IPv6 Architecture Overview and Deployment Scenarios

© 2010 Cisco Systems, Inc. All rights reserved. Cisco Public 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 1

Chinna Pellacuru [email protected] Technical Leader

August 23, 2011

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 2

• IPv6 Enterprise Deployment Scenarios

• IPv6 Service Provider Deployment Scenarios


IPv6 Internet Presence (websites, remote users, B2B …)

IPv6 Islands (Wireless/Consumer devices, Labs …)

Internal Data Center, Enterprise Apps

Ubiquitous Dual-Stack

IPv6 Pilot and Basic Infrastructure

IPv4 EOL

Sales Certs (IPv6 Ready, USGv6, JITC)

“Mandated”

1, 2, 3

Who?

•Government Agencies

•Customers who sell to

government agencies

“Motivated”

2 3 4

Who?

•Customers with IPv4 address

exhaustion

•Global Enterprises with

consumer or business

interaction on the public internet

•Customers with user-provided

devices on their networks

“Early Adopter”

2 4 3 5 6 7

Who?

•Companies looking for

competitive advantage

•Companies using IPv6 to solve

business problems

•Early adopters preparing for

coexistence

“Mainstream”

2

Who?

•Large Enterprises

•Small-Medium Enterprises

1

2

3

5

6

7

4


• Based on Timeframe/Use case

• Core-to-Edge – Fewer things to touch

• Edge-to-Core – Challenging but doable

• Internet Edge – Business continuity

Servers

Branch Branch

WAN

DC Access

DC Aggregation

DC/Campus Core

Campus Block

ISP ISP

Internet Edge


Tunneling

Services

Connect Islands of IPv6 or IPv4

IPv4 over IPv6 IPv6 over IPv4

Dual Stack

Recommended Enterprise Co-existence strategy

Translation Services

IPv4

IPv6

Business Partners

Internet consumers

Remote

Workers

International Sites

Government Agencies

IPv6

IPv4


• Dual Stack = Two protocols running at the same time (IPv4/IPv6)

• #1 requirement—switching/ routing platforms must support hardware based forwarding for IPv6

• Expect to run the same IGPs as with IPv4

Dual-stack Server

L2/L3

v6-Enabled

v6- Enabled

v6-Enabled

v6- Enabled

IPv6/IPv4 Dual Stack Hosts

v6- Enabled

v6- Enabled

Aggregation Layer (DC)

Access Layer (DC)

Access Layer

Distribution Layer

Core Layer


• Provides ability to rapidly deploy IPv6 services without touching existing network

• Provides tight control of where IPv6 is deployed and where the traffic flows (maintain separation of groups/locations)

• Get lots of operational experience with limited impact to existing environment – Ideal for Pilot

• challenges – Lots of tunneling

• 1) Leverage existing ISP block for both IPv4 and IPv6 access

• 2) Use dedicated ISP connection just for IPv6—Can use FW on router or dedicated appliance

Primary ISATAP Tunnel

Secondary ISATAP Tunnel

ISATAP

IPv6 Service Block

Inte

rne

t

Dedicated FW

FW on router

Data Center Block

VLAN 2

WAN/ISP Block

IPv4-only Campus Block

Agg Layer

VLAN 3

2

1

Access Layer

Dist. Layer

Core Layer

Access Layer


IPv6

Internet

IPv4-only Host

Server Load Balancer Stateful NAT64

IPv6

IPv4

IPv6

Internet

IPv4-only Host

IPv6

IPv4

IPv6

Internet

IPv4-only Host

Proxy

IPv6

IPv4

-Apache

ReverseProxy

-MSFT

PortProxy

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9

• Establish the network starting point

• Importance of a network assessment and available tools

• Build a pilot or lab environment

• Obtain addressing or use ULA or documentation prefix (in lab)

• Learn the basics (DNS, routing changes, address assignment)

Pre-Deployment

Phases

Deployment

Phases

• Transport considerations for integration

• Internet Edge (ISP, Apps)

• Campus IPv6 integration options

• Data Center integration options

• WAN IPv6 integration options

• Execute on gaps found in assessment


Early

Adopters

Globalization

IPv6 Government

Mandate Deadlines

IPv4/IPv6

Co-existence

High Risk Low Risk Moderate Risk

2010 2012 2014

Transition

Planning

2011: Internet Evolution begins – ―…IPv6 is important to all of us (…) to everyone around the world, It is crucial to our ability to tie together everyone and every device”. John Chambers

•2012: Mandates take effect – Transition to IPv6 forces customers to acquire product or managed services to sustain business and customer reach

