210 likes | 453 Views
IPv6 Transition Leo T. Chiang E-Mail: tt_chiang@ringline.com.tw. Transition Assumptions. No “ Flag Day ” Last Internet transition was 1983 (NCP TCP) Transition will be incremental Possibly over several years No IPv4/IPv6 barriers at any time No transition dependencies
E N D
IPv6 TransitionLeo T. ChiangE-Mail: tt_chiang@ringline.com.tw
Transition Assumptions • No “Flag Day” • Last Internet transition was 1983 (NCP TCP) • Transition will be incremental • Possibly over several years • No IPv4/IPv6 barriers at any time • No transition dependencies • No requirement of node X before node Y • Must be easy for end user • Transition from IPv4 to dual stack must not break anything • IPv6 is designed with transition in mind • Assumption of IPv4/IPv6 coexistence • Many different transition technologies are A Good Thing™ • “Transition toolbox” to apply to myriad unique situations
Transition Planning • Assumption: Existing IPv4 network • Easy Does It • Deploy IPv6 incrementally, carefully • Have a master plan • Think IPv4/IPv6 interoperability, not migration • Evaluate hardware support • Evaluate application porting • Monitor IETF ngtrans WG
Transition Strategies • Edge-to-core • The edge is the killer app! • When services are important • When addresses are scarce • User (customer) driven • Core-to-edge • Good ISP strategy • By routing protocol area • When areas are small enough • By subnet • Probably too incremental
IPv4-IPv6 Transition / Co-Existence A wide range of techniques have been identified and implemented, basically falling into three categories: • (1)Dual-stack techniques, to allow IPv4 and IPv6 toco-exist in the same devices and networks • (2)Tunneling techniques, to avoid order dependencies when upgrading hosts, routers, or regions • (3)Translation techniques, to allow IPv6-only devices to communicate with IPv4-only devices Expect all of these to be used, in combination
IPv6-enable Application Dual Stack Approach Application • Dual stack node means: • Both IPv4 and IPv6 stacks enabled • Applications can talk to both • Choice of the IP version is based on name lookup and application preference Preferred method on Application’s servers TCP UDP TCP UDP IPv4 IPv6 IPv4 IPv6 Frame Protocol ID 0x0800 0x86dd 0x0800 0x86dd Data Link (Ethernet) Data Link (Ethernet)
3ffe:b00::1 10.1.1.1 Dual Stack Approach & DNS • In a dual stack case, an application that: • Is IPv4 and IPv6-enabled • Asks the DNS for all types of addresses • Chooses one address and, for example, connects to the IPv6 address www.a.com = * ? IPv4 DNS Server IPv6 3ffe:b00::1
IPv6 and IPv4 Network Cisco IOS Dual Stack Configuration router# ipv6 unicast-routing interface Ethernet0 ip address 192.168.99.1 255.255.255.0 ipv6 address 2001:410:213:1::/64 eui-64 • Cisco IOS is IPv6-enable: • If IPv4 and IPv6 are configured on one interface, the router is dual-stacked • Telnet, Ping, Traceroute, SSH, DNS client, TFTP,… Dual-Stack Router IPv4: 192.168.99.1 IPv6: 2001:410:213:1::/64 eui-64
Using Tunnels for IPv6 Deployment • Many techniques are available to establish a tunnel: • Manually configured • Manual Tunnel (RFC 2893) • GRE (RFC 2473) • Semi-automated • Tunnel broker • Automatic • Compatible IPv4 (RFC 2893) • 6to4 (RFC 3056) • 6over4 • ISATAP
Tunnel Applications IPv6 IPv6 IPv6 IPv6 IPv4 Router to Router IPv6 IPv4 Host to Host IPv6 IPv4 Host to Router Router to Host
IPv6 Network IPv6 Network IPv4 Manually Configured Tunnel (RFC 2893) Dual-Stack Router1 Dual-Stack Router2 IPv4: 192.168.99.1 IPv6: 3ffe:b00:c18:1::3 IPv4: 192.168.30.1 IPv6: 3ffe:b00:c18:1::2 router1# interface Tunnel0 ipv6 address 3ffe:b00:c18:1::3/64 tunnel source 192.168.99.1 tunnel destination 192.168.30.1 tunnel mode ipv6ip router2# interface Tunnel0 ipv6 address 3ffe:b00:c18:1::2/64 tunnel source 192.168.30.1 tunnel destination 192.168.99.1 tunnel mode ipv6ip • Manually Configured tunnels require: • Dual stack end points • Both IPv4 and IPv6 addresses configured at each end
