1 college of dupage ccnp1 v5.0 building scalable internetworks: module 8: ipv6 by tony chen 05-2007

120
1 College of DuPage CCNP1 V5.0 CCNP1 V5.0 Building Scalable Internetworks: Building Scalable Internetworks: Module 8: Module 8: IPV6 By Tony Chen 05-2007

Upload: joselyn-parcells

Post on 22-Dec-2015

217 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

1

College of DuPageCCNP1 V5.0 CCNP1 V5.0

Building Scalable Internetworks:Building Scalable Internetworks:

Module 8: Module 8: IPV6

By Tony Chen

05-2007

Page 2: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

2

Overview• The explosion of new IP-enabled devices and the

growth of undeveloped regions have fueled the need for more addresses.– IP version 6 (IPv6) was developed to overcome the

limitations of the current standard, IP version 4 (IPv4).

• This module provides an overview of IPv6, IPv6 addressing and routing, OSPFv3, and IPv4 to IPv6 translation.

Page 3: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

3

Federal agencies must use the next-generation Internet service known as Internet protocol version 6 (IPv6) by June 2008, the White House Office of Management and Budget

announced

http://www.whitehouse.gov/omb/memoranda/fy2005/m05-22.pdf

IPv6

Page 4: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

4

Long Term Solution: IPv6 Preparing for IPv6 Management Challenges

• Managing parallel IPv4 and IPv6 networks during the transition to IPv6Several transition technologies are available today that enable the parallel existence of IPv4 and IPv6 networks, including:

• IPv4-compatible IPv6 addresses • 6over4 addresses • 6to4 addresses • Static and dynamic tunnels  • Dual stack • Intra-Site Automatic Tunnel Access Protocol (ISATAP) • IPv4 network address translator (NAT) traversal for IPv6

(Teredo)

By John Jason Brzozowski, Principle Engineer, Lucent Technologies

http://www.lucent.com/osssentinel/c2/c2a6.html

Page 5: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

5

What ever happened to IPv5? • IPv5 (Internet Protocol, version 5) was

assigned to an experimental protocol called ST (Internet Stream Protocol). – ST was first defined in 1979 in IEN 119

(Internet Engineering Note), and was later revised in RFC 1190 (ST2) and RFC 1819 (ST2+).

– ST was envisioned to be the connection oriented complement to IPv4, but it has never been introduced for public usage.

– Many of the concepts available in ST can be found today in MPLS.

Page 6: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

6

What is wrong with IPv4? • http://www.potaroo.net/tools/ipv4/

– Projected IANA Unallocated Address Pool Exhaustion: 25-Jun-2011

– Projected RIR Unallocated Address Pool Exhaustion: 01-Jun-2012

• http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_8-3/ipv4.html– Tony Hain of Cisco predicts the exhaustion date to be

around March 2010.

Page 7: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

7

What is wrong with IPv4?

Page 8: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

8

IPv4: Class A distribution1.0.0.0 – IANA2.0.0.0 – IANA3.0.0.0 – GE4.0.0.0 – Level 35.0.0.0 – IANA6.0.0.0 – DoD7.0.0.0 – DoD8.0.0.0 – Level 39.0.0.0 – IBM10.0.0.0 – IANA11.0.0.0 – DoD12.0.0.0 – AT&T13.0.0.0 – Xerox14.0.0.0 – IANA15.0.0.0 – HP16.0.0.0 – HP17.0.0.0 – Apple18.0.0.0 – MIT19.0.0.0 – Ford Motor20.0.0.0 – CSC21.0.0.0 – DoD22.0.0.0 – DoD23.0.0.0 – IANA24.0.0.0 – Comcast25.0.0.0 – UK (*)26.0.0.0 – DoD27.0.0.0 – IANA28.0.0.0 – DoD29.0.0.0 – DoD30.0.0.0 – DoD

31.0.0.0 – IANA32.0.0.0 – AT&T33.0.0.0 – DoD34.0.0.0 – Halliburton35.0.0.0 – Merit Net36.0.0.0 – IANA37.0.0.0 – IANA38.0.0.0 – Performance39.0.0.0 – IANA40.0.0.0 – Eli Lilly41.0.0.0 – AFRINIC (*)42.0.0.0 – IANA43.0.0.0 – Japan (*)44.0.0.0 – Amateur Radio45.0.0.0 – Interop46.0.0.0 – IANA47.0.0.0 – Bell N48.0.0.0 – Prudential49.0.0.0 – IANA50.0.0.0 – IANA51.0.0.0 – UK (*)52.0.0.0 – DuPont53.0.0.0 – DE (*)54.0.0.0 – Merck55.0.0.0 – Headquarters56.0.0.0 – USPS57.0.0.0 – France (*)58.0.0.0 – APNIC (*)59.0.0.0 – APNIC (*)60.0.0.0 – APNIC (*)

61.0.0.0 – APNIC (*)62.0.0.0 – RIPE (*)63.0.0.0 – UUNET and ….64.0.0.0 – XO and …65.0.0.0 – BellSouth and …66.0.0.0 – Deltacom and …67.0.0.0 – Qwest and …68.0.0.0 – Cox and …69.0.0.0 – SBC and …70.0.0.0 – Spring and some CA (*)71.0.0.0 – Embarq and …72.0.0.0 – Citistreet and …73.0.0.0 – Comcast74.0.0.0 – Covad and …75.0.0.0 – SBC and …76.0.0.0 – Embark and …77.0.0.0 – RIPE (*)78.0.0.0 – RIPE (*)79.0.0.0 – RIPE (*)80.0.0.0 – RIPE (*)81.0.0.0 – RIPE (*)82.0.0.0 – RIPE (*)83.0.0.0 – RIPE (*)84.0.0.0 – RIPE (*)85.0.0.0 – RIPE (*)86.0.0.0 – RIPE (*)87.0.0.0 – RIPE (*)88.0.0.0 – RIPE (*)89.0.0.0 – RIPE (*)90.0.0.0 – RIPE (*)

91.0.0.0 – RIPE (*)92.0.0.0 – RIPE(*)93.0.0.0 – RIPE(*)94.0.0.0 – IANA95.0.0.0 – IANA96.0.0.0 – Arin and IANA97.0.0.0 – Cellco and ..98.0.0.0 – IANA99.0.0.0 – ….100.0.0.0 – IANA101.0.0.0 – IANA102.0.0.0 – IANA103.0.0.0 – IANA104.0.0.0 – IANA105.0.0.0 – IANA106.0.0.0 – IANA107.0.0.0 – IANA108.0.0.0 – IANA109.0.0.0 – IANA110.0.0.0 – IANA111.0.0.0 – IANA112.0.0.0 – IANA113.0.0.0 – IANA114.0.0.0 – IANA115.0.0.0 – IANA116.0.0.0 – APNIC (*)117.0.0.0 – APNIC(*)118.0.0.0 – APNIC(*)119.0.0.0 – APNIC(*)120.0.0.0 – APNIC(*)

121.0.0.0 – APNIC (*)122.0.0.0 – APNIC (*)123.0.0.0 – APNIC (*)124.0.0.0 – APNIC (*)125.0.0.0 – APNIC (*)126.0.0.0 – APNIC (*)127.0.0.0 – IANA

04/17/2007

ARIN (North America),

RIPE NCC (Europe),

APNIC (Asia/Pacific),

LACNIC (Latin America)

AfriNIC (Africa)

Page 9: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

9

IPv4 Allocations• The United States, 4% of the world

population, has 59.50% of the IPv4 address space.

• Japan, with 2% of the world population, has 6.43% of the IPv4 address space.

• Europe, with 11% of the world population, has 5.14% of the IPv4 address space.

• The rest of the world, with 93% of the world population, has the remaining 28.93% of the IPv4 address space.

http://ieee1588.nist.gov/2006%20IEEE1588%20Agenda/Elliot_IEEE_1588_over_IPv6_f.pdf

Page 10: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

10

IPv4 /8 (256) Allocations• The chart in Figure shows the distribution

of all 256 IANA /8 allocation units in IPv4 as of July 1, 2005.

