SlideShare ist ein Scribd-Unternehmen logo

Cisco presentation2

Als PPT, PDF herunterladen
ehsan nazer
ehsan nazer
Daten & Analysen
1 von 68
1 IPv6 @ Cisco Patrick Grossetete Cisco Systems Cisco IOS IPv6 Product Manager pgrosset@cisco.com Ansar Pasha Cisco Systems Network Consultant, Govt & Defense, South ansar@cisco.com
Agenda • IPv6 Business Case • IIPPvv66 PPrroottooccoollss && SSttaannddaarrddss • Integration and Transition • Cisco IOS IPv6 Roadmap • IPv6 Deployment scenarios • RReeffeerreenncceess Presentation_ID 2
IPv6 - So what’s really changed ?! • Expanded Address Space Address length quadrupled to 16 bytes • Header Format Simplification Fixed length, optional headers are daisy-chained IPv6 header is twice as long (40 bytes) as IPv4 header without options (20 bytes) • No checksumming at the IP network layer • No hop-by-hop segmentation Path MTU discovery • 64 bits aligned • Authentication and Privacy Capabilities IPsec is mandated • No more broadcast Presentation_ID 3
IPv4 & IPv6 Header Comparison IIPPvv44 HHeeaaddeerr IPv6 HHeeaaddeerr Version IHL Type of Service Total Length Identification Flags Fragment Offset Time to Live Protocol Header Checksum Source Address Destination Address Options Padding Version Traffic Class Flow Label Payload Length Next Header Hop Limit Source Address Destination Address - field’s name kept from IPv4 to IPv6 - fields not kept in IPv6 - Name & position changed in IPv6 - New field in IPv6 Legend Presentation_ID 4
How Was IPv6 Address Size Chosen? • Some wanted fixed-length, 64-bit addresses Easily good for 1012 sites, 1015 nodes, at .0001 allocation efficiency (3 orders of magnitude more than IPv6 requirement) Minimizes growth of per-packet header overhead Efficient for software processing • Some wanted variable-length, up to 160 bits Compatible with OSI NSAP addressing plans Big enough for auto-configuration using IEEE 802 addresses Could start with addresses shorter than 64 bits & grow later • Settled on fixed-length, 128-bit addresses (340,282,366,920,938,463,463,374,607,431,768,211,456 in all!) Presentation_ID 5
IPv6 Addressing • IPv6 Addressing rules are covered by multiples RFC’s Architecture defined by RFC 3513 (obsoletes RFC 2373) • Address Types are : Unicast : One to One (Global, Link local, Site local, Compatible) Anycast : One to Nearest (Allocated from Unicast) Multicast : One to Many Reserved • A single interface may be assigned multiple IPv6 addresses of any type (unicast, anycast, multicast) No Broadcast Address -> Use Multicast Presentation_ID 6
IPv6 Address Representation • 16-bit fields in case insensitive colon hexadecimal representation 2031:0000:130F:0000:0000:09C0:876A:130B • Leading zeros in a field are optional: 2031:0:130F:0:0:9C0:876A:130B • Successive fields of 0 represented as ::, but only once in an address: • 2031:0:130F::9C0:876A:130B • 2031::130F::9C0:876A:130B • 0:0:0:0:0:0:0:1 => ::1 • 0:0:0:0:0:0:0:0 => :: • IPv4-compatible address representation • 0:0:0:0:0:0:192.168.30.1 = ::192.168.30.1 = ::C0A8:1E01 Presentation_ID 7
IPv6 Addressing • Prefix Format (PF) Allocation PF = 0000 0000 : Reserved PF = 001 : Aggregatable Global Unicast Address PF = 1111 1110 10 : Link Local Use Addresses (FE80::/10) PF = 1111 1110 11 : Site Local Use Addresses (FEC)::/10) PF = 1111 1111 : Multicast Addresses (FF00::/8) Other values are currently Unassigned (approx. 7/8th of total) • All Prefix Formats have to support EUI-64 bits Interface ID setting But Multicast Presentation_ID 8
Aggregatable Global Unicast Addresses Provider Site Host 3 45 bits 16 bits 64 bits Global Routing Interface ID Prefix SLA 001 • Aggregatable Global Unicast addresses are: Addresses for generic use of IPv6 Structured as a hierarchy to keep the aggregation • See RFC 3513 Presentation_ID 9
Address Allocation Policy /23 2001 0410 Registry ISP prefix Site prefix LAN prefix /32 /48 /64 Interface ID Bootstrap process - RFC2450 • The allocation process is under reviewed by the Registries: IANA allocates 2001::/16 to registries Each registry gets a /23 prefix from IANA Formely, all ISP were getting a /35 With the new policy, Registry allocates a /32 prefix to an IPv6 ISP Then the ISP allocates a /48 prefix to each customer (or potentially /64) ftp://ftp.cs.duke.edu/pub/narten/ietf/global-ipv6-assign-2002-06-26.txt Presentation_ID 10
Interface IDs • Lowest-order 64-bit field of unicast address may be assigned in several different ways: – auto-configured from a 64-bit EUI-64, or expanded from a 48-bit MAC address (e.g., Ethernet address) – auto-generated pseudo-random number (to address privacy concerns) – assigned via DHCP – manually configured Presentation_ID 11
IPv6 Address Privacy (RFC 3041) /23 /32 /48 /64 2001 0410 Interface ID • Temporary addresses for IPv6 host client application, eg. Web browser Inhibit device/user tracking but is also a potential issue More difficult to scan all IP addresses on a subnet but port scan is identical when an address is known Random 64 bit interface ID, run DAD before using it Rate of change based on local policy Implemented on Microsoft Windows XP From RFC 3041: “…interface identifier …facilitates the tracking of individual devices (and thus potentially users)…” Presentation_ID 12
Hierarchical Addressing & Aggregation ISP 2001:0410::/ 32 Custome rno 1 2001:0410:0001:/4 8 Custome rno 2 Only announce s the /32 prefix 2001:0410:0002:/4 2001::/16 8 Larger address space enables: IPv6 Internet Aggregation of prefixes announced in the global routing table. Efficient and scalable routing. But current Multi-Homing schemes break the model Presentation_ID 13
Link-Local & Site-Local Unicast Addresses • Link-local addresses for use during auto-configuration and when no routers are present: 1111 1110 10 0 interface ID • Site-local addresses for independence from Global Reachability, similar to IPv4 private address space RFC3513 specifies 54 bits for SLA field but SL may get deprecated by IPv6 WG soon 1111 1110 11 SLA* interface ID Presentation_ID 14
6to4 and ISATAP Addresses • 6to4 (RFC 3056) – WAN tunneling /16 /48 /64 2002 Public IPv4 address SLA Interface ID •ISATAP (Draft) – Campus tunneling /23 2001 0410 Registry ISP prefix Site prefix /32 /48 /64 00 00 5E FE IPv4 Host address 32 bits 32 bits Presentation_ID 15
Expanded Address Space Multicast Addresses (RFC 3513) 128 bits 0 Group ID 1111 1111 F F Flags scope 0 0 0 T 8 bits 8 bits T=0 a permanent IPv6 Multicast address. T=1 a transient IPv6 multicast address Flags = Scope = 1 = node 2 = link 5 = site 8 = organization E= global • Multicast is used in the context of one-to-many. Presentation_ID 16
Multicast Address Examples • AAllll NNooddeess AAddddrreesssseess:: FF01:0:0:0:0:0:0:1 FF02:0:0:0:0:0:0:1 • AAllll RRoouutteerrss AAddddrreesssseess:: FF01:0:0:0:0:0:0:2 FF02:0:0:0:0:0:0:2 FF05:0:0:0:0:0:0:2 • OOSSPPvv33:: AllSPFRouters : FF02::5 AllDRouters : FF02::6 • SSoolliicciitteedd--NNooddee AAddddrreessss:: FF02:0:0:0:0:1:FFXXXX::XXXXXXXX Concatenation of prefix FF02:0:0:0:0:1:FF00::/104 with the low-order 24 bits of an address (unicast or anycast) Presentation_ID 17
more on IPv6 Addressing 80 bits 16 bits 32 bits 0000……………………………0000 0000 IPv4 Address IIPPvv66 AAddddrreesssseess wwiitthh EEmmbbeeddddeedd IIPPvv44 AAddddrreesssseess 80 bits 16 bits 32 bits 0000……………………………0000 FFFF IPv4 Address IIPPvv44 mmaappppeedd IIPPvv66 aaddddrreessss Presentation_ID 18
IPv6 Addressing Examples LAN: 3ffe:b00:c18:1::/64 Ethernet0 MAC address: 0060.3e47.1530 interface Ethernet0 ipv6 address 2001:410:213:1::/64 eui-64 router# show ipv6 interface Ethernet0 Ethernet0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::260:3EFF:FE47:1530 Global unicast address(es): 2001:410:213:1:260:3EFF:FE47:1530, subnet is 2001:410:213:1::/64 Joined group address(es): FF02::1:FF47:1530 FF02::1 FF02::2 MTU is 1500 bytes Presentation_ID 19
6BONE • The 6bone is an IPv6 testbed setup to assist in the evolution and deployment of IPv6 in the Internet. The 6bone is a virtual network layered on top of portions of the physical IPv4-based Internet to support routing of IPv6 packets, as that function has not yet been integrated into many production routers. The network is composed of islands that can directly support IPv6 packets, linked by virtual point-to-point links called "tunnels". The tunnel endpoints are typically workstation-class machines having operating system support for Ipv6. • Over 50 countries are currently involved • Registry, maps and other information may be found on http://www.6bone.net/ Presentation_ID 20
6Bone Addressing /28 /48 /64 3ffe Interface ID pTLA prefix site prefix LAN prefix • 6Bone address space defined in RFC2471 uses 3FFE::/16 A pTLA receives a /28 prefix A site receives a /48 prefix A LAN receives a /64 prefix • Guidelines for routing on 6bone - RFC2772 Presentation_ID 21
6Bone Topology SSitiete Site Provider Site pTLA Site BGP Peering pTLA SSitiete Site pTL A pTLA pTL A pTLA Site Site Provide r • 6Bone is a test bed network with hundreds of sites from 50 countries • The 6Bone topology is a hierarchy of providers • First-level nodes are backbone nodes called pseudo Top-Level Aggregator (pTLA) Presentation_ID 22
IPv6 Header Options (RFC 2460) TCP Header + Data IPv6 Header Next Header = TCP IPv6 Header Next Header = Routing TCP Header + Data Routing Header Next Header = TCP IPv6 Header Next Header = Routing Routing Header Next Header = Fragment Fragment Header Next Header = TCP Fragment of TCP Header + Data • Processed only by node identified in IPv6 Destination Address field => much lower overhead than IPv4 options exception: Hop-by-Hop Options header • Eliminated IPv4’s 40-octet limit on options in IPv6, limit is total packet size, or Path MTU in some cases Presentation_ID 23
IPv6 Header Options (RFC2460) • Currently defined Headers should appear in the following order IPv6 header Hop-by-Hop Options header Destination Options header Routing header Fragment header Authentication header (RFC 1826) Encapsulating Security Payload header (RFC 1827) Destination Options header upper-layer header Presentation_ID 24
IPv6 and Path MTU Discovery • Definitions: link MTU a link’s maximum transmission unit, path MTU the minimum MTU of all the links in a path between a source and a destination • Minimum link MTU for IPv6 is 1280 octets (68 octets for IPv4) On links with MTU < 1280, link-specific fragmentation and reassembly must be used • Implementations are expected to perform path MTU discovery to send packets bigger than 1280 octets: for each dest., start by assuming MTU of first-hop link if a packet reaches a link in which it cannot fit, will invoke ICMP “packet too big” message to source, reporting the link’s MTU; MTU is cached by source for specific destination • Minimal implementation can omit path MTU discovery as long as all packets kept ≤ 1280 octets – e.g., in a boot ROM Presentation_ID 25
Neighbor Discovery (RFC 2461) • Protocol built on top of ICMPv6 (RFC 2463) Combination of IPv4 protocols (ARP, ICMP,…) • Neighbor Discovery: Determines the link-layer address of a neighbor on the same link, Duplicate Address Detection Finds neighbor routers, Keeps track of neighbors • Defines 5 ICMPv6 packet types Router Solicitation / Router Advertisements Neighbor Solicitation / Neighbor Advertisements Redirect Presentation_ID 26
RA indicates SUBNET PREFIX SUBNET PREFIX + MAC ADDRESS SUBNET PREFIX + MAC ADDRESS At boot time, an IPv6 host build a Link-Local address, then its global IPv6 address(es) from RA IPv6 Auto-Configuration • SSttaatteelleessss (RFC2462) Host autonomously configures its own Link-Local address Router solicitation are sent by booting nodes to request RAs for configuring the interfaces. • SSttaatteeffuull DHCPv6 (under definition at IETF) • RReennuummbbeerriinngg Hosts renumbering is done by modifying the RA to announce the old prefix with a short lifetime and the new prefix. Router renumbering protocol (RFC 2894), to allow domain-interior routers to learn of prefix introduction / withdrawal Presentation_ID 27
Stateless Autoconfiguration 1. RS 2. RA 2. RA 1 - ICMP Type = 133 (RS) Src = :: Dst = All-Routers multicast Address query= please send RA 2 - ICMP Type = 134 (RA) Src = Router Link-local Address Dst = All-nodes multicast address Data= options, prefix, lifetime, autoconfig flag Router solicitations are sent by booting nodes to request RAs for configuring the interfaces. Presentation_ID 28
Duplicate Address Detection A B ICMP type = 135 Src = 0 (::) Dst = Solicited-node multicast of A Data = link-layer address of A Query = what is your link address? Duplicate Address Detection (DAD) uses neighbor solicitation to verify the existence of an address to be configured. Presentation_ID 29
Routing in IPv6 • As in IPv4, IPv6 has 2 families of routing protocols: IGP and EGP, and still uses the longest-prefix match routing algorithm • IIGGPP RRIIPPnngg (RFC 2080) Cisco EEIIGGRRPP for IPv6 OOSSPPFFvv33 (RFC 2740) IInntteeggrraatteedd IISS--IISSvv66 (draft-ietf-isis-ipv6-02) • EEGGPP : MMPP--BBGGPP44 (RFC 2858 and RFC 2545) • Cisco IOS supports all of them Pick one meeting your objectives Presentation_ID 30
OSPFv3 overview • OSPFv3 is OSPF for IPv6 (RFC 2740) • Based on OSPFv2, with enhancements • Distributes IPv6 prefixes • Runs directly over IPv6 • Ships-in-the-night with OSPFv2 Presentation_ID 31
Differences from OSPFv2 • Runs over a link, not a subnet • Multiple instances per link • Topology not IPv6-specific – Router ID – Link ID • Standard authentication mechanisms • Uses link local addresses • Generalized flooding scope • Two new LSA types Presentation_ID 32
OSPFv3 configuration example Area 0 Router2 LAN1: 2001:1:1:1::/64 Eth0 Eth1 Router1 LAN2: 2001:2:2:2::/64 Router1# interface Ethernet0 ipv6 address 2001:1:1:1::1/64 ipv6 ospf 1 area 0 interface Ethernet1 ipv6 address 2001:2:2:2::2/64 ipv6 ospf 1 area 1 ipv6 router ospf 1 router-id 1.1.1.1 area 1 range 2001:2:2::/48 Area 1 Presentation_ID 33
IS-IS Standards • IETF IS-IS for IP Internets WG http://www.ietf.org/html.charters/isis-charter.html • ISO 10589 specifies OSI IS-IS routing protocol for CLNS traffic Tag/Length/Value (TLV) options to enhance the protocol A Link State protocol with a 2 level hierarchical architecture. • RFC 1195 added IP support, also known as Integrated IS-IS (I/IS-IS) I/IS-IS runs on top of the Data Link Layer Requires CLNP to be configured • Draft RFC defines how to add IPv6 address family support to IS-IS http://www.ietf.org/internet-drafts/draft-ietf-isis-ipv6-05.txt • Draft RFC introduces Multi-Topology concept for IS-IS http://www.ietf.org/internet-drafts/draft-ietf-isis-wg-multi-topology-06.txt Presentation_ID 34
