IPv6 in Campus Networks

Similar documents
Cisco IOS IPv6. Cisco IOS IPv6 IPv6 IPv6 service provider IPv6. IPv6. data link IPv6 Cisco IOS IPv6. IPv6

Patrick Grossetete Cisco Systems Cisco IOS IPv6 Product Manager 2003, Cisco Systems, Inc. All rights reserved.

IPv6 TRAINING CONTENT

Transitioning to IPv6

A Border Gateway Protocol 3 (BGP-3) DNS Extensions to Support IP version 6. Path MTU Discovery for IP version 6

IPv6 Transition Mechanisms

Table of Contents Chapter 1 Tunneling Configuration

Integrated Security 22

CCNA Routing and Switching (NI )

IPv6 Technical Challenges

CCNA. Murlisona App. Hiralal Lane, Ravivar Karanja, Near Pethe High-School, ,

IPv4/v6 Considerations Ralph Droms Cisco Systems

TEXTBOOK MAPPING CISCO COMPANION GUIDES

Exam Topics Cross Reference

IPv6 Transition Mechanisms

Federal Agencies and the Transition to IPv6

Chapter 15 IPv6 Transition Technologies

CCNA Questions/Answers IPv6. Select the valid IPv6 address from given ones. (Choose two) A. FE63::0043::11:21 B :2:11.1 C.

Cisco Certified Network Associate ( )

Start Here: Cisco IOS Software Release Specifics for IPv6 Features

Implementing Cisco IP Routing

IPv6 Network Management

IPv6 Feature Facts

COE IPv6 Roadmap Planning. ZyXEL

IPv6 Rapid Deployment (6rd) in broadband networks. Allen Huotari Technical Leader June 14, 2010 NANOG49 San Francisco, CA

IPv6 Bootcamp Course (5 Days)

IPv6 Transition Technologies (TechRef)

Radware ADC. IPV6 RFCs and Compliance

Planning for Information Network

CSCI-1680 Network Layer:

Organization of Product Documentation... xi

Unit 5 - IPv4/ IPv6 Transition Mechanism(8hr) BCT IV/ II Elective - Networking with IPv6

Comcast IPv6 Trials NANOG50 John Jason Brzozowski

IPv6 Next generation IP

Cisco 921J Gigabit Ethernet security router with external power supply for Japan only

Implementing Cisco IP Routing (ROUTE)

Cisco 5921 Embedded Services Router

Configuring Tunneling on the RV130W

Cisco ME 6524 Ethernet Switch

COPYRIGHTED MATERIAL. Table of Contents. Assessment Test

CERTIFICATE CCENT + CCNA ROUTING AND SWITCHING INSTRUCTOR: FRANK D WOUTERS JR. CETSR, CSM, MIT, CA

BROCADE S IPV6 SOLUTIONS

Configuring IPv6 basics

Aeronautical Systems Center

Certified Cisco Networking Associate v1.1 ( )

Avaya Networking IPv6 Using Fabric Connect to ease IPv6 Deployment. Ed Koehler Director DSE Ron Senna SE Avaya Networking Solutions Architecture

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis

An Industry view of IPv6 Advantages

CCIE Routing & Switching

IP version 6. The not so new next IP version. dr. C. P. J. Koymans. Informatics Institute University of Amsterdam.

Foreword xxiii Preface xxvii IPv6 Rationale and Features

2009/10/01. Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Obsoleted by RFC3596 [7] RFC 1887

PREREQUISITES TARGET AUDIENCE. Length Days: 5

IPv6 Deployment at the University of Pennsylvania

TCP/IP Protocol Suite

Configuring IPv6 for Gigabit Ethernet Interfaces

Cisco 5921 Embedded Services Router

Tutorial: IPv6 Technology Overview Part II

IPv6 tutorial. RedIRIS Miguel Angel Sotos

"Charting the Course... IPv6 Bootcamp Course. Course Summary

IPv6. Internet Technologies and Applications

Internet Protocol, Version 6

The link-local prefix ff00::/8 specifies any addresses which are used only in software.

