ipv6. 2 凌群電腦股份有限公司 syscom computer engineering.co agenda ipng protocols &...
TRANSCRIPT
IPv6
2凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Agenda
• IPng Protocols & Standards
• IPv6 Integration & Co-Existence
• Cisco IOS IPv6 roadmap
• IPv6 Deployment
3凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 – So What’s Really Changed?
Version IHL Type of Service Total Length
Identification Flags Fragment Offset
Time to Live Protocol Header Checksum
Source Address
Destination Address
Options Padding
Version Traffic Class Flow Label
Payload Length Next Header Hop Limit
Source Address
Destination Address
• Defined by RFC 2460
• Address length quadrupled to 16 bytes
• Fixed length
–(Optional headers daisy chained)
• No checksumming
–(Done by Link Layer)
• No hop-by-hop segmentation
–(Path MTU discovery)
• Flow label/class
–(Integrated QoS support)
• Concatenated extension headers…
IPv4 Header
IPv6 Header
4凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Main Features/Functionality
• Expanded Address Space
• Header Format Simplification
• Auto-configuration and Multi-Homing
• Mobile IP without triangular routing
• Class of Service/Multimedia support
• Authentication and Privacy Capabilities
• No more broadcast Multicast
• IPv4 IPv6 Transition Strategy
5凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Addressing
• IPv6 Addressing rules are covered by multiples RFC’s
–Architecture defined by RFC 2373
• Address Types are :
–Unicast : One to One (Global, Link local, Site local, Compatible)
–Anycast : One to Nearest (Allocated from Unicast)
–Multicast : One to Many
–Reserved
• A single interface may be assigned multiple IPv6 addresses of any type (unicast, anycast, multicast)
–No Broadcast Address -> Use Multicast
6凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Addressing
• Prefix Format (PF) Allocation–PF = 0000 0000 : Reserved
–PF = 0000 001 : Reserved for OSI NSAP Allocation (see RFC 1888)
–PF = 0000 010 : Was reserved for IPX Allocation (no use)
–PF = 001 : Aggregatable Global Unicast Address
–PF = 1111 1110 10 : Link Local Use Addresses
–PF = 1111 1110 11 : Site Local Use Addresses
–PF = 1111 1111 : Multicast Addresses
–Other values are currently Unassigned (approx. 7/8th of total)
• All Prefix Formats have to have EUI-64 bits Interface ID–But Multicast
7凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Text Representation of IPv6 Addresses
• “preferred” form: 1080:0:FF:0:8:800:200C:417A
• compressed form: FF01:0:0:0:0:0:0:43
becomes FF01::43
• IPv4-compatible:0:0:0:0:0:0:13.1.68.3
or ::13.1.68.3
• RFC 2732: Preferred format for literal IPv6 address in URL
8凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Global Unicast Addresses (RFC 2374)
• Aggregatable Global Unicast Format - RFC2374
• Address hierarchy matches Internet Service Provider hierarchy
• Terminology:
–FP - Format Prefix: Unicast (001), Multicast, Anycast
–TLA - Top Level Aggregator Global ISP
–NLA - Next Level Aggregator ISP
–SLA - Site Level Aggregator “Customer”
–Interface ID - Host
FP TLA ID Reserved NLA ID SLA ID Interface ID
3 bits 64 bits13 bits 8 bits 24 bits 16 bits
9凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
• Link-local addresses for use during auto-configuration and when no routers are present:
• Site-local addresses for independence from changes of TLA / NLA*:
Link-Local & Site-Local Unicast Addresses
1111111010 0 interface ID
1111111010 0 interface IDSLA*
10凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Multicast Addresses (RFC 2375)
• low-order flag indicates permanent / transient group; three other flags reserved
• scope field: 1 - node local2 - link-local5 - site-local8 - organization-localB - community-localE - global(all other values reserved)
4 112 bits8
group IDscopeflags11111111
4
11凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Addressing Examples
• Global unicast address(es) is :
2001:420:101:1::E0:F726:4E58,
subnet is 2001:420:101:1::0/64
• Link-local address is FE80::E0:F726:4E58
• Unspecified Address is 0:0:0:0:0:0:0:0 or ::
• Loopback Address is 0:0:0:0:0:0:0:1 or ::1
• Group Addresses (Multicast), ie: FF02::9 for RIPv6Joined group address(es):FF02:0:0:0:0:1:FF:xxxx (solicited Node Multicast)Unicast : 4037::01:800:200E:8C6C is FF02::1:FF0E:8C6C
12凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
More on IPv6 Addressing
80 bits 32 bits16 bits
IPv4 Address00000000……………………………0000
IPv6 Addresses with Embedded IPv4 AddressesIPv6 Addresses with Embedded IPv4 Addresses
80 bits 32 bits16 bits
IPv4 AddressFFFF0000……………………………0000
IPv4 mapped IPv6 addressIPv4 mapped IPv6 address
13凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
• Bootstrap process - RFC2450
• Definitions:
–TLA - special TLA 0x0001
–subTLA - Top Level Aggregator Transit ISP
–NLA - Next Level Aggregator ISP
–SLA - Site Level Aggregator “Customer”
–Interface ID - Host
IPv6 Addresses Bootstrap Phase
FP subTLA ID NLA ID SLA ID Interface ID
3 bits 64 bits13 bits 19 bits 16 bits13 bits
TLA ID
14凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Addresses Bootstrap Phase
• Minimum assignment to ISP is a /35
• ISP creates own NLA boundary - or -
• ISP assigns /48 SLAs to each customer–16 bits for subnetworks
– 65536 subnetworks per site
–64 bits for hosts
– 18446744073710 million hosts per subnetwork!!
15凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Addresses Bootstrap phase
• subTLA holder ISP allocates SLAs to end-customers
subTLA holder ISP creates its own NLA boundary for customer ISPs
NLA ID SLA ID Interface ID
64 bits35 bits 16 bits
ISP allocated subTLA
13 bits
site addressesISP addresses
NLA1 SLA ID Interface ID
64 bits35 bits 16 bits
ISP allocated subTLA
6 bits
site addresses
7 bits
NLA2
ISPaddr
ISP2addr
16凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Address requirement
• Academic NRN–Internet-II (Abilene, vBNS+), Canarie*3, Renater-II, Surfnet,
DFN, Ukerna, CERNET,… 6REN/6TAP
• Geographies & Politics–Prime Minister of Japan called for IPv6, Korea adopts similar
position
–EEC e-Europe document advertised IPv6 as the way to go for Europe
• Wireless (PDA, 3G Mobile Phone networks, Car,...)–Multiple phases before deployment
–RFP -> Integration -> trial -> commercial
–Requires ‘client devices’, eg. IPv6 handset ?
17凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Address requirement
• Home Networking–Set-top box/Cable/xDSL/Ether@Home
–Residential Voice over IP gateway
• Gaming (10B$ market)–Sony, (Sega), Nintendo, Microsoft
• Consumer PC
• Enterprise–Requires IPv6 support by O.S. & Applications
–SUN Solaris 8, BSD 4.x, Linux, Microsoft Windows XP Pro,...
• Service Providers
–Regional ISP, Carriers, Mobile ISP, and Greenfield ISP’s
18凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Addresses Bootstrap Phase
• Where to get address space?
–Real IPv6 address space now allocated by APNIC, ARIN and RIPE NCC
– APNIC 2001:0200::/23
– ARIN 2001:0400::/23
– RIPE NCC 2001:0600::/23
– 6Bone 3FFE::/16
19凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Address Space Current Allocations
APNIC (whois.apnic.net)
CONNECT-AU-19990916 2001:210::/35 ODN-JPNIC-JP-20000915 2001:278::/35
WIDE-JP-19990813 2001:200::/35 KOLNET-KRNIC-KR-20000927 2001:280::/35
NUS-SG-19990827 2001:208::/35 HANANET-KRNIC-KR-20001030 2001:290::/35
KIX-KR-19991006 2001:220::/35 TANET-TWNIC-TW-20001006 2001:288::/35
ETRI-KRNIC-KR-19991124 2001:230::/35 SONYTELECOM-JPNIC-JP-20001207 2001:298::/35
NTT-JP-19990922 2001:218::/35 TTNET-JPNIC-JP-20001208 2001:2A0::/35
HINET-TW-20000208 2001:238::/35 CCCN-JPNIC-JP-20001228 2001:02A8::/35
IIJ-JPNIC-JP-20000308 2001:240::/35 IMNET-JPNIC-JP-20000314 2001:0248::/35
CERNET-CN-20000426 2001:250::/35 KORNET-KRNIC-KR-20010102 2001:02B0::/35
INFOWEB-JPNIC-JP-2000502 2001:258::/35 NGINET-KRNIC-KR-20010115 2001:02B8::/35
JENS-JP-19991027 2001:228::/35 OMP-JPNIC-JP-20010208 2001:02C8::/35
BIGLOBE-JPNIC-JP-20000719 2001:260::/35 INFOSPHERE-JPNIC-JP-20010207 2001:02C0::/35
6DION-JPNIC-JP-20000829 2001:268::/35 ODN-JPNIC-JP-20000915 2001:278::/35
DACOM-BORANET-20000908 2001:270::/35 ZAMA-AP-20010320 2001:02D0::/35
May 25th, 2001
20凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Address Space Current Allocations
ARIN (whois.arin.net)
ESNET-V6 2001:0400::/35 ABILENE-IPV6 2001:0468::/35
ARIN-001 2001:0400::/23 HURRICANE 2001:0470::/35
VBNS-IPV6 2001:0408::/35 ABOVENET-IPV6 2001:0438::/35
CANET3-IPV6 2001:0410::/35 SPRINT-V6 2001:0440::/35
VRIO-IPV6-0 2001:0418::/35 UNAM-IPV6 2001:0448::/35
CISCO-IPV6-1 2001:0420::/35 GBLX-V6 2001:0450::/35
QWEST-IPV6-1 2001:0428::/35 STEALTH-IPV6-1 2001:0458::/35
DEFENSENET 2001:0430::/35 NET-CW-10BLK 2001:0460::/35
May 25th, 2001
21凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
TCP Header+ Data
IPv6 HeaderNext Header = Routing
Routing HeaderNext Header = TCP
IPv6 Header Options (RFC 2460)
TCP Header+ Data
