ipv6 in enterprise unified communications...
TRANSCRIPT
IPv6 in Enterprise Unified Communications Networks
BRKCOL-2020
Tony Mulchrone - Technical Marketing EngineerCisco Collaboration Technology Group
IPv6 Addressing summaryIPv6 and UC Networks summaryIPv6 Addressing and Cisco devicesDHCP and DNS for IPv6IPv6 Campus and WAN Deployment OptionsIPv6 UC Configuration CUCM IPv6 Device Configuration Parameters and Media HandlingOther IPv6 Design ConsiderationsIPv6 UC Deployment GuidelinesSummary
Agenda
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Why Deploy IPv6 ?
• IPv6 deployment is primarily driven by IPv4 address space exhaustio
• The number of applications, devices, services requiring IP addresses is rapidlyincreasing as the world becomes more and more IP centric
• Addresses in IPv6 are 128 bits long versus 32 bits IPv4 address. The larger addressspace avoids the potential exhaustion of IP addresses without need for NetworkAddress Translation.
• By avoiding the need for complex sub-netting scheme, IPv6 addressing space easierto understand, making administration of medium and larger networks simpler.
• IPv6 hosts can be configured automatically using Stateless Address Auto-Configuration (SLACC) when connected to a routed IPv6 network using ICMPv6 routerdiscovery messages.
BRKCOL-2020 4
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
• IPv4 uses 32 bits
• = ~ 4,200,000,000 possible addressable nodes
• CIDR and NAT techniques used to make the best possible use of address space
• IPv6 uses 128 bits
• = 340,282,366,920,938,463,463,374,607,431,768,211,456 nodes
• = 52 Trillion Trillion addresses per person in the world
• = More than enough
• Allows for scalable, simple and easily understandable addressing schemes
IPv6 Addressing Space
IPv4 = 32 bits
IPv6 = 128 bits
BRKCOL-2020 5
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 Address Format
• An IPv6 address is composed of 8 sets of 16 bit hexadecimal values, 128 bits in length
• 2001:0db8:1234:5678:9abc:def0:1234:5678• 16 bit hex values are separated by colons (:)
• Abbreviation is possibleLeading zeros can be omitted
Consecutive zeros in contiguous blocks can be represented by (::)• 2001:0db8:0000:130F:0000:0000:087C:140B • becomes• 2001:0db8:0:130F::87C:140BDouble colons can only appear once in the address
• Network prefix representation like IPv4 CIDR ---
• e.g. 2001:db8:12::/64
BRKCOL-2020 6
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 Address Network and Host IDs
XXXX:XXXX:XXXX:XXXX:YYYY:YYYY:YYYY:YYYY
Host ID
64 Bits64 Bits
Network ID
00 90 27 FF FE 17 FC 0F
FF FE
00 90 27 17 FC 0F
00 90 27 17 FC 0F
000000U0 Where U=
1 = Unique ID
0 = Not Unique
02 90 27 FF FE 17 FC 0F
U = 1
IPv6 Unicast addresses use 64 bits for the Network ID and 64 bits for the Host ID
The Host ID can be auto-configured by :
1) Using a randomly generated number, or
2) By using the (Extended Unique Identifier) EUI-64 format. This format expands the 48 bit MAC address to 64 bits by inserting FFFE into the middle 16 bits. Cisco commonly uses this Host ID format.
3) The host ID can also be assigned using DHCPv6 or manually configured
BRKCOL-2020 7
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 - Addressing Model
• Addresses are assigned to interfaces
• An Interface is expected to have multiple addresses
• Addresses have “scope”
Link Local
Unique Local
Global Link LocalUnique LocalGlobal
BRKCOL-2020 8
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Primary Types of IPv6 Address
• Unicast AddressIdentifies a single node/interface. Traffic destined to a Unicast address is forwarded to a single interface
• Multicast AddressIdentifies a group of nodes/interfaces. Traffic destined to a Multicast address is forwarded to all the nodes in the group
• No more Broadcast addressesToo resource intensive, IPv6 uses Multicast addresses instead
BRKCOL-2020 9
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Link-Local Unicast Addresses
Link-Local Addresses are :
• Mandatory addresses - used exclusively for communication between two IPv6 devices on the same link.
• Automatically assigned by the device as soon as IPv6 is enabled
• Only Link Specific scope – not routed
• Remaining 54 bits of network ID are typically zero but could be set to any manually configured value
• Interface ID has the same meaning for all unicast addresses, 64 bits long using the EUI-64 format
• Example - FE80:0000:0000:0000:0987:65FF:FE01:2345
• Generally represented as FE80::987:65FF:FE01:2345
Remaining 54 Bits
128 Bits
Interface ID
1111 1110 10
FE80::/10
10 Bits
BRKCOL-2020 10
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Unique-Local Unicast Addresses
Unique-Local Addresses are :
• Analogous to Private IPv4 addresses (e.g. 10.1.1.254)
• Not Routable on the Internet – (would require IPv6 NAT)
• Global IDs do not have to be aggregated
• Subnet IDs are defined by the administrator of the local domain
• Subnet IDs typically use a hierarchical addressing plan to allow for route summarization
• Interface ID has the same meaning for all unicast addresses, 64 bits long using the EUI-64 format
• Example - FD00:aaaa:bbbb:CCCC:0987:65FF:FE01:2345
Global ID 40 Bits
Subnet ID
16 Bits
128 Bits
Interface ID
1111 110
FD00::/7
7 Bits
1
1 Bit : L = 1 Locally assigned; L = 0 Future Use
BRKCOL-2020 11
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Global Unicast Addresses
Global Unicast Addresses are :
• Routable / reachable across the Internet
• Identified by their 3 high level bits set to 001 ( 2000::/3 )
• Global Routing Prefix assigned to Regional Internet Registries by Internet Assigned Numbers Authority (IANA) – Next Level Aggregator (NLA) assigned to ISP
• Site Level Aggregator (Subnet ID) assigned to a customer by their Service Provider
• Example - 2001:0DB8:BBBB:CCCC:0987:65FF:FE01:2345
001
64 Bits3 21 Bits 16 Bits
LAN Host
Global Prefix
TLA SLA Interface ID
24 Bits
RIR ISP
NLA
/24 /48 /64
Network ID
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 Multicast Addresses
IP multicast addresses have a prefix FF00::/8 (1111 1111)
The second octet defines the lifetime and scope of the multicast address
Used for Router Advertisements, DHCP, Multicast Applications
Multicast addresses are always destination addresses
Lifetime
0 If Permanent
1 If Temporary
Scope
1 Node
2 Link
5 Site
8 Organization
E Global
Group-IDScopeLifetime1111 1111
112-bits4-bits4-bits8-bits
128 Bits
BRKCOL-2020 13
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Address Scope Meaning
FF01::1 Node-Local Same Node
FF02::1 Link-Local All Nodes on a Link
FF01::2 Node-Local Same Router
FF02::2 Link-Local All Routers on a Link
FF05::2 Site-Local All Routers on Intranet
FF02::1:FFXX:XXXX Link-Local Solicited-Node
Some Well-Known Multicast Addresses
More details at http://www.iana.org/assignments/ipv6-multicast-addresses
Solicited Node Addresses - Used for Neighbor Discovery and Duplicate Address Detection
IPv6 Addressing summaryIPv6 and UC Networks summaryIPv6 Addressing and Cisco devicesDHCP and DNS for IPv6IPv6 Campus and WAN Deployment OptionsIPv6 UC Configuration CUCM IPv6 Device Configuration Parameters and Media HandlingOther IPv6 Design ConsiderationsIPv6 UC Deployment GuidelinesSummary
Agenda
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv4 and IPv6 – Icons and Terminology
IPv4 Only
Device communicates with and understands IPv4 addresses only
IPv6 Only
Device communicates with and understands IPv6 addresses only
Dual Stack (IPv4 and IPv6) with ANAT
This device communicates with and understands both IPv4 and IPv6 addressesand can also negotiate the use of either IPv4 or IPv6 for media
IPv6 Aware
Device communicates with IPv4 addresses, but can receive and understand IPv6addresses embedded in Application PDUs – Typically used by applications whichuse IPv4 to transport IPv6 information
v4 v6
v6v4
v4
v6
BRKCOL-2020 16
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv4 and IPv6 Product Support UC11.X - Summary (1 of 2)
• Call ControlCUCM 7.1(2)+ IM & P Services 10.5(1) – External Connections only e.g. federationCUBE 12.4(22)T+CUCME 8.0+
• Cisco IP Phones
7906G, 7911G, 7931G, 7941G, 7941GE, 7942G, 7945G, 7961G, 7961GE, 7962G, 7965G, 7970G, 7971G-GE, 7975G
6901, 6911, 6921, 6922, 6941, 6942, 6945, 6946, 6961, 6962
3905, 7821, 7841, 7845, 7861, 8961, 9951, 9971
SIP based Cisco Telepresence Endpoints:
C20, C40, C60, C90, MX Series, DX Series, EX Series, SX20, SX60
v6v4v4 v6
v6v4v4 v6
BRKCOL-2020 17
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Gateways
IOS SIP Gateways – ISR G2 , ASR
SCCP/SIP Analogue Gateways – VG Gateway platforms
SCCP FXS ports on ISR G2 routers
IOS software and harwdare MTPs for IPv4 - IPv6 RTP Media conversion
CUBE IPv4 to IPv6 voice interworking
• CUCM SIP Trunks
IPv4/IPv6 signalling, ANAT for Dual stack media negotiation
• Applications
Unity Connection – IPv4, IPv4/IPv6 ANAT
Cisco WebEx Meeting Server – IPv4, IPv4/IPv6 ANAT for Web/Audio connections only.
