Implementing IPv6

Introducing IPv6

Why Do We Need a Larger Address Space?

Internet population Approximately 973 million users in November 2005 Emerging population and geopolitical and address space Mobile users PDA, pen-tablet, notepad, and so on Approximately 20 million in 2004 Mobile phones Already 1 billion mobile phones delivered by the industry

Transportation 1 billion automobiles forecast for 2008 Internet access in planes Example: Lufthansa Consumer devices Sony mandated that all its products be IPv6-enabled by 2005 Billions of home and industrial appliances

IPv6 Advanced Features

Larger address space
Global reachability and flexibility Aggregation Multihoming Autoconfiguration Plug-and-play End to end without NAT Renumbering

Simpler header
Routing efficiency Performance and forwarding rate scalability No broadcasts No checksums Extension headers Flow labels

IPv6 Advanced Features (Cont.)

Mobility and security
Mobile IP RFC-compliant IPsec mandatory (or native) for IPv6

Transition richness
Dual stack 6to4 tunnels

Translation

Larger Address Space

IPv4
32 bits or 4 bytes long ~ = 4,200,000,000 possible addressable nodes

IPv6
128 bits or 16 bytes: four times the bits of IPv4 ~ = 3.4 * 1038 possible addressable nodes
~ = 340,282,366,920,938,463,374,607,432,768,211,456 28 ~ = 5 * 10 addresses per person

Larger Address Space Enables Address Aggregation

Aggregation of prefixes announced in the global routing table Efficient and scalable routing Improved bandwidth and functionality for user traffic

Summary
IPv6 is a powerful enhancement to IPv4. Features that offer functional improvement include a larger address space, simplified header, and mobility and security. IPv6 increases the number of address bits by a factor of four, from 32 to 128.

Implementing IPv6

Defining IPv6 Addressing

Simple and Efficient Header

A simpler and more efficient header means:

64-bit aligned fields and fewer fields Hardware-based, efficient processing Improved routing efficiency and performance Faster forwarding rate with better scalability

IPv4 and IPv6 Header Comparison

IPv6 Extension Headers

Simpler and more efficient header means:

IPv6 has extension headers.

It handles the options more efficiently.

It enables faster forwarding rate and end nodes processing.

IPv6 Address Representation

Format:
x:x:x:x:x:x:x:x, where x is a 16-bit hexadecimal field Case-insensitive for hexadecimal A, B, C, D, E, and F Leading zeros in a field are optional:

2031:0:130F:0:0:9C0:876A:130B
Successive fields of 0 can be represented as ::, but only once per address. Examples: 2031:0000:130F:0000:0000:09C0:876A:130B

2031:0:130f::9c0:876a:130b
2031::130f::9c0:876a:130bincorrect FF01:0:0:0:0:0:0:1 0:0:0:0:0:0:0:1 0:0:0:0:0:0:0:0 ::1 :: FF01::1

IPv6 Address Types

IPv6 uses:
Unicast Address is for a single interface. IPv6 has several types (for example, global and IPv4 mapped). Multicast One-to-many Enables more efficient use of the network Uses a larger address range Anycast One-to-nearest (allocated from unicast address space). Multiple devices share the same address. All anycast nodes should provide uniform service.

Source devices send packets to anycast address.

Routers decide on closest device to reach that destination. Suitable for load balancing and content delivery services.

IPv6 Global Unicast (and Anycast) Addresses

IPv6 has same address format for global unicast and for anycast.
Uses a global routing prefixa structure that enables aggregation upward, eventually to the ISP. A single interface may be assigned multiple addresses of any type (unicast, anycast, multicast). Every IPv6-enabled interface must contain at least one loopback (::1/128) and one link-local address. Optionally, every interface can have multiple unique local and global addresses. Anycast address is a global unicast address assigned to a set of interfaces (typically on different nodes). IPv6 anycast is used for a network multihomed to several ISPs that have multiple connections to each other.

IPv6 Unicast Addressing

IPv6 addressing rules are covered by multiple RFCs. Architecture defined by RFC 4291. Unicast: One to one

Global
Link local (FE80::/10) A single interface may be assigned multiple IPv6 addresses of any type: unicast, anycast, or multicast.

