BGP-MPLS VPN extension for IPv4/IPv6 Hybrid Network Defeng Li [email protected] Huawei...
-
Upload
sabina-hodges -
Category
Documents
-
view
222 -
download
1
Transcript of BGP-MPLS VPN extension for IPv4/IPv6 Hybrid Network Defeng Li [email protected] Huawei...
BGP-MPLS VPN extension for BGP-MPLS VPN extension for
IPv4/IPv6 Hybrid NetworkIPv4/IPv6 Hybrid Network
Defeng [email protected]
Huawei Technologies
2
draft-defeng-l3vpn-ipv4-ipv6-hybrid-01draft-defeng-l3vpn-ipv4-ipv6-hybrid-01
• Justification– IPv6 can’t take the place of IPv4 in the global network
in one night, it must co-exist with IPv4 in a long period, then backbone and sites of inter-provider L3VPN will often be IPv4/IPv6 hybrid.
– IPv4/IPv6 Hybrid VPN isn’t addressed elsewhere.
• Purpose– Proposes some methods for IPv4/IPv6 hybrid VPN
– Open to accommodate other methods in the future version
3
draft-defeng-l3vpn-ipv4-ipv6-hybrid-01draft-defeng-l3vpn-ipv4-ipv6-hybrid-01
• Contents– Case 1: Both of VPN Backbone and sites are IPv4/IPv6
Hybrid • Method 1• Method 2
– Case 2: IPv4 backbone with IPv4/IPv6 hybrid VPN sites
• Most Concepts inherited from RFC 2547bis– RD– Route Target– VRF– MP-BGP– …
4
draft-defeng-l3vpn-ipv4-ipv6-hybrid-01draft-defeng-l3vpn-ipv4-ipv6-hybrid-01
• Method 1 for Case 1
IPv4
I Pv6 2001: 0200: : / 64
I Pv6 2001: 0400: : / 64I Pv4 192. 1. 2. 0/ 24
I Pv4 192. 1. 4. 0/ 24CE1
PE1
PE2
PE4
PE3CE2CE3
CE4
I Pv4 10. 1. 1. 0/ 24
CE
CE
I Pv4 10. 1. 2. 0/ 24CE
CE
I Pv4 10. 1. 3. 0/ 24
I Pv4 10. 1. 4. 0/ 24
VPNA-Si te1
VPNB
VPNB VPNB
VPNB
IPv6ASBR
VPNA-Si te2VPNA-Si te3
VPNA-Si te4
ASBR
MP- I BGP
MP- I BGP
MP- I BGP
MP- I BGP
MP- I BGP
MP- I BGP
MP-EBGP
5
draft-defeng-l3vpn-ipv4-ipv6-hybrid-01draft-defeng-l3vpn-ipv4-ipv6-hybrid-01
• Route Distribution (Method 1 for Case 1)– Both IPv4 routes and IPv6 routes are distributed betwe
en CE-PE, BGP4+,IS-ISv6 and OSPFv3 can carry IPv4/ IPv6 routes simultaneously.
– Every two of PEs and ASBR1 in IPv4 AS establish MP-IBGP based on IPv4;
– Every two of PEs and ASBR2 in IPv6 AS establish MP-IBGP based on IPv6;
– ASBR1 and ASBR2 establish MP-EBGP based on IPv6;
– VPN-IPv4 routes and VPN-IPv6 routes can be piggybacked on the same MP-BGP;
– PEs maintain VPN-IPv4 routes and VPN-IPv6 routes in respective VRFs, they are differentiated by the AFI of the routes received.