Cisco Prime Collaboration Suite – IPv4, IPv6 Aware
Cisco Meeting Server - IPv4, IPv6
Cisco Telepresence Server - IPv4, IPv4/IPv6 ANAT; Cisco TP Conductor – IPv4
IPv4 and IPv6 Product Support UC11.X - Summary (2 of 2)v6v4v4 v6
v6v4v4 v6
v6v4v4 v6
BRKCOL-2020 18
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
MGCP/ H323Gateways
Cisco Expressway C/E
CUCME (SCCP Phones only)
SRST
CUBE / SIPGateways
Newer SCCP based Phones
Newer SIP based Phones
SIP Trunks
IPv4/IPv6 IPv4 Only
H323 ICT Trunks
Older SCCP based Phones
Jabber Mobile Clients
Soft Phones
SIP TelePresence Endpoints
v4
v4
v4 v4
v4v4
v4
VG Analogue Gateways
SCCP ISR Analogue Ports
Older SIP based Phones
v4v6v4
v6v4
v6v4 v6v4
v6v4
v6v4 v6v4
v6v4
v6v4
IPv6 Capable UC Devices – Summary
BRKCOL-2020 19
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Unity Connection
IOS based DHCP/ DNS
Cisco Prime Collaboration Suite
Cisco Emergency Responder
Cisco Webex Meeting Server
Newer SCCP based Phones
Newer SIP based Phones
SIP Trunks
IPv4/IPv6 IPv4 Only
H323 ICT Trunks
Unified Contact
Centre
Telepresence Server
TelePresence Endpoints
v4
IM&P
Directory
Unity Express
v4
v4
v6v4
v4
v6v4
v6v4
v6v4
v6v4
v6v4 v6v4
v4 v6
v6v4
v4
v6v4
IPv6 Capable UC Applications - Summary
v4
v4 v6
Cisco Meetings Server v6
IPv6 Addressing summaryIPv6 and UC Networks summaryIPv6 Addressing and Cisco devicesDHCP and DNS for IPv6IPv6 Campus and WAN Deployment OptionsIPv6 UC Configuration CUCM IPv6 Device Configuration Parameters and Media HandlingOther IPv6 Design ConsiderationsIPv6 UC Deployment GuidelinesSummary
Agenda
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – CUCM Addressing
• CUCM can support:One Link Local IPv6 Address and
One Unique Local IPv6 Address or
One Global IPv6 Address
(and an IPv4 address)
v6v4v4
BRKCOL-2020 22
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – IP Phone Addressing
• IP Phones can support:One Link Local IPv6 Address and Multiple Unique Local IPv6 AddressesMultiple Global IPv6 Addresses(and an IPv4 address)
• IP Phone will use one IPv6 address (Global or Unique Local) for CUCM signaling and media.
• A Link Local address will never be sent to CUCM as a signaling and media address
• If the phone has both Unique Local and Global addresses, the Global Addresses take precedence over Unique Local Addresses.
• If multiple Unique Local or multiple Global addresses exist - the first address configured will be used as the signaling and media address sent to CUCM
v6v4v4 v6
BRKCOL-2020 23
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – IOS Addressing
• IOS devices can support:One Link Local IPv6 Address andMultiple Unique Local IPv6 AddressesMultiple Global IPv6 Addresses(and multiple IPv4 addresses)Per Interface
• Routers use Link Local Addresses for Routing protocols and the Address Selection Algorithm (RFC 3484) for applications running on routers (Telnet, SSH, etc.)
• e.g. For responses to devices - Routers will try to use the same Network Prefix as the device initiating communications
v6v4v4 v6
BRKCOL-2020 24
IPv6 Addressing summaryIPv6 and UC Networks summaryIPv6 Addressing and Cisco devicesDHCP and DNS for IPv6IPv6 Campus and WAN Deployment OptionsIPv6 UC Configuration CUCM IPv6 Device Configuration Parameters and Media HandlingOther IPv6 Design ConsiderationsIPv6 UC Deployment GuidelinesSummary
Agenda
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IP Phones – IPv4 and IPv6 Address Allocation Options
• IPv4 Address Configuration Options
• Manual Configuration via Phone User Interface
• DHCPv4
• IPv6 Address Configuration Options
• Manual Configuration via Phone User Interface
• Auto Configuration
• DHCPv6
• Note - Phones require a minimum of an IP address and TFTP server address
• IOS supports DHCPv6 server with vendor option classes
BRKCOL-2020 26
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IP Phone – IPv6 Address Allocation – SLAACStateLess Address Auto-Configuration (SLAAC) - RFC 2462
• Configurable for IPv6 enabled Phones CUCM Default - Auto Configuration = On
• On power up phone sends a Router Solicitation (RS) message requesting Address configuration information
• Router responds and periodically sends a Router Advertisement (RA)
• RA can contain one or more Network Prefixes
• Network Prefix and EUI-64 Host ID used to create interface address
• RA also contains O and M bits:O bit = 1 • Indicates that the Phones should use the advertised Network Prefix(es) to auto-configure its address,
but should also request Other information from the DHCP server e.g. TFTP server address, DNS server address
M bit =1 • Indicates that the Phone should use DHCP for stateful address assignment
BRKCOL-2020 27
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – Router Advertisements and DHCP Operation
RA with “O” and /or “M” bit set
IP PhoneDHCPv6 Client
Solicit
Advertise
Request
ReplyDHCPv6 Server
Stateless DHCPWhen a router sends an Router Advertisement (RA) with the ‘O’ bit set, but does not set the ‘M’ bit, the client can use Stateless Address Auto-configuration (SLAAC) to obtain its IPv6 address, and use DHCPv6 for obtaining additional information. (e.g. TFTP Server address, DNS server address). This mechanism is known as Stateless DHCPv6, because the DHCPv6 server does not need to keep track of the client address bindings.Stateful DHCPWhen a router sends an RA with the ‘M’ bit set, this indicates that clients should use DHCP to obtain Addresses. Note - When the M bit is set, the setting of the O bit is irrelevant, since the DHCP server will also return “Other” configuration information together with addresses. This mechanism is known as Stateful DHCPv6, because the DHCPv6 server does keep track of the client address bindings.
