IPv4/IPv6 Transition Mechanisms. Luka Koršič, Matjaž Straus Istenič

Similar documents

MPLS VPN over mgre. Finding Feature Information. Prerequisites for MPLS VPN over mgre

IPv6 Fundamentals: A Straightforward Approach

IPv6 Co-existence & Integration

Deploying IPv6 for Service Providers. Benoit Lourdelet IPv6 Product Manager, NSSTG

MPLS-based Layer 3 VPNs

Notice the router names, as these are often used in MPLS terminology. The Customer Edge router a router that directly connects to a customer network.

Configuring a Basic MPLS VPN

IPV6 DEPLOYMENT GUIDELINES FOR. ARRIS Group, Inc.

Service Provider IPv6 Deployment

MPLS VPN Implementation

Residential IPv6 IPv6 a t at S wisscom Swisscom a, n an overview overview Martin Gysi

Configuring MPLS VPN & Remote Access. 12- ian- 2010

IPv6 Fundamentals, Design, and Deployment

IPv6 over IPv4/MPLS Networks: The 6PE approach

MPLS VPN. Agenda. MP-BGP VPN Overview MPLS VPN Architecture MPLS VPN Basic VPNs MPLS VPN Complex VPNs MPLS VPN Configuration (Cisco) L86 - MPLS VPN

CPE requirements and IPv6. Ole Trøan, February 2010

Transition to IPv6 in Service Providers

MPLS. Cisco MPLS. Cisco Router Challenge 227. MPLS Introduction. The most up-to-date version of this test is at:

Implementing MPLS VPNs over IP Tunnels

How Routers Forward Packets

Implementing MPLS VPNs over IP Tunnels on Cisco IOS XR Software

IPv6 TRANSITION TECHNOLOGIES

Configuring Remote Access to MPLS VPN

Configuring MPLS Hub-and-Spoke Layer 3 VPNs

IPv6 Deployment Strategies

IPv6 for AT&T Broadband

l.cittadini, m.cola, g.di battista

Frame Mode MPLS Implementation

TR-296 IPv6 Transition Mechanisms Test Plan

How To Make A Network Secure

Introducing Basic MPLS Concepts

Multiprotocol Label Switching Load Balancing

Cisco Exam Implementing Cisco Service Provider Next-Generation Egde Network Services Version: 7.0 [ Total Questions: 126 ]

MP PLS VPN MPLS VPN. Prepared by Eng. Hussein M. Harb

Prototype Cloud-based Services on MPLS Service Provider in Iraq

Inter-Autonomous Systems for MPLS VPNs

Basic IPv6 WAN and LAN Configuration

Introduction Inter-AS L3VPN

Securing the Transition Mechanisms

IPv4 and IPv6 Integration. Formation IPv6 Workshop Location, Date

Implementing Cisco Service Provider Next-Generation Edge Network Services **Part of the CCNP Service Provider track**

Benoit Lourdelet Cisco Systems Cisco IOS IPv6 Technical Marketing Engineer 2003, Cisco Systems, Inc. All rights reserved.

Table of Contents. Cisco Configuring a Basic MPLS VPN

Equipment Configuration: Routers. 6DEPLOY. IPv6 Deployment and Support

IETF IPv6 Request for Comments (RFCs) Updated

Integration Solutions Guide for Managed Broadband Access Using MPLS VPNs for Cable Multiservice Operators

MPLS Multi-Vendor Provisioning. Presented by Brian O Sullivan Director, Product Management Dorado Software October 21, 2003

WHITE PAPER. Best Practices for Deploying IPv6 over Broadband Access

IPv6 over MPLS VPN. Contents. Prerequisites. Document ID: Requirements

Campus IPv6 connection Campus IPv6 deployment

IPv6 Migration Challenges for Large Service Providers

Internetworking II: VPNs, MPLS, and Traffic Engineering

Firewalls und IPv6 worauf Sie achten müssen!

