Cisco IPv6 Solutions
Integration & Co-Existence
Benoit Lourdelet
Technology Product Management, NSSTG
blourdel@cisco.com
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
1
Agenda





Presentation_ID
IPv6 Rationales
IPv6 Protocol overview
General Deployment Concepts
Enterprise Deployment
Service Provider Deployment
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
2
IPv6 Rationales
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
3
What is IPv6? Basic Perspectives
The Network Manager Perspective
Infrastructure focus
Stable specifications, commercial
implementations
Cost of deployment and operation
The End-User Perspective
Applications & Services focus
Integration per application model
IP Agnostic
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
4
Key Aspects Reminder
 IPv6 is NOT a feature. It is about the fundamental IP
network layer model developed for end-to-end services
and network transparency
 Deployments of production IPv6 infrastructures are
under way, the time has come to move our focus to
edge, access and usage
6Bone is phasing out, 6NET is closed,…
 Today’s IPv6 deployment drivers do not rely on
uncovering the “future killer application” anymore, they
focus instead on:
Performing the same as on IPv4 but on a larger scale
Operational cost savings or simpler network models
when deploying applications
Leading the innovation
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
5
WHEREAS, community access to Internet Protocol (IP) numbering Resources
has proved essential to the successful growth of the Internet; and,
WHEREAS, ongoing community access to Internet Protocol version 4 (IPv4)
numbering resources can not be assured indefinitely; and,
WHEREAS, Internet Protocol version 6 (IPv6) numbering resources are
available and suitable for many Internet applications,
BE IT RESOLVED, that this Board of Trustees hereby advises the Internet
community that migration to IPv6 numbering resources is necessary for any
applications which require ongoing availability from ARIN of contiguous IP
numbering resources; and,
BE IT ORDERED, that this Board of Trustees hereby directs ARIN staff to take
any and all measures necessary to assure veracity of applications to ARIN for
IPv4 numbering resources; and,
BE IT RESOLVED, that this Board of Trustees hereby requests the ARIN
Advisory Council to consider Internet Numbering Resource Policy changes
advisable to encourage migration to IPv6 numbering resources where
possible.
ARIN (ARIN Board of Trustees)
7 May 2007
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
6
Market Drivers
 IPv4 address pool exhaustion – 2010-2015?
 National IT strategy
U.S. Federal – OMB memo called for IPv6 infra in June 2008
Japan, Korea,…
China Next Generation Internet (CNGI) project
European Commission sponsored projects
Emerging countries IPv6 Task Force, ie: India, Africa,…
 Microsoft Windows Vista & Longhorn releases
And other O.S. or applications
 Next Gen. Broadband: DOCSIS 3.0, Quad Play with
HDTV,…
 Mobile SP – 3G/4G/WiMax, IP NGN IMS, IP/TV on Mobiles
 Networks in Motion
 Networked Sensors,…
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
7
IPv6 Integration – Per Application Model
Today, all O.S.
are Dual-Stack
 As soon as the infrastructure is IPv6
capable…IPv6 integration can follow a
non-disruptive “per application” model
New Generation of Internet Appliances
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
8
U-2010 – IPv6 Public Safety Framework
Bio-Ecological
Transportation disaster
Health
Risk Profiles
Terrorism
Rescue
Sensors
Voice
First
Public
Crisis
Responders Information Management
Natural disaster
Directory
services
Video
Time
Synch
Instant
Messenger
Data
Localization
Management
IPv6 - Common Networking Infrastructure Enabler
• Secure environment
• Bi-directional communications
• IP Mobility
•Ad-Hoc Networks
Wireless Network Infrastructures
Fixed Network Infrastructures
Broadband
Presentation_ID
Public
Private
Government
© 2006 Cisco Systems, Inc. All rights reserved.
