tb2386 gorenveld expert_one i_pv6_final
Post on 12-Jan-2015
761 Views
Preview:
DESCRIPTION
TRANSCRIPT
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
ExpertOne: Introduction to IPv6 Praveen Bahethi
June 2012
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 3
Objectives
Identify various types of IPv6 addresses and explain how devices obtain them
Configure IPv6 addresses on HP switches
Create static IPv6 routes to enable routing in a simple IPv6 network
Deploy an OSPFv3 routing solution in a complex IPv6 network
Tunnel IPv6 traffic through an IPv4 environment
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 4
Discussion Topics IPv6 background Enhancements from IPv4
Types of traffic
Address format
Unicast global prefixes
Unicast link-local prefix
Multicast
IPv6 interface addresses NDP IPv6 static routes OSPFv3 Other IPv6 features and protocols Transitioning from IPv4 to IPv6
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 5
Building on IPv4, IPv6 addresses contemporary networking needs
IPv6 Overview
Feature IPv4 IPv6
Address length 32 bits 128 bits (four times as large)
NAT Often necessary Not necessary
Header size 20 bytes, many options 40 bytes (only twice as large) but extensible
Configuration Manual, DHCPv4 Manual, stateful automatic (DHCPv6), stateless automatic, cryptographic
Types of addresses Broadcast, multicast, unicast Multicast, unicast, anycast
Addresses per-interface Single Multiple
Neighbor discovery, router discovery, Address resolution, NUD, redirects, etc.
A variety of separate protocols NDP (built in)
IPsec Optional Integrated
QoS Some Better
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 6
IPv6 Address Hexadecimal Notation
FF15 :: 241 : 0 : 0 : 4C22
0000 0000 0000 0000 0000 0000 0000 0000 0100 1100 0010 0010
1111 1111 0001 0101 0010 0100 0001 0000 0000 0010 0100 0001
What bits do the double colons replace?
Which is correct?
Why is the double colon not used here?
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 7
Types of IPv6 Traffic
Unicast
Multicast
Anycast *The 2001:DB8::/16 prefix used throughout this module is for documentation purposes only
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 8
IPv6 Unicast Addresses Network prefix Variable (between 3 and 64 bits for global)
Defines scopes • Link-local
• Site-specific (deprecated)
• Global
Can also define other types of traffic
Interface ID Fixed at 64 bits for link-local and global
Based on a token (typically, the MAC address)
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 9
IPv6 Link-local Prefixes
FE80::23/10
Link-local packets cannot cross Layer 3 subnet boundary
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 10
IPv6 Global Prefixes
Global traffic, in the 2000::/3 range, can be routed anywhere
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 11
The global prefix is built in a hierarchical manner
2 XXX:X XX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX
IPv6 Global Prefix Detail
Interface ID
IANA Always 3 bits
Local subnet RIR/NIR (variable) ISP/LIR
(variable) Organization (EU) (variable)
Globally assigned
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 12
IPv6 Multicasts The multicast reaches all nodes in the multicast group
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 13
IPv6 Multicast Addresses Prefix = FF00::/8 (1111 1111)
Embed information
• Type of multicast address (indicated by RPT flags)
− Permanently assigned by IANA
− Dynamically assigned (with or without extra information)
• Scope T flag indicates whether permanent (0) or dynamic (1)
P and RP flags indicate whether dynamic addresses embed extra information
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 14
Multicast Scopes
Multicast boundary associated with scope 4
C, and D are members of FF12::1, FF14::1, and FF1E:::1
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 15
Permanent Multicast Addresses Prefix = FF00:://12 Fixed scope The scope is built in as part of the permanently assigned address
Examples: • FF02::1 = All-nodes on the link (like an IPv4 broadcast address)