Interconnecting Cisco Network Devices: Accelerated

IPv6 Basics. APNIC Training Bali, Indonesia February, Jordi Palet - 1

IPv6 Addressing. There are three types of IPV6 Addresses. Unicast:Multicast:Anycast

IPv6 Security (Theory vs Practice) APRICOT 14 Manila, Philippines. Merike Kaeo

Cisco CCNP ROUTE: Implementing Cisco IP Routing (ROUTE) 2.0. Upcoming Dates. Course Description. Course Outline

CCNA Routing & Switching

Cisco Group Encrypted Transport VPN

The Future Wireless Internet

TestOut Routing and Switching Pro - English 6.0.x COURSE OUTLINE. Modified

Cisco Implementing Cisco IP Routing v2.0 (ROUTE)

IPv6 Addressing and Basic Connectivity

CCNA. Course Catalog

Implementing Cisco IP Routing (ROUTE)

Cisco CCNA (ICND1, ICND2) Bootcamp

Interconnecting Cisco Networking Devices Part 1 (ICND1) Course Overview

Configuring IP Version 6

Configuring IPv6 First-Hop Security

WCCP Network Integration with Cisco Catalyst 6500: Best Practice Recommendations for Successful Deployments

NIST SP : Guidelines for the Secure Deployment of IPv6

Securizarea Calculatoarelor și a Rețelelor 32. Tehnologia MPLS VPN

IPv6. Copyright 2017 NTT corp. All Rights Reserved. 1

Guide to TCP/IP Fourth Edition. Chapter 11: Deploying IPv6

12.1. IPv6 Feature. The Internet Corporation for Assigned Names and Numbers (ICANN) assigns IPv6 addresses based on the following strategy:

Lecture 3. The Network Layer (cont d) Network Layer 1-1

OSI Data Link & Network Layer

IPv6 Transition Mechanisms

IPv4-to-IPv6 Transition Strategies

Introduction. Executive Summary. Test Highlights

Vendor: Cisco. Exam Code: Exam Name: Implementing Cisco IP Routing (ROUTE v2.0) Version: Demo

Quidway NetEngine 20E/20 Series Router Product Specification

New IP Header. Why change IP. Address Notation. Changes. Information Sources. IP Version 6 ITL

Information Sources Hans Kruse & Shawn Ostermann, Ohio University

Practical IPv6 for Windows Administrators

Pass4sures. Latest Exam Guide & Learning Materials

Transition To IPv6 October 2011

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12

Operation Manual IPv6 H3C S3610&S5510 Series Ethernet Switches Table of Contents. Table of Contents

Transcription:

IPv6 in Campus Networks Dave Twinam Manager, Technical Marketing Engineering Internet Systems Business Unit dtwinam@cisco.com Cisco Twinam IPv6 Summit 2003 Cisco Systems, Inc. All rights reserved. 1

IPv6 A Key Driver for the e-economy O.S. & Applications Restoring an environment for Innovation Mobile Networking The Ubiquitous Internet Agriculture/Wildlife Medical Transportation Consumer & Services Manufacturing e-nations Services on the edge of the Network Higher Ed./Research Government (Federal/Public Sector) 2

How Do we Get There from Here? IT Departments must include IPv6 as a core element of their IT strategy. Applications must become protocol agnostic IPv4 & IPv6 will coexist for the foreseeable future No D-Day / Flag Day. Education & Careful Planning are crucial. How long does it take in your environment? IPv4 & IPv6 implementations must be scalable, reliable, secure and feature rich. Strategy that reflects this Starting with Edge upgrades enable IPv6 service offerings now 3

IPv6 Integration Many ways to deliver IPv6 services to End Users, Most important is End to End IPv6 traffic forwarding Service Providers and Enterprises may have different deployment needs and mechanisms but basic steps are common Definition of an IPv6 addressing scheme Selection of the IPv6 routing protocol(s) DNS server ready to register AAAA record IPv6 devices management rules over an IPv4 transport? Security rules for IPv6 access 4

IPv6 Deployment Scenario for Enterprises Environment Scenario Cisco IOS support WAN IPv6 services available from ISP Dual Stack Yes Dedicated Data Link layers, eg. LL, ATM & FR PVC, dwdm Lambda No IPv6 services from ISP or experimentation few sites No IPv6 services from ISP or experimentation many sites, any to any communication Dual Stack Configured Tunnels 6to4 Yes Yes Yes Campus L3 infrastructure IPv6 capable Dual Stack Yes L3 infrastructure not IPv6 capable, or sparse IPv6 hosts population ISATAP Yes 5

