IPv6 Transition Strategies

Cisco Expo
2012

Варианты практической
реализации стратегии
миграции к IPv6
Mustafa Bayramov
Consulting System Engineer
24/10/2012

© 2011 Cisco and/or its affiliates. All rights reserved. 1

Приз за знания
Принимайте активное участие в Cisco Expo и получите в
подарок Linksys E900.
Как получить подарок:
•  внимательно слушать лекции по технологиям Cisco
•  посещать демонстрации, включенные в основную программу

•  пройти тесты на проверку знаний

Тесты будут открыты:
с 15:00 25 октября по 16:30 26 октября

www.ceq.com.ua

Objective

•  Understand Cisco’s IPv6 Transition solution – CGv6

•  Understand CGv6 solution components.

•  Understand how we can preserve IPv4 address space and in parallel
start transition to IPv6.

•  Understand what technologies available to transition to IPv6.

•  At the end of session you should be able to deploy Carrier Grade
NAT. : )


Agenda

•  CGv6 Overview

•  CGv6 Solution Component

•  Carrier Grade NAT

•  Transition Technology Overview

•  Tunneling Technology Overview


CGv6 overview

•  CGv6 is a Cisco’s IPv6 Transition solution for Service provider

•  CGv6 Components

Hardware
CRS CGSE, ASR 9000 ISM, ASR 1000

Features
• Translation (NAT44, NAT64 Stateless/Stateful CGSE)
• Tunneling (6rd, ds-lite, 6PE/6VPE)

http://www.cisco.com/go/cgv6/

5

CGv6 Technologies

Today Private IP 6-over-4 Transitional 4-over-6 All IPv6

CGN(NAT44) 6rd, GRE, Dual stack DS-Lite
IPv6inIPv4,
6PE/6VPE
XLAT(AFT)
Prosper

Prepare

Preserve

= IPv4 = Private IP = IPv6

6

Carrier Grade Services Engine (CGSE)

An engine for Carrier Class SP Services: CGv6, CCN, NPS,
DDoS, etc
•  CGv6: Translation (NAT44, NAT64),
Tunneling (6rd, DS-Lite, 4rd)
•  20+ million active translations
•  100s of thousands of subscribers
•  1+ million connections per second
Cisco CGSE •  20Gb/s of throughput per CGSE

•  Builds upon the proven performance of the Cisco
CRS platform
•  High-capacity, carrier-class SP platform with
Cisco IOS-XR

Cisco CRS
7

CGSE Overview

•  CGv6 function resides on CGSE PLIM

•  Paired with CRS-MSC-40G-B, CRS-MSC-20G-B, CRS-MSC and
FP-40 ( R4.1.1 Onwards),
•  Does not Support Pairing with MSC-140, or FP-140

•  No external interfaces

•  Four 16-core Octeon MIPs CPUs, 64 CPU cores

•  Standard interface to MSC, 20 Gbps of throughput (per CGSE)

•  IOS XR on MSC, Linux on Octeon CPUs

8

CGSE PLIM and IPv6 Transition Services (CGv6)

•  Hardware
CGv6 function resides on CGSE PLIM
Quad Octeon multiprocessor architecture, 64 CPU cores
Standard interface to MSC, 2x10 Gbps full-duplex nominal

SVI
CGN and
Future IPv6
Apps run here
SVI

  Software
–  IOS-XR on MSC, Linux on Octeon CPUs
–  Leverages XR App SVI to divert packets to/from CGN function
–  Leverages Vector Packet Path (VPP) for NAT application
–  Integrated configuration & management via IOS XR


Carrier-Grade Services Engine

•  CGSE Apps attached to
one or more routing spaces
via Service Virtual CRS CGSE/Linux
Interfaces (SVI) IOS-XR

•  SVI packet diversion
employs IP routing RP APP1 APP2
•  Advantages of this
approach
•  Per-VRF and interface
VRF1
separation
•  Standard routing techniques
for packet diversion
VRF2/
•  Easy service bypass Global SVI’s

•  ECMP load sharing Global
Routing Space
•  Per-SVI and APP OAM
Global
•  Scale and resiliency


