ipv6 @ cisco systems n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
IPv6 @ Cisco Systems PowerPoint Presentation
Download Presentation
IPv6 @ Cisco Systems

Loading in 2 Seconds...

play fullscreen
1 / 47

IPv6 @ Cisco Systems - PowerPoint PPT Presentation


  • 191 Views
  • Uploaded on

IPv6 @ Cisco Systems. Alan Lee Cisco Systems. A need for IPv6?. IETF IPv6 WG began in early 90s, to solve addressing growth issues, but CIDR, NAT,… were developed IPv4 32 bits address = 4 billion hosts ~40% of the IPv4 address space is still unallocated BUT … IP is everywhere

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'IPv6 @ Cisco Systems' - sauda


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
ipv6 @ cisco systems

IPv6 @ Cisco Systems

Alan Lee

Cisco Systems

a need for ipv6
A need for IPv6?
  • IETF IPv6 WG began in early 90s, to solve addressing growth issues, but
    • CIDR, NAT,… were developed
  • IPv4 32 bits address = 4 billion hosts
    • ~40% of the IPv4 address space is still unallocated
    • BUT …
  • IP is everywhere
    • Data, Voice, Audio and Video integration is a Reality
    • Regional Registries apply a strict allocation control
    • Addressing scheme is not optimum as for any
  • So, let’s play with Numbers and focus on Applications
why a larger address space is needed
Why a larger address space is needed
  • Overall Internet is still growing at 400%/year worldwide
    • ~320 million users in 2000, ~550 million by 2005
  • Emerging population/geopolitical & Address space
    • Standford University has more address space than overall China
    • How to move to e-Economy without Global Internet access ??
  • 400 million mobile phone users in 2000, over 1 billion by 2005
    • UMTS Release 5 is Internet Mobility, 1/3 of 1B should get connected
  • ~1 Billion cars in 2010, 15% should get GPS and Yellow Page services
  • Billion of new Internet appliances for Home users
    • Always-On
coming back to an end to end architecture
Coming Back to an End-to-End Architecture

New Technologies/Applications for Home Users

‘Always-on’—Cable, DSL, Ethernet@home, Wireless,…

Always-on Devices Need an Address When You Call Them

Global

Addressing

Realm

ipv6 markets
IPv6 Markets
  • Academic : now
    • Internet-II (Abilene, vBNS+), Canarie*3, Renater-II, Surfnet, DFN, CERNET,… 6REN/6TAP
  • Geographies & Politics: Now
    • Prime Minister of Japan called for IPv6 (taxes reduction)
    • EEC summit PR advertised IPv6 as the way to go for Europe
    • President Clinton signed an Executive Memorandum on 3G
  • Wireless (PDA, Mobile, Car,...): now-to-2003
    • Multiple phases before deployment
    • RFP -> Integration -> trial -> commercial
    • Requires ‘client devices’, eg. IPv6 handset ?
ipv6 markets1
IPv6 Markets
  • Home Networking: CY2002?
    • Set-top box/Cable/xDSL/Ether@Home
    • Residential Voice over IP gateway
  • Gaming (10B$ market): 2001-2002?
    • Sony, Sega, Nintendo, Microsoft
  • Consumer PC: H2 CY 2001-2003
  • Enterprise: H2 CY 2001-2003
    • Requires Microsoft IPv6 support, as well as other O.S. & Applications
  • Service Providers: Now
    • Regional ISP, Carriers, Mobile ISP, and Greenfield ISP’s
integration of ipv6 services
Integration of IPv6 Services

Large Address Space

The Ubiquitous

Internet

Auto-Configuration

Enhanced Mobility

ipv6 addresses bootstrap phase
IPv6 AddressesBootstrap phase
  • Where to get address space?
    • Real IPv6 address space now allocated by APNIC, ARIN and RIPE NCC
    • APNIC 2001:0200::
    • ARIN 2001:0400::
    • RIPE NCC 2001:0600::
    • 6Bone 3FFE::
    • Have a look at http://wwwin.cisco.com/ios/ipv6 for more information
ipv6 address space current allocations
APNIC (whois.apnic.net)

