Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3841
Views
8
Helpful
2
Replies

Testing IPv6 Using Video Conference On Top Of IPv4

Go to solution
wanmohdhafiz
Level 1
Level 1

‎07-01-2012 09:41 PM - edited ‎03-01-2019 05:35 PM

Hi..

Refer diagram for details.

VC-IPv6-.jpeg

My planning is to use VC2 (video conference 2) to communicate with VC1 using IPv6. Current network is using IPv4. Questions :
- What is the best method? Dual stack / tunnelling / translation?
- Do i have to configure start from access , distribution, core, firewall & router?

Please advice.

Thanks

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
sean_evershed
Level 7
Level 7

‎07-02-2012 04:05 AM

Hi,

The simplest method may be to implement dual stack across your network.

With this method you don't need to tune any firewall rules on your ASA to allow inbound and outbound IPv6 tunnels.

NAT64 may present some challenges if you need a particular version of IOS in order to support this feature.


See below a paper on how to implement dual stack across your network:

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6553/at_a_glance_c45-625859.pdf

Don't forget to rate all posts that are helpful.

View solution in original post

Go to solution
Marcin Latosiewicz
Cisco Employee
Cisco Employee
In response to sean_evershed

‎07-02-2012 04:54 AM

To add to Sean's post.

In order of my personal preference.

- Dual stack

- tunneling

- translation

If for whatever reason you're not able to use dual stack tunneling (GRE, IPv6 in IP...) would be the best way - but does not test your network IPv6 end to end.

However I would highly douscourage use of host based dynamic tunneling (ISATAP, 6to4, teredo).

Translation mechanisms are evil! NAT-PT, NAT64 alike, same way NAT is/was evil.

Start from core of your network descending into access, it will help you avoid anything unwelcome originating from access devices sending IPv6 traffic when it cannot be routed.

M.

View solution in original post

2 Replies 2

Go to solution
sean_evershed
Level 7
Level 7

‎07-02-2012 04:05 AM

Hi,

The simplest method may be to implement dual stack across your network.

With this method you don't need to tune any firewall rules on your ASA to allow inbound and outbound IPv6 tunnels.

NAT64 may present some challenges if you need a particular version of IOS in order to support this feature.


See below a paper on how to implement dual stack across your network:

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6553/at_a_glance_c45-625859.pdf

Don't forget to rate all posts that are helpful.

Go to solution
Marcin Latosiewicz
Cisco Employee
Cisco Employee
In response to sean_evershed

‎07-02-2012 04:54 AM

To add to Sean's post.

In order of my personal preference.

- Dual stack

- tunneling

- translation

If for whatever reason you're not able to use dual stack tunneling (GRE, IPv6 in IP...) would be the best way - but does not test your network IPv6 end to end.

However I would highly douscourage use of host based dynamic tunneling (ISATAP, 6to4, teredo).

Translation mechanisms are evil! NAT-PT, NAT64 alike, same way NAT is/was evil.

Start from core of your network descending into access, it will help you avoid anything unwelcome originating from access devices sending IPv6 traffic when it cannot be routed.

M.

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card