ISM Application and Router Domains

Application IOS-XR Router
Domain Domain

• Linux Based • IOS-XR
• Multi-Purpose Compute • Control Plane
Resource • Data Forwarding
• Used for CDS • L3, L2 (management)
Application with On- • IRB
board Modular Flash • Hardware Management
Storage
• Used for Translation
Setup and Logging of
CGN Applications

Decoupling Application and IOS-XR
Plane delivers
Highly Scalable and Flexible Services


ISM Hardware Architecture


ISM Overview

Per Blade (ISM) Limits
CGN instance supported 1
Number of service infra 1
Number of service app 244 (per system)
Maximum IP pool supported /16
Max Static Port forwarding 6K
Max number of NAT users 256 K
Number of NAT44 Translations 20 Million connections
Throughput (In2Out + Out2in) 10 Gbps (I-MIX with 4 ServiceApp)
Throughput (In2out / Out2In) 2.5Gbps (per ServiceApp)
NAT44 Session setup rate 1 Million connection / second


NAT44 (CGSE) vs NAT44 (ISM)

Parameter CGSE behavior ISM behavior

NAT44 CLIs Same Same
Uses SVI Yes Yes
Throughput 20 Gbps (I2O + O2I) 10 Gbps (I2O + O2I)

Max. # of sessions 20M 20M

Session setup rate 1M/sec ~ 1M/sec (TBD)


CGN - Deployment options
Distributed Centralized
Home Home

CGN CGN
Public IP Private IP

Private IP Private IP
Addressed Home Addressed Home

•  Meshes well with Distributed BNG •  Backhaul of NAT customers
•  Smaller Throughput Requirement •  Larger Throughput Requirement
•  Less Emphasis on Redundancy •  Emphasis on Redundancy
•  Less Emphasis on Load-Balancing •  Emphasis on Load-Balancing
•  Less CGN Spend per Node •  More CGN Spend per Node


Bring Up the CGSE board
  Control connection to CGSE are via the One ServiceInfra Interface & IPv4 address of local
significance.
  Configure the Serviceinfra Interface and associate with the CGSE location

router(config)#
interface ServiceInfra1
ipv4 address 3.1.1.2 255.255.255.252
service-location 0/0/CPU0
commit

  Specify the service role ( cgn ) for the given CGSE location
router(config)#
hw-module service cgn location 0/0/CPU0
commit

  You need to reload the card. It may take ~15min
router#
hw-module location 0/0/CPU0 reload
WARNING: This will take the requested node out of service.
Do you wish to continue?[confirm(y/n)] y

© 2011 Cisco and/or its affiliates. All rights reserved. 17 17

CGSE Booting Process

XR Service/ CGN Pie not installed
RUN
Service/ CGN Pie installed without Role
config
XR
RUN Takes Master Octeon out of Reset

Sends Doorbell to indicate bootloader
MBI- downloaded (Successful Uboot)
BOOT XR<3.8.0
rommon≤1.48 Linux Download will start and boot
params

CGSE-TILE Linux launch happens on master octeon
NO
BOOTING which downloads linux on Slave

CGSE-TILE Linux UP Doorbell , App image gets
OK downloaded via TFTP and launched

  Plim Services process monitors various stages and
packaged with comp-hfr-mini.vm.
  3 Retries after which card will put into Failed State


Service interface Configuration
•  Service Instance is the highest level configuration structure
Represents the CGSE card or primary/backup CGSE pair
Common redundancy model is 1:1 warm standby
1 ServiceInfra interface per Service Instance – control path

service cgn demo-1
service-location preferred-active 0/X/CPU0 preferred-standby 0/
Y/CPU0

  “Service-Type-Specific Instance” is the child structure
Includes specific configuration for apps running within Service Instance
Service Types (NAT44, Stateless OR Stateful NAT64, DS-Lite & 6rd BR)

service cgn demo-1
service-type nat64 stateless nat64-1
(SL-NAT64 specific config)
service-type nat44 nat44-1
(NAT44 specific config)
service-type tunnel v6rd 6rd-1
(6rd specific config)

1

ServiceApp Interfaces
Logical interfaces/paths between CGSE apps and rest of router