Summary
The IPv6 header has 40 octets and is simpler and more efficient than the IPv4 header. IPv6 addresses use 16-bit hexadecimal number fields separated by colons (:) to represent the 128-bit addressing format. The three types of IPv6 addresses are unicast, multicast, and anycast.

Implementing IPv6

Implementing Dynamic IPv6 Addresses

Aggregatable Global Unicast Addresses

Cisco uses the extended universal identifier (EUI)-64 format to do stateless autoconfiguration. This format expands the 48-bit MAC address to 64 bits by inserting FFFE into the middle 16 bits. To make sure that the chosen address is from a unique Ethernet MAC address, the universal/local (U/L bit) is set to 1 for global scope (0 for local scope).

Link-Local Address

Link-local addresses have a scope limited to the link and are dynamically created on all IPv6 interfaces by using a specific link-local prefix FE80::/10 and a 64-bit interface identifier. Link-local addresses are used for automatic address configuration, neighbor discovery, and router discovery. Link-local addresses are also used by many routing protocols. Link-local addresses can serve as a way to connect devices on the same local network without needing global addresses. When communicating with a link-local address, you must specify the outgoing interface because every interface is connected to FE80::/10.

EUI-64 to IPv6 Interface Identifier

A modified EUI-64 address is formed by inserting FFFE and complementing a bit identifying the uniqueness of the MAC address.

EUI-64 to IPv6 Interface Identifier (Cont.)

A modified EUI-64 address is formed by inserting FFFE and complementing a bit identifying the uniqueness of the MAC address.

EUI-64 to IPv6 Interface Identifier (Cont.)

A modified EUI-64 address is formed by inserting FFFE and complementing a bit identifying the uniqueness of the MAC address.

Multicasting

Examples of Permanent Multicast Addresses

Anycast

An IPv6 anycast address is a global unicast address that is assigned to more than one interface.

Stateless Autoconfiguration

A Standard Stateless Autoconfiguration

Stage 1: The PC sends a router solicitation to request a prefix for stateless autoconfiguration.

A Standard Stateless Autoconfiguration (Cont.)

Stage 2: The router replies with a router advertisement.

IPv6 Mobility

Summary
The MAC address may form a portion of the IPv6 system ID. IPv6 multicast addresses are defined by the prefix FF00::/8. Multicast is frequently used in IPv6 and replaces broadcast. IPv6 provides an efficient means to implement mobile IP, which has not been possible with IPv4.

Implementing IPv6

Using IPv6 with OSPF and Other Routing Protocols

IPv6 Routing Protocols

IPv6 routing types Static RIPng (RFC 2080)

OSPFv3 (RFC 2740) IS-IS for IPv6 MP-BGP4 (RFC 2545/2858) EIGRP for IPv6 The ipv6 unicast-routing command is required to enable IPv6 before any routing protocol configured.

RIPng
Same as IPv4
Distance vector, radius of 15 hops, split horizon, and poison reverse

Based on RIPv2

Updated features for IPv6

IPv6 prefix, next-hop IPv6 address Uses the multicast group FF02::9, the all-rip-routers multicast group, as the destination address for RIP updates Uses IPv6 for transport Named RIPng

OSPF Version 3 (OSPFv3) (RFC 2740)

Similar to IPv4
Same mechanisms, but a major rewrite of the internals of the protocol

Updated features for IPv6

Every IPv4-specific semantic removed Carry IPv6 addresses Link-local addresses used as source IPv6 transport OSPF for IPv6 currently an IETF proposed standard

Integrated Intermediate System-to-Intermediate System (IS-IS)

Same as for IPv4 Extensions for IPv6: Two new Type, Length, Value (TLV) attributes:

IPv6 reachability (with 128-bit prefix)

IPv6 interface address (with 128 bits) New protocol identifier Not yet an IETF standard

Multiprotocol Border Gateway Protocol (MP-BGP) (RFC 2858)

Multiprotocol extensions for BGP4:
Enables protocols other than IPv4 New identifier for the address family

IPv6 specific extensions:

Scoped addresses: NEXT_HOP contains a global IPv6 address and potentially a link-local address (only when there is a link-local reachability with the peer).

NEXT_HOP and Network Layer Reachability Information (NLRI) are expressed as IPv6 addresses and prefix in the multiprotocol attributes.

OSPFv3Hierarchical Structure
Topology of an area is invisible from outside of the area: LSA flooding is bounded by area.

SPF calculation is performed separately for each area.