ProCurve Networking IPv6 The Next Generation of Networking

Lab 4.2 Challenge Lab: Implementing MPLS VPNs

Transition to IPv6 for Managed Service Providers: Meet Customer Requirements for IP Addressing

Managing the Co-existing Network of IPv6 and IPv4 under Various Transition Mechanisms

Designing and Developing Scalable IP Networks

MPLS Inter-AS VPNs. Configuration on Cisco Devices

CIRA s experience in deploying IPv6

SIIT-DC: IPv4 Service Continuity for IPv6 Data Centres. Tore Anderson Redpill Linpro AS RIPE69, London, November 2014

IPv6 Opportunity and challenge

Cisco Exam CCIE Service Provider Written Exam Version: 7.0 [ Total Questions: 107 ]

- Multiprotocol Label Switching -

Interconnecting Cisco Networking Devices Part 2

ICTTEN6172A Design and configure an IP- MPLS network with virtual private network tunnelling

Service Provider IPv6 Deployment Strategies

Provisioning Cable Services

IPv6 Security. Scott Hogg, CCIE No Eric Vyncke. Cisco Press. Cisco Press 800 East 96th Street Indianapolis, IN USA

IPv6 en Windows. Juan Jackson Pablo García

Cisco Implementing Cisco Service Provider Next-Generation Egde Network Services. Version: 4.1

Enterprise Network Simulation Using MPLS- BGP

MikroTik RouterOS Introduction to MPLS. Prague MUM Czech Republic 2009

N2X Core Routing - BGP-4 MPLS VPN scenario with integrated traffic Application Note

IPv6 Trace Analysis using Wireshark Nalini Elkins, CEO Inside Products, Inc.

An Architecture View of Softbank

IPv6-only hosts in a dual stack environnment

PRASAD ATHUKURI Sreekavitha engineering info technology,kammam

Layer 3 Multiprotocol Label Switching Virtual Private Network

MPLS Implementation MPLS VPN

IMPLEMENTING CISCO MPLS V2.3 (MPLS)

Status of IPv6 Rollout at Swisscom. Martin Gysi, public

Introduction to MPLS-based VPNs

Cisco. Patrick Grossetete Cisco Systems Cisco IOS IPv6 Product Manager pgrosset@cisco.com

Kingston University London

Cisco Which VPN Solution is Right for You?

IPv6 Transition Work in the IETF

TR-242 IPv6 Transition Mechanisms for Broadband Networks Issue: 2 Issue Date: February 2015

Design of Virtual Private Networks with MPLS

Interconnecting IPv6 Domains Using Tunnels

Ensuring a Smooth Transition to Internet Protocol Version 6 (IPv6)

CS419: Computer Networks. Lecture 9: Mar 30, 2005 VPNs

Copyright 2008 Internetwork Expert i

Expert Reference Series of White Papers. Cisco Service Provider Next Generation Networks

: Interconnecting Cisco Networking Devices Part 2 v1.1

Exam Name: BGP + MPLS Exam Exam Type Cisco Case Studies: 3 Exam Code: Total Questions: 401

MPLS VPN Services. PW, VPLS and BGP MPLS/IP VPNs

Expert Reference Series of White Papers. Cisco Service Provider Next Generation Networks

Provisioning Dial Access to MPLS VPN Integration

Transcription:

IPv4/IPv6 Transition Mechanisms Luka Koršič, Matjaž Straus Istenič

IPv4/IPv6 Migration Both versions exist today simultaneously Dual-stack IPv4 and IPv6 protocol stack Address translation NAT44, LSN, NAT64 Tunneling IPv6 over IPv4 (RFC 2893) IPv6 over GRE (RFC 2473) IPv4-compatible addresses (RFC 2893) IPv6 address is calculated from IPv4 address (::192.168.100.1) 6to4 (RFC 3056) 6rd IPv6 Rapid Deployment (RFC 5569) ISATAP (RFC 5214) Teredo NAT traversal (RFC 4380) MPLS 6PE (RFC 4798) 6VPE (RFC 4659) 2

Address Translation

Address Translation IPv4/IPv4 Address Translation Classic NAT/PAT NAT 44 (Large Scale NAT - LSN) NAT the whole access network is behind NAT NAT444 (LSN + NAT44) A+P (Address + Port) dynamic port sharing on the same IPv4 address IPv4/IPv6 Address Translation Enables communication between IPv4-only and IPv6-only devices NAT-PT (RFC 2766) deprecated NAT64 Framework for IPv4/IPv6 Translation (RFC 6144) IPv6 Addressing of IPv4/IPv6 Translators (RFC 6052) DNS64: DNS Extensions for Network Address Translation from IPv6 Clients to IPv4 Servers (RFC 6147) IP/ICMP Translation Algorithm (RFC 6145) 4

