SlideShare una empresa de Scribd logo

Transition to ipv6 cgv6-edited

Fred Bovy
Fred Bovy
Tecnología
1 de 12
Descargar para leer sin conexión
    White  Paper   Service  Provider  Transition  to  IPv6:  NAT,  NAT64,   6RD,  DS-­‐LITE  and  Carrier  Grade  IPv6           Email:  fred@fredbovy.com      
  Service  Provider  Transition  to  IPv6   2     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012       Table  of  Contents   1   Introduction:  Transition  Technologies  Needed  for  Decades  ........................................  3   2   Dual-­‐Stack  ..................................................................................................................  3   3   Network  Address  Translation  .....................................................................................  3   3.1   Network  Address  Translation  from  NAT  to  NPT6  ................................................................................  3   3.1.1   IPv4  to  IPv4  Translation:  NAT  or  NAT44  ..................................................................................................  3   3.1.2   IPv6  to  IPv6  Translation:  NAT66  to  NPT6  ................................................................................................  4   3.1.3   Network  Address  Translation  from  NAT-­‐PT  to  NAT464  ....................................................................  5   3.1.4   IPv4  to  IPv4  Translation:  Double  NAT  or  NAT444  ...............................................................................  5   4   Tunneling  ...................................................................................................................  8   4.1   IPv4  in  IPv6  Tunneling  +  NAT  (LSN):  DS-­‐Lite  .........................................................................................  8   4.2   IPv6  in  IPv4  Tunneling  ...................................................................................................................................  10   4.2.1   IPv6  in  IPv4  Static  Tunnels  ...........................................................................................................................  10   4.2.2   IPv6  in  IPv4  Automatic  Tunnels  .................................................................................................................  10   4.3   IPv6  in  IPv4  MPLS  Tunneling  ......................................................................................................................  12   5   Carrier  Grade  IPv6  (CGv6)  .........................................................................................  12   5.1   Network  Address  Translation  .....................................................................................................................  12   5.2   Tunneling.  ............................................................................................................................................................  12    
  Service  Provider  Transition  to  IPv6   3     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012       1 Introduction:  Transition  Technologies  Needed   As  connected  devices  become  more  pervasive,  available  IPv4  addresses  decline  and   soon  will  be  completely  depleted.  IPv6  has  been  around  for  more  than  10  years  and   supported  by  most  operating  systems  and  network  vendors.  Despite  this,  most  service   providers  and  companies  have  not  transitioned  to  this  next  generation  Internet   protocol.  As  a  consequence,  more  time  is  needed  to  allow  a  smooth  transition  to  IPv6.   Because  of  this,  you  may  need  to  support  mixed  IPv4  and  IPv6  networks  for  a  few  more   years.   Maximum  performance,  security,  and  other  benefits    will  be  achieved  once  the  transition  to   IPv6  is  complete.  Meanwhile,  features,  performance,  and  security  will  have  to  be   compromised  in  order  to  support  IPv4  nodes  and  applications.   There  are  three  transition  methods:   -­‐ Dual-­‐stack   -­‐ Network  Address  Translation  (NAT44,  NAT64,  DNS64,  NAT444,  NAT464)   -­‐ Tunneling  (6rd,  DS-­‐Lite,  6PE,  6VPE)   This  paper  discusses  each.   2 Dual-­‐Stack   Dual-­‐stack  is  the  preferred  transition  method.  All  workstation  and  server  operating   systems  (Windows,  MAC,  Linux)  come  configured  as  dual-­‐stack  by  default.  When  a  host   needs  to  transmit  a  packet,  it  sends  a  DNS  Request  to  get  an  address.  If  the  DNS  reply   includes  both  IPv6  and  IPv4  addresses,  it  will  prefer  the  IPv6.  The  only  drawback  of  this   method  is  the  duplicated  effort  to  maintain  IPv4  and  IPv6  concurrently.  Also,  you  must   apply  the  same  level  of  security  to  both  protocols  or  you  may  risk  that  IPv4  will  be  used   to  discover  the  nodes  and  IPv6  will  be  used  to  breach  security  if  the  IPv6  security  is  not   as  strong  as  IPv4  security.   3 Network  Address  Translation   When  the  Internet  community  became  concerned  about  IPv4  address  depletion,  they   created  workarounds.  These  workarounds  included  classless  interdomain  routing   (CIDR)  or  variable-­‐length  subnet  masking  (VLSM)  to  save  addresses,  Dynamic  Host   Configuration  Protocol  (DHCP)  for  better  address  management,  and  Network  Address   Translation  (NAT).   3.1 Network  Address  Translation  from  NAT  to  NPT6   3.1.1 IPv4  to  IPv4  Translation:  NAT  or  NAT44     Introduced  in  the  mid-­‐90s  to  support  private  addressing,  NAT  and  NAT44  extended  the   life  of  IPv4  by  making  people  think  that  address  depletion  would  no  longer  be  an  issue.   However,  NAT  also  introduced  some  side  effects—both  good  and  bad.  RFC2993   discusses  the  architectural  implications,  advantages,  and  problems  of  NAT.  
  Service  Provider  Transition  to  IPv6   4     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012       On  one  hand,  NAT  broke  the  end-­‐to-­‐end  IP  model.  Applications  that  must  be  supported,   like  DNS  or  FTP,  require  NAT  software  updates  (application  layer  gateway  [ALG]).  For   more  details  about  ALG,  see  RFC2663:  NAT  Terminology  and  Considerations.   When  an  inside  host  must  be  reachable  from  an  outside  public  space,  it  consumes  a   public  address  and  a  static  translation  must  be  configured.  Some  users  see  this  as  a   security  feature.  IPv4  firewalls  usually  do  NAT,  but  a  NAT  router  is  not  a  firewall!     Stateful  NAT  is  a  bottleneck,  a  single  point  of  failure,  and  can  be  the  target  of  denial  of   service  (DoS)  attacks.   On  the  other  hand,  with  NAT  and  private  addresses,  users  are  not  constrained  by  public   addresses  (address  independence).   NAT  also  permits  obscuring  the  end  user  network.  Hiding  topology  and  hosts  makes   some  people  think  that  NAT  is  an  important  security  feature.  For  these  reasons,  some   architects  will  not  consider  a  network  design  without  NAT!     RFC6092  provides  recommendations  for  implementing  security  in  an  IPv6  network.   This  document  also  differentiates  between  actual  security  and  the  features  of  NAT   gateways.   3.1.2 IPv6  to  IPv6  Translation:  NAT66  to  NPT6   With  the  introduction  of  IPv6  and  its  128-­‐bit  addresses,  NAT  was  no  longer  needed  to   provide  a  unique  address  to  Internet  users  and  the  end-­‐to-­‐end  IP  model  was  restored.   Larger  address  space  was  a  main  driver  for  IPv6.  The  introduction  of  NAT66  into  IPv6   was  a  frustration  for  IPv6  proponents.   In  addition  to  its  well-­‐known  problems,  NAT66  broke  the  security  implemented  by  IPSec   by  changing  the  IPv6  header.    But  proponents  of  NAT  did  not  like  that  NAT  benefits  were   missing  from  IPv6  and  also  argued  that  NAT  could  solve  the  multihoming  issue.  After   much  discussion  and  an  RFC  to  document  everything,  the  IETF  rejected  the  proposed   NAT66  drafts.   RFC5902  discusses  the  pros  and  cons  of  NAT66.  It  tries  to  justify  the  request  for  NAT66:     « 2. What is the problem? The discussions on the desire for IPv6 NAT can be summarized as follows. Network address translation is viewed as a solution to achieve a number of desired properties for individual networks: avoiding renumbering, facilitating multihoming, making configurations homogenous, hiding internal network details, and providing simple security. » RFC4864  explains  IPv6  solutions  to  the  NAT66  claimed  benefits  without  requiring  any   address  translation.  NAT  supporters  were  not  deterred.    They  responded  by  developing   a  simplified  stateless  NAT66  that  was  renamed  Network  Prefix  Translation  or  NPT6,   which  was  approved  in  RFC6296.  
  Service  Provider  Transition  to  IPv6   5     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012       3.1.3 Network  Address  Translation  from  NAT-­‐PT  to  NAT464   3.1.3.1 NAT-­‐PT  (RFC2766)   For  transitioning  to  IPv6,  Network  Address  Translator-­‐Protocol  Translator  (NAT-­‐PT)   was  the  first  protocol  translation  method  implemented  by  Cisco  IOS.   NAT-­‐PT  equates  to  NAT64  +  NAT46  +  ALG.   NAT64  is  the  NAT  translation  initiated  by  the  IPv6  side,  and  NAT46  was  initiated  by  the   IPv4  side.  NAT-­‐PT  was  the  answer  for  all  the  cases,  but  it  consumed  many  resources  and   IOS  running  NAT-­‐PT  was  process  switching  with  the  very  low  performances  we  know.   Use  of  NAT-­‐PT  is  now  deprecated  (RFC4966).   3.1.3.2 NAT64/DNS64   3.1.3.2.1 What  is  the  problem  we  want  to  solve?   Workstations  run  dual-­‐stack  by  default.  Equipment  using  Windows,  MAC  OS,  and  Linux   operating  systems  is  set  up  with  dual  stack  by  default.  It  is  not  difficult  to  upgrade  a   workstation  if  it  runs  an  old  operating  system  without  dual  stack.  From  the  initialization   side,  IPv6  support  is  not  the  problem.  On  the  other  hand,  it  may  be  more  difficult  to   upgrade  an  application  to  support  IPv6.     3.1.3.2.2 DNS64  (RFC6147)   NAT64  relies  on  DNS64  to  manage  the  DNS  request  and  send  a  reply  to  the  source  with   an  IPv6  prefix  built  from  the  IPv4  address  received  from  the  target  node.  DNS64  first   sends  a  request  for  a  AAAA  prefix.  If  it  receives  an  error,  it  then  tries  to  ask  an  A  prefix.   Then  if  it  receives  an  answer,  DNS64  converts  it  to  a  AAAA  IPv6  prefix.   This  IPv6  address  is  built  using  a  NAT64  well-­‐known  prefix  (64:FF9B::/96)  followed  by   the  IPv4  address  coded  as  an  IPv6  address.  The  A  record  with  193.45.5.1  address  will  be   converted  to  the  AAAA  record  with  64:FF9B::193.45.5.1  or  64:FF9B::C12D:501  address.   3.1.3.2.3 Stateless  or  Stateful  NAT64   The  packet  from  the  source  is  routed  to  the  NAT64  box  using  the  normal  IPv6  routing.   The  NAT64  box  translates  the  IPv6  packet  to  an  IPv4  packet  and  sends  it  to  the  target.  It   also  performs  the  opposite  when  the  answer  comes  back  from  the  IPv4  host.   NAT64  can  be  stateless  (see  RFC6052)  or  stateful  (see  RFC6145,  RFC6146  and   RFC6052).  Stateless  means  that  an  IPv4  address  is  needed  for  each  translated  IPv6   address.  Stateful  is  required  if  multiple  IPv6  addresses  must  map  to  the  same  IPv4   address.   3.1.4 IPv4  to  IPv4  Translation:  Double  NAT  or  NAT444   NAT  at  the  CPE  has  already  permitted  to  IPv4  to  last  for  20  more  years  and  now  the  ISPs   are  starting  to  use  NAT  one  more  time  at  the  next  level  with  NAT444.  NAT444  refers  to   double  NAT,  where  NAT44  is  performed  a  first  time  by  the  CPE  at  the  customer’s  site   and  then  a  second  time  by  the  service  provider.  Carrier-­‐grade  NAT  (CGN)  and  large-­‐ scale  NAT  (  LSN)  refer  to  NAT  running  at  the  service  provider  instead  of  the  CPE.  
