-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 1
Robert BeckettServices Technical Leader
November 14, 2012
-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 2
Network backbone routers, switches, etc.
Terminal servers, telnet, ssh, VNC, RDP, etc.
File servers, VMware, etc.
Services DNS, DHCP, AAA, NTP, SNMP, etc.
NMS vendor and home-grown
IP Phones, Wireless
Power management, Room Access, Surveillance
Thermostat, Cooling, Fire detectors, Lights
-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 3
Network backbone routers, switches, etc.
Terminal servers, telnet, ssh, VNC, RDP, etc.
File servers VMware, etc.
Enable IPv6 connectivity within lab
Enable IPv6 connectivity between labs
Enable IPv6 connectivity to Internet where needed
IPv6 available for devices that need/want it
Groundwork for future
-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 44
San Jose
RCDNBXB
RTP
Brussels
Beijing
Tokyo
Sydney
Bangalore
Emerging MarketsUS & Canada European Markets Asia
Pacific/Japan
Strategy: combine the labs into one unified, scaled, virtual
system with common architecture and processes: One lab
service cloud.
-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 5
Support more TAC IPv6 cases -- recreates
Be ready for the World IPv6 Launch Day: June 6th, 2012
Greater Internet Addressability in lieu of very limited public
IPv4 address space
Greater Cisco Addressability in lieu of limited RFC1918 IPv4
Address Availability
-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 6
Dual stack
Direct vs. 6in4 Tunnel
RIPv6 / EIGRPv6 / OSPFv3 / IS-IS
Only IS-IS is truly integrated, but this advantage is not too
useful in a typical lab that has on the order of dozens of pods and
hundreds of subnets
We traditionally used EIGRP inside the lab, but RIPv6 is what
Cisco IT uses for the 6in4 tunnels it creates
-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 7
Assigned /56 via IP transported via direct or GRE tunnel
Full mesh tunnels, or home all tunnels to single router or to
where IT tells you
In our case, not a terribly strict hierarchy mix of main
gateway, intermediate gateways, L2/L3 switches, etc.
Route IPv6 on all routers and L3 switches
No need to worry about L2, except as hosts for mgmt
Lab backbone via RIP for now because of IT and desire to keep
things simple, migrate to OSPF or EIGRP later
-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 8
ipv6 unicast-routing
!
interface Tunnel0
description for 2001:db8:1bf:400::/56
no ip address
ipv6 address 2001:DB8:1BF:400::2/64
tunnel source Loopback0
tunnel destination 10.27.90.77
tunnel mode ipv6ip
!
interface Loopback0
ip address 131.108.84.1 255.255.255.255
-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 9
interface Vlan11
description BACKBONE ETHERNET SWITCH VLAN
ipv6 address 2001:DB8:1BF:401::1/64
ipv6 rip v6 enable
ipv6 rip v6 default-information originate
!
interface Vlan240
ipv6 address 2001:DB8:1BF:4F0::1/64
!
ipv6 route ::/0 Tunnel0
ipv6 router rip v6
-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 10
ipv6 unicast-routing
!
interface GigabitEthernet0/0
ipv6 address 2001:DB8:1BF:401::11/64
ipv6 rip v6 enable
!
interface GigabitEthernet0/1.54
encapsulation dot1Q 54
ipv6 address 2001:DB8:1BF:436::1/64
!
ipv6 router rip v6
-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 11
Via SLAAC/DHCP address, subnet, gateway, DNS if available
interface x/y
ipv6 address autoconfig
Static
interface x/y
ipv6 address 2001:DB8:1BF:436::88/64
!
ipv6 route ::/0 2001:DB8:1BF:436::1
ip name server X:X:X:X::X
ip domain name abc.org
-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 12
Some HW may need upgrading
Likely some SW needs upgrading
Cisco IPv6 feature support EIGRP in SXI, IPv6 in ipbase,
etc.
Lab topology has evolved over so many years
LARGE lab
Little manpower for lab architecture
IT infra not all IPv6 enabled; need some 6in4 tunnels
Labeling! IPv6 subnets are longer and devices with more and more
ports have less empty space to write them.
-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 13
In IPv6, subnet size worries gone
DHCP vs. static range concerns gone basically no chance of IPv6
address collision
Switch feature -- Broadcast suppression no longer needed,
multicast suppression still useful
Subnet manager IT / CALO
-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 14
Configure IPv6 addresses on more devices by default for IPv6
management telnet, ssh, snmp, etc.
Move from SLAAC to Stateless DHCPv6 and Stateful DHCPv6
Migrate away from non-routable IPv4 address space in favor of
corporate routable IPv6 address space
Get IPv6 on our DMZ network
-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 15
Cisco Support
Community:https://supportforums.cisco.com/community/netpro/network-
infrastructure/ipv6-transition
CCO IPv6 Main Page www.cisco.com/go/ipv6
-
Thank you.
-
Cisco Confidential 2010 Cisco and/or its affiliates. All rights
reserved. 17
-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 18
Discover Layer 3 device on local subnet
Address assignment
Stateful (DHCP) vs Stateless Address assignment (SLAAC)
Server sends Network-Type Information
Prefix
Default Route
Host Address Is:
Prefix Received
+
Link-Layer Address
-
Cisco Confidential 2010 Cisco and/or its affiliates. All rights
reserved. 19
Centralized server performs all addressing tasks
Assigns IP addresses
Keeps track of Client to address mapping
Provides additional network information
DNS server
Default gateway
Examples of Stateful Address protocols
DHCP
Client dynamically takes on addressing tasks
Chooses own IP address
EUI-64
DAD used to avoid address duplication
Additional network information not provided by default
Provided by supporting server
Examples of Stateless Address protocols
SLAAC (StateLess Address AutoConfiguration)
-
Cisco Confidential 2010 Cisco and/or its affiliates. All rights
reserved. 20
DHCPv6 server will allocate one or more IPv6 addresses or
prefixes to a DHCPv6 client
DHCP options can be provided to client
DNS server
Domain name
DHCPv6 server maintains state
Stores the leased IPv6 addresses and lease details in its
database
Two messages are used
INFORMATION-REQUEST
REPLY
DHCPv6 server only provides configuration information
DNS server
Domain name
Assumption:
Client will acquire IPv6 address through other means (SLAAC)
-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 21
RA can be disabled because DHCP takes care of address
assignment
ipv6 dhcp pool IPV6_DHCPPOOL
address prefix 2001:DB8:1000::/64 lifetime infinite infinite
link-address 2001:DB8:1000::1/64
dns-server 2001:DB8:1000::4222
domain-name cisco.com
!
interface Ethernet0/0
ipv6 address 2001:DB8:1000::1/64
ipv6 enable
ipv6 nd ra suppress
ipv6 dhcp server IPV6_DHCPPOOL
-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 22
By default, SLAAC only allows the client to configure an IP
address and default route, no additional information
SLAAC must be configured to use other-config-flag options in
order to provide DNS and domain name information via the DHCP
config
This information is still provided through SLAAC, just
configured via DHCP
ipv6 dhcp pool IPV6_DHCPPOOL
dns-server 2001:DB8:1000::4222
domain-name cisco.com
!
interface Ethernet0/0
ipv6 address 2001:DB8:1000::1/64
ipv6 enable
ipv6 nd other-config-flag
ipv6 dhcp server IPV6_DHCPPOOL
-
2010 Cisco and/or its affiliates. All rights reserved. Cisco
Confidential 23
IPv6s larger address space enables:
Use of link layer addresses inside the address space via eui-64
format
Dynamic client address autoconfiguration with no collisions
(DAD)
Plug and play support
