IPv6 Deploymentpalo/Rozne/cisco-expo... · 6VPE Deployment 1. IPv6 VPN can coexist with IPv4...

© 2009 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 1

IPv6 Deployment

Stefan KollarConsulting System Engineer, CCIE #10668 [email protected]

2© 2009 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID

Agenda1. IPv6 motivations and activities2. SP Architecture

Pure IP NetworksMPLS networks

3. Enterprise Architecture4. Address Allocation5. Transition Technologies


National IPv6 StrategiesNational IPv6 Strategies� Compliance: U.S. Federal Mandate, IPv6 task force� Next Generation Internet (CNGI) project in Chinaand Japan

IPv6IPv6

IPv6 Market Drivers

IPv4 Address space completionIPv4 Address space completion� Slow down of Internet Technologies � Limiting expansionof enterprise into emerging markets

Infrastructure EvolutionInfrastructure Evolution

� Next generation Network architecture require IPv6� DOCSIS 3.0,Quad Play� Mobile SP � Networked Sensors, i.e.: AIRS

IPv6 in Client SoftwareIPv6 in Client Software

� IPv6 “on” and “preferred”by default in Vista� Microsoft OneCare� Apple's “Back to My Mac”� v6 over v4 OTT tunnel providers � ipv6.google.com


Address Completion / Exhaustion

1. Short-term thinking, decisions, & purchases will quickly be obsoleted

free pool of large IPv4 /8 blocks will expire sometime in 2011/2012 timeframe

Consumption of addresses• More users• More devices per user

Get daily updated estimates at: potaroo.net (Picture as of Nov 12, 2009)

http://www.potaroo.net/tools/ipv4/


Subscriber Connection GrowthBroadband: Worldwide penetration & growth

Source: Point-Topic, 2009

Source: DellOro Group, Jan 09

Broadband: Net subscriber addsby access type


Subscriber Connection Growth

India: Mobile Internet active users to surpass traditional Internet users…

China: 120 million access the Internet via mobile phones ...

Developed Countries

Emerging Countries

Wireline Mobile Wireline MobileSubscriber connections Localized Yes Localized Yes

Where does IPv4 Exhaustion Matter First?

Smartphones a key driver for additional IPv4 addressesPredicted CAGR: 18%-21%*17.4% of all mobile device shipments in 2009**

* Source: http://www.mobile-tech-today.com/story.xhtml?story_id=65091** Source: http://www.ciol.com/Biz-Watch/News-Reports/Smartphones-ring-in-healthy-growth-in-2009/5309116823/0/


IETF IPv6 Standards1.Core IPv6 specifications are stable and well tested IETF Draft Standards

IPv6 Addressing Architecture, ICMPv6, Neighbor Discovery, Stateless Auto-configuration, IPv6 over “Data Link Layers”, DNS Record, Routing Protocols, Tunneling, MIB’s, Header Compression, MLD, etc.2.2007: IPv6 WG now closed – replaced by 6MAN (Maintenance) WG3.IPv6 Transition, then now Operations focused Working Groups

NGTrans WG (closed), v6ops (active),6MAN (bug fixing)4.Many other Working Groups working on IPv6 features

16ng, 6LoWPAN, DHC, DNSext, Mobility eXtension (MEXT), Routing, Shim6, Softwire,…


Number of Documents at Various StatusDocuments about IPv4/IPv6

1. 7 Document Statuses2. Standards

Best Current Practice (146)Proposed Standard (1450)Draft Standard (91)Full Standard (77)

3. NonstandardsHistoric/Obsolete/Just Plain Old (1724)Informational (1510)Experimental (255)

IETF Status IPv4 IPv6Informational 933 374Experimental 151 59Best Current Practice 86 34