IS-IS for IPv6 • 2 Tag/Length/Values added to introduce IPv6 routing • IPv6 Reachability TLV (0xEC) External bit Equivalent to IP Internal/External Reachability TLV’s • IPv6 Interface Address TLV (0xE8) For Hello PDUs, must contain the Link-Local address For LSP, must only contain the non-Link Local address • IPv6 NLPID (0x8E) is advertised by IPv6 enabled routers Presentation_ID 35
Cisco IOS IS-IS dual IP configuration Router1# interface ethernet-1 ip address 10.1.1.1 255.255.255.0 ipv6 address 2001:0001::45c/64 ip router isis ipv6 router isis interface ethernet-2 ip address 10.2.1.1 255.255.255.0 ipv6 address 2001:0002::45a/64 ip router isis ipv6 router isis router isis address-family ipv6 redistribute static exit-address-family net 42.0001.0000.0000.072c.00 redistribute static LAN1: 2001:0001::45c/64 Ethernet-1 Ethernet-2 Router1 LAN2: 2001:0002::45a/64 Dual IPv4/IPv6 configuration. Redistributing both IPv6 static routes and IPv4 static routes. Presentation_ID 36
Multi-Topology IS-IS extensions • New TLVs attributes for Multi-Topology extensions. Multi-topology TLV: contains one or more multi-topology ID in which the router participates. It is theoretically possible to advertise an infinite number of topologies. This TLV is included in IIH and the first fragment of a LSP. MT Intermediate Systems TLV: this TLV appears as many times as the number of topologies a node supports. A MT ID is added to the extended IS reachability TLV type 22. Multi-Topology Reachable IPv4 Prefixes TLV: this TLV appears as many times as the number of IPv4 announced by an IS for a give n MT ID. Its structure is aligned with the extended IS Reachability TLV Type 236 and add a MT ID. Multi-Topology Reachable IPv6 Prefixes TLV: this TLV appears as many times as the number of IPv6 announced by an IS for a given MT ID. Its structure is aligned with the extended IS Reachability TLV Type 236 and add a MT ID. • Multi-Topology ID Values Multi-Topology ID (MT ID) standardized and in use in Cisco IOS: MT ID #0 – “standard” topology for IPv4/CLNS MT ID #2 – IPv6 Routing Topology. Presentation_ID 37
Cisco IOS Multi-Topology IS-IS Area B configuration example Router1# interface ethernet-1 ip address 10.1.1.1 255.255.255.0 ipv6 address 2001:0001::45c/64 ip router isis ipv6 router isis isis ipv6 metric 20 interface ethernet-2 ip address 10.2.1.1 255.255.255.0 ipv6 address 2001:0002::45a/64 ip router isis ipv6 router isis isis ipv6 metric 20 router isis net 49.0000.0100.0000.0000.0500 metric-style wide ! address-family ipv6 multi-topology exit-address-family LAN1: 2001:0001::45c/64 Ethernet-1 Ethernet-2 Router1 LAN2: 2001:0002::45a/64 • The optional keyword ttrraannssiittiioonn may be used for transitioning existing IS-IS IPv6 single SPF mode to MT IS-IS. • Wide metric is mandated for Multi- Topology to work. Presentation_ID 38
Multi-Protocol BGP for IPv6 – RFC2545 • IPv6 specific extensions: Scoped addresses: Next-hop contains a global IPv6 address and/or potentially a link-local address NEXT_HOP and NLRI are expressed as IPv6 addresses and prefix. Address Family Information (AFI) = 2 (IPv6) Sub-AFI = 1 (NLRI is used for unicast) Sub-AFI = 2 (NLRI is used for multicast RPF check) Sub-AFI = 3 (NLRI is used for both unicast and multicast RPF check) Sub-AFI = 4 (label) Presentation_ID 39
A Simple MP-BGP Session Router Router1 2 AS 65001 AS 65002 3ffe:b00:c18:2:1::F 3ffe:b00:c18:2:1:: 1 Router1# interface Ethernet0 ipv6 address 3FFE:B00:C18:2:1::F/64 ! router bgp 65001 bgp router-id 10.10.10.1 no bgp default ipv4-unicast neighbor 3FFE:B00:C18:2:1::1 remote-as 65002 address-family ipv6 neighbor 3FFE:B00:C18:2:1::1 activate neighbor 3FFE:B00:C18:2:1::1 prefix-list bgp65002in in neighbor 3FFE:B00:C18:2:1::1 prefix-list bgp65002out out exit-address-family Presentation_ID 40
IPv4 versus IPv6 Multicast IP Service IPv4 Solution IPv6 Solution Address Range 32-bit, class D 128-bit Protocol Independent All IGPs,and BGP4+ with v6 mcast SAFI Forwarding PIM-SM, PIM-SSM, PIM-bidir MLDv1, v2 Protocol Independent All IGPs,and BGP4+ Routing PIM-DM, PIM-SM, PIM-SSM, PIM-bidir Group IGMPv1, v2, v3 Management Domain Control Boundary/Border Scope Identifier Interdomain Solutions MSDP across Independent PIM Domains Single RP within Globally Shared Domains Presentation_ID 41
Multicast Listener Discover – MLD • MLD is equivalent to IGMP in IPv4 • MLD messages are transported over ICMPv6 • Version number confusion: MLDv1 corresponds to IGMPv2 RFC 2710 MLDv2 corresponds to IGMPv3, needed for SSM draft-vida-mld-v2-06.txt • MLD snooping draft-ietf-magma-snoop-04.txt • CGMP for v6 under consideration Presentation_ID 42
IP Routing for Multicast • RPF based on reachability to v6 source same as with v4 multicast • RPF still protocol independent: Static routes, mroutes Unicast RIB: BGP, ISIS, OSPF, EIGRP, RIP, etc Multi-protocol BGP (mBGP) - support for v6 mcast sub-address family - provide translate function for non-supporting peers Presentation_ID 43
IP Routing for Multicast RPF Route Selction Rules: I. look up the longest mask route from the available route sources: 1. static mroutes. 2. MBGP RIB, 3. unicast RIB, II.If more than one of these three sources returns a route with the same longest mask then select amongst these routes the one with the lowest (= best) distance. III. If the distance is equal on multiple entries: Select static mroute over MBGP over unicast RIB Presentation_ID 44
IPv6 Multicast Forwarding • PIM-Sparse Mode (PIM-SM) draft-ietf-pim-sm-v2-new-06.txt, • PIM-Source Specific Mode (PIM-SSM) draft-ietf-ssm-overview-03.txt (v6 SSM needs MLDv2) unicast prefix based multicast addresses ff30::/12 -> SSM range is ff3X::/32 -> current allocation is from ff3X::/96 • PIM-bidirectional Mode (PIM-bidir) draft-ietf-pim-bidir-04.txt Presentation_ID 45
RP mapping mechanisms for PIM-SM • Static RP assignment • BSR • Auto-RP – no current draft Presentation_ID 46
Domain Control • Definitions: –A PIM domain is topology served by common RP for all sources and receivers of same group. –A routing domain is consistent with AS. • Its necessary to constrain the PIM messages, rp-mappings, and data for groups within the PIM domain: –In IPv4 we used multicast boundary/ BSR border –In IPv6 we use scopes and zones Presentation_ID 47
IPv6 Scoping support • Scopes: draft-ietf-ipngwg-addr-arch-v3-11.txt Example scopes: link-local (2) site-local (5) global (E or 14) • Zone is a connected region of topology of a given scope • Initial implementation similar to v4 boundaries: – Can configure interface with zone and scope ipv6 zone <zoneid> scope <2-15> CAUTION: This is still being worked. – PIM messages and data traffic within that scope are ignored on that interface – Initially a zone can only contain one interface Presentation_ID 48
IPv6 Multicast Inter-domain Options SSM, no RPs R S ASM across multiple separate PIM domains, each with RP, MSDP peering RRPP RRPP RRPP CCEE11 DDRR DDRR ASM across single shared PIM domain, one RP DDRR R R S S Presentation_ID 49
Configuring Cisco IOS IPv6 Multicast Group mode determines how to forward, compared to interface mode in v4. By default all interfaces are PIM enabled unless explicitly disabled. Config for PIM-SSM: ! ipv6 multicast-routing ! Config for PIM-SM: ! ipv6 multicast-routing ipv6 pim rp-address <v6_address> ! Disable PIM on an interface ! interface ethernet 0 no ipv6 pim ! Config for PIM-bidir: ! ipv6 multicast-routing ipv6 pim rp-address <v6-address> bidir ! Presentation_ID 50
Overview of Mobile IPv6 Functionality HA 1. 2. MN CN 4. 3. • 1. MN obtains Local IP address using stateless or stateful autoconfiguration – Neighbor Discovery • 2. MN registers with HA by sending a Binding Update • 3. HA intercepts traffic for registered MN and tunnels packets from CN to MN • 4. MN sends packets from CN directly or via HA using Tunnel Presentation_ID 51
Route Optimization Correspondent Host CN to MN Mobile Node Home Agent • Traffic is routed directly from the CN to the MN • Binding Update SHOULD be part of every IPv6 node implementation • IPv4 also has route optimization but CN needs enhanced IP stack and Key management is a problem • Security Issues – Shared Key or PKI Problem and We need a Scalable Solution Presentation_ID 52
Cisco IOS Mobile IPv6 Home Agent Technology Preview • MIPv6 Home Agent Technology Preview release built on IETF MIPv6 draft 20 • Initial release was ID-13 • Available on Cisco 2600, 3600, 3700 and 7200 series • Adding DAD and DHAD • IPsec support planned for a later stage • waiting for IETF MIPv6 WG completion • Binding update can be filtered by source address using ACL • Only available for testing and experiment Tested with BSD, Linux and Windows MIPv6 client Router1# ipv6 unicast-routing Router1# ipv6 mobile Router1# interface ethernet-1 ipv6 address 2001:0001::45c/64 ipv6 mobile home-agent enable Router1# interface ethernet-2 ipv6 address 2001:0002::45a/64 ipv6 mobile home-agent enable MP3 client Ethernet-2 Ethernet-1 AP2 AP1 Presentation_ID 53
IPv6 Security • IPsec standards apply to both IPv4 and IPv6 • All implementations required to support authentication and encryption headers (“IPsec”) • Authentication separate from encryption for use in situations where encryption is prohibited or prohibitively expensive • Key distribution protocols are not yet defined (independent of IP v4/v6) • Support for manual key configuration required Presentation_ID 54
IP Quality of Service Reminder Two basic approaches developed by IETF: • “Integrated Service” (int-serv) fine-grain (per-flow), quantitative promises (e.g., x bits per second), uses RSVP signaling • “Differentiated Service” (diff-serv) coarse-grain (per-class), qualitative promises (e.g., higher priority), no explicit signaling Signaled diff-serv (RFC 2998) – uses RSVP for signaling with course-grained qualitative aggregate markings – allows for policy control without requiring per-router state overhead Presentation_ID 55
IPv6 Support for Int-Serv • 20-bit Flow Label field to identify specific flows needing special QoS – each source chooses its own Flow Label values; routers use Source Addr + Flow Label to identify distinct flows – Flow Label value of 0 used when no special QoS requested (the common case today) • This part of IPv6 is not standardized yet, and may well change semantics in the future http://www.ietf.org/internet-drafts/draft-ietf-ipv6-flow-label- 07.txt Presentation_ID 56
IPv6 Support for Diff-Serv • 8-bit Traffic Class field to identify specific classes of packets needing special QoS – same as new definition of IPv4 Type-of- Service byte – may be initialized by source or by router enroute; may be rewritten by routers enroute – traffic Class value of 0 used when no special QoS requested (the common case today) Presentation_ID 57
IPv4 IPv6 IPv6 and DNS Hostname to IP address A record: www.abc.test. A 192.168.30.1 AAAA record: www.abc.test AAAA 3FFE:B00:C18:1::2 IP address to hostname PTR record: 2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.8.1.c.0. 0.0.b.0.e.f.f.3.ip6.arpa PTR www.abc.test. PTR record: 1.30.168.192.in-addr.arpa. PTR www.abc.test. Presentation_ID 58
IPv6 Technology Scope IP Service IPv4 Solution IPv6 Solution 32-bit, Network Address Translation 128-bit, Multiple Addressing Range Scopes Autoconfiguration Serverless, Reconfiguration, DHCP Security IPSec Mandated, works End-to-End Mobile IP with Direct Routing DHCP IPSec Mobile IP Mobility Quality-of-Service Differentiated Service, Integrated Service Differentiated Service, Integrated Service IP Multicast IGMP/PIM/Multicast MLD/PIM/Multicast BGP BGP,Scope Identifier Presentation_ID 59
IPv6 Standards • Core IPv6 specifications are IETF Draft Standards => well-tested & stable currently have 5 Draft Standards, 32 Proposed started to compile an IPv6 Node Requirements spec • Some important auxilliary standards are less mature e.g., mobile IPv6, MIBS, scoped addressing,… for an up-to-date status: playground.sun.com/ipv6 • 3GPP UMTS Rel. 5 cellular wireless standards mandate IPv6; also being considered by 3GPP2 Presentation_ID 60
IPv6 Current Status - Standardisation • Several key components now on Standards Track: Specification (RFC2460) Neighbour Discovery (RFC2461) ICMPv6 (RFC2463) IPv6 Addresses (RFC2373/4/5) RIP (RFC2080) BGP (RFC2545) IGMPv6 (RFC2710) OSPF (RFC2740) Router Alert (RFC2711) Jumbograms (RFC2675) Autoconfiguration (RFC2462) IPv6 over: PPP (RFC2023) Ethernet (RFC2464) FDDI (RFC2467) Token Ring (RFC2470) NBMA(RFC2491) ATM (RFC2492) Frame Relay (RFC2590) ARCnet (RFC2549) Presentation_ID 61
Prioritizing IETF IPv6 WG Work (1) Finishing work-in-progress: Default address selection Address architecture Basic & advanced APIs ICMPv6 update Router preferences Cellular hosts requirements Node information queries DAD fixes to privacy address, autoconf and/or address architecture (2) Important and urgent for deployment: DNS discovery Prefix delegation IPv6 MIBs Presentation_ID 62
Prioritizing IPv6 WG Work (cont.) (3) Important but not quite so urgent: Flow label specification Scoped address architecture IPv6-over-3GPP-PDP-contexts spec IPv6 node requirements (4) important but perhaps better handled in other WGs: secure, robust plug-and-play multi-link subnet specification anycast architecture routing protocol updates to handle IPv6 scoping (5) important and already handled in other WGs: site multihoming IPv4 coexistence / interoperability / transition DHCPv6 mobile IPv6 Presentation_ID 63
Status of Other IPv6-Related WG in the IETF • NGtrans (Next Generation Transition) Major reorganization, moving from “tool development” to “IPv6 network operation” • v6Ops • DHCP (dynamic host configuration) DHCPv6 spec very close to Proposed Standard (at last!) • Multi6 (multihoming for IPv6) Little progress • Mobile IP Binding-update authentication issue of mobile IPv6 resolved; expect Proposed Standard soon(?) Presentation_ID 64
Questions? Presentation_ID 65
More Information • CCO IPv6 - http://www.cisco.com/ipv6 • The ABC of IPv6 http://www.cisco.com/en/US/products/sw/iosswrel/products_abc_ios_• IPv6 e-Learning [requires CCO username/password] http://www.cisco.com/warp/customer/732/Tech/ipv6/elearning/ • IPv6 Access Services : http://www.cisco.com/warp/public/732/Tech/ipv6/docs/ipv6_access_• ICMPv6 Packet Types and Codes TechNote: http://www.cisco.com/warp/customer/105/icmpv6codes.html • Cisco IOS IPv6 Product Manager – pgrosset@cisco.com Presentation_ID 66
Presentation_ID © 1999, Cisco Systems, Inc. www.cisco.com 67
© 2001, Cisco Systems, Inc. 68