•  Treated like regular interfaces from a routing standpoint
SvcApps will go down if CGSE goes down
Can be used to signal availability of CGSE (advertise SvcApp into IGP)
NAT applications will use local static routing to steer traffic into
CGSE

•  Routing example from NAT44
Default route to CGSE in Inside VRF
ServiceApp is configured with 80.1.1.1/24
Traffic routed to other addresses on 80.1.1.0/24 go to CGSE
Static routes can use interface name, next hop, or both
router static
vrf CGSE-Inside
interface ServiceApp1 address-family ipv4 unicast
vrf CGSE-Inside (option A) 0.0.0.0/0 ServiceApp1
ipv4 address 80.1.1.1/24 (option B) 0.0.0.0/0 80.1.1.2
service cgn demo service-type nat44
(option C) 0.0.0.0/0 ServiceApp1
80.1.1.2

2

•  “..A NAT or NAPT device used by many subscribers, where 'many'
would be on the order of dozens to hundreds of thousands of
subscribers. This might NAT between any combination of IPv4 and
IPv6..”*

•  SP-class Performance and Scale
O(tens of millions) of NAT44 translation states (e.g. sessions)
O(10Gb/sec) Performance

•  Support standard NAT Behaviors
RFC4787, RFC5382, RFC5508
•  Ability to bypass (route around the NAT)
•  Ability to log NAT44 bindings
•  Ability to limit the number of sessions per private IPv4 source


CGN NAT44: One Strategy for Dealing with the IPv4 Address
Run-Out Problem

Customers SP Network Public Internet
IPv4

IPv4public Public IPv4
IPv4 Internet

IPv4 router

Carrier Grade
NAT

IPv4

(NOT)-IPv4public Public IPv4
IPv4 Internet

IPv4 router = public IPv4
= NOT public IPv4


Public IPv4 exhaustion with NAT444

Residential Access Aggregation Edge Core
IP/MPLS

CGN NAT44

NAT44

Private IPv4 Private IPv4 (SP Assigned
(Subs.) domain) Public
IPv4
  NAT44 very likely to be used on RGW (Private IPv4192.168.0.0)
  Private IPv4 used on RGW WAN interface (Unique per RGW, e.g. 10.0.0.0)
  RGW NAT44 + CGN NAT44 = NAT444 solution

  CGN NAT44 multiplexes several customers onto the same public IPv4 address

  CGN NAT44 can be introduced in a centralized or distributed fashion*


NAT444 Prons and Cons

Pros Cons

•  ISPs can reclaim global IPv4 •  SP NAT results in margin &
addresses from customers, competitive implications
replacing with non-routable
•  Does not solve address
private addresses and NAT
exhaust problem in the long
•  Addresses immediate IPv4 term
exhaust problem
•  Sharing IPv4 addresses could
•  No change to subscriber CPE
have user behavioral and
liability implications
•  No IPv4 re-addressing in home
•  User control over NAT
•  Dense utilization of Public IP
address/port combinations


ASR 9000 and CRS-1/3 with CGSE : Separated VRF
Approach

Dest 0.0.0.0/0 -> AppSVI1 Dest NAT Pool-> AppSVI2
Inside Outside
VRF VRF

Private IPv4 Interface
CGSE Interface
Public IPv4
Subscribers VLAN App Int App int VLAN
VLAN

Inside Outside
Entry1 10.12.0.29:334 100.0.0.221:18808
Entry2 10.12.0.29:856 100.0.0.221:40582
Entry.. … …

•  VRFs to Separate the Private and Public Routing Table.
•  Interfaces are associated with a VRF.
•  ServiceAPP interfaces are used to send packets to/from CGSE


Outside IP address Selection

•  Upon receipt of the first Flow per Inside source address, CGN attempts to
choose an Outside address that has at least 1/3 of its ports free – all
subsequent Flows from that Inside source will use the same Outside address.
This selection is limited to the Outside IP addresses available to the CPU core
making the decision, i.e. for a /24 of Outside space assigned to the CGN card,
each CPU core will have 64 addresses from which to choose.
•  If no Outside address has 1/3 of the ports free, then an Outside address is
randomly chosen from those available. If that Outside address is completely
exhausted, then a random selection is made from the remaining addresses,
repeated until an address is chosen or it is determined that none are available
(which results in an ICMP error message).
•  Upon selection, CGN creates an Address binding (state) between the Inside and
Outside address, which will persist as long as there are any Flows using that
binding.


