Ipv6 router design and configuration
This presentation is the property of its rightful owner.
Sponsored Links
1 / 67

IPv6 Router Design and Configuration PowerPoint PPT Presentation


  • 119 Views
  • Uploaded on
  • Presentation posted in: General

IPv6 Router Design and Configuration. Vincent Ng Technical Consultant, SPLOB, Asiapac [email protected] Agenda. IPv6 Routing and Addressing IPv6 Standards Status IPv6 Transition Strategy Connect to 6Bone Cisco IOS Deployment Roadmap Cisco IOS Commands

Download Presentation

IPv6 Router Design and Configuration

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Ipv6 router design and configuration

IPv6 Router Design and Configuration

Vincent Ng

Technical Consultant, SPLOB, Asiapac

[email protected]


Agenda

Agenda

  • IPv6 Routing and Addressing

  • IPv6 Standards Status

  • IPv6 Transition Strategy

  • Connect to 6Bone

  • Cisco IOS Deployment Roadmap

  • Cisco IOS Commands

  • Sample 6Bone Router Configuration


Ipv6 so what s really changed

IPv4 Header

Type of Service

Total Length

IHL

Version

Flags

Fragment Offset

Identification

Protocol

Header Checksum

Time to Live

Source Address

Destination Address

Options

Padding

IPv6 Header

Traffic Class

Flow Label

Version

Payload Length

Next Header

Hop Limit

Source Address

Destination Address

IPv6 - So what’s really changed ?!

  • Defined by RFC 2460

  • Address space quadrupled to 16 bytes

  • Fixed length

    • (Optional headers daisy-chained)

  • No checksumming

    • (Done by Link Layer)

  • No hop-by-hop segmentation

    • (Path MTU discovery)

  • Flow label/Class

    (Integrated QoS support)

  • Concatenated Extension Headers


Ipv6 router design and configuration

IPv6 Main Features/Functionality

  • Expanded Address Space

  • Header Format Simplification

  • Auto-configuration

  • Multi-Homing

  • Class of Service/Multimedia support

  • Authentication and Privacy Capabilities

  • No more broadcast Multicast

  • IPv4 IPv6 Transition Strategy


Ipv6 addressing

IPv6 Addressing

  • IPv6 Addressing rules are covered by multiples RFC’s

    • Architecture defined by RFC 2373

  • Address Types are :

    • Unicast : One to One (Global, Link local, Site local, Compatible)

    • Anycast : One to Nearest (Allocated from Unicast)

    • Multicast : One to Many

    • Reserved

  • A single interface may be assigned multiple IPv6 addresses of any type (unicast, anycast, multicast)

    • No Broadcast Address -> Use Multicast


Ipv6 addressing1

IPv6 Addressing

  • Prefix Format (PF) Allocation

    • PF = 0000 0000 : Reserved

    • PF = 0000 001 : Reserved for OSI NSAP Allocation (see RFC 1888), so far only way to embedded E.164 addresses (VoIP)

    • PF = 0000 010 : Reserved for IPX Allocation (under Study)

    • PF = 001 : Aggregatable Global Unicast Address

    • PF = 1111 1110 10 : Link Local Use Addresses

    • PF = 1111 1110 11 : Site Local Use Addresses

    • PF = 1111 1111 : Multicast Addresses

    • Other values are currently Unassigned (approx. 7/8th of total)

  • All Prefix Formats have to have EUI-64 bits Interface ID

    • But Multicast


Global unicast addresses rfc 2374

FP

TLA ID

Reserved

NLA ID

SLA ID

Interface ID

3 bits

13 bits

8 bits

24 bits

16 bits

64 bits

Global Unicast Addresses (RFC 2374)

  • Aggregatable Global Unicast Format - RFC2374

  • Address hierarchy matches Internet Service Provider hierarchy

  • Terminology:

    • FP - Format Prefix: Unicast (001), Multicast, Anycast

    • TLA - Top Level Aggregator  Global ISP

    • NLA - Next Level Aggregator  ISP

    • SLA - Site Level Aggregator  “Customer”

    • Interface ID - Host


Ipv6 addressing examples

IPv6 Addressing Examples

  • Global unicast address(es) is :

    • 2001:304:101:1::E0:F726:4E58,

    • subnet is 2001:304:101:1::0/64

  • link-local address is FE80::E0:F726:4E58

  • Unspecified Address is 0:0:0:0:0:0:0:0 or ::

  • Loopback Address is 0:0:0:0:0:0:0:1 or ::1

  • Group Addresses (Multicast), ie: FF02::9 for RIPv6

    • Joined group address(es):

    • FF02:0:0:0:0:1:FF:xxxx (solicited Node Multicast)