Proposed Standard 772 407

Draft Standard 48 17Full Standard 48 5


General Areas IETF Is Working on IPv6

• Cross-Registry Information Service

• Addressing• Dynamic Host

Configuration• Autoconfiguration• IP over Various

Technologies• Mobility• Multihoming• IPv6 Maintenance• IPv6 Operations

• Cross-Registry Information Service

• Addressing• Dynamic Host

Configuration• Autoconfiguration• IP over Various

Technologies• Mobility• Multihoming• IPv6 Maintenance• IPv6 Operations

• Translation-Based Transition Technologies• IPv4/IPv6 NAT• IPv6/IPv6 NAT

• Tunnel-Based Transition Technologies

• Source Address Validation• Routing

• Especially Mobile Ad-Hoc Routing

• Also Global Routing Operations

• Sensor Networks

• Translation-Based Transition Technologies• IPv4/IPv6 NAT• IPv6/IPv6 NAT

• Tunnel-Based Transition Technologies

• Source Address Validation• Routing

• Especially Mobile Ad-Hoc Routing

• Also Global Routing Operations

• Sensor Networks


The Goal…1.In general, the goal is to “Continue the growth of the Internet”:

• For some, that means “retain simplicity by extending addressing to more prefixes and more machines.”

• For others, that means “retain the infrastructure I am familiar with and have invested heavily in.”

2.For IETF, the goal is:

1.That implies:• Deploy IPv6 for more addresses.• IPv4/IPv6 coexistence is required for a turn-up period.• At some point, IPv4 is no longer needed.• At that point, turn IPv4 off.

Continue the Growth of the Internet with maximized application options and minimized long-term operational and capital cost.Continue the Growth of the Internet with maximized application options and minimized long-term operational and capital cost.


Pure IP Networks


Service ProviderIPv4 Backbone

Tunnelling IPv6 In IPv41. Tunnelling Options

Manual Tunnels (RFC 2893)GRE Tunnels (RFC 2473)L2TPv3

2. ISP scenarioConfigured Tunnels in Core Configured Tunnels or Native IPv6 to IPv6 Enterprise’s CustomersConnection to an IPv6 IX

IPv6 over IPv4Tunnels

IPv6 Site A

IPv6 Site B

IPv6 SP

IPv6 IX

Use the Most Appropriate

U N I V E R S I T YU N I V E R S I T Y


Dual-Stack IPv4-IPv6

1. IPv6 transit services2. IPv6 enabled on Core routers3. Enterprise and consumer IPv6 access4. Additional services

IPv6 multicast for streaming

802.11 Hot-Spot

Dual-Stack CoreIPv6 Broadband Users

DSL, CableFTTH

Aggregation

6to4 RelayCourtesy Service

EnterpriseDual-Stack orDedicated L2 Circuits


MPLS Networks


IPv6 Over MPLS1. Many service providers have already deployed MPLS

in their IPv4 backbone for various reasons2. MPLS can be used to facilitate IPv6 integration3. Multiple approaches for IPv6 over MPLS:

IPv6 over L2TPv3IPv6 over EoMPLS/AToMIPv6 CE-to-CE IPv6 over IPv4 TunnelsIPv6 Provider Edge Router (6PE) over MPLSIPv6 VPN Provider Edge (6VPE) over MPLSNative IPv6 over MPLS


P

P

P

Pv6

IPv4MPLSv4

v6

v4

v4

v6

v6

CE

CE

6PE

6PE 6PE

6PE

192.254.10.0

2001:0421::

2001:0420::

192.76.10.0

145.95.0.0

2001:0621::

2001:0620::

Dual-Stack IPv4-IPv6 RoutersDual-Stack IPv4-IPv6 Routers

CE

IPv6 Provider Edge Router (6PE) Over MPLS

1. IPv4 or MPLS core infrastructure is IPv6-unaware2. PEs are updated to support dual stack/6PE 3. IPv6 reachability exchanged among 6PEs via iBGP (MBGP)4. IPv6 packets transported from 6PE to 6PE inside MPLS

iBGP (MBGP) Sessions


6PE-1

6PE Routing/Label Distribution

6PE-2P1 P2

2001:F00D::2001:DB8::

200.10.10.1

200.11.11.1

IGPv4 Advertises Reachability of 200.10.10.1

IGPv6 or MP-BGP Advertising 2001:F00D::

IGP or MP-BGP Advertising 2001:F00D::

6PE-2 Sends MP-iBGP Advertisement to 6PE-1 Which Says:2001:F00D:: Is Reachable Via BGP Next Hop = 200.10.10.1 (6PE-2)Bind BGP Label to 2001:F00D:: (*)IPv6 Next Hop Is an IPv4 Mapped IPv6 Address Built from 200.10.10.1

LDPv4 Binds Label to 200.10.10.1

LDPv4 Binds Label to 200.10.10.1

LDPv4 Binds Implicit-Null (i.e.

