Sie sind auf Seite 1von 48
Junos Intermediate Routing Appendix A: IPv6 © 2010 Juniper Networks, Inc. All rights reserved. |
Junos Intermediate Routing
Appendix A: IPv6
© 2010 Juniper Networks, Inc. All rights reserved. | www.juniper.net | Worldwide Education Services

Chapter Objectives

! After successfully completing this appendix, you will be able to:

•Describe some differences between IPv4 and IPv6 •List IPv6 address types and describe the IPv6 addressing format •Enable an interface for IPv6 operation •Configure and monitor routing for IPv6 environments •Tunnel IPv6 traffic over an IPv4 network

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Agenda: IPv6

" Introduction to IPv6 ! Routing Protocol Configuration Examples ! Tunneling IPv6 over IPv4

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

What Is IPv6?

! Next Generation Protocol:

•Defined by the IETF •Defined as RFC 2460 •Intended to replace IPv4

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

IPv4 Versus IPv6

IPv4

 

IPv6

32-bit (4-byte) address supports 4,294,967,296 addresses

128-bit (16-byte) address supports 2 128

(about 3.4 × 10

38

) addresses

NAT can be used to extend address space limitations

Does not support NAT by design

Administrators must use DHCP or static configuration to assign IP addresses to hosts

Hosts use stateless address autoconfiguration to assign an IP address to themselves

IPsec support is optional

IPsec support is necessary

Options are integrated into the base header

Improved support for options using extension headers and overall simplification of the header format

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

IPv6 Structure

! The IPv6 header has the following improvements:

•Fixed length of 40 bytes •Simple, more efficient processing •Extension headers handle additional options •Several IPv4 fields have been removed:

• Header length, identification, flags, fragment offset, and header checksum

Version (4)

Traffic

Class

(8)

Flow Label (20)

Payload Length (16)

Next Header

Hop Limit

Source Address (128)

Destination Address (128)

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

IPv4 Header Versus IPv6 Header

IPv4 Header

Version

IHL

TOS

Total Length

Identification

Flags

Fragment

Offset

Time to

Live

Protocol

Header Checksum

Source Address

Destination Address

Options

Padding

IPv6 Header

Version

Traffic

Class

Flow Label

Payload Length

Next

Header

Hop Limit

Source Address

Destination Address

Key

Fields the same in IPv4 and IPv6 Fields removed in IPv6
Fields removed in IPv6Fields the same in IPv4 and IPv6

Name and position changed in IPv6Key Fields the same in IPv4 and IPv6 Fields removed in IPv6 New field in IPv6

New field in IPv6

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

IPv6 Extension Headers

! Simple packet headers provide faster processing

•IPv6 deals with IP options using extension headers

! IPv6 defines six extension headers:

•Hop-by-hop options header •Routing header •Fragment header •Destination options header •Authentication header •Encrypted security payload header

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

IPv6 Addressing

! Extending address space is a major reason for IPv6

•IPv4 address exhaustion is predicted to occur in the near future •128-bit (16-byte) address supports 2 128 (about 3.4 × 10 38 ) addresses •2 95 addresses for each person on Earth •2 52 addresses for each observable star in the known universe

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

IPv6 Address Types

! Address types:

•Unicast: Unique address that identifies an IPv6 node •Multicast: Group of IPv6 interfaces •Anycast: Assigned to multiple interfaces on multiple nodes

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Address Notation

! Each IPv6 address has 128 bits

•Eight 16-bit hexadecimal blocks separated by colons •Use abbreviations to simplify the notation •You can omit leading zeros •Double colon can replace consecutive zeros, leading zeros, or trailing zeros, but can not be used twice in an address

or trailing zeros, but can not be used twice in an address 2bfc:0000:0000:0000:0217:cbff:fe8c:5c85 Leading zeros

2bfc:0000:0000:0000:0217:cbff:fe8c:5c85

Leading zeros omitted
Leading zeros
omitted
Leading zeros omitted 2bfc:0:0:0:217:cbff:fe8c:5c85 2bfc::217:cbff:fe8c:5c85

