You are previewing Deploying IPv6 Networks.
O'Reilly logo
Deploying IPv6 Networks

Book Description

An essential, comprehensive, and practical guide to IPv6 concepts, service implementation, and interoperability in existing IPv4 environments

After completing Deploying IPv6 Networks, you will:

  • Understand the current state of IPv6 technologies and services

  • Understand the IPv6 features as they are applied in service deployments

  • Be prepared with guidelines on how to ready your organization for a migration to IPv6

  • Know how to design and implement an IPv6 production-level network using the book’s templates and examples

  • Have the ability to configure and troubleshoot IPv6 networks

  • Know where IPv6 developments are moving in the future

  • Large IPv6 production deployments worldwide are proof that the transition to the next generation of the IP protocol is no longer merely a prediction—IPv6 is now touching all aspects of IP networking and communications. Therefore, understanding the technology and being able to plan, design, and deploy IPv6 services are necessary skills for networking professionals.

    Deploying IPv6 Networks is an essential guide to IPv6 concepts, service implementation, and interoperability in existing IPv4 environments. You’ll learn about IPv6 as a mature technology ready for deployment. Deploying IPv6 Networks goes beyond addressing the basics of IPv6 yet remains accessible to readers unfamiliar with the protocol. With this book in hand, you will learn how to plan, design, deploy, and manage IPv6 services.

    Deploying IPv6 Networks opens with an updated “Case for IPv6”: a review of the IPv4 challenges and the IPv6 opportunities. It then covers the IPv6 concepts related to IP services provided in real networks. Relevant features and corresponding configuration examples are presented in a deployment context as they are applied to the various segments of the network. The IPv6 knowledge accumulated in the first part of the book is revisited in Part II, where it is leveraged in concrete and usable examples that cover most common network environments: MPLS service provider, IP service provider, and enterprise.

    The structure of Deploying IPv6 Networks enables you to use it as a reference for specific aspects of IPv6, as a technology study guide, or as a design guide for deploying IPv6. You’ll also find that the presentation approach enables you to leverage your IPv4 experience to quickly become knowledgeable and proficient with the concepts of IPv6.