BRKCOL-2020 28
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IP Phones – IPv6 Address Allocation - DHCPv6 Methods:
• Stateless DHCPv6 (RFC 3736)DHCP server only provides Other Information – e.g. DNSv6 Server, TFTP Server address
• Stateful DHCPv6 (RFC 3315)DHCP server provides IPv6 Network Address and optionally :
• Host ID - Host ID can also be generated by host using EUI-64• Other Information – e.g. DNS Server address, TFTP Server Address• Note Default Router address is not a required option with IPv6 - Multicast is used instead to discover Routers on the Link
• DHCPv6 Prefix Delegation (RFC 3633)Primarily used by Service Providers to automatically assign a Network Prefix to a customer’s site –Allows the delegation of prefixes from a delegating router to requesting routers.
• Devices use Multicast to find DHCPv6 servers
• IOS DHCP Relay is supported
BRKCOL-2020 29
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – DNS
• CUCM can use DNS Name to Address Resolution for three purposes :
If DNS names are used to define CUCM servers
If SIP Route Patterns use DNS names to define destinations
If SIP Trunks use DNS names to define Trunk destinations
• The principle for IPv6 DNS is the same as IPv4 but :
The nomenclature is differentAAAA instead of A records
DNS name to address queries can return multiple IPv6 addresses (and an IPv4 address)
IPv4 IPv6
Hostname to IP Address Resolution
A record:
www.abc.test. A 192.168.30.1
AAAA record:
www.abc.test AAAA 2001:db8:C18:1::2
IP Address to Hostname Resolution
PTR record: 2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.8.1.c.0.8.b.d.0.1.0.0.2.ip6.arpa PTR www.abc.test.
PTR record:
1.30.168.192.in-addr.arpa. PTR www.abc.test.
BRKCOL-2020 30
IPv6 Addressing summaryIPv6 and UC Networks summaryIPv6 Addressing and Cisco devicesDHCP and DNS for IPv6IPv6 Campus and WAN Deployment OptionsIPv6 UC Configuration CUCM IPv6 Device Configuration Parameters and Media HandlingOther IPv6 Design ConsiderationsIPv6 UC Deployment GuidelinesSummary
Agenda
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
General IPv6 Deployment Guidelines
• Almost all IPv6 deployments will run a combination of IPv4 and IPv6
• Both LAN and WAN environments also need to be considered when deploying IPv6 for UC
• In almost all cases…… Dual Stack deployments offer the best approach when introducing IPv6 into any network environment - As both IPv4 devices and Dual Stack (IPv4/IPv6) devices can interoperate and disruption to the existing network is minimal.
• In the following sections we will focus on IPv6 deployments for UC. We will touch upon the Campus and WAN environments, but mainly to reference existing design guidance for IPv6 deployment
BRKCOL-2020 32
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 Campus DeploymentsDual Stack Campus Model
Dual Stack is the preferred and most versatile way to deploy IPv6 in existing IPv4 environments. Dual Stack is not the only IPv6 deployment option in a Campus environment - other hybrid models that use tunnelling in the Campus network also exist.
For more info see : Deploying IPv6 in Campus networks http://www.cisco.com/application/pdf/en/us/guest/netsol/ns107/c649/ccmigration_09186a00807753a6.pdf
Also : This week at Cisco Live Berlin BRKRST-2301 Enterprise IPv6 Deployment - 9am Friday
BRKCOL-2020 33
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Campus IPv6 Deployment OptionsDual-Stack IPv4/IPv6
• IPv6 is transparent on L2 switches except for multicast -MLD snooping is available on most switching platforms
• IPv6 uses the same types of routing protocols as IPv4, but with some slight modifications to account for specific requirements of IPv6
The Catalyst platforms support Static, RIPng, EIGRP and OSPFv3 routing for IPv6
• IPv6 First Hop Redundancy Protocols such as HSRP & GLBP are supported by IOS routing platforms. HSRP & GLBP are supported by most Catalyst platforms
• Use Cisco First Hop Security for IPv6 to secure your Layer 2 environment (Cisco FHS includes RA guard, DHCP guard, IPv6 Snooping and more …http://www.cisco.com/c/dam/en/us/products/collateral/ios-nx-os-software/enterprise-ipv6-solution/aag_c45-707354.pdf
Distribution Layer
AccessLayer
CoreLayer
AggregationLayer (DC)
IPv6& IPv4 Dual Stack Hosts
AccessLayer (DC)
Dual-stackServer
Dual Stack
BRKCOL-2020 34
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
DualStack
SPCloud
HeadquartersIPv6 WAN/Branch Deployment
• Cisco routers have supported IPv6 for a long time
• Dual-stack should be the focus of your implementation…but, some situations still call for tunneling
• IPv6 is supported for every media/WAN type (Frame Relay, leased-line, broadband, MPLS, etc.)……
• Don’t assume all features for every technology are IPv6-enabled Dual Stack Dual Stack
http://www.cisco.com/en/US/docs/solutions/Enterprise/Branch/BrchIPv6.html
Dual StackDual Stack
BRKCOL-2020 35
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
MGCP/ H323Gateways
Cisco Expressway C/E
CUCME (SCCP Phones only)
SRST
CUBE / SIPGateways
Newer SCCP based Phones
Newer SIP based Phones
SIP Trunks
IPv4/IPv6 IPv4 Only
H323 ICT Trunks
Older SCCP based Phones
Jabber Mobile Clients
Soft Phones
SIP TelePresence Endpoints
v4
v4
v4 v4
v4v4
v4
VG Analogue Gateways
SCCP ISR Analogue Ports
Older SIP based Phones
v4v6v4
v6v4
v6v4 v6v4
v6v4
v6v4 v6v4
v6v4
v6v4
IPv6 Capable UC Devices – Summary
BRKCOL-2020 36
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Unity Connection
IOS based DHCP/ DNS
Cisco Prime Collaboration Suite
Cisco Emergency Responder
Cisco Webex Meeting Server
Newer SCCP based Phones
Newer SIP based Phones
SIP Trunks
IPv4/IPv6 IPv4 Only
H323 ICT Trunks
Unified Contact
Centre
Telepresence Server
TelePresence Endpoints
v4
IM&P
Directory
Unity Express
v4
v4
v6v4
v4
v6v4
v6v4
v6v4
v6v4
v6v4 v6v4
v4 v6
v6v4
v4
v6v4
IPv6 Capable UC Applications - Summary
v4
v4 v6
Cisco Meetings Server v6
IPv6 Addressing summaryIPv6 and UC Networks summaryIPv6 Addressing and Cisco devicesDHCP and DNS for IPv6IPv6 Campus and WAN Deployment OptionsIPv6 UC Configuration CUCM IPv6 Device Configuration Parameters and Media HandlingOther IPv6 Design ConsiderationsIPv6 UC Deployment GuidelinesSummary
Agenda
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – CUCM Configuration Steps
• Server Platform IPv6 Address configuration
• CUCM IPv6 Address configuration
• CUCM IPv6 Cluster wide configuration
• IPv6 Device Specific configuration parameters
• Common Device configuration
• SIP Trunk configuration• SIP ANAT and CUCM Trunk Operation
BRKCOL-2020 39
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Server OS Admin CLI commands :
To enable IPv6 :
“set network ipv6 service enable”
To set a static IPv6 server address :
"set network ipv6 static_address <addr> <mask>"
Using the DHCPv6 client is not recommended.
To view IPv6 address settings :
“show network ipv6 settings”
Server Ethernet Port - IPv6 Address ConfigurationTo allow IPv6 based call processing – IPv6 must first be enabled throughout the cluster.
This involves two steps:1) Configuring IPv6 via the OS CLI, or CUCM OS GUI on each server in the cluster (below)2) Configuring IPv6 via the CUCM GUI Server Configuration
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
CUCM Service - IPv6 Address Configuration
For the CUCM service
Configure an IPv6 address or nameIf a name is used, DNSv6 is required
This name / IPv6 address is used by the TFTP server in the configuration files that are sent to devices. The address is used by these devices for CUCM registration.