• FF02::2 = All-routers on the link
All scope The defined address can operate within different scopes
Example—FF0x::101/12 = NTP multicast address • FF02::101 = All NTP servers on a link (collision domain)
• FF05::101 = All NTP servers at a site
• FF0E::101 = All NTP servers on the Internet
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 16
Unicast-prefix-based Multicast Prefix = FF30::/12 or FF70::/12
Simplifies the dynamic assignment of multicast addresses:
• Embeds the unicast prefix into the address to ensure automatically that it is globally unique
• Can embed the RP address
FF78:0730:2001:0DB8:0A0E:0000:4040:4040
Multicast Prefix
Flags 0RPT
T is always 1
RP ID
Prefix Length
Unicast Prefix Group ID: Permanent or dynamic
Scope
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 17
Discussion Topics
IPv6 background IPv6 interface addresses
Auto-configuration
Manual configuration of the global prefix
RA configuration
NDP IPv6 static routes OSPFv3 Other IPv6 features and protocols Transitioning from IPv4 to IPv6
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 18
Methods for Obtaining an IPv6 Address
Stateless auto-configuration* Manual* State-ful auto-configuration (DHCPv6) Cryptographic *Supported on HP switch interfaces
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 19
Configure Stateless Auto-configuration
On an HP switch: • Enable IPv6 • Access a VLAN interface and specify auto address configuration
[Switch] ipv6 [Switch] interface vlan <ID> [Switch-Vlan-interface<ID>] ipv6 address auto
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 20
Generate tentative link-local address
Stateless Auto-configuration Step1
Tentative, auto-configured link-local address:
Network prefix = Link-local prefix
Interface ID = EUI-64 format address
Interface ID
IEEE 48-bit MAC address
Expand to EUI-64
Invert the Global Bit
00 18 71 74 4F 00
18 71 74 4F 00 FF FE
18 71 74 4F 00 FF FE
00000000 00000010
00
02
0218:71FF:FE74:4F00 FE80:: Link-local prefix
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 21
Join all-nodes and solicited-nodes multicast groups
Stateless Auto-configuration
All interfaces must join these multicast groups: All-nodes = FF02::1
Solicited-node for unicast addresses = FF02::1:FFXX-XXXX, in which Xs = last 24 bits of the unicast address
Unicast addresses State Example Loopback — ::1/128
Link-local address Tentative (not assigned) FE80::218:71FF:FE74:4F00
Multicast addresses Example
All-nodes FF02::1
Solicited-node for link-local address FF02::1:FF74:4F00
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 22
Perform DAD
Stateless Auto-configuration
The interface sends an NS multicast to the solicited-node address for its tentative address Ethernet Header • Destination MAC = 33-33-FF-74-4F-00 IPv6 Header • Source Address = :: • Destination Address = FF02::1:FF74:4F00 • Hop limit = 255 Neighbor Solicitation Header • Target Address = FE80::218:71FF:FE74:4F00
Tentative IP: FE80::218:71FF:FE74:4F00
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 23
Response for an non-unique address
Stateless Auto-configuration
Ethernet Header • Destination MAC = 33-33-00-00-00-01 IPv6 Header • Source Address = FE80::218:71FF:FE74:4F00 • Destination Address = FF02::1 • Hop limit = 255 Neighbor Advertisement Header • Target Address = FE80::218:71FF:FE74:4F00 Neighbor Discovery Option • Target Link-Layer Address = 00-18-71-74-4F-00
Tentative IP: FE80::218:71FF:FE74:4F00
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 24
Request information about the network (RS)
Stateless Auto-configuration
Ethernet Header • Destination MAC = 33-33-00-00-00-02 IPv6 Header • Source Address = :: • Destination Address = FF02::2 • Hop limit = 255 Router Solicitation Header
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 25
Receive information (RA)
Stateless Auto-configuration
Network information for each prefix:
• M and O flags = 0
• Prefix
• Preferred and valid lifetimes
• MTU, hop limit, reachable time, retransmission timer, etc.
