Date post: | 20-Jan-2016 |
Category: |
Documents |
Upload: | jason-lang |
View: | 220 times |
Download: | 1 times |
1
IPv6 @ Cisco SystemsIPv6 @ Cisco Systems
Alan Lee
Cisco Systems
Alan Lee
Cisco Systems
2Cisco Internal Use Only
A need for IPv6?A need for IPv6?
• IETF IPv6 WG began in early 90s, to solve addressing growth issues, but
CIDR, NAT,… were developed
• IPv4 32 bits address = 4 billion hosts
~40% of the IPv4 address space is still unallocated
BUT …
• IP is everywhere
Data, Voice, Audio and Video integration is a Reality
Regional Registries apply a strict allocation control
Addressing scheme is not optimum as for any
• So, let’s play with Numbers and focus on Applications
3Cisco Internal Use Only
Why a larger address space is needed
Why a larger address space is needed
• Overall Internet is still growing at 400%/year worldwide~320 million users in 2000, ~550 million by 2005
• Emerging population/geopolitical & Address spaceStandford University has more address space than overall China
How to move to e-Economy without Global Internet access ??
• 400 million mobile phone users in 2000, over 1 billion by 2005UMTS Release 5 is Internet Mobility, 1/3 of 1B should get connected
• ~1 Billion cars in 2010, 15% should get GPS and Yellow Page services
• Billion of new Internet appliances for Home usersAlways-On
4Cisco Internal Use Only
Explosion of New Internet Appliances
Explosion of New Internet Appliances
5Cisco Internal Use Only
Coming Back to an End-to-End Architecture
Coming Back to an End-to-End Architecture
GlobalAddressing
Realm
Always-on Devices Need an Address
When You Call Them
New Technologies/Applications for Home Users‘Always-on’—Cable, DSL, Ethernet@home, Wireless,…
New Technologies/Applications for Home Users‘Always-on’—Cable, DSL, Ethernet@home, Wireless,…
6Cisco Internal Use Only
IPv6 MarketsIPv6 Markets
• Academic : now
Internet-II (Abilene, vBNS+), Canarie*3, Renater-II, Surfnet, DFN, CERNET,… 6REN/6TAP
• Geographies & Politics: Now
Prime Minister of Japan called for IPv6 (taxes reduction)
EEC summit PR advertised IPv6 as the way to go for Europe
President Clinton signed an Executive Memorandum on 3G
• Wireless (PDA, Mobile, Car,...): now-to-2003
Multiple phases before deployment
RFP -> Integration -> trial -> commercial
Requires ‘client devices’, eg. IPv6 handset ?
7Cisco Internal Use Only
IPv6 MarketsIPv6 Markets
• Home Networking: CY2002?
Set-top box/Cable/xDSL/Ether@Home
Residential Voice over IP gateway
• Gaming (10B$ market): 2001-2002?
Sony, Sega, Nintendo, Microsoft
• Consumer PC: H2 CY 2001-2003
• Enterprise: H2 CY 2001-2003
Requires Microsoft IPv6 support, as well as other O.S. & Applications
• Service Providers: NowService Providers: Now
Regional ISP, Carriers, Mobile ISP, and Greenfield ISP’s
8Cisco Internal Use Only
Integration of IPv6 ServicesIntegration of IPv6 Services
The UbiquitousThe UbiquitousInternetInternet
Large Address Space
Auto-ConfigurationEnhanced Mobility
9Cisco Internal Use Only
IPv6 AddressesBootstrap phaseIPv6 AddressesBootstrap phase
• Where to get address space?
