Juniper Ipv6

Junos Intermediate Routing
Appendix A: IPv6
2010 Juniper Networks, Inc. All rights reserved. | www.juniper.net | Worldwide Education Services
Chapter Objectives
After successfully completing this appendix, you will be able to:
Describe some differences between IPv4 and IPv6 List IPv6 address types and describe the IPv6 addressing format Enable an interface for IPv6 operation Configure and monitor routing for IPv6 environments Tunnel IPv6 traffic over an IPv4 network
2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-
Agenda: IPv6
Introduction to IPv6 Routing Protocol Configuration Examples Tunneling IPv6 over IPv4
What Is IPv6?
Next Generation Protocol:
Defined by the IETF Defined as RFC 2460 Intended to replace IPv4
IPv4 Versus IPv6

IPv4
32-bit (4-byte) address supports 4,294,967,296 addresses NAT can be used to extend address space limitations Administrators must use DHCP or static configuration to assign IP addresses to hosts IPsec support is optional Options are integrated into the base header
IPv6
128-bit (16-byte) address supports 2128 (about 3.41038) addresses Does not support NAT by design Hosts use stateless address autoconfiguration to assign an IP address to themselves IPsec support is necessary Improved support for options using extension headers and overall simplification of the header format
IPv6 Structure
The IPv6 header has the following improvements:
Fixed length of 40 bytes Simple, more efficient processing Extension headers handle additional options Several IPv4 fields have been removed:
Header length, identification, flags, fragment offset, and header checksum
Version (4)
Traffic (8) Class
Flow Label (20) Hop Limit (8)

40 bytes
Payload Length (16)
Next Header (8) Source Address (128)
Destination Address (128)

IPv4 Header Versus IPv6 Header

IPv4 Header
Version IHL TOS Total Length Flags Fragment Offset Identification Time to Live Protocol
IPv6 Header
Version Traffic Class Flow Label Next Header Hop Limit
Payload Length
Header Checksum
Source Address Destination Address
Source Address Destination Address Options Padding
Key
Fields the same in IPv4 and IPv6 Fields removed in IPv6 Name and position changed in IPv6 New field in IPv6
IPv6 Extension Headers

Simple packet headers provide faster processing
IPv6 deals with IP options using extension headers
IPv6 defines six extension headers:

Hop-by-hop options header Routing header Fragment header Destination options header Authentication header Encrypted security payload header
IPv6 Addressing
Extending address space is a major reason for IPv6
IPv4 address exhaustion is predicted to occur in the near future 128-bit (16-byte) address supports 2128 (about 3.41038) addresses 295 addresses for each person on Earth 252 addresses for each observable star in the known universe
IPv6 Address Types

Address types:
Unicast: Unique address that identifies an IPv6 node Multicast: Group of IPv6 interfaces Anycast: Assigned to multiple interfaces on multiple nodes
Address Notation
Each IPv6 address has 128 bits
Eight 16-bit hexadecimal blocks separated by colons Use abbreviations to simplify the notation You can omit leading zeros Double colon can replace consecutive zeros, leading zeros, or trailing zeros, but can not be used twice in an address 2bfc:0000:0000:0000:0217:cbff:fe8c:5c85 2bfc:0:0:0:217:cbff:fe8c:5c85 2bfc::217:cbff:fe8c:5c85
Leading zeros omitted Double colon
Prex Notation
Prefix identifies the subnet
Defined in RFC 4291 Similar to IPv4 in text presentation:
IPv6 address/prefix length
IPv6 Address 2bfc:0000:0000:0000:0217:cbff:fe8c:5c85/64