Pop) to 200.10.10.16PE-1#show ipv6 routeB 2001:F00D::/64 [200/0]via ::FFFF:200.10.10.1, IPv6-mpls

6PE-1#show ipv6 cef internal #hidden command.. OUTPUT TRUNCATED .. 2001:F00D::/64,

nexthop ::FFFF:200.10.10.1fast tag rewrite with F0/1, 10.12.0.1, tags imposed {17 28}


6PE-1 Configuration

200.10.10.1 Is the Remote 6PE2001:DB8:1::1 Is the Local CE

ipv6 cef!mpls label protocol ldp!router bgp 100no synchronizationno bgp default ipv4 unicastneighbor 2001:DB8:1::1 remote-as 65014neighbor 200.10.10.1 remote-as 100neighbor 200.10.10.1 update-source Loopback0!address-family ipv6neighbor 200.10.10.1 activateneighbor 200.10.10.1 send-labelneighbor 2001:DB8:1::1 activateredistribute connectedno synchronizationexit-address-family

6PE-1

2001:DB8::

6PE-2

iBGP Session

Send Labels Along with IPv6 Prefixes by Means ofMP-BGP Note: Will Cause Session to Flap


Why Cisco IOS IPv6 VPN Provider Edge (6VPE)?

1. For VPN customers, IPv6 VPN service is exactly the same as IPv4 VPN service

2. Current 6PE is “like VPN” but this is NOT VPN, i.e., global reachability

3. For ISP offering MPLS/VPN for IPv4 that wish to add IPv6 services as wellNo modification on the MPLS coreSupport both IPv4 and IPv6 VPNs concurrently on the

same interfacesConfiguration and operations of IPv6 VPNs exactly like

IPv4 VPNs


6VPE Deployment

1. IPv6 VPN can coexist with IPv4 VPN—same coverage 2. 6VPE is added only when and where the service is required3. 6VPE—An implementation of <draft-ietf-bgp-ipv6-vpn> over MPLS/IPv44. Standards work going forward—<draft-ietf-l3vpn-bgp-ipv6-xx.txt>

P

P

P

P

iBGP (MBGP) Sessions

VPN B

VPN B

VPN A

v4 and v6 VPNVPN A

v6 Only

v6 Only

v4 and v6 VPNVPN B

VPN A

v6 Only

v4 and v6 VPN


6VPE Configuration Example

Site-1 Site-2 Site-3 Site-4

PE1PE2

PPMultihop MP-iBGP

VRFfor site-1(100:1)

Site-1 routesSite-2 routes




Site-1 routesSite-2 routesSite-3 routes



vrf definition SITE-3 rd 100:2address-family ipv6route-target export 100:2route-target import 100:2route-target import 100:3route-target export 100:3

!vrf definition SITE-4 rd 100:3address-family ipv6route-target export 100:3route-target import 100:3

!interface Serial4/6vrf forwarding SITE-3ipv6 address 2001:DB8:3::1/64

!interface Serial4/7vrf forwarding SITE-4ipv6 address 2001:DB8:4::1/64


router bgp 100no bgp default ipv4-unicastneighbor 6.6.6.6 remote-as 100neighbor 6.6.6.6 update-source loopback0

!address-family vpnv6neighbor 6.6.6.6 activateneighbor 6.6.6.6 send-community-extended

exit-address-family!address-family ipv6 vrf SITE-4neighbor 2001:DB8:4::2 remote-as 65504neighbor 2001:DB8:4::2 activate

exit-address-family!

address-family ipv6 vrf SITE-3neighbor 2001:DB8:3::2 remote-as 65503neighbor 2001:DB8:3:2 activate

exit-address-family

6VPE Configuration Example (Cont.)