Real IPv6 address space now allocated by APNIC, ARIN and RIPE NCC
APNIC 2001:0200::
ARIN 2001:0400::
RIPE NCC 2001:0600::
6Bone 3FFE::
Have a look at http://wwwin.cisco.com/ios/ipv6 for more information
10Cisco Internal Use Only
IPv6 Address SpaceCurrent AllocationsIPv6 Address SpaceCurrent Allocations
• APNIC (whois.apnic.net)CONNECT-AU-19990916 2001:210::/35
WIDE-JP-19990813 2001:200::/35
NUS-SG-19990827 2001:208::/35
KIX-KR-19991006 2001:220::/35
ETRI-KRNIC-KR-19991124 2001:230::/35
NTT-JP-19990922 2001:218::/35
HINET-TW-20000208 2001:238::/35
IIJ-JPNIC-JP-20000308 2001:240::/35
CERNET-CN-20000426 2001:250::/35
INFOWEB-JPNIC-JP-2000502 2001:258::/35
JENS-JP-19991027 2001:228::/35
BIGLOBE-JPNIC-JP-20000719 2001:260::/35
6DION-JPNIC-JP-20000829 2001:268::/35
DACOM-BORANET-20000908 2001:270::/35
ODN-JPNIC-JP-20000915 2001:278::/35
KOLNET-KRNIC-KR-20000927 2001:280::/35
HANANET-KRNIC-KR-20001030 2001:290::/35
TANET-TWNIC-TW-20001006 2001:288::/35 January 5th, 2001
SONYTELECOM-JPNIC-JP-20001207 2001:298::/35
TTNET-JPNIC-JP-20001208 2001:2A0::/35
CCCN-JPNIC-JP-20001228 2001:02A8::/35
IMNET-JPNIC-JP-20000314 2001:0248::/35
KORNET-KRNIC-KR-20010102 2001:02B0::/35 • ARIN (whois.arin.net)ESNET-V6 2001:0400::/35
ARIN-001 2001:0400::/23
VBNS-IPV6 2001:0408::/35
CANET3-IPV6 2001:0410::/35
VRIO-IPV6-0 2001:0418::/35
CISCO-IPV6-1 2001:0420::/35
QWEST-IPV6-1 2001:0428::/35
DEFENSENET 2001:0430::/35
ABOVENET-IPV6 2001:0438::/35
SPRINT-V6 2001:0440::/35
UNAM-IPV6 2001:0448::/35
GBLX-V6 2001:0450::/35
11Cisco Internal Use Only
IPv6 Address SpaceCurrent AllocationsIPv6 Address SpaceCurrent Allocations
• RIPE (whois.ripe.net)UK-BT-19990903 2001:0618::/35
CH-SWITCH-19990903 2001:0620::/35
AT-ACONET-19990920 2001:0628::/35
UK-JANET-19991019 2001:0630::/35
DE-DFN-19991102 2001:0638::/35
NL-SURFNET-19990819 2001:0610::/35
RU-FREENET-19991115 2001:0640::/35
GR-GRNET-19991208 2001:0648::/35
EU-UUNET-19990810 2001:0600::/35
DE-TRMD-20000317 2001:0658::/35
FR-RENATER-20000321 2001:0660::/35
EU-EUNET-20000403 2001:0670::/35
DE-IPF-20000426 2001:0678::/35
DE-NACAMAR-20000403 2001:0668::/35
DE-XLINK-20000510 2001:0680::/35
DE-ECRC-19991223 2001:0650::/35
FR-TELECOM-20000623 2001:0688::/35
PT-RCCN-20000623 2001:0690::/35
SE-SWIPNET-20000828 2001:0698::/35
PL-ICM-20000905 2001:06A0::/35
DE-SPACE-19990812 2001:0608::/35
BE-BELNET-20001101 2001:06A8::/35
SE-SUNET-20001218 2001:06B0::/35
IT-CSELT-20001221 2001:06B8::/35
SE-TELIANET-20010102 2001:06C0::/35
12Cisco Internal Use Only
IPv6 @Cisco SystemsIPv6 @Cisco Systems
• Co-chair of IETF IPv6 WG
• Well Known Cisco 6Bone router
~ 50 tunnels with other companies acts as 6to4 Relay
• ‘Founding Member’ of the IPv6 Forum
• Official CCO IPv6 page is www.cisco.com/ipv6
Cisco IPv6 Statement of Direction published last June
Cisco IOS IPv6 EFT available for free since 3 years
~around 500 sites running Worldwide
13Cisco Internal Use Only
IPv6 ForumIPv6 Forum
• 98 companies
Cisco is a founding member
Regularly speaking at every summit
• www.ipv6forum.com
• Mission is to promote IPv6 not to specify it (IETF)
• Global and Regional summit
U.S.,Japan, Spain, Middle-East, Canada, Korea,...
