1© 2004 Cisco Systems, Inc. All rights reserved.

Cisco IOS IPv6 Integration & Co-Existence

222© 2004 Cisco Systems, Inc. All rights reserved.

Cisco IPv6 Technology Strategy

PerformanceIPv6 Hardware Assisted

Forwarding

Intelligent Services Cisco IOS IPv6 Feature set

EvolutionaryInfrastructure

IPv6 Solutions Focusing on Integration

and Co-Existence

InnovationInnovation

333© 2004 Cisco Systems, Inc. All rights reserved.

The Introductory Phase

Cisco IOS Technology Preview code built the

experimental IPv6 Internet – ‘6Bone’

Cisco engineers co-chair the IETF IPv6 and

Ngtrans WG

Cisco, a founding member of the IPv6

Forum

www.cisco.com/ipv6

Comprehensive Cisco Platform

support

1st networking company to deliver commercial IPv6 support over the

broadest range of routers/switches,

including all transition mechanisms

IOS 12.3M, 12.2S, 12.3T

IPv6 HW FW – C12000, C6500, C7600, C10720

Cisco gains extensive deployment experience,

e.g. 6NET

Moving IPv6 into Production

Service Providers – Asia and Europe

Academic institutions

Broadband Services

Service Providers - US

IP Telephony

Home Networking

Government & Defense

Etc.

1997-2000 2001-2003 2004 & Beyond

3

444© 2004 Cisco Systems, Inc. All rights reserved.

Phase 1 Phase 2 Phase 3 Phase 4

IPv6 Early Adopters Deployment

IPv6 Production Backbone Deployment

IPv6 EnhancedServices

IPv6 SolutionsProgram

Phases of Cisco IPv6 Program

1996 2001 2002 2003 2004 2005 & Beyond

4© 2003, Cisco Systems, Inc. All rights reserved.

DoneDoneDoneDone OnOn

goinggoing Planned

Planned

555© 2004 Cisco Systems, Inc. All rights reserved.

Cisco IOS IPv6 Status

Positioning Cisco IOS Release

First FCS Date

General Production 12.3M May 2003

Core 12.0S on 12000, 10720

Feb 2002

Edge & Enterprise Infrastructure

12.2S Feb 2003

L3 switch 12.2SX on C6500 October 2003

Broadband Access 12.2B/12.3B7200, 7401

Feb 2003

Technology development 12.3T

Note – as well as 12.2S

Aug 2003

666© 2004 Cisco Systems, Inc. All rights reserved.

Feature Set

Cisco IOS IPv6 Phase I – Early Adopters

12.2TAlso 12.3M

12.0S/ST (*) 12.2S

IPv6 Basic specifications (RFC 2460) 12.2(2)T 12.0(22)S/(21)ST 12.2(14)S

ICMPv6 (RFC 2463) 12.2(2)T 12.0(22)S/(21)ST 12.2(14)S

Neighbor Discovery (RFC 2461) 12.2(2)T 12.0(22)S/(21)ST 12.2(14)S

Stateless Auto-Configuration 12.2(2)T 12.0(22)S/(21)ST 12.2(14)S

RIPng (RFC 2080) 12.2(2)T 12.0(22)S/(21)ST 12.2(14)S

MP-BGP4 (RFC 2545 & 2858) 12.2(2)T 12.0(22)S/(21)ST 12.2(14)S

Configured & Automatic Tunnels 12.2(2)T 12.0(22)S/(21)ST 12.2(14)S

6to4 Tunnels (RFC 3056) 12.2(2)T 12.0(22)S/(21)ST 12.2(14)S

Data Links (*) 12.2(2)T 12.0(22)S/(21)ST 12.2(14)S

Applications 12.2(2)T 12.0(22)S/(21)ST 12.2(14)S

Standard Access Control List

Ethernet, FDDI, PPP, HDLCATM PVC & LAN-E, FR PVC

Ping, Traceroute, Telnet, TFTP,DNA AAAA over IPv4, HTTP

GRE Tunnels

DoneDone

12.2(2)T

12.2(4)T

12.2(14)S

12.2(14)SN/A

12.0(22)S/(21)ST

777© 2004 Cisco Systems, Inc. All rights reserved.