• Traceability
• Community of Interest
Cisco Confidential
WiFi
GPRS/3G
Satellite
Radio
DVB-H
WiMax
9
IPv6 Protocol
overview
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
10
IPv4 & IPv6 Header Comparison
IPv4 Header
Version
IHL
Type of
Service
Identification
IPv6 Header
Total Length
Flags
Version
Traffic Class
Fragment
Offset
Payload Length
Time to Live
Protocol
Flow Label
Next Header Hop Limit
Header Checksum
Source Address
Source Address
Destination Address
Legend
Options
Padding
- field’s name kept from IPv4 to IPv6
Destination Address
- fields not kept in IPv6
- Name & position changed in IPv6
- New field in IPv6
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
11
IPv6 Packet Structure – RFC 2460
IPv6 Header
Next Header = 6
(TCP)
TCP header & payload
IPv6 Header
Next Header = 43
(Routing)
Routing Header
Next Header = 6
(TCP)
IPv6 Header
Next Header = 43
(Routing)
Routing Header
Next Header = 51
(AH)
TCP header & payload
Authentication Header
Next Header = 6
(TCP)
TCP header &
payload
• IPv6 hardware forwarding must be able to parse all fields to read about option
headers and L4 details for packet filtering and monitoring
• Ref. http://www.cisco.com/en/US/products/ps6553/products_white_paper0900aecd8054d37d.shtml
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
12
Address Allocation
/32
2001
/48
0DB8
/64
Interface ID
ISP prefix
Site prefix
LAN prefix
 The allocation process is defined by the 5 Registries:
IANA allocates 2000::/3 as Global Unicast [RFC 4291]
Registries get ::/12 prefix(es) from IANA [formerly /23] under new policy http://www.icann.org/announcements/announcement-12oct06.htm
Registry allocates a /32 prefix [formerly /35] to IPv6 ISP and others
Then policies recommend that the ISP allocates a /48 prefix to each customer
(or potentially /64)
http://www.ripe.net/ripe/docs/ipv6policy.html
http://www.icann.org/announcements/ipv6-report-06sep05.htm
New Policy to assign PI and IX prefixes as /48
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
13
IPv6 Technology Scope
IP Service
IPv4 Solution
IPv6 Solution
Addressing Range
32-bit, Network
Address Translation
128-bit, Multiple
Scopes
Autoconfiguration
DHCP
Serverless,
Reconfiguration, DHCP
Security
IPSec
IPSec Mandated,
works End-to-End
Mobility
Mobile IP
Mobile IP with Direct
Routing
Quality-of-Service
Differentiated Service,
Integrated Service
Differentiated Service,
Integrated Service
IP Multicast
IGMP/PIM/Multicast
BGP
MLD/PIM/Multicast
BGP, Scope Identifier
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
14
Introducing Local Network Protection
for IPv6
DHCPv6 Prefix Delegation
IPv6 Global & ULA
address space
Internet
Access
Si
Si
Explicit Context Based
Access Control
 IPv4 Network Address Translation (NAT) is widely deployed and its
success is due to the fact that today’s Internet is primarily running
Client/Server applications.
 No reason to treat NAT as evil, better to analyze “Market’s perceived
benefits of IPv4 NAT”, then educate how similar benefits can be
achieved with IPv6
Topology hiding, addressing autonomy, simple security,…
 Local Network Protection for IPv6
A set of IPv6 techniques that may be combined on an IPv6 site to simplify and
protect the integrity of its network architecture, without the need for Address
Translation
http://www.ietf.org/internet-drafts/draft-ietf-v6ops-nap-06.txt
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
15
General
Deployment
Concepts
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
16
IPv6 – Planning Steps
2005
2006
2007
2008
Q Q Q Q Q Q Q Q
1 2 3 4 1 2 3 4
2009
201x
Q Q Q Q Q Q Q Q
1 2 3 4 1 2 3 4
Identifying the
business case
Network Assessment
Cost Analysis
Training
Address planning
Testing
Deploying
Production
How long is needed for each phase of an IPv6 deployment project?
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
17
The Scope of IPv6 Deployment
Operations and Training
Campus
Enterprise
WAN
Multimedia
Peer to Peer
(Video Conf)
Provider
Edge
(ie: Instant Messenger)
Provider
Core
Broadband
Networks
Integration & Co-Existence
IPv6 over IPv4 Tunnels
(Configured, 6to4, ISATAP, GRE)
Native IPv4 & IPv6
Cisco IOS is Multi-Protocol
Since Day 1
IPv6 over MPLS
(AToM, 6PE/6VPE)
IPv6 Services – The Cisco IOS Emphasis
QoS
Mobility
Multicast
Security
Instrumentation
IPv4-IPv6
Translation
Provisioning&Monitoring
Information
Services
Server to Client
IPv6 Forwarding & Routing protocols
(RIPng, EIGRP, OSPFv3, IS-ISv6, MP-BGP4)
Frame
Relay
Presentation_ID
PPP
HDLC
© 2006 Cisco Systems, Inc. All rights reserved.