• The Central registry represents the allocations made prior to the formation of the Regional Internet Registries (RIRs). ARIN (North America), RIPE NCC (Europe), APNIC (Asia/Pacific), LACNIC (Latin America), and AfriNIC (Africa) are the organizations managing registrations for each of their respective regions.

• RFC 3330 discusses the state of the Defined and Multicast address blocks. The Experimental block (also known as Class E — RFC 1700) was reserved, and many widely deployed IPv4 stacks considered its use to be a configuration error.

• The bottom bar shows the remaining useful global IPv4 pool. To be clear, when the IANA pool is exhausted there will still be space in each of the RIR pools.

www.cisco.com/ipj Volume 8, Number 3

Page 11: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

11

Emergency measures• Allocate exceptionally class B addresses• Re-use class C address space• CIDR (Classless Internet Domain Routing)

– RFC 1519– network address = prefix/prefix length– less address waste– recommend aggregation (reduce routing table length)

• Private Addresses– RFC 1918– Allow private addressing plans– Addresses are used internally– Similar to security architecture with firewall– Use of proxies or NAT to go outside– RFC 1631, 2663 and 2993

Page 12: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

12

NAT• Advantages:

– Reduce the need of official addresses

– Ease the internal addressing plan

– Transparent to some applications

– Security?

• Disadvantages:– Translation

sometime complex (e.g. FTP)

– Does not scale– Breaks the end-

to-end paradigm– Security with

IPsec

Page 13: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

13

8.1 Explaining IPv6  Introducing IPv6

• Because of IPv6’s generous 128-bit address space, it can generate a virtually unlimited stock of addresses—enough to allocate to everyone on the planet.

• However, IPv4 is in no danger of disappearing overnight. – Rather, it will coexist with and then gradually be

replaced by IPv6. • This change has already begun, particularly in

Europe, Japan, and Asia Pacific. – These areas have been exhausting their allotted

IPv4 addresses, which makes IPv6 all the more attractive.

Cisco Systems currently supports IPv6 in Cisco IOS Software Release 12.2(2)T and later.

Page 14: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

14

IPv6 address spaces is hierarchically distributed globally

• Responsibility for management of IPv6 address spaces is distributed globally in accordance with the hierarchical structure shown below

http://www.ripe.net/docs/ipv6policy.html

Page 15: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

15

IPv6 numbering• Well hear it is

• 2^128 = 340,282,366,920,938,463,463,374,607,431,768,211,456

• To say this number out loud just read the following.–340 undecillion,282 decillion,366 nonillion,920 octillion,938 septillion,463 sextillion,463 quintillion,374 quadrillion,607 trillion,431 billion,768 million,211 thousand,456

• For numbers larger than that this is the order.–vigintillion, novemdecillion ,octodecillion, septendecillion, sexdecillion, quindecillion, quattuordecillion, tredecillion, duodecillion, undecillion, decillion, nonillion, octillion, septillion, sextillion, quintillion, quadrillion, trillion, billion, million, thousand,

Page 16: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

16

How big is IPv6?• You may or may not realize it, but 128 bit addresses allow for

2^128=340,282,366,920,938,463,463,374,607,431,768,211,456 total theoretically assignable addresses.

• To understand just how large that number is, recognize that the surface area of the earth is usually considered to be about 196,950,000 square miles. – There are 5280*5280 square feet in a square mile, and 12*12 square inches in a

square foot.

– Multiplying 196,950,000*5280*5280*12*12, we find that the approximate surface area of the earth is 790,653,726,720,000,000 square inches.

• If you divide 340,282,366,920,938,463,463,374,607,431,768,211,456 (the upper bound on the number of IPv6 addresses) by 790,653,726,720,000,000 (the approximate surface area of the earth in square inches) that implies you can assign over 3.7x10**21 addresses per square inch of the earth's surface. That should be enough addresses for most requirements, at least for the foreseeable future!

Page 17: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

17

IPv6 Features • IPv6 is a powerful enhancement to IPv4:

– Larger address space: • Offers improved global reachability and flexibility;

• Aggregation of prefixes that are announced in routing tables;

• Multihoming to several ISPs;

• Autoconfiguration that can include link-layer addresses in the address space;

• Plug-and-play options;

• Public-to private readdressing end to end without address translation; Simplified mechanisms for address renumbering and modification.

– Simpler header: • Provides better routing efficiency;

• No broadcasts and thus no potential threat of broadcast storms;

• No requirement for processing checksums;

• Simpler and more efficient extension header mechanisms;

• Flow labels for per-flow processing with no need to open the transport inner packet to identify the various traffic flows.

Page 18: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

18

IPv6 Features (cont.)• IPv6 is a powerful enhancement to IPv4:

– Mobility and security:• Mobile IP is available for both IPv4 and IPv6.

– The standard enables mobile devices to move without breaks in established network connections.

– Because IPv4 does not automatically provide this kind of mobility, you must add it with additional configurations.

• IPsec is available for both IPv4 and IPv6. – Although the functionalities are essentially identical in both

environments, IPsec is mandatory in IPv6. – IPsec is enabled on every IPv6 node and is available for use..

– Transition richness: You can incorporate existing IPv4 capabilities in IPv6 in the following ways:

• Configure a dual stack with both IPv4 and IPv6 on the interface of a network device.

• Use the technique IPv6 over IPv4 (also called 6to4 tunneling), which uses an IPv4 tunnel to carry IPv6 traffic.

• Cisco IOS Release 12.3(2)T (and later) also allows protocol translation (NAT-PT) between IPv6 and IPv4. This translation allows direct communication between hosts speaking different protocols.

Page 19: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

19

Large Address Space • IPv6 increases the number of address bits to 128.

– However, as in any addressing scheme, not all the addresses are used or available.

http://www.iana.org/assignments/ipv6-address-space

RFC 4291: IP Version 6 Addressing Architecture

2000:: /3

0 0 1 X

Page 20: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

20

Large Address Space • IPv6 increases the number of address bits to 128.

– However, as in any addressing scheme, not all the addresses are used or available.

http://www.ripe.net/ripe/meetings/ripe-43/tutorials/ripe43-ipv6-tutorial.pdf

128 – 3 = 125 bits => 4.25352959 × 1037

Page 21: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

21

Total number of allocated IPv6 prefixes per RIR on 16/04/2007

http://www.ripe.net/rs/ipv6/stats/

16/04/2007

Page 22: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

22

Total number of allocated IPv6 prefixes per RIR on 16/04/2007

http://www.ripe.net/rs/ipv6/stats/

2000::/3 Global Unicast [RFC4291]16/04/2007

Page 23: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

23

IPv6 Initial Allocation and Annual Renewal Fees

http://www.arin.net/billing/fee_schedule.html

16/04/2007

Is it possible to buy IPv6 address space?No, organizations cannot "buy" IP addresses. Organizations approved for receiving IPv6 addresses are given "custodianship" of IPv6 addresses and are not to be considered the "owner" of address space. Similarly, organizations receiving IPv6 address space do not own the addresses they use. In fact, it is possible that at some point in the future, IPv6 space may have to be returned which would require renumbering networks.

Page 24: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

24

Large Address Space (cont.)• Larger address spaces make room for

large address allocations to ISPs and organizations.

• An ISP aggregates all the prefixes of its customers into a single prefix and announces the single prefix to the IPv6 Internet.

• The increased address space is sufficient to allow organizations to define a single prefix for the entire network.

Page 25: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

25

8.2 IPv6 Addressing  IPv6 Addressing Architecture

• The IPv4 header contains 12 basic header fields, followed by an options field and a data portion.

– The basic IPv4 header has a fixed size of 20 octets.

– The variable-length options field increases the size of the total IP header.

• Routers handle fragmentation in IPv4, which causes a variety of processing issues. IPv6 routers do not perform fragmentation.