    • Unicast : 4037::01:800:200E:8C6C is FF02::1:FF0E:8C6C


Ipv6 addresses bootstrap phase

FP

NLA ID

SLA ID

Interface ID

TLA ID

subTLA ID

3 bits

19 bits

16 bits

64 bits

13 bits

13 bits

IPv6 AddressesBootstrap phase

  • Bootstrap process - RFC2450

  • Definitions:

    • TLA - special TLA 0x0001

    • subTLA - Top Level Aggregator  Transit ISP

    • NLA - Next Level Aggregator  ISP

    • SLA - Site Level Aggregator  “Customer”

    • Interface ID - Host


Ipv6 addresses bootstrap phase1

IPv6 AddressesBootstrap phase

  • Minimum assignment to ISP is a /35

  • ISP creates own NLA boundary - or -

  • ISP assigns /48 SLAs to each customer

    • 16 bits for subnetworks

    • 65536 subnetworks per site

    • 64 bits for hosts

    • 18446744073710 million hosts per subnetwork!!


Ipv6 addresses bootstrap phase2

site addresses

ISP addresses

NLA ID

SLA ID

Interface ID

ISP allocated subTLA

13 bits

35 bits

16 bits

64 bits

site addresses

ISP

addr

ISP2

addr

SLA ID

Interface ID

ISP allocated subTLA

NLA2

NLA1

35 bits

16 bits

64 bits

6 bits

7 bits

IPv6 AddressesBootstrap phase

  • subTLA holder ISP allocates SLAs to end-customers

  • subTLA holder ISP creates its own NLA boundary for customer ISPs


Ipv6 addresses bootstrap phase3

IPv6 AddressesBootstrap phase

  • Where to get address space?

    • Real IPv6 address space now allocated by APNIC, ARIN and RIPE NCC

    • APNIC2001:0200::/23

    • ARIN2001:0400::/23

    • RIPE NCC2001:0600::/23

    • Go to your existing IPv4 address registry...


Ipv6 address space current allocations

APNIC (whois.apnic.net)

WIDE-JP-199908132001:200::/35

NUS-SG-199908272001:208::/35

CONNECT-AU-199909162001:210::/35

NTT-JP-199909222001:218::/35

KIX-KR-199910062001:220::/35

JENS-JP-199910272001:228::/35

ETRI-KRNIC-KR-199911242001:230::/35

HINET-TW-200002082001:238::/35

IIJ-JPNIC-JP-200003082001:240::/35

IMNET-JPNIC-JP-200003142001:248::/35

CERNET-CN-200004262001:250::/35

INFOWEB-JPNIC-JP-20005022001:258::/35

BIGLOBE-JPNIC-JP-200007192001:260::/35

6DION-JPNIC-JP-200008292001:268::/35

DACOM-BORANET-200009082001:270::/35

ODN-JPNIC-JP-200009152001:278::/35

KOLNET-KRNIC-KR-200009272001:280::/35

TANET-IPV6-TW2001:288::/35

ARIN (whois.arin.net)

ESNET-V62001:400::/35

ARIN-0012001:400::/23

VBNS-IPV62001:408::/35

CANET3-IPV62001:410::/35

VRIO-IPV6-02001:418::/35

CISCO-IPV6-02001:420::/35

QWEST-IPV6-02001:428::/35

DEFENSENET2001:430::/35

ABOVENET-IPV62001:438::/35

SPRINT-V62001:440::/35

IPv6 Address SpaceCurrent Allocations

This output current as of 16-Oct-2000


Ipv6 address space current allocations1

RIPE (whois.ripe.net)

EU-UUNET-199908102001:600::/35

DE-SPACE-199908122001:608::/35

NL-SURFNET-199908192001:610::/35

UK-BT-199909032001:618::/35

CH-SWITCH-199909032001:620::/35

AT-ACONET-199909202001:628::/35

UK-JANET-199910192001:630::/35

DE-DFN-199911022001:638::/35

RU-FREENET-199911152001:640::/35

GR-GRNET-199912082001:648::/35

DE-ECRC-199912232001:650::/35

DE-TRMD-200003172001:0658::/35

FR-RENATER-200003212001:0660::/35

DE-NACAMAR-200004032001:0668::/35

EU-EUNET-200004032001:0670::/35

DE-IPF-200004262001:0678::/35

DE-XLINK-200005102001:0680::/35

FR-TELECOM-200006232001:0688::/35

PT-RCCN-200006232001:0690::/35

SE-SWIPNET-200008282001:0698::/35

PL-ICM-200009052001:06A0::/35

IPv6 Address SpaceCurrent Allocations

This output current as of 16-Oct-2000


Ipv6 routing

IPv6 Routing

  • Uses same “longest-prefix match” routing as IPv4 CIDR

  • Key to scalable routing—hierarchical addressing

  • Assignment of production IPv6 Sub-TLA address prefixes obtainable from Registries (RIPE-NCC, APNIC, ARIN) since 1999

  • Existing routing protocols require extensions for IPv6

  • Neighbor discovery—dynamic host <—> router

  • Can use Routing header with anycast addresses to route packets through particular regions

    • e.g., for provider selection, policy, performance, etc.