  Service  Provider  Transition  to  IPv6   6     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012         Figure  1.  NAT  444   A  device  in  a  customer  network  might  send  a  packet  to  an  Internet  destination  with  a   source  address  of  10.1.1.1.  The  CPE  NAT  translates  the  source  address  to,  for  example,   172.16.1.1  with  accompanying  port  mapping.  At  the  LSN,  the  source  address  is   translated  to  the  public  IPv4  address,  say  201.15.83.1  again  with  port  mapping,  and  the   packet  is  routed  to  the  destination.  Responding  packets  to  201.15.83.1  are  routed  to  the   service  provider’s  aggregate  IPv4  address,  then  to  the  appropriate  LSN,  which  translates   the  destination  address  back  to  172.16.0.1  and  forwards  the  packet  to  the   corresponding  CPE  NAT,  which  translates  the  destination  address  to  10.1.1.1.   This  looks  simple,  but  this  design  is  not  without  issues.   One  issue  is  scalability.  Behind  the  CPE,  the  customer  may  be  running  many  devices.   Each  device  may  generate  many  data  streams.  There  is  not  yet  enough  production   experience  to  know  the  upper  boundaries  of  how  many  customer  networks  a  single  LSN   can  manage,  either  in  terms  of  performance  or  in  terms  of  mapping  steams  to  a  single   public  IPv4  address.     Also,  it  becomes  impossible  to  track  a  user  using  its  IP  address.  If  a  new  application   requires  an  ALG,  it  must  be  installed  by  the  SP.   Another  issue  is  the  possibility  of  address  overlaps  between  the  customer’s  network  and   the  private  addresses  used  by  the  service  provider.  For  example,  if  the  provider  uses   addresses  out  of  the  172.16.0.0/12  block  between  the  LSN  and  the  CPE  NAT,  and  the   customer  addresses  his  network  out  of  the  same  block,  uniqueness  between  the  two   zones  is  lost  and  packets  might  be  misrouted.  Insuring  that  customers  use  non-­‐ conflicting  address  ranges  can  be  an  administrative  headache  for  the  provider.  
  Service  Provider  Transition  to  IPv6   7     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012             Figure  2.  Firewall  Blocks  Packets  with  Private  Source  Address     Yet  another  issue  occurs  when  a  customer  wants  to  send  packets  to  another  customer   behind  the  same  LSN.  Filtering  policies  in  firewalls,  router  ACLs,  and  even  servers  often   block  packets  from  outside  the  network  that  have  private  source  addresses.  To   circumvent  this  problem,  packets  must  pass  through  the  LSN  so  that  their  source   addresses  can  be  translated  to  a  public  address  and  then  switched  back  through  the  LSN   to  the  destination.  LSN  resources  are  consumed  even  though  the  packets  are  not  going   to  a  destination  beyond  the  LSN.   A  proposed  solution  to  these  problems  is  to  reserve  a  block  of  the  remaining  public  IPv4   space  as  an  “ISP  shared  address”  space.  Because  the  address  block  would  be  reserved   for  use  in  NAT444  architectures,  the  same  addresses  can  be  used  behind  different  LSNs   the  same  way  RFC1918  addresses  are  used  for  private  networks.  Because  the  address   would  not  be  RFC1918  addresses,  they  would  not  conflict  with  the  private  addresses  in   any  customer  network.  Also  because  they  are  not  RFC1918  addresses,  filtering  policies   will  not  block  them.  Packet  flows  between  customers  behind  the  same  LSN  will  not  have   to  pass  through  the  LSN.   Another  solution  is  to  use  IPv6  on  the  CPE  NAT-­‐to-­‐LSN  link;  this  is  NAT464.  It  will  go  in   the  good  direction  with  IPv6  between  the  customer  and  the  service  provider.  
  Service  Provider  Transition  to  IPv6   8     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012       3.1.4.1 NAT464   A  problem  with  this  design  is  that  now  the  CPE  must  perform  NAT46  address   translation  instead  of  NAT44.  This  design  will  require  upgrading  all  the  CPEs,  which  is   an  expensive  solution.     Figure  3.  NAT464   4 Tunneling   There  are  a  few  choices  for  encapsulating  IPv4  in  IPv6,  IPv6  in  IPv4,  or  IPv6  in  MPLS   IPv4.   4.1 IPv4  in  IPv6  Tunneling  +  NAT  (LSN):  DS-­‐Lite   Because  all  customers  will  not  migrate  at  once  to  IPv6,  a  big  problem  for  service   providers  is  supporting  RFC1918  IPv4  customers  after  the  backbone  has  migrated  to   IPv6.    Dual  Stack  Lite  (DS-­‐Lite)  solves  this  with  IPv4  in  IPv6  tunneling  and  NAT44.   Another  problem  is  that  all  the  applications  will  not  migrate  to  IPv6  at  once  either  and   the  clients  will  need  to  run  IPv4  and  dual-­‐stack  for  a  while  to  access  the  IPv4  servers.   DS-­‐Lite  will  permit  this.   DS-­‐Lite  uses  the  IPv6  source  address  of  the  tunnel  with  the  IPv4  source  address  and  the   source  port  number  to  identify  each  tunnel  source  endpoint.  Without  this,  there  would   be  no  way  to  differentiate  two  overlapping  customers  using  the  same  RFC1918  private   address.    
  Service  Provider  Transition  to  IPv6   9     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012           Figure  4.  DS-­‐Lite  IPv4  in  IPv6  Tunnel     Figure  5.  DS-­‐Lite  =  IPv4  in  IPv6  Tunnel  +  LSN  
  Service  Provider  Transition  to  IPv6   1 0     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012         Figure  7.  IPv6  Routed  Directly.  IPv4  Routed  to  LSN.   4.2 IPv6  in  IPv4  Tunneling   IPv6  in  IPv4  was  the  first  overlay  tunnel  used  during  the  transition  to  IPv6.  The  first   experimental  IPv6  network,  the  6BONE,  was  created  from  overlay  tunnels  connecting   IPv6  islands  across  the  IPv4  Internet.     IPv6  in  IPv4  tunnels  can  be  statically  or  automatically  configured.   4.2.1 IPv6  in  IPv4  Static  Tunnels   For  IPv6  in  IPv4  static  tunnels  or  6in4  static,  you  must  configure  the  tunnel  source  and   destination  IPv4  addresses.  This  is  the  least  unsecure  option  as  you  can  control  the   source  and  destination  of  the  tunnel.  If  possible,  use  IPSec  to  secure  these  tunnels.   4.2.2 IPv6  in  IPv4  Automatic  Tunnels   With  automatic  tunnels,  you  don’t  need  to  configure  the  IPv4  destination  of  the  tunnel.   Automatic  tunnels  also  provide  IPv6  addressing.  Teredo  and  Intra-­‐Site  Automatic   Tunnel  Addressing  Protocol  (ISATAP)  automatic  tunnels  are  not  intended  for  service   providers  and  are  not  discussed  here.   4.2.2.1 6to4:  The  Origin  (RFC3056)   The  first  popular  automatic  tunnels  were  6to4.  These  tunnels  solved  two  problems:  IPv6   addressing  and  automatic  destination  tunnel  configuration.  They  provided  the  reserved   IPv6  prefix—2002::/16.  Following  this  prefix  was  the  6to4  gateway  public  IPv4   address.    This  way,  the  destination  IPv4  address  of  the  tunnel  was  coded  in  the  
  Service  Provider  Transition  to  IPv6   1 1     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012       destination  IPv6  address.  For  instance,  if  a  6to4  gateway  public  IPv4  address  was   193.2.4.5,  the  IPv6  site  that  would  be  reachable  from  this  6to4  gateway  would  use  the   prefix  2002:193.2.4.5::/48  or  2002:c102:405::/48.   Microsoft  provided  6to4  relays  on  the  Internet  using  the  IPv4  anycast  address   192.88.99.1  for  anyone  using  6to4  to  have  access  to  the  IPv6  Internet  from  IPv4.   For  ISPs,  the  biggest  problem  with  6to4  is  the  lack  of  flexibility  due  to  the  fixed   2002::/16  prefix.  6to4  also  lacks  basic  security  features  (RFC3964).   6to4  is  now  deprecated.         4.2.2.2 6rd:  The  Next  Generation  (RFC5969)   Free  Telecom,  a  French  ISP,  customized  the  code  of  a  6to4  platform  to  accept  any  ISP   prefix  instead  of  2002::/16  and  provided  instant  IPv6  access  to  their  customers.  They   provided  the  relays  to  access  the  IPv6  Internet  and  called  this  6rd  for  IPv6  Rapid   Deployment.  6rd  became  the  de  facto  standard  for  service  providers  with  an  IPv4   backbone  to  provide  IPv6  service  to  their  customers.   6rd  was  implemented  in  Cisco  IOS  Software  Release  15.1(3)T  and  is  documented  in   RFC5969.     Figure  6.  6rd,  6to4  with  a  Customized  Prefix      
  Service  Provider  Transition  to  IPv6   1 2     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012       4.3 IPv6  in  IPv4  MPLS  Tunneling   For  service  providers  with  an  IPv4  MPLS  backbone,  the  transition  methods  are  IPv6   Provider  Edge  Router  (6PE)  and  IPv6  VPN  Provider  Edge  Router  (6VPE).   6PE  is  for  the  transport  of  IPv6  on  top  of  MPLS  IPv4.  6VPE  adds  the  support  of  IPv6  in   MPLS-­‐VPN.  The  VRF  can  be  dual-­‐stack.  Both  are  stable,  efficient,  and  scalable  methods  to   provide  IPv6  services  over  an  IPv4  MPLS  backbone.   While  6PE  and  6VPE  are  important  transition  methods  for  service  providers,  they  are   not  discussed  in  this  white  paper.   5  Carrier  Grade  IPv6  (CGv6)   CGv6  is  the  Cisco  solution  to  support  service  providers  during  the  transition  to  IPv6.   CGv6  runs  on  a  dedicated  carrier-­‐grade  service  engine  on  the  CRS-­‐1.  CGv6  is  also   available  on  Cisco  ASR  9000  with  IOS-­‐XR  and  Cisco  ASR  1000  with  Cisco  IOS-­‐XE   Software.   5.1 Network  Address  Translation   CGv6  supports  double  NAT444  where  NAT44  is  performed  at  the  CPE  and  again  at  the   service  provider.  CGv6  also  supports  Address  Family  Translation  or  IVI,  which   represents  the  Roman  numerals  for  4  (IV)  and  6  (VI);  in  other  words,  NAT46  and   NAT64.   5.2 Tunneling.   CGv6  supports  6rd  and  DS-­‐Lite.   For  more  information  about  the  Cisco  CGv6  solution,  visit   http://www.cisco.com/go/cgv6  and  http://www.ccmi.com/IPv6/Cisco_CGv6.pdf                   Fred BOVY, CCIE #3013 fred@fredbovy.com