6
draft-defeng-l3vpn-ipv4-ipv6-hybrid-01draft-defeng-l3vpn-ipv4-ipv6-hybrid-01
• Address Requirements (Method 1 for Case 1)– Should support two AFI, 1 for IPv4 and 2 for IPv6, SAFI:128;
– Two IPv4 sites communicate with IPv4 address;
– Two IPv6 sites communicate with IPv6 address;
– One IPv4 site and one IPv6 site communicate with IPv6 address;
– IPv4 address A.B.C.D/Mask mapped to 0::A:B:C:D/(96+MASK) IPv6 address if necessary;
– PEs and ASBRs should support IPv4/IPv6 dual-stack and maintain both VPN-IPv4 routes and VPN-IPv6 routes;
– CEs in IPv4 sites which have relations only to other IPv4 sites can support only IPv4 protocol and maintain IPv4 VPN routes, otherwise CE should support IPv4/IPv6 dual-stack;
7
draft-defeng-l3vpn-ipv4-ipv6-hybrid-01draft-defeng-l3vpn-ipv4-ipv6-hybrid-01
• Label Distribution (Method 1 for Case 1)– Inherited from RFC 2547bis in every AS;
– MP-EBGP between ASBR1 and ASBR2 distributes the labels, and LSPs in AS1 and AS2 can be sticked ;
• Packet Forwarding (Method 1 for Case 1)– Packets between sites-PE are forwarded following the I
P protocol of the respective version(IPv4/IPv6)
– In the backbone packets can be forwarded on the sticked LSP
8
draft-defeng-l3vpn-ipv4-ipv6-hybrid-01draft-defeng-l3vpn-ipv4-ipv6-hybrid-01
• Method 2 for Case 1
IPv4(DAS)
I Pv6 2001: 0200: : / 64
I Pv6 2001: 0400: : / 64I Pv4 192. 1. 2. 0/ 24
I Pv4 192. 1. 4. 0/ 24CE1
PE1
PE2
PE4
PE3CE2CE3
CE4
I Pv4 10. 1. 1. 0/ 24
CE
CE
I Pv4 10. 1. 2. 0/ 24CE
CE
I Pv4 10. 1. 3. 0/ 24
I Pv4 10. 1. 4. 0/ 24
VPNA-Si te1
VPNB
VPNB VPNB
VPNB
IPv6(PAS)ASBR
VPNA-Si te2VPNA-Si te3
VPNA-Si te4
ASBRI Pv4 MP- I BGP
mul t i -hop I Pv4MP-EBGP
MP- I BGP
MP- I BGP
MP- I BGP
mul t i -hop I Pv4MP-EBGP
9
draft-defeng-l3vpn-ipv4-ipv6-hybrid-01draft-defeng-l3vpn-ipv4-ipv6-hybrid-01
• Address Requirements (Method 2 for Case 1)– Same with Method 1;
• Route Distribution (Method 2 for Case 1)– Every two of PEs in DAS establish MP-IBGP based on IPv4; – Every two of PEs and ASBR2 in PAS establish MP-IBGP based o
n IPv6;– Every PE in DAS and ASBR2 establish multi-hop MP-EBGP ba
sed on IPv4;– VPN routes need to be distributed to sites connected to neighborin
g AS are distributed by such multi-hop MP-EBGP;
• Same with method 1 in other aspects.
10
draft-defeng-l3vpn-ipv4-ipv6-hybrid-01draft-defeng-l3vpn-ipv4-ipv6-hybrid-01
• Case 2: IPv4 backbone and IPv4/IPv6 hybrid VPN sites
IPv4 Backbone
I Pv6 2001: 0200: : / 64
I Pv6 2001: 0400: : / 64I Pv4 192. 1. 2. 0/ 24
I Pv4 192. 1. 4. 0/ 24
NAT-PTAddress Pool :192. 1. 1. 0/ 24
NAT-PTAddress Pool :192. 1. 3. 0/ 24
CEPE
PE
PE
PECECE
CE
I Pv4 10. 1. 1. 0/ 24
CE
CE
I Pv4 10. 1. 2. 0/ 24CE
CE
I Pv4 10. 1. 3. 0/ 24
I Pv4 10. 1. 4. 0/ 24
VPNA
VPNA VPNA
VPNA
VPNB
VPNB VPNB
VPNB
11
draft-defeng-l3vpn-ipv4-ipv6-hybrid-01draft-defeng-l3vpn-ipv4-ipv6-hybrid-01
• Characteristics of Case 2– Needs no VPN-IPv6 AFI in the backbone;
– PE assigns private IPv4 addresses for IPv6 site, and supports private IPv4 address NAT-PT;
– Extend MP-BGP protocol by adding an Extended Community attribute: If-V6-Site to identify IPv6 sites;
– IPv6 routes are mapped to IPv4 NAT-PT prefix at PE and true IPv6 routes are distributed across backbone as the “value” of If-V6-Site attribute of IPv4 NAT-PT prefix through MP-BGP;
12
draft-defeng-l3vpn-ipv4-ipv6-hybrid-01draft-defeng-l3vpn-ipv4-ipv6-hybrid-01
• Characteristics of Case 2– PE maintains IPv4 routes, IPv6 mapped NAT-PT IPv4 routes and
true IPv6 routes;
– Communication between IPv4 site and IPv6 site needs NAT-PT translation;
– Communication between two IPv6 sites use true IPv6 routes at PE;
– Different routes are selected at Ingress PE according to IPv4/IPv6 types of Source/Destination sites when forwarding.
13
draft-defeng-l3vpn-ipv4-ipv6-hybrid-01draft-defeng-l3vpn-ipv4-ipv6-hybrid-01
• Judgement of IPv4/IPv6 sites– Whether the sites is IPv6 can be identified by the address of the in
terface between CE and PE, then PE can set the related fields in If-V6-Site attribute when distributing the VPN routes across backbone, and whether the remote site is IPv6 can be identified by If-V6-Site attribute attached to VPN routes received.
• If-V6-Site (TLV) Extended Community Attribute 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- |T| length | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+- +-+-+-+-+-+-+-+-+-+-+| | IPv6 Route1… | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- | IPv6 Routen… | ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
14
draft-defeng-l3vpn-ipv4-ipv6-hybrid-01draft-defeng-l3vpn-ipv4-ipv6-hybrid-01
What’s Next ?
Can it be accepted as the baseline of wg draft?
Accommodate more mechanism to this draft to address IPv4/IPv6 hybrid VPN.
15