Site-1 Site-2 Site-3 Site-4

PE1PE2

PPMultihop MP-iBGP










Enterprise Architecture


IPv6 Coexistence

IPv6 Network

IPv6 Network

IPv6 Host

Configured Tunnel/MPLS (6PE/6VPE)

IPv6 Host

MPLS/IPv4

IPv4: 192.168.99.1 IPv6: 2001:db8:1::1/64IPv6/IPv4

Dual Stack

IPv6ISATAPRouter

IPv4 ISATAP Tunneling(Intra-Site Automatic Tunnel Addressing Protocol)

Configured Tunnel/MPLS (6PE/6VPE)


Campus IPv6 DeploymentThree Major Options

1. Dual-stack – The way to go for obvious reasons: performance, security, QoS, Multicast and managementLayer 3 switches should support IPv6 forwarding in hardware

2. Hybrid – Dual-stack where possible, tunnels for the rest, but all leveraging the existing design/gearPro – Leverage existing gear and network design (traditional L2/L3 and

Routed Access) Con – Tunnels (especially ISATAP) cause unnatural things to be done to

infrastructure (like Core acting as Access layer) and ISATAP does not support IPv6 multicast

3. IPv6 Service Block – A new network block used for interim connectivity for IPv6 overlay networkPro – Separation, control and flexibility (still supports traditional L2/L3 and

Routed Access)Con – Cost (more gear), does not fully leverage existing design, still have to

plan for a real dual-stack deployment and ISATAP does not support IPv6 multicast


Campus IPv6 Deployment OptionsDual-stack IPv4/IPv6

1. Requires switching/routing platforms to support hardware based forwarding for IPv4 and IPv6

2. IPv6 is transparent on L2 switches except for multicast -MLD snoopingIPv6 management —Telnet/SSH/HTTP/SNMPIntelligent services on WLAN

3. Requires robust control plane for both IPv4 and IPv6Variety of routing protocols—The same ones in use today with IPv4

4. Requires support for IPv6 multicast, QoS, infrastructure security, etc…

DistributionLayer

AccessLayer

CoreLayer

AggregationLayer (DC)

Dual-stackServer

L2/L3

v6-Enabled

v6-Enabled

v6-Enabled

v6-Enabled

IPv6/IPv4 Dual Stack Hosts

AccessLayer (DC)

DualStack

Dual Stack

Dual Stack

Dual Stack

Dual Stack

v6-Enabled

v6-Enabled


Campus IPv6 Deployment OptionsHybrid Model

1. Offers IPv6 connectivity via multiple optionsDual-stackConfigured tunnels – L3-to-L3ISATAP – Host-to-L3

2. Leverages existing network3. Offers natural progression to full

dual-stack design4. May require tunneling to less-than-optimal

layers (i.e. Core layer)5. ISATAP creates a flat network (all hosts

on same tunnel are peers)Create tunnels per VLAN/subnet to keep same segregation as existing design (not clean today)

6. Provides basic HA of ISATAP tunnels via old Anycast-RP idea

7. ISATAP does not support IPv6 Multicast8. Configured tunnels do support IPv6

MulticastDual-stackServer

L2/L3

v6-Enabled

Not v6-Enabled

v6-Enabled

Not v6-Enabled

v6-Enabled

v6-Enabled

Hybrid Model

DistributionLayer

AccessLayer

CoreLayer

AggregationLayer (DC)

AccessLayer (DC)

Dual Stack

ISATAP TunnelDual Stack

ISATAP Tunnel


Intrasite Automatic Tunnel Address Protocol

1. ISATAP is used to tunnel IPv4 within as administrative domain (asite) to create a virtual IPv6 network over a IPv4 network

2. Supported in Windows XP Pro SP1 and others

InterfaceIdentifier(64 bits)

IPv4 Address64-bit Unicast Prefix 0000:5EFE:32-bit32-bit

Use IANA’s OUI 00-00-5E-FE and Encode IPv4 Address as Part of EUI-64


IPv6 Campus ISATAP ConfigurationISATAP Client Configuration

C:\>netsh int ipv6 isatap set router 10.122.10.103Ok.