16 bits 16 bits 16 bits 16 bits
64-bit prefix
Address Allocation
Organizations and end users get an address allocation from their ISP
You must follow a few rules, as defined in RFC 3177
Subscriber Home network subscribers, connecting through on-demand or always-on connections Small and large enterprises Very large subscribers Mobile networks, such as vehicles or mobile phones with an additional network interface A single PC, with no additional need to subnet, dialing-up from a hotel room 48-bit prefix 48-bit prefix 47-bit, or multiple 48-bit prefixes 64-bit prefix, which allows multiple connections through a single prefix 128-bit address can be assigned as part of a 64-bit prefix
Prefix
Special Addresses
The prefix 0000 0000 is reserved for special addressing
Unspecified address: Also called the all-zeros address
0:0:0:0:0:0:0:0, or ::
Loopback address: Commonly used for testing the IP stack on the localhost
0:0:0:0:0:0:0:1, or ::1
Address Scope
IPv6 addresses have scope, which identifies the application suitable for the address
Unicast and multicast addresses support scoping Scope can be local or global
Internet
Addresses with local scope are used within the same routing domain. Addresses with global scope are used between routing domains.
Company ABC
Company XYZ
Link-Local Unicast Addresses

Link-local unicast addresses:
Use a common prefix on all subnets (FE80:0:0:0::/64) Are guaranteed to be unique only on a single link Are generated by the interface
1111111010
0000..0000
Interface ID
Prefix (10 bits)
Zero (54 bits)
Interface Identifier (64 bits)
R1
fe80::226:88ff:fe02:7481 ge-0/0/1.0
fe80::226:88ff:fe02:7482 ge-0/0/2.0
Site-Local Unicast Addresses

Site-local unicast addresses:
Are not guaranteed to be unique on the Internet Are similar to IPv4 RFC 1918 private addresses Use a common prefix in all organizations (FEC0:0:0::/48)
1111111011 Subnet ID Interface ID
Prefix (10 bits)
Subnet ID (54 bits) Company ABC
Interface Identifier (64 bits)
R1
::1 ge-0/0/1.0 FEC0:0:0:2003::/64 ::2 ge-0/0/1.0
R2
Global Unicast Addresses

Global unicast addresses are globally unique and are used to connect to and route through the Internet
Similar to IPv4 public addresses
Public Topology
FP (3 bits) Global Routing Prefix (45 bits)
Site Topology
SID (16 bits)
Interface Identifier
Interface ID (64 bits)
Internet
Company ABC
Company XYZ Worldwide Education Services

Interface ID
Interface ID
Uniquely identifies a host on a subnet Is 64 bits long Is based on IEEE EUI-64 address Is a permutation of the interface MAC address (if available)
Interface Identifier
FP (3 bits) Global Routing Prefix (45 bits) SID (16 bits) Interface ID (64 bits)
Stateless Autoconguration (1 of 2)
Allows local hosts to autoconfigure IPv6 addresses
Eliminates the need for stateful configuration elements, such as DHCP Elements of stateless autoconfiguration:
Extended unique identifier Router advertisement message Router solicitation message Prefix list
Neighbor discovery:
The process of tracking reachability status for neighbors in a local link Specified in RFC 2461
Stateless Autoconguration (2 of 2)
Address autoconfiguration
1 Link-Local Address: Autoconfigured Global Addresses Fe80::1234:abff:fecd:5678 2bfc::1234:abff:fecd:5678 3afc::1234:abff:fecd:5678 2caf::1234:abff:fecd:5678 2 RS 3 RA 1 Link-Local Address: Autoconfigured Global Addresses Fe80::9876:dcff:feba:5432 2bfc::9876:dcff:feba:5432 3afc::9876:dcff:feba:5432 2caf::9876:dcff:feba:5432 RS RA 4 Host A MAC Address: 1234.abcd.5678 Host B MAC Address: 9876.dcba.5432 Router
Trust
Untrust
Stateful Autoconguration
Allows DHCP to configure address assignment
Also known as stateful DHCPv6 in RFC 3315 Possible reasons for DHCPv6:
You require a specific IPv6 addressing scheme You require dynamic assignment of DNS servers You require dynamic updates to DNS servers You do not wish to have the MAC address as part of the IPv6 address
DHCPv6 and DHCPv4 are independent and require separate configurations
Interface Conguration Example