14Cisco Internal Use Only
IPv6 @Cisco SystemsIPv6 @Cisco Systems
• Official Cisco IPv6 prefix registered to ARIN
Done by MIS to study Multi-Homing
2001:0420::/35
• Cisco IOS IPv6 Training is ready to be delivered
Spread IPv6 knowledge to Customers, Partners and Cisco S.E.
• Ready to deliver a commercial release of Cisco IOS IPv6
15Cisco Internal Use Only
Phase IIIBeyond Mid-2001Phase IIIBeyond Mid-2001
Phase IIMid-2001
Phase IIMid-2001
Phase IIOS 12.2(1)TQ1 CY 2001
Phase IIOS 12.2(1)TQ1 CY 2001 Early Adopter DeploymentEarly Adopter Deployment
Production Backbone Deployment
Production Backbone Deployment
Enhanced IPv6 ServicesEnhanced IPv6 Services
Market TargetMarket TargetIOS ReleaseIOS Release
Cisco IOS Roadmap:The Confluence of IPv4/IPv6
Cisco IOS Roadmap:The Confluence of IPv4/IPv6
IOS upgrade =Free IPv6 support
16Cisco Internal Use Only
Where is the IPv6 roadmap coming from?
Where is the IPv6 roadmap coming from?
Support the features set required by other standard
bodies, eg. 3GPP/UMTS, MWIF
Develop Cisco IPv6 AddedValue features to promote
our Solutions
Add support for new IPv6 developments coming from
IETF WG when it makes sense
Provide same func. between IPv4 and IPv6 Features
but it is time to forget some old IPv4 features
Listening our CustomersListening our Customers
17Cisco Internal Use Only
Cisco IOS IPv6 TeamCisco IOS IPv6 Team
• IOS Europe
Main IPv6 components for IOS
IPv6 D.E. Manager is Trevor Warwick
CEFv6 done in CEF team
• Ottawa
Port on 12.0ST for GSR support
CEFv6 coordination
Dev. Test help
• San Jose
NAT-PT, Routing (OSPF & E-IGRP), Multicast, TMBU,...
18Cisco Internal Use Only
Phase IFunc. SpecsENG-61696IOS 12.2(1)TQ1 CY 2001
Any router able to run this releaseCisco 800 toCisco 7500
Phase IFunc. SpecsENG-61696IOS 12.2(1)TQ1 CY 2001
Any router able to run this releaseCisco 800 toCisco 7500
IPv6 Basic specification (RFC 2460)ICMPv6, Neighbor DiscoveryStateless auto-configuration
RIPv6 (RFC 2080)Multi-Protocol extensions for BGP4
(RFC 2545 & 2858)Configured and Automatic Tunnels
6to4 TunnelStandard Access List
IPv6 over Ethernet (10/100/1000Mb/s),FDDI, Cisco HDLC, ATM and FR PVC,
PPP (Serial, POS, ISDN)Ping, Traceroute, Telnet, TFTP,
IPv6 Basic specification (RFC 2460)ICMPv6, Neighbor DiscoveryStateless auto-configuration
RIPv6 (RFC 2080)Multi-Protocol extensions for BGP4
(RFC 2545 & 2858)Configured and Automatic Tunnels
6to4 TunnelStandard Access List
IPv6 over Ethernet (10/100/1000Mb/s),FDDI, Cisco HDLC, ATM and FR PVC,
PPP (Serial, POS, ISDN)Ping, Traceroute, Telnet, TFTP,
IPv6 Features SupportedIPv6 Features SupportedIOS ReleaseIOS Release
Cisco IOS IPv6 Phase ICisco IOS IPv6 Phase I
IOS upgrade =Free IPv6 support
19Cisco Internal Use Only
Phase II PRDENG-70706Available on IOS 12.2(3)T or (4)T
Target EFT dates in ()
Under evaluation:12.0ST for GSRand 12.2S?
Phase II PRDENG-70706Available on IOS 12.2(3)T or (4)T
Target EFT dates in ()
Under evaluation:12.0ST for GSRand 12.2S?
i/IS-ISv6 (Q1 CY01)CEFv6/dCEFv6 (Q3 CY01)
Dial (Q2 CY01)Extended Access List (Q3 CY01)
NAT-PT (Q2 CY01)IPv6 Edge router (6PE) over MPLS
(Q3 CY01)DNS AAAA client (Q1 CY01)
IPv6 MIB Phase I Sustaining
i/IS-ISv6 (Q1 CY01)CEFv6/dCEFv6 (Q3 CY01)
Dial (Q2 CY01)Extended Access List (Q3 CY01)
NAT-PT (Q2 CY01)IPv6 Edge router (6PE) over MPLS
(Q3 CY01)DNS AAAA client (Q1 CY01)
IPv6 MIB Phase I Sustaining
IPv6 Features under developmentIPv6 Features under developmentIOS ReleaseIOS Release
Cisco IOS IPv6 Phase IICisco IOS IPv6 Phase II
20Cisco Internal Use Only
Phase IIIno PRD yet
Target EFT: End of CY01, H1 CY02
All IOS team should think ‘IPv6’ at this time
Phase IIIno PRD yet
Target EFT: End of CY01, H1 CY02
All IOS team should think ‘IPv6’ at this time
OSPFv3: DE doing an evaluationE-IGRP: DE doing an evaluation
Mobile IPv6: Home Agent prototype currently under development
IPsec: mandated by IPv6 specs,Authentication required by OSPFv3 and Mobile IP Binding Association
IPv6 Multicast: MLD and PIMv6 SM as first candidates
OSPFv3: DE doing an evaluationE-IGRP: DE doing an evaluation
Mobile IPv6: Home Agent prototype currently under development
IPsec: mandated by IPv6 specs,Authentication required by OSPFv3 and Mobile IP Binding Association
IPv6 Multicast: MLD and PIMv6 SM as first candidates
Evaluation of IPv6 Phase III FeaturesEvaluation of IPv6 Phase III FeaturesIOS ReleaseIOS Release
Cisco IOS IPv6 Phase IIICisco IOS IPv6 Phase III
21Cisco Internal Use Only
Phase IIIno PRD yet
Target EFT: End of CY01, H1 CY02
All IOS team should think ‘IPv6’ at this time
Phase IIIno PRD yet
Target EFT: End of CY01, H1 CY02
All IOS team should think ‘IPv6’ at this time
IPv6 QoS: Not different from IPv4(Diff. Serv. & RSVP). May be time toget rid from old IOS IPv4 features?
UMTS Rel. 5 requirements should gethigh priority.
Statistics (ala Netflow): Customers want to gather IPv6 statistics such
as IPv6 Src/Dst addresses, AS number & Bytes count
Tunnels
IPv6 QoS: Not different from IPv4(Diff. Serv. & RSVP). May be time toget rid from old IOS IPv4 features?
UMTS Rel. 5 requirements should gethigh priority.
