Service Provider IPv6 Deployment - Daniels Networking Blog

7/6/2015
ServiceProviderIPv6Deployment|Danielsnetworkingblog
Danielsnetworkingblog
NetworkingarticlesbyCCIE#37149
Home
About
Home>CCDE,IPv6>ServiceProviderIPv6Deployment
Typetexttosearchhere...
ServiceProviderIPv6Deployment
June29,2015reaper81LeaveacommentGotocomments
RateThis
ThesearemystudynotesregardingIPv6deploymentinSPnetworksinpreparationforthe
CCDEexam.
DriversforimplementingIPv6
Externaldrivers
SPcustomersthatneedaccesstoIPv6resources
SPcustomersthatneedtointerconnecttheirIPv6sites
SPcustomersthatneedtointerfacewiththeirowncustomersoveriPv6
Internaldrivers
HandleproblemsthatmaybehardtofixwithIPv4suchaslargenumberof
devices(cellphones,IPcameras,sensorsetc)
PublicIPv4addressexhaustion
PrivateIPv4addressexhaustion
Strategicdrivers
Longtermexpansionplansandserviceofferings
Preparingfornewservicesandgainingcompetitiveadvantage
Infrastructure
SPCoreInfrastructure
NativeIPv4core
L2TPv3forVPNs
MPLScore
MPLSVPNs
MyreflectionisthatmostcoreswouldbeMPLSenabled,howeverthereareprojectssuch
asTerastreaminDeutscheTelekomwheretheentirecoreisIPv6enabledandL2TPv3is
usedinplaceofMPLS.
IPv6inNativeIPv4Environments
http://lostintransit.se/2015/06/29/serviceprovideripv6deployment/
1/10
7/6/2015
Tunnelv6inv4
Nativev6withdedicatedresources
Dualstack
Theeasiestwaytogetgoingwithv6wastotunnelitoverv4.Thenextlogicalstepwasto
enablev6butonseparateinterfacestonotdisturbtherealtrafficandtobeableto
experimentwiththeprotocol.Theendgoalisdualstack,atleastinanonMPLSenabled
network.
IPv6inMPLSenvironments
6PE
6VPE
6PEisatechnologytorunIPv6overanIPv4enabledMPLSnetwork.6VPEdoesthe
samebutwithVRFs.
NativeIPv6overDedicatedDataLink
Dedicateddatalinksbetweencorerouters
DedicateddatalinkstoIPv6customers
ConnectiontoanIPv6IX
Dualstack
AllP+PErouterscapableofv4+v6transport
EithertwoIGPsoroneIGPforbothv4+v6
Requiresmorememoryduetotworoutingtables
IPv6multicastnativelysupported
AllIPv6trafficisroutedinglobalspace(noMPLS)
Goodforcontentdistributionandglobalservices(Internet)
6PE
IPv6globalconnectivityoveranIPv4MPLScore
Transitionmechanism(debatable)
PEsaredualstackedandneed6PEconfiguration
IPv6reachabilityexchangedviaMPBGPoveriBGPsessions
IPv6packetstransportedfrom6PEto6PEinsideMPLS
ThenexthopisanIPv4mappedIPv6addresssuchas::FFFF:1.1.1.1
BGPlabelassignedfortheIPv6prefix
BottomlabelusedduetoProutersnotv6capableandforloadsharing
neighborsendlabelisconfiguredunderBGPaddressfamilyipv6
6PEisviewedasatransitionmechanismbutthisisarguable,ifyoutransportIPv4over
MPLS,youmaywanttodothesamewithIPv6aswellforconsistency.Running6PE
meansthatthereisfatesharingbetweenv4andv6though,whichcouldmeanthatan
outagemayaffectbothprotocols.ThiscouldbeavoidedbyrunningMPLSforIPv4butv6
natively.
Corenetwork(Prouters)leftuntouched
IPv6trafficinheritsMPLSbenefitssuchasfastrerouteandTE
Incrementaldeploymentpossible(upgradePEroutersfirst)
Eachsitecanbev4only,v4VPNonly,v4+v6,v4VPN+v6andsoon
ScalabilityconcernsduetoseparateRIBandFIBrequiredpercustomer
MostlysuitableforSPswithlimitedamountofPEs
2/10
7/6/2015
6vPE
EquivalentofVPNv4butforIPv6
AddVPNv6addressfamilyunderMPBGP
Sendextendedcommunitiesfortheprefixesundertheaddressfamily
Itisacommonmisconceptionfor6PEand6vPEthattraceroutesarenotpossible,thatis
howevernotentirelytrue.AProutercangenerateICMPv6messagesthatwillfollowthe
LSPtotheegressPEandthentheICMPv6errormessageisforwardedbacktothe
originatorofthetraceroute.
Routereflectorsfor6PEand6vPE
NeededtoscaleBGPfullmesh