Use family inet6 for IPv6 operations
[edit interfaces] user@R1# show ge-0/0/1 { unit 0 { family inet6 { address fec0:0:0:2003::1/64; } } } [edit interfaces] user@R2# show ge-0/0/1 { unit 0 { family inet6 { address fec0:0:0:2003::2/64; } } }
Site-local addresses
Company ABC
R1
::1 ge-0/0/1.0 FEC0:0:0:2003::/64 ::2 ge-0/0/1.0
R2
Interface Verication Example

Use the show interface terse command to verify interface status and basic details
user@R1> show interfaces terse ge-0/0/1 Interface Admin Link Proto ge-0/0/1 up up ge-0/0/1.0 up up inet6 Local Remote fe80::226:88ff:fe02:7481/64 fec0:0:0:2003::1/64
Each interface has automatically determined its own link-local address
user@R2> show interfaces terse ge-0/0/1 Interface Admin Link Proto ge-0/0/1 up up ge-0/0/1.0 up up inet6
Local
Remote
fe80::226:88ff:fe02:6b81/64 fec0:0:0:2003::2/64
Displaying IPv6 Routing Information

Use the show route table inet6 command to view IPv6 routing information
user@R1> show route table inet6 inet6.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both fe80::/64 *[Direct/0] 00:59:12 > via ge-0/0/1.0 fe80::226:88ff:fe02:7481/128 *[Local/0] 00:59:12 Local via ge-0/0/1.0 fec0:0:0:2003::/64 *[Direct/0] 00:59:12 > via ge-0/0/1.0 fec0:0:0:2003::1/128 *[Local/0] 00:59:12 Local via ge-0/0/1.0
Displaying the IPv6 Neighbor List

Use the ping command followed by the show ipv6 neighbors command to learn then display neighbors
user@R1> show ipv6 neighbors user@R1> ping fec0:0:0:2003::2 PING6(56=40+8+8 bytes) fec0:0:0:2003::1 --> fec0:0:0:2003::2 16 bytes from fec0:0:0:2003::2, icmp_seq=0 hlim=64 time=19.912 ms 16 bytes from fec0:0:0:2003::2, icmp_seq=1 hlim=64 time=18.091 ms 16 bytes from fec0:0:0:2003::2, icmp_seq=2 hlim=64 time=1.828 ms 16 bytes from fec0:0:0:2003::2, icmp_seq=3 hlim=64 time=2.324 ms ^C --- fec0:0:0:2003::2 ping6 statistics --4 packets transmitted, 4 packets received, 0% packet loss round-trip min/avg/max/std-dev = 1.828/10.539/19.912/8.489 ms user@R1> show ipv6 neighbors IPv6 Address Linklayer Address fe80::226:88ff:fe02:6b81 00:26:88:02:6b:81 fec0:0:0:2003::2 00:26:88:02:6b:81 State stale stale Exp Rtr Secure Interface 1187 yes no ge-0/0/1.0 747 yes no ge-0/0/1.0
IPv6 Multicast Address

Identifier for a set of interfaces that typically belongs to different nodes
All members of the multicast group process an incoming multicast packet More efficient than broadcast Three types of multicast addresses:
Solicited-node multicast addresses for Neighbor Solicitation messages All-nodes multicast address for Router Advertisement messages All-routers multicast address for Router Solicitation messages
IPv6 Anycast Address

Identifier for a set of interfaces, typically belonging to separate nodes
Defined in RFC 2526 Packet travels to just one of the interfaces identified in the group Routing protocol typically determines the closest interface
Agenda: IPv6
Static Route Conguration Example

Sample IPv6 static route configuration:
[edit routing-options] user@R1# show rib inet6.0 { static { route 0::/0 { next-hop FEC0:0:0:2003::2; preference 250; } } }
IPv6 default static route
Company ABC
R1
::1 ge-0/0/1.0 FEC0:0:0:2003::/64 ::2 ge-0/0/1.0
R2 Internet
Displaying the Static Routes