ICCS
TFTP
TFTP
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
CUCM Enterprise Parameters for IPv6Enable IPv6 Cluster-wide via CUCM GUIConfigure Cluster-wide:
IP Addressing Mode Preference for MediaIP Addressing Mode Preference for SignallingIPv6 for Phones
Signalling Preference and Phone Configuration settings are also configurable at the device level – Device setting takes precedence
BRKCOL-2020 42
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – CUCM Common Device Configuration
SIP Trunks
The Common Device Configuration is a configuration template that can be applied to Phones and Trunks.
For IPv6 capable devices the following values can be configured :
IP Addressing Mode: IPv4 Only - Device uses one IPv4 address onlyIPv6 Only - Device uses one IPv6 address onlyIPv4 and IPv6 - Device uses one IPv4 address & one IPv6 address
IP Addressing Mode Preference for Signalling: IPv4 only IPv6 only System Default
IPv6 Configuration For Phones :On/ Off/ Default
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 Addressing summaryIPv6 and UC Networks summaryIPv6 Addressing and Cisco devicesDHCP and DNS for IPv6IPv6 Campus and WAN Deployment OptionsIPv6 UC Configuration CUCM IPv6 Device Configuration Parameters and Media HandlingOther IPv6 Design ConsiderationsIPv6 UC Deployment GuidelinesSummary
Agenda
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv4 and IPv6 – Icons and Terminology
IPv4 Only
Device communicates with and understands IPv4 addresses only
IPv6 Only
Device communicates with and understands IPv6 addresses only
Dual Stack (IPv4 and IPv6) with ANAT
This device communicates with and understands both IPv4 and IPv6 addressesand can also negotiate the use of either IPv4 or IPv6 for media
IPv6 Aware
Device communicates with IPv4 addresses, but can receive and understand IPv6addresses embedded in Application PDUs – Typically used by applications whichuse IPv4 to transport IPv6 information
v4 v6
v6v4
v4
v6
BRKCOL-2020 45
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv4 and IPv6 Product Support UC11.X - Summary (1 of 2)
• Call ControlCUCM 7.1(2)+ IM & P Services 10.5(1) – External Connections only e.g. federationCUBE 12.4(22)T+CUCME 8.0+
• Cisco IP Phones
7906G, 7911G, 7931G, 7941G, 7941GE, 7942G, 7945G, 7961G, 7961GE, 7962G, 7965G, 7970G, 7971G-GE, 7975G
6901, 6911, 6921, 6922, 6941, 6942, 6945, 6946, 6961, 6962
3905, 7821, 7841, 7845, 7861, 8961, 9951, 9971
SIP based Cisco Telepresence Endpoints:
C20, C40, C60, C90, MX Series, DX Series, EX Series, SX20, SX60
v6v4v4 v6
v6v4v4 v6
BRKCOL-2020 46
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Gateways
IOS SIP Gateways – ISR G2 , ASR
SCCP/SIP Analogue Gateways – VG Gateway platforms
SCCP FXS ports on ISR G2 routers
IOS software and harwdare MTPs for IPv4 - IPv6 RTP Media conversion
CUBE IPv4 to IPv6 voice interworking
• CUCM SIP Trunks
IPv4/IPv6 signalling, ANAT for Dual stack media negotiation
• Applications
Unity Connection – IPv4, IPv4/IPv6 ANAT
Cisco WebEx Meeting Server – IPv4, IPv4/IPv6 ANAT for Web/Audio connections only.
Cisco Prime Collaboration Suite – IPv4, IPv6 Aware
Cisco Meeting Server - IPv4, IPv6
Cisco Telepresence Server - IPv4, IPv4/IPv6 ANAT; Cisco TP Conductor – IPv4
IPv4 and IPv6 Product Support UC11.X - Summary (2 of 2)v6v4v4 v6
v6v4v4 v6
v6v4v4 v6
BRKCOL-2020 47
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – CUCM Phone Signaling and Addressing OptionsIPv4 Signalling
IPv4 Media
IPv6 Signalling
IPv6 MediaSCCP Phones7906G, 7911G, 7931G7941G, 7941GE, 7942G, 7945G, 7961G, 7961GE, 7962G, 7965G, 7970G, 7971G-GE, 7975G6901, 6911, 69216941, 6945, 6961
SIP Phones9951, 9971, 8961, 7821, 7841, 7845 , 7861, 6922, 6942, 6946, 6962, 3905
Telepresence Endpoints:C20, C40, C60, C90, MX Series, DX Series, EX Series, SX20, SX60
IP Addressing Mode: (For Media and Signalling)Phone uses one IPv4 address onlyPhone uses one IPv6 address onlyPhone uses one IPv4 address and one IPv6 address
IP Addressing Mode Preference for SignallingIPv4 only/ IPv6 only/ System Default
IPv6 for Phones - On/ Off/ Default
v6v4
v4
v6
v6v4
v6v4
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – CUCM Phone Signaling and Media Options
IPv6 is supported by the following Cisco Phones :
SCCP Phones7906G, 7911G, 7931G7941G, 7941GE, 7942G, 7945G, 7961G, 7961GE, 7962G, 7965G, 7970G, 7971G-GE, 7975G6901, 6911, 69216941, 6945, 6961
SIP Phones9951, 9971, 8961, 7821, 7841, 7845 , 7861, 6922, 6942, 6946, 6962, 3905
Telepresence Endpoints:C20, C40, C60, C90, MX Series, DX Series, EX Series, SX20, SX60
Dual Stack Phones use the Cluster-wide “IP Addressing mode for Media Preference” to select addressing mode (IPv4 or IPv6) for media between phones.
For IP Addressing Mode mis-matches between Phones - CUCM inserts an MTP for IPv4 IPv6 conversion
v4v6
v6v4
v6v4
v4 v6
v6v4
v6v4v6v4
IPv4
IPv6
Signalling
Signalling
IPv4
IPv6
Media
Media
MTP
v6v4
MTP
v6v4
BRKCOL-2020 49
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 and CUCM Video CallsWith UC 10.0+ it is recommended that all Voice, Video and Telepresence endpoints are registered to CUCM. CUCM supports Video over IPv6 with UC 10.0Video Calls can generate multiple media streams e.g. audio, main video, desktop sharing, far end camera control…If an MTP is inserted into the call path – up to 16 media channels can be supported for a single call (IOS release 15.3(2)T +)
SIP Trunk
Audio
Main Video
Slide Video
Binary Floor Control
Far End Camera Control v6v4v6v4
BRKCOL-2020 50
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – IP Phones - Other Signaling Options
For IPv4 only CUCM and Phone deployments IPv4 is used in CDP/LLDP and for TFTP and HTTP services
Phones use IP to interact with other CUCM services and network based services:
Phone IP addresses are sent to access switches in CDP/ LLDPPhones use IP to contact their TFTP serverPhones use HTTP for Phones Services, Extension Mobility, Directory Look Ups etc
PUB
TFTP
CDP/LLDP
HTTP
TFTP
v4
v4
v4
v4
v4
BRKCOL-2020 51
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
PUB
TFTP
CDP/LLDP
HTTP
TFTP
IPv6 – IP Phones - Other Signaling OptionsPhones use IP to interact with other CUCM services and network based services:
Phone IP addresses are sent to access switches in CDP/ LLDPPhones use IP to contact their TFTP serverPhones use HTTP for Phones Services, Extension Mobility, Directory Look Ups etc
For Dual Stack CUCM and Phone deployments IPv4 and IPv6 addresses are transported in CDP/LLDPTFTP can use IPv4 and/or IPv6HTTP services use IPv4 only
v6v4
v6v4
v6v4
v6v4
v4
BRKCOL-2020 52
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – CUCM Phones - Other Signaling OptionsPhones use IP to interact with other CUCM services and network based services:
Phone IP addresses are sent to access switches in CDP/ LLDPPhones use IP to contact their TFTP serverPhones use HTTP for Phones Services, Extension Mobility, Directory Look Ups etc
IPv6 only HTTP and CDP/LLDP services will be introduced in a later Phase of IPv6 development
For IPv6 only CUCM and Phone deployments IPv6 addresses are transported in CDP/LLDP (Layer 2)TFTP can use IPv6No HTTP services are supported in IPv6
PUB
TFTP
CDP/LLDP
TFTP
v6v4
v6v4
v6
v6
BRKCOL-2020 53
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – VG Analogue Gateways and IOS FXS Analogue Ports
VG Analogue Gateways and IOS FXS ports can use MGCP or SCCP to register analog FXS ports (as Phones) with CUCMIf Analogue Gateways use SIP – Phones connect to CUCM via a SIP Trunk and support fewer features
IPv4
IPv6
Signalling
Signalling
IPv4
IPv6
Media
Media
Analog Phones
Analog Phones
VG224
VG Gateway
IOS Gateway
v6v4
v6v4
v6v4
v6v4
v6
BRKCOL-2020 54
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – CUCM SIP Gateways and SIP TrunksSignaling and Addressing Options
SIP Signalling
SIP based CUCM Trunks support IPv6
SIP based IOS Gateways support IPv6
IP Addressing Mode: (For Media and Signalling)Phone uses one IPv4 address onlyPhone uses one IPv6 address onlyPhone uses one IPv4 address and one IPv6 address - Recommended
IP Addressing Mode Preference for Signalling (outbound) IPv4 only/ IPv6 only/ System Default
Allow Auto-Configuration for Phones etc – N/A
v6v4
v6v4
v6v4
v6
v4
IPv4
IPv6
Signalling
Signalling
IPv4
IPv6
Media
Media
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – CUCM SIP Gateways and TrunksSignaling and Media Options
SCCP Signalling
IPv4
IPv6
Signalling
Signalling
IPv4
IPv6
Media
Media
Dual Stack SIP Gateways and Phones use the Cluster-wide “IP Addressing mode for Media Preference” to select addressing mode (IPv4 or IPv6) for media between phones.