Recomendados

Signpost at FOCI 2013
Signpost at FOCI 2013Signpost at FOCI 2013
Signpost at FOCI 2013
Amir Chaudhry
 
DDS Advanced Tutorial - OMG June 2013 Berlin Meeting
DDS Advanced Tutorial - OMG June 2013 Berlin MeetingDDS Advanced Tutorial - OMG June 2013 Berlin Meeting
DDS Advanced Tutorial - OMG June 2013 Berlin Meeting
Jaime Martin Losa
 
DASH7 Webinar: Working With Open Tag For Mode 2
DASH7 Webinar: Working With Open Tag For Mode 2DASH7 Webinar: Working With Open Tag For Mode 2
DASH7 Webinar: Working With Open Tag For Mode 2
Haystack Technologies
 
RTI Connext 5.1.0
RTI Connext 5.1.0RTI Connext 5.1.0
RTI Connext 5.1.0
Jan Van Bruaene
 
Fiware: Connecting to robots
Fiware: Connecting to robotsFiware: Connecting to robots
Fiware: Connecting to robots
Jaime Martin Losa
 
IPv6 Adressvergabe und Adressierung
IPv6 Adressvergabe und AdressierungIPv6 Adressvergabe und Adressierung
IPv6 Adressvergabe und Adressierung
Swiss IPv6 Council
 
IPv6 strategy for deployment at ETH Switzerland
IPv6 strategy for deployment at ETH SwitzerlandIPv6 strategy for deployment at ETH Switzerland
IPv6 strategy for deployment at ETH Switzerland
Swiss IPv6 Council
 
RTI Connext 5.2.0
RTI Connext 5.2.0RTI Connext 5.2.0
RTI Connext 5.2.0
Jan Van Bruaene
 

Recomendados

Signpost at FOCI 2013
Signpost at FOCI 2013Signpost at FOCI 2013
Signpost at FOCI 2013
Amir Chaudhry
 
DDS Advanced Tutorial - OMG June 2013 Berlin Meeting
DDS Advanced Tutorial - OMG June 2013 Berlin MeetingDDS Advanced Tutorial - OMG June 2013 Berlin Meeting
DDS Advanced Tutorial - OMG June 2013 Berlin Meeting
Jaime Martin Losa
 
DASH7 Webinar: Working With Open Tag For Mode 2
DASH7 Webinar: Working With Open Tag For Mode 2DASH7 Webinar: Working With Open Tag For Mode 2
DASH7 Webinar: Working With Open Tag For Mode 2
Haystack Technologies
 
RTI Connext 5.1.0
RTI Connext 5.1.0RTI Connext 5.1.0
RTI Connext 5.1.0
Jan Van Bruaene
 
Fiware: Connecting to robots
Fiware: Connecting to robotsFiware: Connecting to robots
Fiware: Connecting to robots
Jaime Martin Losa
 
IPv6 Adressvergabe und Adressierung
IPv6 Adressvergabe und AdressierungIPv6 Adressvergabe und Adressierung
IPv6 Adressvergabe und Adressierung
Swiss IPv6 Council
 