DedicatedRRsordatapathRRs
EitherdedicatedRRperAForhavemultipleAFsperRR
6PERRmustsupportIPv6+labelfunctionality
6vPERRmustsupportIPv6+labelandextendedcommunitiesfunctionality
PAvsPI
PAadvantages
Aggregationtowardsupstreams
MinimizesInternetroutingtablesize
PAdisadvantages
CustomerislockedwiththeSP
Renumberingcanbepainful
MultihomingandTEproblems
Themaindriverhereisifyouaregoingtomultihomeornot.Renumberingisalways
painfulbutatleastlesssoonIPv6duetobeingabletoadvertisemultipleIPv6prefixes
throughRouterAdvertisements(RA).
PIadvantages
CustomersarenotlockedtotheSP
Multihomingisstraightforward
PIdisadvantages
LargerInternetroutingtableduetolackofefficientaggregation
MemoryandCPUneedsonBGPspeakers
InfrastructureAddressing(LLAvsglobal)
Whattypeofaddressesshouldbedeployedoninfrastructurelinks?
LinkLocalAddressFE80::/10
Nonrouteableaddress
Lessattacksurface
Smallerroutingtables
CanconvergefasterduetosmallerRIB/FIB
LessneedforiACLatedgeofnetwork
Cantpinglinks
Canttraceroutelinks
MaybemorecomplextomanagewithNMS
3/10
7/6/2015
UseglobaladdressonloopbackforICMPv6messages
WillnotworkwithRSVPTEtunnels
Globalonly2000::/3(currentIANAprefix)
Globallyrouteable
Largerattacksurfaceunlessprefixsuppressionisused
UseuRPFandiACLatedgetoprotectyourlinks
Easiertomanage
ItwouldbeinterestingtohearifyouhaveseenanydeploymentswithLLAonlyon
infrastructurelinks.Intheoryitsaniceideabutitmaycorneryouinsomecases,
preventingyoufromimplementingotherfeaturesthatyouwishtodeployinyournetwork.
Use/126or/127onP2Plinkswhichistheequivalentof/30or/31onIPv4links.For
loopbacksuse/128prefixes.AlwaysassignaddressesfromarangesothatcreatingACLs
andiACLsbecomeslesstedious.
Usinganotherprefixthan/64onaninterfacewillbreakthefollowingfeatures:
NeighborDiscovery(ND)
SecureNeighborDiscovery(SEND)
Privacyextensions
PIMSMwithembeddedRP
Thisisofcourseforsegmentswherethereareendusers.
PrefixAllocationPractices
ManySPsoffer/48,/52,/56,/60or/64prefixes
Enterprisecustomersreceiveone/48ormore
Smallbusinesscustomersreceive/52or/56prefix
Broadbandcustomersmayreceive/56or/60viaDHCPPrefixDelegation(DHCP
PD)
Debatingprefixallocationprefixesislikedebatingreligion,politicsoryourfavouriteOS.
Whateveryouchoose,makesurethatyoucanreviseyourpracticeasfutureservicesand
needsarrise.
CarrierGradeNAT(CGN)
ShorttermsolutiontoIPv4exhaustagewithoutchangingResidentialGateway(RG)
orSPinfrastructure
SubscriberusesNAT44andSPdoesCGNwithNAT44
MultiplexesseveralcustomersontothesamepublicIPv4address
CGNperformanceandcapabilitiesshouldbeanalysedintheplanningphase
Mayprovidechallengesinloggingsessions
LongtermsolutionistodeployIPv6
IreallydontlikeCGN,itslowsdownthedeploymentofIPv6.Itsatoollikeanything
elsethoughthatmaybeusedselectivelyifthereisnoothersolutionavailable.
IPv6overL2TPSoftwires
4/10
7/6/2015
DualstackIPv4/IPv6onRGLANside
PPPoEorIPv4oEterminatedonv4onlyBNG
L2TPv2softwirebetweenRGandIPv6dedicatedL2TPNetworkServer(LNS)
StatefularchitectureonLNS
OffersdynamiccontrolandgranularaccountingofIPv6traffic
Limitedinvestmentneededandlimitedimpactonexistinginfrastructure
IhaveneverseenIPv6deployedoversoftwires,whataboutyoureaders?
6RD
Uses6RDCE(CustomerEdge)and6RDBR(BorderRelay)
Automaticprefixdelegationon6RDCE
StatelessandautomaticIPv6inIPv4encapanddecapfunctionson6RD
FollowsIPv4routing
6RDBRsareadressedwithIPv4anycastforloadsharingandresiliency
Limitedinvestmentandimpactonexistinginfrastructure
IPv4viaIPv6UsingDSLitewithNAT44
NetworkhasmigratedtoIPv6butneedstoprovideIPv4services
IPv4packetsaretunneledoverIPv6
