6Rd: a Transition Mechanism for Ipv6
Total Page:16
File Type:pdf, Size:1020Kb
6rd: A Transition mechanism for IPv6 Hernán Contreras G, [email protected] CSE, Cisco Systems Chile © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 A Rationale for IPv6 Adoption IPv4 Run-Out is here now Native IPv6 Internet is years and years away Entering a period of IPv4/IPv6 Coexistence Legacy (IPv4) and new (IPv6) apps and services can only function over an IPv4/IPv6 Coexistence Infrastructure Thus we need tools, methods, products and solutions that –Help address IPv4 run-out NOW –Offer incremental means to build out IPv4/IPv6 coexistence infrastructure Not one size fits all Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 2 Enabling an Orderly, Incremental Transition Boundless service opportunities with Smart Grid, Connected Cities, Mobile Video, Cloud Computing Today Private IP 6-over-4 Transitiona 4-over-6 All IPv6 l Business / Consumer IP NGN Prosper Prepare Preserve Smart Grid Opportunity: 110 million households = IPv4 = Private IP = IPv6 in US alone Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 3 IPv6 Strategy in Broadband Access IPv4 IPv6 Internet Internet ISP ISP ISP IPv4 core Dual stack Core dual stackCore dual stack Core Dual stack P NAT44 LNS 6rd BR AFTR 4rd BR PE NAT64 Core + Access LISP, 4rd, DS-lite 4rd, LISP, LISP, 4rd, DS-lite 4rd, LISP, LISP, 6rd, L2TP 6rd, LISP, LISP, 6rd, L2TP 6rd, LISP, IPv4 Access IPv4 Access IPv6 Access IPv6 Access Network Network Network Network PE PE PE PE PE CPE NAT44 CPE 6rd RG CPE CPE CPE Subscriber Subscriber Subscriber Subscriber Subscriber Network Network Network Network Network Carrier Grade NAT IPv6 Rapid Deployment Native Dual Stack IPv6 –Only Access IPv6-Only Subscriber Preserve Prepare Prosper Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 4 Prepare, with 6rd (6-over-4) Subscriber IPv6 traffic is tunneled over IPv4 to gateways within the IP-NGN while IPv6 grows Subscribers Provider IP-NGN Internet Source = IPv6 Destination = IPv4, Tunnel Termination + AFT Private Destination = IPv6, Tunnel Termination IPv4 IPv4 IPv6 Private IP IPv6 Private IPv6 IPv4 IPv4 Cisco CGv6 IPv6 IPv6 moves out to subscribers IPv6 Rapid Deployment (6rd) defines such a 6-over-4 model Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 5 6rd, IPv6 Rapid Deployment (RFC 5569) Residential Access Aggregation Edge Core IP/MPLS 6rd BR 6rd CE 6rd CE 6rd BR IPv4/v6 IPv4 IPv4/v6 Introduction of two Components: 6rd CE (Customer Edge) and 6rd BR (Border Relay) Reuses IPv4 in the SP (no IPv6 needed at Access/Aggregation network) Automatic Prefix Delegation on 6rd CE (no DHCPv6 or IPv6 provisioning system) Simple, stateless, automatic IPv6-in-IPv4 encap and decap functions on 6rd (CE & BR) Provides native dual stack to subscriber site by using existing IPv4 infrestructure 6rd BRs addressed with IPv4 anycast for load-balancing and resiliency Limited investment & impact on existing infrastructure Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 6 6rd in one slide 6rd specifies a protocol mechanism to deploy IPv6 to sites via a Service Provider's IPv4 network Subscriber IPv6 prefix “One line” global derived from IPv4 “One line” global configconfig for for IPv6IPv6 address IPv4-only AAA and/or DHCP GatewayGateway 6rd 6rd Public IPv4 IPv4 + IPv6 Internet IPv4 + IPv6 IPv4 + IPv6 6rd Border RG Relays Public IPv6 IPv4 It builds on 6to4 [RFC3056], with the key differentiator that it utilizes an SP's own IPv6 address prefix rather than 2002::/16 IPv6 address in derived from ISP IPv6 prefix and CPE IPv4 address Simple, stateless, automatic IPv6-in-IPv4 encap and decap functions RG and BR perform automatic IPv6/IPv4 encap/decap (Protocol value 41) IPv6 traffic automatically follows IPv4 Routing between CPE and BR BRs placed at IPv6 edge, addressed via anycast for load-balancing and resiliency Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 7 6rd IPv6 Prefix Delegation The IPv6 prefix used by 6rd-RG to addressing user devices is calculated by combining the 6rd SP Prefix and the RG's IPv4 address obtained via IPv4 configuration methods (public or private) 1 2 9 1 0 1 1 1 2 3 / 2 0 1 1 1 0 0 1 2 : : : . 