Statistics (ala Netflow): Customers want to gather IPv6 statistics such
as IPv6 Src/Dst addresses, AS number & Bytes count
Tunnels
Evaluation of IPv6 Phase III FeaturesEvaluation of IPv6 Phase III FeaturesIOS ReleaseIOS Release
Cisco IOS IPv6 Phase IIICisco IOS IPv6 Phase III
22Cisco Internal Use Only
Phase IIIno PRD yet
Target EFT: End of CY01, H1 CY02
All IOS team should think ‘IPv6’ at this time
Phase IIIno PRD yet
Target EFT: End of CY01, H1 CY02
All IOS team should think ‘IPv6’ at this time
Hardware Acceleration: See other presentations. Project in-progresson HFR, GSR, Cat.6K, DSBU L3SW.
Need IPv6 on ESR, 7200/NSEEncapsulation: review needed for
DPT, Cable and DSL, Network Management: SNMP over
IPv6, MIB update (RFC 2851)
Hardware Acceleration: See other presentations. Project in-progresson HFR, GSR, Cat.6K, DSBU L3SW.
Need IPv6 on ESR, 7200/NSEEncapsulation: review needed for
DPT, Cable and DSL, Network Management: SNMP over
IPv6, MIB update (RFC 2851)
Evaluation of IPv6 Phase III FeaturesEvaluation of IPv6 Phase III FeaturesIOS ReleaseIOS Release
Cisco IOS IPv6 Phase IIICisco IOS IPv6 Phase III
23Cisco Internal Use Only
Open Topics!!!Open Topics!!!
• They are Technical and non-technical problems but have to be solved for the future acceptance of our IPv6 solutions
• IPv6 market acceptance versus development schedule
• IOS release and IPv6
T Train - ST Train - S Train - mainline
• What could be the future IPv6 routing table size?
• What is the IPv6 performance level needed, based on REAL IPv6 traffic expectations versus marketing competition?
Next 12 months?, 24 months?
24Cisco Internal Use Only
Open Topics!!!Open Topics!!!
• IPv6 mandates IPsec, what is the role of an IPv6 Firewall?
Customers still want a single point of control/management
What should be the right Cisco platforms to terminate IPv6 IPsec tunnels?
• IPv6 QoS features set development priority
Dependent of Applications such as 3G, RVoIP,...
• Native IPv6 Network Management
IPv6 & Commercial O.S., N.M.S software, Java, SNMP, MIB update
what’s about COPS, AAA, OSS,…?
25Cisco Internal Use Only
Open Topics!!!Open Topics!!!
• Transition Tools, which ones?
NAT support?
• Mobile IPv6 Services
Focus on Clients, Applications and Network design
• Interoperability and TAC support
How to reproduce all issues
Role of Professional Services
• Others ?
26Cisco Internal Use Only
Deployment of IPv6 Services: What our Customers are saying !
Satisfy Business Drivers, aka. Applications requiring end-to-end IPv6 traffic forwarding, geographies with registry allocations issues
No Flag Day
No Performance Penalty, implementation must be scalable and reliable, but …
Minimize operational upgrade costs and training expenses
Investment Protection & Low startup cost
Incremental value-add Upgrade/Deployment
Preserve IPv6 - IPv4 connectivity/transparency
Starting with Edge upgrades enable IPv6 service offerings nowStarting with Edge upgrades enable IPv6 service offerings now
27Cisco Internal Use Only
Deployment scenarioDeployment scenario
• Many ways to deliver IPv6 services to End Users
Most important is End to End IPv6 traffic forwarding
• IPv6 over IPv4 tunnels
• Separate native IPv6