– Instead, a discovery process determines the optimum MTU to use during a given session.

– If the device receives an “ICMP packet too big” message, it retransmits the MTU discover packet with a smaller MTU and repeats the process until the discover packet arrived intact. Then it sets the MTU for the session.

• Link-layer already perform checksum and error control. Because link-layer are relatively reliable, an IP header checksum is considered to be redundant.

– Without the IP header checksum, the upper-layer optional checksums, such as UDP are now mandatory.

Page 26: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

26

IPv6 Addressing Architecture

Page 27: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

27

Comparing IPv4 and IPv6 Headers • IPv6 header has 40 octets, in contrast to 20 octets in IPv4.

– Version: 4-bit field, the same as in IPv4. It contains the number 6 instead of the number 4 for IPv4.

– Traffic Class: 8-bit field similar to the ToS field in IPv4. These functionalities are the same for IPv6 and IPv4.

– Flow Label: 20-bit field that allows a particular flow of traffic to be labeled. It can be used for multilayer switching techniques and faster packet-switching.

– Payload Length: Similar to the Total Length field in IPv4. It specifies the length of the payload, in bytes.

– Next Header: Specifies which header follows the IPv6 packet header. It can be a transport-layer packet, such as TCP or UDP, or it can be an extension header. This field is similar to the Protocol field in IPv4.

– Hop Limit: Specifies the maximum number of hops that an IP packet can traverse, similar to the TTL field in IPv4.

– Source Address: This field has 16 octets or 128 bits.

– Destination Address: This field has 16 octets or 128 bits.

– Extension Headers: Follows the previous eight fields. The number of extension headers is not fixed, so the total length of the extension header chain is variable.

IPV6 also eliminates the IPv4 40-octet limit on options.

Page 28: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

28

IPv6 Extension Headers

http://www.cisco.com/en/US/tech/tk872/technologies_white_paper0900aecd8054d37d.shtml

Page 29: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

29

IPv6 Extension Headers

http://www.cisco.com/en/US/tech/tk872/technologies_white_paper0900aecd8054d37d.shtml

Page 30: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

30

IPv6 Extension Headers

Hop-by-hop – Always the first extension– Replace IPv4 options,– Analyzed by every router.

Page 31: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

31

IPv6 Extension Headers

Page 32: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

32

IPv6 Extension Headers

Figure 6. Forwarding IPv6 Packets with Extension Headers other than Hop-by-Hop in the Absence of ACLs

Figure 5. Forwarding IPv6 Packets with the Hop-by-Hop Extension Header

Page 33: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

33

IPv6 Extension Headers • When multiple extension headers are used in the same packet,

the order of the headers should be as follows: – IPv6 header: Basic header. – Hop-by-hop options header: When used for the router alert

(RSVP and MLDv1) and the jumbogram, this header is processed by all hops in the path of a packet. When present, the hop-by-hop options header always follows immediately after the basic IPv6 packet header.

– Destination options header (when the routing header is used): This header can follow any hop-by-hop options header. Alternatively, the destination options header is processed only at the final destination. For example, mobile IP.

– Routing header: Used for source routing and mobile IPv6. – Fragment header: Used when a source must fragment a packet

that is larger than the MTU for the path between itself and a destination device.

– Authentication header and Encapsulating Security Payload header: Used within IPsec to provide authentication, integrity, and confidentiality of a packet. The authentication header and the ESP header are identical for IPv4 and IPv6.

– Upper-layer header: The two main transport protocols are TCP and UDP.

Page 34: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

34

Defining Address Representation • The 128-bit IPv6 addresses are breaking up

into eight 16-bit segments. – Each segment is written in hexadecimal

between 0x000 and 0xFFF, separated by colons. – The hexadecimal digits A, B, C, D, E, and F

represented in IPv6 are not case sensitive.

• Guidelines for IPv6 address notations:– Leading zeros in a field are optional,

• so 09C0 = 9C0 and 0000 = 0.

– Successive fields of zeros can be represented as “::” only once in an address.

• For example, FF01:0:0:0:0:0:0:1 becomes FF01::1.

• If two “::” notations are placed in the address, there is no way to identify the size of each block of zeros.

– An unspecified address is written as “::” because it contains only zeros.

2001:0f68:0000:0000:0000:0000:1986:69af2001:f68:000:000:000:000:1986:69af2001:f68:00:00:00:00:1986:69af2001:f68:0:0:0:0:1986:69af2001:f68::1986:69af

Page 35: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

35

IPv6 Address Types

Page 36: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

36

IPv6 Address Types • Three types of IPv6 addresses:

Unicast address

– Multicast address

– Anycast address

• A fundamental feature of IPv6 is that a single interface may also have multiple IPv6 addresses of any type (unicast, anycast, and multicast).

Unicast AddressA unicast address identifies a single device. All interfaces are required to have at least one link-local unicast address. .

• There are two types of unicast addresses:– Link-local unicast address: The address is unique only

on this link, and it is not routable off the link.

– Global unicast address: Globally unique, so it can be routed globally with no modification.

• Note: There is also a site-local unicast address; however, the IETF is currently working on removing or replacing site-local addresses.

Page 37: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

37

RFC 4291: IP Version 6 Addressing ArchitectureGlobal unicast address

• New format of global unicast address– The TLA/NLA scheme has been replaced by a

“global routing prefix”– SLA scheme has been replaced by a “Subnet ID”

Page 38: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

38

RFC 4291: IP Version 6 Addressing Architecture

FEC0::/10 was previously defined as a Site-Local scoped address prefix. This definition has been deprecated as of September 2004 [RFC3879].

Example 3–1 Parts of the Link-Local Unicast AddressWarning: many website shows wrong link-local address format.

http://docs.sun.com/app/docs/doc/816-4554/6maoq01lq?a=view54 bits 64 bits

Link-local unicast address

Page 39: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

39

IPv6 Address Types • Three types of IPv6 addresses:

– Unicast address Multicast address

– Anycast address

Multicast Address– Broadcasts are replaced by multicast addresses. Multicast

enables efficient network operation by using functionally specific multicast groups to send requests to a limited number of computers on the network.

Page 40: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

40

IPv6 Address Types • Three types of IPv6 addresses:

– Unicast address

– Multicast address Anycast address

Anycast AddressIPv6 also defines a new type of address called anycast. An anycast address identifies a list of devices or nodes; therefore, an anycast address identifies multiple interfaces.

• A packet sent to an anycast address is delivered to the closest interface, as defined by the routing protocols in use.

• Anycast addresses are syntactically indistinguishable from global unicast addresses, because anycast addresses are allocated from the global unicast address space.

– Note: Anycast addresses cannot be used as the source address of an IPv6 packet.

Page 41: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

41

IPv6 Global Unicast and Anycast Addresses • Global unicast and anycast share the same format.

– The unicast address space allocates the anycast addresses. – When a unicast address is assigned to more than one

interface, thus turning it into an anycast address.– A packet that is sent to an anycast address routes to the

closest device or interface that shares the address. – A sender creates a packet with the anycast as the destination

address and forwards it to its nearest router.

• An example of anycast use in a BGP multihomed network – when a customer has multiple ISPs with multiple connections

to one another. The customer can configure a different anycast address for each ISP. However, the routers along the path determine the closest router to reach that ISP using the IPv6 anycast address.

• Another use for an anycast is when a LAN is attached to multiple routers. These routers can have the same IPv6 anycast address so that distant devices need to identify only the anycast address.

– Intermediate devices can choose the best pathway to reach the closest entry point to that subnet.

Page 42: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

42

Required IPv6 addresses (RFC 4291)• Node

– Link local address

• for each interface

– Any additional unicast and anycast addresses (manually or automatically conf)

– Loopback address

– The all-nodes multicast address

– Solicited-node multicast address for each of unicast and anycast address

– Multicast addresses of all other groups the node belongs to

• Router

– All addresses a host must recognized

– The subnet-router anycastaddresses for all interfaces …

– All other anycast addresses the router has been configured

– The all-routers multicast addresses group.