IPv6 HeaderNext Header = TCP
IPv6 HeaderNext Header = Routing
Routing HeaderNext Header =Fragment
Fragment HeaderNext Header = TCP
Fragment of TCP Header+ Data
• Processed only by node identified in IPv6 Destination Address field => much loweroverhead than IPv4 options
exception: Hop-by-Hop Options header• Eliminated IPv4’s 40-octet limit on options
in IPv6, limit is total packet size, or Path MTU in some cases
22凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Header Options (RFC2460)
• Currently defined Headers should appear in the following order :
–IPv6 header
–Hop-by-Hop Options header
–Destination Options header
–Routing header
–Fragment header
–Authentication header (RFC 1826)
–Encapsulating Security Payload header (RFC 1827)
–Destination Options header
–upper-layer header
23凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
MTU Issues
• Minimum link MTU for IPv6 is 1280 octets(versus 68 octets for IPv4)
=> on links with MTU < 1280, link-specificfragmentation and reassembly must be used
• Implementations are expected to perform path MTU discovery to send packets bigger than 1280
• Minimal implementation can omit PMTU discovery as long as all packets kept ≤ 1280 octets
• A Hop-by-Hop Option supports transmission of “jumbograms” with up to 232 octets of payload
24凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Fragment Header
• Though discouraged, can use IPv6 Fragment header to support upper layers that do not (yet) do path MTU discovery
• IPv6 frag. & reas. is an end-to-end function; routers do not fragment packets en-route if too big—they send ICMP “packet too big” instead
Next HeaderOriginal Packet Identifier
Next Header Fragment Offset 0 0 M
25凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Neighbour Discovery (RFC 2461)
• Protocol built on top of ICMPv6 (RFC 2463)
– combination of IPv4 protocols (ARP, ICMP,…)
• Fully dynamic, interactive between Hosts & Routers –defines 5 ICMPv6 packet types
–Router Solicitation / Router Advertisements
–Neighbour Solicitation / Neighbour Advertisements
–Redirect
26凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Neighbour Discovery (RFC 2461)
• Defined mechanisms between nodes attached on the same link
–Router discovery
–Prefix discovery
–Parameters discovery, ie: link MTU, hop limit,…
–Address autoconfiguration
–Address Resolution (same function as ARP)
–Next-hop determination
–Neighbor Unreachability Detection (useful for default routers)
–Duplicate Address Detection
–Redirect
27凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
(Single Subnet Scope, Formed fromReserved Prefix and Link Layer Address)
SUBNET PREFIX
IPv6 Auto-Configuration
• Stateless (RFC2462)–Host autonomously configures it
s own address
–Link local addressing
•i.e.: FE80::E0:F726:4E58
• Stateful– DHCPv6
• Addressing lifetime–Facilitates graceful renumbering
–Addresses defined as valid, deprecated or invalid
SUBNET PREFIX + MAC ADDRESS
SUBNET PREFIX + MAC ADDRESS
SUBNET PREFIX + MAC ADDRESS
SUBNET PREFIX + MAC ADDRESS
SUBNET PREFIX + MAC ADDRESS
SUBNET PREFIX + MAC ADDRESS
SUBNET PREFIX + MAC ADDRESS
SUBNET PREFIX + MAC ADDRESS
28凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Serverless Autoconfiguration(“Plug-n-Play”)
• IPv6 Hosts can construct their own addresses:–subnet prefix(es) learned from periodic multicast advertisem
ents from neighboring router(s)
–interface IDs generated locally, e.g., using MAC addresses
• Other IP-layer parameters also learned from router adverts
–(e.g., router addresses, recommended hop limit, etc.)