Use the show route table inet6.0 protocol static command to view static routes
user@R1> show route table inet6.0 protocol static inet6.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both ::/0 *[Static/5] 00:00:24 > to fec0:0:0:2003::2 via ge-0/0/1.0
Company ABC
R1
::1 ge-0/0/1.0 FEC0:0:0:2003::/64 ::2 ge-0/0/1.0
R2 Internet
OSPFv3 Conguration Example

Sample OSPFv3 single-area configuration
OSPFv3 continues to use a 32-bit RID
[edit] user@R1# show routing-options router-id router-id 192.168.100.1; [edit] user@R1# show protocols ospf3 area 0.0.0.0 { interface ge-0/0/1.0; } [edit] user@R2# show routing-options router-id router-id 192.168.100.2; [edit] user@R2# show protocols ospf3 area 0.0.0.0 { interface ge-0/0/1.0; }
Area 0.0.0.0
R1
::1 ge-0/0/1.0 FEC0:0:0:2003::/64 ::2 ge-0/0/1.0
R2
Note: The RID selection process is the same for OSPFv2 and OSPFv3. We recommend you manually set the RID, as shown in the example.
Monitoring OSPFv3 Operations

Most operational show commands for OSPFv3 are almost identical to OSPFv2; the key difference is you must replace ospf with ospf3:
OSPFv2 show ospf neighbor show ospf interface show ospf database show ospf route OSPFv3 show ospf3 neighbor show ospf3 interface show ospf3 database show ospf3 route
Pri 128 Dead 36
user@R1> show ospf3 neighbor ID Interface State 192.168.100.2 ge-0/0/1.0 Full Neighbor-address fe80::226:88ff:fe02:6b81
IS-IS Conguration Example

IS-IS configuration is identical for IPv4 and IPv6:
Interface Configuration
[edit interfaces] user@R1# show ge-0/0/1 { unit 0 { family iso; family inet6 { address fec0:0:0:2003::1/64; } } } lo0 { unit 0 { family iso { address 49.0002.1111.1111.1111.00; } family inet6 { address fec0:0:0:1001::1/128; } } }
Protocol Configuration
[edit protocols] user@R1# show isis { interface ge-0/0/1.0; interface lo0.0; }
Monitoring IS-IS Operations

Use the same operational show commands for IS-IS in IPv4 and IPv6 environments:
user@R1> show isis interface IS-IS interface database: Interface L CirID Level 1 DR ge-0/0/1.0 3 0x2 R1.02 lo0.0 0 0x1 Passive user@R1> show isis adjacency Interface System ge-0/0/1.0 R2 ge-0/0/1.0 R2 L State 1 Up 2 Up Level 2 DR R1.02 Passive L1/L2 Metric 10/10 0/0
Hold (secs) SNPA 19 0:26:88:2:6b:81 20 0:26:88:2:6b:81
user@R1> show isis adjacency detail R2 Interface: ge-0/0/1.0, Level: 1, State: Up, Expires in 21 secs Priority: 64, Up/Down transitions: 1, Last transition: 00:18:10 ago Circuit type: 3, Speaks: IP, IPv6, MAC address: 0:26:88:2:6b:81 Topologies: Unicast Restart capable: Yes, Adjacency advertisement: Advertise LAN id: R1.02, IP addresses: 192.168.100.2 IPv6 addresses: fe80::226:88ff:fe02:6b81
BGP Conguration Example

BGP configuration is almost identical for IPv6 as it is for IPv4; the major difference is you specify an IPv6 address for the local and peer addresses:
[edit routing-options] user@R1# show router-id 192.168.100.1; autonomous-system 64700; [edit protocols bgp] user@R1# show group int-64700 { type internal; local-address fec0:0:0:1001::1; neighbor fec0:0:0:1002::1; } group ext-65100 { type external; peer-as 65100; neighbor fec0:0:0:2005::2; }
Monitoring BGP Operations

