deploying ipv6 in cisco's labs by robert beckett at gogonet live! 3 ipv6 conference
DESCRIPTION
gogo6 IPv6 Video Series. Event, presentation and speaker details below: EVENT gogoNET LIVE! 3: Enterprise wide Migration. http://gogonetlive.com November 12 – 14, 2012 at San Jose State University, California Agenda: http://gogonetlive.com/4105/gogonetlive3-agenda.asp PRESENTATION Deploying IPv6 in Cisco's Labs Presentation video: http://www.gogo6.com/video/deploying-ipv6-in-cisco-s-labs-by-robert-beckett-at-gogonet-live Interview video: http://www.gogo6.com/video/interview-with-robert-beckett-at-gogonet-live-3-ipv6-conference SPEAKER Robert Beckett - Services Technical Leader, Cisco Systems Bio/Profile: http://www.gogo6.com/profile/RobertBeckett MORE Learn more about IPv6 on the gogoNET social network http://www.gogo6.com Get free IPv6 connectivity with Freenet6 http://www.gogo6.com/Freenet6 Subscribe to the gogo6 IPv6 Channel on YouTube http://www.youtube.com/subscription_center?add_user=gogo6videos Follow gogo6 on Twitter http://twitter.com/gogo6inc Like gogo6 on Facebook http://www.facebook.com/pages/IPv6-products-community-and-services-gogo6/161626696777TRANSCRIPT
![Page 1: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/1.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
Robert BeckettServices Technical Leader
November 14, 2012
![Page 2: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/2.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
• Network backbone – routers, switches, etc.
• Terminal servers, telnet, ssh, VNC, RDP, etc.
• File servers, VMware, etc.
• Services – DNS, DHCP, AAA, NTP, SNMP, etc.
• NMS – vendor and home-grown
• IP Phones, Wireless
• Power management, Room Access, Surveillance
• Thermostat, Cooling, Fire detectors, Lights …
![Page 3: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/3.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
• Network backbone – routers, switches, etc.
• Terminal servers, telnet, ssh, VNC, RDP, etc.
• File servers – VMware, etc.
• Enable IPv6 connectivity within lab
• Enable IPv6 connectivity between labs
• Enable IPv6 connectivity to Internet where needed
• IPv6 available for devices that need/want it
• Groundwork for future
![Page 4: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/4.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44
San Jose
RCDNBXB
RTP
Brussels
Beijing
Tokyo
Sydney
Bangalore
Emerging MarketsUS & Canada European Markets Asia Pacific/Japan
Strategy: combine the labs into one unified, scaled, virtual
system with common architecture and processes: One lab
service “cloud.”
![Page 5: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/5.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
• Support more TAC IPv6 cases -- recreates
• Be ready for the World IPv6 Launch Day: June 6th, 2012
• Greater Internet Addressability in lieu of very limited public IPv4 address space
• Greater Cisco Addressability in lieu of limited RFC1918 IPv4 Address Availability
![Page 6: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/6.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
• Dual stack
• Direct vs. 6in4 Tunnel
• RIPv6 / EIGRPv6 / OSPFv3 / IS-IS
• Only IS-IS is truly integrated, but this advantage is not too useful in a typical lab that has on the order of dozens of pods and hundreds of subnets
• We traditionally used EIGRP inside the lab, but RIPv6 is what Cisco IT uses for the 6in4 tunnels it creates
![Page 7: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/7.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
• Assigned /56 via IP transported via direct or GRE tunnel
• Full mesh tunnels, or home all tunnels to single router or to where IT tells you
• In our case, not a terribly strict hierarchy – mix of main gateway, intermediate gateways, L2/L3 switches, etc.
• Route IPv6 on all routers and L3 switches
• No need to worry about L2, except as hosts for mgmt
• Lab backbone via RIP for now – because of IT and desire to keep things simple, migrate to OSPF or EIGRP later
![Page 8: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/8.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
ipv6 unicast-routing
!
interface Tunnel0
description for 2001:db8:1bf:400::/56
no ip address
ipv6 address 2001:DB8:1BF:400::2/64
tunnel source Loopback0
tunnel destination 10.27.90.77
tunnel mode ipv6ip
!
interface Loopback0
ip address 131.108.84.1 255.255.255.255
![Page 9: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/9.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
interface Vlan11
description BACKBONE ETHERNET SWITCH VLAN
ipv6 address 2001:DB8:1BF:401::1/64
ipv6 rip v6 enable
ipv6 rip v6 default-information originate
!
interface Vlan240
ipv6 address 2001:DB8:1BF:4F0::1/64
!
ipv6 route ::/0 Tunnel0
ipv6 router rip v6
![Page 10: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/10.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
ipv6 unicast-routing
!