CONNECT-AU-19990916 2001:210::/35

WIDE-JP-19990813 2001:200::/35

NUS-SG-19990827 2001:208::/35

KIX-KR-19991006 2001:220::/35

ETRI-KRNIC-KR-19991124 2001:230::/35

NTT-JP-19990922 2001:218::/35

HINET-TW-20000208 2001:238::/35

IIJ-JPNIC-JP-20000308 2001:240::/35

CERNET-CN-20000426 2001:250::/35

INFOWEB-JPNIC-JP-2000502 2001:258::/35

JENS-JP-19991027 2001:228::/35

BIGLOBE-JPNIC-JP-20000719 2001:260::/35

6DION-JPNIC-JP-20000829 2001:268::/35

DACOM-BORANET-20000908 2001:270::/35

ODN-JPNIC-JP-20000915 2001:278::/35

KOLNET-KRNIC-KR-20000927 2001:280::/35

HANANET-KRNIC-KR-20001030 2001:290::/35

TANET-TWNIC-TW-20001006 2001:288::/35

SONYTELECOM-JPNIC-JP-20001207 2001:298::/35

TTNET-JPNIC-JP-20001208 2001:2A0::/35

CCCN-JPNIC-JP-20001228 2001:02A8::/35

IMNET-JPNIC-JP-20000314 2001:0248::/35

KORNET-KRNIC-KR-20010102 2001:02B0::/35

ARIN (whois.arin.net)

ESNET-V6 2001:0400::/35

ARIN-001 2001:0400::/23

VBNS-IPV6 2001:0408::/35

CANET3-IPV6 2001:0410::/35

VRIO-IPV6-0 2001:0418::/35

CISCO-IPV6-1 2001:0420::/35

QWEST-IPV6-1 2001:0428::/35

DEFENSENET 2001:0430::/35

ABOVENET-IPV6 2001:0438::/35

SPRINT-V6 2001:0440::/35

UNAM-IPV6 2001:0448::/35

GBLX-V6 2001:0450::/35

IPv6 Address SpaceCurrent Allocations

January 5th, 2001

ipv6 address space current allocations1
RIPE (whois.ripe.net)