Use the same operational show commands for BGP in IPv4 and IPv6 environments:
user@R1> show bgp summary Groups: 2 Peers: 2 Down peers: 0 Table Tot Paths Act Paths Suppressed History Damp State Pending inet6.0 0 0 0 0 0 0 Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State| #Active/Received/Accepted/Damped... fec0:0:0:1002::1 64700 11 12 0 0 4:00 Establ inet6.0: 0/0/0/0 fec0:0:0:2005::2 65100 11 12 0 0 4:05 Establ inet6.0: 0/0/0/0
Agenda: IPv6
Tunneling IPv6 Traffic over IPv4 Networks

Tunneling:
Encapsulate the native IPv6 packet inside IPv4 Forwards the IPv4 packet through the IPv4 network De-encapsulates the IPv6 packet and forward/process natively
Many approaches to tunneling:

IPv4-compatible addresses Configured tunnels 6to4 6over4
Case Study: Objective and Topology

Implement an IPv6-over-IPv4 tunnel to transport IPv6 traffic over the Internet and between sites A and B
Site A
R1 ::2 User A FEC0:0:0:2000::/64 ::1
Site B Internet
R2 ::1 ::2 User B FEC0:0:0:2001::/64
Case Study: Dening the Tunnel Interface

[edit] user@R1# show interfaces gr-0/0/0 unit 0 { tunnel { source 192.168.1.1; destination 192.168.2.1; } family inet6 { address fec0:0:0:1000::1/126; } } [edit] user@R2# show interfaces gr-0/0/0 unit 0 { tunnel { source 192.168.2.1; destination 192.168.1.1; } family inet6 { address fec0:0:0:1000::2/126; } }
Site A
::2 User A
192.168.1.1 R1 ::1
192.168.2.1
Site B
::2 User B
Internet
R2 ::1
FEC0:0:0:2000::/64
FEC0:0:0:2001::/64
Case Study: Dening the Required Routes

[edit] user@R1# show routing-options rib inet6.0 { static { route fec0:0:0:2001::/64 next-hop gr-0/0/0.0; } } static { route 192.168.2.1/32 next-hop 172.18.1.1; }
Site A
::2 User A
192.168.1.1 R1 ::1
192.168.2.1
Site B
::2 User B
Internet
R2 ::1
FEC0:0:0:2000::/64
FEC0:0:0:2001::/64
Note: R2 requires a similar configuration.

Case Study: Verifying Operations (1 of 3)

Use the show interfaces interface-name terse command to verify that the tunnel interface is up lab@R1> show interfaces gr-0/0/0 terse Interface Admin Link Proto Local Remote
gr-0/0/0 gr-0/0/0.0 up up up up inet6 fe80::226:88ff:fe02:7480/64 fec0:0:0:1000::1/126
lab@R2> show interfaces gr-0/0/0 terse Interface Admin Link Proto gr-0/0/0 up up gr-0/0/0.0 up up inet6
Local
Remote
fe80::226:88ff:fe02:6b80/64 fec0:0:0:1000::2/126
Site A
::2 User A
192.168.1.1 R1 ::1
192.168.2.1 R2
Site B
::2 User B
Internet
::1
FEC0:0:0:2000::/64
FEC0:0:0:2001::/64
Remember that GRE tunnels are stateless, so you should always ensure that both sides are up.