Port Selection

•  ISM chooses a port randomly from the list of available (unused) ports
associated with the chosen Outside IP address. The first 1024 ports are
reserved (not available for allocation). Each port is allocated once,
regardless of which L4 protocol (UDP, TCP) is being used in the Flow.
•  If the randomly chosen port is already being used, the selection
increments (around a ring) until an available port is found; if none are
available then an ICMP error message is sent.
•  If the Inside source already has a number of Flows equal to the
configured per-user limit, then the allocation is rejected and an ICMP
message is returned.
•  CGN creates a Translation binding (state) between Inside source IP
address: port and Outside source IP address: port for the Flow


Carrier Grade NAT ( NAT44 ) Implementation Details

•  ISM and CGSE NAT44 implementation is compliant to these NAT
Behavior RFCs, RFC4787 for UDP, RFC5382 for TCP and RFC5508 for
ICMP and the Behavior described in
http://tools.ietf.org/html/draft-nishitani-cgn-04
•  Endpoint Independent Mapping (RFC4787 and RFC5382)

•  Endpoint Independent Filtering (RFC4787 and RFC5382)

•  Paired IP address assignment (RFC4787 and RFC5382)

•  Port Parity assignment for UDP (RFC4787)

•  Hair-pining

•  1:1 Mapping


NAT44 Service-Type-Specific Instances

•  1 NAT44 Instance per CGN (per primary/backup card pair)
•  Scaling via multiple pools & VRFs within the NAT44 instance
•  Outside VRF can be default or “named”, inside must be “named” VRF
•  Each Inside VRF maps to one Outside VRF
•  Multiple Inside VRFs can map to same Outside VRF

Inside VRF Outside VRF service cgn cgn1
service-type nat44 nat44-1
inside-vrf nat44-Inside-1
Inside 1 Outside 1
map outside-vrf Outside address-pool
1.1.0.0/16
Inside 2
inside-vrf nat44-Inside-2
map address-pool 2.0.0.0/16
Inside 3 Default inside-vrf nat44-Inside-3
Inside 4 inside-vrf nat44-Inside-4

3

NAT44 Deployment Notes
•  Separated VRF model – inside & outside of NAT in different VRFs
Outside may be default VRF, Inside must be named VRF
Multiple inside VRFs may map to same outside VRF

•  LB in same chassis (CRS uses 3 Tuple Algo, doesn’t help for NAT since same
flow should go to same CGSE)
• Use ABF to split traffic.

•  Src based bypassing (Need ABF)

•  Retrieving NAT Statistics NAT44
Inside-Red Default
•  IOS-XR CLI IPv4 Only

• Netflow v9 NAT44
Inside-Red
•  XML
•  ANA (Check support)
NAT44
Inside-Blue
•  SNMP
NAT44 NAT44
•  ENTITY MIB ,CISCO-ENTITY-FRUCONTROL-MIB, Inside- Outside
Orange -Green

CISCO-ENTITY-SENSOR-MIB.
•  No CGN Mib Support
  Max Pool per CGSE /16
  Max Subscribers 1 Million Per CGSE

3

IPv4/IPv6 Translation Scenarios ?

IPv4
Network
IPv4
Internet
Which are possible?