no impact on IPv4 traffic & revenues
various data link layers ATM, FR, Serial, Sonet/SDH, WDM
• Dual stack Networks
IPv6 over MPLS or IPv4-IPv6 Dual Stack Routers
28Cisco Internal Use Only
IPv6 Tunnels over IPv4 or MPLS Infrastructure
IPv4 Enterprise
• IPv6 over IPv4 Internet
ala 6Bone
• Any Cisco IOS 12.2(1)T routers can be used as IPv6 Edge
6to4 Tunnel
• Leveraging defined Tunneling Technology
• No impact on existing IPv4 or MPLS backbones
Edge IPv6 Infrastructure:
IPv6 Enterprise
IPv6 Enterprise
IPv6 Enterprise
IPv6 Enterprise
IPv6 over IPv4 Internet:IPv6 over IPv4 Internet:
Mobile DataMobile Data
Mobile DataMobile Data
Service ProviderIPv4 or MPLS Backbone
Service ProviderIPv4 or MPLS Backbone
Translating Gateway
Translating Gateway
Translating Gateway
Translating Gateway
29Cisco Internal Use Only
Native IPv6 over Dedicated Links
IPv6 Enterprise
IPv6 Enterprise
IPv6 Enterprise
TranslatingGateway
• Native IPv6 over dedicated infrastructures
No impact on IPv4 traffic and revenues
• Any Cisco IOS 12.2(1)T routers can be configured
ATM & Frame Relay PVC’s
Serial Lines, Sonet/SDH, FE/GE
• GSR 12000 with Sonet/SDH interfaces can get IPv6 support
Today, EFT on private 12.0ST branch
• IPv6 over FE/GE, ATM or Sonet/SDH can run over an optical infrastructure (dedicated lamda)
Service Provider Service Provider ATM/FR/WDM ATM/FR/WDM
BackboneBackbone
30Cisco Internal Use Only
IPv6 Edge Router (6PE) over MPLS
IPv6 Edge Router (6PE) over MPLS
144.254.0.0
2001:0421::
2001:0420::
P P
PP 6PE
6PE IPv4
IPv6
IPv6
192.76.170.0
134.95.0.0
2001:0621::
IPv46PE
6PEIPv4
IPv6
2001:0620::
IPv6
MP-iBGP sessions
v6
v6
v6
v6
v4
v4
v4
• Many Carriers, large ISP and Mobile SP have invested on MPLS solutions
• Core devices may be ATM switches, GSR or competitor nodes• Leverages of MPLS features, eg. MPLS/VPN, TE, CoS,...
• UMTS Release 5 requires IPv6• GSM, GPRS and UMTS Release 99 needs circuit switching as well as IP
• Multiple implementation’s options to integrate IPv6• IPv6 on CE, IPv6 over AToM, IPv6 Edge router (6PE)IPv6 Edge router (6PE), native IPv6 MPLS• 6PE allows the SP to offer IPv6 at lower cost and risk
OC48/192
31Cisco Internal Use Only
Dual Stack IPv4-IPv6 backbone
Dual Stack IPv4-IPv6 backbone
• May require IPv4-IPv6 Hardware Forwarding
• Memory size for IPv4 and IPv6 routing tables
• Should IPv4 and IPv6 route to a single dual-stack edge router the same?
• Dual stack management?
• IPv4 and IPv6 traffic should not impact each other.
IPv4/v6 Enterprise
IPv4/v6 Enterprise
IPv6 Enterprise
Service Provider Service Provider IPv4/IPv6IPv4/IPv6BackboneBackbone
TranslatingGateway
IPv6Router
IPv4Enterprise
IPv4Enterprise
32Cisco Internal Use Only
Native IPv6-Only BackboneNative IPv6-Only Backbone
• Will require:
IPv4 over IPv6 Tunnels for IPv4 traffic
Hardware forwarding for IPv6
NAT-PT for IPv4-IPv6 communications
Network Managementover IPv6
IPv6 Intranet
IPv4 Tunnel
IPv4/v6 IntranetMobile IPv6
IPv4 Intranet
IPv6 Intranet
IPv6 BackboneIPv6 Backbone
Translating Gateway
Translating Gateway
Translating Gateway
Translating Gateway
33Cisco Internal Use Only
Initial ConfigurationInitial Configuration
version 12.1
no service single-slot-reload-enable
service nagle
!