Page 43: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

43

8.3 Dynamic IPv6 Addresses  Defining Host Interface Addresses

• An IPv6 address has two parts: – A subnet prefix representing the

network to which the interface is connected.

• The subnet prefix is a fixed 64-bit length for all current definitions.

– A local identifier, sometimes called a token, which uniquely identifies the host on the local network.

• The local identifier is always 64 bits and is dynamically created based on Layer 2 media and encapsulation.

• In the simple case of an Ethernet medium, the local identifier is usually derived from the EUI-48 MAC address.

Page 44: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

44

Link Local Address • Link-local addresses can also be

thought of as the host portion of an IPv6 address. – The address is unique only on this link,

and it is not routable off the link.

– Packets with a link-local destination must stay on the link where they were generated.

• Link-local addresses are dynamically created using a link-local prefix of FE80::/10 and a 64-bit interface identifier in a process called stateless autoconfiguration.

Page 45: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

45

Stateless Autoconfiguration • Stateless autoconfiguration is a plug-and-play feature

that enables devices to automatically connect to an IPv6 network without manual configuration and without any servers (like DHCP servers).

– DHCP and DHCPv6 are known as stateful protocols because they maintain tables within dedicated servers.

• For a system connected to an Ethernet link, building and validating the link-local address is accomplished in the following phases.

• Phase 1: obtain a unique identifier The most common method to obtain a unique identifier on an Ethernet link is by using the EUI-48 MAC address and applying the modified IEEE EUI-64 standard.

– For example, transforming MAC address 00-0C-29-C2-52-FF using the EUI-64 standards leads to 00-0C-29-FF-FE-C2-52-FF.

– If this address is to remain local, the IPv6 notation would be 000C:29FF:FEC2:52FF.

– However, if the address is to be a global unicast address, the correct format is 020C:29FF:FEC2:52FF.

Page 46: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

46

Stateless Autoconfiguration (cont.) • Phase 2: prepend prefix fe80::/64

The link-local prefix fe80::/64 is prepended to the 64-bit identifier to create the 128-bit link-local address,

– for example, fe80::20c:29ff:fec2:52ff. This address is associated with the interface and tagged “tentative.”

• Phase 3: Use ICMPv6 to verify uniquenessBefore final association, it is necessary to verify the address’s uniqueness on the link, called duplicate address detection (DAD). Some vendors have shipped batches of cards with the same MAC addresses.

– The system sends ICMPv6 packets on the link.

– If there is no response, it is assumed that the address is unique and can be assigned to the interface.

– If the address is not unique it must be manipulated manually.

• Phase 4: Remove tentative tag and assign the addressThis phase removes the tentative tag and formally assigns the address to the network interface. The system can now communicate with its neighbors on the link.

Page 47: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

47

EUI-64 to IPv6 Identifier • A MAC address (IEEE 802) is 48 bits long. The space for

the local identifier in an IPv6 address is 64 bits. – The EUI-64 standard stretch IEEE 802 addresses from 48 to 64

bits by inserting the 16-bit 0xFFFE in the middle at the 24th bit of the MAC address.

– For example, transforming MAC address 00-90-27-17-FC-0C using the EUI-64 results in 00-90-27-FF-FE-17-FC-0C.

– Converting this into IPv6 notation would generate 0090:27FF:FE17:FC0C.

• Universal/Local (U/L) The seventh bit referred to as the universal/local bit, or U/L bit. This bit identifies whether this interface identifier is universally or locally administered.

– If the U/L bit is set to 0, the address is locally administered. The network administrator has overridden the manufactured address and specified a different address.

– If the U/L bit is set to 1, the IEEE, through the designation of an ISP, has administered the address.

• Therefore, to make this address a universally administered address, our IPv6 address 0090:27FF:FE17:FC0C would actually become 0290:27FF:FE17:FC0C.

Page 48: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

48

EUI-64 to IPv6 Identifier (cont.)• Individual/Group (I/G)

The I/G bit is the low order bit of the first byte and determines whether the address is an individual address (unicast) or a group address (multicast). When set to 0, it is a unicast address. When set to 1, it is a multicast address.

For a typical 802.x network adapter address, both the U/L and I/G bits are set to 0, corresponding to a universally administered unicast MAC address.

Page 49: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

49

EUI-64 to IPv6 Identifier (cont.)

• RFC 2464 • The Interface Identifier is then formed from the EUI-64 by complementing the

"Universal/Local" (U/L) bit, which is the next-to- lowest order bit of the first octet of the EUI-64. Complementing this bit will generally change a 0 value to a 1, since an interface's built-in address is expected to be from a universally administered address space and hence have a globally unique value. A universally administered IEEE 802 address or an EUI-64 is signified by a 0 in the U/L bit position, while a globally unique IPv6 Interface Identifier is a globally unique IPv6 Interface Identifier is signified by a 1 in the corresponding positionsignified by a 1 in the corresponding position.

Page 50: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

50

EUI-64 to IPv6 Identifier (cont.)

• RFC 2464

• The Interface Identifier is then formed from the EUI-64 by complementing the "Universal/Local" (U/L) bit, which is the next-to- lowest order bit of the first octet of the EUI-64. Complementing this bit will generally change a 0 value to a 1, since an interface's built-in address is expected to be from a universally administered address space and hence have a globally unique value. A universally administered IEEE 802 address or an EUI-64 is signified by a 0 in the U/L bit position, while a globally unique IPv6 Interface Identifier is a globally unique IPv6 Interface Identifier is signified by a 1 in the corresponding positionsignified by a 1 in the corresponding position.

• My PC

• Convert from 48 bit to 64 bit address– Add ff:fe

– Flip the global bit

netsh interface ipv6 show neighbor

Page 51: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

51

Packet propagation and switching within a router 1

Page 52: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

52

Packet propagation and switching within a router 2

Page 53: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

53

Packet propagation and switching within a router 3

4

Page 54: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

54

Packet propagation and switching within a router

4

Page 55: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

55

Packet propagation and switching within a router 5

Page 56: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

56

Packet propagation and switching within a router 6

7

Page 57: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

57

Packet propagation and switching within a router

7

Page 58: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

58

Packet propagation and switching within a router

8

Page 59: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

59

Packet propagation and switching within a router

9

Page 60: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

60

Privacy issues• Interface Identifier can be used

to trace a user:– The prefix changes, but the

interface ID remains the same,– Psychological issue.

• Possibility to change Interface ID (RFC 3041)– If local storage, use MD5

algorithm– Otherwise draw a random

number

Page 61: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

61

Privacy and security of EUI-64• Because of certain privacy and security

concerns, the implementation of autoconfiguration by a host may also create a random interface identifier using the MAC address as a base. – This is considered a privacy extension because,

without it, creating an interface identifier from a MAC address provides the ability to track the activity and point of connection.

– Microsoft Windows XP currently supports the implementation of this capability and prefers to use this address for outgoing communication, because the address has a short lifetime and is regenerated periodically.

Page 62: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

62

IPv6 over Data Link Layers • The data link layer defines how IPv6 interface

identifiers are created and how neighbor discovery deals with data link layer address resolution.

• IPv6 is defined on most of the current data link layers, including the following:

– Ethernet*

– PPP*

– High-Level Data Link Control (HDLC)*

– FDDI

– Token Ring

– Attached Resource Computer Network (ARCNET)

– Nonbroadcast multiaccess (NBMA)

– ATM**

– Frame Relay***

– IEEE 1394

* Cisco supports these data link layers.** Cisco supports only ATM permanent virtual circuit (PVC) and ATM LAN Emulation (LANE).*** Cisco supports only Frame Relay PVC.

Page 63: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

63

IPv6 Multicasting • Multicasting is extremely important to IPv6, because it

is at the core of many IPv6 functions. – Multicast is frequently used in IPv6 and replaces

broadcast. There is no broadcast in IPv6. There is no TTL in IPv6 multicast.