• Higher-layer info (e.g., DNS server and NTP server addresses) discovered by multicast / anycast-based service-location protocol
– [details still to be decided]
29凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Auto-Reconfiguration (“Renumbering”)
• New address prefixes can be introduced,and old ones withdrawn
–we assume some overlap period between old and new,i.e., no “flash cut-over”
–hosts learn prefix lifetimes and preferability from router advertisements
–old TCP connections can survive until end of overlap;new TCP connections can survive beyond overlap
• Router renumbering protocol, to allow domain-interior routers to learn of prefix introduction / withdrawal
• New DNS structure to facilitate prefix changes
30凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
• Uses same “longest-prefix match” routing as IPv4 CIDR
• Key to scalable routing—hierarchical addressing
• Assignment of production IPv6 Sub-TLA address prefixes obtainable from Registries (RIPE-NCC, APNIC, ARIN) since 1999
• Existing routing protocols require extensions for IPv6
• Neighbor discovery—dynamic host <—> router
• Can use Routing header with anycast addresses to route packets through particular regions
–e.g., for provider selection, policy, performance, etc.
IPv6 Routing
31凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Routing Protocols
• Update to existing IPv4 routing protocols to handle bigger addresses
–RIPv6 (RFC 2080) - Similar to RIPv2
–BGP4+ - Multi-Protocols Extensions defined in RFC 2283, 2545
–Integrated IS-IS - Large Address support facilitates IPv6 address
–family. Draft-ietf-isis-ipv6-01.
–OSPFv3 (RFC 2740) New protocol implementation for IPv6
• IPv6 Multicast Routing–PIM, MOSPF, MBGP have IPv6 extensions
–IPv6 Multicast has larger address space removing potential IP addresses collision
32凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Mobility
• a mobile host has one or more home address(es)–relatively stable; associated with host name in DNS
• when it discovers it is in a foreign subnet (i.e., not its home subnet), it acquires a foreign address
–uses auto-configuration to get the address
–registers the foreign address with a home agent,i.e, a router on its home subnet
• packets sent to the mobile’s home address(es) are intercepted by home agent and forwarded to the foreign address, using encapsulation
33凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Mobile IP (v4 version)
home agent
home location of mobile host
foreign agent
mobile host
correspondenthost
34凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Mobile IP (v4 version)
home agent
home location of mobile host
foreign agent
mobile host
correspondenthost
35凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Mobile IP (v4 version)
home agent
home location of mobile host
foreign agent
mobile host
correspondenthost
36凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Mobile IP (v4 version)
home agent
home location of mobile host
foreign agent
mobile host
correspondenthost
37凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Mobile IP (v4 version)
home agent
home location of mobile host
foreign agent
mobile host
correspondenthost
38凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Mobile IP (v6 version)
home agent
home location of mobile host
mobile host
correspondenthost
39凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Mobile IP (v6 version)
home agent
home location of mobile host
mobile host
correspondenthost
40凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Mobile IP (v6 version)
home agent
home location of mobile host
mobile host
correspondenthost
41凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Mobile IP (v6 version)
home agent
home location of mobile host
mobile host
correspondenthost
42凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Mobile IP (v6 version)
home agent
home location of mobile host
mobile host
correspondenthost
43凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Mobile IPv6 Terminology
Internet
MN
HAAccess Router
• Home Agent (HA)
• Mobile Node (MN)
• Care of Address (COA)
• Correspondent Node (CN)
44凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Overview of Mobile IPv6 Functionality
• 1. MN obtains IP address using stateless or stateful autoconfiguration
• 2. MN registers with HA
• 3. HA tunnels packets from CN to MN
• 4. MN sends packets from CN directly or via tunnel to HA
HA
1. 1. 2.2.MN
CN
4.4. 3.3.
45凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Mobile IPv6
• Plenty of addresses
–2 for Mobile Hosts
–>> 2 for Mobile Networks
• No dependency on specialized access network functionality (Foreign Agent, DHCP)
• NAT/PT/ALGs needed during migration from IPv4 to IPv6 but decrease with time
46凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IP Quality of Service Approaches
two basic approaches developed by IETF:
• “Integrated Service” (int-serv)
–fine-grain (per-flow), quantitative promises (e.g., x bits per second), uses RSVP signalling
• “Differentiated Service” (diff-serv)
–coarse-grain (per-class), qualitative promises (e.g., higher priority), no explicit signalling
47凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Support for Int-Serv
20-bit Flow Label field to identify specific flows needing special QoS
– each source chooses its own Flow Label values; routers use Source Addr + Flow Label to identify distinct flows
– Flow Label value of 0 used when no special QoS requested (the common case today)
– this part of IPv6 is not standardized yet, and may well change semantics in the future
48凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Support for Diff-Serv
8-bit Traffic Class field to identify specific classes of packets needing special QoS
– same as new definition of IPv4 Type-of-Service byte
– may be initialized by source or by router enroute; may be rewritten by routers enroute
– traffic Class value of 0 used when no special QoS requested (the common case today)
49凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
What does it do for:
• Security–Nothing IP4 doesn’t do - IPSec runs in both
–but IPv6 mandates IPSec
• QoS
–Nothing IP4 doesn’t do - •Differentiated and Integrated Services run in both
•So far, Flow label has no real use
50凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Technology Scope
IP Service IPv4 Solution IPv6 Solution
Addressing Range32-bit, Network Address
Translation128-bit, Multiple Scopes
Autoconfiguration DHCPServerless, Reconfiguration,
DHCP
Security IPSecIPSec Mandated, works End-to-End
Mobility Mobile IP Mobile IP with Direct Routing
Quality-of-ServiceDifferentiated Service, Integrated
ServiceDifferentiated Service, Integrated
Service
IP Multicast IGMP/PIM/Multicast BGPMLD/PIM/Multicast BGP, Scope
Identifier
51凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Standards Status
• IPv6 documents are at various points in the standards process, core documents are done
• Document review for completeness, followed by issues or additional work.
• To know more about IPv6 specifications
– www.ietf.org/html.charters/ipngwg-charter.html
• Main covered areas are :– Architecture, Addressing, Routing, Security, Transition, DNS,
Management, Discovery & Auto-Configuration, Mobility, Multicast, Applications API, ...
52凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Current Status - Standardisation
• Several key components now on Standards Track: Specification (RFC2460) Neighbour Discovery (RFC2461)
ICMPv6 (RFC2463) IPv6 Addresses (RFC2373/4/5)
RIP (RFC2080) BGP (RFC2545)
IGMPv6 (RFC2710) OSPF (RFC2740)
Router Alert (RFC2711) Jumbograms (RFC2675)
Autoconfiguration (RFC2462)
IPv6 over: PPP (RFC2023) Ethernet (RFC2464)
FDDI (RFC2467) Token Ring (RFC2470)
NBMA(RFC2491) ATM (RFC2492)
Frame Relay (RFC2590) ARCnet (RFC2549)
53凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Agenda
•IPng Protocols & Standards
• IPv6 Integration & Co-ExistenceIPv6 Integration & Co-Existence
• Cisco IOS IPv6 roadmap
• IPv6 Deployment
54凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv4-IPv6 Co-Existence / Transition
• A wide range of techniques have been identified and implemented, basically falling into three categories:
(1) dual-stack techniques, to allow IPv4 and IPv6 to co-exist in the same devices and networks
(2) tunneling techniques, to avoid order dependencies when upgrading hosts, routers, or regions
(3) translation techniques, to allow IPv6-only devices to communicate with IPv4-only devices
• Expect all of these to be used, in combination
55凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Dual-Stack Approach
• When adding IPv6 to a system, do not delete IPv4–this multi-protocol approach is familiar and well-understood (e.g., for AppleTalk, IPX, etc.)
–note: in most cases, IPv6 will be bundled with new OS releases, not an extra-cost add-on
• Applications (or libraries) choose IP version to use–when initiating, based on DNS response:
–if (dest has AAAA or A6 record) use IPv6, else use IPv4
–when responding, based on version of initiating packet
• This allows indefinite co-existence of IPv4 and IPv6, and gradual, app-by-app upgrades to IPv6 usage
DRIVER
IPv4 IPv6IPv4 IPv6
APPLICATION
TCP/UDP
56凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Tunnels to Get ThroughIPv6-Ignorant Routers / Switches
• Encapsulate IPv6 packets inside IPv4 packets(or MPLS frames)
• any methods exist for establishing tunnels:–manual configuration
–“tunnel brokers” (using web-based service to create a tunnel)
–“6-over-4” (intra-domain, using IPv4 multicast as virtual LAN)
–“6-to-4” (inter-domain, using IPv4 addr as IPv6 site prefix)
• Can view this as:–IPv6 using IPv4 as a virtual link-layer, or
–an IPv6 VPN (virtual public network), over the IPv4 Internet(becoming “less virtual” over time, we hope)
57凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Tunnelling
• Configured tunnels—manual point-2-point links
• Automatic tunnels—via 6to4 mechanism 2002::/16 prefix
• Cisco instrumental in building existing tunneled IPv6 networks
Mobile Data
Network
Service Provider Service Provider IPv4 BackboneIPv4 Backbone
Service Provider Service Provider IPv4 BackboneIPv4 Backbone
IPv6 Tunnel
IPv6 Tunnel
IPv6 Tunnel
IPv6 Network
IPv6 Network
IPv6 HeaderIPv6 Header Transport Layer Header
Transport Layer HeaderIPv4 HeaderIPv4 Header
IPv6 HeaderIPv6 Header Transport Layer Header
Transport Layer Header DataData
DataData
58凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Translation
• May prefer to use IPv6-IPv4 protocol translation for:– new kinds of Internet devices (e.g., cell phones, cars, applian
ces)
– benefits of shedding IPv4 stack (e.g., serverless autoconfig)
• This is a simple extension to NAT techniques, to translate header format as well as addresses
– IPv6 nodes behind a translator get full IPv6 functionality when talking to other IPv6 nodes located anywhere
– they get the normal (i.e., degraded) NAT functionality when talking to IPv4 devices
– methods used to improve NAT functionality (e.g, ALGs, RSIP) can be used equally to improve IPv6-IPv4 functionality
59凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv4-IPv6 Translation: NAT-PT
IPv4/v6 NetworkIPv4 Network
NAT-PT
60凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
NGTrans Working Group
• Define the processes by which networks can be transitioned from IPv4 to IPv6
• Define & specify the mandatory and optional mechanism that vendors are to implement in Hosts, Routers and other components of the Internet in order for the Transition.