Introducestwocomponents:B4(BasicBridgingBroadbandElement)andAFTR
(AddressFamilyTransitionRouter)
B4typicallysitsintheRG
AFTRislocatedinthecoreinfrastructure
DoesnotprovideIPv4andIPv6hoststotalktoeachother
AFTRdeviceterminatesthetunnelanddecapsulatesIPv4packet
AFTRdeviceperformsNAT44oncustomerprivateIPtopublicIPaddresses
IncreasedMTU,beawareoffragmentation
ConnectingIPv6onlywithIPv4only(AFT64)
OnlyapplicablewhereIPv6onlyhostsneedtocommunicatewithIPv4onlyhosts
Statefulorstatelessv6tov4translation
IncludesNAT64andDNS64
MAP(MappingofAddressandPort)
MAPTStateless464translation
MAPEStateless464encapsulation
AllowssharingofIPv4addressacrossanIPv6network
EachsharedIPv4endpointgetsauniqueTCP/UDPportrangeviarules
AllorpartoftheIPv4addresscanbederivedfromtheIPv6prefix
Thisallowsforroutesummarization
NeedtoallocateTCP/UDPportrangestoeachCPE
StatelessborderrelaysinSPnetwork
Canbeimplementedinhardwareforsuperiorperformance
Canuseanycastandhaveasymmetricrouting
Nosinglepointoffailure
LeveragesIPv6inthenetwork
5/10
7/6/2015
NoCGNinsideSPnetwork
NoneedforloggingorALGs
DependentonCPErouter
NAT64
Statefulorstatelesstranslation
Stateful
1:Ntranslation
PAT
TCP,UDP,ICMP
SharesIPv4addresses
Stateless
1:1translation
NAT
Anyprotocol
NoIPv4addresssavings
Follow
Follow Daniels
networking blog
Get every new post delivered
to your Inbox.
DNS64isoftenrequiredincombinationwithNAT64tosendAAAAresponsetotheIPv6
Join 1,794 other followers
onlyhostsincasetheserveronlyexistsinthev4world.
464XLAT
Enteryouremailaddress
Somewherearound15%ofappsbreakwithnativev6orNAT64
Signmeup
Skypeisoneoftheseapps
464XLATcanhelpwithmostoftheseapplications
Handsetdoesstateless4to6translation Build a website with WordPress.com
NetworkdoesNAT64
DeployedbyTMobile
About these ads
Sharethis:
Email
Like
Print
LinkedIn
Twitter
6/10
7/6/2015
Like
Bethefirsttolikethis.
Related
AQuickLookatNAT64and
NAT46
In"IPv6"
BookReviewEndtoEnd
QoSNetworkDesign:Quality
ofServiceforRichMedia&
CloudNetworks,Second
Edition
In"Announcement"
CCIESPversion4hasbeen
announced
In"Announcement"
Categories:CCDE,IPv6Tags:CCDE,IPv6,IPv6transition
Comments(0)Trackbacks(0)LeaveacommentTrackback
1. Nocommentsyet.
1. Notrackbacksyet.
LeaveaReply
Enteryourcommenthere...
ComingUpdatestotheCCIEProgram
RSSfeed
June2015
M T W T F S S
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30
May
7/10
7/6/2015
EmailSubscription
Enteryouremailaddresstosubscribetothisblog
andreceivenotificationsofnewpostsbyemail.
Join1,794otherfollowers
Enteryouremailaddress
Signmeup!
Categories
SelectCategory
Archives
June2015(2)
May2015(1)
April2015(3)
March2015(1)
February2015(6)
January2015(5)
December2014(1)
November2014(2)
October2014(3)
August2014(3)
July2014(4)
June2014(2)
May2014(2)
April2014(3)
March2014(3)
February2014(4)
January2014(2)
December2013(2)
November2013(3)
October2013(5)
September2013(4)
August2013(5)
July2013(2)
June2013(2)
May2013(5)
April2013(6)
March2013(4)
February2013(2)
January2013(2)
December2012(1)
November2012(4)
October2012(6)
September2012(3)
8/10
7/6/2015
August2012(8)
July2012(1)
June2012(7)
May2012(3)
April2012(2)
March2012(3)
February2012(10)
January2012(6)
December2011(7)
November2011(3)
October2011(5)
September2011(6)
August2011(10)
July2011(12)
June2011(9)
May2011(11)
April2011(6)
March2011(10)
February2011(16)
January2011(20)
December2010(13)
November2010(8)
October2010(3)
September2010(7)
August2010(17)
July2010(10)
Anki
Announcement BGP
Books Catalyst CCDE
CCIE
CCIE
links Convergence Dynamips EIGRP