Portion:SUFFIX
IPv6
IPv6
Network
Internet
•  Connecting an IPv6 network to IPv4 Internet

•  Connecting the IPv6 internet to IPv4 network


Stateful and Stateless IPv4/IPv6 Translation

•  Stateful (NAT64 usually refers to stateful v6/v4 translation)
Each ﬂow creates state in the translator
[2001:DB8:1]:1500 <--> 203.0.113.1:2000
Amount of state based on O(# of translations)
N:1 mappings (like NAPT)
draft-ietf-behave-v6v4-xlate-stateful

•  Stateless
Flow DOES NOT create any state in the translator
Algorithmic operation performed on packet headers
1:1 mappings (one IPv4 address used for an IPv6 host)*
draft-ietf-behave-v6v4-xlate


Stateless NAT64

•  Enables communication between IPv4 & IPv6 hosts
Performs packet translation between address families

•  Green-field (brand new) network wants to deploy IPv6 only
Doesn't’t need to acquire IPv4 addresses
Simplicity of managing IPv6 only network

•  Needs to access servers on the IPv4 Internet

•  Sessions will be initiated by IPv6 clients

•  Algorithmic mapping of addresses (no state maintained)

•  NAT64 translates IP & L4 header

•  A specific range of IPv6 addresses represents the v4 space
This range is called the Network Specific Prefix (NSP)

3

NAT64 Stateless Translation
Example without ubits-reserve

•  No state maintained
Algorithmic address translation between IPv4 and IPv6

Network Specific Prefix Mapped Address Suffix

192.168.0.1 C0,A8,00,01 2001:0DB8:00C0:A800:0100:0000::
IPv4 Decimal IPv4 Hex IPv6

  Highly Scalable
  Supports both IPv4 initiated and IPv6 initiated sessions
  IPv6 nodes need translatable addresses, IPv4 cannot reach all IPv6
  Difference in address space size
  1 to 1 mapping between v4 address and v6 address
  Does not conserve IPv4 address space
  Translates IP, TCP, UDP, & ICMP - L4 ports are copied


DNS64
•  Required when using NAT64 with IPv6-only end-hosts.

•  Synthesizes AAAA records when not present
With IPv6 prefix of NAT64 translator
DNS64 Internet

IPv6-only host

AAAA?
AAAA?

(sent simultaneously) Empty answer

A?
192.0.2.1
2001:DB8:ABCD::192.0.2.1


From behave framework draft
stateful stateless

1. IPv6 IPv4
Network
Internet

2. IPv4 IPv6
Internet Network

3. IPv6 IPv4
Internet Network

4. IPv4 IPv6
Network Internet

IPv4
5. IPv6
Network Network

IPv4 IPv6
6. Network Network


•  Simple configuration
Set parameters required by draft
Configure ServiceApps
Optional Parameters
Required Configuration
service cgn cgn1
service-location preferred-active 0/3/CPU0
service-type nat64 stateless xlat1
Required Configuration ipv6-prefix 2001:db8::/32
address-family ipv4
router static interface ServiceApp4
address-family ipv6 unicast !
2001:db8::/32 ServiceApp6 address-family ipv6
interface ServiceApp6
!
router static interface ServiceApp4
address-family ipv4 unicast ipv4 address 2.0.0.1 255.255.255.0
100.2.0.0/16 serviceApp4 service cgn cgn1 service-type nat64
stateless
!
ipv6 address 2001:db8:fe00::1/40
service cgn cgn1 service-type nat64
stateless

4

Tunnelling
IPv6 in IPv4 – Why?
  Deployment of fully native IPv6 affects numerous system
components, aka “touch points” NMS/Addressing
AAA/DHCP •  IPv6 Parameters
•  DHCPv6

IPv6 IPv4
L2

RG Access
Node BNG

User RG Access Node Aggregation Aggregation Core
•  OS v6 Stack •  IPv6 LAN •  DHCPv6 snooping •  ICMPv6 snooping •  IPv6 Stack •  IPv6 Routing
•  IPv6 WAN •  ICMPv6 snooping •  IPv6 NMS •  IPv6 PE/VPE
•  IPv6 NMS •  IPv6 Routing
•  IPv6 NMS
•  IPv6 NMS
•  IPv6 Security
  Some are more challenging or deferrable than others Eg IPv6
upgrade of Access Node
  Tunneling IPv6 over existing IPv4 infrastructure provides a transition
solution with minimal number of “touch points”

4

6to4 Tunnelling
Key building block for later tunnel schemes
IPv6 Network
• Automatic tunnels via address mapping
• 6in4 encapsulation (next protocol = 41) 2002:Hex(A.B.C.D)::/48"

• IPv6 addresses from 2002:IPv4::/48
Used to create 6to4 address
space for this site
A.B.C.D!Public IPv4 address!