Stateless NAT64 Stateless no session preservation Algorythm for translating between IPv4 and IPv6 addresses Each IPv6 address is translated to exactly one IPv4 address Only IP and ICMP header is translated Direction of operation IPv6 è IPv4 internet IPv4 internet è IPv6 IPv6 è IPv4 IPv4 è IPv6 Header fields translation Addresses Hop Limit ó TTL Payload Length Header Length Total Length

Tunneling

Manual Tunneling RFC 2893 Transition Mechanisms for IPv6 Hosts and Routers interface tunnel 100 ipv6 address 201:300::1/64 (no) ipv6 nd ra suppress tunnel source 200.15.15.1 tunnel destination 200.13.13.1 tunnel mode ipv6ip interface tunnel 100 ipv6 address 201:300::2/64 (no) ipv6 nd ra suppress tunnel source 200.13.13.1 tunnel destination 200.15.15.1 tunnel mode ipv6ip 7

GRE Tunneling RFC 2473 Generic Packet Tunneling in IPv6 Specification GRE (Generic routing Encapsulation) interface tunnel 2002 ipv6 address 201:300::1/64 tunnel source e0/0 tunnel destination 200.13.13.1 tunnel mode gre ip interface tunnel 2002 ipv6 address 201:300::2/64 tunnel source e0/0 tunnel destination 200.15.15.1 tunnel mode gre ip 8

6to4 1/3 RFC 3056 Connection of IPv6 Domains via IPv4 Clouds Features Automatic tunnel provisioning IPv6 address is calculated from IPv4 (2002:192.168.100.1::/48) Public 6to4 anycast relay 192.88.99.1 è 2002:c058:6301:: (RFC3068) Elements Hosts Routers Relays 9

6to4 2/3 Connecting remote IPv6 LANs interface tunnel 2002 ipv6 address 2002:c80f:0f01::1/128 tunnel source ethernet0/0 tunnel mode ipv6ip 6to4 interface ethernet 0/0 ip address 200.15.15.1 255.255.255.0 interface ethernet 1/0 ipv6 address 2002:c80f:0f01:100::2/64 interface tunnel 2002 ipv6 address 2002:c80b:0b01::1/128 tunnel source ethernet0/0 tunnel mode ipv6ip 6to4 interface ethernet 0/0 ip address 200.11.11.1 255.255.255.0 interface ethernet 1/0 ipv6 address 2002:c80b:0b01:100::2/64 10

6to4 3/3 IPv6 Internet Access CE and 6to4 Relay configuration interface tunnel 2002 ipv6 address 2002:c80f:0f01::1/128 tunnel source ethernet0/0 tunnel mode ipv6ip 6to4 interface ethernet 0/0 ip address 200.15.15.1 255.255.255.0 interface ethernet 1/0 ipv6 address 2002:c80f:0f01:100::2/64 interface Loopback0 ip address 192.88.99.1 255.255.255.0 ipv6 address 2002:c058:6301::1/128 interface tunnel 2002 ipv6 unnumbered Loopback0 tunnel source Loopback0 tunnel mode ipv6ip 6to4 ipv6 route 2002::/16 tunnel2002 ipv6 route 2002::/16 tunnel2002 ip route ::/0 2002:c058:6301::1 11

IPv6 Rapid Deployment (6rd) 1/4 RFC 5969 IPv6 Rapid Deployment on IPv4 Infrastructure (6rd) Protocol Specification Features Automatic tunnel provisioning ISP IPv6 address space IPv6-only access network Elements Hosts 6rd Customer Equipment (CE) 6rd Border router (BR) 12

IPv6 Rapid Deployment (6rd) 2/4 Connecting remote IPv6 LANs ipv6 general-prefix 6rd-prefix 6rd Tunnel 1 ipv6 unicast routing ipv6 cef interface Tunnel 1 ipv6 enable tunnel source Ethernet 1/0 tunnel mode ipv6ip 6rd tunnel 6rd prefix 2001:db8::/32 tunnel 6rd ipv4 prefix-len 16 interface Ethernet 0/0 description LAN1 ipv6 address 6rd-prefix ::1/64 interface Ethernet 1/0 description Towards LAN2 ip address 200:15:15:1 255.255.255.0 ipv6 route 2001:db8::/32 tunnel 1 13

