98 Automatic Advertisement of ISATAP Prefix ISATAP Host A IPv4 Network ISATAP Tunnel ISATAP Router 1 E0 IPv6 Network ICMPv6 Type 133 (RS) IPv4 Source: 206.1.100 v4any 30.scr 43 .1.

200 255.123.123. Cisco Public 101 © 2006. All rights reserved. Cisco Systems.Automatic Address Assignment of Host and Router ISATAP Host A IPv4 Network ISATAP Tunnel 206.20. All rights reserved.123.123. and prefixes t b advertised j t as d fi to be d ti d just you would with a native IPv6 interface The IPv6 address has to be configured as an EUI-64 address since the last 32 bits in the interface identifier is used as the IPv4 destination address BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.255. ISATAP host A encapsulates IPv6 packets in IPv4.200 fe80::5efe:ce7b:1fc8 2001:db8:ffff:2::5efe:ce7b:1fc8 The tunnel source command must point to an interface with an IPv4 address configured Configure the ISATAP IPv6 address. BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.31.20. Inc.123.31.100 fe80::5efe:ce7b:1464 2001:db8:ffff:2::5efe:ce7b:1464 ISATAP-router1# ! interface Ethernet0 ip address 206.31.200 fe80::5efe:ce7b:1fc8 2001:db8:ffff:2::5efe:ce7b:1fc8 ISATAP host A receives the ISATAP prefix 2001:db8:ffff:2::/64 from ISATAP Router 1 When ISATAP host A wants to send IPv6 packets to 2001:db8:ffff:2::5efe:ce7b:1fc8.0 ! interface Tunnel0 ipv6 address 2001:db8:ffff:2::/64 eui-64 no ipv6 nd suppress-ra tunnel source Ethernet0 tunnel mode ipv6ip isatap ISATAP Router 1 E0 IPv6 Network 206. Inc.255. All rights reserved. Presentation_ID. Cisco Public 100 Automatic Configuring ISATAP ISATAP Host A IPv4 Network ISATAP Tunnel 206. Inc.scr 44 .100 fe80::5efe:ce7b:1464 2001:db8:ffff:2::5efe:ce7b:1464 ISATAP Router 1 E0 IPv6 Network 206. The IPv4 packets of the IPv6 encapsulated packets use IPv4 source and destination address.

Translation BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Cisco Public 104 © 2006. Cisco Systems. Inc.e. All rights reserved. Presentation_ID. content switching modules) NAT-PT (Network Address Translation–Protocol Translation) as an option to front-end IPv4-only server—Note: NAT-PT IS being moved to experimental Place NAT-PT box as close to IPv4 only server as possible Be very aware of performance and manageability issues BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc. All rights reserved. All rights reserved. Cisco Public 103 Legacy Services (IPv4 Only) NAT–PT IPv6-Only Segment IPv6-only Host IPv4-Only Segment S t Legacy IPv4 Server IPv6-Enabled Network IPv6 Server Many of the non-routing/switching products do not yet support IPv6 (i.scr 45 . Inc..

3(14)T DNS interface F tEth i t f FastEthernet0/0 t0/0 ipv6 address 2001:DB8:C003:1::1/64 ipv6 cef ipv6 nat ! interface FastEthernet0/1 ip address 192.10 Cisco Public NAT-PT IPv6 Interface IPv6 Host 2001:DB8:C003:1::10 1 Src: 2001:DB8:C003:1::10 Dst: 2010::10 4 Src: 2010::10 Dst: 2001:DB8:C003:1::10 106 Dynamic Static BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.168.1.168.168.255.scr 46 .168.168.10 192. Cisco Systems.168.10 Dst: 192.1.1.1 255.0/24 .1.168.0 ipv6 nat prefix 2010::/96 ipv6 nat ! ipv6 nat v4v6 source 192.2.10 2 Src: 192. © 2006.10 3 Src: 192.100 2010::100 ipv6 nat v4v6 source 192. Inc. All rights reserved.10 2010::10 ! ipv6 nat v6v4 source route-map MAP1 pool V4POOL ipv6 nat v6v4 pool V4POOL 192.168.1.1.168.100 F0/1 NAT Prefix 2010::/96 F0/0 2001:DB8:C003:1::/64 2001:DB8:C003:1::10 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc.2. Presentation_ID. Inc.168. All rights reserved.1 192. All rights reserved.1.10 prefix-length 24 ! route-map MAP1 permit 10 match interface FastEthernet0/0 105 . Cisco Public NAT-PT Packet Flow IPv4 Interface DNS 192.2.10 Dst: 192.255.Configuring Cisco IOS NAT-PT NAT-PT enables communication between IPv6-only and IPv4-only nodes CEF switching in 12.168.2.

Presentation_ID. All rights reserved.net/policy/proposals/2006_4.Conclusion IPv6 is real! Start now rather than later Purchase f th f t P h for the future Start moving legacy application towards IPv6 support Test. Cisco Public 108 © 2006. Cisco Systems. Inc. All rights reserved.ietf. Inc. test and then test some more! Integration can be done per Application (Dual Stack or Tunneled) Microsoft Vista and Longhorn have IPv6 enabled by default and preferred over IPv4 Things to consider: Don’t assume your favorite vendor/app/gear has an IPv6 plan Full parity between IPv4 and IPv6 is still a ways off Watch the standards and policies: http://www.arin.org and http://www.scr 47 . Cisco Public 107 Q and A BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. All rights reserved.html Enterprise and SP Deployment Scenarios: ISP IPv6 Deployment Scenarios in Broadband Access Networks (RFC 4779) Scenarios and Analysis for Introducing IPv6 into ISP Networks (RFC 4029) IPv6 Enterprise Network Scenarios (RFC 4057) Procedures for Renumbering an IPv6 Network without a Flag Day (RFC 4192) BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Inc.

com/warp/public/732/Tech/ipv6/docs/ipv6_access_wp_v2. Cisco Public 109 Recommended Reading Continue your Cisco Live learning experience with further reading from Cisco Press Check the Recommended Reading flyer for suggested books Available Onsite at the Cisco Company Store BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Cisco Systems.cisco.cisco. Inc.com/warp/customer/105/icmpv6codes.com/en/US/products/sw/iosswrel/products_abc_ios_overview.pdf ICMPv6 Packet Types and Codes TechNote http://www. All rights reserved.html IPv6 e-Learning [requires CCO username/password] http://www.cisco. Cisco Public 110 © 2006. All rights reserved. Inc. Inc.scr 48 .html Cisco IOS IPv6 Product Manager pgrosset@cisco.cisco. All rights reserved.com BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.More Information CCO IPv6 http://www. Presentation_ID.com/warp/customer/732/Tech/ipv6/elearning/ IPv6 Access Services http://www.cisco.com/ipv6 The ABC of IPv6 http://www.

Inc.Complete Your Online Session Evaluation Give us your feedback and you could win fabulous prizes. Cisco Public 111 BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems. Go to the Collaboration Zone in World of Solutions or visit www. All rights reserved. Winners announced daily. Cisco Systems. Don’t forget to activate your Cisco Live virtual account for access to all session material on-demand and return for our live virtual event in October 2008. Receive 20 Passport points for each session evaluation you complete. Inc.cisco-live. Cisco Public 112 © 2006.scr 49 . All rights reserved. Complete your session evaluation online now (open a browser through our wireless network to access our portal) or visit one of the Internet stations throughout the Convention Center.com. Presentation_ID. All rights reserved. Inc. BRKRST-1301 14444_04_2008_c1 © 2008 Cisco Systems.

Sign up to vote on this title
UsefulNot useful