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 26
Global address configuration
Stateless Auto-configuration
Tentative global address configuration • Network prefix = Advertised prefix
• Interface ID = same interface ID for link-local
Unicast addresses State Example
Loopback — ::1/128
Link-local Preferred FE80::218:71FF:FE74:4F00
Global Tentative 2001:DB8:0:1:218:71FF:FE74:4F00
Multicast addresses Example
All-nodes FF02::1
Solicited-node for link-local and global address FF02::FF74:4F00
All-routers FF02::2
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 27
Perform DAD for the global address
Stateless Auto-configuration
To transition the global addresses to preferred addresses, the interface must implement DAD Ethernet Header • Destination MAC = 33-33-FF-74-4F-00 IPv6 Header • Source Address = :: • Destination Address = FF02::1:FF74:4F00 • Hop limit = 255 Neighbor Solicitation Header • Target Address = 2001:DB8:0:1:218:71FF:FE74:4F00
Tentative IP: 2001:DB8:0:1:218:71FF:FE74:4F00
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 28
Subnet router anycast
Stateless Auto-configuration
Subnet-router anycast required on routing interfaces
HP switches add this anycast address automatically
Unicast addresses State Example Loopback — ::1/128
Link-local address Preferred FE80::218:71FF:FE74:4F00/10
Global address Preferred 2001:DB8:0:1:218:71FF:FE74:4F00/64
Multicast addresses Example
All-nodes FF02::1
Solicited-node for link-local and global address
FF02::FF74:4F00
All-routers (link) FF02::2
Anycast addresses Example
Subnet routers 2001:DB8:0:1::
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 29
Stateless Auto-configuration on Endpoints
Similar process as on the switches These addresses are required Unicast addresses State Example
Loopback — ::1/128
Link-local address Preferred FE80::218:12FF:FE81:2E75/10
Global address Preferred 2001:DB8:0:1:218:12FF:FE81:2E75/64
Multicast addresses Example
All-nodes FF02::1
Solicited-node for link-local and global address
FF02::FF81:2E75
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 30
Manual Configuration of the IPv6 Address
• Enable IPv6 • Configure the IPv6 prefix for an EUI-64 format address
• Interface follows the same steps as for auto-configuration but uses the configured prefix instead of one in an RA
[Switch-Vlan-interface<ID>] ipv6 address <IPv6 prefix/prefix length> eui-64
Global Configured prefix + Interface ID
Link-local Link-local prefix + Interface ID
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 31
Enabling Routing Advertisements
• Enable RA messages • The interface automatically advertises the prefix(es) for its global address(es)
[Switch-Vlan-interface<ID>] undo ipv6 nd ra halt
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 32
Need — Update the Network Prefix How can you change the prefix in an efficient way?
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 33
Solution — Seamless Update Using Auto-configuration and RAs Use RAs to transition seamlessly to the new address
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 34
Need — other Configuration Settings for IPv6 Nodes
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 35
Solution — Stateless (and Stateful) DHCPv6 • Configure the managed and other flags in the routing switch’s RA messages
• Configure DHCPv6 relay in VLAN 1
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 36
Discussion Topics
IPv6 background IPv6 interface addresses NDP IPv6 static routes OSPFv3 Other IPv6 features and protocols Transitioning from IPv4 to IPv6
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 37
NDP DAD
Router discovery
Prefix and parameter discovery
Stateless auto-configuration
• Next-hop determination (neighbor and router discovery)
• Address resolution
• NUD
• Router redirects
Message Type Type Value RFC
Router Solicitation/Router Advertisement 133/134 4861
Neighbor Solicitation/Neighbor Advertisement 135/136 4861