Backbones must be contiguous. All areas must have a connection to the backbone: Otherwise a virtual link must be used to connect to the backbone.

OSPFv3Similarities with OSPFv2

OSPFv3 is OSPF for IPv6 (RFC 2740) Based on OSPFv2, with enhancements Distributes IPv6 prefixes

Runs directly over IPv6

OSPFv3 and OSPFv2 can be run concurrently, because each address family has a separate SPF (ships in the night). OSPFv3 uses the same basic packet types as OSPFv2:

Hello
Database description (DBD) Link state request (LSR) Link state update (LSU) Link state acknowledgment (ACK)

OSPFv3Similarities with OSPFv2

Neighbor discovery and adjacency formation mechanism are identical. RFC-compliant NBMA and point-to-multipoint topology modes are supported. Also supports other modes from Cisco, such as point-to-point and broadcast, including the interface. LSA flooding and aging mechanisms are identical.

Enhanced Routing Protocol Support Differences from OSPFv2

OSPF packet type OSPFv3 has the same five packet types, but some fields have been changed.

All OSPFv3 packets have a 16-byte header vs. the 24-byte header in OSPFv2.

OSPFv3 Differences from OSPFv2

OSPFv3 protocol processing is per link, not per subnet
IPv6 connects interfaces to links.

Multiple IPv6 subnets can be assigned to a single link.

Two nodes can talk directly over a single link, even though they do not share a common subnet. The terms network and subnet are being replaced with link. An OSPF interface now connects to a link instead of to a subnet.

OSPFv3 Differences from OSPFv2 (Cont.)

Multiple OSPFv3 protocol instances can now run over a single link
This structure allows separate autonomous systems, each running OSPF, to use a common link. A single link could belong to multiple areas. Instance ID is a new field that is used to allow multiple OSPFv3 protocol instances per link. In order to have two instances talk to each other, they need to have the same instance ID. By default, it is 0, and for any additional instance it is increased.

OSPFv3 Differences from OSPFv2 (Cont.)

Multicast addresses:
FF02::5Represents all SPF routers on the link-local scope; equivalent to 224.0.0.5 in OSPFv2 FF02::6Represents all DR routers on the link-local scope; equivalent to 224.0.0.6 in OSPFv2

Removal of address semantics

IPv6 addresses are no longer present in OSPF packet header (part of payload information). Router LSA and network LSA do not carry IPv6 addresses. Router ID, area ID, and link-state ID remain at 32 bits. DR and BDR are now identified by their router ID and not by their IP address.

Security
OSPFv3 uses IPv6 AH and ESP extension headers instead of variety of the mechanisms defined in OSPFv2.

LSA Overview

LSA Function Code Router LSA Network LSA Interarea prefix LSA 1 2 3

LSA Type 0x2001 0x2002 0x2003

Interarea router LSA

AS external LSA Group membership LSA Type 7 LSA Link-LSA Intra-area prefix LSA

4
5 6 7 8 9

0x2004
0x2005 0x2006 0x2007 0x2008 0x2009

Larger Address Space Enables Address Aggregation

Aggregation of prefixes announced in the global routing table

Efficient and scalable routing Improved bandwidth and functionality for user traffic

Configuring OSPFv3 in Cisco IOS Software

Similar to OSPFv2 Prefixes existing interface and EXEC mode commands with ipv6 Interfaces configured directly Replaces network command Native IPv6 router mode Not a submode of router ospf command

Enabling OSPFv3 Globally

ipv6 unicast-routing ! ipv6 router ospf 1 router-id 2.2.2.2

Enabling OSPFv3 on an Interface

interface Ethernet0/0

ipv6 address 3FFE:FFFF:1::1/64

ipv6 ospf 1 area 0 ipv6 ospf priority 20 ipv6 ospf cost 20

Cisco IOS OSPFv3-Specific Attributes

Configuring area range: area area-id range prefix/prefix length [advertise | notadvertise] [cost cost] Showing new LSAs: show ipv6 ospf [process-id] database link show ipv6 ospf [process-id] database prefix

OSPFv3 Configuration Example

Router1# interface S1/1 ipv6 address 2001:410:FFFF:1::1/64 ipv6 ospf 100 area 0 interface S2/0 ipv6 address 3FFE:B00:FFFF:1::2/64 ipv6 ospf 100 area 1 ipv6 router ospf 100 router-id 10.1.1.3