POSIP
Cisco Confidential
ATM
FE
GE, 10GE
Wireless
xDSL
Cable, FTTH
18
Network Assessment
 A key and mandatory step to evaluate the impact of IPv6
integration
 May be split in several phases
Infrastructure – networking devices
Hosts, Servers and applications
 Must be as complete as possible to allow upgrade costs
evaluation and planning
Hardware type, memory size, interfaces, CPU load,…
Software version, features enabled, license type,…
 Difficult to complete if a set of features is not defined per
device’s category for a specific environment
IPv6-capable definition, knowledge of the environment and
applications, design goals
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
19
IPv6 Addressing Considerations
 Understand the IPv6 addressing model
Several IETF related documents (RFC 4291 (3513), 3041, 3056,
3879, 4007, 4193, 4214…)
IANA and Registries policies and prefix allocation rules
http://www.arin.net/policy/nrpm.html#ipv6
Internal rules
 Develop an addressing plan
Leverage hierarchical addressing system within network, for route
aggregation and consolidation at the core
 Address are assigned to interfaces as on IPv4, but interfaces expected
to have multiple addresses
 Address type, scope and lifetime
Unicast, Anycast, Multicast
Valid and preferred lifetime – RFC 4192 on Renumbering
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
20
Education
It is a very important aspect of planning. Knowledgeable
staff would make better decisions in planning the
deployment. The sooner it is initiated the less expensive
and more valuable it is.
Many education options:
 Formalized training used to train-the-trainer.
 Global resources
- 6Bone(http://www.6bone.net)
- IPv6 Forum (http://www.ipv6forum.com)
- IPv6 Task Force (http://www.ipv6tf.org)
North- America (http://www.nav6tf.org)
Europe (http://www.ipv6tf.org/meet/tf/eutf.php)
Japan (http://www.v6pc.jp/en/index.html)
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
21
Education (cont.)
Many education options:
 Reference Projects
- 6DISS (http://www.6diss.org)
- 6NET (http://www.6net.org)
- Euro6IX (http://www.euro6ix.org)
- Moonv6 (http://moonv6.sr.unh.edu)
 Cisco resources
- Partner e-Learning Connection:
http://www.cisco.com/warp/public/10/wwtraining/pec/peclogin.html
- Cisco Learning Connection:
http://www.cisco.com/en/US/learning/le31/le46/learning_customer_elearning_connection_tool_launch.shtml
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
22
Enterprise
Deployment
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
23
Deployment Scenario for Enterprises
WAN
Campus
Presentation_ID
Environment
Scenario
Cisco IOS
support
IPv6 services available from ISP
Dual Stack
Yes
Dedicated Data Link layers, eg.