Empfohlen

IPV6 Hands on Lab
IPV6 Hands on Lab IPV6 Hands on Lab
IPV6 Hands on Lab
Cisco Canada
 
Ipv6 course
Ipv6 courseIpv6 course
Ipv6 course
rinnocente
 
Introduction to IPv6
Introduction to IPv6Introduction to IPv6
Introduction to IPv6
Sara Q. Abedulridha
 
IPv6
IPv6IPv6
IPv6
Deepraj Bhujel
 
IPv6 theoryfinalx
IPv6 theoryfinalxIPv6 theoryfinalx
IPv6 theoryfinalx
Pawan Sharma
 
IPv6 Best Practice
IPv6 Best PracticeIPv6 Best Practice
IPv6 Best Practice
flyingpotato
 
IPv6_Quick_Start_Guide
IPv6_Quick_Start_GuideIPv6_Quick_Start_Guide
IPv6_Quick_Start_Guide
Parthiban Nallathambi
 
IPv6 Autoconfig
IPv6 AutoconfigIPv6 Autoconfig
IPv6 Autoconfig
Fred Bovy
 

Empfohlen

IPV6 Hands on Lab
IPV6 Hands on Lab IPV6 Hands on Lab
IPV6 Hands on Lab
Cisco Canada
 
Ipv6 course
Ipv6 courseIpv6 course
Ipv6 course
rinnocente
 
Introduction to IPv6
Introduction to IPv6Introduction to IPv6
Introduction to IPv6
Sara Q. Abedulridha
 
IPv6
IPv6IPv6
IPv6
Deepraj Bhujel
 
IPv6 theoryfinalx
IPv6 theoryfinalxIPv6 theoryfinalx
IPv6 theoryfinalx
Pawan Sharma
 
IPv6 Best Practice
IPv6 Best PracticeIPv6 Best Practice
IPv6 Best Practice
flyingpotato
 