6to4 Relay Anycast address "
192.88.99.1

Global IPv6 adress
2001:db8::1/64"


6to4 Tunneling
Key building block for later tunnel schemes

• Automatic IPv6 over IPv4 tunnels (no static config for tunnel endpoints)
• Provides connections between IPv6 hosts (not between v4 & v6)
• Utilizes Relay Routers to terminate tunnels
• 2002::/16 address space is assigned to 6to4
• Advertised into local IPv6 network as /16
• IPv4 addresses are mapped into next 32 bits
• Requires one globally unique IPv4 address per site

2002! IPv4 address
! SLA! Interface ID
/16
! /48
! /64
!


6rd in a Nutshell
•  Like 6PE, delivers Production-Quality IPv6 by only touching edge
points around your network
•  Capitalizes on what access networks do well, provisioning and
transport of IPv4, adapted for carrying IPv6
•  Stateless operation, easy to provision, low overhead

•  Proven deployment, in production already with N x Gb/s of traffic

•  (Thanks to Youtube over IPv6 )

•  Stateless so no need symmetrical packet flow

•  draft-ietf-softwire-ipv6-6rd-10.txt accepted as an RFC
(RFC5969).


6rd (IPv6 Rapid Deployment) Private IPv4 Address
Uses Provider’s IPv6 Address Space Public IPv4 Address
IPv6 Address

NAT44
(CGN/LSN)
IPv4 Internet
Private IPv4 NAT44

Private or existing IPv4
CPE
IPv6
6rd CE
Encap/ IPv6
Decap 6rd BR

  Provide IPv6 through existing IPv4 network (Dual stack core is not necessary)
  End to End “Stateless” “Automatic” Tunnel similar to 6to4 (RFC3056)
  No DHCPv6, Neighbor Discovery, etc. to deploy in access network
IPv6 addressing automatically created from IPv4 addressing, synced with IPv4 lease
  6rd Border Relay (6rd BR, used to be called 6rd Gateway) provides access to IPv6 Internet
  IPv6-in-IPv4 encap and decap function on 6rd CE (old name RG)
  draft-ietf-softwire-ipv6-6rd (with DHCP/NAT extensions)


6rd: IPv6 via IPv4 using 6rd
IP/MPLS

IPv4/v6 IPv4 IPv4/v6

  Introduction of two Components: 6rd CE (Customer Edge) and 6rd BR (Border Relay)
  Automatic Prefix Delegation on 6rd CE
  Simple, stateless, automatic IPv6-in-IPv4 encap and decap functions on 6rd (CE & BR)
  IPv6 traffic automatically follows IPv4 Routing
  6rd BRs addressed with IPv4 anycast for load-balancing and resiliency

Native, Dual-Stack IPv4/IPv6 service from subscriber perspective

6rd and 6to4 IPv6 Prefix example
ISP
IPv6
Prefix
+
(op/onal)
Domain
ID
/56
prefix
for
subscriber

6rd 2001:ABC 0 0000:01 Subnet-ID
(<= 16) Interface ID
0 28 32 56 64

/28 is an example, can
vary based on site private
subscriber’s
IPv4
address
(<=32)

prefix allocation
(i.e.,
drop
the
“10”
of
10.x.x.x
and
insert
the
remaining
24
bits)

/48
prefix
for
subscriber

6to4
Prefix

6to4 2002 6400:0001 SLA Interface ID
0 16 48 64

32
bits
of
public
IPv4
address(100.0.0.1)


Solving exhaustion while introducing IPv6

Logging
IP/MPLS

NAT44

CGN NAT44
6rd CE Private IPv4 packets
NAT44

6rd BR

6rd CE
6rd
Packets

  NAT44 on RGW with Private IPv4 on both LAN and WAN side and CGN NAT44 introduced
to deal with exhaustion
  6rd CE works in combination with private IPv4 (Private IPv4 on WAN used in Delegated
prefix construct)
  Common, centralized vehicle to jointly handle NAT444 and 6rd BR components