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname ipv6-router
!
logging buffered 4096 debugging
logging rate-limit console 10 except errors
!
34Cisco Internal Use Only
Initial ConfigurationInitial Configuration
aaa new-modelaaa authentication login vty group tacacs+ enableenable secret <removed>!clock timezone PST -8clock summer-time PDT recurring last Sun Mar 1:00 last Sun ip subnet-zerono ip fingerip ftp source-interface Fddi0ip ftp username <removed>ip ftp password <removed>ip domain-name cisco.comip name-server <ipv4>ip dhcp smart-relay!no ip bootp serverip multicast-routing!
35Cisco Internal Use Only
IPv6 Configured TunnelsIPv6 Configured Tunnels
ipv6 unicast-routing!! Tunnel0 use RIPv6 for routinginterface Tunnel0 description <removed> no ip address ipv6 unnumbered Ethernet0 ipv6 rip 6bone enable destination IP address tunnel source Fddi0 tunnel destination <ipv4> tunnel mode ipv6ip!! Tunnel1 use BGP4+ 6BONE peer-groupinterface Tunnel1 description <removed> no ip address ipv6 address 3FFE:700:20:1::12/126 tunnel source Fddi0 tunnel destination <ipv4> tunnel mode ipv6ip
36Cisco Internal Use Only
IPv6 Configured TunnelsIPv6 Configured Tunnels
! Tunnel2 use BGP4+ 6BONE peer-groupinterface Tunnel2 description <removed> no ip address ipv6 address 3FFE:C00:E:10::1/126 tunnel source Fddi0 tunnel destination <ipv4> tunnel mode ipv6ip!! Tunnel3 use static routeinterface Tunnel3 description <removed> no ip address ipv6 address 3FFE:C00:E:0:1::5/126 tunnel source Fddi0 tunnel destination <ipv4> tunnel mode ipv6ip!
37Cisco Internal Use Only
6to4 Tunnel6to4 Tunnel
! Tunnel47 use BGP4+ with no peer-groupinterface Tunnel47 description <removed> no ip address ipv6 address 3FFE:3600::B/127 tunnel source Fddi0 tunnel destination <ipv4> tunnel mode ipv6ip!! Skipped about 50 configured tunnels! Next one is 6to4 tunnel! Router can be 6to4 relay with 2002::/16 static routeinterface Tunnel2002 no ip address no ip redirects ipv6 address 2002:X:X::1/128 ipv6 address FE80::60:3E11:6770:3E link-local tunnel source Fddi0 tunnel mode ipv6ip 6to4
38Cisco Internal Use Only
Interface ConfigurationInterface Configuration
! Physical interfaces with ipv4 and/or ipv6 addressesinterface Ethernet0 ip address <ipv4> 255.255.255.248 no ip route-cache no ip mroute-cache no keepalive media-type 10BaseT ipv6 enable ipv6 address 3FFE:C00:0:1::/64 eui-64 ipv6 rip 6bone enable!interface Ethernet1 ip address <ipv4> 255.255.255.248 no ip route-cache no ip mroute-cache media-type 10BaseT!interface Fddi0 ip address <ipv4> 255.255.255.224 no ip route-cache no ip mroute-cache no keepalive ipv6 address 3FFE:C00:0:2::/64 eui-64
39Cisco Internal Use Only
EIGRP for IPv4 and BGP+ for IPv6EIGRP for IPv4 and BGP+ for IPv6
router eigrp 109 network <ipv4> auto-summary no eigrp log-neighbor-changes!router bgp 109!! Disable ipv4 unicast to support other address families! no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 6BONE peer-group neighbor 3FFE:700:20:1::11 remote-as 293 neighbor 3FFE:C00:E:10::2 remote-as 7610!