Feature SetFeature Set

Cisco IOS IPv6 Phase II – Infrastructure

12.2T12.2TAlso 12.3MAlso 12.3M

12.0S/ST (*) 12.0S/ST (*) 12.2S12.2S

IS-IS for IPv6IS-IS for IPv6 12.2(8)T12.2(8)T 12.0(22)S/(21)ST12.0(22)S/(21)ST 12.2(14)S12.2(14)S

CEFv6/dCEFv6CEFv6/dCEFv6 12.2(13)T12.2(13)T 12.0(22)S/(21)ST12.0(22)S/(21)ST 12.2(14)S12.2(14)S

Extended Access Control ListExtended Access Control List 12.2(13)T12.2(13)T 12.0(23)S12.0(23)S 12.2(14)S12.2(14)S

IPv6 over MPLS – 6PEIPv6 over MPLS – 6PE 12.2(15)T12.2(15)T 12.0(22)S12.0(22)S 12.2(14)S12.2(14)S

NAT-PT (RFC 2766)NAT-PT (RFC 2766) 12.2(13)T12.2(13)T N/AN/A TBDTBD

IPv6 MIBsIPv6 MIBs 12.2(15)T12.2(15)T 12.0(22)S12.0(22)S 12.2(14)S12.2(14)S

CDP IPv6 Address Family on NeighborCDP IPv6 Address Family on Neighbor 12.2(8)T12.2(8)T N/AN/A 12.2(14)S12.2(14)S

Static ND Cache entryStatic ND Cache entry 12.2(8)T12.2(8)T 12.0(22)S/(21)ST12.0(22)S/(21)ST 12.2(14)S12.2(14)S

Broadband AccessBroadband Access 12.2(13)T12.2(13)T N/AN/A RLS6/7?RLS6/7?

DNS AAAA over IPv6 DNS AAAA over IPv6 12.2(8)T12.2(8)T 12.0(22)S/(21)ST12.0(22)S/(21)ST 12.2(14)S12.2(14)S

SSH over IPv6

Encapsulation, AAA, Encapsulation, AAA, Prefix PoolsPrefix Pools

Link-local Address for BGP4+ peeringLink-local Address for BGP4+ peering

DoneDone

12.2(8)T

12.2(4)T12.2(4)T

12.2(14)S

12.2(14)S12.2(14)S12.0(22)S/(21)ST12.0(22)S/(21)ST

12.0(22)S

888© 2004 Cisco Systems, Inc. All rights reserved.

Industry’s Broadest Platform Support

Cisco IOS 12.3 Cisco IOS 12.3 20032003

Cisco 800 Series Routers

Cisco 1700 Series Routers

Cisco 2600 Series Routers

Cisco 3600 Series Routers

Cisco 3700 Series Routers

Cisco 7200 Series Routers

Cisco 7300 Series Routers

Cisco 7500 Series Routers

Cisco IOS 12.2S Cisco IOS 12.2S 20042004

Cisco 72/7300 Series Routers

Cisco 75/7600 Series Routers

Cisco 10000 Series Routers

Catalyst 3750 Series

Catalyst 4500 Series

Catalyst 6500 Series

Cisco Product PortfolioCisco Product Portfolio

PIX Firewall 20042004

Mobile Wireless, Home Networking, IP Telephony - RadarRadar

Cisco IOS 12.0S Cisco IOS 12.0S 20012001

Cisco 12000 Series Routers

Cisco 10720 Series

999© 2004 Cisco Systems, Inc. All rights reserved.