2bfc:0:0:0:217:cbff:fe8c:5c85

Leading zeros omitted 2bfc:0:0:0:217:cbff:fe8c:5c85 2bfc::217:cbff:fe8c:5c85 Double colon © 2010 Juniper

2bfc::217:cbff:fe8c:5c85

Double colon
Double colon
© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Prefix Notation

! Prefix identifies the subnet

•Defined in RFC 4291 •Similar to IPv4 in text presentation:

IPv6 address/prefix length

IPv6 Address
IPv6 Address
presentation: • IPv6 address/prefix length IPv6 Address 2bfc:0000:0000:0000:0217:cbff:fe8c:5c85/64 16 16 16 16
presentation: • IPv6 address/prefix length IPv6 Address 2bfc:0000:0000:0000:0217:cbff:fe8c:5c85/64 16 16 16 16

2bfc:0000:0000:0000:0217:cbff:fe8c:5c85/64

16 16 16 16 bits bits bits bits 64-bit prefix
16
16
16
16
bits
bits
bits
bits
64-bit prefix
© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Address Allocation

! Organizations and end users get an address allocation from their ISP

•You must follow a few rules, as defined in RFC 3177

Subscriber

Prefix

Home network subscribers, connecting through on-demand or always-on connections

48-bit prefix

Small and large enterprises

48-bit prefix

Very large subscribers

47-bit, or multiple 48-bit prefixes

Mobile networks, such as vehicles or mobile phones with an additional network interface

64-bit prefix, which allows multiple connections through a single prefix

A single PC, with no additional need to subnet, dialing-up from a hotel room

128-bit address can be assigned as part of a 64-bit

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Special Addresses

! The prefix 0000 0000 is reserved for special addressing

Unspecified address: Also called the all-zeros address

0:0:0:0:0:0:0:0, or ::

Loopback address: Commonly used for testing the IP stack on the localhost

0:0:0:0:0:0:0:1, or ::1

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Address Scope

! IPv6 addresses have scope, which identifies the application suitable for the address

•Unicast and multicast addresses support scoping •Scope can be local or global

Internet
Internet
support scoping •Scope can be local or global Internet Addresses with local scope are used within

Addresses with local scope are used within the same routing domain.

Addresses with global scope are used between routing domains.

Company ABC
Company
ABC
Company XYZ
Company
XYZ
© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Link-Local Unicast Addresses

! Link-local unicast addresses:

•Use a common prefix on all subnets (FE80:0:0:0::/64) •Are guaranteed to be unique only on a single link •Are generated by the interface

1111111010

0000 0000

Interface ID

Prefix Zero (10 bits) (54 bits) Interface Identifier (64 bits)
Prefix
Zero
(10 bits)
(54 bits)
Interface Identifier
(64 bits)

R1

fe80::226:88ff:fe02:7481

Interface Identifier (64 bits) R1 fe80::226:88ff:fe02:7481 fe80::226:88ff:fe02:7482 ge-0/0/1.0 ge-0/0/2.0 © 2010

fe80::226:88ff:fe02:7482

bits) R1 fe80::226:88ff:fe02:7481 fe80::226:88ff:fe02:7482 ge-0/0/1.0 ge-0/0/2.0 © 2010 Juniper Networks, Inc. All

ge-0/0/1.0

ge-0/0/2.0

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Site-Local Unicast Addresses

! Site-local unicast addresses:

•Are not guaranteed to be unique on the Internet •Are similar to IPv4 RFC 1918 private addresses •Use a common prefix in all organizations (FEC0:0:0::/48)

1111111011

Subnet ID

Interface ID

Prefix Subnet ID (10 bits) (54 bits) Interface Identifier (64 bits)
Prefix
Subnet ID
(10 bits)
(54 bits)
Interface Identifier
(64 bits)
Company ABC R1 R2 ::1 FEC0:0:0:2003::/64 ::2 ge-0/0/1.0 ge-0/0/1.0
Company ABC
R1
R2
::1
FEC0:0:0:2003::/64
::2
ge-0/0/1.0
ge-0/0/1.0
© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Global Unicast Addresses

