I have pseudo-learned and forgotten some IPv6 mechanics over the past couple of years. I have re-visited this cycle recently, so it seemed like a good reason to actually document some of it. I get pretty lazy when it comes to re-cabling lab gear, so for proofing a protocol scenario without needing to measure performance numbers, I tend to opt for an emulator. One tragedy of our industry today is the lack of test/dev tools. The saints who maintain Dynamips/GNS3 are unsung heroes who save us grumpy spouses from looking at a pile of gear soaking up the electric bill. The other great thing about software emulators is for those who don’t have any gear to get hands on experience with networking equipment. It is a shame we have to use hacked together emulators to model architectures, but that is the reality of proprietary hardware and operating systems. If you have not already listened to some of the podcasts @ecbanks and @etherealmind have done, the nerd meter is cranked on those.
Two IOS Labs
I thought a couple of IPv6 based labs might be helpful as a refresher or starter for a few folks. Practical application always seems to help nail down concepts. There is also basic IPv4 MPLS/VPN support in the 2nd lab, so if you’re working on learning MPLS, it may be helpful to you. I only did IOS configs here, as that is the only emulator that I use. I have Junos equivalents of these configs if anyone would like them; I will be happy to send them along. Although, OLIVE (Junos emulator) is a pain to install, and JunoSphere is pay to play :/ That said, the world’s best lab box IMO is a Juniper MX series: 16 logical routers in one box is amazing but around 20k entry MX5/MX80.
- A few different IPv6 links using a static route, ISIS, OSPF, RIP and BGP.
- Configure an IPv4 MPLS/VPN infrastructure and integrate IPv6 VPN without modifying the IPv4 MPLS core and leveraging a single signaling plane and only dual-stack on the provider edge also known as 6VPE.
Lab 1: A Few IPv6 Routing Protocols
In lab 1, we will work through adding IPv6 addresses, static routing, ISIS, OSPF, RIP and finally BGP.
Lab Setup
The initial configurations at the beginning of the two labs can be copied and pasted to save time on basic setup. For hardware, either break out the lab boxes or use router emulation SW using Dynamips/GNS3. The examples are done using Cisco 7200 emulated routers and IOS image 12.4(25f) – the binary is c7200-p-mz.124-25f.bin. Anything with IPv6 support should be fine for Lab1. For Lab2, Advanced IP Services or Advanced Enterprise Services are supported (anything supporting MPLS). How-to documents for GNS3 can be found at the following links: Windoze, Mac and Linux Ubuntu.
Figure 2. IOS Feature Matrix. Documentation explaining support in IOPS can be found here.
Figure 2. Exercise 1 Base Topology.
Lab 1 Base Configuration
You can paste these configs in to save the time in pecking interface addrs into each router. Those configs will setup a /64 link on each Gigabit circuit between the emulated 7200’s.
hostname R1
!
ipv6 unicast-routing
!
interface Loopback1
no ip address
ipv6 address 2001:11::1/128
no shutdown
!
interface GigabitEthernet1/0
no ip address
ipv6 address 2001:1::1/64
no shutdown
!
interface GigabitEthernet2/0
no ip address
ipv6 address 2001:2::1/64
no shutdown
!
ip forward-protocol nd
hostname R2
!
ipv6 unicast-routing
!
interface Loopback1
no ip address
ipv6 address 2001:12::1/128
no shutdown
!
interface GigabitEthernet1/0
no ip address
ipv6 address 2001:1::2/64
no shutdown
!
interface GigabitEthernet2/0
no ip address
ipv6 address 2001:3::2/64
no shutdown
!
ip forward-protocol nd
hostname R3
!
ipv6 unicast-routing
!
interface Loopback1
no ip address
ipv6 address 2001:13::1/128
no shutdown
!
interface GigabitEthernet1/0
no ip address
ipv6 address 2001:2::2/64
no shutdown
!
interface GigabitEthernet2/0
no ip address
ipv6 address 2001:4::2/64
no shutdown
!
ip forward-protocol nd
hostname R4
!
ipv6 unicast-routing
!
interface Loopback1
no ip address
ipv6 address 2001:14::1/128
no shutdown
!
interface GigabitEthernet1/0
no ip address
ipv6 address 2001:3::1/64
no shutdown
!
interface GigabitEthernet2/0
no ip address
!
ipv6 address 2001:4::1/64
no shutdown
!
ip forward-protocol nd
Lab 1 Exercise 1. Static Routes Exercise
Look at your connected routes on R2. Connected routes are reachable denoted by the “C”. The legend is listed in the output.