IPv6 Rapid Deployment (6rd) 3/4 IPv6 Internet Access CE configuration ipv6 general-prefix 6rd-prefix 6rd Tunnel 1 ipv6 unicast routing Ipv6 cef Interface Tunnel 1 ipv6 enable tunnel source Ethernet 1/0 tunnel mode ipv6ip 6rd tunnel 6rd prefix 2001:db8::/32 tunnel 6rd ipv4 prefix-len 16 tunnel 6rd br 200.15.0.1 interface Ethernet0/0 description Users ipv6 address 6rd-prefix ::1/64 interface Ethernet1/0 description ISP ip address 200.15.15.1 255.255.255.0 ipv6 route 2001:db8::/32 tunnel1 ipv6 route ::/0 tunnel1 2001:db8:1:: 14

IPv6 Rapid Deployment (6rd) 4/4 IPv6 Internet Access 6rd BR Configuration ipv6 general-prefix 6rd-prefix 6rd Tunnel 1 ipv6 unicast routing Ipv6 cef Interface Tunnel 1 ipv6 enable tunnel source Loopback0 tunnel mode ipv6ip 6rd tunnel 6rd prefix 2001:db8::/32 tunnel 6rd ipv4 prefix-len 16 interface Ethernet0/0 description IPv6 Internet ipv6 address 2001:db9::1/64 interface Loopback0 description BR Address ip address 200.15.0.1 255.255.255.0 ipv6 route 2001:db8::/32 tunnel1 ipv6 route ::/0 2001:db9::2 15

Teredo RFC 4380 Teredo: Tunneling IPv6 over UDP through Network Address Translations (NATs) Features NAT traversing Supported by default on Microsoft OS Slow UDP Elements Hosts/servers Relays Host-specific relays 16

ISATAP RFC 5214 Intra-Site Automation Tunnel Addressing Protocol (ISATAP) Features Corporate & academic environments Single administrative domain Elements Hosts Routers IPv6 Source IPv6 Destination fe80:5efe:10.40.1.29 fe80:5efe:192.168.41.30 IPv4 Source 10.40.1.29 IPv4 Destination 192.168.41.30 17

6PE 1/2 RFC 4798 Configuring IPv6 Islands over IPv4 MPLS Using Provider Edge Routers Features Core remains IPv4 Edge devices (6PE) must support dual-stack IPv6 packets transported over LSP IPv4 Control plane (IGPv4, LDPv4, MP-BGP) Fast Re-Route (FRR), Traffic Engineering (TE) 18

6PE 2/2 Connecting remote LANs 6PE1 & 6PE2 Configuration ipv6 cef interface loopback0 ip address 200.10.10.1 255.255.255.0 router bgp neighbor 2001:f00d:1::1 remote-as 65014 neighbor 200.11.11.1 remote-as 100 neighbor 200.11.11.1 update-source lo0 address-family ipv6 neighbor 200.11.11.1 activate neighbor 200.11.11.1 send-label ipv6 cef interface loopback0 ip address 200.11.11.1 255.255.255.0 router bgp neighbor 2001:db8:1::1 remote-as 65015 neighbor 200.10.10.1 remote-as 100 neighbor 200.10.10.1 update-source lo0 address-family ipv6 neighbor 200.10.10.1 activate neighbor 200.10.10.1 send-label 19

6VPE 1/5 RFC 4659 BGP-MPLS IP Virtual Private Network (VPN) Extension for IPv6 VPN Features IPv6 VPN provisioning over IPv4/MPLS Edge devides (6VPE) must support dual-stack Same MPLS VPN features as for IPv4 VRF, RT, RD MP-NGP Mainly used in enterprises 20

6VPE 2/5 Connecting remote IPv6 VPN LANs CE1 configuration ipv6 unicast-routing ipv6 cef interface Ethernet0/0 description To the ISP ip address 172.16.1.1 255.255.255.0 ipv6 address 2001:db8:cafe:1::1/64 interface Ethernet1/0 description ipv6vpn ip address 10.1.1.1 255.255.255.0 ipv6 address 2001:db8:beef:1::1/64 ipv6 rip ipv6vpn enable router bgp 500 neighbor 2001:db8:cafe:1::2 remote-as 100 neighbor 172.16.1.2 remote-as 100 address-family ipv4 redistribute eigrp 100 neighbor 172.16.1.2 activate exit-address-family address-family ipv6 neighbor 2001:db8:cafe:1::2 activate redistribute rip ipv6vpn exit-address-family 21