IPv6_Quick_Start_Guide
IPv6_Quick_Start_GuideIPv6_Quick_Start_Guide
IPv6_Quick_Start_Guide
Parthiban Nallathambi
 
IPv6 Autoconfig
IPv6 AutoconfigIPv6 Autoconfig
IPv6 Autoconfig
Fred Bovy
 
About IPv6
About IPv6About IPv6
About IPv6
Marco Antonio
 
IPv6 By Vipin
IPv6 By VipinIPv6 By Vipin
IPv6 By Vipin
Vipin Mundayad
 
Basic of IPv6
Basic of IPv6Basic of IPv6
Basic of IPv6
Jubin Aghara
 
IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandIPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
APNIC
 
IPv6
IPv6IPv6
IPv6
Peter R. Egli
 
Introduction to ipv6 v1.3
Introduction to ipv6 v1.3Introduction to ipv6 v1.3
Introduction to ipv6 v1.3
Karunakant Rai
 
Ipv6 introduction - MUM 2011 presentation
Ipv6 introduction - MUM 2011 presentationIpv6 introduction - MUM 2011 presentation
Ipv6 introduction - MUM 2011 presentation
IDEA4PRO
 
IPv6 Transition,Transcición IPv6
IPv6 Transition,Transcición IPv6IPv6 Transition,Transcición IPv6
IPv6 Transition,Transcición IPv6
Suministros Obras y Sistemas
 
Cisco IPv6 Tutorial by Hinwoto
Cisco IPv6 Tutorial by HinwotoCisco IPv6 Tutorial by Hinwoto
Cisco IPv6 Tutorial by Hinwoto
Febrian ‎
 
IPV6 ADDRESSING
IPV6 ADDRESSING IPV6 ADDRESSING
IPV6 ADDRESSING
ezxprt institute
 
IPv6 How To Set Up a Linux IPv6 Lan
IPv6 How To Set Up a Linux IPv6 LanIPv6 How To Set Up a Linux IPv6 Lan
IPv6 How To Set Up a Linux IPv6 Lan
Jumping Bean
 
Ipv6
Ipv6Ipv6
Ipv6
maha5960
 
IPv6 - Neighbour Discovery
IPv6 - Neighbour DiscoveryIPv6 - Neighbour Discovery
IPv6 - Neighbour Discovery
Heba_a
 
IPv6 next generation protocol
IPv6 next generation protocolIPv6 next generation protocol
IPv6 next generation protocol
Rupshanker Mishra
 
A very good introduction to IPv6
A very good introduction to IPv6A very good introduction to IPv6
A very good introduction to IPv6
Syed Arshad
 
IPv6 address Details
IPv6 address DetailsIPv6 address Details
IPv6 address Details
Mahmudul Islam
 
Ipv6
Ipv6Ipv6
Ipv6
satish 486
 
Ipv6 the next generation protocol
Ipv6 the next generation protocolIpv6 the next generation protocol
Ipv6 the next generation protocol
PRADEEP Cheekatla
 
Ipv 4 and ipv6
Ipv 4 and ipv6Ipv 4 and ipv6
Ipv 4 and ipv6
Tehmina Gulfam
 
IPv6 Fundamentals
IPv6 FundamentalsIPv6 Fundamentals
IPv6 Fundamentals
Matt Bynum
 
Cisco IPv6 Tutorial
Cisco IPv6 TutorialCisco IPv6 Tutorial
Cisco IPv6 Tutorial
kriz5
 
Future Of The Internet - IPv4 to IPv6 - Cisco CGv6
Future Of The Internet - IPv4 to IPv6 - Cisco CGv6Future Of The Internet - IPv4 to IPv6 - Cisco CGv6
Future Of The Internet - IPv4 to IPv6 - Cisco CGv6
Srivatsan Desikan
 

Weitere ähnliche Inhalte

Was ist angesagt?

IPv6
IPv6IPv6
IPv6
Peter R. Egli
 
Introduction to ipv6 v1.3
Introduction to ipv6 v1.3Introduction to ipv6 v1.3
Introduction to ipv6 v1.3
Karunakant Rai
 
Ipv6 the next generation protocol
Ipv6 the next generation protocolIpv6 the next generation protocol
Ipv6 the next generation protocol
PRADEEP Cheekatla
 

Was ist angesagt? (20)

About IPv6
About IPv6About IPv6
About IPv6
 
IPv6 By Vipin
IPv6 By VipinIPv6 By Vipin
IPv6 By Vipin
 
Basic of IPv6
Basic of IPv6Basic of IPv6
Basic of IPv6
 
IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandIPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
 
IPv6
IPv6IPv6
IPv6
 
Introduction to ipv6 v1.3
Introduction to ipv6 v1.3Introduction to ipv6 v1.3
Introduction to ipv6 v1.3
 
Ipv6 introduction - MUM 2011 presentation
Ipv6 introduction - MUM 2011 presentationIpv6 introduction - MUM 2011 presentation
Ipv6 introduction - MUM 2011 presentation
 
IPv6 Transition,Transcición IPv6
IPv6 Transition,Transcición IPv6IPv6 Transition,Transcición IPv6
IPv6 Transition,Transcición IPv6
 
Cisco IPv6 Tutorial by Hinwoto
Cisco IPv6 Tutorial by HinwotoCisco IPv6 Tutorial by Hinwoto
Cisco IPv6 Tutorial by Hinwoto
 
IPV6 ADDRESSING
IPV6 ADDRESSING IPV6 ADDRESSING
IPV6 ADDRESSING
 
IPv6 How To Set Up a Linux IPv6 Lan
IPv6 How To Set Up a Linux IPv6 LanIPv6 How To Set Up a Linux IPv6 Lan
IPv6 How To Set Up a Linux IPv6 Lan
 
Ipv6
Ipv6Ipv6
Ipv6
 
IPv6 - Neighbour Discovery
IPv6 - Neighbour DiscoveryIPv6 - Neighbour Discovery
IPv6 - Neighbour Discovery
 
IPv6 next generation protocol
IPv6 next generation protocolIPv6 next generation protocol
IPv6 next generation protocol
 
A very good introduction to IPv6
A very good introduction to IPv6A very good introduction to IPv6
A very good introduction to IPv6
 
IPv6 address Details
IPv6 address DetailsIPv6 address Details
IPv6 address Details
 
Ipv6
Ipv6Ipv6
Ipv6
 
Ipv6 the next generation protocol
Ipv6 the next generation protocolIpv6 the next generation protocol
Ipv6 the next generation protocol
 
Ipv 4 and ipv6
Ipv 4 and ipv6Ipv 4 and ipv6
Ipv 4 and ipv6
 
IPv6 Fundamentals
IPv6 FundamentalsIPv6 Fundamentals
IPv6 Fundamentals
 

Andere mochten auch

Andere mochten auch (6)

Cisco IPv6 Tutorial
Cisco IPv6 TutorialCisco IPv6 Tutorial
Cisco IPv6 Tutorial
 
Future Of The Internet - IPv4 to IPv6 - Cisco CGv6
Future Of The Internet - IPv4 to IPv6 - Cisco CGv6Future Of The Internet - IPv4 to IPv6 - Cisco CGv6
Future Of The Internet - IPv4 to IPv6 - Cisco CGv6
 
IPv6 Tutorial RIPE 60
IPv6 Tutorial RIPE 60IPv6 Tutorial RIPE 60
IPv6 Tutorial RIPE 60
 
#CompTIAPerks: What Makes Life at CompTIA Different
#CompTIAPerks: What Makes Life at CompTIA Different#CompTIAPerks: What Makes Life at CompTIA Different
#CompTIAPerks: What Makes Life at CompTIA Different
 
Ipv4
Ipv4Ipv4
Ipv4
 
Segment Routing: A Tutorial
Segment Routing: A TutorialSegment Routing: A Tutorial
Segment Routing: A Tutorial
 

Ähnlich wie Cisco presentation2

Microsoft Offical Course 20410C_08
Microsoft Offical Course 20410C_08Microsoft Offical Course 20410C_08
Microsoft Offical Course 20410C_08
gameaxt
 
8-Lect_8 Addressing the Network.tcp.pptx
8-Lect_8 Addressing the Network.tcp.pptx8-Lect_8 Addressing the Network.tcp.pptx
8-Lect_8 Addressing the Network.tcp.pptx
ZahouAmel1
 
Como definir un esquema de direcciones IPv6
Como definir un esquema de direcciones IPv6Como definir un esquema de direcciones IPv6
Como definir un esquema de direcciones IPv6
Edgardo Scrimaglia
 
Conceptos ipv6, direccionamiento
Conceptos ipv6, direccionamientoConceptos ipv6, direccionamiento
Conceptos ipv6, direccionamiento
Edgardo Scrimaglia
 
Introduction to IPv6-UoN
Introduction to IPv6-UoNIntroduction to IPv6-UoN
Introduction to IPv6-UoN
Mwendwa Kivuva
 
IPv6 - Jozi Linux User Group Presentation
IPv6 - Jozi Linux User Group PresentationIPv6 - Jozi Linux User Group Presentation
IPv6 - Jozi Linux User Group Presentation
Jumping Bean
 
6421 b Module-04
6421 b Module-046421 b Module-04
6421 b Module-04
Bibekananada Jena
 

Ähnlich wie Cisco presentation2 (20)

Lesson 3: IPv6 Fundamentals
Lesson 3: IPv6 FundamentalsLesson 3: IPv6 Fundamentals
Lesson 3: IPv6 Fundamentals
 
IPv6 Overview
IPv6 OverviewIPv6 Overview
IPv6 Overview
 
IPv6
IPv6IPv6
IPv6
 
I pv6 for cmu
I pv6 for cmuI pv6 for cmu
I pv6 for cmu
 
Apnic-Training-IPv6_workshop
Apnic-Training-IPv6_workshopApnic-Training-IPv6_workshop
Apnic-Training-IPv6_workshop
 
Microsoft Offical Course 20410C_08
Microsoft Offical Course 20410C_08Microsoft Offical Course 20410C_08
Microsoft Offical Course 20410C_08
 
8-Lect_8 Addressing the Network.tcp.pptx
8-Lect_8 Addressing the Network.tcp.pptx8-Lect_8 Addressing the Network.tcp.pptx
8-Lect_8 Addressing the Network.tcp.pptx
 
IPv6 Addressing Architecture
IPv6 Addressing ArchitectureIPv6 Addressing Architecture
IPv6 Addressing Architecture
 
IPv6 address-planning
IPv6 address-planningIPv6 address-planning
IPv6 address-planning
 
IPv6 networking training sduffy v3
IPv6 networking training sduffy v3IPv6 networking training sduffy v3
IPv6 networking training sduffy v3
 
Como definir un esquema de direcciones IPv6
Como definir un esquema de direcciones IPv6Como definir un esquema de direcciones IPv6
Como definir un esquema de direcciones IPv6
 
Conceptos ipv6, direccionamiento
Conceptos ipv6, direccionamientoConceptos ipv6, direccionamiento
Conceptos ipv6, direccionamiento
 
Introduction to IPv6-UoN
Introduction to IPv6-UoNIntroduction to IPv6-UoN
Introduction to IPv6-UoN
 
IPv6 Addressing
IPv6 AddressingIPv6 Addressing
IPv6 Addressing
 
Fedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friendsFedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friends
 