IPv6 strategy for deployment at ETH Switzerland
IPv6 strategy for deployment at ETH SwitzerlandIPv6 strategy for deployment at ETH Switzerland
IPv6 strategy for deployment at ETH Switzerland
Swiss IPv6 Council
 
RTI Connext 5.2.0
RTI Connext 5.2.0RTI Connext 5.2.0
RTI Connext 5.2.0
Jan Van Bruaene
 
Eric Vyncke - Layer-2 security, ipv6 norway
Eric Vyncke - Layer-2 security, ipv6 norwayEric Vyncke - Layer-2 security, ipv6 norway
Eric Vyncke - Layer-2 security, ipv6 norway
IKT-Norge
 
OpenTag Webinar
OpenTag WebinarOpenTag Webinar
OpenTag Webinar
DASH7 Alliance
 
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
Mark Smith
 
Henrik Strøm - IPv6 from the attacker's perspective
Henrik Strøm - IPv6 from the attacker's perspectiveHenrik Strøm - IPv6 from the attacker's perspective
Henrik Strøm - IPv6 from the attacker's perspective
IKT-Norge
 
IPv6 Security und Hacking
IPv6 Security und HackingIPv6 Security und Hacking
IPv6 Security und Hacking
Swiss IPv6 Council
 
Building DASH7 Apps with OpenTag
Building DASH7 Apps with OpenTagBuilding DASH7 Apps with OpenTag
Building DASH7 Apps with OpenTag
Haystack Technologies
 
AusNOG 2016 - The Trouble with NAT
AusNOG 2016 - The Trouble with NATAusNOG 2016 - The Trouble with NAT
AusNOG 2016 - The Trouble with NAT
Mark Smith
 
DDS over Low Bandwidth Data Links - Connext Conf London October 2014
DDS over Low Bandwidth Data Links - Connext Conf London October 2014DDS over Low Bandwidth Data Links - Connext Conf London October 2014
DDS over Low Bandwidth Data Links - Connext Conf London October 2014
Jaime Martin Losa
 
RESUME
RESUMERESUME
RESUME
James Craven
 
Eric Vyncke - IPv6 security in general
Eric Vyncke - IPv6 security in generalEric Vyncke - IPv6 security in general
Eric Vyncke - IPv6 security in general
IKT-Norge
 
Understanding i pv6 2
Understanding i pv6 2Understanding i pv6 2
Understanding i pv6 2
srmanjuskp
 
LISP_in_Secure_Networks_WP
LISP_in_Secure_Networks_WPLISP_in_Secure_Networks_WP
LISP_in_Secure_Networks_WP
Craig Hill
 
IPv6-strategic-planning-framework
IPv6-strategic-planning-frameworkIPv6-strategic-planning-framework
IPv6-strategic-planning-framework
Tim Martin
 
IPv6 address-planning
IPv6 address-planningIPv6 address-planning
IPv6 address-planning
Tim Martin
 
eProsima RPC over DDS - OMG June 2013 Berlin Meeting
eProsima RPC over DDS - OMG June 2013 Berlin MeetingeProsima RPC over DDS - OMG June 2013 Berlin Meeting
eProsima RPC over DDS - OMG June 2013 Berlin Meeting
Jaime Martin Losa
 
Swisscom: Testing von IPv6 Security Devices
Swisscom: Testing von IPv6 Security DevicesSwisscom: Testing von IPv6 Security Devices
Swisscom: Testing von IPv6 Security Devices
Swiss IPv6 Council
 
LF_DPDK17_Serverless DPDK - How SmartNIC resident DPDK Accelerates Packet Pro...
LF_DPDK17_Serverless DPDK - How SmartNIC resident DPDK Accelerates Packet Pro...LF_DPDK17_Serverless DPDK - How SmartNIC resident DPDK Accelerates Packet Pro...
LF_DPDK17_Serverless DPDK - How SmartNIC resident DPDK Accelerates Packet Pro...
LF_DPDK
 
Fiware - communicating with ROS robots using Fast RTPS
Fiware - communicating with ROS robots using Fast RTPSFiware - communicating with ROS robots using Fast RTPS
Fiware - communicating with ROS robots using Fast RTPS
Jaime Martin Losa
 
Ole Ipv4onlifesupport
Ole Ipv4onlifesupport Ole Ipv4onlifesupport
Ole Ipv4onlifesupport
IPv6no
 
LF_DPDK17_DPDK with KNI – Pushing the Performance of an SDWAN Gateway to High...
LF_DPDK17_DPDK with KNI – Pushing the Performance of an SDWAN Gateway to High...LF_DPDK17_DPDK with KNI – Pushing the Performance of an SDWAN Gateway to High...
LF_DPDK17_DPDK with KNI – Pushing the Performance of an SDWAN Gateway to High...
LF_DPDK
 
Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0
Fred Bovy
 
A Survey On Next Generation Internet Protocol IPv6
A Survey On Next Generation Internet Protocol IPv6A Survey On Next Generation Internet Protocol IPv6
A Survey On Next Generation Internet Protocol IPv6
Carrie Romero
 

Más contenido relacionado

La actualidad más candente

AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
Mark Smith
 
AusNOG 2016 - The Trouble with NAT
AusNOG 2016 - The Trouble with NATAusNOG 2016 - The Trouble with NAT
AusNOG 2016 - The Trouble with NAT
Mark Smith
 
Understanding i pv6 2
Understanding i pv6 2Understanding i pv6 2
Understanding i pv6 2
srmanjuskp
 
LISP_in_Secure_Networks_WP
LISP_in_Secure_Networks_WPLISP_in_Secure_Networks_WP
LISP_in_Secure_Networks_WP
Craig Hill
 
eProsima RPC over DDS - OMG June 2013 Berlin Meeting
eProsima RPC over DDS - OMG June 2013 Berlin MeetingeProsima RPC over DDS - OMG June 2013 Berlin Meeting
eProsima RPC over DDS - OMG June 2013 Berlin Meeting
Jaime Martin Losa
 
Swisscom: Testing von IPv6 Security Devices
Swisscom: Testing von IPv6 Security DevicesSwisscom: Testing von IPv6 Security Devices
Swisscom: Testing von IPv6 Security Devices
Swiss IPv6 Council
 
LF_DPDK17_Serverless DPDK - How SmartNIC resident DPDK Accelerates Packet Pro...
LF_DPDK17_Serverless DPDK - How SmartNIC resident DPDK Accelerates Packet Pro...LF_DPDK17_Serverless DPDK - How SmartNIC resident DPDK Accelerates Packet Pro...
LF_DPDK17_Serverless DPDK - How SmartNIC resident DPDK Accelerates Packet Pro...
LF_DPDK
 
Ole Ipv4onlifesupport
Ole Ipv4onlifesupport Ole Ipv4onlifesupport
Ole Ipv4onlifesupport
IPv6no
 
LF_DPDK17_DPDK with KNI – Pushing the Performance of an SDWAN Gateway to High...
LF_DPDK17_DPDK with KNI – Pushing the Performance of an SDWAN Gateway to High...LF_DPDK17_DPDK with KNI – Pushing the Performance of an SDWAN Gateway to High...
LF_DPDK17_DPDK with KNI – Pushing the Performance of an SDWAN Gateway to High...
LF_DPDK
 

La actualidad más candente (20)

Eric Vyncke - Layer-2 security, ipv6 norway
Eric Vyncke - Layer-2 security, ipv6 norwayEric Vyncke - Layer-2 security, ipv6 norway
Eric Vyncke - Layer-2 security, ipv6 norway
 
OpenTag Webinar
OpenTag WebinarOpenTag Webinar
OpenTag Webinar
 
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
 
Henrik Strøm - IPv6 from the attacker's perspective
Henrik Strøm - IPv6 from the attacker's perspectiveHenrik Strøm - IPv6 from the attacker's perspective
Henrik Strøm - IPv6 from the attacker's perspective
 
IPv6 Security und Hacking
IPv6 Security und HackingIPv6 Security und Hacking
IPv6 Security und Hacking
 
Building DASH7 Apps with OpenTag
Building DASH7 Apps with OpenTagBuilding DASH7 Apps with OpenTag
Building DASH7 Apps with OpenTag
 
AusNOG 2016 - The Trouble with NAT
AusNOG 2016 - The Trouble with NATAusNOG 2016 - The Trouble with NAT
AusNOG 2016 - The Trouble with NAT
 
DDS over Low Bandwidth Data Links - Connext Conf London October 2014
DDS over Low Bandwidth Data Links - Connext Conf London October 2014DDS over Low Bandwidth Data Links - Connext Conf London October 2014
DDS over Low Bandwidth Data Links - Connext Conf London October 2014
 