Redirect Message 137 4861
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 38
Next-hop Determination
NDP enables IPv6 nodes to build up tables necessary for forwarding traffic
Destination cache
Neighbor cache
Prefix list
Default router list
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 39
Address Resolution — NS Ethernet Header • Destination MAC = 33-33-FF-02-6E-A5 IPv6 Header • Source Address = FE80::210:5AFF:FEAA:20A2 • Destination Address = FF02::1:FF02:6EA5 • Hop limit = 255 Neighbor Solicitation Header • Target Address = FE80::260:97FF:FE02:6EA5 Neighbor Discovery Option • Source Link-Layer Address = 00-10-5A-AA-20-A2 MAC: 00-10-5A-AA-20-A2
IP: FE80::210:5AFF:FEAA:20A2
MAC: 00-60-97-02-6E-A5 IP: FE80::260:97FF:FE02:6EA5
1
2
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 40
Address Resolution — NA • Exchange of NS and NA messages resolves the neighbor’s link-layer address • Both hosts update neighbor caches • Unicast traffic can now be sent
Send unicast Neighbor Advertisement
MAC: 00-10-5A-AA-20-A2 IP: FE80::210:5AFF:FEAA:20A2
2
MAC: 00-60-97-02-6E-A5 IP: FE80::260:97FF:FE02:6EA5
Ethernet Header • Destination MAC = 00-10-5A-AA-20-A2 IPv6 Header • Source Address = FE80::260:97FF:FE02:6EA5 • Destination Address = FE80::210:5AFF:FEAA:20A2 • Hop limit = 255 Neighbor Advertisement Header • Target Address = FE80::260:97FF:FE02:6EA5 Neighbor Discovery Option • Target Link-Layer Address = 00-60-97-02-6E-A5
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 41
NUD
A neighboring node and its forward path is reachable if There has been recent confirmation that IPv6 packets sent were received and processed by the neighboring node
Reachability is also determined by Upper layer protocol indicators
Receipt of an NA message in response to a unicast NS message
The NA Solicited flag must be set to 1 Unsolicited messages confirm only the one-way path from the source to the destination node Solicited NA messages indicate that a path is working in both directions
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 42
Lab Activity 8.1
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 43
Lab Activity 8.1 Debrief
• What key insights did you have? • What challenges did you confront and how did you solve them? • What display commands helped you to assess and troubleshoot your configuration?
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 44
Discussion Topics
IPv6 background IPv6 interface addresses NDP IPv6 static routes OSPFv3 Other IPv6 features and protocols Transitioning from IPv4 to IPv6
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 45
IPv6 Static Routes
– Similar options to IPv4 routes
– Destination = IPv6 prefix + prefix length metric
• Example: 2001:DB8:1100:: 40
– Next hop
• Next hop router’s global unicast address
− Example: 2001:DB8:2222:43:0214:34FF:FEB7:09A4
− Next hop router’s link-local unicast address on the forwarding interface
− Example: FE80::0214:34FF:FEB7:09A4
[Switch] ipv6 route-static 2001:DB8:1100:: 40 2001:DB8:2222:43:0214:34FF:FEB7:09A4 [Switch] ipv6 route-static :: 0 FE80::0223:1AFF:FEC8:12CD int vlan 100
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 46
Configuring Hierarchical Static IPv6 Routes
What static routes should you configure?
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 47
Configuring Hierarchical Static IPv6 Routes (continued) These routes work
You could also configure larger aggregations.
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 48
Discussion Topics
IPv6 background NDP IPv6 interface addresses IPv6 static routes OSPFv3 Other IPv6 features and protocols Transitioning from IPv4 to IPv6
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 49
OSPFv2 Versus OSPFv3 Feature v2 v3
Area Support X X
Algorithm SPF SPF
Packet Flooding X X
Designated Router Election X X
Master/Slave Relationships X X
Instances per link 1 multiple
Addressing semantics in Type 1 and 2 LSAs yes no