• The format of the multicast address is as follows: – IPv6 multicast addresses has the prefix FF00::/8.

– The second octet defines the lifetime (flag) and the scope of the multicast address.

• The flag parameter – 0 for a permanent, or well-known, multicast address.

– 1 for temporary multicast address.

• The scope parameter – 1 for the scope of the interface (loopback transmission),

– 2 for the link scope (similar to unicast link-local scope),

– 3 for subnet-local scope where subnets may span multiple links,

– 4 for admin-local scope (administratively configured),

– 5 for the site scope,

– 8 for the organizational scope (multiple sites),

– E for the global scope.

– The multicast group ID consists of the lower 112 bits of the multicast address.

Page 64: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

64

Permanent Multicast Addresses • The multicast addresses, FF00:: to FF0F::, are reserved.

• Within that range, the following are some examples of assigned addresses. Assignments are tracked by IANA.

– FF02::1 — All nodes on link (link-local scope).

– FF02::2 — All routers on link.

– FF02::9 — All IPv6 RIP routers on link.

– FF02::1:FFXX:XXXX — Solicited-node multicast on link, where XX:XXXX is the rightmost 24 bits of the corresponding unicast or anycast address of the node. (Neighbor solicitation messages are sent on a local link when a node wants to determine the link-layer address of another node on the same local link, similar to ARP in IPv4.)

– FF05::101 — All Network Time Protocol (NTP) servers in the site (site-local scope).

• The site-local multicast scope has an administratively assigned radius and has no direct correlation to the (now deprecated) site-local unicast prefix of FEC0::/10.

Page 65: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

65

Addresses That Are Not Unique• In very rare cases, the rightmost 24 bits of the unicast address of the

target is not unique on the link.

• The following describes how this situation works.

• Node A has address 2001:DB8:200:300:400:500:1234:5678

• Node B has address 2001:DB8:200:300:500:AAAA:BBBB – Solicited-node multicast address FF02:0:0:0:0:1:FFAA:BBBB (the

same as node C)

• Node C has address 2001:DB8:200:300:501:AAAA:BBBB – Solicited-node multicast address FF02:0:0:0:0:1:FFAA:BBBB (the

same as node B)

1. Node A desires to exchange packets with node B. Node A sends a neighbor discovery packet to the solicited-node multicast address of B, FF02:0:0:0:0:1:AAAA:BBBB. Inside the packet is the full IPv6 address that node A is looking for (2001:DB8:200:300:500:AAAA:BBBB). This is called the target address.

2. Both node B and node C are listening to the same multicast address, so they both receive and process the packet.

3. Node B sees that the target address is its own and responds.

4. Node C sees that the target address is not its own and does not respond.

• In this manner, nodes can have the same solicited-node multicast address on the link without causing neighbor discovery, neighbor solicitation, or neighbor advertisement to malfunction.

ARP

Page 66: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

66

Anycast • An IPv6 anycast address is a global unicast address that

is assigned to more than one interface. – When a packet is sent to an anycast address, it is routed

to the “nearest” interface having that address. • In a WAN scope, the nearest interface is found according

to the measure of distance of the routing protocol.

• In a LAN scope, the nearest interface is found according to the first neighbor that is learned about.

• These are the characteristics of an anycast address:– Anycast addresses are allocated from the unicast address

space. They are indistinguishable from the unicast address.

– When assigned to a node interface, the node must be explicitly configured.

– A few anycast addresses are currently assigned, including the router-subnet anycast and the Mobile IPv6 home agent anycast.

– An anycast address must not be used as the source address of an IPv6 packet.

Page 67: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

67

IPv6 Mobility: Mobile IP • Mobile IP is an IETF standard available for

both IPv4 and IPv6. – It enables mobile devices to move without breaking

current connections.

– In IPv6, mobility is built in.

– In IPv4, mobility is a new function that must be added.

• For example, binding uses some header options (destination) that are mandatory for every IPv6 device. Also, IPv6 mobility creates a new “mobility” extension header.

Page 68: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

68

IPv6 Mobility: Mobile IP • RFC 3775

• Destination option– Mobile IPv6 defines one new

destination option, the Home Address destination option

RFC 2460

http://www.cisco.com/en/US/tech/tk872/

technologies_white_paper0900aecd8054d37d.shtml

4.1 Extension Header Order -- When more than one extension header is used in the same packet, it is recommended that those headers appear in the following order:

Page 69: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

69

IPv6 Mobility: Mobile IP

http://www.cisco.com/en/US/tech/tk872/technologies_white_paper0900aecd8054d37d.shtml

Figure 3. Data Traffic Between Two Mobile Nodes over the Route Optimized Path Figure 4. Binding Acknowledgment

Sent from a Correspondent Node to a Mobile Node

Page 70: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

70

Mobile IP• A standard that allows users with mobile devices whose IP

addresses are associated with one network to stay connected when moving to a network with a different IP address.

– When a user leaves the network with which his device is associated (home network) and enters the domain of a foreign network, the foreign network uses the Mobile IP protocol to inform the home network of a care-of address to which all packets for the user's device should be sent.

• Mobile IP is most often found in wireless WAN environments where users need to carry their mobile devices across multiple LANs with different IP addresses.

• A common analogy to explain Mobile IP is when someone moves his residence from one location to another.

– Person moves from Boston to New York. Person drops off new mailing address to New York post office. New York post office notifies Boston post office of new mailing address. When Boston post office receives mail for person it knows to forward mail to person's New York address.

http://www.webopedia.com/TERM/M/Mobile_IP.html

http://www.acm.org/crossroads/xrds7-2/

mobileip.html

Page 71: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

71

Mobile IP • The home agent, a designated router in the

home network of the mobile node, maintains the mobility binding in a mobility binding table where each entry is identified by the tuple <permanent home address, temporary care-of address, association lifetime>.

• Foreign agents are specialized routers on the foreign network where the mobile node is currently visiting.

http://www.acm.org/crossroads/xrds7-2/mobileip.html

Registration process in Mobile IP

Visitor List Mobility Binding Table

Page 72: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

72

Mobile IP

http://www.cisco.com/univercd/cc/td/doc/product/access/mar_3200/mar_conf/m507cfg.htm#wp1034919

Page 73: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

73

IPv6 Mobility: Mobile IP • Because of the vast IPv6 address space, foreign agents

are no longer required. – Infrastructures do not need an upgrade to accept Mobile

IPv6 nodes, so the care-of address (CoA) can be a global IPv6 routable address for all mobile nodes.

• The Mobile IPv6 model takes advantage of some of the benefits of the IPv6 protocol itself.

– Examples include option headers, neighbor discovery, and autoconfiguration.

• In many cases, triangle routing is eliminated, – because Mobile IPv6 route optimization allows mobile

nodes and corresponding nodes to communicate directly. • Mobile nodes work transparently even with other nodes

that do not support mobility (same as in IPv4 mobility). • The dynamic home agent address-discovery mechanism

in Mobile IPv6 returns a single reply to the mobile node.

• Reducing the amount of resulting overhead compared to Mobile IPv4.

– Most packets sent to a mobile node while it is away from home in Mobile IPv6 are sent using an IPv6 routing header rather than IP encapsulation,

Page 74: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

74

8.4 IPv6 Routing  Describing IPv6 Routing

• The following are summaries routing protocols used with IPv6.

• Static RoutingStatic routing with IPv6 is used and configured in the same way as IPv4.

– There is an IPv6-specific requirement per RFC 2461: A router must be able to determine the link-local address of each of its neighboring routers to ensure that the target address of a redirect message identifies the neighbor router by its link-local address.

– This requirement basically means that using a global unicast address as a next-hop address with routing is not recommended.

• RIPngRIP next generation (RIPng, RFC 2080) is a distance vector routing protocol with a limit of 15 hops that uses split horizon and poison reverse to prevent routing loops.