For Media addressing mis-matches CUCM inserts an MTP for IPv4
IPv6 conversion
SIP Signalling
v6v4
v6v4
v6v4
v6
v4 v6
v4
v6v4
v6v4
PSTN
MTP
v6v4
MTP
v6v4
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
What is ANAT ?
Alternative Network Address TypeMedia lines in the Session Description Protocol (SDP) body are grouped using ANAT semantics to provide alternative types of network addresses to establish a particular media stream
The entity creating an SDP body with an ANAT group MUST be ready to receive (or send) media over any of the grouped 'm' lines
The identifiers of the media streams MUST be listed in order of preference in the group line
UC Manager supports Dual-Stack SIP devices using ANAT semantics
BRKCOL-2020 58
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
ANAT Attributes in Session Description Protocol (SDP)
Mid (Media Stream Identification) Uniquely identifies each media stream “m line” within the SDP body. Particularly useful when multiple media streams are present.
Group Used for grouping together different media streams. In ANAT context, used to group together identical media streams that use different address types. Specifies the address preference between the two alternate address types. All the "m" lines of a session description must be associated with a MID value to be considered for grouping.
BRKCOL-2020 59
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – SIP Gateways and Trunks –Alternative Network Address Types (ANAT) RFC 4091 & 4092
ANAT allows both IPv4 and IPv6 addresses to be exchanged in the SIP Offer and SIP AnswerDepending on which SIP header “sdp-anat” value is sent indicates whether ANAT is Required or Supported
The SDP body of the SIP Offer can contain both an IPv4 and IPv6 address – preference is indicated in the a=group:ANATfield (using the a=mid: values associated with each address)
The SDP body of the SIP Answer can contain both an IPv4 and IPv6 address – the selected address is indicated in the a=group:ANAT field (using the a=mid: values associated with each address). The UDP port number of the non-preferred IP address is set to 0
ACK with SDP (ANSWER)a=group:ANAT 2 m=audio 0 RTP/AVP 0c=IN IP4 10.10.1.1a=mid:1m=audio 10442 RTP/AVP 0c=IN IP6 2001:0db8:aaaa::0987:65ff:fe01:234ba=mid:2
200 (OK) with SDP (OFFER)a=group:ANAT 2 1m=audio 18356 RTP/AVP 0c=IN IP4 192.0.2.1a=mid:1m=audio 16462 RTP/AVP 0c=IN IP6 2001:0db8 bbbb::0123:45ff:fe32:191da=mid:2
v6v4
v6v4
SIP INVITE w/o SDP (Delayed Offer) – Supported : sdp-anat
v6v4
BRKCOL-2020 60
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Voice and Video Call - Offer SDP with ANAT groupa=group:ANAT 1 2 Audio streamsa=group:ANAT 3 4 Video Streams
m=audio 21762 RTP/AVP 8c=IN IP6 2001:db8:123:1:ee44:76ff:fe1f:7f5ca=rtpmap:9 PCMA/8000a=mid:1 Audio stream with IPv6 Preference
m=audio 28512 RTP/AVP 8c=IN IP4 10.104.150.6a=rtpmap:8 PCMA/8000a=mid:2 Audio stream with IPv4 Preference
m=video 19696 RTP/AVP 98c=IN IP6 2001:db8:123:1:ee44:76ff:fe1f:7f5cb=TIAS:1000000a=rtpmap:126 H264/90000a=mid:3 Video stream with IPv6 Preference
m=video 31470 RTP/AVP 98c=IN IP4 10.104.150.6b=TIAS:1000000a=rtpmap:97 H264/90000a=mid:4 Video stream with IPv4 Preference
BRKCOL-2020 61
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Voice and Video Call - Answer SDP with ANAT group
a=group:ANAT 1 Audio Stream with IPv6 addressa=group:ANAT 3 Video Stream with IPv6 address
m=audio 28354 RTP/AVP 8c=IN IP6 2001:db8:123:1:128c:cfff:fe75:8208a=rtpmap:9 PCMA/8000a=mid:1
m=audio 0 RTP/AVP 8c=IN IP4 0.0.0.0a=rtpmap:8 PCMA/8000a=mid:2
m=video 28512 RTP/AVP 98c=IN IP6 2001:db8:123:1:128c:cfff:fe75:8208b=TIAS:320000a=rtpmap:126 H264/90000a=mid:3
m=video 0 RTP/AVP 98c=IN IP4 0.0.0.0a=rtpmap:97 H264/90000a=mid:4
BRKCOL-2020 62
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – SIP Gateways and Trunks –Alternative Network Address Types (ANAT) – Media Mismatch
• If Early Offer is configured : “sdp-anat” is sent in the “Require :” SIP Header• If Delayed Offer is configured : “sdp-anat” is sent in the “Supported :” SIP Header
• If “sdp-anat” sent in :“Require header” – far end must send both IPv4 and IPv6 addresses (MTPs are likely to be required)“Supported header” – far end should send both IPv4 and IPv6 addresses (MTPs may be required)
• For Delayed Offer - If a media mismatch occurs CUCM will insert an MTP to convert from IPv4 – IPv6
ACK with SDP (ANSWER)m=audio 64244 RTP/AVP 0c=IN IP4 10.199.199.10
200 (OK) with SDP (OFFER)m=audio 18356 RTP/AVP 0c=IN IP4 192.0.2.1
v6v4SIP INVITE w/o SDP (Delayed Offer) – Supported : sdp-anat
v6
v4
MTP
v6v4
BRKCOL-2020 63
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 SIP Trunks – Configuring IPv6 and ANAT
SIP INVITE w/o SDP (Delayed Offer) – Supported : sdp-anat
200 (OK) with SDPm=audio 18356 RTP/AVP 0c=IN IP4 192.0.2.1m=audio 16462 RTP/AVP 0c=IN IP6 20010db8:aaaa::0987:65ff:fe01:234b
v6v4 v6v4
ACK with SDPm=audio 18356 RTP/AVP 0c=IN IP4 192.168.1.1
v6v4v4
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Common Device Configuration –Applies Addressing Mode and Signalling preference settings
Recommended Addressing Mode : IPv4 and IPv6 Recommended Trunk ConfigurationSIP Delayed Offer with ANAT for Voice & Video
IPv6 – CUCM SIP Trunk Configuration
IPv4 or IPv6 Destination Addresses
If IPv6 Destination Address is an SRV –Cluster wide DNSv6 address must be configured
SIP Profile – Applies ANAT setting
SIP Trunk with ANAT
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
CUCM SIP Trunks - Voice & Video IPv6 RecommendationsIPv4 Only SIP Trunk – Standard Configuration
IPv6 Only SIP TrunkAddressing Mode - IPv6 OnlySignalling Mode Preference – IPv6No ANATIPv6 Trunk destination address or server name (for signalling)SIP Delayed Offer only for Voice and Video calls
Dual Stack SIP Trunk with ANATAddressing Mode - IPv4 and IPv6Signalling Mode Preference – IPv4 or IPv6ANAT EnabledIPv4 or IPv6 Trunk destination address or server nameSIP Delayed Offer only for Voice and Video calls
In all cases - Determine the far end Trunk device’s capabilities :e.g. IOS Gateways : Always send SIP Early Offer - Can accept SIP Early and Delayed Offer calls. (Once the IOS SIP stack is configured as Dual Stack - ANAT is automatically enabled)