Flooding scopes AS, area AS, Area, and Link-Local
Interface ID IPv4 Address Link-Local Address
Option handling Flexible More flexible
LSAs 7 9
Authentication Provided IPv6 Header
Router ID IPv4 Address 32-bit Address
AllSPFRouters 224.0.0.5 FF02::5
AllDRouters 224.0.0.6 FF02::6
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 50
OSPFv3 on HP Switches Enable OSPFv3 on routed interfaces (links) rather than on networks
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 51
Changes to Router and Network LSAs No longer include router and link addressing information
No longer include stub networks <RouterB> display ospfv3 lsdb router LS age : 30 LS Type : Router-LSA Link State ID : 0.0.0.0 Originating Router: 10.1.255.4 . . . Link connected to : a Transit Network Metric : 1 Interface ID : 95551490 Neighbor Interface ID: 254935042 Neighbor Router ID : 10.1.255.1 . . . <RouterB> display ospfv3 lsdb network LS age : 417 LS Type : Network-LSA Link State ID : 15.50.0.2 Originating Router: 10.1.255.1 . . . Attached Router: 10.1.255.1 Attached Router: 10.1.255.2 Attached Router: 10.1.255.3 Attached Router: 10.1.255.4
= Type 1 LSA
= DR ID
= Type 2 LSA = DR interface ID
= Advertising router ID 1
2 1
2
= DR ID
= DR interface ID = Advertising interface ID
1
2
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 52
New Intra-Area Prefix LSAs (Type 9) Map network prefixes to links (by DR interface ID) Advertise stub networks (by router ID) <RouterB> display ospfv3 lsdb intra-prefix LS age : 504 LS Type : Intra-Area-Prefix-LSA Link State ID : 0.0.0.1 Originating Router: 10.1.255.1 . . . Referenced LS Type: 0x2002 Referenced Link State ID: 15.50.0.2 Referenced Originating Router: 10.1.255.1 Prefix : 2001:DB8:B:1::/64 . . . LS age : 497 LS Type : Intra-Area-Prefix-LSA Link State ID : 0.0.0.1 Originating Router: 10.1.255.4 . . . Referenced LS Type: 0x2001 Referenced Link State ID: 0.0.0.0 Referenced Originating Router: 10.1.255.4 Prefix : 2001:DB8:B:14::/64
1
= References Network LSA
= References by DR interface ID
= Maps this prefix to the link
2
= References Router LSA
= Maps this prefix to the router
1
2
= References by router ID
and DR ID
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 53
New Link LSAs (Type 8) • Flooded on the link only
• Advertise each routing interface’s link-local address to be used for next-hops
• Advertise prefixes and options for links
<RouterB> display ospfv3 lsdb link LS age : 823 LS Type : Link-LSA Link State ID : 5.178.0.2 Originating Router: 10.1.255.4 . . . Link-Local Address: FE80::D1 Number of Prefixes: 1 Prefix : 2001:DB8:B:1::/64 . . . <RouterB> display ospfv3 routing-table *Destination: 2001:DB8:B:14::/64 Type: I Cost: 2 NextHop: FE80::D1 Interface: Vlan3
1
1
= References by router interface ID and router ID
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 54
New Link LSAs (Type 8) (continued) In this topology, D
• Does not learn any addresses for C’s interfaces
• Still has all the information it needs to learn routes to links advertised by C
<RouterD> display ospfv3 routing-table *Destination: 2001:DB8:B:13::/64 Type: I Cost: 3 NextHop: FE80::A2 Interface: Vlan3
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 55
Benefits of the New LSA Scheme • Decoupling link state information and addressing:
• Increases protocol efficiency (fewer SPF recalculations)
• Enables links to support multiple prefixes
• Simplifies network readdressing
• Advertising link-local addresses for the next hop:
• Minimizes information required in LSDB
Topology unaffected
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 56
OSPFv3 Configuration Tasks
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 57
Lab Activity 8.2
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 58
Lab activity 8.2 debrief
What key insights did you have? What challenges did you confront and how did you solve them? What display commands helped you to assess and troubleshoot your configuration?