• Http://www.ietf.org/html.charters/ngtrans-charter.html
61凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Agenda
•IPng Protocols & Standards
• IPv6 Integration & Co-Existence
• Cisco IOS IPv6 roadmapCisco IOS IPv6 roadmap
• IPv6 Deployment
62凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 @Cisco Systems
• Co-chair of IETF IPv6 WG and NGtrans WG• Well Known Cisco 6Bone router
– ~ 70 tunnels with other companies– acts as 6to4 Relay– Official Cisco IPv6 prefix registered to ARIN (2001:0420::/35)
• ‘Founding Member’ of the IPv6 Forum• Official CCO IPv6 page is www.cisco.com/ipv6
– Cisco IPv6 Statement of Direction published last June– Cisco IOS IPv6 EFT available for free since 3 years– ~around 500 sites running Worldwide
• Ready to deliver a commercial release of Cisco IOS IPv6– including Cisco IOS IPv6 training & Worldwide support
63凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Cisco IOS Roadmap:The Confluence of IPv4/IPv6
Cisco IOS Release Target Market
Phase IRelease 12.2(1)T
DONEEarly Adopter Deployment
Phase IIH2 CY 2001
Production Backbone Deployment
Phase IIICY 2002
Enhanced IPv6 Services
Cisco IOS upgrade
=
Free IPv6
64凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Where is the IPv6 Roadmap Coming From?
Support the features set required by other standard
bodies, eg. 3GPP/UMTS, MWIF
Develop Cisco IPv6 AddedValue features to promote
our Solutions
Add support for new IPv6 developments coming from
IETF WG when it makes sense
Provide parity between IPv4 and IPv6 Features
but it is time to forget some old IPv4 features
Listening our Customers
65凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Cisco IOS IPv6 Phase I
Cisco IOS Release IPv6 Features Supported
Phase IEarly AdoptersRelease 12.2(1)TDONE
Any router able to run this releaseCisco 800 toCisco 7500
IPv6 Basic specification (RFC 2460)ICMPv6, Neighbor DiscoveryStateless auto-configurationRIPv6 (RFC 2080)Multi-Protocol extensions for BGP4(RFC 2545 & 2858)Configured and Automatic Tunnels6to4 TunnelStandard Access ListIPv6 over Ethernet (10/100/1000Mb/s),FDDI, Cisco HDLC, ATM and FR PVC,PPP (Serial, POS, ISDN)Ping, Traceroute, Telnet, TFTP
Cisco IOS upgrade
= Free IPv6
66凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Extensive Platform Support
800 Series Routers1400 Series Routers1600 Series Routers1700 Series Routers2500 Series Routers2600 Series Routers3600 Series Routers
4500 and 4700 Series RoutersAS5300 and AS5400 Universal Access Servers
7100 Series Routers7200 Series Routers7500 Series Routers7600 Series Routers*
12000 Series Routers*
*Available 2H 2001
67凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Cisco IOS IPv6 Phase II
Cisco IOS Release IPv6 Features Under Development
Phase IIBackbone DeploymentFuture Release H2 CY 2001
Cisco IOS 12.2(3)T or (4)TCisco 12000 and 7600 releases
i/IS-ISv6CEFv6/dCEFvDialExtended Access ListNAT-PTIPv6 Edge router (6PE) over MPLS DNS AAAA clientCDP, SSH, IPv6 MIBPhase I Sustaining
68凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Cisco IOS IPv6 Phase III
Cisco IOS ReleaseEvaluation of IPv6 Phase III
Features
Phase IIIEnhanced ProtocolsEstimated Dates: CY 2002
Cisco IOS 12.2SCisco IOS 12.3 mainline
OSPFv3: under developmentE-IGRP: under developmentMobile IPv6: Home Agent prototype currently under developmentIPsec: mandated by IPv6 specs,Authentication required by OSPFv3, Mobile IP Binding Association,Router renumbering, NetworkManagementIPv6 Multicast: MLD, PIMv6 SM, PIM SSM
69凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Cisco IOS Roadmap:The Confluence of IPv4/IPv6
Cisco IOS Release IPv6 Features Supported
Phase IRelease 12.2(1)T
DONE
Basic IPv6 specifications supportMulti-protocol Extensions for BGP4, RIPv6Manual, Automatic & 6to4 Tunnel Support
Tools such as Ping, Traceroute,etc
Phase IIH2 CY 2001
Enhanced Performances (CEFv6/dCEFv6), Link State IGP (I/IS-ISv6), IPv6 Edge router (6PE) over MPLS, Dial, NAT-PT, Enhanced
tools (SSH, DNS client, MIB, etc)
Phase IIICY 2002
Hardware Acceleration, OSPFv3, Mobility,Multicast, Security, QoS…
Cisco IOS upgrade
= Free IPv6
70凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Agenda
• IPng Protocols & Standards
• IPv6 Integration & Co-Existence
• Cisco IOS IPv6 roadmap
• IPv6 DeploymentIPv6 Deployment
71凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Deployment of IPv6 Services:
What our Customers are saying !
Satisfy Business Drivers, aka. Applications requiring end-to-end IPv6 traffic forwarding, geographies with registry allocations issues
No Flag Day
No Performance Penalty, implementation must be scalable and reliable
Minimize operational upgrade costs and training expenses
Investment Protection & Low startup cost
Incremental Upgrade/Deployment
Preserve IPv6 - IPv4 connectivity/transparencyStrategy that reflects this …
Starting with Edge upgrades enable IPv6 service offerings nowStarting with Edge upgrades enable IPv6 service offerings now
72凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Deployment Scenario
• Many ways to deliver IPv6 services to End Users–most important is End-to-End IPv6 traffic forwarding
• Service Providers and Enterprises may have different deployment needs
• IPv6 over IPv4 tunnels
• Dedicated Data Link layers for native IPv6 –no impact on IPv4 traffic & revenues
• Dual stack Networks–IPv6 over MPLS or IPv4-IPv6 Dual Stack Routers
73凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Tunnels over IPv4 or MPLS Infrastructure
IPv4 Enterprise
• IPv6 over IPv4 Internet
–ala 6Bone
• Any Cisco IOS 12.2(1)T routers can be used as IPv6 router
–6to4 Tunnel
–Manual Tunnel
–Automatic Tunnel
– IPv4compatibleIPv6
• Leveraging defined Tunneling Technology
• No impact on existing IPv4 or MPLS infrastructure
–using high-speed POS interfaces
Edge IPv6 Infrastructure:
IPv6 Enterprise
IPv6 Enterprise
IPv6 Enterprise
IPv6 Enterprise
IPv6 over IPv4 Internet:IPv6 over IPv4 Internet:
Mobile DataMobile Data
Mobile DataMobile Data
Translating Gateway
Translating Gateway
Translating Gateway
Translating Gateway
Service Provider IPv4 or MPLS backbone
74凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Native IPv6 over Dedicated Data Links
IPv6 Enterprise
IPv6 Enterprise
IPv6 Enterprise
TranslatingGateway
• Native IPv6 links over dedicated infrastructures
–No impact on IPv4 traffic and revenues
• Any Cisco IOS 12.2(1)T routers can be configured
–ATM & Frame Relay PVC’s
–Serial Lines, Sonet/SDH, FE/GE
• Cisco 12000 with Sonet/SDH interfaces can get IPv6 support
–Today, EFT on private 12.0ST branch
• IPv6 over FE/GE, ATM or Sonet/SDH can run over an optical infrastructure (dedicated lamda)
Service Provider Service Provider ATM/FR/WDM ATM/FR/WDM
BackboneBackbone
75凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Edge Router (6PE) over MPLS
• Many Carriers, large ISP and Mobile SP have invested on MPLS infrastructure
─ Core devices may be ATM switches, GSR or other vendor’s routers─ Leverages of MPLS features, eg. MPLS/VPN, TE, CoS,...