    Table of Contents

    1. Copyright
      1. Dedications
    2. About the Authors
      1. About the Contributor
      2. About the Technical Reviewers
    3. Acknowledgments
    4. Icons Used in This Book
    5. Command Syntax Conventions
    6. Introduction
      1. Goals and Methods
      2. Who Should Read This Book?
      3. How This Book Is Organized
        1. Part I
        2. Part II
    7. I. Implementing IPv6 Services
      1. 1. The Case for IPv6—An Updated Perspective
        1. Unicast Connectivity
          1. Addressing
            1. IPv4 Address Architecture
            2. Private Versus Public Addresses
            3. Static Versus Dynamic Addresses
            4. Renumbering
            5. Network Address Translation
              1. Can IPv6 Eliminate NAT?
          2. Routing
        2. QoS Services
        3. Multicast Services
        4. Virtual Private Networks
        5. Security
        6. IP Mobility
        7. IPv6 Is an Evolutionary Step
      2. 2. An IPv6 Refresher
        1. IPv6 Addressing
          1. IPv6 Address Representation
          2. IPv6 Address Architecture
            1. IPv6 Unicast Address
              1. Link-Local Addresses
              2. Unique Local Unicast Address
              3. Global Unicast Address
              4. IPv6 Unicast Address Allocation
              5. Special-Use Addresses
            2. IPv6 Anycast Addresses
            3. IPv6 Multicast Addresses
              1. Unicast-Prefix-Based Multicast Addresses
              2. Solicited-Node Multicast Addresses
              3. IPv6 Multicast Address Allocation
            4. IPv6 and Layer 2 Addressing
              1. EUI-64 Interface Identifiers
              2. Layer 2 Multicast Addresses
            5. IPv6 Addresses Required for an Interface
            6. Configuring IPv6 Addresses in Cisco IOS Routers
            7. IPv6 Addressing Architecture at a Glance
        2. IPv6 Packet Format
          1. IPv6 Versus IPv4 Basic Header Format
          2. IPv6 Extension Headers
            1. Hop-by-Hop Options Header
            2. Destination Options Header
            3. Routing Header
            4. Fragment Header
            5. Authentication Header
            6. Encapsulating Security Payload Header
            7. Mobility Header
            8. Linking Multiple Extension Headers
          3. IPv6 and Data-Link Technologies
        3. Internet Control Message Protocol for IPv6
          1. ICMPv6 Error Messages
            1. Destination Unreachable
            2. Time Exceeded
            3. Packet Too Big
            4. Parameter Problem
          2. ICMPv6 Informational Messages
          3. Source Address Selection Algorithm
          4. Conclusion on ICMPv6
        4. Neighbor Discovery Protocol
          1. Protocol Operations Summary
          2. Comparison with IPv4
          3. Router and Prefix Discovery
          4. Address Resolution
          5. Redirecting a Host to a Better Next Hop
          6. Inverse Neighbor Discovery
          7. Proxy Neighbor Discovery
          8. Neighbor Discovery Algorithms
            1. Next-Hop Determination
            2. Default Router Selection
            3. Duplicate Address Detection
            4. Neighbor Unreachability Detection
            5. The State Machine for Reachability
            6. Autoconfiguration
          9. Neighbor Discovery at a Glance
      3. 3. Delivering IPv6 Unicast Services
        1. Overview
        2. IPv6 Provisioning
          1. Host IPv6 Address Provisioning
            1. Stateless Autoconfiguration
              1. Stateless Autoconfiguration Operation
              2. IPv6 Address Renumbering
            2. Stateful DHCP
          2. Router IPv6 Address Provisioning: Prefix Delegation
            1. Protocol Description
            2. Requesting Router
            3. Delegating Router
            4. What DHCP-PD Does Not Do
          3. Other Configuration Information
            1. Stateless DHCP
            2. DNS Services
              1. AAAA Records
              2. IP6.ARPA Domain
              3. Query Messages Changes
        3. IPv6 Network Access
          1. Media Types
          2. Native IPv6 Access
            1. Routed Access
            2. Bridged Access
            3. PPP-Encapsulated IPv6 Access
              1. PPP over ATM
              2. PPP over Ethernet
            4. Virtualized Access Layer
              1. L2TPv2 Access Aggregation
              2. L2TPv3 Access Aggregation
          3. Access over Tunnels
            1. Manually Configured Tunnel
            2. Tunnel Broker and Tunnel Server
            3. Teredo
            4. ISATAP
        4. IPv6 over the Backbone
          1. Native IPv6
          2. IPv6 over IPv4 Tunnels
            1. IPv6 over GRE
            2. 6to4
          3. IPv6 over MPLS
            1. IPv6 over a Layer 2 Circuit
            2. IPv6 over an IPv4 Tunnel over MPLS
            3. IPv6 over 6PE
            4. Native IPv6 MPLS
        5. Translation Mechanisms (NAT-PT)
      4. 4. IPv6 Routing Protocols
        1. Distance Vector Routing Protocol
        2. Path Vector Routing Protocol
        3. Link-State Routing Protocol
        4. IPv6 Interior Gateway Protocols
          1. Routing Information Protocol next-generation