UK-BT-19990903 2001:0618::/35

CH-SWITCH-19990903 2001:0620::/35

AT-ACONET-19990920 2001:0628::/35

UK-JANET-19991019 2001:0630::/35

DE-DFN-19991102 2001:0638::/35

NL-SURFNET-19990819 2001:0610::/35

RU-FREENET-19991115 2001:0640::/35

GR-GRNET-19991208 2001:0648::/35

EU-UUNET-19990810 2001:0600::/35

DE-TRMD-20000317 2001:0658::/35

FR-RENATER-20000321 2001:0660::/35

EU-EUNET-20000403 2001:0670::/35

DE-IPF-20000426 2001:0678::/35

DE-NACAMAR-20000403 2001:0668::/35

DE-XLINK-20000510 2001:0680::/35

DE-ECRC-19991223 2001:0650::/35

FR-TELECOM-20000623 2001:0688::/35

PT-RCCN-20000623 2001:0690::/35

SE-SWIPNET-20000828 2001:0698::/35

PL-ICM-20000905 2001:06A0::/35

DE-SPACE-19990812 2001:0608::/35

BE-BELNET-20001101 2001:06A8::/35

SE-SUNET-20001218 2001:06B0::/35

IT-CSELT-20001221 2001:06B8::/35

SE-TELIANET-20010102 2001:06C0::/35

IPv6 Address SpaceCurrent Allocations
ipv6 @cisco systems
IPv6 @Cisco Systems
  • Co-chair of IETF IPv6 WG
  • Well Known Cisco 6Bone router
    • ~ 50 tunnels with other companies acts as 6to4 Relay
  • ‘Founding Member’ of the IPv6 Forum
  • Official CCO IPv6 page is www.cisco.com/ipv6
    • Cisco IPv6 Statement of Direction published last June
    • Cisco IOS IPv6 EFT available for free since 3 years
    • ~around 500 sites running Worldwide
ipv6 forum
IPv6 Forum
  • 98 companies
    • Cisco is a founding member
    • Regularly speaking at every summit
  • www.ipv6forum.com
  • Mission is to promote IPv6 not to specify it (IETF)
  • Global and Regional summit
    • U.S.,Japan, Spain, Middle-East, Canada, Korea,...
ipv6 @cisco systems1
IPv6 @Cisco Systems
  • Official Cisco IPv6 prefix registered to ARIN
    • Done by MIS to study Multi-Homing
    • 2001:0420::/35
  • Cisco IOS IPv6 Training is ready to be delivered
    • Spread IPv6 knowledge to Customers, Partners and Cisco S.E.
  • Ready to deliver a commercial release of Cisco IOS IPv6
cisco ios roadmap the confluence of ipv4 ipv6

IOS

upgrade

=

Free IPv6

support

Cisco IOS Roadmap:The Confluence of IPv4/IPv6

IOS Release

Market Target

Phase I

IOS 12.2(1)T

Q1 CY 2001

Early Adopter Deployment

Phase II

Mid-2001

Production Backbone Deployment

Phase III

Beyond Mid-2001

Enhanced IPv6 Services

where is the ipv6 roadmap coming from
Where is the IPv6 roadmap coming from?

Listening our Customers

Support the features set

required by other standard

bodies, eg. 3GPP/UMTS, MWIF

Develop Cisco IPv6 Added

Value features to promote

our Solutions

Provide same func. between

IPv4 and IPv6 Features

but it is time to forget some

old IPv4 features

Add support for new IPv6

developments coming from

IETF WG when it makes sense

cisco ios ipv6 team
IOS Europe

Main IPv6 components for IOS

IPv6 D.E. Manager is Trevor Warwick

CEFv6 done in CEF team

Ottawa

Port on 12.0ST for GSR support

CEFv6 coordination

Dev. Test help

San Jose

NAT-PT, Routing (OSPF & E-IGRP), Multicast, TMBU,...

Cisco IOS IPv6 Team
cisco ios ipv6 phase i

IOS

upgrade

=

Free IPv6

support

Cisco IOS IPv6 Phase I

IOS Release

IPv6 Features Supported

IPv6 Basic specification (RFC 2460)

ICMPv6, Neighbor Discovery

Stateless auto-configuration

RIPv6 (RFC 2080)

Multi-Protocol extensions for BGP4

(RFC 2545 & 2858)

Configured and Automatic Tunnels

6to4 Tunnel

Standard Access List

IPv6 over Ethernet (10/100/1000Mb/s),

FDDI, Cisco HDLC, ATM and FR PVC,

PPP (Serial, POS, ISDN)

Ping, Traceroute, Telnet, TFTP,

Phase I

Func. Specs

ENG-61696

IOS 12.2(1)T

Q1 CY 2001

Any router able to run this release

Cisco 800 to

Cisco 7500

cisco ios ipv6 phase ii
Cisco IOS IPv6 Phase II

IOS Release

IPv6 Features under development

Phase II PRD

ENG-70706

Available on IOS 12.2(3)T or (4)T

Target EFT dates in ()

Under evaluation:

12.0ST for GSR

and 12.2S?

i/IS-ISv6 (Q1 CY01)

CEFv6/dCEFv6 (Q3 CY01)

Dial (Q2 CY01)

Extended Access List (Q3 CY01)

NAT-PT (Q2 CY01)