Router2# interface S3/0 ipv6 address 3FFE:B00:FFFF:1::1/64 ipv6 ospf 100 area 1 ipv6 router ospf 100 router-id 10.1.1.4

Verifying Cisco IOS OSPFv3

Router2#show ipv6 ospf int s 3/0 S3/0 is up, line protocol is up Link Local Address 3FFE:B00:FFFF:1::1, Interface ID 7 Area 1, Process ID 100, Instance ID 0, Router ID 10.1.1.4 Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:02 Index 1/1/1, flood queue length 0 Next 0x0(0)/0x0(0)/0x0(0) Last flood scan length is 3, maximum is 3 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor 10.1.1.3 Suppress hello for 0 neighbor(s)

show ipv6 ospf

R7#show ipv6 ospf Routing Process ospfv3 1 with ID 75.0.7.1 It is an area border and autonomous system boundary router Redistributing External Routes from, connected SPF schedule delay 5 secs, Hold time between two SPFs 10 secs Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs LSA group pacing timer 240 secs Interface floor pacing timer 33 msecs Retransmission pacing timer 33 msecs Number of external LSA 3. Checksum Sum 0x12B75

show ipv6 ospf (Cont.)

Number of areas in this router is 2. 1 normal 0 stub 1 nssa Area BACKBONE(0) Number of interfaces in this area is 1 SPF algorithm executed 23 times Number of LSA 14. Checksum Sum 0x760AA Number of DCbitless LSA 0 Number of Indication LSA 0 Number of DoNotAge LSA 0 Flood list length 0 Area 2 Number of interfaces in this area is 1 It is a NSSA area Perform type-7/type-5 LSA translation SPF algorithm executed 17 times Number of LSA 25. Checksum Sum 0xE3BF0 Number of DCbitless LSA 0 Number of Indication LSA 0 Number of DoNotAge LSA 0 Flood list length 0

show ipv6 ospf neighbor detail

Router2#show ipv6 ospf neighbor detail Neighbor 10.1.1.3 In the area 0 via interface S2/0 Neighbor: interface-id 14, link-local address 3FFE:B00:FFFF:1::2 Neighbor priority is 1, State is FULL, 6 state changes Options is 0x63AD1B0D Dead timer due in 00:00:33 Neighbor is up for 00:48:56 Index 1/1/1, retransmission queue length 0, number of retransmission 1 First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0) Last retransmission scan length is 1, maximum is 1 Last retransmission scan time is 0 msec, maximum is 0 msec

show ipv6 ospf database

Router Link States (Area 1) ADV Router 26.50.0.1 26.50.0.2 Age 1812 1901 Seq# 0x80000048 0x80000006 Fragment ID 0 1 0 1 Link count Bits None B

Net Link States (Area 1) ADV Router 26.50.0.1 Age 57 Seq# 0x8000003B Link ID 3 Rtr count 4

Inter-Area Prefix Link States (Area 1) ADV Router 26.50.0.2 26.50.0.2 Age 139 719 Seq# 0x80000003 0x80000001 Prefix 3FFE:FFFF:26::/64 3FFE:FFF:26::/64

Inter-Area Router Link States (Area 1) ADV Router 26.50.0.2 26.50.0.4 Age 772 5 Seq# 0x80000001 0x80000003 Link ID 1207959556 1258292993 Dest RtrID 72.0.0.4 75.0.7.1

show ipv6 ospf database (Cont.)

Link (Type-8) Link States (Area 1) ADV Router 26.50.0.1 26.50.0.2 Age 1412 238 Seq# 0x80000031 0x80000003 Link ID 3 3 Interface Fa0/0 Fa0/0

Intra-Area Prefix Link States (Area 1) ADV Router 26.50.0.1 26.50.0.1 26.50.0.2 Age 1691 702 1797 Seq# Link ID 0x8000002E 0 0x80000031 1003 0x80000002 0 Ref-Istype 0x2001 0x2002 0x2001 Ref-LSID 0 3 0