Ipv6 routing protocols

IPv6 Routing Protocols

  • Update to existing IPv4 routing protocols to handle

    bigger addresses

    • RIPv6 (RFC 2080) - Similar to RIPv2

    • BGP4+ - Multi-Protocols Extensions defined in RFC 2283, 2545

    • Integrated IS-IS - Large Address support facilitates IPv6 address

    • family. Draft-ietf-isis-ipv6-01.

    • OSPFv6 (RFC 2740) Packet formats changed to reflect 128 bits

  • IPv6 Multicast Routing

    • PIM, MOSPF, MBGP have IPv6 extensions

    • IPv6 Multicast has larger address space removing potential

    • IP addresses collision


What will ipv6 do for routing

What Will IPv6 Do for Routing?

  • Primarily give us a second chance to delegate addresses

  • Assume:

    • ~60 Top level addresses

    • ~2000 next level addresses delegated to small ISPs

    • 48 addresses in one TLA for multihoming

  • Result: Your route table has

    • ~60 TLAs,

    • Your customers and subnets, and…

    • Routes you incorporate by bilateral agreement


Agenda1

Agenda

  • IPv6 Routing and Addressing

  • IPv6 Standards Status

  • IPv6 Transition Strategy

  • Connect to 6Bone

  • Cisco IOS Deployment Roadmap

  • Cisco IOS Commands

  • Sample 6Bone Router Configuration


Ipv6 standards status

IPv6 Standards Status

  • IPv6 documents are at various points in the standards process, core documents are done

  • Document review for completeness, followed by issues or additional work.

  • To know more about IPv6 specifications

    • www.ietf.org/html.charters/ipngwg-charter.html

  • Main covered areas are :

    • Architecture, Addressing, Routing, Security, Transition, DNS, Management, Discovery & Auto-Configuration, Mobility, Multicast, Applications API, ...


Ipv6 current status standardisation

IPv6 Current Status - Standardisation

  • Several key components now on Standards Track:

  • Specification (RFC2460)Neighbour Discovery (RFC2461)

  • ICMPv6 (RFC2463)IPv6 Addresses (RFC2373/4/5)

  • RIP (RFC2080)BGP (RFC2545)

  • IGMPv6 (RFC2710)OSPF (RFC2740)

  • Router Alert (RFC2711)Jumbograms (RFC2675)

  • Autoconfiguration (RFC2462)

  • IPv6 over:PPP (RFC2023)Ethernet (RFC2464)

  • FDDI (RFC2467)Token Ring (RFC2470)

  • NBMA(RFC2491)ATM (RFC2492)

  • Frame Relay (RFC2590)ARCnet (RFC2549)


Ipv6 current status work in progress to standardisation

IPv6 Current Status - Work in Progress to Standardisation

  • Issues remaining open

  • MultihomingOngoing work at the moment

  • eg: draft-ietf-ipngwg-ipv6-2260-00.txt

  • draft-ietf-ipngwg-ipv6multihome-with-aggr-01.txt

  • ISISdraft-ietf-isis-ipv6-01.txt

  • DHCPv6draft-ietf-dhc-dhcpv6-15.txt


Agenda2

Agenda

  • IPv6 Routing and Addressing

  • IPv6 Standards Status

  • IPv6 Transition Strategy

  • Connect to 6Bone

  • Cisco IOS Deployment Roadmap

  • Cisco IOS Commands

  • Sample 6Bone Router Configuration


Ngtrans working group

NGTrans Working Group

  • Define the processes by which networks can be transitioned from IPv4 to IPv6

  • Define & specify the mandatory and optional mechanism that vendors are to implement in Hosts, Routers and other components of the Internet in order for the Transition.

  • Http://www.ietf.org/html.charters/ngtrans-charter.html


Ipv4 ipv6 transition approach

IPv4-IPv6 Transition Approach

  • Hosts—dual stack

  • Networks—tunneling

  • Network boundaries IPv4 IPv6 NAT

  • Expect combinations of each to be used…

APPLICATION

TCP/UDP

IPv4 IPv6

DRIVER

More Pragmatic than Building New IPv6 Topology


Dual stack approach

APPLICATION

TCP/UDP

IPv4 IPv6

DRIVER

Dual-Stack Approach

  • When adding IPv6 to a system, do not delete IPv4

    • this multi-protocol approach is familiar and well-understood (e.g., for AppleTalk, IPX, etc.)