IPv6 Edge router (6PE) over MPLS

(Q3 CY01)

DNS AAAA client (Q1 CY01)

IPv6 MIB

Phase I Sustaining

cisco ios ipv6 phase iii
Cisco IOS IPv6 Phase III

IOS Release

Evaluation of IPv6 Phase III Features

Phase III

no PRD yet

Target EFT: End of CY01, H1 CY02

All IOS team should think ‘IPv6’ at this time

OSPFv3: DE doing an evaluation

E-IGRP: DE doing an evaluation

Mobile IPv6: Home Agent prototype

currently under development

IPsec: mandated by IPv6 specs,

Authentication required by OSPFv3

and Mobile IP Binding Association

IPv6 Multicast: MLD and PIMv6 SM as

first candidates

cisco ios ipv6 phase iii1
Cisco IOS IPv6 Phase III

IOS Release

Evaluation of IPv6 Phase III Features

IPv6 QoS: Not different from IPv4

(Diff. Serv. & RSVP). May be time to

get rid from old IOS IPv4 features?

UMTS Rel. 5 requirements should get

high priority.

Statistics (ala Netflow): Customers want to gather IPv6 statistics such as IPv6 Src/Dst addresses, AS number & Bytes count

Tunnels

Phase III

no PRD yet

Target EFT: End of CY01, H1 CY02

All IOS team should think ‘IPv6’ at this time

cisco ios ipv6 phase iii2
Cisco IOS IPv6 Phase III

IOS Release

Evaluation of IPv6 Phase III Features

Phase III

no PRD yet

Target EFT: End of CY01, H1 CY02

All IOS team should think ‘IPv6’ at this time

Hardware Acceleration: See other

presentations. Project in-progress

on HFR, GSR, Cat.6K, DSBU L3SW.

Need IPv6 on ESR, 7200/NSE

Encapsulation: review needed for

DPT, Cable and DSL,

Network Management: SNMP over IPv6, MIB update (RFC 2851)

open topics
Open Topics!!!
  • They are Technical and non-technical problems but have to be solved for the future acceptance of our IPv6 solutions
  • IPv6 market acceptance versus development schedule
  • IOS release and IPv6
    • T Train - ST Train - S Train - mainline
  • What could be the future IPv6 routing table size?
  • What is the IPv6 performance level needed, based on REAL IPv6 traffic expectations versus marketing competition?
    • Next 12 months?, 24 months?
open topics1
Open Topics!!!
  • IPv6 mandates IPsec, what is the role of an IPv6 Firewall?
    • Customers still want a single point of control/management
    • What should be the right Cisco platforms to terminate IPv6 IPsec tunnels?
  • IPv6 QoS features set development priority
    • Dependent of Applications such as 3G, RVoIP,...
  • Native IPv6 Network Management
    • IPv6 & Commercial O.S., N.M.S software, Java, SNMP, MIB update
    • what’s about COPS, AAA, OSS,…?
open topics2
Open Topics!!!
  • Transition Tools, which ones?
    • NAT support?
  • Mobile IPv6 Services
    • Focus on Clients, Applications and Network design
  • Interoperability and TAC support
    • How to reproduce all issues
    • Role of Professional Services
  • Others ?
slide26
Satisfy Business Drivers, aka. Applications requiring end-to-end IPv6 traffic forwarding, geographies with registry allocations issues

No Flag Day

No Performance Penalty, implementation must be scalable and reliable, but …

Minimize operational upgrade costs and training expenses

Investment Protection & Low startup cost

Incremental value-add Upgrade/Deployment

Preserve IPv6 - IPv4 connectivity/transparency

Deployment of IPv6 Services:

What our Customers are saying !