IOS IPv6 VOIP implementation Guide at http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6/configuration/15-2mt/ipv6-15-2mt-book/ip6-voip.html
BRKCOL-2020 67
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – CUCM Dual Stack SIP Trunks – Delayed and Early Offer supportVoice and Video Deployment Scenarios and Operation
For CUCM SIP Trunks • You must use Delayed Offer on SIP Trunks for Voice and Video calls•“SIP EO for voice and video - Mandatory (insert MTP if needed)” does not support IPv6•“SIP EO for voice and video - Best Effort (No MTP inserted)” does not support IPv6• If “MTP Required” is used for Early Offer – Only Voice calls are supported
SIP Trunk Configuration Options•Dual Stack SIP Trunk - Delayed Offer – Voice and Video•Dual Stack SIP Trunk - Early Offer – MTP Required – Voice Only
• If Early Offer is configured : “sdp-anat” is sent in the “Require :” SIP Header• If Delayed Offer is configured : “sdp-anat” is sent in the “Supported :” SIP Header
• If “sdp-anat” sent in :•“Require Header” – far end must send both IPv4 and IPv6 addresses (MTPs may be required)• “Supported Hedaer ” – far end should send both IPv4 and IPv6 addresses (MTPs not required)
BRKCOL-2020 68
IPv6 Addressing summaryIPv6 and UC Networks summaryIPv6 Addressing and Cisco devicesDHCP and DNS for IPv6IPv6 Campus and WAN Deployment OptionsIPv6 UC Configuration CUCM IPv6 Device Configuration Parameters and Media HandlingOther IPv6 Design ConsiderationsIPv6 UC Deployment GuidelinesSummary
Agenda
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – Media Termination Points (MTPs) For Media IP Address Translation IPv4 IPv6
Supported MTPs for IP Address TranslationIOS H/W MTPs (NM-HDV2 with PVDM2, PVDM DSPs) and IOS S/W MTPs support
IPv4 IPv6 Media Translation for devices with mis-matched media address settings – MTPs use the pass-through codec -Encrypted media also supported
SRTP SRTP
v6
v4 v6
v4
v6 v4
SIP Trunk
Audio
Main Video
Slide Video
Binary Floor Control
Far End Camera Control
v6v4v6v4
With IOS release 15.3(2)T – Media Termination Points support up to 16 media channels per call
MTP
v6v4
MTP
v6v4
MTP
v6v4
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Effect of IPv6 Enterprise Parameter Settings on MTP Selection
Cluster-wide Addressing Mode Preference for Media value = IPv4
Cluster-wide Addressing Mode Preference for Media value = IPv6
Cluster-wide Addressing Mode Preference for Media value = IPv6
v6v4
v6v4
v6v4
v6
v4
v6v4
v6
v4
v6v4
MTP
v6v4
MTP
v6v4
BRKCOL-2020 71
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 – Media Stream Services, Transcoding and IOS based Audio Conferencing
CUCM IP Voice Media Streaming Service (IPVMS) Supports IPv4 and IPv6 Unicast MOH IPv6 Multicast MOH is not supported
CUCM IPVMSSupports IPv4 and IPv6 Annunciator
Audio Conferencing resources IOS conf supports IPv4 media streams onlyMTP inserted to convert from IPv6 to IPv4CUCM conf supports IPv4 and IPv6
IOS based Audio Transcoding resources Supports IPv4 & IPv6 media streams
MOH
v6v4
v6
v4
ANN
v6v4
v6
v4
v6 v4
v6
v4
v4
MTP
v6v4
XCODE
v6v4
CONF
v6v4
BRKCOL-2020 72
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 UC – Encrypted Signaling and Media
• CUCM supports Encrypted calls between IP Phones, Gateways and over CUCM Trunks.
• IPv6 capable IP Phones, SIP Trunks SIP/SCCP Gateways and use TLS and SRTP
• MTPs can be dynamically inserted for IPv4 <-> IPv6 conversion of encrypted voice media. MTPs use the pass-through codec to transparently pass SRTP streams.
SRTP SRTP
SRTP
SRTP
SRTP
TLS TLS
v6v4
v6 v4
v6v4
v6v4
v6v4
v6
v6v4
v4
MTP
v6v4
BRKCOL-2020 73
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
MGCP / H323Gateways
Cisco Expressway C/E
CUCME (SCCP Phones Only)
SRST
CUBE / SIP Gateways
Newer SCCP based Phones
Newer SIP based Phones
SIP Trunks
IPv4/IPv6 IPv4 Only
H323 ICT Trunks
Older SCCP based Phones
Jabber Mobile Clients
Soft Phones
SIP TelePresence
Endpoints
v4
v4
v4 v4
v4v4
v4
VG Analogue Gateways
ISR Analogue Ports
Older SIP based Phones
v4v6v4
v6v4
v6v4 v6v4
v6v4
v6v4 v6v4
v4 v6
v6v4
IPv6 – CUCM Dual Stack Deployments - Devices
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
MGCP / H323Gateways
Cisco Expressway C/E
CUCME (SCCP Phones Only)
SRST
CUBE / SIP Gateways
Newer SCCP based Phones
Newer SIP based Phones
SIP Trunks
IPv4/IPv6 IPv4 Only
H323 ICT Trunks
Jabber Mobile Clients
Soft Phones
SIP TelePresence
Endpoints
v4
v4
v4 v4
v4v4
v4
v4v6v4
v6v4
v6v4 v6v4
v6v4
v6v4 v6v4
v4 v6
v6v4
IPv6 – CUCM Dual Stack Deployments - Devices
For Dual Stack deployments MTPs are not required as CUCM will select the common addressing type for mediai.e. IPv4
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Unity Connection
IOS based DHCP/ DNS
Cisco Prime Collaboration Suite
Cisco Emergency Responder
Cisco Webex Meeting Server
Newer SCCP based Phones
Newer SIP based Phones
SIP Trunks
IPv4/IPv6 IPv4 Only
H323 ICT Trunks
Unified Contact
Centre
Cisco Meetings
Server
Telepresence Server
TelePresence Endpoints
v4
v4
v4
IM&P
Directory
Unity Express
v4
v4 v6v4
v6v4
v4
v6v4
v6v4
v4
v4 v6
v6v4
v6v4
v6v4 v6v4
v4 v6
IPv6 – Dual Stack Deployments - Applications
v6
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Unity Connection
IOS based DHCP/ DNS
Cisco Prime Collaboration Suite
Cisco Emergency Responder
Cisco Webex Meeting Server
Newer SCCP based Phones
Newer SIP based Phones
SIP Trunks
IPv4/IPv6 IPv4 Only
H323 ICT Trunks
Telepresence Server
TelePresence Endpoints
v4
v4
v4v4
v4 v6v4
v6v4
v4
v6v4
v6v4
v4
v4 v6
v6v4
v6v4
v6v4 v6v4
v4 v6
IPv6 – Dual Stack Deployments - Applications
Cisco Meetings
Serverv6
For Dual Stack deployments MTPs are not required as CUCM will select the common addressing type for mediai.e. IPv4
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv4 & IPv6 WAN
IPv6 – CUCM Deployment Models and Call Admission Control
Supported Dual Stack Deployment Models
• Single Site Call Processing
• Multiple Site Distributed Call Processing
• Multiple Site Centralized Call Processing
• SRST Supports IPv4 only today – Dual Stack Phones fail-over to IPv4 for SRST
Call Admission Control (CAC)
• Use CUCM Locations based CAC
• CUCM Locations based CAC accounts for IPv6 bandwidth overhead (20 additional bytes per packet )
• No Support for RSVP CAC today
SIP Trunk
v6v4v6v4
BRKCOL-2020 78