    • note: in most cases, IPv6 will be bundled with new OS releases, not an extra-cost add-on

  • Applications (or libraries) choose IP version to use

    • when initiating, based on DNS response:

    • if (dest has AAAA or A6 record) use IPv6, else use IPv4

    • when responding, based on version of initiating packet

  • This allows indefinite co-existence of IPv4 and IPv6, and gradual, app-by-app upgrades to IPv6 usage


Tunnels to get through ipv6 ignorant routers switches

Tunnels to Get ThroughIPv6-Ignorant Routers / Switches

  • Encapsulate IPv6 packets inside IPv4 packets(or MPLS frames)

  • any methods exist for establishing tunnels:

    • configured tunnels - manual

    • automatic tunnels - IPv4 compatible addresses ::<ipv4>

    • “tunnel brokers” (using web-based service to create a tunnel)

    • “6-over-4” (intra-domain, using IPv4 multicast as virtual LAN)

    • “6-to-4” (inter-domain, using IPv4 addr as IPv6 site prefix)

  • Can view this as:

    • IPv6 using IPv4 as a virtual link-layer, or

    • an IPv6 VPN (virtual public network), over the IPv4 Internet(becoming “less virtual” over time, we hope)


Ipv6 tunnelling

IPv6 Tunnelling

  • Configured tunnels—manual point-2-point links

  • Automatic tunnels—via 6to4 mechanism 2002::/16 prefix

  • Cisco instrumental in building existing tunneled IPv6 networks

IPv6 Network

IPv6 Tunnel

Transport Layer Header

IPv6 Header

Data

IPv6 Tunnel

Service Provider

IPv4 Backbone

Transport Layer Header

IPv4 Header

IPv6 Header

Data

IPv6 Tunnel

IPv6 Network

Mobile Data Network


Translation

Translation

  • May prefer to use IPv6-IPv4 protocol translation for:

    • New kinds of IPv6 devices (e.g., cell phones, cars, appliances) accessing IPv4 servers resources over the Internet

    • Smoothly deploying IPv6 on a campus network, providing v4-v6 communications

  • This is a simple extension to NAT techniques, to translate header format as well as addresses

    • IPv6 nodes behind a translator get full IPv6 functionality when talking to other IPv6 nodes located anywhere

    • Methods used to improve NAT functionality (e.g., ALGs, RSIP) can be used equally to improve IPv6-IPv4 functionality


Ipv4 ipv6 translation nat pt

IPv4-IPv6 Translation: NAT-PT

NAT-PT

IPv4 Network

IPv4/v6 Network

v4-only host, router

v4 + v6 host, router

v4-only link

v4 + v6 link

v6-only tunnel


Deployment of ipv6 services starting from the edge

Deployment of IPv6 Services: Starting from the Edge

  • Incremental upgrade/deployment

  • Sufficient to present an IPv6 interface to subscribers

  • Minimize performance impact

  • Investment protection and low startup costs

  • No flag day


Starting at the edge

Starting at the Edge…

Edge IPv6 Infrastructure:

IPv6 over MPLS:

IPv6 over IPv4 Internet:

IPv6 Enterprise

Translating Gateway

IPv4 Enterprise

IPv6 Enterprise

Mobile Data

CE

Router

PE Router

Service ProviderIPv4 Backbone

Service ProviderMPLS Backbone

IPv4 Enterprise

MPLS LSPs

CE

Router

IPv6 Enterprise

IPv6 Enterprise

Mobile Data

Translating Gateway

Translating Gateway

IPv6 Enterprise

Leveraging Defined Tunneling Technology

i.e. IPv6 Becomes the “Multiprotocol” Portion of MPLS…


Native ipv6 only backbone

Native IPv6-Only Backbone?

IPv6 Intranet

IPv4 Intranet

  • Will require:

    • IPv4 over IPv6 Tunnels for IPv4 traffic

    • NAT-PT for IPv4-IPv6 communications

    • Network Managementover IPv6

    • Hardware forwarding for IPv6

Translating Gateway

IPv4 Tunnel

IPv6 Backbone

Translating Gateway

IPv6 Intranet

IPv4/v6 Intranet

Mobile IPv6


Agenda3

Agenda

  • IPv6 Routing and Addressing

  • IPv6 Standards Status

  • IPv6 Transition Strategy

  • Connect to 6Bone

  • Cisco IOS Deployment Roadmap

  • Cisco IOS Commands

  • Sample 6Bone Router Configuration


6bone

6BONE

  • The 6bone is an IPv6 testbed set-up to assist in the evolution and deployment of IPv6 in the Internet

    • The 6bone is a virtual network layered on top of portions of the physical IPv4-based Internet to support routing of IPv6 packets, as that function has not yet been integrated into many production routers; the network is composed of islands that can directly support IPv6 packets, linked by virtual point-to-point links called “tunnels”; The tunnel endpoints are typically workstation-class machines having operating system support for Ipv6