Type-5 AS External Link States ADV Router 72.0.0.4 72.0.0.4 75.0.7.1 Age 287 38 162 Seq# 0x80000028 0x80000027 0x80000007 Prefix 3FFE:FFFF:A::/64 3FFE:FFFF:78::/64 3FFE:FFFF:8::/64

show ipv6 ospf database database-summary

R3#show ipv6 ospf database database-summary Area 0 database summary LSA Type Count Delete Router 3 0 Network 0 0 Link 3 0 Prefix 3 0 Inter-area Prefix 6 0 Inter-area Router 0 0 Type-7 External 0 0 Subtotal 15 0 Maxage 0 0 0 0 0 0 0 0

Process 1 database summary LSA Type Count Router 7 Network 1 Link 7 Prefix 8 Inter-area Prefix 14 Inter-area Router 2 Type-7 External 0 Type-5 Ext 3 Total 42

Delete 0 0 0 0 0 0 0 0 0

Maxage 0 0 0 0 0 0 0 0 0

Summary
RIP, EIGRP, IS-IS, BGP, and OSPF all have new versions to support IPv6. OSPFv3 is OSPF for IPv6. Most of the algorithms of OSPFv2 are the same in OSPFv3. Some changes have been made in OSPFv3, particularly to handle the increased address size in IPv6 the fact that OSPF runs directly over IP and all of the OSPF for IPv4 optional capabilities, including on-demand circuit support and NSSA areas. The multicast extensions to OSPF (MOSPF) are also supported in OSPF for IPv6.

Summary (Cont.)
There are two new LSAs in IPv6: LSA type 8 and LSA type 9. The router LSA and the network LSA do not carry IPv6 addresses. Configuring OSPFv3 requires a good background understanding of IPv6. There are Cisco IOS software configuration commands for OSPFv3 to support all of the new and old capabilities of OSPFv3.

Numerous OSPFv3 IOS show commands support the verification of OSPFv3 configurations.

Implementing IPv6

Using IPv6 with IPv4

IPv4-to-IPv6 Transition

Transition richness means:

No fixed day to convert; no need to convert all at once. Different transition mechanisms are available:
Smooth integration of IPv4 and IPv6. Use of dual stack or 6to4 tunnels.

Different compatibility mechanisms:

IPv4 and IPv6 nodes can communicate.

Cisco IOS Software Is IPV6-Ready: Cisco IOS Dual Stack

If both IPv4 and IPv6 are configured on an interface, this interface is dual-stacked.

Dual Stack

Dual stack is an integration method where a node has implementation and connectivity to both an IPv4 and IPv6 network.

Cisco IOS Software Is IPv6-Ready: Overlay Tunnels

Tunneling encapsulates the IPv6 packet in the IPv4 packet.

Tunneling

Tunneling is an integration method where an IPv6 packet is encapsulated within another protocol, such as IPv4. This method of encapsulation is IPv4 protocol 41:
This method includes a 20-byte IPv4 header with no options and an IPv6 header and payload.

This method is considered dual stacking.

Isolated Dual-Stack Host

Encapsulation can be done by edge routers between hosts or between a host and a router.

Cisco IOS Software Is IPv6-Ready: Configured Tunnel

Configured tunnels require:

Dual-stack endpoints IPv4 and IPv6 addresses configured at each end

Example: Cisco IOS Tunnel Configuration

Cisco IOS Software Is IPv6-Ready: 6to4 Tunneling

6to4
Is an automatic tunnel method Gives a prefix to the attached IPv6 network

TranslationNAT-PT

NAT-Protocol Translation (NAT-PT) is a translation mechanism that sits between an IPv6 network and an IPv4 network.

The job of the translator is to translate IPv6 packets into IPv4 packets and vice versa.

Summary
The two most common techniques to make the transition from IPv4 to IPv6 are dual stack and IPv6-to-IPv4 (6-to-4) tunnels. Tunneling IPv6 traffic over an IPv4 network requires one edge router to encapsulate the IPv6 packet inside an IPv4 packet and another router to decapsulate it. Transition methods from IPv4 to IPv6 include dual-stack operation, protocol translation, and 6to4 tunnels.

Module Summary
IPv6 has numerous features and functions that make it a superior alternative to IPv4. IPv6 provides a larger address space in a hexadecimal format. The IPv6 addresses can be obtained by IPv6 hosts dynamically utilizing autoconfiguration. IPv6 will require new versions of RIP, EIGRP, IS-IS, BGP, and OSPF. IPv4-to-IPv6 transition methodologies will include dual stack and tunneling, with 6to4 tunneling being prevalent.