6VPE 3/5 Connecting remote IPv6 VPN LANs 6VPE1 VRF configuration vrf definition ipv6vpn rd 200:1 address-family ipv4 route-target export 200:1 route-target import 200:1 exit-address-family address-family ipv6 route-target export 200:1 route-target import 200:1 exit-address-family 22

6VPE 4/5 Connecting remote IPv6 VPN LANs 6VPE1 Configuration ipv6 unicast-routing ipv6 cef interface Loopback0 ip address 200.10.10.1 255.255.255.255 interface Ethernet0/0 description To the ipv6vpn on CE1 ip address 172.16.1.2 255.255.255.0 ipv6 address 2001:db8:cafe:1::2/64 interface Ethernet2/0 description To the ISP ip address 192.168.1.1 255.255.255.252 mpls ip router ospf 1 log-adjacency-changes redistribute connected subnets passive-interface Loopback0 network 192.168.1.0 0.0.0.255 area 0 23

6VPE 5/5 Connecting remote IPv6 VPN LANs 6VPE1 BGP configuration router bgp 100 neighbor 200.11.11.1 remote-as 100 neighbor 200.11.11.1 update-source lo0 address-family ipv4 neighbor 200.11.11.1 activate no auto-summary no synchronization exit-address-family address-family vpnv4 neighbor 200.11.11.1 activate neighbor 200.11.11.1 send-community ext exit-address-family address-family vpnv6 neighbor 200.11.11.1 activate neighbor 200.11.11.1 send-community ext exit-address-family address-family ipv4 vrf ipv6vpn redistribute connected neighbor 172.16.1.1 remote-as 500 neighbor 172.16.1.1 activate exit-address-family! address-family ipv6 vrf ipv6vpn neighbor 2001:db8:cafe:1::1 remote-as 500 neighbor 2001:db8:cafe:1::1 activate exit-address-family 24

Operator & ISP networks

Goal Native IPv6 Access Aggregation Core 26

Access 1/4 NAT 44 (Large Scale NAT) Holding on to IPv4 27

Access 2/4 NAT64 AFT Address Family Translation Stateless NAT64 Cisco 28

Access 3/4 6rd IPv6 Rapid Deployment Swiss Telecom (in production this year) 29

Access 4/4 DS-Lite Dual-Stack Lite NAT 44 A+P 30

Access - PPPoE 1/3 RFC 2472 IP version 6 over Point to Point Protocol (PPP) PPPoE PPP over Ethernet 31

Access - PPPoE 2/3 IPv6 over PPPoE CPE Lack of CPEs that support IPv6 over PPPoE Dual-stack IPv4/IPv6 Access and aggregation Core No upgrade required IPv4/IPv6 Addressing subscriber devices SLAAC (Stateless Address Autoconfiguration) DHCPv6-PD 32

Access - PPPoE 3/3 Basic authorization and DHCP-PD Source: Cisco 33

Access - IPv6oE 1/2 1:1 VLAN + DHCP-PD Source: Cisco 34

Access - IPv6oE 2/2 N:1 VLAN + DHCP-PD + AAA Source: Cisco 35

Cable Access IPv6 in cable networks exists for some time now Lack of IPv4 private address space IPv4 (big cable operators) DOCSIS 3.0 IPv6 on CM (Cable Modem) IPv6 on CMTS (Cable Modem Termination System) IPv6 on terminal devices Addressing SLAAC DHCPv6 36

Core 1/3 IPv4 Separated IPv6 network (new devices) IPv6 tunneling IPv6 over IPv4 (RFC 2893) GRE (RFC 2473) L2TPv3 Dual-stack core devices Careful planning with network resources! MPLS Native IPv6 MPLS Poor support IPv6 over AToM (Any Transport over MPLS) IPv6 provider edge router (6PE) over MPLS IPv6 VPN provider edge (6VPE) over MPLS 37

Core 2/3 IPv6 Provider Edge Router (6PE) over MPLS Edge devices (PE) are dual-stack, core remains IPv4/MPLS 38

Core3/3 IPv6 VPN provider edge (6VPE) over MPLS BGP/MPLS VPN + 6PE J Core remains IPv4/MPLS 39

Thank you!