1 / 32

Use of VLANs for IPv4-IPv6 Coexistence in Enterprise Networks

Use of VLANs for IPv4-IPv6 Coexistence in Enterprise Networks. rfc 4554. presented by leeh@ncnu.edu.tw 2007.05.14 tech3 R322. VLAN Overview - 1. ENG. 3rd floor. SALES. 2nd floor. ADMIN. 1st floor. physical LAN = A broadcast domain. VLAN Overview - 2. !?. ENG. 3rd floor. SALES.

lluvia
Download Presentation

Use of VLANs for IPv4-IPv6 Coexistence in Enterprise Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Use of VLANs for IPv4-IPv6 Coexistence in Enterprise Networks rfc 4554 presented by leeh@ncnu.edu.tw 2007.05.14 tech3 R322

  2. VLAN Overview - 1 ENG 3rd floor SALES 2nd floor ADMIN 1st floor physical LAN = A broadcast domain

  3. VLAN Overview - 2 !? ENG 3rd floor SALES 2nd floor ADMIN 1st floor physical LAN = A broadcast domain

  4. VLAN Overview - 3 ENG SALES ADMIN • Segmentation • Flexibility • Security 3rd floor 2nd floor 1st floor A VLAN = A broadcast domain = Logical network (subnet)

  5. Switch A Switch B ENG VLAN SALES VLAN ADMIN VLAN ENG VLAN SALES VLAN ADMIN VLAN VLAN Operations - 1 • Each logical VLAN is like a separate physical bridge • VLANs can span across multiple switches

  6. Switch A Switch B Trunk Fast Ethernet ENG VLAN SALES VLAN ADMIN VLAN ENG VLAN SALES VLAN ADMIN VLAN VLAN Operations - 2 • Each logical VLAN is like a separate physical bridge • VLANs can span across multiple switches • Trunks carries traffic for multiple VLANs

  7. For a LAN environment… Layer 2 switch IPv6 host IPv6 host IPv4 host IPv4 host noise noise noise noise IPv6 host IPv4 host IPv6 host IPv4 host Can be treated as separate LANs

  8. Routing works…. IPv6 only router IPv4 only router R1 R2 Layer 2 switch IPv4 host IPv6 host

  9. Separate to 2 domains Layer 2 switch IPv6 host IPv6 host IPv4 host IPv4 host IPv6 host IPv4 host IPv6 host IPv4 host

  10. Pure IPv4/IPv6.. IPv6 hosts Vlan 19 IPv6 hosts Vlan 19 IPv6 hosts Vlan 19 IPv4 only router IPv4 only router IPv6 only router R R R Network Data Link 10 11 12 19 13 14 15 19 16 17 18 19 A case for providing pure IPv4 and pure IPv6 by using same physical link VLAN trunking

  11. Congruent IPv4 and IPv6 subnets Dual stack router IPv4 /IPv6 Dual stack host IPv4 host IPv6 host R Layer 2 switch

  12. A mix of IPv4 and IPv6 Solutions

  13. Cisco cmd: sh run int fa9/35 ! interface FastEthernet9/35 description "R3-R0-1" no ip address switchport switchport access vlan 39 switchport mode access end

  14. Cisco cmd: sh run int vlan39 interface Vlan39 description "Computer Classroom" ip address 10.10.39.254 255.255.255.0 ip access-group 139 in ip helper-address 163.22.2.3 no ip redirects no ip unreachables no ip proxy-arp ip route-cache flow ip igmp snooping querier ip policy route-map ADSL1 !

  15. Cisco cmd: show vlan 39 VLAN0039 active Fa9/35 41 VLAN0041 active Gi7/43 47 VLAN0047 active Fa9/24 80 VLAN0080 active Fa9/18

  16. Example: Create vlan of Layer 2

  17. Example: Delete vlan of Layer 2

  18. Example: Delete vlan of Layer 2

  19. Example: create a routing interface

  20. Example: create a IPv6 routing interface

  21. Example: assign an interface to a vlan

  22. Example: assign an interface to a vlan

  23. try to remember….. 取自 http://solomon.ipv6.club.tw/Course/IPv6/ch2.pdf page5

  24. RFC 4212 Draft-ietf-ngtrans-isatap-13.txt Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) 取自 www.ipv6.org.tw/seminar/92_v6_training/2a.ppt