  • 60 countries are currently involved

  • Registry, maps and other information may be found on http://6bone.net/


Ipv6 addresses 6bone

FP

NLA ID

SLA ID

Interface ID

TLA ID

pTLA ID

3 bits

24 bits

16 bits

64 bits

13 bits

8 bits

IPv6 Addresses - 6bone

  • Test address space defined in RFC2471 - 3FFE::/16

  • Definitions:

    • FP - Format Prefix 001

    • TLA - special TLA 0x1FFE

    • pTLA - pseudo Top Level Aggregator  Transit ISP

    • - expanded from 8 to 12 bits

  • Guidelines for routing on 6bone - RFC2772


6bone ptla allocations

24 Bit pTLA Assignments:

ROOT66/US-CA 3FFE:0000::/24

TELEBIT/DK 3FFE:0100::/24

SICS/SE 3FFE:0200::/24

G6/FR 3FFE:0300::/24

JOIN/DE 3FFE:0400::/24

WIDE/JP 3FFE:0500::/24

SURFNET/NL 3FFE:0600::/24

ESNET/US 3FFE:0700::/24

ISI-LAP/US-CA 3FFE:0800::/24

CICNET/US-IL 3FFE:0900::/24

VERIO/US 3FFE:0A00::/24

VIAGENIE/CA 3FFE:0B00::/24

CISCO/US-CA 3FFE:0C00::/24

ANSNET/US-DC 3FFE:0D00::/24

IFB/GB 3FFE:0E00::/24

NRL/US-DC 3FFE:0F00::/24

CSELT/IT 3FFE:1000::/24

UUNET-UK/GB 3FFE:1100::/24

DIGITAL-CA/US 3FFE:1200::/24

BAY/US-MA 3FFE:1300::/24

UNI-C/DK 3FFE:1400::/24

UO/US-OR 3FFE:1500::/24

NUS-IRDU/SG 3FFE:1600::/24

MREN/US-IL 3FFE:1700::/24

NTT-ECL/JP 3FFE:1800::/24

6COM/US-CA 3FFE:1900::/24

CAIRN/US 3FFE:1A00::/24

UL/PT 3FFE:1B00::/24

MERIT/US-MI 3FFE:1C00::/24

ATT-LABS-EUROPE/CH 3FFE:1D00::/24

SWISS-TELECOM/CH 3FFE:1E00::/24

NETCOM-UK/GB 3FFE:1F00::/24

SWITCH/CH 3FFE:2000::/24

JANET/GB 3FFE:2100::/24

STUBA/SK 3FFE:2200::/24

INFN-CNAF/IT 3FFE:2300::/24

INR/RU 3FFE:2400::/24

NLNET/NL 3FFE:2500::/24

SMS/FI 3FFE:2600::/24

ERA/SE 3FFE:2700::/24

VBNS/US 3FFE:2800::/24

SPRINT/US 3FFE:2900::/24

UIO/NO 3FFE:2A00::/24

RNP/BR 3FFE:2B00::/24

BT-LABS/UK 3FFE:2C00::/24

GRNET/GR 3FFE:2D00::/24

ETRI/KR 3FFE:2E00::/24

BME-FSZ/HU 3FFE:2F00::/24

AMS-IX/NL 3FFE:3000::/24

RCCN/PT 3FFE:3100::/24

CERNET/CN 3FFE:3200::/24

REDIRIS/ES 3FFE:3300::/24

IPF/DE 3FFE:3400::/24

REGIO-DE/DE 3FFE:3500::/24

CHTTL-TW/TW 3FFE:3600::/24

ABILENE/US 3FFE:3700::/24

FIBERTEL/AR 3FFE:3800::/24

6TAP/US 3FFE:3900::/24

6Bone pTLA Allocations

This output current as of 26-Sep-2000


6bone ptla allocations1

28 Bit pTLA Assignments:

TRUMPET/AU 3FFE:8000::/28

ICM-PL/PL 3FFE:8010::/28

IIJ/JP 3FFE:8020::/28

QTPVSIX/EU 3FFE:8030::/28

APAN-KR 3FFE:8040::/28

MIBH 3FFE:8050::/28

ATNET-AT 3FFE:8060::/28

UNAM 3FFE:8070::/28

DTI 3FFE:8080::/28

UUNET-US 3FFE:8090::/28

BERKOM 3FFE:80A0::/28

BELNET-BE 3FFE:80B0::/28

STEALTH 3FFE:80C0::/28

6Bone pTLA Allocations

This output current as of 26-Sep-2000


Agenda4

Agenda

  • IPv6 Routing and Addressing

  • IPv6 Standards Status

  • IPv6 Transition Strategy

  • Connect to 6Bone

  • Cisco IOS Deployment Roadmap

  • Cisco IOS Commands

  • Sample 6Bone Router Configuration


Cisco ios roadmap the confluence of ipv4 ipv6

Cisco IOS Roadmap:The Confluence of IPv4/IPv6

IOS Release

IPv6 Features Supported

Phase I

IOS 12.2(1)T

Late 2000

Multiprotocol BGP, RIPv6, ICMPv6, ND,

Tunnel Support, 6to4, Ping, Traceroute,

Telnet, FTP, Access Lists, Etc.