R2#sho ipv6 route
On R2 look for a route to the loopback of R1. While you may be able to ping the directly “connected” interface you do not have a route for the Loopback 1 (Lo1).
R2#sho ipv6 route 2002::1/128
% Route not found
Figure 3. Add a IPv6 static route from R2 to the interface Loopback1.
Add a static route from R2 to R1. R2 will source the ping from from the Gig0/1 network. You can specify the source addr with “ping 2001:1::2 source ?”
R2#conf t
R2(config)# ipv6 route 2001:11::1/128 2001:1::1
R2(config)#^Z (Control+Z)
Now look for the route. Voila!
R2#sho ipv6 route 2001:11::1
S 2001:11::1/128 [1/0]
via 2001:1::1
Next test reachability from R2 to Loopback1 of R1.
R2#ping 2001:11::1
!!!!!
Success rate is 100 percent
- Let’s remove the static route and do something a bit more dynamic.
R2#conf t
R2(config)# no ipv6 route 2001:11::1/128 2001:1::1
Dynamic IPv6 Routing Protocols
The next section will focus on building dynamic routing information databases (RIB) with active entries in the RIB being pushed into the FIB, typically for hardware forwarding on dedicated search ASICs. Each routing protocol will build a topology database to find routes to destination prefixes and prevent routing loops by exchanging state with one another to build a topology, or “routing via rumor” as I have heard it described on Packet Pushers podcasts before.
Figure 4. Each link between the nodes will run a different protocol.
Lab 1 Exercise 2. IPv6 IS-IS: Intermediate System to Intermediate System
Quick info on ISIS as it is not used as often as other IGPs (certainly not because it isn’t efficient). ISIS utilizes a link state database derived from a Dijkstra-based SPF algorithm to find shortest path based on metrics. A ridiculously thorough breakdown should be listened to in @packetpushers Podcast Show 89 – OSPF vs IS-IS Smackdown with Ferro, Lapukhov, Pepelnjak and Milovejic…grab your one-way ticket to Nerdsville.
Some quick ISIS syntax explanations:
Enable ISIS for the process area “coffee” and also on the interface to form adjacencies.
- router isis coffee
NSAP (Network Service Access Points) is used for Connectionless Network Service (CLNS) as the ISIS router ID. It is fairly confusing at first glance, but think of it as a router ID in OSPF, but using a protocol other than IP (CLNP) as the network layer communications for local link adjacencies. This can be attractive since CLNP does not depend on IP for building IGP peers.
- net 49.1111.2221.3333.4441.00
Break the NSAP down to:
- 49.1111 = Area ID – Needs to be the same for adjacencies in the same area similar to OSPF.
- 2221.3333.4441 = System ID or SysID – Each router needs to be unique similar to OSPF router ID.
- 00 = n-selector
R1
R2# conf t
R2(config)# router isis coffee
R2(config-router)# net 49.1111.2221.3331.4441.00
R2(config-router)# interface gig 1/0
R2(config-if)# ipv6 router isis coffee
R1(config-if)# interface loopback 1
R1(config-if)# ipv6 router isis coffee
Or Paste:
conf t
router isis coffee
net 49.1111.2221.3331.4441.00
interface gig 1/0
ipv6 router isis coffee
interface loopback 1
ipv6 router isis coffee
R2
R2# conf t
R2(config)# router isis coffee
R2(config-router)# net 49.1111.2222.3332.4442.00
R2(config-router)# interface gig 1/0
R2(config-if)# ipv6 router isis coffee
Or Paste:
conf t
router isis coffee
net 49.1111.2222.3332.4442.00
interface gig 1/0
ipv6 router isis coffee
If doing the lab on Dynamips(GNS3), ignore the CLNS error being thrown. There is a thread on GroupStudy from a few years back discussing it. It appears to be a Dynamips error.
***%CLNS-3-BADPACKET: ISIS: L1 CSNP, packet length 0 less than header length 33***
R2#sho isis neighbors
System Id Type Interface IP Address State Holdtime Circuit Id
R1 L1 Gi1/0 UP 26 R2.01
R1 L2 Gi1/0 UP 24 R2.01
Now the loopback for R1 will show up in the R2 RIB (Routing Information Base) as being learned via ISIS rather than a static route as it was in the first exercise.
R2#sho ipv6 route isis
I1 2001:11::1/128 [115/20]
via FE80::C801:2FF:FE44:1C, GigabitEthernet1/0
R2#ping 2001:11::1
!!!!!
Success rate is 100 percent
Lab 1 Exercise 3. IPv6 OSPF – Open Shortest Path First
We will advertise Lo1 on R2 into OSPF Area 0 to verify route advertisement. Under the IPv6 global process, we need to define an IPv4 addr as a router ID.
R2
R2#conf t
R2(config)# ipv6 router ospf 1
R2(config-rtr)# router-id 2.2.2.2
R2(config-rtr)# interface gigabit 2/0
R2(config-if)# ipv6 ospf 1 area 0
R2(config-if)# interface loopback 1
R2(config-if)# ipv6 ospf 1 area 0
Or Paste:
conf t
ipv6 router ospf 1
router-id 2.2.2.2
interface gigabit 2/0
ipv6 ospf 1 area 0
interface loopback 1
ipv6 ospf 1 area 0
R4
R4#conf t
R4(config)#ipv6 router ospf 1
R4(config-rtr)# router-id 4.4.4.4
R4(config-rtr)#interface gigabit 1/0
R4(config-if)#ipv6 ospf 1 area 0
Or Paste:
conf t
ipv6 router ospf 1
router-id 4.4.4.4
interface gigabit 1/0
ipv6 ospf 1 area 0
R4#sho ipv6 route ospf
O 2001:12::1/128 [110/1]
via FE80::C802:2FF:FE44:38, GigabitEthernet1/0
(Once you get an full adjacency and see the neighbors loopback) %OSPFv3-5-ADJCHG: Process 1, Nbr 2.2.2.2 on GigabitEthernet1/0 from LOADING to FULL, Loading Done…
Success rate is 0 percent (0/5)
R4#ping 2001:12::1
!!!!!
Success rate is 100 percent
***Ignore %OSPFv3-4-ERRRCV: Received invalid packet: Bad Checksum if on Dynamips/GNS3 – Checksums may tax CPU or the hypervisor. Probably an explanation on GNS3 forums if interested***
Lab 1 Exercise 4. RIP – Routing Information Protocol
R4
R4#conf t
R4(config)#ipv6 router rip coffee
R4(config-rtr)#interface gigabit 2/0
R4(config-if)#ipv6 rip coffee enable
Or Paste:
conf t
ipv6 router rip coffee
interface gigabit 2/0
ipv6 rip coffee enable
R3
R3(config)#exit
R3#conf t
R3(config)#ipv6 router rip coffee
R3(config-rtr)#interface gigabit 2/0
R3(config-if)#ipv6 rip coffee enable
R3(config-if)#interface loopback1
R3(config-if)#ipv6 rip coffee enable
Or Paste:
conf t
ipv6 router rip coffee
interface gigabit 2/0
ipv6 rip coffee enable
interface loopback1
ipv6 rip coffee enable
- Look at what is being advertised from R3 via RIP
R3#sho ipv6 rip
RIP process “coffee”, port 521, multicast-group FF02::9, pid 148
Administrative distance is 120. Maximum paths is 16
Updates every 30 seconds, expire after 180
Holddown lasts 0 seconds, garbage collect after 120
Split horizon is on; poison reverse is off
Default routes are not generated
Periodic updates 2, trigger updates 1
Interfaces:
Loopback1
GigabitEthernet2/0
Redistribution:
None
R4#sho ipv6 route rip
R 2001:13::1/128 [120/2]
via FE80::C803:2FF:FE44:38, GigabitEthernet2/0
Ping the R3 Loopback1 from R4 now that it is reachable.
R4#ping 2001:13::1
!!!!!
Success rate is 100
Lab 1 Exercise 4. BGP – Border Gateway Protocol
R1
R1(config)#conf t
R1(config)#router bgp 65001
R1(config-router)# bgp router-id 1.1.1.1
R1(config-router)# no bgp default ipv4-unicast
R1(config-router)# neighbor 2001:2::2 remote-as 65003
R1(config-router)# neighbor 2001:2::2 update-source Gig2/0
R1(config-router)#address-family ipv6
!—- Activate the v6 addr family and Advertise the R1 loopback to R3—-!
R1(config-router-af)#neighbor 2001:2::2 activate
R1(config-router-af)#network 2001:11::1/128
Or Paste:
conf t
router bgp 65001
bgp router-id 1.1.1.1
no bgp default ipv4-unicast
neighbor 2001:2::2 remote-as 65003
neighbor 2001:2::2 update-source Gig2/0
address-family ipv6
neighbor 2001:2::2 activate
network 2001:11::1/128
R3
R1(config)#conf t
R3(config)#router bgp 65003
R3(config-router)# bgp router-id 3.3.3.3
R3(config-router)# no bgp default ipv4-unicast
R3(config-router)# neighbor 2001:2::1 remote-as 65001
R3(config-router)# neighbor 2001:2::1 update-source Gig1/0
!—- Activate the v6 addr family and Advertise the R3 loopback to R1—-!
R3(config-router-af)#neighbor 2001:2::1 activate
R3(config-router-af)#network 2001:13::1/128
Or Paste:
conf t
router bgp 65003
bgp router-id 3.3.3.3
no bgp default ipv4-unicast
neighbor 2001:2::1 remote-as 65001
neighbor 2001:2::1 update-source Gig1/0
address-family ipv6
neighbor 2001:2::1 activate
network 2001:13::1/128
R1#show bgp ipv6 unicast summary
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2001:2::2 4 65003 8 8 3 0 0 Time up –> 00:04:22 1 <–one route received)
R3#show bgp ipv6 unicast
Network Next Hop Metric LocPrf Weight Path
*> 2001:11::1/128 2001:2::1 0 0 65001 i
*> 2001:13::1/128 :: 0 32768 i
R3#show ipv6 route bgp
B 2001:11::1/128 [20/0]
via FE80::C801:2FF:FE44:38, GigabitEthernet1/0
R1#sho ipv6 route bgp
B 2001:13::1/128 [20/0]
via FE80::C803:2FF:FE44:1C, GigabitEthernet2/0
R1#ping 2001:13::1
!!!!!
Success rate is 100 percent
Lab 2. MPLS/VPN 6VPE
This exercise is to send IPv6 data over IPv4 signaled LSPs using BGP-MPLS VPN extension for IPv6 as described in RFC 4659. This is relevant, since many enterprises and most service providers leverage network virtualization via MPLS/VPNs. The use cases range from path isolation, multi-tenancy, security, regulatory compliance and simplifying networks (e.g. no more PBR). The base configurations are using OSPF Area 0 for the IGP (Interior Gateway Protocol) and LDP (Label Distribution Protocol) for the LSP (Label Switch Path) signaling. We will setup the IPv4 MPLS/VPN framework and then add the VPNv6 address family that prepends the route distinguisher (RD) to the IP.
Figure 5. MPLS/VPN 6PE Topology
Establish the MPLS/VPN Provider Edge (PE) Nodes
Base Configuration: Clear Lab 1 configurations and reset routers back to default. A quick way to clear the routers is to reboot the nodes if you aren’t saving configs or write erase && reload.
hostname R1
!
ipv6 unicast-routing
ipv6 cef
!
mpls label protocol ldp
mpls ldp router-id Loopback 0 force
!
interface Loopback1
ip address 192.168.1.1 255.255.255.255
ipv6 address 2001:11::1/128
no shutdown
!
interface GigabitEthernet1/0
ip address 10.1.1.1 255.255.255.252
no shutdown
!
interface GigabitEthernet2/0
ip address 172.16.2.1 255.255.255.252
ipv6 address 2001:2::1/64
no shutdown
!
router ospf 100
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
passive-interface gig 2/0
!
ip forward-protocol nd
hostname R2
!
ipv6 unicast-routing
ipv6 cef
!
mpls label protocol ldp
mpls ldp router-id Loopback 0 force
!
interface Loopback1
ip address 192.168.1.2 255.255.255.255
ipv6 address 2001:12::1/128
no shutdown
!
interface GigabitEthernet1/0
ip address 10.1.1.2 255.255.255.252
no shutdown
!
interface GigabitEthernet2/0
ip address 172.16.3.1 255.255.255.252
ipv6 address 2001:3::2/64
no shutdown
!
router ospf 100
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
passive-interface gig 2/0
- Routers R3 and R4 will basically act as hosts or switches for us to test end-to-end connectivity, so their configs are small. Today, you can build BGP, RIP and static routes (maybe EIGRP recently) between the PE and CE. Once you finish the MPLS VPN setup on R1 and R2, R3 and R4, you should be able to ping one another on their Gig0/1 interfaces.
hostname R3
!
ipv6 unicast-routing
!
interface Loopback1
no ip address
ipv6 address 2001:13::1/128
no shutdown
!
interface GigabitEthernet1/0
no ip address
ipv6 address 2001:2::2/64
no shutdown
!
ipv6 route ::/0 2001:2::1
hostname R4
!
ipv6 unicast-routing
!
interface Loopback1
no ip address
ipv6 address 2001:14::1/128
no shutdown
!
interface GigabitEthernet1/0
no ip address
ipv6 address 2001:3::1/64
no shutdown
!
ipv6 route ::/0 2001:3::2
- These VPN routes are pretty slow to build on GNS3 but eventually (1-2 minutes) you will see a learned route via BGP in the VPN ‘data-vrf’. Once that appears you have built your MP-BGP LDPv4 MPLS/VPN.
R2#show ip route vrf data-vrf
B 172.16.2.0/30 [200/0] via 192.168.1.1, 00:00:13
C 172.16.3.0/30 is directly connected, GigabitEthernet2/0
L 172.16.3.1/32 is directly connected, GigabitEthernet2/0
- Now build the MP-BGP peers and CE-facing interfaces. The Multi-Protocol BGP framework on the two Provider Edge (PE) nodes R1 & R2 and will carry the v6 payload encapsulated in IPv4 across the P (provider core) nodes if you had them. In this case, we are just simulating the edge v6 PE nodes.
R1- MPLS 6VPE Configuration
int gig 1/0
mpls ip
!
vrf definition data-vrf
rd 65000:1
route-target export 65000:10
route-target import 65000:10
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
router bgp 65000
neighbor 192.168.1.2 remote-as 65000
neighbor 192.168.1.2 update-source Loopback 1
!
address-family vpnv4
neighbor 192.168.1.2 activate
exit-address-family
!
address-family vpnv6
neighbor 192.168.1.2 activate
exit-address-family
!
address-family ipv6 vrf data-vrf
redistribute connected
exit-address-family
!
address-family ipv4 vrf data-vrf
redistribute connected
exit-address-family
!
interface GigabitEthernet2/0
vrf forwarding data-vrf
ip address 172.16.2.1 255.255.255.252
ipv6 address 2001:2::1/64
no shutdown
R2 – MPLS 6VPE Configuration
int gig 1/0
mpls ip
vrf definition data-vrf
rd 65000:2
route-target export 65000:10
route-target import 65000:10
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
router bgp 65000
neighbor 192.168.1.1 remote-as 65000
neighbor 192.168.1.1 update-source Loopback 1
!
address-family vpnv4
neighbor 192.168.1.1 activate
exit-address-family
!
address-family vpnv6
neighbor 192.168.1.1 activate
exit-address-family
!
address-family ipv4 vrf data-vrf
redistribute connected
exit-address-family
!
address-family ipv6 vrf data-vrf
redistribute connected
exit-address-family
interface GigabitEthernet2/0
vrf forwarding data-vrf
ip address 172.16.3.1 255.255.255.252
ipv6 address 2001:3::2/64
no shutdown
Table Reviews
- Let’s examine the IPv4 native routing table. Notice we do not see the interfaces or networks facing the Customer Edge (CE). All we need here is the native IPv4 network for BGP peering to build the MP-BGP adjacencies that IPv4 and IPv6 will be transported through. The loopbacks are advertised from the IGP since that is what we need for next hop reachability for MP-BGP. Try pinging each dynamically learned route.
R1#sho ip route
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.1.1.0/30 is directly connected, GigabitEthernet1/0
L 10.1.1.1/32 is directly connected, GigabitEthernet1/0
192.168.1.0/32 is subnetted, 2 subnets
C 192.168.1.1 is directly connected, Loopback1
O 192.168.1.2 [110/2] via 10.1.1.2, 15:41:59, GigabitEthernet1/0
R1#ping 192.168.1.2
!!!!!
Success rate is 100 percent (5/5)
- One way to think about this is comparing this to a Vlan. A Vlan is a bucket you put hosts into to isolate them from another Layer 2 Vlan. A VRF or VPN is a bucket you can put lots of Vlans or Networks in to that creates Layer 3 path isolation to apply policy.
R1#show ip bgp vpnv4 all
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 65000:1 (default for vrf data-vrf)
*> 172.16.2.0/30 0.0.0.0 0 32768 ?
*>i172.16.3.0/30 192.168.1.2 0 100 0 ?
Route Distinguisher: 65000:2
*>i172.16.3.0/30 192.168.1.2 0 100 0 ?
R1#sho ip route vrf data-vrf
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
C 172.16.2.0/30 is directly connected, GigabitEthernet2/0
L 172.16.2.1/32 is directly connected, GigabitEthernet2/0
B 172.16.3.0/30 [200/0] via 192.168.1.2, 15:40:19
(C=Connected, L=Local, B=BGP learned routes)
- Check VRF connectivity. Notice ‘ping vrf data-vrf 172.16.3.1′. That is telling the router to source the prefix lookup and ping from the data-vrf VPN/VRF.
R1#ping vrf data-vrf 172.16.3.1
!!!!!
Success rate is 100 percent (5/5)
- Review the IPv6 VRF/VPN. Notice the next-hop for the IPv6 2001:3::/64 is the Loopback and IPv4 address of the MP-BGP peer. Next-hops for VRF will be the BGP next hop rather than the OSPF path. The OSPF path provides the reachability for the BGP TCP peering session.
R1#sho ipv6 route vrf data-vrf
C 2001:2::/64 [0/0]
via GigabitEthernet2/0, directly connected
L 2001:2::1/128 [0/0]
via GigabitEthernet2/0, receive
B 2001:3::/64 [200/0]
via 192.168.1.2%default, indirectly connected
L FF00::/8 [0/0]
via Null0, receive
- Finally, test between your two CE nodes R3 & R4. They had picked up default routes pointing to the PE nodes R1 & R2 in the starting base configuration pasted. Notice the S::/0[1/0] gateway of last resort (default gateway).
R3#sho ipv6 route
IPv6 Routing Table – default – 5 entries
Codes: C – Connected, L – Local, S – Static, U – Per-user Static route
B – BGP, R – RIP, I1 – ISIS L1, I2 – ISIS L2
IA – ISIS interarea, IS – ISIS summary, D – EIGRP, EX – EIGRP external
O – OSPF Intra, OI – OSPF Inter, OE1 – OSPF ext 1, OE2 – OSPF ext 2
ON1 – OSPF NSSA ext 1, ON2 – OSPF NSSA ext 2
S ::/0 [1/0]
via 2001:2::1
C 2001:2::/64 [0/0]
via GigabitEthernet1/0, directly connected
L 2001:2::2/128 [0/0]
via GigabitEthernet1/0, receive
LC 2001:13::1/128 [0/0]
via Loopback1, receive
L FF00::/8 [0/0]
via Null0, receive
R3#ping 2001:3::1
Sending 5, 100-byte ICMP Echos to 2001:3::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5)
v6 Usage Globally:
Before we wrap up, let’s take a quick look at IPv4 vs IPv6 usage as of Sept 3, 2012. There are ~420,000-430,000+ (depending on peering) IPv4 Internet 1 active destination prefixes (routes) and ~10,000 active IPv6 prefixes. The v4 BGP tables seem to be growing about as much as the v6 tables , that will someday (loosely) begin draining towards v6. There are 4 examples below that show IPv4 and IPv6 table sizes on both Cisco IOS and Juniper Junos. If you don’t have access to an Internet router at your work with a full BGP routing table, BGP looking glasses are public great resources for troubleshooting or getting a feel for what a production RIB and FIB look like. Take a peek here.
Figure 6. IPv4 Cisco IOS BGP table
Figure 7. IPv4 Juniper inet.0 table
Figure 8. IPv6 Cisco IOS BGP table (IOS looking at least probably a route server package)
Figure 9. IPv6 Juniper inet6.0 table
Take a look yourself on IOS
- Telnet to Oregon IXP (Internet Exchange) and poke around: “telnet route-views.oregon-ix.net” Many other looking glasses are found at BGP.AS
- View IPv4 BGP summary: “show bgp summary”
- View IPv6 BGP summary: “show bgp ipv6 unicast summary”
- Telnet to “telnet route-server.twtelecom.net”
- “show route summary” inet.0 = IPv4 & inet6.0 = IPv6
Additional Links:
- A killer blog I had somehow missed until wiriting this from Shivlu Jain @ http://www.mplsvpn.info/. He is going straight in my RSS. Not many scenarios he has not come up with on his blog for virtualized v6.
- IOSHints – http://blog.ioshints.info/2012/01/should-i-use-6pe-or-native-ipv6.html
- A NANOG nerd rage regarding 6PE vs. 6VPE, but chock-full of real world pro and cons.
- Juniper’s implementation of RFC 4798 (6PE) & RFC 4659 (6VPE) and a nice transcript discussing the two options (slightly dated).
- Slide deck from Cisco w/6PE & 6VPE explained in their implementations. For some reason there is a smiling kid on the first slide of a deck, maybe laughing at us for how complicated and cryptic getting these protocols to work together are. Shoulda been an angry engineer discovering he still can’t do LDPv6 or OSPF from a PE to CE. O_o
- Nice list of various configuration scenarios from Cisco. I used some of these for writing this post up.
Summary:
On the networks colleagues and I are accountable for (an enterprise campus/hospital with 80K ports and a regional SP statewide network with ~250k downstream users), deployments will be limited to pockets that need IPv6 for research or other specific needs until we can replicate the same protocols with IPv6 that we leverage with IPv4. I have some colleagues in R&E (research and education) doing DNS64 with some success in areas where v4’s are depleted. If anyone needs a hand, they have the deployments documented pretty well, last time I looked.
Keeping close parity between the v4 and v6 architectures in a NOC helps keep service quality up by having a smaller learning curve, along with keeping process and operational costs down by minimizing disruption. It will be a long funnel to full IPv6 adoption. I never say never, considering we are barely scratching the surface of the future of technologies. Networking specifically seems more primitive than most of the other areas of computing. I saw a fake cigarette being charged on a mobile tablet the other day – the sky is the limit 🙂 I will be happy to help if anyone is having trouble or finds errors which there will undoubtedly be. :0
Footnote: IPv6 Provider Edge (6PE) as described in RFC 4798 is another mechanism to tunnel IPv6 over IPv4 networks with examples here. A basic difference could be described as 6PE is carrying the routes globally, unaware of VRFs while 6VPE adds support for IPv6 MPLS/VPNs and the same concepts at the edge as IPv4 MPLS/VPNs.
Cheers!