01 Ipv6 Addressing
01 Ipv6 Addressing01 Ipv6 Addressing
01 Ipv6 Addressing
 
UNIT-2.pptx
UNIT-2.pptxUNIT-2.pptx
UNIT-2.pptx
 
IPV6
IPV6 IPV6
IPV6
 
IPv6 - Jozi Linux User Group Presentation
IPv6 - Jozi Linux User Group PresentationIPv6 - Jozi Linux User Group Presentation
IPv6 - Jozi Linux User Group Presentation
 
6421 b Module-04
6421 b Module-046421 b Module-04
6421 b Module-04
 

Kürzlich hochgeladen

VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...
VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...
VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...
SUHANI PANDEY
 
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
amitlee9823
 
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
amitlee9823
 
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts ServiceCall Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Call Girls Jalahalli Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Jalahalli Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...Call Girls Jalahalli Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Jalahalli Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
amitlee9823
 
Abortion pills in Doha Qatar (+966572737505 ! Get Cytotec
Abortion pills in Doha Qatar (+966572737505 ! Get CytotecAbortion pills in Doha Qatar (+966572737505 ! Get Cytotec
Abortion pills in Doha Qatar (+966572737505 ! Get Cytotec
Abortion pills in Riyadh +966572737505 get cytotec
 
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNKDATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
Timothy Spann
 
Detecting Credit Card Fraud: A Machine Learning Approach
Detecting Credit Card Fraud: A Machine Learning ApproachDetecting Credit Card Fraud: A Machine Learning Approach
Detecting Credit Card Fraud: A Machine Learning Approach
Boston Institute of Analytics
 
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
➥🔝 7737669865 🔝▻ mahisagar Call-girls in Women Seeking Men 🔝mahisagar🔝 Esc...
➥🔝 7737669865 🔝▻ mahisagar Call-girls in Women Seeking Men 🔝mahisagar🔝 Esc...➥🔝 7737669865 🔝▻ mahisagar Call-girls in Women Seeking Men 🔝mahisagar🔝 Esc...
➥🔝 7737669865 🔝▻ mahisagar Call-girls in Women Seeking Men 🔝mahisagar🔝 Esc...
amitlee9823
 
➥🔝 7737669865 🔝▻ Dindigul Call-girls in Women Seeking Men 🔝Dindigul🔝 Escor...
➥🔝 7737669865 🔝▻ Dindigul Call-girls in Women Seeking Men 🔝Dindigul🔝 Escor...➥🔝 7737669865 🔝▻ Dindigul Call-girls in Women Seeking Men 🔝Dindigul🔝 Escor...
➥🔝 7737669865 🔝▻ Dindigul Call-girls in Women Seeking Men 🔝Dindigul🔝 Escor...
amitlee9823
 
Call Girls In Hsr Layout ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Hsr Layout ☎ 7737669865 🥵 Book Your One night StandCall Girls In Hsr Layout ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Hsr Layout ☎ 7737669865 🥵 Book Your One night Stand
amitlee9823
 
Call Girls In Nandini Layout ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Nandini Layout ☎ 7737669865 🥵 Book Your One night StandCall Girls In Nandini Layout ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Nandini Layout ☎ 7737669865 🥵 Book Your One night Stand
amitlee9823
 
➥🔝 7737669865 🔝▻ malwa Call-girls in Women Seeking Men 🔝malwa🔝 Escorts Ser...
➥🔝 7737669865 🔝▻ malwa Call-girls in Women Seeking Men 🔝malwa🔝 Escorts Ser...➥🔝 7737669865 🔝▻ malwa Call-girls in Women Seeking Men 🔝malwa🔝 Escorts Ser...
➥🔝 7737669865 🔝▻ malwa Call-girls in Women Seeking Men 🔝malwa🔝 Escorts Ser...
amitlee9823
 
Call Girls Begur Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Begur Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Begur Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Begur Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
amitlee9823
 
Call Girls In Attibele ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Attibele ☎ 7737669865 🥵 Book Your One night StandCall Girls In Attibele ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Attibele ☎ 7737669865 🥵 Book Your One night Stand
amitlee9823
 

Kürzlich hochgeladen (20)

Discover Why Less is More in B2B Research
Discover Why Less is More in B2B ResearchDiscover Why Less is More in B2B Research
Discover Why Less is More in B2B Research
 
VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...
VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...
VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...
 
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
 
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
 
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts ServiceCall Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
 
Call Girls Jalahalli Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Jalahalli Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...Call Girls Jalahalli Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Jalahalli Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
 
Capstone Project on IBM Data Analytics Program
Capstone Project on IBM Data Analytics ProgramCapstone Project on IBM Data Analytics Program
Capstone Project on IBM Data Analytics Program
 
5CL-ADBA,5cladba, Chinese supplier, safety is guaranteed
5CL-ADBA,5cladba, Chinese supplier, safety is guaranteed5CL-ADBA,5cladba, Chinese supplier, safety is guaranteed
5CL-ADBA,5cladba, Chinese supplier, safety is guaranteed
 
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% SecureCall me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
 
Abortion pills in Doha Qatar (+966572737505 ! Get Cytotec
Abortion pills in Doha Qatar (+966572737505 ! Get CytotecAbortion pills in Doha Qatar (+966572737505 ! Get Cytotec
Abortion pills in Doha Qatar (+966572737505 ! Get Cytotec
 
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNKDATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
 
Detecting Credit Card Fraud: A Machine Learning Approach
Detecting Credit Card Fraud: A Machine Learning ApproachDetecting Credit Card Fraud: A Machine Learning Approach
Detecting Credit Card Fraud: A Machine Learning Approach
 
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
➥🔝 7737669865 🔝▻ mahisagar Call-girls in Women Seeking Men 🔝mahisagar🔝 Esc...
➥🔝 7737669865 🔝▻ mahisagar Call-girls in Women Seeking Men 🔝mahisagar🔝 Esc...➥🔝 7737669865 🔝▻ mahisagar Call-girls in Women Seeking Men 🔝mahisagar🔝 Esc...
➥🔝 7737669865 🔝▻ mahisagar Call-girls in Women Seeking Men 🔝mahisagar🔝 Esc...
 
➥🔝 7737669865 🔝▻ Dindigul Call-girls in Women Seeking Men 🔝Dindigul🔝 Escor...
➥🔝 7737669865 🔝▻ Dindigul Call-girls in Women Seeking Men 🔝Dindigul🔝 Escor...➥🔝 7737669865 🔝▻ Dindigul Call-girls in Women Seeking Men 🔝Dindigul🔝 Escor...
➥🔝 7737669865 🔝▻ Dindigul Call-girls in Women Seeking Men 🔝Dindigul🔝 Escor...
 
Call Girls In Hsr Layout ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Hsr Layout ☎ 7737669865 🥵 Book Your One night StandCall Girls In Hsr Layout ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Hsr Layout ☎ 7737669865 🥵 Book Your One night Stand
 
Call Girls In Nandini Layout ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Nandini Layout ☎ 7737669865 🥵 Book Your One night StandCall Girls In Nandini Layout ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Nandini Layout ☎ 7737669865 🥵 Book Your One night Stand
 
➥🔝 7737669865 🔝▻ malwa Call-girls in Women Seeking Men 🔝malwa🔝 Escorts Ser...
➥🔝 7737669865 🔝▻ malwa Call-girls in Women Seeking Men 🔝malwa🔝 Escorts Ser...➥🔝 7737669865 🔝▻ malwa Call-girls in Women Seeking Men 🔝malwa🔝 Escorts Ser...
➥🔝 7737669865 🔝▻ malwa Call-girls in Women Seeking Men 🔝malwa🔝 Escorts Ser...
 
Call Girls Begur Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Begur Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Begur Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Begur Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
 
Call Girls In Attibele ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Attibele ☎ 7737669865 🥵 Book Your One night StandCall Girls In Attibele ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Attibele ☎ 7737669865 🥵 Book Your One night Stand
 