int lo310.122.10.103

int tu3

int lo310.122.10.103

10.120.3.101

int tu3

Tunnel adapter Automatic Tunneling Pseudo-Interface:Connection-specific DNS Suffix . :IP Address. . . . . . . . . . . . : 2001:db8:cafe:3:0:5efe:10.120.3.101IP Address. . . . . . . . . . . . : fe80::5efe:10.120.3.101%2Default Gateway . . . . . . . . . : fe80::5efe:10.122.10.103%2

interface Tunnel3ipv6 address 2001:DB8:CAFE:3::/64 eui-64no ipv6 nd suppress-raipv6 ospf 1 area 2tunnel source Loopback3tunnel mode ipv6ip isatap!interface Loopback3description Tunnel source for ISATAP-VLAN3ip address 10.122.10.103 255.255.255.255

New tunnel comes up

when failure occurs

Windows XP/Vista Host


Campus IPv6 Deployment OptionsIPv6 Service Block – An Interim Approach

ISATAP

IPv6 Service Block

Internet

Dedicated FW

IOS FW

Data Center Block

VLAN 2

WAN/ISP Block

Primary ISATAP TunnelSecondary ISATAP TunnelEqual-cost Configured

Tunnel (Mesh)

IPv4-onlyCampusBlock

AggLayer

VLAN 3

2

1

AccessLayer

DistributionLayer

CoreLayer

1. Provides ability to rapidly deploy IPv6 services without touching existing network

2. Provides tight control of where IPv6 is deployed and where the traffic flows (maintain separation of groups/locations)

3. Offers the same advantages as Hybrid Model without the alteration to existing code/configurations

4. Configurations are very similar to the Hybrid Model

ISATAP tunnels from PCs in Access layer to Service Block switches (instead of core layer – Hybrid)

5. 1) Leverage existing ISP block for both IPv4 and IPv6 access

6. 2) Use dedicated ISP connection just for IPv6 – Can use IOS FW or PIX/ASA appliance


SP & Enterprise


Allocation Recommendations1. IANA allocates from 2001::/16 or shorter to regional registries2. Each regional registry’s allocation is a ::/23 or shorter3. ISP allocations from the regional registry is a ::/36 (immediate allocation) or ::/32 (initial allocation) or shorter with

justification (Example: FT recently acquired a /19)4. The policy expectation is that an ISP allocates a ::/48 prefix

to each customer, longer prefixes (but shorter than /64) for home users

Site/48Site/48

ISP/32ISP/32

IANA2001::/3

APNIC::/12 to::/23

AfriNIC::/12 to::/23

ARIN::/12 to::/23

LACNIC::/12 to::/23

RIPE NCC::/12 to::/23

ISP/32

Site/48

Site/48Site/48

ISP/32ISP/32ISP/32

Site/48

Site/48Site/48

ISP/32ISP/32ISP/32

Site/48

Site/48Site/48

ISP/32ISP/32ISP/32

Site/48

Site/48Site/48

ISP/32ISP/32ISP/32

Site/48


SP IPv6 Address Allocation

1. SP own addressing schemeUsually SP get the address allocated by the local registry via IANAEurope and Middle East

RIPE NCC – http://www.ripe.net/info/nccThe block is usually /32 but exception can be made for a bigger

ISP2. SP usually assign addresses for Consumers.

There are 2 types:3. Fixed allocation:

Cable customers, DSL customers, ETTH etc4. Mobile allocation:

Mobile customers


““…recommends the assignment of /48 in the general case, /64 when it is known that one and only one subnet is needed…”

RFC3177 IAB/IESG Recommendations on IPv6 Address Allocations to Sites

IPv6 Address Allocation Guidelines


Addressing Plans – ISP Infrastructure1.Address block for router loop-back interfaces

Generally number all loopbacks out of one /64/128 per loopback

2.Address block for infrastructure/48 allows 65k /64-subnets/48 per PoP or region (for large networks)/48 for whole backbone (for small to medium networks)Summarise if it makes sense


Link Level – Prefix Length Considerations

64 bits

• Recommended by RFC3177 and IAB/IESG

• Consistency makes management easy

• Significant Address space loss

• Enables more hosts per broadcast domain

• Considered bad practice

• 64 bits offers more space for hosts than the media can support efficiently

< 64 bits > 64 bits

• Address space conservation• Special cases:

/126 – valid for p2p/127 – not valid for p2p(RFC3627)/128 – loopback

• Complicates management• Must avoid overlap with

specific addresses:Router Anycast (RFC3513)Embedded RP (RFC3956)ISATAP addresses


Policy Implementation1. Give Home/SOHO a permanent /64 – single

link2. Give Home/SOHO a permanent /483. Short-lived /64 from a prefix-pool

A Separate /64 is assigned each user/interface. The prefix is advertised in RA’s and a route is installed in the RIB.