            1. Support for IPv6
            2. Configuration Example
          2. EIGRP for IPv6
            1. Support for IPv6
            2. Configuration Example
          3. OSPFv3
            1. Support for IPv6
            2. Configuration Example
          4. IS-IS for IPv6
            1. Support for IPv6
              1. Single Topology
              2. Multitopology
            2. Configuration Example
        5. BGP
          1. Use of MP-BGP Extensions for IPv6 Interdomain Routing
            1. BGP Peering
            2. BGP Next Hop
          2. BGP Configuration Example
        6. Site Multihoming
        7. Deploying IPv6 Routing Protocols
          1. Network Core
          2. Network Distribution/Edge
          3. Network Access
      5. 5. Implementing QoS
        1. QoS for IPv6
          1. Differences Between IPv6 and IPv4 QoS
            1. Layer 3 QoS
            2. Layer 2 QoS
            3. Link-Efficiency Mechanisms
          2. Differentiated Services
            1. Support for IPv6
            2. Configuration Example
          3. Integrated Services
            1. Support for IPv6
        2. QoS for IPv6 over MPLS
          1. Using DiffServ in a 6PE or 6VPE Environment
            1. Configuration Example
          2. Using RSVP-TE in a 6PE or 6VPE Environment
            1. Using Multiple BGP Next Hops
            2. COS-Based TE Tunnel Selection (CBTS)
        3. Deploying QoS for IPv6
          1. QoS in a Native IPv6 Deployment
          2. QoS in an MPLS-Based IPv6 Deployment
          3. IPv4 and IPv6 Coexistence
      6. 6. Providing IPv6 Multicast Services
        1. IPv6 Multicast
          1. Group Membership Management
            1. Multicast Listener Discovery
              1. Protocol Description
              2. Source Specific Multicast Mapping for MLDv1
              3. MLD Access Control and Explicit Tracking
            2. Multicast Layer 2 Protocols
          2. Multicast Routing and Forwarding
            1. Multicast Distribution Trees
            2. Reverse-Path Forwarding Determination
            3. Protocol Independent Multicast
              1. PIM-SM
              2. PIM-SSM
              3. PIM-Bidir
          3. Deployment Considerations
            1. Multicast Domain Control
            2. RP Mapping and Redundancy
              1. Static RP
              2. Bootstrap Router
              3. Embedded RP
              4. RP Redundancy
            3. Service Models
              1. ASM Versus SSM
              2. Intradomain Versus Interdomain ASM
            4. Multicast over Tunnels
            5. Multicast over MPLS Infrastructures
        2. IPv6 Multicast Deployment Examples
          1. SSM in a Service Provider Network
            1. Enabling IPv6 Multicast Routing
            2. MLD Configuration
            3. Tuning PIM
            4. Subscriber Joining the (S,G)
            5. IPv6 Multicast Traffic Forwarding
          2. ASM in an Enterprise Network
            1. Configuring BSR
            2. Configuring Candidate RP routers
            3. PIM Topology and Traffic Forwarding
            4. Operation with Embedded RP
      7. 7. VPN IPv6 Architecture and Services
        1. Virtual Private Network Overview
          1. Provider-Provisioned VPNs
          2. CE-Based VPNs
          3. PE-Based VPNs
          4. Addressing Considerations
          5. Security Considerations
        2. Using IPsec to Implement CE-Based VPNs
          1. Remote Access
          2. IPsec Tunnel Alternatives
          3. Routing
          4. IPv6 CE-Based VPN deployment
        3. BGP-MPLS IPv6 VPNs: A PE-Based VPN Solution
          1. Routing Table Segregation
          2. Routing Protocols for BGP-MPLS IPv6 VPN
          3. BGP Next Hop
          4. Building the Label Stack
          5. Forwarding in BGP-MPLS IPv6 VPN
          6. VRF Concepts and IPv6 Implementation
            1. Configuring a VRF
            2. Associating a VRF to an Interface
            3. VRF-Aware Router Commands
          7. Scaling IPv6 VPNs
          8. MP-BGP for VPNv6 at a Glance
        4. Topology Examples
          1. Using IPsec to Secure IPv6 over an IPv4 Tunnel
          2. Basic MPLS VPNv6 Topology
          3. Dual-Stack VPNs
          4. Route Reflectors
          5. Hub and Spoke
          6. Internet Access
          7. Interprovider VPNs
      8. 8. Advanced Services—IPv6 Mobility
        1. Chapter Overview
        2. IP Host Mobility
          1. Mobile IPv4 in a Nutshell
          2. Mobile IPv6
            1. Mobile IPv6 Operation Overview
            2. IPv6 Mobility Header
            3. Destination Option
            4. Dynamic Home Agent Address Discovery
            5. Route Optimization
            6. Mobile IPv6 Security
          3. Mobile IPv6 Deployment
            1. Configuration Example
            2. Using ACLs to Control MIPv6 Operation on the Home Agent
        3. Network Mobility
          1. Practical Use Cases
            1. Enterprise on the Move
            2. Home Gateway
            3. Personal-Area Network
            4. Internet-Enabled Car
            5. Sensor Network
            6. Fleet in Motion
          2. Object Model and Terminology
            1. Basic Operations