! Global unicast addresses are globally unique and are used to connect to and route through the Internet

•Similar to IPv4 public addresses

Public Topology

Site Topology

Interface Identifier

addresses Public Topology Site Topology Interface Identifier FP Global Routing Prefix SID Interface ID (3

FP

Global Routing Prefix

SID

Interface ID

(3 bits) (45 bits) (16 bits) (64 bits)
(3 bits)
(45 bits)
(16 bits)
(64 bits)
Internet
Internet
ID (3 bits) (45 bits) (16 bits) (64 bits) Internet Company ABC Company XYZ © 2010
ID (3 bits) (45 bits) (16 bits) (64 bits) Internet Company ABC Company XYZ © 2010
Company ABC
Company
ABC
Company XYZ
Company
XYZ
© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Interface ID

! Interface ID

•Uniquely identifies a host on a subnet •Is 64 bits long •Is based on IEEE EUI-64 address •Is a permutation of the interface MAC address (if available)

Interface Identifier

interface MAC address (if available) Interface Identifier FP Global Routing Prefix SID Interface ID (3

FP

Global Routing Prefix

SID

Interface ID

(3 bits) (45 bits) (16 bits) (64 bits)
(3 bits)
(45 bits)
(16 bits)
(64 bits)
© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Stateless Autoconfiguration (1 of 2)

! Allows local hosts to autoconfigure IPv6 addresses

•Eliminates the need for stateful configuration elements, such as DHCP •Elements of stateless autoconfiguration:

• Extended unique identifier

• Router advertisement message

• Router solicitation message

• Prefix list

! Neighbor discovery:

•The process of tracking reachability status for neighbors in a local link •Specified in RFC 2461

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Stateless Autoconfiguration (2 of 2)

! Address autoconfiguration

Autoconfiguration (2 of 2) ! Address autoconfiguration 2bfc::1234:abff:fecd:5678 3afc::1234:abff:fecd:5678

2bfc::1234:abff:fecd:5678

3afc::1234:abff:fecd:5678

2caf::1234:abff:fecd:5678

1

5

2bfc::9876:dcff:feba:5432

3afc::9876:dcff:feba:5432

2caf::9876:dcff:feba:5432

1

5

Trust

2 RS RA RS RA 4
2
RS
RA
RS
RA
4
A
A

3

B
B

Host A MAC Address:

1234.abcd.5678

4 A 3 B Host A MAC Address: 1234.abcd.5678 Router Untrust Host B MAC Address: 9876.dcba.5432
Router
Router

Untrust

Router Untrust
Host A MAC Address: 1234.abcd.5678 Router Untrust Host B MAC Address: 9876.dcba.5432 © 2010 Juniper
Host A MAC Address: 1234.abcd.5678 Router Untrust Host B MAC Address: 9876.dcba.5432 © 2010 Juniper

Host B MAC Address:

9876.dcba.5432

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Stateful Autoconfiguration

! Allows DHCP to configure address assignment

•Also known as stateful DHCPv6 in RFC 3315 •Possible reasons for DHCPv6:

• You require a specific IPv6 addressing scheme

• You require dynamic assignment of DNS servers

• You require dynamic updates to DNS servers

• You do not wish to have the MAC address as part of the IPv6 address

•DHCPv6 and DHCPv4 are independent and require separate configurations

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Interface Configuration Example

[edit interfaces] user@R1# show ge-0/0/1 { unit 0 {

family

inet6
inet6

{

address fec0:0:0:2003::1/64;

}

}

}

Use family inet6 for IPv6 operations

} } } Use family inet6 for IPv6 operations { [edit interfaces] user@R2# show ge-0/0/1 {

{

[edit interfaces] user@R2# show ge-0/0/1 { unit 0 {

family

inet6
inet6

address fec0:0:0:2003::2/64;

}

}

}

{ unit 0 { family inet6 address fec0:0:0:2003::2/64; } } } Site-local addresses Company ABC R1