LL, ATM & FR PVC, dWDM
Lambda
No IPv6 services from ISP or
experimentation – few sites
No IPv6 services from ISP or
experimentation – many sites,
any to any communication
Dual Stack
Yes
Configured
Tunnels
Yes
6to4
Yes
L3 infrastructure – IPv6 capable
Dual Stack
Yes
L3 infrastructure – not IPv6
capable, or sparse IPv6 hosts
population
ISATAP
Yes
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
24
Campus IPv6 Deployment Options
Dual-stack IPv4/IPv6
IPv6/IPv4 Dual Stack
 Requires switching/routing platforms to
support hardware based forwarding for
IPv4 and IPv6
Access
Layer
v6Enabled
 Requires robust control plane for both
IPv4 and IPv6
v6Enabled
Distribution
Layer
Core
Layer
Dual Stack
v6-Enabled
Dual Stack
 IPv4 and IPv6 control planes and data
planes must not impact each other (See
RST-3301)
L2/L3
Dual
Stack
Variety of routing protocols—The same
ones in use today with IPv4
 Requires support for IPv6 multicast,
QoS, infrastructure security, etc…
Dual Stack
IPv6 management—
Telnet/SSH/HTTP/SNMP
Dual Stack
 IPv6 is transparent on L2 switches
except for multicast - MLD snooping
v6-Enabled
Aggregation
Layer (DC)
Access
Layer (DC)
IPv6 Server
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
25
Campus IPv6 Deployment Options
Hybrid Model
Hybrid Model
 Offers IPv6 connectivity via multiple
options
Dual-stack
Configured tunnels – L3-to-L3
ISATAP – Host-to-L3
Access
Layer
 May require tunneling to less-thanoptimal layers (i.e. Core layer)
 ISATAP creates a flat network (all
hosts on same tunnel are peers)
v6-Enabled
 ISATAP does not support IPv6
Multicast
 Configured tunnels do support IPv6
Multicast
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
Dual Stack
 Provides basic HA of ISATAP tunnels
via old Anycast-RP idea
v6Enabled
Dual Stack
Create tunnels per VLAN/subnet to
keep same segregation as existing
design (not clean today)
Not v6Enabled
Configured Tunnel
 Offers natural progression to full dualstack design
ISATAP Tunnel
 Leverages existing network
L2/L3
v6Enabled
Not v6Enabled
v6-Enabled
Distribution
Layer
Core
Layer
Aggregation
Layer (DC)
Access
Layer (DC)
Dual-stack
Server
26
Campus IPv6 Deployment Options
IPv6 Service Block – An Interim Approach
Red VLAN
Blue VLAN
IPv6 Service Block
Distribution
Layer
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
Dedicated FW
Core
Layer
IOS FW
Agg
Layer
2
1
Secondary ISATAP Tunnel
Presentation_ID
ISATAP
Access
Layer
Primary ISATAP Tunnel
Equal-cost Configured
Tunnel (Mesh)
IPv4-only
Campus
Block
Internet
 Provides ability to rapidly deploy IPv6
services without touching existing
network
 Provides tight control of where IPv6 is
deployed and where the traffic flows
(maintain separation of
groups/locations)
 Provides basic HA of ISATAP
 ISATAP tunnels from PCs in Access
layer to service Block switches
 In this example configured tunnels are
used from Data Center to Service
Block
 Dependency on ISATAP alienates IPv6
multicast applications
 1) Leverage existing ISP block for both
IPv4 and IPv6 access
 2) Use dedicated ISP connection just
for IPv6 – Can use IOS FW or PIX/ASA
appliance
WAN/ISP Block
Data Center Block
27
IPv6 Enabled Branch
Take Your Pick – Mix-and-Match
Branch
Single Tier
Branch
Dual Tier
Branch
Multi-Tier
HQ
HQ
HQ
Internet
Internet
MPLS
Frame
Internet
Dual-Stack
IPSec VPN (IPv4/IPv6)
IOS Firewall (IPv4/IPv6)
Integrated Switch
(MLD-snooping)
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Dual-Stack
IPSec VPN or Frame Relay
IOS Firewall (IPv4/IPv6)
Switches (MLD-snooping)
Cisco Confidential
Dual-Stack
IPSec VPN or
MPLS (6PE/6VPE)
Firewall (IPv4/IPv6)
Switches (MLD-snooping)
28
Cisco VPN Client in IPv6 environment
Tunnel(s)
Remote User
IPv4 IPSec Termination
(PIX/ASA/IOS VPN/
Concentrator)
IPv6 Traffic
IPv4 Traffic
IPv4 Link
Internet
IPv6 Tunnel