40Cisco Internal Use Only
IPv6 Address FamilyIPv6 Address Family
address-family ipv6 neighbor 6BONE activate neighbor 6BONE send-community neighbor 6BONE override-capability-neg neighbor 6BONE prefix-list bgp-in in neighbor 6BONE prefix-list aggregate out neighbor 6BONE route-map SET6TO4COMMUNITY out!! Most neighbors should use peer-group! neighbor 3FFE:700:20:1::11 peer-group 6BONE neighbor 3FFE:C00:E:10::2 peer-group 6BONE!
41Cisco Internal Use Only
End of BGP4+End of BGP4+
! Neighbors not using peer-group! neighbor 3FFE:3600::A activate neighbor 3FFE:3600::A send-community neighbor 3FFE:3600::A override-capability-neg neighbor 3FFE:3600::A prefix-list bgp-in in neighbor 3FFE:3600::A prefix-list aggregate out neighbor 3FFE:3600::A route-map SET6TO4COMMUNITY out! bgp dampening 30 1000 2000 60!! This is the 6to4 address space. network 2002::/16!! This is Cisco's pTLA for the 6bone network 3FFE:C00::/24! exit-address-family
42Cisco Internal Use Only
IPv4 Access ListsIPv4 Access Lists
ip classlessip tacacs source-interface Fddi0no ip http server!logging trap debugginglogging facility local6logging <removed>!! IPv4 VTY access-list!access-list 198 permit ip <removed> anyaccess-list 198 deny ip any any log!
43Cisco Internal Use Only
IPv6 Static Routes and RIPv6IPv6 Static Routes and RIPv6
! 2002::/16 points to the 6to4 tunnelipv6 route 2002::/16 Tunnel2002!! static route for Cisco's Site-Local-Addressipv6 route 3FFE:C00:E::/48 Null0!! static route for a site with no routing protocolipv6 route 3FFE:C00:800E::/48 Tunnel3!! static route for our /24 pTLA from the 6boneipv6 route 3FFE:C00::/24 Null0!! RIPv6ipv6 router rip 6bone!
44Cisco Internal Use Only
IPv6 Access-listsIPv6 Access-lists
! IPv6 access-list to protect the vty portsipv6 access-list vty deny ::/0 any!! Prefix-list for BGP4+ peersipv6 prefix-list aggregate seq 5 deny 3FFE:C00::/24 ge 25ipv6 prefix-list aggregate seq 10 permit ::/0 le 48!ipv6 prefix-list bgp-in seq 5 deny 5F00::/8 le 128ipv6 prefix-list bgp-in seq 10 deny ::/0ipv6 prefix-list bgp-in seq 15 deny ::/1ipv6 prefix-list bgp-in seq 20 deny ::/2ipv6 prefix-list bgp-in seq 25 deny ::/3 ge 4ipv6 prefix-list bgp-in seq 30 permit ::/0 le 128!! 6to4 address space is tagged with no-exportipv6 prefix-list 6to4 seq 5 permit 2002::/16!route-map SET6TO4COMMUNITY permit 10 match ipv6 address prefix-list 6to4 set community no-export!route-map SET6TO4COMMUNITY permit 20!
45Cisco Internal Use Only
Ending ConfigurationEnding Configuration
tacacs-server host <removed>tacacs-server host <removed>tacacs-server timeout 15banner motd <removed>!line con 0 exec-timeout 3 0 transport input noneline aux 0 transport input allline vty 0 4 ipv6 access-list vty in access-class 198 in exec-timeout 0 0 login authentication vty!exception core-file <removed>exception protocol ftpexception dump <removed>ntp clock-period 17179631ntp source Fddi0ntp update-calendarntp server <removed>end
46Cisco Internal Use Only
Further ReferencesFurther References
• wwwin.cisco.com/ios/ipv6
• www.cisco.com/ipv6
• ipv6-interest
• cs-ipv6
47Presentation_ID © 1999, Cisco Systems, Inc. www.cisco.com