RESUME
RESUMERESUME
RESUME
 
Eric Vyncke - IPv6 security in general
Eric Vyncke - IPv6 security in generalEric Vyncke - IPv6 security in general
Eric Vyncke - IPv6 security in general
 
Understanding i pv6 2
Understanding i pv6 2Understanding i pv6 2
Understanding i pv6 2
 
LISP_in_Secure_Networks_WP
LISP_in_Secure_Networks_WPLISP_in_Secure_Networks_WP
LISP_in_Secure_Networks_WP
 
IPv6-strategic-planning-framework
IPv6-strategic-planning-frameworkIPv6-strategic-planning-framework
IPv6-strategic-planning-framework
 
IPv6 address-planning
IPv6 address-planningIPv6 address-planning
IPv6 address-planning
 
eProsima RPC over DDS - OMG June 2013 Berlin Meeting
eProsima RPC over DDS - OMG June 2013 Berlin MeetingeProsima RPC over DDS - OMG June 2013 Berlin Meeting
eProsima RPC over DDS - OMG June 2013 Berlin Meeting
 
Swisscom: Testing von IPv6 Security Devices
Swisscom: Testing von IPv6 Security DevicesSwisscom: Testing von IPv6 Security Devices
Swisscom: Testing von IPv6 Security Devices
 
LF_DPDK17_Serverless DPDK - How SmartNIC resident DPDK Accelerates Packet Pro...
LF_DPDK17_Serverless DPDK - How SmartNIC resident DPDK Accelerates Packet Pro...LF_DPDK17_Serverless DPDK - How SmartNIC resident DPDK Accelerates Packet Pro...
LF_DPDK17_Serverless DPDK - How SmartNIC resident DPDK Accelerates Packet Pro...
 
Fiware - communicating with ROS robots using Fast RTPS
Fiware - communicating with ROS robots using Fast RTPSFiware - communicating with ROS robots using Fast RTPS
Fiware - communicating with ROS robots using Fast RTPS
 
Ole Ipv4onlifesupport
Ole Ipv4onlifesupport Ole Ipv4onlifesupport
Ole Ipv4onlifesupport
 
LF_DPDK17_DPDK with KNI – Pushing the Performance of an SDWAN Gateway to High...
LF_DPDK17_DPDK with KNI – Pushing the Performance of an SDWAN Gateway to High...LF_DPDK17_DPDK with KNI – Pushing the Performance of an SDWAN Gateway to High...
LF_DPDK17_DPDK with KNI – Pushing the Performance of an SDWAN Gateway to High...
 

Similar a Transition to ipv6 cgv6-edited

On the migration of a large scale network from i pv4 to ipv6 environment
On the migration of a large scale network from i pv4 to ipv6 environmentOn the migration of a large scale network from i pv4 to ipv6 environment
On the migration of a large scale network from i pv4 to ipv6 environment
IJCNCJournal
 
Ieee Transition Of I Pv4 To I Pv6 Network Applications
Ieee Transition Of I Pv4 To I Pv6 Network ApplicationsIeee Transition Of I Pv4 To I Pv6 Network Applications
Ieee Transition Of I Pv4 To I Pv6 Network Applications
guest0215f3
 
Internet Protocol Version 6 By Suvo 2002
Internet Protocol Version 6 By Suvo 2002Internet Protocol Version 6 By Suvo 2002
Internet Protocol Version 6 By Suvo 2002
suvobgd
 
Network optimization of ipv6 networks using tunnel header compression
Network optimization of ipv6 networks using tunnel header compressionNetwork optimization of ipv6 networks using tunnel header compression
Network optimization of ipv6 networks using tunnel header compression
eSAT Journals
 
Iccsit 2010 paper1
Iccsit 2010 paper1Iccsit 2010 paper1
Iccsit 2010 paper1
hanums1
 
ANALYSIS OF IPV6 TRANSITION TECHNOLOGIES
ANALYSIS OF IPV6 TRANSITION TECHNOLOGIESANALYSIS OF IPV6 TRANSITION TECHNOLOGIES
ANALYSIS OF IPV6 TRANSITION TECHNOLOGIES
IJCNCJournal
 
Research the issues that you might face as a network administrator whe.docx
Research the issues that you might face as a network administrator whe.docxResearch the issues that you might face as a network administrator whe.docx
Research the issues that you might face as a network administrator whe.docx
acarolyn
 

Similar a Transition to ipv6 cgv6-edited (20)

Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0
 
A Survey On Next Generation Internet Protocol IPv6
A Survey On Next Generation Internet Protocol IPv6A Survey On Next Generation Internet Protocol IPv6
A Survey On Next Generation Internet Protocol IPv6
 
RASHMI VT REPORT
RASHMI VT REPORTRASHMI VT REPORT
RASHMI VT REPORT
 
I pv6
I pv6I pv6
I pv6
 
Ipv4 Vs Ipv6
Ipv4 Vs Ipv6Ipv4 Vs Ipv6
Ipv4 Vs Ipv6
 
IRJET- Evaluating the Impact of IPv4 to IPv6 Tunneling with MPLS on VOIP
IRJET- Evaluating the Impact of IPv4 to IPv6 Tunneling with MPLS on VOIPIRJET- Evaluating the Impact of IPv4 to IPv6 Tunneling with MPLS on VOIP
IRJET- Evaluating the Impact of IPv4 to IPv6 Tunneling with MPLS on VOIP
 
On the migration of a large scale network from i pv4 to ipv6 environment
On the migration of a large scale network from i pv4 to ipv6 environmentOn the migration of a large scale network from i pv4 to ipv6 environment
On the migration of a large scale network from i pv4 to ipv6 environment
 
3hows
3hows3hows
3hows
 
ION Malta - Seeweb Thoughts on IPv6 Transition
ION Malta - Seeweb Thoughts on IPv6 TransitionION Malta - Seeweb Thoughts on IPv6 Transition
ION Malta - Seeweb Thoughts on IPv6 Transition
 
IPv6
IPv6IPv6
IPv6
 
Ipv4 vs Ipv6 comparison
Ipv4 vs Ipv6 comparisonIpv4 vs Ipv6 comparison
Ipv4 vs Ipv6 comparison
 
Ipv6 Advantages And Disadvantages
Ipv6 Advantages And DisadvantagesIpv6 Advantages And Disadvantages
Ipv6 Advantages And Disadvantages
 
Ieee Transition Of I Pv4 To I Pv6 Network Applications
Ieee Transition Of I Pv4 To I Pv6 Network ApplicationsIeee Transition Of I Pv4 To I Pv6 Network Applications
Ieee Transition Of I Pv4 To I Pv6 Network Applications
 
Internet Protocol Version 6 By Suvo 2002
Internet Protocol Version 6 By Suvo 2002Internet Protocol Version 6 By Suvo 2002
Internet Protocol Version 6 By Suvo 2002
 
Implementation of “Traslator Strategy” For Migration of Ipv4 to Ipv6
Implementation of “Traslator Strategy” For Migration of Ipv4 to Ipv6Implementation of “Traslator Strategy” For Migration of Ipv4 to Ipv6
Implementation of “Traslator Strategy” For Migration of Ipv4 to Ipv6
 
Network optimization of ipv6 networks using tunnel header compression
Network optimization of ipv6 networks using tunnel header compressionNetwork optimization of ipv6 networks using tunnel header compression
Network optimization of ipv6 networks using tunnel header compression
 
Iccsit 2010 paper1
Iccsit 2010 paper1Iccsit 2010 paper1
Iccsit 2010 paper1
 
Network Configuration Example: Configuring IS-IS Dual Stacking of IPv4 and IP...
Network Configuration Example: Configuring IS-IS Dual Stacking of IPv4 and IP...Network Configuration Example: Configuring IS-IS Dual Stacking of IPv4 and IP...
Network Configuration Example: Configuring IS-IS Dual Stacking of IPv4 and IP...
 