Starting with Edge upgrades enable IPv6 service offerings now

deployment scenario
Deployment scenario
  • Many ways to deliver IPv6 services to End Users
    • Most important is End to End IPv6 traffic forwarding
  • IPv6 over IPv4 tunnels
  • Separate native IPv6
    • no impact on IPv4 traffic & revenues
    • various data link layers ATM, FR, Serial, Sonet/SDH, WDM
  • Dual stack Networks
    • IPv6 over MPLS or IPv4-IPv6 Dual Stack Routers
slide28

IPv6 Tunnels over IPv4 or MPLS Infrastructure

Edge IPv6 Infrastructure:

  • IPv6 over IPv4 Internet
    • ala 6Bone
  • Any Cisco IOS 12.2(1)T routers can be used as IPv6 Edge
    • 6to4 Tunnel
  • Leveraging defined Tunneling Technology
  • No impact on existing IPv4 or MPLS backbones

IPv6 over IPv4 Internet:

Translating Gateway

IPv6 Enterprise

Mobile Data

IPv4 Enterprise

Service ProviderIPv4 or MPLS Backbone

IPv6 Enterprise

Mobile Data

Translating Gateway

slide29

Translating

Gateway

Native IPv6 over Dedicated Links

  • Native IPv6 over dedicated infrastructures
    • No impact on IPv4 traffic and revenues
  • Any Cisco IOS 12.2(1)T routers can be configured
    • ATM & Frame Relay PVC’s
    • Serial Lines, Sonet/SDH, FE/GE
  • GSR 12000 with Sonet/SDH interfaces can get IPv6 support
    • Today, EFT on private 12.0ST branch
  • IPv6 over FE/GE, ATM or Sonet/SDH can run over an optical infrastructure (dedicated lamda)

IPv6 Enterprise

IPv6 Enterprise

Service Provider

ATM/FR/WDM Backbone

IPv6 Enterprise

ipv6 edge router 6pe over mpls
IPv6 Edge Router (6PE) over MPLS

MP-iBGP sessions

2001:0620::

v6

v6

2001:0420::

IPv6

IPv6

134.95.0.0

v4

v6

2001:0421::

P

P

6PE

6PE

IPv6

IPv4

OC48/192

2001:0621::

v6

P

P

IPv6

v4

144.254.0.0

6PE

IPv4

6PE

192.76.170.0

v4

IPv4

  • Many Carriers, large ISP and Mobile SP have invested on MPLS solutions
    • Core devices may be ATM switches, GSR or competitor nodes
    • Leverages of MPLS features, eg. MPLS/VPN, TE, CoS,...
  • UMTS Release 5 requires IPv6
    • GSM, GPRS and UMTS Release 99 needs circuit switching as well as IP
  • Multiple implementation’s options to integrate IPv6
    • IPv6 on CE, IPv6 over AToM, IPv6 Edge router (6PE), native IPv6 MPLS
    • 6PE allows the SP to offer IPv6 at lower cost and risk
dual stack ipv4 ipv6 backbone
May require IPv4-IPv6 Hardware Forwarding

Memory size for IPv4 and IPv6 routing tables

Should IPv4 and IPv6 route to a single dual-stack edge router the same?

Dual stack management?

IPv4 and IPv6 traffic should not impact each other.

Translating

Gateway

Dual Stack IPv4-IPv6 backbone

IPv6 Enterprise

IPv4

Enterprise

IPv4/v6 Enterprise

Service Provider

IPv4/IPv6

Backbone

IPv4

Enterprise

IPv6

Router

IPv4/v6 Enterprise

native ipv6 only backbone
Native IPv6-Only Backbone

IPv6 Intranet

IPv4 Intranet

  • Will require:
    • IPv4 over IPv6 Tunnels for IPv4 traffic
    • Hardware forwarding for IPv6
    • NAT-PT for IPv4-IPv6 communications
    • Network Managementover IPv6

Translating Gateway

IPv4 Tunnel

IPv6 Backbone

Translating Gateway

IPv6 Intranet

IPv4/v6 Intranet

Mobile IPv6

initial configuration
Initial Configuration

version 12.1

no service single-slot-reload-enable

service nagle

!