• The protocol implementation for IPv6 includes these characteristics:

– Based on IPv4 RIP version 2 (RIPv2) and similar to RIPv2

– Uses IPv6 for transport

– IPv6 prefix, next-hop IPv6 address

– Uses the multicast group FF02::9, the all-RIP-routers multicast group, as the destination address for RIP updates

– Updates sent on UDP port 521

Page 75: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

75

Describing IPv6 Routing (cont.)• OSPFv3

The protocol implementation for IPv6 includes these characteristics:

– Based on OSPF version 2 (OSPFv2), with enhancements

– Distributes IPv6 prefixes

– Runs directly over IPv6

– Operates as “ships in the night” with OSPFv2

• This implementation adds these IPv6-specific attributes:– 128-bit addresses

– Link-local address

– Multiple addresses and instances per interface

– Authentication (now uses IPsec)

– OSPFv3 runs over a link rather than a subnet

• IS-ISLarge address support facilitates the IPv6 address family. Intermediate System to Intermediate System (IS-IS) is the same as IPv4 with the following extensions added:

– Two new Type, Length, Value (TLV) attributes

– IPv6 reachability

– IPv6 interface address

– New protocol IDS

Page 76: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

76

Describing IPv6 Routing (cont.)• EIGRP

EIGRP can be used to route IPv6 prefixes. – EIGRP IPv4 runs over an IPv4 transport,

communicates only with IPv4 peers, and advertises only IPv4 routes.

– EIGRP for IPv6 follows the same model. EIGRP for IPv4 and EIGRP for IPv6 are configured and managed separately.

– The configuration of EIGRP for IPv4 and IPv6 is similar and provides operational familiarity and continuity.

• Multiprotocol BGP (MP-BGP)To make BGP4 available for other network-layer protocols, RFC 2858 (which replaces the obsolete RFC 2283) defines multiprotocol extensions for BGP4.

– Multiprotocol BGP is used to enable BGP4 to carry the information of other protocols, for example, Multiprotocol Label Switching (MPLS) and IPv6.

Page 77: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

77

Similarities Between OSPFv2 and OSPFv3 • Similarities to OSPFv2 include the following:

– Mechanisms for neighbor discovery and adjacency formation are identical.

– Operations of OSPFv3 over the RFC-compliant NBMA and point-to-multipoint topology modes are supported.

– LSA flooding and aging are the same for OSPFv2 and OSPFv3.

– OSPFv3 uses the same basic packet types as OSPFv2, such as hello packets, database description, link-state request (LSR), link-state update (LSU), and LSA.

• All of the optional capabilities of OSPF for IPv4, including on-demand circuit support, not-so-stubby areas (NSSAs), and the extensions to Multicast OSPF (MOSPF) are also supported in OSPF for IPv6.

Page 78: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

78

Differences Between OSPFv2 and OSPFv3 Differences between OSPFv2 and OSPFv3 include the following:• OSPFv3 runs over a link

– OSPF for IPv6 runs per link instead of the IPv4 of per IP subnet.

– The network statement is replaced by the ipv6 ospf process-id area area-id [instance instance-id] interface command.

• Link-local addresses are used – When configuring the ipv6 ospf neighbor command, OSPFv3 uses

IPv6 link-local addresses to identify the adjacency neighbors.

• Multiple OSPFv3 instance support – OSPFv3 uses a new field, called the Instance ID, to allow multiple

instances per link. By default, the ID is set to 0.

• Multicast addresses – FF02::5—Represents all SPF routers on the link-local scope,

equivalent to 224.0.0.5 in OSPFv2.

– FF02::6—Represents all DRs on the link-local scope, equivalent to 224.0.0.6 in OSPFv2.

• Removal of address semantics – IPv6 addresses are no longer present in the OSPF packet header.

– The router ID, area ID, and link-state ID remain at 32 bits.

– DR and BDR are identified by router ID and not by IP address.

• Security – OSPFv3 uses IPv6 AH and ESP extension headers, instead of the

variety of mechanisms defined in OSPFv2.

Page 79: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

79

LSA Types for IPv6 OSPFv3 LSA features include the following:

• The LSA is composed of a router ID, area ID, and link-state ID. They are each 32 bits.

– Although they are written in dotted decimal, they are not derived from an IPv4 address.

• LSAs have flooding scopes : – Link local:

• Flood all routers on the link.

– Area: • Flood all routers within an OSPF area.

– Autonomous system: • Flood all routers within the entire OSPF autonomous system.

• OSPFv3 IPv6 multicasting, using FF02::5 for all OSPF routers, and FF02::6 for OSPF DR and the OSPF BDR.

The two renamed LSAs are as follows:

• Interarea prefix LSAs for ABRs (type 3): – In OSPF for IPv6, addresses for these LSAs are expressed as

prefix, prefix length instead of address, mask.

– The default route is expressed as a prefix with length 0.

• Interarea router LSAs for ASBRs (type 4):

Page 80: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

80

LSA Types for IPv6 (cont.)The two new LSAs in IPv6 are as follows:

• Link LSAs (type 8): – Type 8 LSAs have link-local flooding scope and are

never flooded beyond the link with which they are associated.

– Link LSAs provide the link-local address of the router to all other routers attached to the link.

– Link LSAs also inform other routers attached to the link of a list of IPv6 prefixes to associate.

• Intra-area prefix LSAs (type 9): – A router can originate multiple intra-area prefix LSAs

for each router or transit network, each with a unique link-state ID.

– The link-state ID for each intra-area prefix LSA describes its association to either the router LSA or the network LSA.

– The link-state ID also contains prefixes for stub and transit networks.

Page 81: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

81

Address Prefix and LSAs • An address prefix occurs in almost all newly

defined LSAs. The prefix is represented by three fields: – Prefix Length,

– Prefix Options

– Address Prefix.

• In OSPF for IPv6, addresses for these LSAs are expressed as prefix, prefix length instead of address, mask in IPv4.

• The default route is expressed as a prefix with length 0.

• Type 3 and type 9 LSAs carry all IPv6 prefix information, which, in IPv4, is included in router LSAs and network LSAs.

Page 82: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

82

8.5 Implementing and Verifying OSPFv3  Configuring OSPFv3 in IPv6

• Many OSPFv3 commands are similar to OSPFv2. In most cases, you simply either prefix or replace ip in the OSPF command with ipv6.

– For example, use the ipv6 address command to assign an IPv6 address. To view the IPv6 routes, you issue the show ipv6 route command.

• The interfaces are configured to specify that IPv6 networks are part of the OSPFv3 network.

– Instead of using the network area command

• To configure OSPF for IPv6:– Step 1 Complete the OSPF network planning– Step 2 Enable IPv6 unicast routing using the ipv6

unicast-routing command. – Step 3 Enable IPv6 on the interface using the ipv6

ospf area command.– Step 4 (Optional) Configure OPSFv3 interface

specific settings, including area, router priority, and OSPFv3 path cost.

– Step 5 (Optional) Configure routing specifics from router configuration mode, including router priority, route summarization, and so on.

Page 83: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

83

Enabling OSPFv3 on an Interface • Most of the OSPFv3

configuration is done on the interface.

• Figure displays a sample configuration enabling an IPv6 IP address, area, router priority, and path cost.

Page 84: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

84

Configuring OSPFv3 Routing Specifics • OSPFv3 routing specifics are configured from

router configuration mode. To enter router configuration mode, use the ipv6 router ospf process-id command.

• For an IPv6-only router, a router ID parameter must be defined in the OSPFv3 configuration as an IPv4 address using the router-id router-id router configuration command.

– OSPFv3 uses a 32-bit number for a router ID.

– The OSPFv3 router ID can be expressed in dotted decimal, allowing easy overlay of an OSPFv3 network on an existing OSPFv2 network.

• If IPv4 is configured on the router, by default, the router ID is chosen in the same way as it is with OSPFv2.

– The highest IPv4 address configured on a loopback interface becomes the router ID.