interface GigabitEthernet0/0
ipv6 address 2001:DB8:1BF:401::11/64
ipv6 rip v6 enable
!
interface GigabitEthernet0/1.54
encapsulation dot1Q 54
ipv6 address 2001:DB8:1BF:436::1/64
!
ipv6 router rip v6
![Page 11: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/11.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
• Via SLAAC/DHCP – address, subnet, gateway, DNS if available
interface x/y
ipv6 address autoconfig
• Static
interface x/y
ipv6 address 2001:DB8:1BF:436::88/64
!
ipv6 route ::/0 2001:DB8:1BF:436::1
ip name server X:X:X:X::X
ip domain name abc.org
![Page 12: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/12.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
• Some HW may need upgrading
• Likely some SW needs upgrading
• Cisco IPv6 feature support – EIGRP in SXI, IPv6 in ipbase, etc.
• Lab topology has “evolved” over so many years
• LARGE lab
• Little manpower for lab architecture
• IT infra not all IPv6 enabled; need some 6in4 tunnels
• Labeling! IPv6 subnets are longer and devices with more and more ports have less empty space to write them….
![Page 13: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/13.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
• In IPv6, subnet size worries gone
• DHCP vs. static range concerns gone – basically no chance of IPv6 address collision
• Switch feature -- Broadcast suppression no longer needed, multicast suppression still useful
• Subnet manager … IT / CALO
![Page 14: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/14.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
• Configure IPv6 addresses on more devices by default for IPv6 management – telnet, ssh, snmp, etc.
• Move from SLAAC to Stateless DHCPv6 and Stateful DHCPv6
• Migrate away from non-routable IPv4 address space in favor of corporate routable IPv6 address space
• Get IPv6 on our DMZ network
![Page 15: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/15.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
• Cisco Support Community:
https://supportforums.cisco.com/community/netpro/network-
infrastructure/ipv6-transition
• CCO IPv6 Main Page www.cisco.com/go/ipv6
![Page 16: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/16.jpg)
Thank you.
![Page 17: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/17.jpg)
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 17
![Page 18: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/18.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
• Discover Layer 3 device on local subnet
• Address assignment
Stateful (DHCP) vs Stateless Address assignment (SLAAC)
Server sends Network-Type Information
Prefix
Default Route
Host Address Is:
Prefix Received
+
Link-Layer Address
![Page 19: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/19.jpg)
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 19
Centralized server performs all addressing tasks
• Assigns IP addresses
• Keeps track of Client to address mapping
• Provides additional network information
DNS server
Default gateway
Examples of Stateful Address protocols
• DHCP
Client dynamically takes on addressing tasks
• Chooses own IP address
EUI-64
• DAD used to avoid address duplication
• Additional network information not provided by default
Provided by supporting server
Examples of Stateless Address protocols
• SLAAC (StateLess Address AutoConfiguration)
![Page 20: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/20.jpg)
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 20
DHCPv6 server will allocate one or more IPv6 addresses or prefixes to a DHCPv6 client
DHCP options can be provided to client
• DNS server
• Domain name
DHCPv6 server maintains state
• Stores the leased IPv6 addresses and lease details in its database
Two messages are used
• INFORMATION-REQUEST
• REPLY
DHCPv6 server only provides configuration information
• DNS server
• Domain name
Assumption:
• Client will acquire IPv6 address through other means (SLAAC)
![Page 21: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/21.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
• RA can be disabled because DHCP takes care of address assignment
ipv6 dhcp pool IPV6_DHCPPOOL
address prefix 2001:DB8:1000::/64 lifetime infinite infinite
link-address 2001:DB8:1000::1/64
dns-server 2001:DB8:1000::4222
domain-name cisco.com
!
interface Ethernet0/0
ipv6 address 2001:DB8:1000::1/64
ipv6 enable
ipv6 nd ra suppress
ipv6 dhcp server IPV6_DHCPPOOL
![Page 22: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/22.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
• By default, SLAAC only allows the client to configure an IP address and default route, no additional information
• SLAAC must be configured to use other-config-flag options in order to provide DNS and domain name information via the DHCP config
This information is still provided through SLAAC, just configured via DHCP
ipv6 dhcp pool IPV6_DHCPPOOL
dns-server 2001:DB8:1000::4222
domain-name cisco.com
!
interface Ethernet0/0
ipv6 address 2001:DB8:1000::1/64
ipv6 enable
ipv6 nd other-config-flag
ipv6 dhcp server IPV6_DHCPPOOL
![Page 23: Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conference](https://reader034.vdocuments.mx/reader034/viewer/2022042714/54b366fe4a795977358b45c0/html5/thumbnails/23.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
• IPv6’s larger address space enables:
Use of link layer addresses inside the address space via eui-64 format
Dynamic client address autoconfiguration with “no collisions” (DAD)
Plug and play support