• UMTS Release 5 requires IPv6─ GSM, GPRS and UMTS Release 99 needs circuit switching as well as IP
• Multiple implementation’s options to integrate IPv6─ IPv6 on CE, IPv6 over AToM, IPv6 Edge router (6PE), native IPv6 MPLS─ 6PE allows the SP to offer IPv6 at lower cost and risk
P P
PP 6PE
6PE IPv4
IPv6
IPv6
IPv46PE
6PEIPv4
IPv6
IPv6
MP-iBGP sessions
v6
v6
v6
v6
v4
v4
v4
OC48/192
76凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Dual Stack IPv4-IPv6 backbone
• Can be achieved beginning with Cisco IOS 12.2(1)T but have to consider the following:
– IPv4 Hardware Forwarding versus IPv6 Software Forwarding
– Memory size for IPv4 and IPv6 routing tables
– Should IPv4 and IPv6 route to a single dual-stack edge router the same?
– Requires full upgrade
• IPv4 and IPv6 traffic should not impact each other.
– Require more feedback & experiments
IPv4/v6 Enterprise
IPv4/v6 Enterprise
IPv6 Enterprise
Service Provider Service Provider IPv4/IPv6IPv4/IPv6BackboneBackbone
TranslatingGateway
IPv6Router
IPv4Enterprise
IPv4Enterprise
77凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Native IPv6-Only Backbone
IPv6 Intranet
IPv4 Tunnel
IPv4/v6 IntranetMobile IPv6
IPv4 Intranet
IPv6 Intranet
Translating Gateway
Translating Gateway
Translating Gateway
Translating Gateway
• Requires:
•IPv4 over IPv6 Tunnels for IPv4 traffic
•Hardware forwarding for IPv6
•Network managementover IPv6
• Not recommended today as IPv4 traffic is still the main source
IPv6 Backbone
78凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Deployment Phases
Phases Benefits
IPv6 Tunnels over IPv4 Low cost, low risk to offer IPv6 services. No infrastructure change. Has to evolve when many IPv6 clients get connected
Dedicated Data Link layers for Native IPv6
Natural evolution when connecting many IPv6 customers. Require a physical infrastructure to share between IPv4 and IPv6 but allow separate operations
MPLS 6PELow cost, low risk , it requires MPLS and MP-BGP4. No need to upgrade the Core devices , keep all MPLS features (TE, IPv4-VPN)
Dual stack or IPv6-onlyRequire to upgrade all devices. Valid scenario when IPv6 traffic volume is sufficient or applications are IPv6 only.
79凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Other IPv6 Implementations
• Most of Operating Systems can deliver an IPv6 stack
• Internetworking vendors are committed on IPv6 support
• For an update status, please check on
–http://playground.sun.com/pub/ipng/html/ipng implementations.2.html
• Applications IPv6 awareness
–Net Utilities (ping, finger, ifconfig....etc), NFS, Routing Daemons
–FTP, TELNET, WWW Server & Browser, Sendmail, SMTP
• Interoperability has to be considered
80凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
IPv6 Forum
• +100 companies
–Cisco is founding member
• www.ipv6forum.com
• Mission is to promote IPv6 not to specify it (IETF)
• Held ‘IPv6 summit’ around the World
81凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
6BONE
• The 6bone is an IPv6 testbed setup to assist in the evolution and deployment of IPv6 in the Internet.
–The 6bone is a virtual network layered on top of portions of the physical IPv4-based Internet to support routing of IPv6 packets, as that function has not yet been integrated into many production routers. The network is composed of islands that can directly support IPv6 packets, linked by virtual point-to-point links called "tunnels". The tunnel endpoints are typically workstation-class machines having operating system support for Ipv6.
• 46 countries are currently involved
• Registry, maps and other information may be found on http://www.6bone.net/
82凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
• Test address space defined in RFC2471 - 3FFE::/16
• Definitions:
–FP - Format Prefix 001
–TLA - special TLA 0x1FFE
–pTLA - pseudo Top Level Aggregator Transit ISP
- expanded from 8 to 12 bits
• Guidelines for routing on 6bone - RFC2772
IPv6 Addresses - 6bone
FP pTLA ID NLA ID SLA ID Interface ID
3 bits 64 bits13 bits 24 bits 16 bits8 bits
TLA ID
83凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO
Further Information
• IETF IPv6 specifications–www.ietf.org/html.charters/ipngwg-charter.html
• IETF NGTrans WG–Http://www.ietf.org/html.charters/ngtrans-charter.html
• IPv6 World Wide Testbed: www.6bone.net
• IPv6 specifications and implementations http://playground.sun.com/pub/ipng/html/ipng implementations.2.html
• IPv6 Promotion: www.ipv6forum.com
• IPv6 Research and Education Networks: www.6ren.net
84凌群電腦股份有限公司SYSCOM COMPUTER ENGINEERING.CO 84© 2000, Cisco Systems, Inc.
Questions?
22131313_06_2000_c2