Site-local addresses

Company ABC

R1 R2 ::1 FEC0:0:0:2003::/64 ::2 ge-0/0/1.0 ge-0/0/1.0
R1
R2
::1
FEC0:0:0:2003::/64
::2
ge-0/0/1.0
ge-0/0/1.0
© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Interface Verification Example

! Use the show interface terse command to verify interface status and basic details

user@R1> show interfaces terse ge-0/0/1

Interface

Admin Link Proto

ge-0/0/1

up

up

ge-0/0/1.0

up

up inet6

Local

Remote

fe80::226:88ff:fe02:7481/64

fec0:0:0:2003::1/64

Each interface has automatically determined its own link-local address

user@R2> show interfaces terse ge-0/0/1

Interface

Admin Link Proto

ge-0/0/1

up

up

ge-0/0/1.0

up

up inet6

Local

Remote

fe80::226:88ff:fe02:6b81/64

fec0:0:0:2003::2/64

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Displaying IPv6 Routing Information

! Use the show route table inet6 command to view IPv6 routing information

user@R1> show route

table inet6

inet6.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both

fe80::/64

*[Direct/0] 00:59:12

> via ge-0/0/1.0

fe80::226:88ff:fe02:7481/128

*[Local/0] 00:59:12 Local via ge-0/0/1.0

fec0:0:0:2003::/64 *[Direct/0] 00:59:12

> via ge-0/0/1.0

fec0:0:0:2003::1/128

*[Local/0] 00:59:12 Local via ge-0/0/1.0

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Displaying the IPv6 Neighbor List

! Use the ping command followed by the show ipv6 neighbors command to learn then display neighbors

user@R1> show ipv6 neighbors

user@R1> ping fec0:0:0:2003::2

PING6(56=40+8+8 bytes) fec0:0:0:2003::1 --> fec0:0:0:2003::2

16

bytes from fec0:0:0:2003::2, icmp_seq=0 hlim=64 time=19.912 ms

16

bytes from fec0:0:0:2003::2, icmp_seq=1 hlim=64 time=18.091 ms

16

bytes from fec0:0:0:2003::2, icmp_seq=2 hlim=64 time=1.828 ms

16

bytes from fec0:0:0:2003::2, icmp_seq=3 hlim=64 time=2.324 ms

^C --- fec0:0:0:2003::2 ping6 statistics --- 4 packets transmitted, 4 packets received, 0% packet loss round-trip min/avg/max/std-dev = 1.828/10.539/19.912/8.489 ms

user@R1> show ipv6 neighbors IPv6 Address

Linklayer Address State

Exp Rtr Secure Interface

fe80::226:88ff:fe02:6b81

00:26:88:02:6b:81 stale

1187 yes no

ge-0/0/1.0

fec0:0:0:2003::2

00:26:88:02:6b:81 stale

747 yes no

ge-0/0/1.0

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

IPv6 Multicast Address

! Identifier for a set of interfaces that typically belongs to different nodes

•All members of the multicast group process an incoming multicast packet •More efficient than broadcast •Three types of multicast addresses:

• Solicited-node multicast addresses for Neighbor Solicitation messages

• All-nodes multicast address for Router Advertisement messages

• All-routers multicast address for Router Solicitation messages

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

IPv6 Anycast Address

! Identifier for a set of interfaces, typically belonging to separate nodes

•Defined in RFC 2526 •Packet travels to just one of the interfaces identified in the group •Routing protocol typically determines the closest interface

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Agenda: IPv6

! Introduction to IPv6 " Routing Protocol Configuration Examples ! Tunneling IPv6 over IPv4

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Static Route Configuration Example

! Sample IPv6 static route configuration:

[edit routing-options] user@R1# show rib inet6.0 { static { route 0::/0 { next-hop FEC0:0:0:2003::2; preference 250;

IPv6 default static route

FEC0:0:0:2003::2; preference 250; IPv6 default static route } } } Company ABC R1 R2 ::1 FEC0:0:0:2003::/64