Ethernet Framerelay IPv6 MPLS Multicast
NetworkDesign Notes OSPF Other QoS
RIP Routing Scripts Security Spanning
tree Switching Troubleshooting
Uncategorized Usefulcommands
RecentPosts
ServiceProviderIPv6Deployment
ComingUpdatestotheCCIEProgram
DesignConsiderationsforNorth/South
FlowsintheDataCenter
IntroductiontoStorageNetworking
andDesign
NextGenerationMulticastNGMVPN
9/10
7/6/2015
Blogroll
AlwaysTheNetwork
Darren'sCCIEmission
Evilrouters
FortigateFirewall
JdsilvaBrokennetwork
JustAnotherDayattheOffice
@amyengineer
NetworkBlogBasedTraining
OrhanErgunComputerNetworkDesign
andArchitecture
PacketForwarding
PacketManiac
Packetlife
Roger'sCCIEblog
RoutingBits
TwitterfromDaniel
@Peter_PaluchIfRegisterisnotfrom
otherRP,itassumesitisfromDR.RPsuse
sameIPandoneuniqueforsendingthe
Registerforward.3daysago
@Peter_Paluch...andoptionallyjointhe
SPTdependingiftheyhavereceiversor
not.3daysago
@Peter_PaluchBasicallytheRPthatgets
RegistersendsittotheotherRPsinthe
RPset.Theythencreatethe(S,G)state...
3daysago
@CCDE066Yup,wasjustreading
cisco.com/c/en/us/suppornow.
3daysago
@danieldibsweLookslikewecandoit
withjustPIM.Neat!:)3daysago
Top
CreateafreewebsiteorblogatWordPress.com.TheINoveTheme.
10/10

Service Provider IPv6 Deployment - Daniels Networking Blog

Diunggah oleh

Informasi Dokumen

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Service Provider IPv6 Deployment - Daniels Networking Blog

Diunggah oleh

Hak Cipta:

Format Tersedia

7/6/2015

Books Catalyst CCDE

links Convergence Dynamips EIGRP

Anda mungkin juga menyukai