Phase II

Mid-2001

CEFv6, IPv6 over MPLS, NAT-Protocol Translation IPv6 IPv4, Additional Routing Protocols (e.g. Integrated IS-IS), Etc.

Phase III

Beyond Mid-2001

Hardware Acceleration, OSPFv6, Mobility,

Multicast, Voice-over-IPv6, Security, Etc…


Cisco ios ipv6 phase i

Cisco IOS IPv6 Phase I

  • Images are available for Cisco Routers supporting 12.2(1)T

  • Dual Stack approach : IPv4 and IPv6

    • Telnet, TFTP, DNS, Ping, Traceroute

  • Available IPv6 routing protocols

    • Static Routes, Static and Automatic Tunnel

    • RIPng for IPv6, BGP4+ Multiprotocol Extensions

  • Traffic filtering based on IPv6 Access list

  • 6to4 Tunnels


Cisco ios ipv6 phase i1

Cisco IOS IPv6 Phase I

  • Neighbour Discovery and ICMPv6 fully integrated

  • EUI-64 Addresses support

  • show ipv6 and debug ipv6 commands

    • IPv6 CLI changes with 12.0 port

  • IPv6 over multiple Data Link Layers

    • Ethernet, FDDI, Cisco HDLC, PPP, ATM and Frame Relay PVC


Ipv6 @ cisco systems

IPv6 @ Cisco Systems

  • Co-Chair of IETF IPng WG

  • Cisco IPv6 Web Page

    • Cisco IPv6 Statement of Direction

  • Cisco IOS EFT IPv6 available for test purposes on CCO

    • http://www.cisco.com/ipv6

    • based on 12.0(5)T, support: <[email protected]>

  • Cisco is connected to 6BONE

  • Cisco is “Founding Member” of IPv6 Forum

  • FCS Cisco IOS implementation on IOS 12.2(1)T

    • the Confluence of IPv4/v6


Agenda5

Agenda

  • IPv6 Routing and Addressing

  • IPv6 Standards Status

  • IPv6 Transition Strategy

  • Connect to 6Bone

  • Cisco IOS Deployment Roadmap

  • Cisco IOS Commands

  • Sample 6Bone Router Configuration


Global commands

Global Commands

Enable IPv6 unicast routing

[no] ipv6 unicast-routing

IPv6 Host

[no] ipv6 host <name> [<port>] <ipv6addr> [<ipv6addr> ...]

Static IPv6 prefix route

[no] ipv6 route <prefix> {<next-hop> | <interface>} [<distance>]

Route-maps

match ipv6 address <access-list-name>

match ipv6 next-hop <access-list-name>

match ipv6 route-source <access-list-name>


Global commands1

Global Commands

IPv6 Access-lists

ipv6 access-list <name> permit [<prefix> [*]| any] {<prefix> [*]| any}

ipv6 access-list <name> deny [<prefix> [*]| any] {<prefix> [*]| any}

no ipv6 access-list <name>

IPv6 Prefix-lists

[no] ipv6 prefix-list sequence-number

[no] ipv6 prefix-list <name> description <text>

[no] ipv6 prefix-list <name> [seq <seq-value>] permit|deny <ipv6prefix> {[ge <min-value>] [le <max-value>]}

no ipv6 prefix-list <name>


Interface commands

Interface Commands

IPv6 Enable

[no] ipv6 enable

IPv6 Address

[no] ipv6 address <ipv6addr>[/<prefix-length>] [link-local]

[no] ipv6 address <ipv6prefix>/<prefix-length> eui-64

[no] ipv6 unnumbered <interface>

IPv6 Tunnel

[no] tunnel mode ipv6ip

[no] tunnel mode ipv6ip auto-tunnel

[no] tunnel mode ipv6ip 6to4


Ripv6 commands

RIPv6 Commands

Global Commands

[no] ipv6 router rip <process-name>

Interface Subcommands

[no] ipv6 rip <tag> enable

[no] ipv6 rip <tag> default-information originate

[no] ipv6 rip <tag> summary-address <prefix>/<length>

Exec Commands

show ipv6 rip


Bgp commands

BGP+ Commands

Global Commands

[no] router bgp <AS>

Address-family Commands

[no]address-family ipv6 [unicast]