2011:1001 810A:0B0C Interface ID 0 32 64 IPv6 Internet Access delivered to home, subscriber IPv6 prefix This prefix length is derived from WAN IPv4 address variable in 6rd, /28 is just an example RG need to get an IPv4 address first, from SP assignment RG will generate IPv6 prefix from 6rd prefix and ipv4 address End devices configured exactly as for any native IPv6 connectivity to LAN side SLACC or DHCPv6 LAN station use ipv6 prefix to generate ipv6 address. Most browsers will prefer to use ipv6 if they can get AAAA record. Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 8 SP IPv6 prefix + (domain) + full or part of IPv4 address: 64 6rd 6rd prefix domain IPv4 address (bits) subnet ID K bits M bits N bits O bits Typical: K: 20 - 40 bits M: 0 - 4 bits (0-15 domains) (Think of domain as part of the 6rd prefix) N: 32 – 8 bits (Full or part of IPv4 address) O: 0 – 8 bits: (/64 - /56 delegation) Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 9 6rd Residential Gateway The 6rd Customer Edge router (6rd CE) plays a critical role in a 6rd deployment. LAN-Side: WAN-Side: Production Native IPv6 Service + Global or Natted IPv4 Global or Natted IPv4 NAT444 + 6rd Border Relay NAT44 + 6rd IPv4 only NAT SP Network IPv4-Private + IPv6 Native Dual Stack to Customer 6rd lives here The 6rd CE router must be configured with: 1. 6rd IPv6 Prefix and length from SP 2. Common IPv4 prefix length (v4 suffix length) 3. 6rd Relay IPv4 address (likely anycast) This information can be configured into the device in a variety of ways, including manual configuration, DHCP (option 212) and TR-69 “Home side” of RG configured exactly as would be for “native” IPv6 e.g., same as for a DHCPv6 delegated prefix, using SLAAC The 6rd CE router MUST install a default IPv6 route to the relay Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 10 Combining NAT44 and 6rd IPv4 NAT + NAT44 Home Network w/6rd Home Gateway w/6rd Border Relay IPv4 NAT44 NAT44 Internet Private IPv4 IP4-only Access Network IPv6 Internet IPv4IPv6 6rd IPv6 packets Addresses IPv4 run-out and enables incremental IPv6 subscriber connectivity over existing IPv4 infrastructure 6rd connectivity becomes a NAT44 offload –as more and more IPv4 content becomes IPv6-accessible Carrier, Content Provider, and User benefit when traffic runs over IPv6 Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 11 Packet Flow and Encapsulation 6rd encapsulates IPv6 in IPv4 with a destination IPv4 address which is either encoded within the IPv6 destination address itself, or is the destination address of a preconfigured 6rd Border Relay router that can decapsulate the IPv4 header and route the IPv6 packet outside the SP's IPv4 network. 6rd 6rd IPv4 + IPv6 6rd IPv4 + IPv6 IPv4 + IPv6 Core / Internet IPv4 + IPv6 6rd Border CE Relays 6rd IPv4 THENTHEN EncapEncap in in IPv4IPv4 IFIF 6rd6rd IPv6IPv6 PrefixPrefix with embedded Positive Match with embedded Positive Match addressaddress Dest = Inside 6rd Domain 2001:100 8101:0101 Interface ID ELSEELSE (6rd(6rd IPv6IPv6 ENCAPENCAP withwith BRBR PrefixPrefix NegativeNegative IPv4IPv4 AnycastAnycast Match)Match) AddressAddress IPv6 Dest = Outside 6rd Domain “Not 2001:100…” Interface ID Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 12 6rd Packet Encapsulation within domain IPv4 encapsulation automatically determined from each packet’s IPv6 destination IPv6 IPv6 IPv4 IPv6 Packet Packet Header Packet Dual Stack Network 6rd IPv4 Access Network 6rd Dual Stack Network 6rd IPv4 + IPv6 IPv4 + IPv6 IPv4 + IPv6 Core IPv4 + IPv6 6rd Border Relays RG 6rd IPv4 IPv6 Header IPv4 Header (Src) (Dst) (Src) (Dst) 2001:1001:10A:B0C::1 2001:1001:180:E0F::1 10.10.11.12 10.120.14.15 Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 13 6rd Packet Encapsulation out of domain IPv6 IPv6 IPv4 IPv6 Packet Packet Header Packet Dual Stack Network 6rd IPv4 Access Network 6rd Dual Stack Network 6rd IPv4 + IPv6 IPv4 + IPv6 IPv4 + IPv6 Core IPv4 + IPv6 6rd Border Relays RG 6rd IPv4 IPv6 Header IPv4 Header (Src) (Dst) (Src) (Dst) 2001:1001:10A:B0C::10 2404:6800:8005::68 10.10.11.12 10.1.1.1 Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 14 6rd/NAT44 Demo Diagram IPv4-only DHCP IPv6 + IPv4 IPv4-Private + IPv6 IPv4 Native Dual Stack 6rd IPv6 to Customer BR RG GW nat inside nat outside RG: 200.27.115.163 BR: 69.252.80.66 Address range 192.168.1.0/24 Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 15.