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

!

hostname ipv6-router

!

logging buffered 4096 debugging

logging rate-limit console 10 except errors

!

initial configuration1
Initial Configuration

aaa new-model

aaa authentication login vty group tacacs+ enable

enable secret <removed>

!

clock timezone PST -8

clock summer-time PDT recurring last Sun Mar 1:00 last Sun

ip subnet-zero

no ip finger

ip ftp source-interface Fddi0

ip ftp username <removed>

ip ftp password <removed>

ip domain-name cisco.com

ip name-server <ipv4>

ip dhcp smart-relay

!

no ip bootp server

ip multicast-routing

!

ipv6 configured tunnels
IPv6 Configured Tunnels

ipv6 unicast-routing

!

! Tunnel0 use RIPv6 for routing

interface Tunnel0

description <removed>

no ip address

ipv6 unnumbered Ethernet0

ipv6 rip 6bone enable

destination IP address

tunnel source Fddi0

tunnel destination <ipv4>

tunnel mode ipv6ip

!

! Tunnel1 use BGP4+ 6BONE peer-group

interface Tunnel1

description <removed>

no ip address

ipv6 address 3FFE:700:20:1::12/126

tunnel source Fddi0

tunnel destination <ipv4>

tunnel mode ipv6ip

ipv6 configured tunnels1
IPv6 Configured Tunnels

! Tunnel2 use BGP4+ 6BONE peer-group

interface Tunnel2

description <removed>

no ip address

ipv6 address 3FFE:C00:E:10::1/126

tunnel source Fddi0

tunnel destination <ipv4>

tunnel mode ipv6ip

!

! Tunnel3 use static route

interface Tunnel3

description <removed>

no ip address

ipv6 address 3FFE:C00:E:0:1::5/126

tunnel source Fddi0

tunnel destination <ipv4>

tunnel mode ipv6ip!

6to4 tunnel
6to4 Tunnel

! Tunnel47 use BGP4+ with no peer-group

interface Tunnel47

description <removed>

no ip address

ipv6 address 3FFE:3600::B/127

tunnel source Fddi0

tunnel destination <ipv4>

tunnel mode ipv6ip

!

! Skipped about 50 configured tunnels

! Next one is 6to4 tunnel

! Router can be 6to4 relay with 2002::/16 static route

interface Tunnel2002

no ip address

no ip redirects

ipv6 address 2002:X:X::1/128

ipv6 address FE80::60:3E11:6770:3E link-local

tunnel source Fddi0

tunnel mode ipv6ip 6to4

interface configuration
Interface Configuration

! Physical interfaces with ipv4 and/or ipv6 addresses

interface Ethernet0

ip address <ipv4> 255.255.255.248

no ip route-cache

no ip mroute-cache

no keepalive

media-type 10BaseT

ipv6 enable

ipv6 address 3FFE:C00:0:1::/64 eui-64

ipv6 rip 6bone enable

!

interface Ethernet1

ip address <ipv4> 255.255.255.248

no ip route-cache

no ip mroute-cache

media-type 10BaseT

!

interface Fddi0

ip address <ipv4> 255.255.255.224

no ip route-cache

no ip mroute-cache

no keepalive

ipv6 address 3FFE:C00:0:2::/64 eui-64

eigrp for ipv4 and bgp for ipv6
EIGRP for IPv4 and BGP+ for IPv6

router eigrp 109

network <ipv4>

auto-summary

no eigrp log-neighbor-changes

!

router bgp 109

!

! Disable ipv4 unicast to support other address families

!

no bgp default ipv4-unicast

bgp log-neighbor-changes

neighbor 6BONE peer-group

neighbor 3FFE:700:20:1::11 remote-as 293

neighbor 3FFE:C00:E:10::2 remote-as 7610

!

ipv6 address family
IPv6 Address Family

address-family ipv6

neighbor 6BONE activate

neighbor 6BONE send-community

neighbor 6BONE override-capability-neg

neighbor 6BONE prefix-list bgp-in in

neighbor 6BONE prefix-list aggregate out

neighbor 6BONE route-map SET6TO4COMMUNITY out

!