[no] neighbor {ip-address | peer-group-name | ipv6-address} activate

[no] neighbor {peer-group-name | ipv6-address} override-capability-neg

exit-address-family

Exec Commands

show bgp ipv6

show bgp ipv6 neighbors

show bgp summary

clear bgp ipv6 { * | AS number | IPv6 neighbor | dampening | external | flap-statistics | peer-group }


Show commands

Show Commands

Show Commands

show ipv6 route [connected | local | static] | [<prefix> | addr-or-name>] [table <num>]

show ipv6 route summary

show ipv6 routers

show ipv6 tunnel

show ipv6 access-list

show ipv6 neighbors [<ipv6addr-or-name> | <interface>]

show ipv6 interface [<interface>]

show ipv6 prefix-list [summary|detail] [<name>]


Exec and clear commands

Exec and Clear Commands

Exec Commands

traceroute ipv6 <destination>

ping ipv6 <destination>

telnet

DNS

Clear Commands

clear ipv6 prefix-list [<name>] [<ipv6prefix>]

clear ipv6 route <ipv6addr-or-name> | * [table <num>]

clear ipv6 traffic

clear ipv6 neighbors


Debug commands

Debug Commands

Debug Commands

[un]debug ipv6 packet

[un]debug ipv6 icmp

[un]debug ipv6 nd

[un]debug ipv6 routing

[un]debug ipv6 rip

[un]debug ipv6 rip <interface>

[un]debug bgp ipv6 {dampening [neighbor-acl] | updates [neighbor-address | neighbor-acl | in | out]}


Agenda6

Agenda

  • IPv6 Routing and Addressing

  • IPv6 Standards Status

  • IPv6 Transition Strategy

  • Connect to 6Bone

  • Cisco IOS Deployment Roadmap

  • Cisco IOS Commands

  • Sample 6Bone Router Configuration


Initial configuration

Initial Configuration

version 12.1

no service single-slot-reload-enable

service nagle

!

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

!

hostname ipv6-router

!

logging buffered 4096 debugging

logging rate-limit console 10 except errors

!


Initial configuration1

Initial Configuration

aaa new-model

aaa authentication login vty group tacacs+ enable

enable secret <removed>

!

clock timezone PST -8

clock summer-time PDT recurring last Sun Mar 1:00 last Sun

ip subnet-zero

no ip finger

ip ftp source-interface Fddi0

ip ftp username <removed>

ip ftp password <removed>

ip domain-name cisco.com

ip name-server <ipv4>

ip dhcp smart-relay

!

no ip bootp server

ip multicast-routing

!


Ipv6 configured tunnels

IPv6 Configured Tunnels

ipv6 unicast-routing

!

interface Tunnel0

description <removed>

no ip address

ipv6 unnumbered Ethernet0

ipv6 rip 6bone enable

destination IP address

tunnel source Fddi0

tunnel destination <ipv4>

tunnel mode ipv6ip

!

interface Tunnel1

description <removed>

no ip address

ipv6 address 3FFE:700:20:1::12/126

tunnel source Fddi0

tunnel destination <ipv4>

tunnel mode ipv6ip


Ipv6 configured tunnels1

IPv6 Configured Tunnels

interface Tunnel2

description <removed>

no ip address

ipv6 address 3FFE:C00:E:10::1/126

tunnel source Fddi0

tunnel destination <ipv4>

tunnel mode ipv6ip

!

interface Tunnel3

description <removed>

no ip address

ipv6 address 3FFE:C00:E:0:1::5/126

tunnel source Fddi0

tunnel destination <ipv4>

tunnel mode ipv6ip!


6 to4 tunnel

6to4 Tunnel

interface Tunnel47

description <removed>

no ip address

ipv6 address 3FFE:3600::B/127

tunnel source Fddi0

tunnel destination <ipv4>

tunnel mode ipv6ip

!

! Skipped about 50 configured tunnels

! Next one is 6to4 tunnel

!

interface Tunnel2002

no ip address

no ip redirects

ipv6 address 2002:X:X::1/128

ipv6 address FE80::60:3E11:6770:3E link-local

tunnel source Fddi0

tunnel mode ipv6ip 6to4

!


Interface configuration

Interface Configuration

interface Ethernet0

ip address <ipv4> 255.255.255.248

no ip route-cache

no ip mroute-cache

no keepalive

media-type 10BaseT

ipv6 enable

ipv6 address 3FFE:C00:0:1::/64 eui-64

ipv6 rip 6bone enable

!

interface Ethernet1

ip address <ipv4> 255.255.255.248

no ip route-cache

no ip mroute-cache

media-type 10BaseT

!

interface Fddi0

ip address <ipv4> 255.255.255.224

no ip route-cache

no ip mroute-cache

no keepalive

ipv6 address 3FFE:C00:0:2::/64 eui-64


Eigrp for ipv4 and bgp for ipv6

EIGRP for IPv4 and BGP+ for IPv6

router eigrp 109

network <ipv4>

auto-summary

no eigrp log-neighbor-changes

!

router bgp 109

!