Termination
IPv6 Link
Corporate
Network
Firewall
IPsec VPN
IPv6-in-IPv4 Tunnel
Dual-Stack server
Requirement
Cisco IOS release with either Configured or ISATAP tunnels
Cisco VPN Client 4.x
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
29
Cisco IPv6 Security Solutions
IPv6 Firewall
IPv6 IPSec HW Encryption
• IOS Firewall 12.3T, 12.4, 12.4T
• PIX 7.x
• ASA 5500 series
• FWSM 3.x
• 7200 VAM2+ SPA
• ISR AIM VPN
• next gen. 5G IPsec VPN SPA
IPsec – Secure Connectivity
Packet filtering – Threat protection
• IPv6 over IPv4 IPsec tunnels
• IPv4 dynamic IPSec to protect IPv6 over
IPv4 tunnels with dynamic IPv4 end point
• IPv6 IPSec Authentication for OSPFv3
• IPv6 IPsec Tunnel Router-to-Router
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
• Standard, reflexive, extended access
control list
• Enhanced extended ACL – filtering on
Routing Type
• Hardware e-ACL filtering capabilities
(CRS-1, C12K, C7600, C6500,…) including
parsing option headers
30
Looking at IPv6 Network Management

Network Management evolution needs
to be integrated in the IPv6 deployment
strategy
In a dual-stack network, both IPv4 and IPv6
environments must be managed with the
best optimization to decrease the cost of
operations

3 areas to consider
Instrumentation (MIBs, Netflow record, IP
SLA,…)
New IP MIBs, RFC 4001 compliancy
Network Protocol (SNMP, TFTP, Syslog,
Telnet, SSH,…over IPv6)
NMS & Applications for IPv6
DNS/DHCP server (CNR 6.2), Netflow
Collector 5.x, Ciscoworks LMS 2.5
(Topology, User Tracking,…)
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
31
Cisco IT IPv6 Deployment
Development
Labs
Network
Monitoring
Host
Lab
DMZ Tunnel
Router
Lab
Cisco SJC
Internal Net
Cisco Global
Network
Cisco SJC
DMZ
IPv4
Firewall
Lab
Address
Management
& DNS
Presentation_ID
IPv4
Internet
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
IPv6 Firewall &
Tunnel Termination
Router
(incl. ISATAP)
DMZ Lab
IPv4 Internet
Access
Router
DMZ
Development
Lab
IPv6
Internet
32
ISP
Deployment
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
33
IPv6 Deployment Scenario for ISP
Scenario
Cisco IOS
support
Tunnels
Yes
Dual Stack
Yes
Dedicated circuits – IPv4 – IPv6
Dual Stack
Yes
Native IP – Core is IPv6 aware
Dual Stack
Yes
MPLS – Core is IPv6 unaware
6PE/6VPE
Yes
Environment
Access
Core
Presentation_ID
Few customers, no native IPv6
service form the PoP or Data
link is not (yet) native IPv6
capable, ie: Cable Docsis
Native IPv4-IPv6 services
between aggregation and endusers
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
34
Dual Stack IPv4-IPv6
Enterprise
Dual-Stack or
Dedicated L2 circuits
6to4 Relay
Courtesy Service
Aggregation
DSL, Cable
FTTH
Dual-Stack Core
IPv6 Broadband Users
 IPv6 IX Peering
 IPv6 Transit services
 IPv6 enables on Core Routers
802.11 Hot-Spot
 IPv6 services to Enterprise customers
 IPv6 services to Home Users
Peering
ISP’s
 Additional Services
6to4 relay courtesy service
IPv6 IX
IPv6 Multicast for streaming (Triple Play)
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
35
IPv6 over MPLS Infrastructure
 Service Providers have already deployed MPLS in their IPv4
backbone for various reasons
MPLS/VPN, MPLS/QoS, MPLS/TE, ATM + IP switching
 Several IPv6 over MPLS scenarios
IPv6 Tunnels configured on CE (no impact on MPLS)
IPv6 over Circuit_over_MPLS (no impact on IPv6)
IPv6 Provider Edge Router (6PE) over MPLS & IPv6 VPN over MPLS
(6VPE) with no impact on MPLS core
Native IPv6 MPLS (require full network upgrade)
 Upgrading software to IPv6 Provider Edge Router (6PE)
Low cost and risk as only the required Edge routers are upgraded or
installed
Allows IPv6 Prefix delegation by ISP
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
36
Minimum Infrastructure Upgrade for 6PE
DSL
POP
6PE router
v6
6PE router
MP-iBGP session
CE