Cisco presentation2

  • 1. 1 IPv6 @ Cisco Patrick Grossetete Cisco Systems Cisco IOS IPv6 Product Manager pgrosset@cisco.com Ansar Pasha Cisco Systems Network Consultant, Govt & Defense, South ansar@cisco.com
  • 2. Agenda • IPv6 Business Case • IIPPvv66 PPrroottooccoollss && SSttaannddaarrddss • Integration and Transition • Cisco IOS IPv6 Roadmap • IPv6 Deployment scenarios • RReeffeerreenncceess Presentation_ID 2
  • 3. IPv6 - So what’s really changed ?! • Expanded Address Space Address length quadrupled to 16 bytes • Header Format Simplification Fixed length, optional headers are daisy-chained IPv6 header is twice as long (40 bytes) as IPv4 header without options (20 bytes) • No checksumming at the IP network layer • No hop-by-hop segmentation Path MTU discovery • 64 bits aligned • Authentication and Privacy Capabilities IPsec is mandated • No more broadcast Presentation_ID 3
  • 4. IPv4 & IPv6 Header Comparison IIPPvv44 HHeeaaddeerr IPv6 HHeeaaddeerr Version IHL Type of Service Total Length Identification Flags Fragment Offset Time to Live Protocol Header Checksum Source Address Destination Address Options Padding Version Traffic Class Flow Label Payload Length Next Header Hop Limit Source Address Destination Address - field’s name kept from IPv4 to IPv6 - fields not kept in IPv6 - Name & position changed in IPv6 - New field in IPv6 Legend Presentation_ID 4
  • 5. How Was IPv6 Address Size Chosen? • Some wanted fixed-length, 64-bit addresses Easily good for 1012 sites, 1015 nodes, at .0001 allocation efficiency (3 orders of magnitude more than IPv6 requirement) Minimizes growth of per-packet header overhead Efficient for software processing • Some wanted variable-length, up to 160 bits Compatible with OSI NSAP addressing plans Big enough for auto-configuration using IEEE 802 addresses Could start with addresses shorter than 64 bits & grow later • Settled on fixed-length, 128-bit addresses (340,282,366,920,938,463,463,374,607,431,768,211,456 in all!) Presentation_ID 5
  • 6. IPv6 Addressing • IPv6 Addressing rules are covered by multiples RFC’s Architecture defined by RFC 3513 (obsoletes RFC 2373) • Address Types are : Unicast : One to One (Global, Link local, Site local, Compatible) Anycast : One to Nearest (Allocated from Unicast) Multicast : One to Many Reserved • A single interface may be assigned multiple IPv6 addresses of any type (unicast, anycast, multicast) No Broadcast Address -> Use Multicast Presentation_ID 6
  • 7. IPv6 Address Representation • 16-bit fields in case insensitive colon hexadecimal representation 2031:0000:130F:0000:0000:09C0:876A:130B • Leading zeros in a field are optional: 2031:0:130F:0:0:9C0:876A:130B • Successive fields of 0 represented as ::, but only once in an address: • 2031:0:130F::9C0:876A:130B • 2031::130F::9C0:876A:130B • 0:0:0:0:0:0:0:1 => ::1 • 0:0:0:0:0:0:0:0 => :: • IPv4-compatible address representation • 0:0:0:0:0:0:192.168.30.1 = ::192.168.30.1 = ::C0A8:1E01 Presentation_ID 7
  • 8. IPv6 Addressing • Prefix Format (PF) Allocation PF = 0000 0000 : Reserved PF = 001 : Aggregatable Global Unicast Address PF = 1111 1110 10 : Link Local Use Addresses (FE80::/10) PF = 1111 1110 11 : Site Local Use Addresses (FEC)::/10) PF = 1111 1111 : Multicast Addresses (FF00::/8) Other values are currently Unassigned (approx. 7/8th of total) • All Prefix Formats have to support EUI-64 bits Interface ID setting But Multicast Presentation_ID 8
  • 9. Aggregatable Global Unicast Addresses Provider Site Host 3 45 bits 16 bits 64 bits Global Routing Interface ID Prefix SLA 001 • Aggregatable Global Unicast addresses are: Addresses for generic use of IPv6 Structured as a hierarchy to keep the aggregation • See RFC 3513 Presentation_ID 9
  • 10. Address Allocation Policy /23 2001 0410 Registry ISP prefix Site prefix LAN prefix /32 /48 /64 Interface ID Bootstrap process - RFC2450 • The allocation process is under reviewed by the Registries: IANA allocates 2001::/16 to registries Each registry gets a /23 prefix from IANA Formely, all ISP were getting a /35 With the new policy, Registry allocates a /32 prefix to an IPv6 ISP Then the ISP allocates a /48 prefix to each customer (or potentially /64) ftp://ftp.cs.duke.edu/pub/narten/ietf/global-ipv6-assign-2002-06-26.txt Presentation_ID 10
  • 11. Interface IDs • Lowest-order 64-bit field of unicast address may be assigned in several different ways: – auto-configured from a 64-bit EUI-64, or expanded from a 48-bit MAC address (e.g., Ethernet address) – auto-generated pseudo-random number (to address privacy concerns) – assigned via DHCP – manually configured Presentation_ID 11
  • 12. IPv6 Address Privacy (RFC 3041) /23 /32 /48 /64 2001 0410 Interface ID • Temporary addresses for IPv6 host client application, eg. Web browser Inhibit device/user tracking but is also a potential issue More difficult to scan all IP addresses on a subnet but port scan is identical when an address is known Random 64 bit interface ID, run DAD before using it Rate of change based on local policy Implemented on Microsoft Windows XP From RFC 3041: “…interface identifier …facilitates the tracking of individual devices (and thus potentially users)…” Presentation_ID 12
  • 13. Hierarchical Addressing & Aggregation ISP 2001:0410::/ 32 Custome rno 1 2001:0410:0001:/4 8 Custome rno 2 Only announce s the /32 prefix 2001:0410:0002:/4 2001::/16 8 Larger address space enables: IPv6 Internet Aggregation of prefixes announced in the global routing table. Efficient and scalable routing. But current Multi-Homing schemes break the model Presentation_ID 13
  • 14. Link-Local & Site-Local Unicast Addresses • Link-local addresses for use during auto-configuration and when no routers are present: 1111 1110 10 0 interface ID • Site-local addresses for independence from Global Reachability, similar to IPv4 private address space RFC3513 specifies 54 bits for SLA field but SL may get deprecated by IPv6 WG soon 1111 1110 11 SLA* interface ID Presentation_ID 14
  • 15. 6to4 and ISATAP Addresses • 6to4 (RFC 3056) – WAN tunneling /16 /48 /64 2002 Public IPv4 address SLA Interface ID •ISATAP (Draft) – Campus tunneling /23 2001 0410 Registry ISP prefix Site prefix /32 /48 /64 00 00 5E FE IPv4 Host address 32 bits 32 bits Presentation_ID 15
  • 16. Expanded Address Space Multicast Addresses (RFC 3513) 128 bits 0 Group ID 1111 1111 F F Flags scope 0 0 0 T 8 bits 8 bits T=0 a permanent IPv6 Multicast address. T=1 a transient IPv6 multicast address Flags = Scope = 1 = node 2 = link 5 = site 8 = organization E= global • Multicast is used in the context of one-to-many. Presentation_ID 16
  • 17. Multicast Address Examples • AAllll NNooddeess AAddddrreesssseess:: FF01:0:0:0:0:0:0:1 FF02:0:0:0:0:0:0:1 • AAllll RRoouutteerrss AAddddrreesssseess:: FF01:0:0:0:0:0:0:2 FF02:0:0:0:0:0:0:2 FF05:0:0:0:0:0:0:2 • OOSSPPvv33:: AllSPFRouters : FF02::5 AllDRouters : FF02::6 • SSoolliicciitteedd--NNooddee AAddddrreessss:: FF02:0:0:0:0:1:FFXXXX::XXXXXXXX Concatenation of prefix FF02:0:0:0:0:1:FF00::/104 with the low-order 24 bits of an address (unicast or anycast) Presentation_ID 17
  • 18. more on IPv6 Addressing 80 bits 16 bits 32 bits 0000……………………………0000 0000 IPv4 Address IIPPvv66 AAddddrreesssseess wwiitthh EEmmbbeeddddeedd IIPPvv44 AAddddrreesssseess 80 bits 16 bits 32 bits 0000……………………………0000 FFFF IPv4 Address IIPPvv44 mmaappppeedd IIPPvv66 aaddddrreessss Presentation_ID 18
  • 19. IPv6 Addressing Examples LAN: 3ffe:b00:c18:1::/64 Ethernet0 MAC address: 0060.3e47.1530 interface Ethernet0 ipv6 address 2001:410:213:1::/64 eui-64 router# show ipv6 interface Ethernet0 Ethernet0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::260:3EFF:FE47:1530 Global unicast address(es): 2001:410:213:1:260:3EFF:FE47:1530, subnet is 2001:410:213:1::/64 Joined group address(es): FF02::1:FF47:1530 FF02::1 FF02::2 MTU is 1500 bytes Presentation_ID 19
  • 20. 6BONE • The 6bone is an IPv6 testbed setup to assist in the evolution and deployment of IPv6 in the Internet. The 6bone is a virtual network layered on top of portions of the physical IPv4-based Internet to support routing of IPv6 packets, as that function has not yet been integrated into many production routers. The network is composed of islands that can directly support IPv6 packets, linked by virtual point-to-point links called "tunnels". The tunnel endpoints are typically workstation-class machines having operating system support for Ipv6. • Over 50 countries are currently involved • Registry, maps and other information may be found on http://www.6bone.net/ Presentation_ID 20
  • 21. 6Bone Addressing /28 /48 /64 3ffe Interface ID pTLA prefix site prefix LAN prefix • 6Bone address space defined in RFC2471 uses 3FFE::/16 A pTLA receives a /28 prefix A site receives a /48 prefix A LAN receives a /64 prefix • Guidelines for routing on 6bone - RFC2772 Presentation_ID 21
  • 22. 6Bone Topology SSitiete Site Provider Site pTLA Site BGP Peering pTLA SSitiete Site pTL A pTLA pTL A pTLA Site Site Provide r • 6Bone is a test bed network with hundreds of sites from 50 countries • The 6Bone topology is a hierarchy of providers • First-level nodes are backbone nodes called pseudo Top-Level Aggregator (pTLA) Presentation_ID 22
  • 23. IPv6 Header Options (RFC 2460) TCP Header + Data IPv6 Header Next Header = TCP IPv6 Header Next Header = Routing TCP Header + Data Routing Header Next Header = TCP IPv6 Header Next Header = Routing Routing Header Next Header = Fragment Fragment Header Next Header = TCP Fragment of TCP Header + Data • Processed only by node identified in IPv6 Destination Address field => much lower overhead than IPv4 options exception: Hop-by-Hop Options header • Eliminated IPv4’s 40-octet limit on options in IPv6, limit is total packet size, or Path MTU in some cases Presentation_ID 23
  • 24. IPv6 Header Options (RFC2460) • Currently defined Headers should appear in the following order IPv6 header Hop-by-Hop Options header Destination Options header Routing header Fragment header Authentication header (RFC 1826) Encapsulating Security Payload header (RFC 1827) Destination Options header upper-layer header Presentation_ID 24
  • 25. IPv6 and Path MTU Discovery • Definitions: link MTU a link’s maximum transmission unit, path MTU the minimum MTU of all the links in a path between a source and a destination • Minimum link MTU for IPv6 is 1280 octets (68 octets for IPv4) On links with MTU < 1280, link-specific fragmentation and reassembly must be used • Implementations are expected to perform path MTU discovery to send packets bigger than 1280 octets: for each dest., start by assuming MTU of first-hop link if a packet reaches a link in which it cannot fit, will invoke ICMP “packet too big” message to source, reporting the link’s MTU; MTU is cached by source for specific destination • Minimal implementation can omit path MTU discovery as long as all packets kept ≤ 1280 octets – e.g., in a boot ROM Presentation_ID 25
  • 26. Neighbor Discovery (RFC 2461) • Protocol built on top of ICMPv6 (RFC 2463) Combination of IPv4 protocols (ARP, ICMP,…) • Neighbor Discovery: Determines the link-layer address of a neighbor on the same link, Duplicate Address Detection Finds neighbor routers, Keeps track of neighbors • Defines 5 ICMPv6 packet types Router Solicitation / Router Advertisements Neighbor Solicitation / Neighbor Advertisements Redirect Presentation_ID 26
  • 27. RA indicates SUBNET PREFIX SUBNET PREFIX + MAC ADDRESS SUBNET PREFIX + MAC ADDRESS At boot time, an IPv6 host build a Link-Local address, then its global IPv6 address(es) from RA IPv6 Auto-Configuration • SSttaatteelleessss (RFC2462) Host autonomously configures its own Link-Local address Router solicitation are sent by booting nodes to request RAs for configuring the interfaces. • SSttaatteeffuull DHCPv6 (under definition at IETF) • RReennuummbbeerriinngg Hosts renumbering is done by modifying the RA to announce the old prefix with a short lifetime and the new prefix. Router renumbering protocol (RFC 2894), to allow domain-interior routers to learn of prefix introduction / withdrawal Presentation_ID 27
  • 28. Stateless Autoconfiguration 1. RS 2. RA 2. RA 1 - ICMP Type = 133 (RS) Src = :: Dst = All-Routers multicast Address query= please send RA 2 - ICMP Type = 134 (RA) Src = Router Link-local Address Dst = All-nodes multicast address Data= options, prefix, lifetime, autoconfig flag Router solicitations are sent by booting nodes to request RAs for configuring the interfaces. Presentation_ID 28
  • 29. Duplicate Address Detection A B ICMP type = 135 Src = 0 (::) Dst = Solicited-node multicast of A Data = link-layer address of A Query = what is your link address? Duplicate Address Detection (DAD) uses neighbor solicitation to verify the existence of an address to be configured. Presentation_ID 29
  • 30. Routing in IPv6 • As in IPv4, IPv6 has 2 families of routing protocols: IGP and EGP, and still uses the longest-prefix match routing algorithm • IIGGPP RRIIPPnngg (RFC 2080) Cisco EEIIGGRRPP for IPv6 OOSSPPFFvv33 (RFC 2740) IInntteeggrraatteedd IISS--IISSvv66 (draft-ietf-isis-ipv6-02) • EEGGPP : MMPP--BBGGPP44 (RFC 2858 and RFC 2545) • Cisco IOS supports all of them Pick one meeting your objectives Presentation_ID 30
  • 31. OSPFv3 overview • OSPFv3 is OSPF for IPv6 (RFC 2740) • Based on OSPFv2, with enhancements • Distributes IPv6 prefixes • Runs directly over IPv6 • Ships-in-the-night with OSPFv2 Presentation_ID 31
  • 32. Differences from OSPFv2 • Runs over a link, not a subnet • Multiple instances per link • Topology not IPv6-specific – Router ID – Link ID • Standard authentication mechanisms • Uses link local addresses • Generalized flooding scope • Two new LSA types Presentation_ID 32
  • 33. OSPFv3 configuration example Area 0 Router2 LAN1: 2001:1:1:1::/64 Eth0 Eth1 Router1 LAN2: 2001:2:2:2::/64 Router1# interface Ethernet0 ipv6 address 2001:1:1:1::1/64 ipv6 ospf 1 area 0 interface Ethernet1 ipv6 address 2001:2:2:2::2/64 ipv6 ospf 1 area 1 ipv6 router ospf 1 router-id 1.1.1.1 area 1 range 2001:2:2::/48 Area 1 Presentation_ID 33
  • 34. IS-IS Standards • IETF IS-IS for IP Internets WG http://www.ietf.org/html.charters/isis-charter.html • ISO 10589 specifies OSI IS-IS routing protocol for CLNS traffic Tag/Length/Value (TLV) options to enhance the protocol A Link State protocol with a 2 level hierarchical architecture. • RFC 1195 added IP support, also known as Integrated IS-IS (I/IS-IS) I/IS-IS runs on top of the Data Link Layer Requires CLNP to be configured • Draft RFC defines how to add IPv6 address family support to IS-IS http://www.ietf.org/internet-drafts/draft-ietf-isis-ipv6-05.txt • Draft RFC introduces Multi-Topology concept for IS-IS http://www.ietf.org/internet-drafts/draft-ietf-isis-wg-multi-topology-06.txt Presentation_ID 34