– If no loopback interfaces are configured, the highest address on any other interface becomes the router ID.

Page 85: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

85

OSPFv3 Route Summarization • To consolidate and summarize

routes at an area boundary, use the area area-id range ipv6-prefix/prefix-length [advertise | not-advertise] [cost cost] IPv6 OSPF router command.– The cost of the summarized

routes is the highest cost of the routes being summarized.

Page 86: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

86

OSPFv3 Configuration Example • The example in Figure shows an

OSPF network of two routers, with an area 0 and area 1.

• The interface-specific command ipv6 ospf 100 area 0 creates the “ipv6 router ospf 100” process dynamically, – as does the ipv6 ospf 100 area 1

command.

Page 87: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

87

Verifying OSPFv3 • The show ipv6 ospf [process-id]

[area-id] interface [interface] command. – This command generates OSPF-related

interface information.

• The clear ipv6 ospf [process-id] {process | force-spf | redistribution | counters [neighbor [neighbor-interface | neighbor-id]]} command triggers SPF recalculation and repopulation of the Routing Information Base (RIB).

• The show ipv6 ospf [process-id] [area-id] command displays general information about OSPF processes.

Page 88: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

88

Verifying OSPFv3 Neighbors • To display OSPF neighbor

information on a per-interface basis, use the show ipv6 ospf neighbor command in user EXEC or privileged EXEC mode.

• The show ipv6 ospf neighbor detail command provides detailed information about IPv6 OSPF neighbors.

Page 89: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

89

Verifying OSPFv3 Database • To display lists of

information related to the OSPF database for a specific router, use the show ipv6 ospf database command in user EXEC or privileged EXEC mode. – The various forms of this

command deliver information about different OSPF link-state advertisements (LSAs).

• Figure illustrates sample output from the show ipv6 ospf database database-summary command.

Page 90: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

90

8.6 Using IPv6 and IPv4  IPv6 to IPv4 Transition Mechanism

• The transition from IPv4 to IPv6 does not require an upgrade on all nodes at the same time. – There are mechanisms available that allow

IPv4 nodes to communicate with IPv6 nodes.

• The two most common techniques to transition from IPv4 to IPv6 are as follows:– Dual stack

– IPv6-over-IPv4 (6to4) tunnels

• For communication between IPv4 and IPv6 networks, IPv4 addresses can be encapsulated in IPv6 addresses.

• Figure displays an example of a transition and integration mechanism. The 6to4 routers automatically encapsulate the IPv6 traffic inside IPv4 packets.

Page 91: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

91

IPv6 to IPv4 Transition Mechanism

• The two most common techniques to transition from IPv4 to IPv6 are as follows:– Dual stack – IPv6-over-IPv4 (6to4) tunnels

• This module actually cover 3 types:(1) Dual-stack techniques, to allow IPv4

and IPv6 to co-exist in the same devices and networks

(2) Tunneling techniques, to avoid order dependencies when upgrading hosts, routers, or regions

(3) Translation techniques, to allow IPv6-only devices to communicate with IPv4-only devices

Page 92: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

92

IPv6 to IPv4 Transition Mechanism

http://www.cisco.com/en/US/tech/tk872/technologies_white_paper09186a00800c9907.shtml

Page 93: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

93

Cisco IOS Dual Stack • Dual stack is an integration method where a

node has implementation and connectivity to both an IPv4 and IPv6 network. – A dual-stack node chooses which stack to use

based on the destination address.

– A dual-stack node prefers IPv6 when available.

• As soon as IPv4 and IPv6 basic configurations are complete on the interface, the interface is dual-stacked, and it forwards IPv4 and IPv6 traffic. – Using IPv6 on a Cisco IOS router requires that

you use the global configuration command ipv6 unicast-routing. This command enables the forwarding of IPv6 datagrams.

– The ipv6 address [IPv6-address] [/prefix length] command specifies an IPv6 network assigned to the interface and enables IPv6 processing on the interface.

Page 94: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

94

Overlay Tunnels • Networking often uses tunnels to overlay an

incompatible functionality on an existing network. – Tunneling IPv6 traffic over an IPv4 network

requires one edge router to encapsulate the IPv6 packet inside an IPv4 packet and another router to decapsulate it.

• This method of encapsulation is IPv4 protocol has the following characteristics:– Includes a 20-byte IPv4 header with no options

and an IPv6 header and payload.

– Considered dual stacking, which enables the connection of IPv6 islands without converting an intermediary network to IPv6.

– Tunneling presents these issues: • The MTU is decreased by 20 octets (if the IPv4

header does not contain any optional field).

• Difficult to troubleshoot.

Page 95: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

95

Isolated Dual-Stack Host • Encapsulation can be done by

edge routers between hosts or between a host and a router. – The example in Figure shows an

isolated dual-stack host using an encapsulated tunnel to connect to the edge router of the IPv6 network.

• Tunneling does not work if an intermediary node between the two end points of the tunnel, such as a firewall, filters out IPv4 protocol 41, which is the IPv6-over-IPv4 encapsulation.

Page 96: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

96

Tunneling Type• Cisco IOS IPv6 supports the

following types of overlay tunneling mechanisms: – Manual (RFC 2893)– Generic routing encapsulation

(GRE) (RFC 2473)– IPv4-compatible (RFC 2893)– 6to4 (RFC 3056)– Intra-Site Automatic Tunnel

Addressing Protocol (ISATAP)

http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/products_configuration_guide_chapter09186a00801d6604.html

Page 97: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

97

Configuring Tunneling • If you are manually configuring

a tunnel, you should configure both the IPv4 and IPv6 addresses statically. You should perform this configuration on the routers at each end of the tunnel. – Tunnel endpoints can be

unnumbered, but unnumbered endpoints make troubleshooting difficult.

– The IPv4 practice of saving addresses for tunnel endpoints is no longer an issue.

Page 98: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

98

Example of a Configured Tunnel • The example in Figure shows how to

configure an IPv6 overlay tunnel manually.

• The host or router at each end of a configured tunnel must support both the IPv4 and IPv6 protocol stacks.

• The command that enables the IPv6 overlay tunnel is tunnel mode ipv6ip. – Specifically, it specifies that IPv6 is the

passenger protocol and that IPv4 will be used as both the encapsulation and transport protocol.

Manually Configured Tunnel (RFC 2893)

Manually Configured tunnels require:* Dual stack end points* Both IPv4 and IPv6 addresses configured at each end

Page 99: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

99

Example of a Configured Tunnel • Several other automatic tunneling transition

mechanisms exist, including these:– 6to4: Uses the reserved prefix 2002::/16 to

allow an IPv4 Internet-connected site to create and use a /48 IPv6 prefix based on a single globally routable or reachable IPv4 address.

– Intra-Site Automatic Tunnel Addressing Protocol (ISATAP): Allows an IPv4 private intranet (which may or may not be using RFC 1918 addresses) to incrementally implement IPv6 nodes without upgrading the network.

• Another transition mechanism is Teredo (formerly known as Shipworm). This mechanism tunnels IPv6 datagrams within IPv4 UDP. This method provides for private IPv4 address use and IPv4 NAT traversal.

Page 100: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

100

Example of a Configured Tunnel

• Apply to ISP and Enterprise WAN networks– GRE, Configured Tunnels, Automatic

Tunnels using IPv4 compatible IPv6 Address, 6to4

• Apply to Campus– ISATAP

Page 101: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

101

Example of a Configured Tunnel • Unicast 6to4 addresses (2002::/16)

– A 6to4 address combines the prefix 2002::/16 with the 32 bits of the public IPv4 address of the node to create a 48-bit prefix — 2002:WWXX:YYZZ::/48, where WWXX:YYZZ is the colon-hexadecimal representation of w.x.y.z, a public IPv4 address.

– Therefore, the IPv4 address 192.168.99.1 translates into a 6to4 address prefix of 2002:C0A8:6301::/48, and 192.168.33.1 translates into 2002:C0A8:2101::/48.