ANALYSIS OF IPV6 TRANSITION TECHNOLOGIES
ANALYSIS OF IPV6 TRANSITION TECHNOLOGIESANALYSIS OF IPV6 TRANSITION TECHNOLOGIES
ANALYSIS OF IPV6 TRANSITION TECHNOLOGIES
 
Research the issues that you might face as a network administrator whe.docx
Research the issues that you might face as a network administrator whe.docxResearch the issues that you might face as a network administrator whe.docx
Research the issues that you might face as a network administrator whe.docx
 

Más de Fred Bovy

Neighbor discoverydhcp
Neighbor discoverydhcpNeighbor discoverydhcp
Neighbor discoverydhcp
Fred Bovy
 
Inter as cisco1
Inter as cisco1Inter as cisco1
Inter as cisco1
Fred Bovy
 
I pv6 better than IPv4 but why ?
I pv6 better than IPv4 but why ?I pv6 better than IPv4 but why ?
I pv6 better than IPv4 but why ?
Fred Bovy
 
Fred explainsi pv6-v2-alpha
Fred explainsi pv6-v2-alphaFred explainsi pv6-v2-alpha
Fred explainsi pv6-v2-alpha
Fred Bovy
 
I pv6 tutorial
I pv6 tutorialI pv6 tutorial
I pv6 tutorial
Fred Bovy
 

Más de Fred Bovy (20)

Ospfv3 News version 2
Ospfv3 News version 2Ospfv3 News version 2
Ospfv3 News version 2
 
Ospfv3 primer
Ospfv3 primerOspfv3 primer
Ospfv3 primer
 
Osp fv3 cs
Osp fv3 csOsp fv3 cs
Osp fv3 cs
 
IPv6 training
IPv6 trainingIPv6 training
IPv6 training
 
CEFv6 in a nutshell
CEFv6 in a nutshellCEFv6 in a nutshell
CEFv6 in a nutshell
 
Routing ipv6 v3
Routing ipv6 v3Routing ipv6 v3
Routing ipv6 v3
 
Autoconfig
AutoconfigAutoconfig
Autoconfig
 
Neighbor discoverydhcp
Neighbor discoverydhcpNeighbor discoverydhcp
Neighbor discoverydhcp
 
Inter as cisco1
Inter as cisco1Inter as cisco1
Inter as cisco1
 
IPv6 in IPv4/MPLS in a Nutshell
IPv6 in IPv4/MPLS in a NutshellIPv6 in IPv4/MPLS in a Nutshell
IPv6 in IPv4/MPLS in a Nutshell
 
I pv6 better than IPv4 but why ?
I pv6 better than IPv4 but why ?I pv6 better than IPv4 but why ?
I pv6 better than IPv4 but why ?
 
Fred explainsi pv6-v2-alpha
Fred explainsi pv6-v2-alphaFred explainsi pv6-v2-alpha
Fred explainsi pv6-v2-alpha
 