IPv6 over WAN Presentation_ID 2003, Cisco Systems, Inc. All rights reserved. Cisco Twinam IPv6 Summit 6

IPv6 over WAN Configured Tunnels IPv6 Header Transport Header Data IPv4 Header IPv6 Header Transport Header Data IPv6 site (dual stack) Cisco IOS 12.3M/T and 12.2S Cat.6500 & 12.0S on C12000 IPv4 Internet IPv6 site (dual stack) Manually Configured tunnels RFC 2893 or GRE IS-IS for IPv6 can only be configured over GRE tunnels Tunnel source and destination (IPv4) explicitly configured at end nodes Requires dual-stack router nodes or other end point (IPv4 and IPv6) As number of sites grows - manageability 7

IPv6 over WAN 6to4 Tunnels 2002 Public IPv4 address SLA Interface ID 6to4 relay Anycast IPv6 Internet IPv6 site (dual stack) IPv4 Internet 2001::/16 address space Cisco IOS 12.3M/T and 12.2S Cat.6500 12.0S on C12000 6to4 Tunnels (RFC 3056) Automatic tunnel method Tunnels created dynamically based upon embedded IPv4 addresses NOT reliant upon a IPv6 ready Provider. Router tunnels IPv6 packets on 6to4 tunnel whenever the next-hop IPv6 address is non-local and its prefix is 2002::/16 Encapsulated packet gets its IPv4 destination address from the IPv4 address embedded in the next-hop IPv6 address 6to4 Relay to be configured as default route to reach the IPv6 Internet Anycast (RFC 3068) to handle several relays IPv6 site (dual stack) 8

IPv6 on a Campus Presentation_ID 2003, Cisco Systems, Inc. All rights reserved. Cisco Twinam IPv6 Summit 9

IPv6 on a Campus ISATAP Tunnels Native IPv6 IPv6 in IPv4 ISATAP IPv6 Prefix ::/64 0000:5EFE: IPv4 Addr. 32-bit 32-bit Interface ID IPv6 Data Center IPv6 Internet/Intranet ISATAP router Cisco IOS 12.3M/T 12.2S Cat.6500 IPv4 + IPv6 ISATAP Network Dual-Stack Host Dual-Stack Host Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) IETF Draft Automatic Tunnels created dynamically based on embedded IPv4 addresses IPv6 Unicast only Primarily intended for communication between [sparse] IPv6 hosts within a site with no native IPv6 infrastructure but an ISATAP router IPv6 hosts connect to virtual IPv6 link that may spread several IPv4 subnets to directly communicate between each others. IPv6 hosts reach the IPv6 Internet through an ISATAP router 10

IPv6 on a Campus Dual-Stack IPv4-IPv6 Requires Switching / Routing Platforms to support hardware based forwarding for IPv4 & IPv6 IPv6 is transparent on L2 switches but for Multicast MLD snooping Requires Robust Control Plane for both IPv4 & IPv6 Stateless Autoconfiguration Routing protocols IPv6 Multicast and other Advanced Services such a QoS Security through IPv6 Access Control Capabilities Including option headers IPv4 & IPv6 Control Planes & Data Planes must not impact each other 10 GE core WAN & Internet Access Data Center 11

IPv6 on a Campus Data Center NAT-PT IPv4 Server Dual Stack Campus 10 GE core Dual Stack Server 10Mb/s to 10GE link Dual Stack Mainframe Cisco Catalyst 6500 IPv6 HW FW on Supervisor Engine 720: 200+ Mpps 10Mb/s to 10Gb/s Ethernet ports Cisco IOS NAT-PT : to enable IPv6 clients to access an IPv4 server that can t be upgraded to dual stack 12