  25. HOST B IPv6 HOST IPv4 Infrastructure IPv6 Network ISATAP Supported ISATAP ISATAP • The primary function of ISATAP is to allow hosts that are multiple IPv4 hops away from an IPv6 router to participate in the IPv6 network by automatically tunneling IPv6 packets over IPv4 to the next-hop address. • Example: ISATAP host communicates with IPv6 host (no ISATAP support). • The ISATAP host is isolated in an IPv4 network whereas the IPv6 host is a IPv6 network 取自 www.ipv6.org.tw/seminar/92_v6_training/2a.ppt

  26. ISATAP

  27. IPv6 HOST IPv4 Infrastructure IPv6 Network HOST B ISATAP Supported ISATAP ISATAP • In the reverse direction, the ISATAP router automatically performs IPv6-in-IPv4 tunneling for packets from the native IPv6 host to the ISATAP host even though the native IPv6 host has no knowledge of the legacy IPv4 infrastructure or addressing architecture. 取自 www.ipv6.org.tw/seminar/92_v6_training/2a.ppt

  28. Specially constructed EUI64 Interface ID ISATAP Prefix Prefix Interface Identifier 64-bits 64-bits ISATAP Address Format Construction of ISATAP address • ISATAP interface identifier can be combined with any 64-bit prefix (including 6to4 prefixes) to form an RFC 2373 compliant IPv6 globally aggregatable unicast address. • IPv4 address inside EUI-64 interface identifier ::0:5EFE:A.B.C.D for IPv4 address A.B.C.D The 0:5EFE portion is formed from the combination of the Oganizational Unit Identifier (OUI) that is assigned to IANA, and a type that indicates an embedded IPv4 address (FE). 取自 www.ipv6.org.tw/seminar/92_v6_training/2a.ppt

  29. EUI-64 Format Interface Identifier 00 00 5e TYPE TSE TSD 24-bits 40-bits OUI Extension ID ISATAP Address Example • If TYPE = 0xFF and TSE = 0xFE, TSD contains legacy EUI48 (TSE = 0xFF reserved by IEEE). • If TYPE = 0xFE, TSE and TSD together contain embedded IPv4 address. IPv4 address is: 140.173.129.3 routing prefix is: 3FFE:1A05:510:2412 ISATAP IPv6 address is: Specially constructed EUI64 Interface ID 3FFE:1A05:510:2412 :0:5EFE: 140.173.129.3 Link-local variant is: FE80::0:5EFE:140.173.129.3 取自 www.ipv6.org.tw/seminar/92_v6_training/2a.ppt

  30. HOST A HOST B IPv6 Data IPv6 Data IPv6 Header IPv6 Header ISATAP Supported ISATAP Supported IPv6 Data IPv4 Header IPv6 Header ISATAP Operation Simple Deployment Scenario of ISATAP (Hosts….) The Automatic Tunneling Pseudo-Interface uses the link-local ISATAP address assigned to the interface as a source, and uses the last 32 bits in the source and destination IPv6 addresses (corresponding to the embedded IPv4 addresses) as the source and destination IPv4 addresses 10.40.1.29 192.168.41.30 IPv4 Infrastructure FE80::5EFE:10.40.1.29 FE80::5EFE:192.168.41.30 Src = FE80::5EFE:10.40.1.29 Dst = FE80::5EFE:192.168.41.30 Src = FE80::5EFE:10.40.1.29 Dst = FE80::5EFE:192.168.41.30 Src = 10.40.1.29 Dst = 192.68.41.30 取自 www.ipv6.org.tw/seminar/92_v6_training/2a.ppt

  31. 192.168.41.25 10.40.1.29 3FFE:1A05:5102412:5EFE:192.168.41.25 IPv4 Network 3FFE:1A05:5102412:5EFE:10.40.1.29 IPv6 Data IPv6 Data IPv6 Header IPv6 Header IPv6 in IPv4 IPv6 Data IPv4 Header IPv6 Header ISATAP ISATAP Operation Simple Deployment Scenario of ISATAP (Routers…) ISATAP HOST IPv6 Network IPv6 HOST Src = 10.40.1.29 Dst = 192.68.41.25 Src = 3FFE:1A05:5102412:5EFE:10.40.1.29 Dst = 3FFE:3600:8::1 Src = 3FFE:1A05:5102412:5EFE:10.40.1.29 Next = 3FFE:1A05:5102412:5EFE:192.168.41.25 Dst = 3FFE:3600:8::1 取自 www.ipv6.org.tw/seminar/92_v6_training/2a.ppt

  32. Thank you!

More Related