Resume
ResumeResume
Resume
 
I pv6 tutorial
I pv6 tutorialI pv6 tutorial
I pv6 tutorial
 
Fred bovyresume@2
Fred bovyresume@2Fred bovyresume@2
Fred bovyresume@2
 
CEFv6 in a nutshell
CEFv6 in a nutshellCEFv6 in a nutshell
CEFv6 in a nutshell
 
Fred explains IPv6
Fred explains IPv6Fred explains IPv6
Fred explains IPv6
 
IPv6 tools
IPv6 toolsIPv6 tools
IPv6 tools
 
Multicast for IPv6
Multicast for IPv6Multicast for IPv6
Multicast for IPv6
 
Dhcp pd in brief
Dhcp pd in briefDhcp pd in brief
Dhcp pd in brief
 

Último

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 

Último (20)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 

Transition to ipv6 cgv6-edited

  • 1.     White  Paper   Service  Provider  Transition  to  IPv6:  NAT,  NAT64,   6RD,  DS-­‐LITE  and  Carrier  Grade  IPv6           Email:  fred@fredbovy.com      
  • 2.   Service  Provider  Transition  to  IPv6   2     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012       Table  of  Contents   1   Introduction:  Transition  Technologies  Needed  for  Decades  ........................................  3   2   Dual-­‐Stack  ..................................................................................................................  3   3   Network  Address  Translation  .....................................................................................  3   3.1   Network  Address  Translation  from  NAT  to  NPT6  ................................................................................  3   3.1.1   IPv4  to  IPv4  Translation:  NAT  or  NAT44  ..................................................................................................  3   3.1.2   IPv6  to  IPv6  Translation:  NAT66  to  NPT6  ................................................................................................  4   3.1.3   Network  Address  Translation  from  NAT-­‐PT  to  NAT464  ....................................................................  5   3.1.4   IPv4  to  IPv4  Translation:  Double  NAT  or  NAT444  ...............................................................................  5   4   Tunneling  ...................................................................................................................  8   4.1   IPv4  in  IPv6  Tunneling  +  NAT  (LSN):  DS-­‐Lite  .........................................................................................  8   4.2   IPv6  in  IPv4  Tunneling  ...................................................................................................................................  10   4.2.1   IPv6  in  IPv4  Static  Tunnels  ...........................................................................................................................  10   4.2.2   IPv6  in  IPv4  Automatic  Tunnels  .................................................................................................................  10   4.3   IPv6  in  IPv4  MPLS  Tunneling  ......................................................................................................................  12   5   Carrier  Grade  IPv6  (CGv6)  .........................................................................................  12   5.1   Network  Address  Translation  .....................................................................................................................  12   5.2   Tunneling.  ............................................................................................................................................................  12    
  • 3.   Service  Provider  Transition  to  IPv6   3     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012       1 Introduction:  Transition  Technologies  Needed   As  connected  devices  become  more  pervasive,  available  IPv4  addresses  decline  and   soon  will  be  completely  depleted.  IPv6  has  been  around  for  more  than  10  years  and   supported  by  most  operating  systems  and  network  vendors.  Despite  this,  most  service   providers  and  companies  have  not  transitioned  to  this  next  generation  Internet   protocol.  As  a  consequence,  more  time  is  needed  to  allow  a  smooth  transition  to  IPv6.   Because  of  this,  you  may  need  to  support  mixed  IPv4  and  IPv6  networks  for  a  few  more   years.   Maximum  performance,  security,  and  other  benefits    will  be  achieved  once  the  transition  to   IPv6  is  complete.  Meanwhile,  features,  performance,  and  security  will  have  to  be   compromised  in  order  to  support  IPv4  nodes  and  applications.   There  are  three  transition  methods:   -­‐ Dual-­‐stack   -­‐ Network  Address  Translation  (NAT44,  NAT64,  DNS64,  NAT444,  NAT464)   -­‐ Tunneling  (6rd,  DS-­‐Lite,  6PE,  6VPE)   This  paper  discusses  each.   2 Dual-­‐Stack   Dual-­‐stack  is  the  preferred  transition  method.  All  workstation  and  server  operating   systems  (Windows,  MAC,  Linux)  come  configured  as  dual-­‐stack  by  default.  When  a  host   needs  to  transmit  a  packet,  it  sends  a  DNS  Request  to  get  an  address.  If  the  DNS  reply   includes  both  IPv6  and  IPv4  addresses,  it  will  prefer  the  IPv6.  The  only  drawback  of  this   method  is  the  duplicated  effort  to  maintain  IPv4  and  IPv6  concurrently.  Also,  you  must   apply  the  same  level  of  security  to  both  protocols  or  you  may  risk  that  IPv4  will  be  used   to  discover  the  nodes  and  IPv6  will  be  used  to  breach  security  if  the  IPv6  security  is  not   as  strong  as  IPv4  security.   3 Network  Address  Translation   When  the  Internet  community  became  concerned  about  IPv4  address  depletion,  they   created  workarounds.  These  workarounds  included  classless  interdomain  routing   (CIDR)  or  variable-­‐length  subnet  masking  (VLSM)  to  save  addresses,  Dynamic  Host   Configuration  Protocol  (DHCP)  for  better  address  management,  and  Network  Address   Translation  (NAT).   3.1 Network  Address  Translation  from  NAT  to  NPT6   3.1.1 IPv4  to  IPv4  Translation:  NAT  or  NAT44     Introduced  in  the  mid-­‐90s  to  support  private  addressing,  NAT  and  NAT44  extended  the   life  of  IPv4  by  making  people  think  that  address  depletion  would  no  longer  be  an  issue.   However,  NAT  also  introduced  some  side  effects—both  good  and  bad.  RFC2993   discusses  the  architectural  implications,  advantages,  and  problems  of  NAT.  
  • 4.   Service  Provider  Transition  to  IPv6   4     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012       On  one  hand,  NAT  broke  the  end-­‐to-­‐end  IP  model.  Applications  that  must  be  supported,   like  DNS  or  FTP,  require  NAT  software  updates  (application  layer  gateway  [ALG]).  For   more  details  about  ALG,  see  RFC2663:  NAT  Terminology  and  Considerations.   When  an  inside  host  must  be  reachable  from  an  outside  public  space,  it  consumes  a   public  address  and  a  static  translation  must  be  configured.  Some  users  see  this  as  a   security  feature.  IPv4  firewalls  usually  do  NAT,  but  a  NAT  router  is  not  a  firewall!     Stateful  NAT  is  a  bottleneck,  a  single  point  of  failure,  and  can  be  the  target  of  denial  of   service  (DoS)  attacks.   On  the  other  hand,  with  NAT  and  private  addresses,  users  are  not  constrained  by  public   addresses  (address  independence).   NAT  also  permits  obscuring  the  end  user  network.  Hiding  topology  and  hosts  makes   some  people  think  that  NAT  is  an  important  security  feature.  For  these  reasons,  some   architects  will  not  consider  a  network  design  without  NAT!     RFC6092  provides  recommendations  for  implementing  security  in  an  IPv6  network.   This  document  also  differentiates  between  actual  security  and  the  features  of  NAT   gateways.   3.1.2 IPv6  to  IPv6  Translation:  NAT66  to  NPT6   With  the  introduction  of  IPv6  and  its  128-­‐bit  addresses,  NAT  was  no  longer  needed  to   provide  a  unique  address  to  Internet  users  and  the  end-­‐to-­‐end  IP  model  was  restored.   Larger  address  space  was  a  main  driver  for  IPv6.  The  introduction  of  NAT66  into  IPv6   was  a  frustration  for  IPv6  proponents.   In  addition  to  its  well-­‐known  problems,  NAT66  broke  the  security  implemented  by  IPSec   by  changing  the  IPv6  header.    But  proponents  of  NAT  did  not  like  that  NAT  benefits  were   missing  from  IPv6  and  also  argued  that  NAT  could  solve  the  multihoming  issue.  After   much  discussion  and  an  RFC  to  document  everything,  the  IETF  rejected  the  proposed   NAT66  drafts.   RFC5902  discusses  the  pros  and  cons  of  NAT66.  It  tries  to  justify  the  request  for  NAT66:     « 2. What is the problem? The discussions on the desire for IPv6 NAT can be summarized as follows. Network address translation is viewed as a solution to achieve a number of desired properties for individual networks: avoiding renumbering, facilitating multihoming, making configurations homogenous, hiding internal network details, and providing simple security. » RFC4864  explains  IPv6  solutions  to  the  NAT66  claimed  benefits  without  requiring  any   address  translation.  NAT  supporters  were  not  deterred.    They  responded  by  developing   a  simplified  stateless  NAT66  that  was  renamed  Network  Prefix  Translation  or  NPT6,   which  was  approved  in  RFC6296.  
  • 5.   Service  Provider  Transition  to  IPv6   5     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012       3.1.3 Network  Address  Translation  from  NAT-­‐PT  to  NAT464   3.1.3.1 NAT-­‐PT  (RFC2766)   For  transitioning  to  IPv6,  Network  Address  Translator-­‐Protocol  Translator  (NAT-­‐PT)   was  the  first  protocol  translation  method  implemented  by  Cisco  IOS.   NAT-­‐PT  equates  to  NAT64  +  NAT46  +  ALG.   NAT64  is  the  NAT  translation  initiated  by  the  IPv6  side,  and  NAT46  was  initiated  by  the   IPv4  side.  NAT-­‐PT  was  the  answer  for  all  the  cases,  but  it  consumed  many  resources  and   IOS  running  NAT-­‐PT  was  process  switching  with  the  very  low  performances  we  know.   Use  of  NAT-­‐PT  is  now  deprecated  (RFC4966).   3.1.3.2 NAT64/DNS64   3.1.3.2.1 What  is  the  problem  we  want  to  solve?   Workstations  run  dual-­‐stack  by  default.  Equipment  using  Windows,  MAC  OS,  and  Linux   operating  systems  is  set  up  with  dual  stack  by  default.  It  is  not  difficult  to  upgrade  a   workstation  if  it  runs  an  old  operating  system  without  dual  stack.  From  the  initialization   side,  IPv6  support  is  not  the  problem.  On  the  other  hand,  it  may  be  more  difficult  to   upgrade  an  application  to  support  IPv6.     3.1.3.2.2 DNS64  (RFC6147)   NAT64  relies  on  DNS64  to  manage  the  DNS  request  and  send  a  reply  to  the  source  with   an  IPv6  prefix  built  from  the  IPv4  address  received  from  the  target  node.  DNS64  first   sends  a  request  for  a  AAAA  prefix.  If  it  receives  an  error,  it  then  tries  to  ask  an  A  prefix.   Then  if  it  receives  an  answer,  DNS64  converts  it  to  a  AAAA  IPv6  prefix.   This  IPv6  address  is  built  using  a  NAT64  well-­‐known  prefix  (64:FF9B::/96)  followed  by   the  IPv4  address  coded  as  an  IPv6  address.  The  A  record  with  193.45.5.1  address  will  be   converted  to  the  AAAA  record  with  64:FF9B::193.45.5.1  or  64:FF9B::C12D:501  address.   3.1.3.2.3 Stateless  or  Stateful  NAT64   The  packet  from  the  source  is  routed  to  the  NAT64  box  using  the  normal  IPv6  routing.   The  NAT64  box  translates  the  IPv6  packet  to  an  IPv4  packet  and  sends  it  to  the  target.  It   also  performs  the  opposite  when  the  answer  comes  back  from  the  IPv4  host.   NAT64  can  be  stateless  (see  RFC6052)  or  stateful  (see  RFC6145,  RFC6146  and   RFC6052).  Stateless  means  that  an  IPv4  address  is  needed  for  each  translated  IPv6   address.  Stateful  is  required  if  multiple  IPv6  addresses  must  map  to  the  same  IPv4   address.   3.1.4 IPv4  to  IPv4  Translation:  Double  NAT  or  NAT444   NAT  at  the  CPE  has  already  permitted  to  IPv4  to  last  for  20  more  years  and  now  the  ISPs   are  starting  to  use  NAT  one  more  time  at  the  next  level  with  NAT444.  NAT444  refers  to   double  NAT,  where  NAT44  is  performed  a  first  time  by  the  CPE  at  the  customer’s  site   and  then  a  second  time  by  the  service  provider.  Carrier-­‐grade  NAT  (CGN)  and  large-­‐ scale  NAT  (  LSN)  refer  to  NAT  running  at  the  service  provider  instead  of  the  CPE.  