IPv6 Addressing summaryIPv6 and UC Networks summaryIPv6 Addressing and Cisco devicesDHCP and DNS for IPv6IPv6 Campus and WAN Deployment OptionsIPv6 UC Configuration CUCM IPv6 Device Configuration Parameters and Media HandlingOther IPv6 Design ConsiderationsIPv6 UC Deployment GuidelinesSummary
Agenda
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 Deployment Options – Separate Dual Stack Cluster
• Single Site Deployment Model for dual stack deployment• Separate Dual Stack CUCM cluster connected to production IPv4 only cluster• IPv4 WAN between clusters• IPv4 Trunk between clusters• In the Dual Stack cluster - IPv4 or Dual Stack for Phones and Gateways• Dual Stack IP Phones – Addressing Mode set to IPv4 and IPv6• Signaling Preference IPv6• Cluster-wide Media preference (IPv6)
v4v4 v6
IPv4WAN
PSTN
v4
v6v4
v4
v4
v4
v4v6v4
v6v4
BRKCOL-2020 80
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 Deployment Options – Centralized Call Processing
• Multiple Site Centralized Call Processing• Single Dual Stack CUCM cluster with multiple dual stack remote sites• Dual Stack WAN• IPv4 or Dual Stack Phones and Gateways• Dual Stack IP Phones – Addressing Mode set to IPv4 and IPv6• Signaling Preference IPv6, Cluster-wide Media preference (IPv6)• Locations based Call Admission Control• IPv6 voice and video support• Note – SRST supports IPv4 only – Dual stack Phones revert IPv4 in SRST mode
v4 v6v4 v6
IPv4 & IPv6WAN
PSTN
v4
v6v4
v6v4
v6v4
v6v4
v6v4
v6v4
v4
v6v4
v6v4
SRST
BRKCOL-2020 81
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 Deployment Options – Multiple Dual Stack Clusters
• Multi Site Distributed Call Processing Deployment Model• Multiple Dual Stack CUCM clusters connected via a Dual Stack WAN• IPv4 or Dual Stack Phones and Gateways• IPv4 and IPv6 WAN between clusters• Dual Stack IP Phones – Addressing Mode set to IPv4 and IPv6• Inter Cluster SIP trunks – Dual stack, Delayed Offer, ANAT Enabled• Signaling Preference IPv6, Cluster-wide Media preference set to IPv6• Locations based Call Admission Control• IPv6 voice and video supported
v4 v6
PSTN
v4
v6v4
v6v4
v6v4
v6v4
v4 v6v6v4
v6v4
v4
v6v4
v6v4
IPv4 & IPv6WAN
BRKCOL-2020 82
IPv6 Addressing summaryIPv6 and UC Networks summaryIPv6 Addressing and Cisco devicesDHCP and DNS for IPv6IPv6 Campus and WAN Deployment OptionsIPv6 UC Configuration CUCM IPv6 Device Configuration Parameters and Media HandlingOther IPv6 Design ConsiderationsIPv6 UC Deployment GuidelinesSummary
Agenda
• Demand for IPv6 only UC networks is increasing…
• Today – Dual Stack is your best approach for Cisco Collaboration
• CTG are planning to deliver broader “IPv6 only” support across our collaboration products this year
Summary
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Recommended Reading
• Collaboration SRND
• http://www.cisco.com/c/en/us/solutions/enterprise/unified-communication-system/index.html
• IPv6 for UC Whitepaper
• http://www.cisco.com/c/en/us/solutions/enterprise/ipv6-collaboration/index.html
• Cisco Press Books
• “Deploying IPv6 Networks”
• “Cisco Self Study – Implementing Cisco IPv6 Networks”
• “IPv6 Security” - Scott Hogg, Eric Vyncke
BRKCOL-2020 85
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Complete Your Online Session Evaluation
Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at CiscoLive.com/Online
• Please complete your Online Session Evaluations after each session
• Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt
• All surveys can be completed via the Cisco Live Mobile App or the Communication Stations
BRKCOL-2020 86
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Call to Action: Learning more about IPv6
Lunch and Learn:
• IPv6 in the Enterprise: Tue 13:00
• All Things IPv6: Wed 13:00
Experiment with IPv6-only WiFi:
SSID: CL-NAT64
WPA passphrase: cl-nat64
SLAAC + stateless DHCP
NAT64 included to access legacy
Ask all World of Solutions exhibitors fortheir IPv6 support
DevNet Zone: IPv6 Content Networking
+ ask other demos
LTRSEC-3004 Advanced IOS IPSec VPN with FlexVPN hands-on Lab Tue 09:00:00
BRKIP6-2616 Addressing Networking challenges with latest Innovations in IPv6 Tue 11:15:00
BRKRST-2337 OSPF Deployment in Modern Networks Tue 11:15:00
BRKEWN-2010 Design and Deployment of Enterprise WLANs Tue 14:15:00
BRKSEC-2501 Deploying AnyConnect SSL VPN with ASA5500 Tue 14:15:00
LTRRST-2005 Introductory - LISP Cloud extension, VPN and DC Mobility Tue 14:15:00
BRKRST-2116 Intermediate - IPv6 from Intro to Intermediate Tue 14:15:00
BRKRST-2022 IPv6 Routing Protocols Update Tue 16:45:00
BRKSPG-2061 IPv6 Deployment Best Practices for the Cable Access Network Wed 09:00:00
BRKRST-3045 LISP - A Next Generation Networking Architecture Wed 09:00:00
LABSPG-7122 Advanced IPv6 Routing and services lab Wed 09:00:00
BRKSEC-3200 Advanced IPv6 Security Threats and Mitigation Wed 11:30:00
BRKIPM-2239 Multicast and Segment Routing Wed 14:30:00
BRKIP6-2002 IPv6 for the World of IoT Wed 16:30:00
LABIPM-2007 Intermediate - IPv6 Hands on Lab Thu 09:00:00
BRKSEC-3003 Advanced IPv6 Security in the LAN Thu 11:30:00
BRKRST-2336 EIGRP Deployment in Modern Networks Thu 11:30:00
LABSPG-7122 Advanced IPv6 Routing and services lab Thu 14:00:00
BRKRST-2045 BGP operational security best practices Thu 14:30:00
BRKCOL-2020 IPv6 in Enterprise Unified Communications Networks Thu 14:30:00
LABIPM-2007 Intermediate - IPv6 Hands on Lab Fri 09:00:00
BRKRST-2301 Intermediate - Enterprise IPv6 Deployment Fri 09:00:00
BRKSPG-2602 IPv4 Exhaustion: NAT and Transition to IPv6 for Service Providers Fri 11:30:00
BRKCOL-2020 87
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Lunch & Learn
• Meet the Engineer 1:1 meetings
• Related sessions
BRKCOL-2020 88
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 94BRKCOL-2020
Drivers for Jabber IPv6 Only developmentAnnouncment by Apple of IPv6 Only support
https://developer.apple.com/news/?id=08282015a
“Supporting IPv6 in iOS 9
August 28, 2015
At WWDC 2015 we announced that iOS 9 will support IPv6-only network services. All apps submitted to the App Store must support IPv6 starting in early 2016. To make sure your app is compatible, use the networking frameworks (e.g., “NSURLSession”), avoid use of IPv4-specific APIs, and avoid hard-coded IP addresses. Before submitting your app, test for compatibility.”