IPv6 Network IPv6 Network IPv4 Transport Header Transport Header IPv6 over IPv4 Tunnels IPv6 Header Data • Tunneling is encapsulating the IPv6 packet in the IPv4 packet • Tunneling can be used by routers and hosts IPv6 Host IPv6 Host Dual-Stack Router Dual-Stack Router Tunnel: IPv6 in IPv4 packet IPv4 Header IPv6 Header Data
Dual-Stack Router Dual-Stack Router IPv4 IPv4: 192.168.99.1 IPv6: ::192.168.99.1 IPv4 Compatible Tunnel (RFC 2893) • IPv4-compatible addresses are easy way to autotunnel, but it: • May be deprecated soon IPv4: 192.168.30.1 IPv6: ::192.168.30.1
IPv6 Network IPv6 Network IPv4 6to4 Tunnel (RFC 3056) 6to4 Router1 6to4 Router2 E0 E0 192.168.99.1 192.168.30.1 Network prefix: 2002:c0a8:6301::/48 Network prefix: 2002:c0a8:1e01::/48 = = router2# interface Loopback0 ip address 192.168.30.1 255.255.255.0 ipv6 address 2002:c0a8:1e01:1::/64 eui-64 interface Tunnel0 no ip address ipv6 unnumbered Ethernet0 tunnel source Ethernet0 tunnel mode ipv6ip 6to4 ipv6 route 2002::/16 Tunnel0 • 6to4 Tunnel: • Is an automatic tunnel method • Gives a prefix to the attached • IPv6 network • 2002::/16 assigned to 6to4 • Requires one global IPv4 address • on each Ingress/Egress site
IPv6 Network IPv6 Network IPv4 6to4 Relay 6to4 Router1 6to4 Relay IPv6 Internet 192.168.99.1 Network prefix:2002:c0a8:6301::/48 IPv6 address:2002:c0a8:1e01::1 = router1# interface Loopback0 ip address 192.168.99.1 255.255.255.0 ipv6 address 2002:c0a8:6301:1::/64 eui-64 interface Tunnel0 no ip address ipv6 unnumbered Ethernet0 tunnel source Ethernet0 tunnel mode ipv6ip 6to4 ipv6 route 2002::/16 Tunnel0 ipv6 route ::/02002:c0a8:1e01::1 • 6to4 relay: • Is a gateway to the rest of • the IPv6 Internet • Default router • Anycast address (RFC 3068) for • multiple 6to4 Relay
IPv6 Network IPv4 Network Tunnel Broker 1. Web request on IPv4. 2. Tunnel info response on IPv4. Tunnel Broker • Tunnel broker: • Tunnel information is sent via http-ipv4 3. Tunnel Broker configures the tunnel on the tunnel server or router. 4. Client establishes the tunnel with the tunnel server or router.
IPv6 over MPLS • IETF Draft as defined in draft-ietf-ngtrans-bgp-tunnel-04.txt • Connecting IPv6 Islands across IPv4 Clouds with BGP • Also known as “6PE” • PEs run Dual Stack MP-BGP over IPv4 • PE and CE exchanges IPv6 routes • MPLS LDP/RSVP LSPs are set up using IPv4 • Benefits • Leverages existing MPLS infrastructure • Requires IPv6 support only on PE router IPv6 IPv4 IPv6 MPLS PE2 IPv6 PE1 IPv6 17
Transition 6 to 4 Tunneling • Connects isolated IPv6 domains over an IPv4 infrastructure • Minimal manual configuration • Uses globally unique prefix comprised of the unique 6 to 4 TLA and the globally unique IPv4 address of the exit router • Expected to ease initial transition IPv4 Core IPv6 Network IPv6 Network IPv6 Packet Generation 6to4 Router Applies Prefix IPv4 PE Router Forwards as Usual Destination 6to4 router recognizes, removes IPv4 prefix Delivery
IPv6-IPv4 Translation Mechanisms • Translation • NAT-PT (RFC 2766) • TCP-UDP Relay (RFC 3142) • DSTM (Dual Stack TransitionMechanism) • API • BIS (Bump-In-the-Stack) (RFC 2767) • BIA (Bump-In-the-API) • ALG • SOCKS-based Gateway (RFC 3089) • NAT-PT (RFC 2766)
IPv4-onlynetwork IPv6-onlynetwork IPv4 Host IPv6 Host 2 1 Src: 2001:0420:1987:0:2E0:B0FF:FE6A:412C Dst: PREFIX::1 Src: 172.17.1.1 Dst: 172.16.1.1 3 4 Src: PREFIX::1 Dst: 2001:0420:1987:0:2E0:B0FF:FE6A:412C Src: 172.16.1.1 Dst: 172.17.1.1 NAT-PT Overview ipv6 nat prefix 2010::/96 NAT-PT 2001:0420:1987:0:2E0:B0FF:FE6A:412C 172.16.1.1 PREFIX is a 96-bit field that allows routing back to the NAT-PT device