4. Short-lived /128 from a shared prefix-pool/64 prefix is shared between all users of the pool. The same /64

prefix is advertised in RA’s out all interfaces. The user gets an /128 based on the prefix and his Interface-Identifier. A route in the RIB is installed only for the /128.


Addressable Device Proliferation

/48/64

/128

/64

Which devices addressable by which domains?


DHCPv6 PD: RFC 36331. Media independence

e.g., ADSL, FTTHOnly knows identity of requesting router

2. Leases for prefixes3. Flexible deployments

Client/relay/server model4. Requesting router includes

request for prefixes in DHCP configuration request

5. Delegating router assigns prefixes in response along with other DHCP configuration information

ADSL

FTTHDHCPv6 Server(s)

DHCPv6 Client

DHCPv6 Relay

/48

/64


Enterprise IPv6 Address Allocation1. Enterprise own addressing scheme

Get you own address from local registry via IANA ORGet it via Service Providers

2. Unique local address if the network does not need to go on the Internet (Private address)

3. Usually get a block of /48 unless a justification for a larger block is made

4. PI address for multihoming


Provider-Independent Addresses

1. Driven mainly by enterprises2. Adopted (April 2006) because there is no consensus on Multihoming for

IPv6 3. The possible impact is still debated but it seems we will just have to deal

with it. Lack of PI could however slow down IPv6 adoption.4. BGP can only control routing table growth if routes are aggregated5. Number of multi-homed sites increasing quickly (>10,000)6. The IPv6 address space is very large7. Routing table growth could be problematical with the capability of the

current hardware and protocols

Provider Independent Proposal: http://www.arin.net/policy/proposals/2005_1.html


Routing Protocols Coexistence & Convergence


The Questions Are Almost the Same as for IPv4

1. Most likely the IPv6 IGP will not be deployed in a brand new network and just by itself

2. Most likely the IPv4 services are more important at first since they are generating most of the revenue

3. Redefine “better”

1. What is the impact on the convergence of IPv4?

2. Are the resources optimally shared?

3. Are the topologies going to be congruent?

4. Etc.


Nothing Is for Free1. Resources will be shared between the two IGPs and

they will compete for processor cycles in a way that reflects their relative configuration

2. This has implications on:Expected convergence behaviorSingle process/topology vs Multi process/topology selectionResources (Memory, CPU) planning


Coexistence—Resources Considerations1. With the exception of ISIS single topology, the IPv4

and IPv6 routing processes claim their own memory and processing resources for maintaining adjacencies, databases and related calculations

2. It is important to define the IPv6 network design in order to understand the new resource requirements (memory) and the new operational parameters (max CPU) for the network devices


Convergence ConsiderationsThe IGPs Will Compete over Processor Cycles Based on Their Relative Tuning� If you configure the IPv4 and IPv6 IGPs the same way (aggressively tuned for fast convergence), naturally expect a doubling of their stand alone operation convergence time� If the IPv6 IGP is operating under default settings, the convergence time for the optimally tuned IPv4 IGP is not significantly affected


Transition Technologies& futures


Network Address Translation (NAT) Terminology

NAT44 The classic IPv4 NATNAT444 Double NAT

(NAT on Residential Gateway (RG) + NAT within SP network)NAT46 Protocol translation from IPv4 to IPv6

(may also include DNS46)NAT464 Double NAT with IPv6 transportNAT64 Protocol translation from IPv6 to IPv4

(may also include DNS64)NAT66 Hiding addresses for reachability or domain independenceIVI Prefix-specific & stateless address mapping for IPv4/IPv6

coexistence and transition

LSN Large Scale NAT In practice, all three mean the SP performs some form of NAT for many subscribersCGN Carrier Grade NAT