Jabber platforms supporting IPv6 Only :
Desktop : Windows, Mac
Mobile : iOS, Android, Windows
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Expressway C
IPv4 Jabber - Expressway behaviour – Initial connection
Expressway E
DNS
ACME.COM
200.100.1.110.10.1.1
DNS Record Type Entry Resolves To
SRV Record _collab-edge._tls.acme.com Expressway E.acme.com
A Record Expressway E.acme.com 200.100.1.1
SRV Query _collab-edge._tls.acme.com
Expressway E.acme.com
A Query Expressway E.acme.com
200.100.1.1
140.160.80.1Establish TLS connection Src 140.160.80.1 Dst 200.100.1.1
Src 200.100.1.1Dst 10.10.1.1
Src 10.10.1.1Dst 10.10.1.100
CUCM
10.10.1.100
95BRKCOL-2020
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Expressway C
IPv6 Jabber - Expressway behaviour – DNS64
Expressway E
ACME.COM
200.100.1.110.10.1.1 2001:0ABC::0A:0B:0C:01
Src 200.100.1.1Dst 10.10.1.1
Src 10.10.1.1Dst 10.10.1.100
CUCM
10.10.1.100
DNS64
DNS Record Type Entry Resolves To
SRV Record _collab-edge._tls.acme.com Expressway E.acme.com
AAAA Record Expressway E.acme.com NULL
A Record Expressway E.acme.com 200.100.1.1
DNS
AAAA Query Expressway E.acme.com
64:FF9B::200.100.1.1
NULL
A Expressway E.acme.com
200.100.1.1
AAAA Expressway E.acme.com
Synthesize IPv6 Address
IANA Well Known Prefix64:FF9B::/96
DNS64 uses the IANA assigned Well Know Prefix 64:FF9B::/96 to
synthesize an IPv6 address from an IPv4 address.
The last 32 bits of the IPv6 address use the IPv4 address values to create
the IPv6 Host ID in Hex (Hex values not shown for simplicity)
BRKCOL-2020 96
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Expressway C
IPv6 Jabber - Expressway behaviour – NAT64
Expressway E
ACME.COM
200.100.1.110.10.1.1 2001:0ABC::0A:0B:0C:01
Src 200.100.1.1Dst 10.10.1.1
Src 10.10.1.1Dst 10.10.1.100
CUCM
10.10.1.100
Src 2001:0ABC::0A:0B:0C:01 Dst 64:FF9B::200.100.1.1
X
BRKCOL-2020 97
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Expressway C
IPv6 Jabber - Expressway behaviour – NAT64
Expressway E
ACME.COM
200.100.1.110.10.1.1 2001:0ABC::0A:0B:0C:01
Src 200.100.1.1Dst 10.10.1.1
Src 10.10.1.1Dst 10.10.1.100
CUCM
10.10.1.100
Src 2001:0ABC::0A:0B:0C:01 Dst 64:FF9B::200.100.1.1
NAT64
Src 110.101.11.10Dst 200.100.1.1
Advertise
Well Known Prefix
64:FF9B::/96
NAT64 router advertises Well Known Prefix 64:FF9B::/96
Uses Stateful NAT64 (Similar to PAT)
NAT64 does not translate embedded/ literal IP addresses e.g. In SIP headers,
SDP etc (NAT64 is not an ALG and in any case cannot decrypt TLS signalling)
IPv4 Address
110.101.11.10
BRKCOL-2020 98
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Expressway C
IPv6 Jabber - Expressway behaviour – IPv6 in SDP
Expressway E
ACME.COM
200.100.1.110.10.1.1 2001:0ABC::0A:0B:0C:01
Src 200.100.1.1Dst 10.10.1.1SIP headers 200.100.1.1SDP 200.100.1.1
Src 10.10.1.1Dst 10.10.1.100SIP headers 10.10.1.1SDP 10.10.1.1
CUCM
10.10.1.100
Src 2001:0ABC::0A:0B:0C:01 Dst 64:FF9B::200.100.1.1SIP headers 2001:0ABC::0A:0B:0C:01 SDP 2001:0ABC::0A:0B:0C:01
NAT64
Src 110.101.11.10Dst 200.100.1.1SIP headers 2001:0ABC::0A:0B:0C:01 SDP 2001:0ABC::0A:0B:0C:01
NAT64 does not translate embedded/ literal IP addresses in
SIP headers and SDP
Expressway E and C as B2BUAs, decrypt TLS signalling
and replace embedded IPv6 addresses with their IPv4
address
If an MTP is not inserted, CUCM does not modify the IP
addresses sent in SDP as part of the Offer and Answer for
media negotiation
BRKCOL-2020 99
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Expressway C 1
IPv6 Jabber - Expressway behaviour – IPv6 in SDP
Expressway E 1
200.100.1.110.10.1.1 2001:0ABC::0A:0B:0C:01
Src 200.100.1.1Dst 10.10.1.1SIP headers 200.100.1.1SDP 200.100.1.1
Src 10.10.1.1Dst 10.10.1.100SIP headers 10.10.1.1SDP 10.10.1.1
10.10.1.100
Src 2001:0ABC::0A:0B:0C:01 Dst 64:FF9B::200.100.1.1SIP headers 2001:0ABC::0A:0B:0C:01 SDP 2001:0ABC::0A:0B:0C:01
NAT64
Src 110.101.11.10Dst 200.100.1.1SIP headers 2001:0ABC::0A:0B:0C:01 SDP 2001:0ABC::0A:0B:0C:01
Expressway C 2 Expressway E 2
200.200.3.320.20.2.2 2001:FDFD::D0:E0:F0:01AB
CUCM 2
CUCM 1
20.20.2.200
NAT64
Src 20.20.2.2Dst 200.200.3.3SIP headers 20.20.2.2SDP 20.20.2.2
Src 20.20.2.200Dst 20.20.2.2SIP headers 20.20.2.200SDP 10.10.1.1
Src 64:FF9B::ABCD.22FF.FE11.1234Dst 2001:FDFD::D0:E0:F0:01AB SIP headers 200.200.3.3SDP 200.200.3.3
Src 200.200.3.3Dst 111.111.10.10SIP headers 200.200.3.3SDP 200.200.3.3
64:FF9B::/96110.101.11.10
64:FF9B::ABCD.22FF.FE11.1234111.111.10.10
Dst 64:FF9B::200.200.3.3
RTP
BRKCOL-2020 100
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IPv6 Jabber - Expressway behaviour – IPv6 RTP
Expressway E 1
200.100.1.110.10.1.1 2001:0ABC::0A:0B:0C:0110.10.1.100
NAT64
Expressway C 2 Expressway E 2
200.200.3.3 2001:FDFD::D0:E0:F0:01AB
CUCM 2
CUCM 1
20.20.2.200
NAT64
64:FF9B::EBBE.11FF.FE22.5678110.101.11.10
64:FF9B::ABCD.22FF.FE11.1234111.111.10.10
Src 2001:FDFD::D0:E0:F0:01AB Dst 64:FF9B::200.200.3.3
Src 200.200.3.3Dst 20.20.2.2
Src 111.111.10.10Dst 200.200.3.3
Expressway C 1
20.20.2.2
Src 64:FF9B::EBBE.11FF.FE22.5678Dst 2001:0ABC::0A:0B:0C:01
Src 10.10.1.1Dst 200.100.1.1
Src 200.100.1.1Dst 110.101.11.10
64:FF9B::/96
64:FF9B::/96
Media Flows through Expressway C & E
BRKCOL-2020 101