v4/v6
POP
v4
MPLS Core
up to OC-192
Data Center IPv6 Network
Only IPv6
segment
FTTH
G
E
NAT-PT
GE
IPv4 Server
GE
MPLS/IPv4
GE
Cisco 7600
Sup.720 as 6PE
•6PE – RFC 4798 – defined by Cisco and available from IOS
•MPLS/IPv4 Core Infrastructure is IPv6-unaware
• PEs are updated to support Dual Stack/6PE
• IPv6 reachability exchanged among 6PEs via iBGP (MP-BGP)
• IPv6 packets transported from 6PE to 6PE inside MPLS
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
IPv6 Server
37
IPv6 Integration on MPLS VPN infrastructure
Dual-stack
ipv4 addresses: 10.100/16
ipv6 addresses: 2001:100::/64
Dual-stack network
Address-family IPv4
Address-family IPv6
P1
Site-1
2001:101::/64
10.101/16
vrf
CE1
P2
PE1
Dual-stack network
PE2
MP-eBGP session
Address-family IPv4
Address-family IPv6
2001:201::/64
10.201/16
MP-iBGP session
MP-eBGP session
Address-family VPNv4
Address-family VPNv6
Address-family IPv4
Address-family IPv6

MPLS/IPv4 Core Infrastructure is IPv6-unaware

PEs are updated to support Dual Stack/6VPE
 IPv6 VPN can co-exist with IPv4 VPN – same scope
and policies
6VPE – RFC 4659 – Cisco authored for IPv6 VPN
over MPLS/IPv4 infrastructure
Site-2
VRF red
iGP-v4 (OSPF, ISIS)
LDP-v4
VRF red

CE2
Dual stack
server
vrf definition site1
rd 100:1
route-target import 100:1
route-target export 100:1
address-family ipv4
address-family ipv6
!
interface ethernet0/0
vrf forwarding site1
ip address 10.100.1.2 255.255.0.0
ipv6 address 2001:100::72b/64
 Cisco IOS 12.2(33)SRB on 7600, IOS-XR 3.5 on
C12000
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
38
Cisco IOS IPv6 Broadband
Access Solutions
Layer 2 Encapsulation(s)
IPv4/IPv6
Firewall
PIX, IOS FW
PSTN
Dial
ISP A
NAS
Internet
DSL
DSLAM
DOCSIS 3.0
proposal
Cable
BAS
Enterprise
Head-end
Distributed
Computing (GRID)
Access
Ethernet
IPv6 Prefix Pools
IPv6 Radius
(Cisco VSA and RFC 3162)
DHCPv6 Prefix Delegation
Stateless DHCPv6
DHCPv6 Relay
Generic Prefix
802.11
Mobile
RAN
ATM RFC 1483 Routed or Bridged (RBE)
PPP, PPPoA, PPPoE, Tunnel (Cable)
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Dual-Stack or MPLS (6PE) Core
Cisco Confidential
Video
IPv6 Multicast
IPv4/IPv6
39
Prefix/Options Assignment
Host
CPE
PE
ISP
ISP provisioning system
(3) RADIUS responds with
user’s prefix(es)
DHCP Client DHCP Server
(1) CPE sends DHCP solicit with
ORO = PD
(2) PE sends RADIUS request for
the user
(4) PE sends DHCP REPLY with
Prefix Delegation options
(5) CPE configures addresses from
the prefix on its downstream
interfaces, and sends an RA.
O-bit is set to on
(7) CPE sends a DHCP REPLY
containing request options
AAA
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
DHCP
Cisco Confidential
(6) Host configures
addresses based on the
prefixes received in the
RA. As the O-bit is on, it
sends a DHCP
INFORMATION-REQUEST
message, with an ORO =
DNS
ND/DHCP
40
Summary
Markets Perspective
IPv6 enables innovation, scalability and
simplicity
Software Developer Perspective
Applications must be “IP agnostic”
Network Manager Perspective Infrastructure
must be deliver IPv6 up to the edge/access
layer
The End-User Perspective
IP version needs to be transparent
Ensure an orderly and secured transition
using Cisco IPv6 Solutions
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
41
Q and A
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
42
More Information
 CCO IPv6 - http://www.cisco.com/ipv6
 Cisco IPv6 Solutions
http://www.cisco.com/en/US/tech/tk872/technologies_white_paper09186a0
0802219bc.shtml
 IPv6 Application Notes
http://www.cisco.com/warp/public/732/Tech/ipv6/ipv6_techdoc.shtml
 Cisco IOS IPv6 manuals
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/i
pv6_vcg.htm
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
43
Presentation_ID
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
44