! Disable ipv4 unicast to support other address families

!

no bgp default ipv4-unicast

bgp log-neighbor-changes

neighbor 6BONE peer-group

neighbor 3FFE:700:20:1::11 remote-as 293

neighbor 3FFE:C00:E:10::2 remote-as 7610

!


Ipv6 address family

IPv6 Address Family

address-family ipv6

neighbor 6BONE activate

neighbor 6BONE send-community

neighbor 6BONE override-capability-neg

neighbor 6BONE prefix-list bgp-in in

neighbor 6BONE prefix-list aggregate out

neighbor 6BONE route-map SET6TO4COMMUNITY out

!

! Most neighbors should use peer-group

!

neighbor 3FFE:700:20:1::11 peer-group 6BONE

neighbor 3FFE:C00:E:10::2 peer-group 6BONE

!


End of bgp4

End of BGP4+

! Neighbors not using peer-group

!

neighbor 3FFE:3600::A activate

neighbor 3FFE:3600::A send-community

neighbor 3FFE:3600::A override-capability-neg

neighbor 3FFE:3600::A prefix-list bgp-in in

neighbor 3FFE:3600::A prefix-list aggregate out

neighbor 3FFE:3600::A route-map SET6TO4COMMUNITY out

!

bgp dampening 30 1000 2000 60

!

! This is the 6to4 address space.

network 2002::/16

!

! This is Cisco's pTLA for the 6bone

network 3FFE:C00::/24

!

exit-address-family


Ipv4 access lists

IPv4 Access Lists

ip classless

ip tacacs source-interface Fddi0

no ip http server!

logging trap debugging

logging facility local6

logging <removed>

!

! IPv4 VTY access-list

!

access-list 198 permit ip <removed> any

access-list 198 deny ip any any log

!


Ipv6 static routes

IPv6 Static Routes

! 2002::/16 points to the 6to4 tunnel

!

ipv6 route 2002::/16 Tunnel2002

!

! static route for Cisco's Site-Local-Address

!

ipv6 route 3FFE:C00:E::/48 Null0

!

! static route for a site with no routing protocol

!

ipv6 route 3FFE:C00:800E::/48 Tunnel3

!

! static route for our /24 pTLA from the 6bone

!

ipv6 route 3FFE:C00::/24 Null0

!


Ipv6 access lists and ripv6

IPv6 Access-lists and RIPv6

! IPv6 access-list to protect the vty ports

ipv6 access-list vty deny ::/0 any

!

ipv6 router rip 6bone

!

ipv6 prefix-list 6to4 seq 5 permit 2002::/16

!

ipv6 prefix-list aggregate seq 5 deny 3FFE:C00::/24 ge 25

ipv6 prefix-list aggregate seq 10 permit ::/0 le 48

!

ipv6 prefix-list bgp-in seq 5 deny 5F00::/8 le 128

ipv6 prefix-list bgp-in seq 10 deny ::/0

ipv6 prefix-list bgp-in seq 15 deny ::/1

ipv6 prefix-list bgp-in seq 20 deny ::/2

ipv6 prefix-list bgp-in seq 25 deny ::/3 ge 4

ipv6 prefix-list bgp-in seq 30 permit ::/0 le 128

!

! 6to4 address space is tagged with no-export

route-map SET6TO4COMMUNITY permit 10

match ipv6 address prefix-list 6to4

set community no-export

!

route-map SET6TO4COMMUNITY permit 20

!


Ending configuration

Ending Configuration

tacacs-server host <removed>

tacacs-server host <removed>

tacacs-server timeout 15

banner motd <removed>

!

line con 0

exec-timeout 3 0

transport input none

line aux 0

transport input all

line vty 0 4

ipv6 access-list vty in

access-class 198 in

exec-timeout 0 0

login authentication vty

!

exception core-file <removed>

exception protocol ftp

exception dump <removed>

ntp clock-period 17179631

ntp source Fddi0

ntp update-calendar

ntp server <removed>

end


Further information

Further Information

  • IETF IPv6 specifications

    • www.ietf.org/html.charters/ipngwg-charter.html

  • IETF NGTrans WG

    • Http://www.ietf.org/html.charters/ngtrans-charter.html

  • IPv6 World Wide Testbed: www.6bone.net

  • IPv6 specifications and implementationshttp://playground.sun.com/pub/ipng/html/ipng implementations.2.html

  • IPv6 Promotion: www.ipv6forum.com

  • IPv6 Research and Education Networks: www.6ren.net


Ipv6 router design and configuration

www.cisco.com

Presentation_ID

67

© 1999, Cisco Systems, Inc.


  • Login