cisco ipv6 update - terena · cisco ios ipv6 status c6500 12.2sx, c4500 12.2ew 12.2s-based...
Post on 22-Jun-2020
24 Views
Preview:
TRANSCRIPT
1© 2004 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
Cisco IPv6 update(in <=5minutes)
TF-NGN meeting, BrusselsLarry Dunn
Manager, Advanced Architectureldunn@cisco.com
(slides mostly from Patrick Grossetete,pgrosset@cisco.com)
222© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
The short version
• For those that have seen Patrick Grossetete’sthree-phase IPv6 development plan:
• Phase 1&2 are finished
• Phase 3 is also pretty much complete (some timingvariance by hardware platform)
• For those who like more detail…
333© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Cisco IOS IPv6 Status
C6500 12.2SX,C4500 12.2EW
12.2S-basedDerivatives
L3 switches
Aug 200312.3TNote – as well as 12.2S
Technologydevelopment
Feb 200312.2SEdge & EnterpriseInfrastructure
Feb 2002
May 2004
12.0S on 12000, 10720IOS-XR 2.0 on CRS-1
CoreMay 200312.3MGeneral Production
First FCS DateCisco IOS ReleasePositioning
IPv6 Start Here documents the IPv6 feature set per Cisco IOS releaseswww.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/ipv6_c/ftipv6s.htm
444© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
• IPv6 QoS (MQC)
QoSQoS
Cisco IOS 12.3M/TT – IPv6 Feature Overview
• IPv6 standard ACL• IPv6 extended ACL•• IPv6 IPv6 IPsecIPsec authentication authentication
for OSPFv3for OSPFv3•• IPv6 FirewallIPv6 Firewall
SecuritySecurity
• RIPng• OSPFv3• IS-IS for IPv6• MT IS-IS• MP-BGP IPv6 Unicast• MP-BGP IPv6 MulticastMP-BGP IPv6 Multicast•• Policy Based RoutingPolicy Based Routing
RoutingRouting
Broadband Access
• Cisco VSA AAA•• Radius AAA (RFC 3162)Radius AAA (RFC 3162)• PPPoA, PPPoE, RBERBE and
ATM 1483 encapsulations•• DHCPv6 Prefix DelegationDHCPv6 Prefix Delegation
(RFC3633)(RFC3633)•• Stateless DHCP (RFC 3646)Stateless DHCP (RFC 3646)•• Generic PrefixGeneric Prefix
•• MLDv1 and v2MLDv1 and v2•• MLD Access GroupMLD Access Group•• PIMv2 SM, SSM, Bi-DirPIMv2 SM, SSM, Bi-Dir•• PIM Embedded RPPIM Embedded RP•• IPv6 MC over IPv4 tunnelsIPv6 MC over IPv4 tunnels•• Scope BoundariesScope Boundaries•• Static Static mRoutesmRoutes
MulticastMulticast
• Configured & AutomaticTunnels (RFC 2893)
• 6to4 (RFC 3056 & 30683068)• IPv6 over GRE/IPv4• IPv6 over MPLS (6PE)• ISATAP• NAT-PT Phase I & IIII (RFC
2765 & 2766)•• IP over IPv6 TunnelsIP over IPv6 Tunnels
Integration
• IPv6 (RFC 2460)• ICMPv6 (RFC 2463)• Neighbor Discovery (RFC 2461)• Stateless Auto-Configuration•• AnycastAnycast• CEFv6/dCEFv6• uRPF Strict Mode•• CEFv6 Switched TunnelsCEFv6 Switched Tunnels
CoreCore
• Telnet, TFTP, DNS resolver, HTTP,Ping, Traceroute, SSH
• Cisco IP & IP-Forwarding MIBs•• NetflowNetflow for IPv6 for IPv6
Applications & Applications & MgntMgnt
Cisco IOSCisco IOSSoftwareSoftware
Release 12.3MRelease 12.3M&& 12.3T12.3T
555© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
CRS-1 IOS XR IPv6 Summary
• IPv6 Hardware Forwardingup to OC-768
• IOS-XR 2.0 Feature SetIPv6, IPv6 address architectureICMPv6, ND, Stateless Auto-ConfigurationOSPFv3, IS-IS including Multi-TopologyMP-BGP4dCEFv6 including
Layer 3 load balancing via CEFRPF Support Loose mode
MTU Path DiscoveryIPv6 ACL SupportPingv6, Traceroutev6, Rlogin supportTelnet, FTP Client
• Post release 2.0IPv6 QOSIPv6 MulticastIPv6 MIBsIPv6 uRPF Strict ModeMore….
666© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
CY01-04CY01-04
Cisco 12000 series router IPv6 Roadmap
• dCEFv6• I/IS-ISv6• Plus IOSPhase I features• Support onE0/1/2/4• 6PE support• IPv6 MIB•Enhancementsto RIPng,dCEFv6• SSHv6
•IPv6/E3 NativeH/W Forwarding•IPv6 ExtendedACLs, LC S/W• Configured IPv6Tunnels, LC S/W• IPv6 on DPT LCs• IPv6 on 10GE• IPv6 on 10xGE• L2TPv3 with E2Tunnel Card
• Multicast onE3/E4+• MT IS-IS
CY0CY04/054/05
22S22S
•IPv6 uRPF (Strict)•IPv6 onOC192/10GE i/fs(Engine 5)
Planned• IPv6/E3 E-ACLsin E3 H/W• 6PE hardwaresupport on E3•IPv6 on E3 4 x GE
• OSPFv323S23S 24S24S
25S25S
• 6PE accelerationon E4/E4+• IPv6 MC on DPT• SNMP over IPv6
26S26S
27S27S
• QoS on E3• BSR
28S28S
31S31S
777© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Cisco 7600/Cat. 6500 series IPv6 Overview
• Multicast• MT IS-IS• QoS• Netflow
Feature set on 12.2SXFeature set on 12.2SX CCY0Y055IPv6 BasicsIPv6 Basics• ICMPv6• ND – includingstatic entries• Stateless Auto-config.• ACL• MIBs, SSH, Telnet• DNS, TFTP Routing protocolsRouting protocols• RIPng, IS-IS forIPv6, MP-BGP4IPv6 TunnelsIPv6 Tunnels• Configured,automatic, GRE,6to4, ISATAP Switching Switching• CEFv6• 6PE (IPv6 overMPLS)
IPv6IPv6 Hardware Assistance Hardware Assistance• Supervisor Engine 720
•IPv6 hardware assistedforwarding• native IPv6 - + 20Mpps• IPv6 over IPv4 tunnels - 10Mpps
• dCEF720 (PFC3) modules• ie: 10GE• +200 Mpps
Sup2/MSFC2 support on 12.2(17d)SXA
888© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Cisco Catalyst 3750 Series IPv6 Roadmap
Feature set inherited from 12.2S in CY04Feature set inherited from 12.2S in CY04
IPv6 Capable Hw:• FCS – May 2003• 12.1E Release• No IPv6 software
IPv6IPv6 Hardware SwitchingHardware Switching•• 12.2(25)SEA Release 12.2(25)SEA Release•• IPv6 EFT in Q4 2004 IPv6 EFT in Q4 2004•• IPv6 FCS in Q1 2005 IPv6 FCS in Q1 2005•• IPv6 across Cisco IPv6 across CiscoStackWise StackWise TechnologyTechnology•• Imbedded management Imbedded managementwith CMS for IPv6 basicwith CMS for IPv6 basicSupportSupportIPv6 FeaturesIPv6 Features•• Unicast Unicast Routing (Static,Routing (Static,RIPngRIPng, OSPFv3), OSPFv3)•• Switching (CEFv6) Switching (CEFv6)•• ACL (Limitation on host ACL (Limitation on hostroutes)routes)
CCY0Y066
• Multicast• Full ACL• MP-BGP
999© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Catalyst 6500 Series – NAM
• Introducing IPv6 NetworkManagement capabilities
• IPv6 monitoring and decodeswith NAM
• Can set up alarms with IPv6addresses
• Can configure an “easy” IPv6capture filter and IPv6-historical reports
101010© 2004 Cisco Systems, Inc. All rights reserved.Presentation_ID
Cisco IPv6 Security Solutions
IPv6 FirewallIPv6 FirewallStateful Stateful PacketPacket
FilteringFilteringIOS 12.3(7)TIOS 12.3(7)T
PIX 7.0 laterPIX 7.0 later
•Secure connectivity– IPSec
o IPv4 dynamic IPSec to protect IPv6 over IPv4tunnels with dynamic IPv4 end pointo IPv4 IPSec over UDP to offer protection whencrossing a firewall or NATo IPv6 IPSec to authenticate OSPFv3 – 12.3(4)To IPv6 Site-to-Site – H2 CY04
•Threat protection– Packet filtering
o Standard, reflexive, extended access control listo Hardware filtering (Cisco 12000 Series IPService Engine, Catalyst 6500 Series SupervisorEngine 720)
Protecting your network for IPv6 2004
Integration and CoexistenceNow
111111© 2003 Cisco Systems, Inc. All rights reserved.Presentation_ID
top related