! Most neighbors should use peer-group

!

neighbor 3FFE:700:20:1::11 peer-group 6BONE

neighbor 3FFE:C00:E:10::2 peer-group 6BONE

!

end of bgp4
End of BGP4+

! Neighbors not using peer-group

!

neighbor 3FFE:3600::A activate

neighbor 3FFE:3600::A send-community

neighbor 3FFE:3600::A override-capability-neg

neighbor 3FFE:3600::A prefix-list bgp-in in

neighbor 3FFE:3600::A prefix-list aggregate out

neighbor 3FFE:3600::A route-map SET6TO4COMMUNITY out

!

bgp dampening 30 1000 2000 60

!

! This is the 6to4 address space.

network 2002::/16

!

! This is Cisco's pTLA for the 6bone

network 3FFE:C00::/24

!

exit-address-family

ipv4 access lists
IPv4 Access Lists

ip classless

ip tacacs source-interface Fddi0

no ip http server!

logging trap debugging

logging facility local6

logging <removed>

!

! IPv4 VTY access-list

!

access-list 198 permit ip <removed> any

access-list 198 deny ip any any log

!

ipv6 static routes and ripv6
IPv6 Static Routes and RIPv6

! 2002::/16 points to the 6to4 tunnel

ipv6 route 2002::/16 Tunnel2002

!

! static route for Cisco's Site-Local-Address

ipv6 route 3FFE:C00:E::/48 Null0

!

! static route for a site with no routing protocol

ipv6 route 3FFE:C00:800E::/48 Tunnel3

!

! static route for our /24 pTLA from the 6bone

ipv6 route 3FFE:C00::/24 Null0

!

! RIPv6

ipv6 router rip 6bone

!

ipv6 access lists
IPv6 Access-lists

! IPv6 access-list to protect the vty ports

ipv6 access-list vty deny ::/0 any

!

! Prefix-list for BGP4+ peers

ipv6 prefix-list aggregate seq 5 deny 3FFE:C00::/24 ge 25

ipv6 prefix-list aggregate seq 10 permit ::/0 le 48

!

ipv6 prefix-list bgp-in seq 5 deny 5F00::/8 le 128

ipv6 prefix-list bgp-in seq 10 deny ::/0

ipv6 prefix-list bgp-in seq 15 deny ::/1

ipv6 prefix-list bgp-in seq 20 deny ::/2

ipv6 prefix-list bgp-in seq 25 deny ::/3 ge 4

ipv6 prefix-list bgp-in seq 30 permit ::/0 le 128

!

! 6to4 address space is tagged with no-export

ipv6 prefix-list 6to4 seq 5 permit 2002::/16

!

route-map SET6TO4COMMUNITY permit 10

match ipv6 address prefix-list 6to4

set community no-export

!

route-map SET6TO4COMMUNITY permit 20

!

ending configuration
Ending Configuration

tacacs-server host <removed>

tacacs-server host <removed>

tacacs-server timeout 15

banner motd <removed>

!

line con 0

exec-timeout 3 0

transport input none

line aux 0

transport input all

line vty 0 4

ipv6 access-list vty in

access-class 198 in

exec-timeout 0 0

login authentication vty

!

exception core-file <removed>

exception protocol ftp

exception dump <removed>

ntp clock-period 17179631

ntp source Fddi0

ntp update-calendar

ntp server <removed>

end

further references
wwwin.cisco.com/ios/ipv6

www.cisco.com/ipv6

ipv6-interest

cs-ipv6

Further References
slide47

www.cisco.com

Presentation_ID

47

© 1999, Cisco Systems, Inc.