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 59
Discussion Topics
IPv6 background IPv6 interface addresses NDP IPv6 static routes OSPFv3 Other IPv6 features and protocols
Protocols related to IPv6 multicasting
QoS for IPv6
Transitioning from IPv4 to IPv6
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 60
IPv6 PIM PIM IPv6 PIM
Provides routing for IPv4 multicasts IPv6 multicasts
Routes used for RPF Any IPv4 unicast Any IPv6 unicast
Modes DM
SM
DM
SM
Neighbor discovery Hellos Hellos
Forwarding interface discovery
IGMP MLD
SM RP selection Manual
BSR
Manual
BSR
Embedded RP
Source model ASM
SSM
ASM
SSM
Administrative scopes Manually configured address ranges
Based on scope bits (FFx3 – FFxD)
All routers in the global scope (FFxE)
AllPIMRouters 224.0.0.13 FF02::D
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 61
MLD Like IGMP, MLD and MLD snooping work with PIM and minimize the flooding of multicast packets
Routing switch MLD querier
Switches MLD snooping
Multicast source
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 62
IPv6 QoS
8-bit Traffic Class field is equivalent to IPv4’s ToS 20-bit Flow label: Unique to IPv6
Requests special treatment for a flow
Can be processed without processing the packet
Remains unencrypted when IPsec is employed
Uses still being developed
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 63
Discussion Topics
IPv6 background IPv6 interface addresses NDP IPv6 static routes OSPFv3 Other IPv6 features and protocols Transitioning from IPv4 to IPv6
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 64
IPv6 Transition Mechanisms
Dual Stack allows coexistence of both IPv6 and IPv4 on the same infrastructure
Tunneling connects IPv6 sites over the IPv4 Internet
IPv6 Network
IPv6 Network
IPv6 Network
IPv4 Network
IPv4 Network
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 65
IPv4 and IPv6 Dual-stack
Allows coexistence of both IPv6 and IPv4 on the same infrastructure
VLAN 10
IPv4 Dual Stack
IPv6 Dual Stack
IPv4 IPv4
Dual Stack
IPv4 Stack
IPv6 Stack
SNMP, SSH, TimeP, SNTP, Telnet (6, TFTP (6) IPv4 address IPv6 address OSPFv2 OSPFv3 DHCP relay (Stateless auto)
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 66
Dual-stack Considerations Advantages Disadvantages
Greatest flexibility High memory and CPU demands
• Two routing tables
• Two routing protocols
• Firewall rules for both protocols
• Two network management configurations
Gradual transition to IPv6 Increased complexity (same reasons)
Network applications must distinguish between IPv6 and IPv4 peers
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 67
IPv6 over IPv4 Tunnels Quick and inexpensive
• At the border between IPv6 and IPv4, routing switches support dual stack
• Other devices use IPv6 or IPv4 as required
IPv4 Network
IPv6 Network IPv6 Network Router-to-Router Tunnel
IPv6/IPv4 Router v4 addr = A v6 addr = S
IPv6/IPv4 Router v4 addr = B v6 addr = T
V6 Source = Q v6 Dest = X
V6 Source = Q v6 Dest = X
V4 Source = A v4 Dest = B Protocol = 41
V6 Source = Q v6 Dest = X
IPv6 Node v6 addr = Q
IPv6 Node v6 addr = X
Several options • 6in4 tunnel or relay tunnel
• IPv4-compatible IPv6 tunnel
• Manual tunnel
• ISATAP tunnel
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 68
6to4 Tunnels
• 6to4 networks provide IPv6 prefixes to sites with an IPv4-only ISP • The 6to4 tunnel connects 6to4 sites
IPv4 Network
6to4 network
6to4 network
Router-to-Router Tunnel
2002:C000:201:1::/64 2002:CD00:7101:B::/64
Source interface = 192.0.2.1/24
Tunnel interface = 2002:C000:201:0::1/64
Protocol = IPv6-IPv4 6to4
Static route = 2002:CD00:7101::/48 through tunnel
Source interface = 203.0.113.1/24
Tunnel interface = 2002:CD00:7101:0::2/64
Protocol = IPv6-IPv4 6to4
Static route = 2002:C000:201::/48 through tunnel
IPv6/IPv4 6to 4 router 192.0.2.1/24 2002:C000:201:1::1/64
IPv6/IPv4 6 to 4 router 203.0.113.1/24 2002:CD00:7101:B::2/64