For the complete running config, see

http://www.cisco.com/en/US/tech/tk872/technologies_configuration_example09186a00801f3b4f

.shtml

Page 102: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

102

IPv6 to IPv4 Tunneling and Addresses • When an IPv6 packet with a

destination address in the range of 2002::/16 reaches the 6to4 edge router, the 6to4 edge router extracts the IPv4 address that is embedded in the 2002:: destination address (inserted between the third and sixth octets, inclusive).

• The 6to4 router then encapsulates the IPv6 packet in an IPv4 packet with the destination IPv4 address that was extracted from inside the IPv6 destination address.

6to4 Tunnel:Is an automatic tunnel methodGives a prefix to the attachedIPv6 network2002::/16 assigned to 6to4Requires one global IPv4 addresson each Ingress/Egress site

Page 103: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

103

http://www.pt.ipv6tf.org/documentos/geral/cisco/ipv6_IntegrationAndTransition_Abr2003.pdf

Page 104: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

104

Example of a Configured Tunnel • Unicast ISATAP addresses

– IPv6 uses ISATAP addresses to communicate between two IPv6/IPv4 nodes over an IPv4 intranet.

– Although a 6to4 address can incorporate only a public IPv4 address, an ISATAP address can incorporate either a public or a private IPv4 address.

• An ISATAP address combines – a 64-bit unicast link-local, site-local, or global prefix

(a global prefix might be a 6 to 4 prefix) with

– a 64-bit suffix constructed of the ISATAP identifier 0:5EFE, followed by

– the IPv4 address assigned to an interface of the host.

• Alternatively, the IPv4 address (in this example, 131.107.129.8) can be written in hexadecimal (in this example, 836B:8108).

• By default, the IPv6 protocol for Windows XP and members of Windows Server 2003 automatically configures the ISATAP address of FE80::5EFE:w.x.y.z for each IPv4 address that is assigned to the node.

http://technet2.microsoft.com/windowsserver/en/library/32ede176-9a94-46b5-85d2-e0f072c485621033.mspx?

mfr=true

Page 105: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

105

Example of a Configured Tunnel • Intra-Site Automatic Tunnel

Addressing Protocol (ISATAP): Allows an IPv4 private intranet (which may or may not be using RFC 1918 addresses) to incrementally implement IPv6 nodes without upgrading the network.

http://www.pt.ipv6tf.org/documentos/geral/cisco/ipv6_DeploymentScenarios_Abr2003.pdf

Page 106: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

106

Translation of NAT-PT • For legacy equipment that will not be upgraded to IPv6

and for some deployment scenarios, techniques that can connect IPv4-only nodes on IPv6-only nodes are available. Translation is basically an extension of NAT techniques.

– NAT-Protocol Translation (NAT-PT) is a translation mechanism that sits between an IPv6 network and an IPv4 network. The translator translates IPv6 packets into IPv4 packets and vice versa.

– Static NAT-PT uses static translation rules to map one IPv6 address to one IPv4 address.

• Figure shows how the IPv6-only node (Node A) can communicate with the IPv4-only node (Node D) using NAT-PT. The NAT-PT device is configured to map the source IPv6 address for node A of 2001:0db8:bbbb:1::1 to the IPv4 address 192.0.2.2. NAT-PT is also configured to map the source address of IPv4 node C, 192.0.30.1 to 2001:0db8::a.

Page 107: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

107

Translation of NAT-PT

http://www.pt.ipv6tf.org/documentos/geral/cisco/ipv6_IntegrationAndTransition_Abr2003.pdf

Page 108: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

108

Translation of NAT-PT

Page 109: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

109

Configuring Windows XP

Page 110: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

110

Configuring Windows XP

Page 111: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

111

Configuring Windows XP• No ipv6 • Add ipv6

IPv6 for Microsoft Windows: Frequently Asked Questions

http://www.microsoft.com/technet/network/ipv6/ipv6faq.mspx

Page 112: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

112

Configuring Windows XP• Zone IDs for Local-Use IPv6 Addresses

– Unlike global addresses, link-local and site-local address prefixes can be reused. Because of this address prefix reuse capability, link-local and site-local addresses are ambiguous.

– To specify which link on which a link-local address is assigned or located or within which site a site-local address is assigned or located, IPv6 uses an additional identifier known as a zone identifier (ID) (also known as a scope ID).

– The syntax specified in RFC 4007 for identifying the zone associated with a local-use address is the following:

• Address%zone_ID– Address is a local-use address and zone_ID is an integer value

representing the zone. The values of the zone ID are defined relative to the host. Therefore, different hosts might determine different zone ID values for the same physical zone. For example, Host A might choose 3 to represent the zone of an attached link and host B might choose 4 to represent the same link.

• For Windows-based IPv6 hosts, the zone IDs for local-use addresses are defined as follows:

– For link-local addresses, the zone ID is typically the interface index of the interface either assigned the address or to be used as the sending interface for a link-local destination. The interface index is an integer starting at 1 that is assigned to IPv6 interfaces, which include a loopback and one or multiple tunnel or LAN interfaces.

– You can view the list of interface indexes from the display of the netsh interface ipv6 show interface command.Also see RFC 4007

netsh interface ipv6 show interface

Page 113: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

113

Configuring Windows XPPing yourself and your own loopback

Ping your neighbor and you have to use the zone ID as part of address

Page 114: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

114

Configuring Windows XP

netsh interface ipv6 show interface

netsh interface ipv6 show address

Page 115: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

115

Lab 8-1 Configuring OSPF for IPv6 • Configure a static IPv6 address

on an interface • Change the default-link local

address on an interface • Configure an EUI-64 IPv6

address on an interface • Enable IPv6 routing and CEF • Configure and verify single-

area OSPFv3 operation

Page 116: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

116

Lab 8-2 Using Manual IPv6 Tunnels • Configure EIGRP for IPv4

• Create a manual IPv6 tunnel

• Configure OSPFv3

Page 117: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

117

Lab 8-3 Configuring 6to4 Tunnels • Configure EIGRP for IPv4

• Create a 6to4 tunnel

• Configure static IPv6 routes

Page 118: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

118

Summary • This module is an overview of IP version 6 (IPv6),

beginning with why it will become the protocol of choice in the future and the benefits of that choice.

• A major portion of the module was devoted to describing routing IPv6. All possible routing protocols were defined and Open Shortest Path First Protocol (OSPF) for IPv6 was covered in more detail.

• Cisco IOS configuration, verification, and troubleshooting commands were shown.

Cisco IOS IPv6 Configuration Library

http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/products_configuration_guide_book09186a00801d65f9.html

For other IPv6 routing protocol see:

Page 119: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

119

The End• Questions?

http://www.ripe.net/ripe/meetings/ripe-43/tutorials/ripe43-ipv6-tutorial.pdf

http://www.nro.net/statistics/

http://ipv6.internet2.edu/fiu/presentations/

http://www.cisco.com/en/US/tech/tk872/tech_white_papers_list.html

http://www.ip6.com/us/book/index.html

Cisco IOS IPv6 Configuration Library

http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/products_configuration_guide_book09186a00801d65f9.html

Page 120: 1 College of DuPage CCNP1 V5.0 Building Scalable Internetworks: Module 8: IPV6 By Tony Chen 05-2007

120

More Information• CCO IPv6 - http://www.cisco.com/ipv6• The ABC of IPv6

– http://www.cisco.com/en/US/products/sw/iosswrel/products_abc_ios_overview.html

• IPv6 e-Learning [requires CCO username/password]– http://www.cisco.com/warp/customer/732/Tech/ipv6/elearning/

• IPv6 Access Services :– http://www.cisco.com/warp/public/732/Tech/ipv6/docs/

ipv6_access_wp_v2.pdf• ICMPv6 Packet Types and Codes TechNote:

– http://www.cisco.com/warp/customer/105/icmpv6codes.html• Cisco IOS IPv6 Product Manager – [email protected]