AFT Address Family Translator


Large Scale NAT444 in Operation

IPv4

IPv4

IPv4

Subscribers

Public IPv4Internet

Access Provider Network Public Internet

Core

IPv4public

IPv4

IPv4

IPv4

Public IPv4InternetLSN

= public IPv4= NOT public IPv4

Core

(NOT)-IPv4public

Today:

AddingLSN:


IPv4 to IPv6 TranslationStateful AFT (NAT64)

IPv4 host

IPv4+IPv6 host

Subscriber Network IPv6-only SP Network Internet

CustomerRouter

IPv6 host

IPv6 InternetIPv6 Internet

IPv6

1. Service Provider deploys IPv6-only infrastructure:Only IPv6 is available to the consumerIPv4 Internet available via Address Family Translation on SP NAT device

IPv4


DNS64

SP NAT64Sharing IPv4 address(es)

NAT64 IPv6

D N S q u e r yI P v6

http://tools.ietf.org/html/draft-bagnulo-behave-nat64-00


IPv4 to IPv6 Translation Stateless AFT (IVI): IPv6 originates

IPv4 host

IPv4+IPv6 host


CustomerRouter IPv6

InternetIPv6 Internet

IPv6

1. Service Provider deploys IPv6-only infrastructure:Only IPv6 is available to the consumerIPv4 Internet available via IVI Translator (SP sets aside portion of existing IPv6 and IPv4 blocks to facilitate stateless translator)


IPv4DNS

IVI Translator

IVI IPv6

D N S q u e r yI Pv6

IPv6 host

http://tools.ietf.org/id/draft-baker-behave-ivi



IPv4 host

IPv4+IPv6 host


IPv4

CustomerRouter

1. Service Provider deploys IPv4-only infrastructure:Only IPv4 is available to the consumerIPv6 Internet available via IVI Translator (SP sets aside portion of existing IPv6 and IPv4 blocks to facilitate stateless translator)


IPv6

query DNS

IVI Translator

IVI IPv4

IPv6 host

IPv4 to IPv6 TranslationStateless AFT (IVI): IPv4 originates


TunnelingDual Stack PPP

1. SPs would love to have their embedded access infrastructure support IPv6

� Tunnels can originate from RG or CPE.When on CPE, no coordination with RG or Access Provider required!

� However legacy DSLAMs often cannot pass IPv6� These DSLAMs can pass PPP or IPv4, so it is possible to tunnel IPv6. This means massive investment reused


RG IPv4 Address

6rd Relay

For IPv6 traffic destined for the Home, the 6rd Relay pulls the RG’s IPv4 from within the destination IPv6 address

For IPv6 traffic destined to a nearby 6rd user, the RG pulls the target IPv4 tunnel endpoint from within the destination IPv6 address

For IPv6 traffic destined to the backbone, the RG uses the destination IPv4 of the 6rd Relay.

6rd RG

+ RG IPv4 Address + SLA/56

Residence’s IPv6 Subnet is constructed from:

ISP’s IPv6 Prefix /128

TunnelingIPv6 Rapid Deployment (6rd)

1. A form of v6/v4 which traverses the aggregation cloud without added IPv6 provisioninghttp://tools.ietf.org/html/draft-ietf-softwire-ipv6-6rd-00


TunnelingDual Stack Lite

1. Tunneling IPv4 over networks capable of Native IPv62. Step #1: Get IPv6 access & aggregation infrastructure working

Useful for SPs exhausting 10.x.x.x space in their aggregation networks. (E.g., Cable Modems & mobile access/aggregation devices)

CPE

� Step #2: IPv4 & IPv6 services over IPv6 transportNAT 444 by SP (1:1 or N:1) means no impactto premises IPv4 numberingAllows graceful turn-down of IPv4 over time

http://tools.ietf.org/id/draft-ietf-softwire-dual-stack-lite

IPv6 Deploymentpalo/Rozne/cisco-expo... · 6VPE Deployment 1. IPv6 VPN can coexist with IPv4...

Documents

Transcript of IPv6 Deploymentpalo/Rozne/cisco-expo... · 6VPE Deployment 1. IPv6 VPN can coexist with IPv4...