  • 35. IS-IS for IPv6 • 2 Tag/Length/Values added to introduce IPv6 routing • IPv6 Reachability TLV (0xEC) External bit Equivalent to IP Internal/External Reachability TLV’s • IPv6 Interface Address TLV (0xE8) For Hello PDUs, must contain the Link-Local address For LSP, must only contain the non-Link Local address • IPv6 NLPID (0x8E) is advertised by IPv6 enabled routers Presentation_ID 35
  • 36. Cisco IOS IS-IS dual IP configuration Router1# interface ethernet-1 ip address 10.1.1.1 255.255.255.0 ipv6 address 2001:0001::45c/64 ip router isis ipv6 router isis interface ethernet-2 ip address 10.2.1.1 255.255.255.0 ipv6 address 2001:0002::45a/64 ip router isis ipv6 router isis router isis address-family ipv6 redistribute static exit-address-family net 42.0001.0000.0000.072c.00 redistribute static LAN1: 2001:0001::45c/64 Ethernet-1 Ethernet-2 Router1 LAN2: 2001:0002::45a/64 Dual IPv4/IPv6 configuration. Redistributing both IPv6 static routes and IPv4 static routes. Presentation_ID 36
  • 37. Multi-Topology IS-IS extensions • New TLVs attributes for Multi-Topology extensions. Multi-topology TLV: contains one or more multi-topology ID in which the router participates. It is theoretically possible to advertise an infinite number of topologies. This TLV is included in IIH and the first fragment of a LSP. MT Intermediate Systems TLV: this TLV appears as many times as the number of topologies a node supports. A MT ID is added to the extended IS reachability TLV type 22. Multi-Topology Reachable IPv4 Prefixes TLV: this TLV appears as many times as the number of IPv4 announced by an IS for a give n MT ID. Its structure is aligned with the extended IS Reachability TLV Type 236 and add a MT ID. Multi-Topology Reachable IPv6 Prefixes TLV: this TLV appears as many times as the number of IPv6 announced by an IS for a given MT ID. Its structure is aligned with the extended IS Reachability TLV Type 236 and add a MT ID. • Multi-Topology ID Values Multi-Topology ID (MT ID) standardized and in use in Cisco IOS: MT ID #0 – “standard” topology for IPv4/CLNS MT ID #2 – IPv6 Routing Topology. Presentation_ID 37
  • 38. Cisco IOS Multi-Topology IS-IS Area B configuration example Router1# interface ethernet-1 ip address 10.1.1.1 255.255.255.0 ipv6 address 2001:0001::45c/64 ip router isis ipv6 router isis isis ipv6 metric 20 interface ethernet-2 ip address 10.2.1.1 255.255.255.0 ipv6 address 2001:0002::45a/64 ip router isis ipv6 router isis isis ipv6 metric 20 router isis net 49.0000.0100.0000.0000.0500 metric-style wide ! address-family ipv6 multi-topology exit-address-family LAN1: 2001:0001::45c/64 Ethernet-1 Ethernet-2 Router1 LAN2: 2001:0002::45a/64 • The optional keyword ttrraannssiittiioonn may be used for transitioning existing IS-IS IPv6 single SPF mode to MT IS-IS. • Wide metric is mandated for Multi- Topology to work. Presentation_ID 38
  • 39. Multi-Protocol BGP for IPv6 – RFC2545 • IPv6 specific extensions: Scoped addresses: Next-hop contains a global IPv6 address and/or potentially a link-local address NEXT_HOP and NLRI are expressed as IPv6 addresses and prefix. Address Family Information (AFI) = 2 (IPv6) Sub-AFI = 1 (NLRI is used for unicast) Sub-AFI = 2 (NLRI is used for multicast RPF check) Sub-AFI = 3 (NLRI is used for both unicast and multicast RPF check) Sub-AFI = 4 (label) Presentation_ID 39
  • 40. A Simple MP-BGP Session Router Router1 2 AS 65001 AS 65002 3ffe:b00:c18:2:1::F 3ffe:b00:c18:2:1:: 1 Router1# interface Ethernet0 ipv6 address 3FFE:B00:C18:2:1::F/64 ! router bgp 65001 bgp router-id 10.10.10.1 no bgp default ipv4-unicast neighbor 3FFE:B00:C18:2:1::1 remote-as 65002 address-family ipv6 neighbor 3FFE:B00:C18:2:1::1 activate neighbor 3FFE:B00:C18:2:1::1 prefix-list bgp65002in in neighbor 3FFE:B00:C18:2:1::1 prefix-list bgp65002out out exit-address-family Presentation_ID 40
  • 41. IPv4 versus IPv6 Multicast IP Service IPv4 Solution IPv6 Solution Address Range 32-bit, class D 128-bit Protocol Independent All IGPs,and BGP4+ with v6 mcast SAFI Forwarding PIM-SM, PIM-SSM, PIM-bidir MLDv1, v2 Protocol Independent All IGPs,and BGP4+ Routing PIM-DM, PIM-SM, PIM-SSM, PIM-bidir Group IGMPv1, v2, v3 Management Domain Control Boundary/Border Scope Identifier Interdomain Solutions MSDP across Independent PIM Domains Single RP within Globally Shared Domains Presentation_ID 41
  • 42. Multicast Listener Discover – MLD • MLD is equivalent to IGMP in IPv4 • MLD messages are transported over ICMPv6 • Version number confusion: MLDv1 corresponds to IGMPv2 RFC 2710 MLDv2 corresponds to IGMPv3, needed for SSM draft-vida-mld-v2-06.txt • MLD snooping draft-ietf-magma-snoop-04.txt • CGMP for v6 under consideration Presentation_ID 42
  • 43. IP Routing for Multicast • RPF based on reachability to v6 source same as with v4 multicast • RPF still protocol independent: Static routes, mroutes Unicast RIB: BGP, ISIS, OSPF, EIGRP, RIP, etc Multi-protocol BGP (mBGP) - support for v6 mcast sub-address family - provide translate function for non-supporting peers Presentation_ID 43
  • 44. IP Routing for Multicast RPF Route Selction Rules: I. look up the longest mask route from the available route sources: 1. static mroutes. 2. MBGP RIB, 3. unicast RIB, II.If more than one of these three sources returns a route with the same longest mask then select amongst these routes the one with the lowest (= best) distance. III. If the distance is equal on multiple entries: Select static mroute over MBGP over unicast RIB Presentation_ID 44
  • 45. IPv6 Multicast Forwarding • PIM-Sparse Mode (PIM-SM) draft-ietf-pim-sm-v2-new-06.txt, • PIM-Source Specific Mode (PIM-SSM) draft-ietf-ssm-overview-03.txt (v6 SSM needs MLDv2) unicast prefix based multicast addresses ff30::/12 -> SSM range is ff3X::/32 -> current allocation is from ff3X::/96 • PIM-bidirectional Mode (PIM-bidir) draft-ietf-pim-bidir-04.txt Presentation_ID 45
  • 46. RP mapping mechanisms for PIM-SM • Static RP assignment • BSR • Auto-RP – no current draft Presentation_ID 46
  • 47. Domain Control • Definitions: –A PIM domain is topology served by common RP for all sources and receivers of same group. –A routing domain is consistent with AS. • Its necessary to constrain the PIM messages, rp-mappings, and data for groups within the PIM domain: –In IPv4 we used multicast boundary/ BSR border –In IPv6 we use scopes and zones Presentation_ID 47
  • 48. IPv6 Scoping support • Scopes: draft-ietf-ipngwg-addr-arch-v3-11.txt Example scopes: link-local (2) site-local (5) global (E or 14) • Zone is a connected region of topology of a given scope • Initial implementation similar to v4 boundaries: – Can configure interface with zone and scope ipv6 zone <zoneid> scope <2-15> CAUTION: This is still being worked. – PIM messages and data traffic within that scope are ignored on that interface – Initially a zone can only contain one interface Presentation_ID 48
  • 49. IPv6 Multicast Inter-domain Options SSM, no RPs R S ASM across multiple separate PIM domains, each with RP, MSDP peering RRPP RRPP RRPP CCEE11 DDRR DDRR ASM across single shared PIM domain, one RP DDRR R R S S Presentation_ID 49
  • 50. Configuring Cisco IOS IPv6 Multicast Group mode determines how to forward, compared to interface mode in v4. By default all interfaces are PIM enabled unless explicitly disabled. Config for PIM-SSM: ! ipv6 multicast-routing ! Config for PIM-SM: ! ipv6 multicast-routing ipv6 pim rp-address <v6_address> ! Disable PIM on an interface ! interface ethernet 0 no ipv6 pim ! Config for PIM-bidir: ! ipv6 multicast-routing ipv6 pim rp-address <v6-address> bidir ! Presentation_ID 50
  • 51. Overview of Mobile IPv6 Functionality HA 1. 2. MN CN 4. 3. • 1. MN obtains Local IP address using stateless or stateful autoconfiguration – Neighbor Discovery • 2. MN registers with HA by sending a Binding Update • 3. HA intercepts traffic for registered MN and tunnels packets from CN to MN • 4. MN sends packets from CN directly or via HA using Tunnel Presentation_ID 51
  • 52. Route Optimization Correspondent Host CN to MN Mobile Node Home Agent • Traffic is routed directly from the CN to the MN • Binding Update SHOULD be part of every IPv6 node implementation • IPv4 also has route optimization but CN needs enhanced IP stack and Key management is a problem • Security Issues – Shared Key or PKI Problem and We need a Scalable Solution Presentation_ID 52
  • 53. Cisco IOS Mobile IPv6 Home Agent Technology Preview • MIPv6 Home Agent Technology Preview release built on IETF MIPv6 draft 20 • Initial release was ID-13 • Available on Cisco 2600, 3600, 3700 and 7200 series • Adding DAD and DHAD • IPsec support planned for a later stage • waiting for IETF MIPv6 WG completion • Binding update can be filtered by source address using ACL • Only available for testing and experiment Tested with BSD, Linux and Windows MIPv6 client Router1# ipv6 unicast-routing Router1# ipv6 mobile Router1# interface ethernet-1 ipv6 address 2001:0001::45c/64 ipv6 mobile home-agent enable Router1# interface ethernet-2 ipv6 address 2001:0002::45a/64 ipv6 mobile home-agent enable MP3 client Ethernet-2 Ethernet-1 AP2 AP1 Presentation_ID 53
  • 54. IPv6 Security • IPsec standards apply to both IPv4 and IPv6 • All implementations required to support authentication and encryption headers (“IPsec”) • Authentication separate from encryption for use in situations where encryption is prohibited or prohibitively expensive • Key distribution protocols are not yet defined (independent of IP v4/v6) • Support for manual key configuration required Presentation_ID 54
  • 55. IP Quality of Service Reminder Two basic approaches developed by IETF: • “Integrated Service” (int-serv) fine-grain (per-flow), quantitative promises (e.g., x bits per second), uses RSVP signaling • “Differentiated Service” (diff-serv) coarse-grain (per-class), qualitative promises (e.g., higher priority), no explicit signaling Signaled diff-serv (RFC 2998) – uses RSVP for signaling with course-grained qualitative aggregate markings – allows for policy control without requiring per-router state overhead Presentation_ID 55
  • 56. IPv6 Support for Int-Serv • 20-bit Flow Label field to identify specific flows needing special QoS – each source chooses its own Flow Label values; routers use Source Addr + Flow Label to identify distinct flows – Flow Label value of 0 used when no special QoS requested (the common case today) • This part of IPv6 is not standardized yet, and may well change semantics in the future http://www.ietf.org/internet-drafts/draft-ietf-ipv6-flow-label- 07.txt Presentation_ID 56
  • 57. IPv6 Support for Diff-Serv • 8-bit Traffic Class field to identify specific classes of packets needing special QoS – same as new definition of IPv4 Type-of- Service byte – may be initialized by source or by router enroute; may be rewritten by routers enroute – traffic Class value of 0 used when no special QoS requested (the common case today) Presentation_ID 57
  • 58. IPv4 IPv6 IPv6 and DNS Hostname to IP address A record: www.abc.test. A 192.168.30.1 AAAA record: www.abc.test AAAA 3FFE:B00:C18:1::2 IP address to hostname PTR record: 2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.8.1.c.0. 0.0.b.0.e.f.f.3.ip6.arpa PTR www.abc.test. PTR record: 1.30.168.192.in-addr.arpa. PTR www.abc.test. Presentation_ID 58
  • 59. IPv6 Technology Scope IP Service IPv4 Solution IPv6 Solution 32-bit, Network Address Translation 128-bit, Multiple Addressing Range Scopes Autoconfiguration Serverless, Reconfiguration, DHCP Security IPSec Mandated, works End-to-End Mobile IP with Direct Routing DHCP IPSec Mobile IP Mobility Quality-of-Service Differentiated Service, Integrated Service Differentiated Service, Integrated Service IP Multicast IGMP/PIM/Multicast MLD/PIM/Multicast BGP BGP,Scope Identifier Presentation_ID 59
  • 60. IPv6 Standards • Core IPv6 specifications are IETF Draft Standards => well-tested & stable currently have 5 Draft Standards, 32 Proposed started to compile an IPv6 Node Requirements spec • Some important auxilliary standards are less mature e.g., mobile IPv6, MIBS, scoped addressing,… for an up-to-date status: playground.sun.com/ipv6 • 3GPP UMTS Rel. 5 cellular wireless standards mandate IPv6; also being considered by 3GPP2 Presentation_ID 60
  • 61. IPv6 Current Status - Standardisation • Several key components now on Standards Track: Specification (RFC2460) Neighbour Discovery (RFC2461) ICMPv6 (RFC2463) IPv6 Addresses (RFC2373/4/5) RIP (RFC2080) BGP (RFC2545) IGMPv6 (RFC2710) OSPF (RFC2740) Router Alert (RFC2711) Jumbograms (RFC2675) Autoconfiguration (RFC2462) IPv6 over: PPP (RFC2023) Ethernet (RFC2464) FDDI (RFC2467) Token Ring (RFC2470) NBMA(RFC2491) ATM (RFC2492) Frame Relay (RFC2590) ARCnet (RFC2549) Presentation_ID 61
  • 62. Prioritizing IETF IPv6 WG Work (1) Finishing work-in-progress: Default address selection Address architecture Basic & advanced APIs ICMPv6 update Router preferences Cellular hosts requirements Node information queries DAD fixes to privacy address, autoconf and/or address architecture (2) Important and urgent for deployment: DNS discovery Prefix delegation IPv6 MIBs Presentation_ID 62
  • 63. Prioritizing IPv6 WG Work (cont.) (3) Important but not quite so urgent: Flow label specification Scoped address architecture IPv6-over-3GPP-PDP-contexts spec IPv6 node requirements (4) important but perhaps better handled in other WGs: secure, robust plug-and-play multi-link subnet specification anycast architecture routing protocol updates to handle IPv6 scoping (5) important and already handled in other WGs: site multihoming IPv4 coexistence / interoperability / transition DHCPv6 mobile IPv6 Presentation_ID 63
  • 64. Status of Other IPv6-Related WG in the IETF • NGtrans (Next Generation Transition) Major reorganization, moving from “tool development” to “IPv6 network operation” • v6Ops • DHCP (dynamic host configuration) DHCPv6 spec very close to Proposed Standard (at last!) • Multi6 (multihoming for IPv6) Little progress • Mobile IP Binding-update authentication issue of mobile IPv6 resolved; expect Proposed Standard soon(?) Presentation_ID 64
  • 66. More Information • CCO IPv6 - http://www.cisco.com/ipv6 • The ABC of IPv6 http://www.cisco.com/en/US/products/sw/iosswrel/products_abc_ios_• IPv6 e-Learning [requires CCO username/password] http://www.cisco.com/warp/customer/732/Tech/ipv6/elearning/ • IPv6 Access Services : http://www.cisco.com/warp/public/732/Tech/ipv6/docs/ipv6_access_• ICMPv6 Packet Types and Codes TechNote: http://www.cisco.com/warp/customer/105/icmpv6codes.html • Cisco IOS IPv6 Product Manager – pgrosset@cisco.com Presentation_ID 66
  • 67. Presentation_ID © 1999, Cisco Systems, Inc. www.cisco.com 67
  • 68. © 2001, Cisco Systems, Inc. 68