IPv6 Business Impact – The Cost of Waiting Goes Up

• 2010: Low Impact – Buying behavior shift

limited to mandated and early adopter sites

• 2014: IPv6 is mainstream – customers without transition

infrastructure experience reduced service levels, diminished

customer reach, increase operational complexity

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential Advanced IPv6 11

IPv6 SP core Deployment Options

SP Core Infrastructures – 2 Basic Paths

Native IPv4 core with associated services

L2TPv3, QoS, Multicast, …

MPLS with its associated services

MPLS/VPN, L2 services over MPLS, QoS, …

IPv6 in Native IPv4 Environments

Tunneling IPv6-in-IPv4

Native IPv6 with Dedicated Resources

Dual-Stack IPv4 and IPv6

IPv6 in MPLS Environments

6PE

6VPE


IPv4 SP BB

SP IPv4 Core: Tunnelling IPv6 in IPv4

Tunnelling Options

Manual Tunnels (RFC 2893), GRE Tunnels (RFC 2473), L2TPv3, …

IPv6 Site A

IPv6 Site B

IPv6 SP

IPv6 IX

U N I V E R S I T YU N I V E R S I T Y


SP IPv4 Core: Native IPv6 over Dedicated Data Link

ISP Scenario

Dedicated Data Links between Core routers

Dedicated Data Links to IPv6 Customers

Connection to an IPv6 IX

IPv6

IPv4

Service Provider ATM Backbone with

IPv4 and IPv6 Services

IPv6 IX

Internet

Campus IPv4 and IPv6 VLANs


SP IPv4 Core: Dual Stack IPv4 and IPv6

All P + PE routers are capable of IPv4+IPv6 support

IPv4/IPv6 Core

CE

IPv6 IPv4

PE P P PE CE

IPv4

IPv6

IPv6 configured interface

IPv4 configured interface

Some or all interfaces in cloud dual configured

IPv6 + IPv4 Core

IPv4 + IPv6 Edge IPv4 and/or IPv4 edge Dual Stack App


Carrier-Grade IPv6 Solutions – CGv6 for SP Access

NAT444

Softwires

6rd

AFT64

DS-Lite

4rd

dIVI


SP Access: Public IPv4 Exhaustion with NAT444 Solution

Everything is IPv4

NAT44 at CPE

Additional NAT44 in SP core

CGN NAT44 multiplexes several customers onto the same public IPv4 address

Core Edge Aggregation Access

IP/MPLS

Residential

Private IPv4 (SP Assigned domain) Private IPv4 (Subs.)

Public IPv4

NAT44 CGN

NAT44

NAT44



IP/MPLS

Residential

SP network is IPv4

Dual-Stack IPv4/IPv6 customer network

IPv4oPPPoE or IPv4oE Termination on IPv4-only BNG

L2TPv2 softwire between RG and IPv6-dedicated L2TP Network Server (LNS)

NAT used for IPv4

IPv4oPPPoE or IPv4oE

IPv6oPPPoL2TPv2

SP Access: IPv6 over L2TP softwires

IPv4 BNG IPv6 LNS

Broadband Forum WT-242: Getting to Dual Stack

RG

RG


SP network is IPv4

Customer network is Dual Stack

Automatic Prefix Delegation on 6rd CE, using ISP IPv6 Prefix

IPv6 encapsulated in IPv4 in the SP network

IPv6 addresses are by embedding IPv4 addresses

Simple, stateless, automatic IPv6-in-IPv4 encap and decap functions on 6rd (CE & BR)

NAT used for IPv4


IP/MPLS

Residential

SP Access: IPv6 over IPv4 via 6rd (RFC 5569)

6rd BR

6rd BR

6rd CE

6rd CE

IPv4/v6 IPv4/v6 IPv4


SP Access: Connecting IPv6-only with IPv4-only: AFT64

Entire ISP network is IPv6 only

Endpoints are IPv6 only

AFT64 is used for IPv6 only client to talk to IPv4 Internet or IPv4 Datacenter


IP/MPLS

Residential

IPv6 ONLY connectivity

NAT64

IPv4 ONLY

DNS64

Public IPv4 Internet

IPv4 Datacenter


SP Access: IPv4 via IPv6 using DS-Lite

ISP network is IPv6 only

Customer network is Dual Stack

IPv4 over IPv6 Tunnel (Stateful)

CGN doing NAT44 for IPv4 traffic


IP/MPLS

Residential

IPv6 IPv4/v6

CGN NAT44

B4

B4


IPv6

Internet IPv4 Internet

End User End User

SP Access: 4rd and Transition Strategy from 6rd


2001:beef:1.1.1.1:3:007::

Boundary

Router

Public IPv4

Gateway (L3) Residential Edge

IPv6 or

IPv6+IPv4

or 6PE Public IPv6

NAT64 NAT446

dIP 8.8.8.8

sPort 5555

dIP 8.8.8.8

sPort 1034

dIP

2001:DB80:FF:8.8.8.8

sPort

1034

dIP 8.8.8.8

sPort 1034

dIP 1.1.1.1

sPort 80

dIP

2001:DB80:FF:1.1.1.1:3002::

sPort

80

dIP 1.1.1.1

sPort 80

dIP 192.168.0.5

sPort 80

NAT44

NAT46

NAT64

NAT46

NAT64

NAT44

SP Access: Dual IVI (dIVI)


Establish IPv6

project

management

team

2

4

6 8

10

Evaluate effect

on business

model

1

Decide on IPv6

Architecture

Strategy

3

5

7

9

Business Case Identified/Justified

Assess network including

hardware and software

Applications and back end operations

Obtain IPv6 Prefix

Develop Addressing Plan

Develop Security Plan

Develop Adoption Timelines

Develop Cost Analysis

Develop procurement Plan

Test Solution with

applications , network

management for

first deployment.

Develop IPv6

exception

strategy

Create Detailed

Design for phase 1

Train Engineering and

Operations on Technology

and Solution in place


Next Steps For IPv6 Adoption

Share your IT priorities

Visit Cisco booth and tick-your priorities in our feedback

form

Contact Cisco rep-

Vinod Patani – [email protected] ; 9899105886

Chinna Pellacuru , [email protected]

Get started with IPv6 Adoption Workshop

mailto:[email protected]

mailto:[email protected]

Thank you.

IPv6 Architecture Overview and Deployment Scenarios

Technology

Transcript of IPv6 Architecture Overview and Deployment Scenarios