  • 6.   Service  Provider  Transition  to  IPv6   6     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012         Figure  1.  NAT  444   A  device  in  a  customer  network  might  send  a  packet  to  an  Internet  destination  with  a   source  address  of  10.1.1.1.  The  CPE  NAT  translates  the  source  address  to,  for  example,   172.16.1.1  with  accompanying  port  mapping.  At  the  LSN,  the  source  address  is   translated  to  the  public  IPv4  address,  say  201.15.83.1  again  with  port  mapping,  and  the   packet  is  routed  to  the  destination.  Responding  packets  to  201.15.83.1  are  routed  to  the   service  provider’s  aggregate  IPv4  address,  then  to  the  appropriate  LSN,  which  translates   the  destination  address  back  to  172.16.0.1  and  forwards  the  packet  to  the   corresponding  CPE  NAT,  which  translates  the  destination  address  to  10.1.1.1.   This  looks  simple,  but  this  design  is  not  without  issues.   One  issue  is  scalability.  Behind  the  CPE,  the  customer  may  be  running  many  devices.   Each  device  may  generate  many  data  streams.  There  is  not  yet  enough  production   experience  to  know  the  upper  boundaries  of  how  many  customer  networks  a  single  LSN   can  manage,  either  in  terms  of  performance  or  in  terms  of  mapping  steams  to  a  single   public  IPv4  address.     Also,  it  becomes  impossible  to  track  a  user  using  its  IP  address.  If  a  new  application   requires  an  ALG,  it  must  be  installed  by  the  SP.   Another  issue  is  the  possibility  of  address  overlaps  between  the  customer’s  network  and   the  private  addresses  used  by  the  service  provider.  For  example,  if  the  provider  uses   addresses  out  of  the  172.16.0.0/12  block  between  the  LSN  and  the  CPE  NAT,  and  the   customer  addresses  his  network  out  of  the  same  block,  uniqueness  between  the  two   zones  is  lost  and  packets  might  be  misrouted.  Insuring  that  customers  use  non-­‐ conflicting  address  ranges  can  be  an  administrative  headache  for  the  provider.  
  • 7.   Service  Provider  Transition  to  IPv6   7     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012             Figure  2.  Firewall  Blocks  Packets  with  Private  Source  Address     Yet  another  issue  occurs  when  a  customer  wants  to  send  packets  to  another  customer   behind  the  same  LSN.  Filtering  policies  in  firewalls,  router  ACLs,  and  even  servers  often   block  packets  from  outside  the  network  that  have  private  source  addresses.  To   circumvent  this  problem,  packets  must  pass  through  the  LSN  so  that  their  source   addresses  can  be  translated  to  a  public  address  and  then  switched  back  through  the  LSN   to  the  destination.  LSN  resources  are  consumed  even  though  the  packets  are  not  going   to  a  destination  beyond  the  LSN.   A  proposed  solution  to  these  problems  is  to  reserve  a  block  of  the  remaining  public  IPv4   space  as  an  “ISP  shared  address”  space.  Because  the  address  block  would  be  reserved   for  use  in  NAT444  architectures,  the  same  addresses  can  be  used  behind  different  LSNs   the  same  way  RFC1918  addresses  are  used  for  private  networks.  Because  the  address   would  not  be  RFC1918  addresses,  they  would  not  conflict  with  the  private  addresses  in   any  customer  network.  Also  because  they  are  not  RFC1918  addresses,  filtering  policies   will  not  block  them.  Packet  flows  between  customers  behind  the  same  LSN  will  not  have   to  pass  through  the  LSN.   Another  solution  is  to  use  IPv6  on  the  CPE  NAT-­‐to-­‐LSN  link;  this  is  NAT464.  It  will  go  in   the  good  direction  with  IPv6  between  the  customer  and  the  service  provider.  
  • 8.   Service  Provider  Transition  to  IPv6   8     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012       3.1.4.1 NAT464   A  problem  with  this  design  is  that  now  the  CPE  must  perform  NAT46  address   translation  instead  of  NAT44.  This  design  will  require  upgrading  all  the  CPEs,  which  is   an  expensive  solution.     Figure  3.  NAT464   4 Tunneling   There  are  a  few  choices  for  encapsulating  IPv4  in  IPv6,  IPv6  in  IPv4,  or  IPv6  in  MPLS   IPv4.   4.1 IPv4  in  IPv6  Tunneling  +  NAT  (LSN):  DS-­‐Lite   Because  all  customers  will  not  migrate  at  once  to  IPv6,  a  big  problem  for  service   providers  is  supporting  RFC1918  IPv4  customers  after  the  backbone  has  migrated  to   IPv6.    Dual  Stack  Lite  (DS-­‐Lite)  solves  this  with  IPv4  in  IPv6  tunneling  and  NAT44.   Another  problem  is  that  all  the  applications  will  not  migrate  to  IPv6  at  once  either  and   the  clients  will  need  to  run  IPv4  and  dual-­‐stack  for  a  while  to  access  the  IPv4  servers.   DS-­‐Lite  will  permit  this.   DS-­‐Lite  uses  the  IPv6  source  address  of  the  tunnel  with  the  IPv4  source  address  and  the   source  port  number  to  identify  each  tunnel  source  endpoint.  Without  this,  there  would   be  no  way  to  differentiate  two  overlapping  customers  using  the  same  RFC1918  private   address.    
  • 9.   Service  Provider  Transition  to  IPv6   9     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012           Figure  4.  DS-­‐Lite  IPv4  in  IPv6  Tunnel     Figure  5.  DS-­‐Lite  =  IPv4  in  IPv6  Tunnel  +  LSN  
  • 10.   Service  Provider  Transition  to  IPv6   1 0     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012         Figure  7.  IPv6  Routed  Directly.  IPv4  Routed  to  LSN.   4.2 IPv6  in  IPv4  Tunneling   IPv6  in  IPv4  was  the  first  overlay  tunnel  used  during  the  transition  to  IPv6.  The  first   experimental  IPv6  network,  the  6BONE,  was  created  from  overlay  tunnels  connecting   IPv6  islands  across  the  IPv4  Internet.     IPv6  in  IPv4  tunnels  can  be  statically  or  automatically  configured.   4.2.1 IPv6  in  IPv4  Static  Tunnels   For  IPv6  in  IPv4  static  tunnels  or  6in4  static,  you  must  configure  the  tunnel  source  and   destination  IPv4  addresses.  This  is  the  least  unsecure  option  as  you  can  control  the   source  and  destination  of  the  tunnel.  If  possible,  use  IPSec  to  secure  these  tunnels.   4.2.2 IPv6  in  IPv4  Automatic  Tunnels   With  automatic  tunnels,  you  don’t  need  to  configure  the  IPv4  destination  of  the  tunnel.   Automatic  tunnels  also  provide  IPv6  addressing.  Teredo  and  Intra-­‐Site  Automatic   Tunnel  Addressing  Protocol  (ISATAP)  automatic  tunnels  are  not  intended  for  service   providers  and  are  not  discussed  here.   4.2.2.1 6to4:  The  Origin  (RFC3056)   The  first  popular  automatic  tunnels  were  6to4.  These  tunnels  solved  two  problems:  IPv6   addressing  and  automatic  destination  tunnel  configuration.  They  provided  the  reserved   IPv6  prefix—2002::/16.  Following  this  prefix  was  the  6to4  gateway  public  IPv4   address.    This  way,  the  destination  IPv4  address  of  the  tunnel  was  coded  in  the  
  • 11.   Service  Provider  Transition  to  IPv6   1 1     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012       destination  IPv6  address.  For  instance,  if  a  6to4  gateway  public  IPv4  address  was   193.2.4.5,  the  IPv6  site  that  would  be  reachable  from  this  6to4  gateway  would  use  the   prefix  2002:193.2.4.5::/48  or  2002:c102:405::/48.   Microsoft  provided  6to4  relays  on  the  Internet  using  the  IPv4  anycast  address   192.88.99.1  for  anyone  using  6to4  to  have  access  to  the  IPv6  Internet  from  IPv4.   For  ISPs,  the  biggest  problem  with  6to4  is  the  lack  of  flexibility  due  to  the  fixed   2002::/16  prefix.  6to4  also  lacks  basic  security  features  (RFC3964).   6to4  is  now  deprecated.         4.2.2.2 6rd:  The  Next  Generation  (RFC5969)   Free  Telecom,  a  French  ISP,  customized  the  code  of  a  6to4  platform  to  accept  any  ISP   prefix  instead  of  2002::/16  and  provided  instant  IPv6  access  to  their  customers.  They   provided  the  relays  to  access  the  IPv6  Internet  and  called  this  6rd  for  IPv6  Rapid   Deployment.  6rd  became  the  de  facto  standard  for  service  providers  with  an  IPv4   backbone  to  provide  IPv6  service  to  their  customers.   6rd  was  implemented  in  Cisco  IOS  Software  Release  15.1(3)T  and  is  documented  in   RFC5969.     Figure  6.  6rd,  6to4  with  a  Customized  Prefix      
  • 12.   Service  Provider  Transition  to  IPv6   1 2     Fred  Bovy       Transitionn  to  IPv6     22/08/11  2:03  PM   fred@fredbovy.com   Fred  Bovy  EIRL  –  Ipv6  For  Life!  ©  2012       4.3 IPv6  in  IPv4  MPLS  Tunneling   For  service  providers  with  an  IPv4  MPLS  backbone,  the  transition  methods  are  IPv6   Provider  Edge  Router  (6PE)  and  IPv6  VPN  Provider  Edge  Router  (6VPE).   6PE  is  for  the  transport  of  IPv6  on  top  of  MPLS  IPv4.  6VPE  adds  the  support  of  IPv6  in   MPLS-­‐VPN.  The  VRF  can  be  dual-­‐stack.  Both  are  stable,  efficient,  and  scalable  methods  to   provide  IPv6  services  over  an  IPv4  MPLS  backbone.   While  6PE  and  6VPE  are  important  transition  methods  for  service  providers,  they  are   not  discussed  in  this  white  paper.   5  Carrier  Grade  IPv6  (CGv6)   CGv6  is  the  Cisco  solution  to  support  service  providers  during  the  transition  to  IPv6.   CGv6  runs  on  a  dedicated  carrier-­‐grade  service  engine  on  the  CRS-­‐1.  CGv6  is  also   available  on  Cisco  ASR  9000  with  IOS-­‐XR  and  Cisco  ASR  1000  with  Cisco  IOS-­‐XE   Software.   5.1 Network  Address  Translation   CGv6  supports  double  NAT444  where  NAT44  is  performed  at  the  CPE  and  again  at  the   service  provider.  CGv6  also  supports  Address  Family  Translation  or  IVI,  which   represents  the  Roman  numerals  for  4  (IV)  and  6  (VI);  in  other  words,  NAT46  and   NAT64.   5.2 Tunneling.   CGv6  supports  6rd  and  DS-­‐Lite.   For  more  information  about  the  Cisco  CGv6  solution,  visit   http://www.cisco.com/go/cgv6  and  http://www.ccmi.com/IPv6/Cisco_CGv6.pdf                   Fred BOVY, CCIE #3013 fred@fredbovy.com