Hinweis der Redaktion

  1. &amp;lt;number&amp;gt;
  2. &amp;lt;number&amp;gt;
  3. &amp;lt;number&amp;gt; IPv6 addresses are represented as a series of 16-bit hexadecimal fields separated by colons (:). The A, B, C, D, E, F in hexadecimal are case insensitive. In order to shorten the writing of IPv6 addresses, a few tricks are available: The leading zeros in a field are optional, so that 09C0 = 9C0 and 0000 = 0. Successive fields of 0 are represented as ::, but only once in an address. An address parser is able to identify the number of missing zeros by putting the two parts apart and filling 0 until the 128 bits is complete. But if two :: are placed in the address, then there is no way to identify the size of each block of zeros. So only one :: is possible in a valid IPv6 address. The use of the :: technique makes many addresses very small, for example, FF01:0:0:0:0:0:1 becomes FF01::1. The &amp;quot;unspecified&amp;quot; address is written as ::, since it contains all zeros.
  4. &amp;lt;number&amp;gt;
  5. &amp;lt;number&amp;gt; The generic allocation process is: IANA allocates 2001::/16 to registries from the full address space Slow-start allocation process: Each registry gets a /23 prefix from IANA, within the 2001::/16 space Registry allocates an initial /32 prefix to a new IPv6 ISP ISP allocates a /48 prefix (out of the /32) to each customer
  6. &amp;lt;number&amp;gt; Current LANs like Ethernet use 48-bit MAC addresses defined by the IEEE 802 standards. The IEEE has introduced a new, 64-bit address space called EUI-64, for new kinds of LANs. There is a standard mapping from a 48-bit MAC into a 64-bit EUI-64.
  7. &amp;lt;number&amp;gt;
  8. &amp;lt;number&amp;gt;
  9. &amp;lt;number&amp;gt;
  10. &amp;lt;number&amp;gt;
  11. &amp;lt;number&amp;gt; The 6Bone uses addresses from an official range assigned by IANA and allocates them. The policy is defined in RFC 2921. The first allocations of the 6Bone started at 3ffe:0000::/16 where any pTLA receives a /24 prefix. A maximum of 256 pTLA were allowed. More than 50 pTLAs received a /24 prefix. Later, the allocation policy changed in order to increase the maximum number of pTLAs, which is described in this graphic. This new allocation allows for a maximum of 2048 pTLAs. The graphic illustrates the current policy: A pTLA receives a /28 from the 6Bone registry. The prefix is inside the 3ffe:0800::/28 range. An end-site receives a /48 from its upstream provider. A LAN within a site is assigned a /64 prefix from that site prefix.
  12. &amp;lt;number&amp;gt; The 6Bone topology is a hierarchy of providers. First-level nodes are backbone nodes called pseudo Top-Level Aggregator (pTLA). They are called aggregators since they must aggregate all their customer’s traffic and only announce the pTLA prefix. Top-Level means that they connect together in the defaut-free zone, where no default route is avertised. They are pseudo since the 6Bone is a testbed which simulates real service providers. Backbone nodes are also called Tier-1 providers or Tier-1 ISPs. Each pTLA peer only with other pTLAs. The peering between pTLAs is done using the BGP protocol, with Multiprotocol extensions to support IPv6. The peering may happen through IPv6 native over a LAN of an NAP, through IPv6 native WAN links, or through the IPv4 Internet by using IPv6 over IPv4 tunnels. Default-free zone is where the full global routing table is used by the ISPs to exchange traffic. Within that table, there is no default route and only aggregated IPv6 routes are present. This corresponds to the first level of the Internet.
  13. &amp;lt;number&amp;gt;
  14. &amp;lt;number&amp;gt;
  15. &amp;lt;number&amp;gt;
  16. &amp;lt;number&amp;gt;
  17. Runs directly over IPv6 : ATM aal5 mux, tunneling : configured tunnel All of OSPF for IPv4&amp;apos;s optional capabilities, including on-demand circuit support, NSSA areas, and the multicast extensions to OSPF (MOSPF) are also supported in OSPF for IPv6.
  18. Authentication no more on OSPF -   It&amp;apos;s now the job of IPv6 to make sure the right level of authentication is in use. OSPFv2 over IP = protocol 89 OSPFv3 over IPv6 = protocol 89
  19. &amp;lt;number&amp;gt; Global, site local, link local Link local : icmp redirect, ripng forwarding addrm only when sharing a same subnet
  20. &amp;lt;number&amp;gt; Establish on top of IPv4 or IPv6 BGP4 independant of the transport BGP id : not an IPv4 address (should be only)
  21. &amp;lt;number&amp;gt; Same two basic approaches are defined for both IPv4 and IPv6.
  22. &amp;lt;number&amp;gt;
  23. &amp;lt;number&amp;gt;
  24. &amp;lt;number&amp;gt;