Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1333
Views
3
Helpful
1
Replies

IPv6 dual stack

ohassairi
Level 5
Level 5

‎03-15-2018 02:17 AM - edited ‎03-05-2019 10:06 AM

Hi


We are asked  to deploy IPv6 in dual stack in our network in order to enhance our rank .


  • Shall we Address all our internal network with public IPv6 addresses  in order to enhance our rank ? is there any security issue in doing so? Is NAT still used ?
  • When a dual stack client will connect to internet will it use IPv4 or v6 or both ?
  • For IPv6 addresses assignment, shall we use a dhcp server like for IPv4 or let the router/L3 switch assign the IP?

Any best practices for dual stack IPv6?


thanks

Labels:
1 Reply 1

Jonatan Jonasson
Level 4
Level 4

‎03-29-2018 05:17 PM

May I suggest that you would take a look at some of the Cisco Live On-Demand presentations on this subjects that are available. That might give you a head-start.

For example, BRKRST-2619 from Las Vegas 2017 topic is "IPv6 Deployment: Developing an IPv6 Address Plan and Deploying IPv6 " and can be viewed online.

And there's a IPv6 addressing whitepaper available on cisco.com/go/cvd

That being said, to answer some of your questions.

The most common scenario is probably to use global (public) IPv6 address space internally, and I would recommend doing so and steer away from NAT.

The security issues are similar as with IPv4, you have to make sure that unwanted inbound traffic is stopped at the perimeter firewalls.

It may depend on the operating system and clients, but usually dual-stack systems will attempt to connect via IPv6 when both IPv6 and IPv4 are available.

Some applications (browsers mainly) have implemented "Happy Eyeballs"(RFC8305) so if a connection via IPv6 is unsuccessful it will quickly fallback to IPv4 without the user experiencing timeouts or errors.

I don't have the expertise to go deep into the DHCPv6 vs Stateless Autoconfiguration (SLAAC) topic right now. There are several things to consider there and one of them is that not all clients support DHCPv6.

Take a look at the "Comparison_of_IPv6_support_in_operating_systems" wikipedia article for reference.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card