            2. What About NEMO?
          3. Home Network in NEMO
            1. Extended Home Network
            2. Aggregated Home Network
            3. Mobile Home Network
            4. Distributed Home Network
            5. Virtual Home Network
        4. IP Mobility in Nonmobile Scenarios
          1. IPv4 to IPv6 Transitioning
          2. Topology Hiding
          3. Community of Interest
          4. Route Projection
          5. Server Load Balancing
        5. Next Steps in Mobility
          1. Forthcoming Evolutions
            1. Faster Roaming
            2. Movement Detection
            3. Attachment Router Selection
            4. Integration with Mobile Ad-hoc Networking
            5. Multihoming
            6. Route Optimization for NEMO
          2. A Vision
      9. 9. Securing IPv6 Networks
        1. Security Threats and Best Practices to Protect Against Them
          1. Threats with New Considerations in IPv6
            1. Reconnaissance
              1. Characteristics
              2. Best Practices
            2. Unauthorized Access
              1. Characteristics
              2. Best Practices
            3. Header Manipulation
              1. Characteristics
              2. Best Practices
            4. Fragmentation
              1. Characteristics
              2. Best Practices
            5. Layer 3/Layer 4 Spoofing
              1. Characteristics
              2. Best Practices
            6. Host-Initialization and Address-Resolution Attacks
              1. Characteristics
              2. Best Practices
            7. Broadcast-Amplification Attacks (Smurf)
              1. Characteristics
              2. Best Practices
            8. Routing Attacks
              1. Characteristics
              2. Best Practices
            9. Viruses and Worms
              1. Characteristics
              2. Best Practices
            10. Transition-Mechanism Attacks
              1. Characteristics
              2. Best Practices
            11. A Note on Mobile IPv6 Security
          2. Threats with Similar Behavior in IPv4 and IPv6
            1. Sniffing
            2. Application Layer Attacks
            3. Rogue Devices
            4. Man-in-the-Middle Attacks
            5. Flooding Attacks
          3. 6PE Security
          4. A Note on VPN Security
        2. Tools Available for Securing IPv6 Networks
          1. IPsec for IPv6
            1. IPsec Concepts
            2. Using IPv4 IPsec to Secure IPv6 Tunnels
            3. Securing Router–to-Router Communication with IPv6 IPsec
          2. Access Control Lists
            1. Extended IPv6 ACLs and Stateful Filtering
            2. IPv6 ACLs and Fragmentation
            3. IPv6 Access List Example
          3. Firewall Functions
            1. Cisco IOS Firewall
            2. PIX Firewall
          4. Authentication, Authorization, and Accounting
          5. Unicast Reverse Path Forwarding
          6. Protecting the Control Plane with Rate Limiting
        3. Summary of Best Practices for Securing IPv6 Deployments
      10. 10. Managing IPv6 Networks
        1. IPv6 Network Management: The Challenges
          1. Allocating IPv6 Addresses to Managed Nodes
          2. Integrating IPv6 and IPv4 Network Management
        2. Network-Management Architecture
        3. Retrieving Information from Routers and Switches
          1. SNMP and MIBs
            1. SNMP over IPv6
            2. IPv6 MIBs
            3. BGP and Other MIBs
            4. IPv6 MIB Example
          2. NetFlow
          3. IPfix
          4. Other Protocols (Telnet/SSH/RSH/TFTP/FTP)
        4. Fault Management
          1. Flow Analysis Using NetFlow
            1. Cisco NFC
            2. IPFlow
            3. Cisco Network Analysis Module
          2. Topology Management
          3. Routing Management
          4. Analysis for Troubleshooting
        5. Performance Management
          1. Cisco IOS IP Service-Level Agreements
          2. Other IPv6-Enabled Tools for Performance Analysis
        6. Configuration and Provisioning Management
        7. Management Platforms
          1. CiscoWorks
          2. Other Management Platforms
            1. HP OpenView
            2. Tivoli NetView
            3. InfoVista
        8. IPv6 Network Management Services and Tools at a Glance
      11. 11. Network Performance Considerations: Coexistence of IPv4 and IPv6
        1. Aspects of Router IPv6 Performance
          1. IPv6 Control Plane
          2. IPv6 and the Data Plane
        2. Measuring Forwarding Performance
        3. The Right Router for the Job
          1. Router Architecture Overview
            1. Software Versus Hardware Forwarding
            2. Centralized Versus Distributed Forwarding
          2. IPv6 Forwarding Performance of Cisco Routers
            1. Low-End Routers
            2. Mid-Range Routers
            3. High-End Routers
            4. 6PE Forwarding Performance
        4. IPv6 Router Performance Evaluation Checklist
    8. II. Deployment Case Studies
      1. 12. Generic Deployment Planning Guidelines
        1. Cost Analysis
          1. Host-Related Costs
          2. Network Elements–Related Costs
          3. Operations-Related Costs
        2. Address Policies and Registration Process