Feature SetFeature Set

Cisco IOS IPv6 Phase III – Services

12.xT12.xT 12.0S12.0S 12.2S12.2S

OSPFv3 (RFC 2740)OSPFv3 (RFC 2740) 12.2(15)T12.2(15)T 12.0(24)S12.0(24)S 12.2(18)S12.2(18)S

Multi-Topology IS-ISMulti-Topology IS-IS 12.2(15)T12.2(15)T 12.0(26)S12.0(26)S 12.2(18)S12.2(18)S

IPv6 QoSIPv6 QoS 12.2(13)T12.2(13)T 12.0(28)S12.0(28)S TBDTBD

ISATAPISATAP 12.2(15)T12.2(15)T N/AN/A 12.2(14)S12.2(14)S

Multicast I -MLDv1/v2, PIMv2 SM, SSMMulticast I -MLDv1/v2, PIMv2 SM, SSM 12.3(2)T12.3(2)T 12.0(26)S12.0(26)S 12.2(18)S12.2(18)S

Multicast II - MP-BPG4, Static mrouteMulticast II - MP-BPG4, Static mroute 12.3(4)T12.3(4)T 12.0(26)S12.0(26)S RLS5RLS5

IPsec (for OSPFv3 authentication)IPsec (for OSPFv3 authentication) 12.3(4)T12.3(4)T N/AN/A TBDTBD

DPT encapsulationDPT encapsulation N/AN/A 12.0(23)S12.0(23)S RLS6RLS6

DHCPv6 Prefix DelegationDHCPv6 Prefix Delegation 12.3(4)T12.3(4)T N/AN/A RLS6RLS6

NAT-PT Phase II – FTP ALG, NATP-PTNAT-PT Phase II – FTP ALG, NATP-PT 12.3(2)T12.3(2)T N/AN/A TBDTBD

SNMP over IPv6SNMP over IPv6

Radius RFC 3162 attributesRadius RFC 3162 attributes

On-GoingOn-Going

as of 01/04as of 01/04

TBDTBD

12.3(4)T12.3(4)T

TBDTBD

TBDTBDN/AN/A

12.0(27)S12.0(27)S

101010© 2004 Cisco Systems, Inc. All rights reserved.

IPv6 Policy Based Routing

• (a) Match a packet

- extended IPv6 ACL

- packet length

• (b) Route the matched packet to a specified neighbor, either by next-hop, or

• by interface

• (c) Mark the matched packet by setting the DSCP

Can set DSCP of matched packets.

• (d) Select a VRF for matched packet forwarding.

Matched packets may be forwarded by a specific VRF. Has a dependency on IPv6 VPN, may not be there at Phase I

111111© 2004 Cisco Systems, Inc. All rights reserved.

Cisco IOS IPv6 Multicast feature set

• IPv6 Multicast Phase I - Cisco IOS 12.0(26)S, 12.3(2)T and 12.2(18)S

Multicast Listener Discovery (MLD) v1 & v2

PIM Sparse Mode (SM) & Source Specific Mode (SSM)

Scoping support

v6 over v4 tunnels

• IPv6 Multicast Phase II – Cisco IOS 12.0(26)S, 12.3(4)T and 12.2S RLS5

IPv6 Multicast address family on MP-BGP

Static Mroutes, Embedded RP

• IPv6 Multicast Phase III – Cisco 12.3(7)T

PIM Bi-Dir

121212© 2004 Cisco Systems, Inc. All rights reserved.

Cisco IOS IPv6 for Broadband Access

• IPv6 deployment solutions over Dial and DSL access

• Complete DSL choice of encapsulations

ATM RFC 1483 Routed

RBE for ATM RFC 1483 Bridged

PPPoA

PPPoE

• IPv6 prefix pools

• IPv6 AAA attributesCisco VSA

IPv6 prefix, IPv6 route

IPv6 ACL {In, Out}

RFC 3162

• DHCPv6 Prefix Delegation

ADSL

FTTH

IPv4 ServersRadius, NMS,…

/48

/64

IPv4/v6 ServersDNS, Web, E-mails, News,…Telecommuter

Residential

131313© 2004 Cisco Systems, Inc. All rights reserved.