Linksys IPv6 config


  How can we create more subnets?
  Use a shorter 6rd Preﬁx
  Use V4 Mask Length to skip common parts of the IPv4 address

6rd Prefix = 2001:ABC0 RG IPv4 Address = 9.1.10.7
4 bits =
6rd Prefix Length = 28 16 subnets V4 Mask Length = 0

2001:ABC0 0901:0A07 S Interface ID
28 bits 32 bits 64 bits

6rd Prefix = 2001:ABC0 RG IPv4 Address =X
9.1.10.7
4 bits +
6rd Prefix Length = 28 8 bits V4 Mask Length = 8

2001:ABC 01:0A07 Subnet Interface ID
28 bits 24 bits 64 bits


Anycast Address for BR IPv4 IPv6
Peers Peers

IPv4 IPv6
Peers Peers Peer

PE PE
Peer

IPv4
ONLY MPLS/IPv4
Access PE P

PE P Core

Dual Stack
  Multiple BR addresses can be used
  But, 6rd is stateless
Access   Packets can go to any BR
Dual Stack Access   Option to use anycast for redundancy
Customers Network   All BRs can receive packets on same address


6rd vs 6to4
Attribute
6rd
6to4
IPv6 Address
SP’s IPv6 Address 2002::/16
Prefix
IPv6 Address Excellent, it is an ISP It is “6to4” and everybody
“Reputation”
IPv6 Prefix
knows that
SP-managed service
Yes
No
Always Route thru Yes (SP-managed BR)
Maybe (Anycast Relay)
SP’s network
Private IPv4 support
Yes
No

Border Relay Support
(ASR1k, ASR 9000 Supported (IOS)
CRS-1/3)
CE Support
(ASR1k, IOS and Supported (IOS)
Linksys)

Doc
draft-ietf-softwire- RFC3056
ipv6-6rd


CRS 6rd & ServiceApp Config
service cgn demo

service-type tunnel v6rd 6RD

br

ipv6-prefix 2001:420:81::/56

source-address 10.12.0.254 router static

ipv4 prefix length 24 vrf InsidePrivate
ipv4 suffix length 0 address-family ipv4 unicast
10.12.0.254/32 vrf default ServiceApp3 172.16.3.2
unicast address 2001:420:81:fe::1

!

address-family ipv4


!

address-family ipv6


!


ipv4 address 172.16.3.1 255.255.255.0

service cgn demo service-type tunnel v6rd

!


ipv6 address 2001:db8::1/64
service cgn demo service-type tunnel v6rd

!

54

IPv4 Internet
IPv6 Internet

CGSE
IPv4 Server IPv6 Server

CRS-1/
CRS-3
IPv4 Client IPv6 Client

•  An IPv6 network to IPv4 Internet & vice-versa

•  IPv6 network to IPv4 network & vice-versa

5

IPv4 Network IPv6 Network

OSPFv2 / OSPFv3/IS-

CGSE
IS-IS/BGP IS/BGP

R1 CRS-1/ R2
IPv4 Client/ IPv6 Client/
Server CRS-3 Server


•  OSPFv2/IS-IS between CGSE & R1

•  OSPFv3/IS-IS between CGSE & R2

5

Active

CGSE
ebgp

CGSE
R1 R2 IPv6
IPv4
Client/ Client/
Server Standb Server
y


•  Subscriber traffic follows best IP path.

•  Static routes to IPv4 /IPv6 destination with metric assigned for Serviceapp
interfaces
•  Same NSP Prefix for both CGSEs
5


CGSE
Active ebgp

R1 R2

CGSE
Server Server
Standby



•  Same NSP prefix needs to be configured, since it is stateless synchronization
is not required.

5


CGSE
CGSE
Active/Standby
ebgp

R1 R2

CGSE
CGSE
Server Server
Active/Standby



•  Same NSP prefix needs to be configured, since it is stateless synchronization
is not required.

6

IPv6 Transition Strategies

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to IPv6 Transition Strategies

Similar to IPv6 Transition Strategies (20)

More from Cisco Russia

More from Cisco Russia (20)

Recently uploaded

Recently uploaded (20)

IPv6 Transition Strategies