        3. Education
      2. 13. Deploying IPv6 in an MPLS Service Provider Network
        1. Network Environment
        2. Network Design Objectives
          1. EuropCom Services
            1. Internet Access
            2. L3VPN
            3. Carrier Supporting Carrier
            4. DNS Services
            5. Content Hosting/Storage
            6. Voice over IP
            7. Peer-to-Peer Applications and Other Services
        3. Network Design
          1. Access Design
          2. POP Design
          3. Core Design
            1. IGP Design Considerations
            2. MPLS Design Considerations
            3. QOS Design Considerations
            4. ICMP Design Considerations
          4. Edge Design
            1. PE Router Design and Implementation Considerations
            2. PE-CE Interface Design
            3. PE-CE Routing Design
              1. Static Routing Design Considerations
              2. BGP Routing Design
              3. IGP Routing Design
            4. PE-PE Routing Design
          5. Route Reflector Design
          6. VRF Design
          7. Inter-AS Design
        4. Basic Services Design and Implementation
          1. Global IPv6 Internet Access Design and Implementation
          2. Layer 3 MPLS VPN Service Design and Implementation
          3. VPN Internet Access Service Design and Implementation
          4. Carrier’s Carrier Service Design
        5. Quality of Service Design
        6. Operating and Troubleshooting the Network
          1. Service and Traffic Monitoring
          2. Addressing
            1. Link-Local Addresses
            2. Addresses for Management
            3. Using Unique-Local Addresses
            4. Inter-Provider Communications
            5. Multihoming
          3. MTU Discovery
          4. Security
            1. Securing the Edge
            2. Securing the 6PE Infrastructure
          5. Troubleshooting
            1. Routing
            2. Forwarding
              1. PE-CE Connectivity
              2. PE Imposition Path
              3. PE Disposition Path
              4. Label Switch Path
              5. Troubleshooting Routing and Forwarding
        7. Design Lessons
      3. 14. Deploying IPv6 in an IP Service Provider Network
        1. Network Environment and IPv4 Services
        2. IPv6 Deployment Plans
          1. Targeted IPv6 Services
            1. Unicast Connectivity
            2. Internet Access
            3. DNS Services
            4. Mail Services
            5. Content Hosting/Storage
            6. Voice over IP
            7. Content Delivery—Multicast
            8. Mobile IPv6—Communities of Interest
          2. Design Goals
          3. Design Options
            1. PPP/L2TP-Based Deployment Option
            2. Dual-Stack Deployment Option
        3. Basic Services Design and Implementation
          1. Addressing Plan
          2. Unicast Connectivity
            1. Access
            2. Edge and Core
            3. Service Rollout Plan
          3. DNS and Content Hosting/Storage
          4. Internet Access
        4. Advanced Services Design and Implementation
          1. Content Distribution—IPv6 Multicast
            1. IPv6 Multicast Service Design
              1. Content Management
              2. Content Transport
              3. Customer Interface
            2. IPv6 Multicast Implementation
          2. Quality of Service
            1. QoS Service Design
            2. QoS Implementation
        5. Operating and Troubleshooting the Network
          1. Securing the IPv6 Network
            1. Securing the Access
            2. Securing the Edge
            3. Securing the Data Center
          2. Managing the Network
          3. Troubleshooting
            1. Provisioning
            2. Unicast Routing and Forwarding
            3. Multicast Routing and Forwarding
        6. Deployment Lessons
      4. 15. Deploying IPv6 in an Enterprise Network
        1. Introducing AC Corporation
        2. AC Network Environment
          1. AC Network Infrastructure
            1. Headquarters
            2. Branch Offices
        3. Business Drivers to Integrate IPv6 on the AC Network
        4. Learning the Technology
          1. Expanding the Test Bed
            1. Domain Name Service (DNS)
            2. ISATAP Router
            3. IPv6 Internet-to-Campus Connectivity
            4. Expanding the IPv6 Intranet Testing
          2. Lessons from the Trial
        5. Moving IPv6 to Production
          1. Cost Analysis
          2. Operations
        6. Design and Setup
          1. IPv6 Addressing
            1. Prefix-Assignment Scheme
            2. Address Configuration Rules
          2. Dual-Stack Deployment
          3. Routing Protocols
          4. First-Hop Router Redundancy
            1. Tuning Neighbor Discovery
            2. Configuring Default Router Selection
            3. Enabling Cisco HSRP for IPv6
          5. Securing the IPv6 Deployment
          6. Multicast
          7. Network Management
          8. Mobility
          9. QoS
        7. Troubleshooting
        8. Future Evolutions
          1. Prefix Selection, Assignment Policies and Multihoming
          2. Security
          3. Market Expansion