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 69
6to4 Tunnel Relays
6to4 relay tunnels connect 6to4 sites to normal IPv6 sites
IPv6 network
6to4 Network Router-to-Router Tunnel
Static route = 2001:DB8:A:B::/64 through 2002:CD00:7101:0::2
2002:C000:201:1::/64
Source interface = 192.0.2.1/24
Tunnel interface = 2002:C000:201:0::1/64
Protocol = IPv6-IPv4 6to4
Static route = 2002:CD00:7101::/48 through tunnel
or BGP4+
Source interface = 203.0.113.1/24
Tunnel interface = 2002:CD00:7101:0::2/64
Protocol = IPv6-IPv4 6to4
Static route = 2002:C000:201::/48 through tunnel
IPv6/IPv4 6to4 router 192.0.2.1/24 2002:C000:201:1::1/64
IPv6/IPv4 6to4 relay router 203.0.113.1/24 2001:DB8:A:B::2/64
2001:DB8:A:B ::/64
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 70
IPv4 Compatible IPv6 Tunnels
• Connects groups of nodes with normal IPv6 addresses through an IPv4 network • Tunnel uses IPv4-compatible IPv6 addresses
IPv4 Network
IPv6 Network
IPv6 Network
Router-to-Router Tunnel
IPv6/IPv4 Router 192.0.2.1/24 2001:DB8:1:2::1/64
Source interface = 192.0. 2.1/24
Tunnel interface = ::192.0. 2.1/96
Protocol = IPv6-IPv4 auto
Static route = 2001:DB8:A:B::/64 through ::203.0.113.1
Source interface = 203.0.113.1/24
Tunnel interface = ::203.0.113.1/96
Protocol = IPv6-IPv4 auto
Static route = 2001:DB8:1:2::/64 through ::192.0.2.1
2001:DB8:1:2::/64 2001:DB8:A:B::/64
IPv6/IPv4 Router 203.0.113.1/24 2001:DB8:A:B::2/64
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 71
Manual IPv6 over IPv4 Tunnels
• Connects normal IPv6 networks through an IPv4 network • Used when the tunnel uses global IPv6 addresses
IPv4 Network
IPv6 Network
IPv6 Network Router-to-Router Tunnel
IPv6/IPv4 Router 192.0.2.1/24 2001:DB8:1:2::1/64
Source interface = 192.0.2.1/24 Destination interface = 10.2.2.1/24
Tunnel interface = 3001::1/64 Protocol = IPv6-IPv4
Static route = 2001:DB8:A:B::/64 through tunnel or dynamic routing protocol
Source interface = 203.0.113.1/24 Destination interface = 10.1.1.1/24
Tunnel interface = 3001::2 /64 Protocol = IPv6-IPv4
Static route = 2001:DB8:1:2::/64 through tunnel or dynamic routing protocol
2001:DB8:1:2::/64 2001:DB8:A:B::/64
IPv6/IPv4 Router 203.0.113.1/24 2001:DB8:A:B::2/64
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 72
ISATAP Tunnels
• ISATAP nodes tunnel IPv6 traffic to nodes on same ISATAP subnet (IPv4 and IPv6 mix)
• ISATAP nodes tunnel traffic destined to IPv6 nodes in other subnets to the ISATAP router
IPv6 network ISATAP Node-to-Router Tunnel
IPv6/IPv4 Router 2001:DB8:1:2::1/64 10.1.1.1/24
Source interface = 10.1.1.1/24 Tunnel interface = 2001::5EFE:A01:101/64
Protocol = IPv6-IPv4 ISATAP
10.1.1.100/24 2001::5EFE:A01:164/64
2001:DB8:A:B::/64
10.1.1.2/24
10.1.1.10/24 2001::5EFE:A01:10A/64
IPv4 network
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 73
Summary
IPv6 interface addresses
IPv6 static routes
OSPFv3
IPv6 PIM
MLD
QoS for IPv6
IPv6 over IPv4 tunnels
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Learning Check
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 75
Tunnel Brokers Semi-automated mechanism for building configured tunnels
Eases scalability concerns somewhat
Typically employed between nodes and routers
Router-to-router also possible
IPv6 Network
Client Tunnel Server IPv4 Network
1
2
3
5 4
6
DNS Tunnel Broker
IPv6-in-IPv4 Tunnel
1. Configuration request
2. Tunnel Broker (TB) chooses
• Tunnel Server (TS)
• IPv6 addresses
• Tunnel lifetime
3. TB registers tunnel IPv6 addresses
4. Config info sent to TS
5. Config info sent to client
• Tunnel parameters
• DNS name
6. Tunnel enabled
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 76
Teredo Routing
ISP Network IPv4/IPv6
IPv4/IPv6 Internet
IPv6 Server
IPv6 Node Teredo Client
IPv4 Router
Teredo Relay
Home Network
NAT Box
Teredo Server
Teredo Setup
Teredo Packet UDP Tunnel to Relay and from Relay
IPv6 Packet to Server
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Thank you
top related