WEBRASKA

Réseau Lab. DPR

Portail

Internet

GPRS Orange

WGB Wifi

Modem GPRS

AP Wifi

FT Router (PAT)

FT ADSL Modem

TCU

GPS

MR

IPv4IPv4

IPv4

IPv4

IPv4

IPv4

IPv4

IPv4

IPv6IPv4IPv6

MIPv6 in GPRS v4 Tunnel

MIPv6 through 802.11b

IPv4

HA

PC

IPv6IPv6

IPv6 Mobility SolutionsMobile Router & Home Agent

• Pursuing Innovation on “Networks in Motion”, Mobile Router (MAR 3200) gets IPv6 support for large scale deployment

• works over IPv6 or IPv4 infrastructures

141414© 2004 Cisco Systems, Inc. All rights reserved.

Cisco IPv6 Security Solutions

IPv6 Firewall IPv6 Firewall PreviewPreview

Stateful Packet Stateful Packet FilteringFiltering

•Secure connectivity– IPSec

o IPv4 dynamic IPSec to protect IPv6 over IPv4 tunnels with dynamic IPv4 end pointo IPv4 IPSec over UDP to offer protection when crossing a firewall or NATo IPv6 IPSec to authenticate OSPFv3

•Threat protection– Packet filtering

o Standard, reflexive, extended access control listo Hardware filtering (Cisco 12000 Series IP Service Engine, Catalyst 6500 Series Supervisor Engine 720)

Protecting your network for IPv6 2004

Integration and Coexistence

Now

151515© 2004 Cisco Systems, Inc. All rights reserved.

Cisco’s firewall technology portfolio will support IPv6 firewall implementations to ensure secure deployment of IPv6 networks commencing in 2004.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_white_papers_list.html

Cisco IPv6 Firewall Statement of Direction

161616© 2004 Cisco Systems, Inc. All rights reserved.

Moving IPv6 to Production, running Cisco IOS

Telecommuter

Residential

Dual Stack or MPLS & 6PEDual Stack or MPLS & 6PE

IPv6 over IPv4 tunnels or IPv6 over IPv4 tunnels or Dedicated data link layersDedicated data link layers

Cable

IPv6 over IPv4 TunnelsIPv6 over IPv4 Tunnels

IPv6 IX

IPv6 over IPv4 tunnels or IPv6 over IPv4 tunnels or Dedicated data link layersDedicated data link layers

DSLDSL,,FTTHFTTH,,DialDial

Aggregation

IPv6 over IPv4 tunnels IPv6 over IPv4 tunnels or Dual stackor Dual stack

ISP’s

6Bone

6to4 Relay

Dual StackDual Stack

ISATAPISATAP

Enterprise

Enterprise

WAN: 6to4, IPv6 WAN: 6to4, IPv6 over IPv4, Dual Stackover IPv4, Dual Stack

171717© 2004 Cisco Systems, Inc. All rights reserved.

Moving IPv6 to Production?

IPv6—Conclusion

• Core IPv6 specifications are well-tested & stable

Some of the advanced features of IPv6 still need specification, implementation, and deployment work

• Application, middleware and Scalable Deployment scenario are IPv6 Focus and Challenge.

• Plan for IPv6 integration and IPv4-IPv6 co-existence

Training, applications inventory, and IPv6 deployment planning

• Cisco is committed to deliver advanced IPv6 capabilities to the Internet industry

IPv6 Solutions, ABC of IPv6, e-Learning/Training, ISD,…

See http://www.cisco.com/ipv6

Questions ?

181818© 2003, Cisco Systems, Inc. All rights reserved.Presentation_ID

191919© 2004 Cisco Systems, Inc. All rights reserved.

More Information

• CCO IPv6 http://www.cisco.com/ipv6

• The ABC of IPv6http://www.cisco.com/en/US/products/sw/iosswrel/ios_abcs_ios_the_abcs_ip_version_6_listing.html

• IPv6 Technical documents :http://www.cisco.com/warp/public/732/Tech/ipv6/ipv6_techdoc.shtml

202020© 2003 Cisco Systems, Inc. All rights reserved.Presentation_ID