Use the show route command to ensure the required routes are installed on both tunnel endpoints
user@R1> show route 192.168.2.1 inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 192.168.2.1/32 *[Static/5] 01:49:40 > to 172.18.1.1 via ge-0/0/3.0
user@R1> show route table inet6.0 fec0:0:0:2001::/64 inet6.0: 7 destinations, 8 routes (7 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both fec0:0:0:2001::/64 *[Static/5] 00:31:03 > via gr-0/0/0.0

Send traffic through the tunnel, and confirm interface statistics are increasing on the tunnel interface
user@R1> ping fec0:0:0:2001::2 source fec0:0:0:2000::1 rapid count 25 PING6(56=40+8+8 bytes) fec0:0:0:2000::1 --> fec0:0:0:2001::2 !!!!!!!!!!!!!!!!!!!!!!!!! --- fec0:0:0:2001::2 ping6 statistics --25 packets transmitted, 25 packets received, 0% packet loss round-trip min/avg/max/stddev = 1.492/3.185/8.064/2.521 ms user@R1> show interfaces gr-0/0/0.0 detail | find "traffic statistics" Traffic statistics: Input packets: 25 Output packets: 25
Site A
::2 User A
192.168.1.1 R1 ::1
192.168.2.1
Site B
::2 User B
Internet
R2 ::1
FEC0:0:0:2000::/64
FEC0:0:0:2001::/64
Summary
In this appendix, we:
Described some differences between IPv4 and IPv6 Listed IPv6 address types and described the IPv6 addressing format Enabled an interface for IPv6 operation Configured and monitored routing for IPv6 environments Tunneled IPv6 traffic over an IPv4 network
Review Questions
1. Name three benefits of switching from IPv4 to IPv6. 2. What types of unicast address exist? 3. What command would you use to view IPv6 OSPF neighbors?

Juniper Ipv6

Diunggah oleh

Informasi Dokumen

Deskripsi Asli:

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Juniper Ipv6

Diunggah oleh

Hak Cipta:

Format Tersedia

Junos Intermediate Routing

2010 Juniper Networks, Inc. All rights reserved.

Worldwide Education Services

2010 Juniper Networks, Inc. All rights reserved.

Worldwide Education Services

2010 Juniper Networks, Inc. All rights reserved.

Worldwide Education Services

IPv4 Versus IPv6

2010 Juniper Networks, Inc. All rights reserved.

Traffic (8) Class

Flow Label (20) Hop Limit (8)

Payload Length (16)

Next Header (8) Source Address (128)

Destination Address (128)

Worldwide Education Services

IPv4 Header Versus IPv6 Header

Source Address Destination Address

Source Address Destination Address Options Padding

2010 Juniper Networks, Inc. All rights reserved.

Worldwide Education Services

IPv6 Extension Headers

IPv6 defines six extension headers:

2010 Juniper Networks, Inc. All rights reserved.

Worldwide Education Services

2010 Juniper Networks, Inc. All rights reserved.

Worldwide Education Services

IPv6 Address Types

2010 Juniper Networks, Inc. All rights reserved.

Worldwide Education Services

2010 Juniper Networks, Inc. All rights reserved.

Worldwide Education Services

IPv6 Address 2bfc:0000:0000:0000:0217:cbff:fe8c:5c85/64

2010 Juniper Networks, Inc. All rights reserved.

Worldwide Education Services

2010 Juniper Networks, Inc. All rights reserved.

Worldwide Education Services

2010 Juniper Networks, Inc. All rights reserved.

Worldwide Education Services

2010 Juniper Networks, Inc. All rights reserved.

Worldwide Education Services

Link-Local Unicast Addresses

Prefix (10 bits)

Zero (54 bits)

Interface Identifier (64 bits)

Site-Local Unicast Addresses

Prefix (10 bits)

Subnet ID (54 bits) Company ABC

Interface Identifier (64 bits)

2010 Juniper Networks, Inc. All rights reserved.

Worldwide Education Services

Global Unicast Addresses

Company XYZ Worldwide Education Services

2010 Juniper Networks, Inc. All rights reserved.

Worldwide Education Services

2010 Juniper Networks, Inc. All rights reserved.

Worldwide Education Services

2010 Juniper Networks, Inc. All rights reserved.

Worldwide Education Services

DHCPv6 and DHCPv4 are independent and require separate configurations

2010 Juniper Networks, Inc. All rights reserved.

Worldwide Education Services

Interface Conguration Example

2010 Juniper Networks, Inc. All rights reserved.