Catalyst 6500 Series - IPv6 Hardware Forwarding Shipping Production Hardware & Software for IPv6 Hardware IPv6 support for: IPv6 unicast Forwarding IPv6 tunneling Configured, automatic, 6to4, and ISATAP tunnels IPv6 ACLs Extended and reflexive ACLs IPv6 NetFlow statistics IPv6 over VLAN Key Control Plane Features: Static, RIPv6, OSPFv3, IS-IS for v6, MP-BGP for v6 ICMPv6, Neighbor discovery (ND) and stateless autoconfiguration Management and troubleshooting: Ping, Traceroute, Telnet and SSH, TFTP, DNS Hardware Based Network Analysis Module IPv6 QoS and IPv6 multicast in trials 13

Catalyst 6500 Series NAM Introducing IPv6 Network Management capabilities IPv6 monitoring and decodes with NAM Can set up alarms with IPv6 addresses Can configure an easy IPv6 capture filter and IPv6- historical reports 14

Cisco Catalyst 6500 - IPv6 Switching Solutions In July 2003, Cisco Systems commissioned the European Advanced Networking Test Center (EANTC) to verify Catalyst 6500 performance numbers Showed 200+ Mpps of IPv6 Throughput Showed no performance degradation with advanced features enabled: -Netflow Statistic s Collection -Access Control Lists -QoS http://www.eantc.com/ The Catalyst 6500 equipped with the new Supervisor Engine 720 and populated with 3 rd Generation Gigabit Ethernet Cards. Achieved or in many cases exceeded, Cisco s performance claims for the switch Performance was unaffected by very significant quantities of value added features and the Catalyst and the Catalyst Demonstrated massive Multicast scalability. 15

Catalyst 3750 Series IPv6 Hardware Forwarding Shipping Production Hardware IPv6 software in Q3 CY04 Hardware IPv6 support for: IPv6 unicast Forwarding IPv6 over VLAN Key Control Plane Features: Static, RIPv6, OSPFv3 ICMPv6, Neighbor discovery (ND) and stateless autoconfiguration Management and troubleshooting: Ping, Traceroute, Telnet and SSH, TFTP, DNS IPv6 across Cisco StackWise Technology Embedded management with CMS for IPv6 basic Support 16

Conclusion Cisco has a large suite of products which are IPv6 ready and driving the adoption of IPv6 today. The Applications and OS s are rapidly becoming more prevalent to enable production deployments to occur. Your Cisco infrastructure is IPv6 ready. The Time is NOW! www.cisco.com/ipv6 17

Presentation_ID 2003, Cisco Systems, Inc. All rights reserved. 18

IPv6 over WAN Securing IPv6 Tunnels Manual IPv6 over IPv4 Tunnels can be secured using IPv4 IPsec 6to4 tunnels between remote sites from an enterprise can be secured using IPv4 IPsec and could take benefits of key distribution mechanisms for sites from a corporate network Remote sites that only get an IPv4 dynamic address can still re-negotiate the tunnel endpoint with a central site and secure the connection using IPv4 Dynamic IPsec on Cisco IOS Securing IPv6 over IPv4 tunnels with IPv4 IPsec over UDP on Cisco IOS enables NAT and Firewall traversal in a secure way IPv6 ACL must be applied to the tunnel endpoints to secure the IPv6 traffic 19

Industry s Broadest Platform Support Cisco IOS 12.0S 2001 Cisco 12000 Series Routers Cisco 10720 Series Cisco IOS 12.3 2003 Cisco 800 Series Routers Cisco 1700 Series Routers Cisco 2600 Series Routers Cisco 3600 Series Routers Cisco 3700 Series Routers Cisco 7200 Series Routers Cisco 7300 Series Routers Cisco 7500 Series Routers Cisco IOS 12.2S 2004 Cisco 72/7300 Series Routers Cisco 75/7600 Series Routers Cisco 10000 Series Routers Cisco 12000 Series Routers Catalyst 3750 Series Catalyst 4500 Series Catalyst 6500 Series Cisco Product Portfolio PIX Firewall 2004 Mobile Wireless, Home Networking IP Telephony - Radar 20

Cisco IPv6 Firewall Statement of Direction Cisco s firewall technology portfolio will support IPv6 firewall implementations to ensure secure deployment of IPv6 networks commencing in 2004. http://www.cisco.com/en/us/products/hw/vp ndevc/ps2030/prod_white_papers_list.html 21

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback