cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7561
Views
55
Helpful
20
Replies
ciscomoderator
Community Manager

ASK THE EXPERT - IPv6 MIGRATION TOOLS

Welcome to the Cisco Networking  Professionals Ask the Expert conversation.  Service Provider and  Enterprise network engineers are facing one of the major challenges  since the inception  of the Internet; the transition to IPv6. Several  tools and techniques are available today to ease this major undertaking.  This ask the expert session with Harold Ritter focuses on some of the  tunneling  techniques such as static tunnels, 6to4, isatap, 6rd and some  of the translation mechanisms such as nat444, nat64, dual stack lite  that will help network engineers reach their objective  of making IPv6  ubiquitous.  Harold Ritter is a technical leader with the Cisco Advanced  Services Central Engineering team. He is responsible for helping Cisco  top-tier Service Provider  customers to design, implement and  troubleshoot routing protocols and multicast, for both IPv4 and IPv6,  and MPLS solutions in their environment. He is a regular contributor to  CiscoLive.  He has been a network engineer for more than 14 years.  Harold is a CCIE (#4168) for Routing & Switching and Service  Provider.

Remember to use the rating system to let Harold know if you have received an adequate response.

Harold  might not be able to answer each question due to the volume expected  during this event. Our moderators will post many of the unanswered   questions in other discussion forums shortly after the event. This event  lasts through November 5, 2010. Visit this forum often to view  responses  to your questions and the questions of other community  members.

20 REPLIES 20
ciscomoderator
Community Manager

tarhan_a

tarhan_a  says:

Hi Harold

Pls could you explain the IOS (software) feature
"IPv6 data link: VLANs using IEEE 802.1Q encapsulation",
which is formally not a part of the Catalyst IOS IP BASE set.

Our Design:

a) ASA <== 802.Q ==> Catalyst Layer-2-only <== 802.Q  ==> ISR 15.M/T

b) ASA <== 802.Q ==> Catalyst Layer-2-only <== access ==> any servers

No problems exist with the case b) - ND is working very well in both directions.

In a) the ND (ipv6 neighborhoods) are not completed for global unicast addresses.
LL-addresses are reachable (e.g. by ping). the ASA is the default gateway for
ISR subinterfaces. So we are able to ping the unicast address ASA from ISR; just
thereafter, the ASA has the ISR addresses and transit traffic to the outside...

I assume we run into an issue with the "feature". We'd like to
stay with IP Base; nevertheless we have tested IP Services too

For "802.Q-Multi-Hop" the current workaround is entering of static neighbors
on ASA 8.3(2)-x.

THX
Arto

PS
MLD snooping is Disabled on Catalyst

hritter

hritter  says

in response to tarhan_a:

Hi Arto,

This  should not be an issue in either one of the above scenarios. I also  suspect that you are hitting and issue with the specific level of code  you are using. May I suggest that you work with TAC to narrow down on  the specific issue you are hitting.

Regards

ciscomoderator
Community Manager

steve_vanburen

steve_vanburen  says

in response to hritter:

Is there many SP deploying IPv6 currently?

Thanks Steve

hritter

hritter  says

in response to steve_vanburen:

Hi Steve,

There  is definitely a lot of activities currently in the SP field surronding  IPv6. All SP customers I work with or come across these days have either  already deployed IPv6 or have concrete plans to do so in the very near  future. The ways in which they deploy are very different from one SP  customer to another. Some have decided to bite the bullit and to deploy  IPv6 in dual stack mode throughtout their core infrastructures. Some use  thei existing MPLS core to simply tunnel IPv6 through their core. Some  go with a mix and match of dual stack and tunneling techniques. Let me  know if you need more information.

Regards

ciscomoderator
Community Manager

Sal.afridi

Sal.afridi  says:

Hello Harold,

I  have an AP 1131 AG and it is in H-Reap mode; for right now both radio  802.11a and 802.11b/g are disable, when I try to make it enable it give  me error in WCS "Error Common-1: Some unexpected internal error has  occurred. If the problem persist report to the Tech Support. And the  second error

" Error : SNMP operation to Device Failed; Attempted to set conflicting attribute value.

I will appreciate your help.

Kindest Regards,

Sal Afridi

Hi Sal,

Not sure how this question ties to the curent topic. It would be better answered in the WIFI forum.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
j.miller_32
Beginner

Harold, is 6RD currently supported by Cisco. If so, on what platforms?

Thanks

cscStage J Millers personalized signature

Hi,

6RD is indeed available on some platforms. Mainly on the ASR1k and on the Carrier Grade Service Engine (AKA CGSE). The CGSE is a service blade that inserts in a CRS-1 (or CRS-3) to provide a variety of services among which 6RD and NAT44. The CGSE is used to implement all the services normally available in the context of a Large Scale Nat (LSN) device. It is also planned for IOS.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
manikandan15
Beginner

Hi Harold,

Recently i revived your forum about the Topic - IPV6 MIGIRATION TOOLs. Am actually looking for the roadmap to migigration only, so can you guide me on this to proceed further.

Our Network is currently running with IP-Version4 completely, but we are planning to update with IP-Version6 only. OUr network device and connection and all given in below for your reference.

Internet link -1 (BGP ) --------> Cisco Router -1(2901 ) ----------l

                                                                             HSRP | SWITCH ------------> Cisco ASA --------------> LAN

Internet link -2 (BGP ) --------> Cisco Router -2(2901 ) ----------l

So am planning this network to migrate to IP-Version6..  Kindly guide me on this with step by step sequence.

Note: Am planning to migrate with the Dual-Stack method only.

Thanks in Advance.....

Regards

Manikandan

Hi Manikandan,

Both the ASA and the 2901 provide IPv6 support. The IPv6 support for the ASA started with version 7.0. You first need to make sure that your Internet service provider(s) can offer IPv6 transit. You might need to request a provider independent IPv6 address allocation if you are dual home. Refer to www.cisco.com/go/ipv6 for a wealth of ipv6 information and white papers.

Please let me know if you have additional questions

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Hi Hritter,

Thanks for your timely reply....

We working with the BGP-Multihoming setup only with two ISP's. Am already confirmed with the ISP's for Ipv6 wan ip address. But, i need some clarification about the Address only, because we brought only one IP-Block (/24 - Subnet mask) from the APNIC. Hence we migrated means who many IP-Address we will get from the APNIC either same or different valid IP-Address.

If, we getting only the 254 Valid Ip-Address from the APNIC means, what address will be used for all the remaning system. Is it so, all the host needs to have the Public IPv6 Address only.

Can you explain me about some inputs about the Private/Public address in IPv6. and what concept we will use here.

Regards

Manikandan

Hi Manikandan,

Note that IPv6 addresses are 128 bits long. /24 provides a lot more addressing in the V6 worls than in its V4 counterpart. /24 would normally be given to large service providers.

If you request a Provider Independant (PI) address block from APNIC, they will most probably give you a /48 by default. This would give you plenty of address address for decades to come. In theory, you could address as many as 65535 /64 subnets out of that /48 blocks. Remember that a /64 to an interface for StateLess Automatic AutoConfiguration (SLACC) to work. This will allow you to address all of your hosts, servers, etc with global (what yo refer to as public) IPv6 address. I do not really see a need for you to use unique local addresses (what you refer to as private).

Let me know if I answered all of your concerns.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Hi Hritter,

               So, you mean to say like APNIC will provide /48 by default with that we use plenty of system to use that IP-Address. But, my concern is actually what IP Address will be assiged to the System. For example, in IP-Version4 we use Private IP-Address inside the Network and doing the NAT to Outside world with any one type of NAT(static,Dyanmic or PAT). Hence inside the network accessing with the Private Ip-Address and Outside with NATted Global IP-Address.

But my confusion here about this process in IP-Version 6, because am planing to Dual Stack method to migrate. So, am assuming that Gateway interface will having both the IPv4 & Ipv6 address. And the end system also will have the same like system will have both the IPv4 & IPv6 address to communicate within the LAN. Correct me If Am wromg means.!!!!

If, possible means can you give some example for LAN communication within IPv6 and  between ipv6 and ipv4.

Thanks & Regards

Manikandan

Manikandan,

The main reason to do pricate to public translation in v4 is addres space preservation. It is not necessary with v6. If you run dual stack, you could still dot it for v4 though.

Here is a very basic example of what the ipv6 configuration might look on a given gateway:

!

ipv6 unicast-routing

!

Interface GigabitEthernet0/0

description LAN interface

ipv6 address 2001:db8:0:1::1/64

!

Interface GogabitEthernet1/0

description WAN interface

ipv6 address 2001:db8::1/64

!

ipv6 route ::/0 2001:db8::2

!

ipv6 devices on the LAN segment should be able to get IPv6 addresses automatically using SLAAC as mentioned in a previous posting.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México