}

}

}

Company ABC

R1 R2 ::1 FEC0:0:0:2003::/64 ::2 ge-0/0/1.0 ge-0/0/1.0
R1
R2
::1
FEC0:0:0:2003::/64
::2
ge-0/0/1.0
ge-0/0/1.0
Internet
Internet
© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Displaying the Static Routes

! Use the show route table inet6.0 protocol static command to view static routes

user@R1> show route table inet6.0 protocol static

inet6.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both

::/0

*[Static/5] 00:00:24 > to fec0:0:0:2003::2 via ge-0/0/1.0

Company ABC

R1 R2 ::1 FEC0:0:0:2003::/64 ::2 ge-0/0/1.0 ge-0/0/1.0
R1
R2
::1
FEC0:0:0:2003::/64
::2
ge-0/0/1.0
ge-0/0/1.0
Internet
Internet
© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

OSPFv3 Configuration Example

! Sample OSPFv3 single-area configuration

•OSPFv3 continues to use a 32-bit RID

[edit] user@R1# show routing-options router-id router-id 192.168.100.1;

[edit] user@R1# show protocols ospf3 area 0.0.0.0 { interface ge-0/0/1.0;

}

[edit]

user@R2# show routing-options router-id

router-id

192.168.100.2;

show routing-options router-id router-id 192.168.100.2; [edit] user@R2# show protocols ospf3 area 0.0.0.0 {

[edit] user@R2# show protocols ospf3 area 0.0.0.0 { interface ge-0/0/1.0;

}

Area 0.0.0.0 R1 R2 ::1 FEC0:0:0:2003::/64 ::2 ge-0/0/1.0 ge-0/0/1.0
Area 0.0.0.0
R1
R2
::1
FEC0:0:0:2003::/64
::2
ge-0/0/1.0
ge-0/0/1.0

Note: The RID selection process is the same for OSPFv2 and OSPFv3. We recommend you manually set the RID, as shown in the example.

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Monitoring OSPFv3 Operations

! Most operational show commands for OSPFv3 are almost identical to OSPFv2; the key difference is you must replace ospf with ospf3:

OSPFv2

OSPFv3

show ospf neighbor

show ospf3 neighbor

show ospf interface

show ospf3 interface

show ospf database

show ospf3 database

show ospf route

show ospf3 route

user@R1> show ospf3 neighbor

ID

Interface

State

Pri

Dead

192.168.100.2

ge-0/0/1.0

Full

128

36

Neighbor-address fe80::226:88ff:fe02:6b81

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

IS-IS Configuration Example

! IS-IS configuration is identical for IPv4 and IPv6:

Interface Configuration

[edit interfaces] user@R1# show ge-0/0/1 { unit 0 { family iso; family inet6 { address fec0:0:0:2003::1/64;

}

}

}

Protocol Configuration

[edit protocols] user@R1# show isis { interface ge-0/0/1.0; interface lo0.0;

}

lo0 { unit 0 { family iso { address 49.0002.1111.1111.1111.00;

}

family inet6 { address fec0:0:0:1001::1/128;

}

}

}

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Monitoring IS-IS Operations

! Use the same operational show commands for IS-IS in IPv4 and IPv6 environments:

user@R1> show isis interface IS-IS interface database:

Interface

L CirID Level 1 DR

Level 2 DR

L1/L2 Metric

ge-0/0/1.0

3

0x2 R1.02

R1.02

10/10

lo0.0

0

0x1 Passive

Passive

0/0

user@R1> show isis adjacency

Interface

System

L State

Hold (secs) SNPA

ge-0/0/1.0

R2

1

Up

19 0:26:88:2:6b:81

ge-0/0/1.0

R2

2

Up

20 0:26:88:2:6b:81

user@R1> show isis adjacency detail

R2

Interface: ge-0/0/1.0, Level: 1, State: Up, Expires in 21 secs Priority: 64, Up/Down transitions: 1, Last transition: 00:18:10 ago Circuit type: 3, Speaks: IP, IPv6, MAC address: 0:26:88:2:6b:81 Topologies: Unicast Restart capable: Yes, Adjacency advertisement: Advertise LAN id: R1.02, IP addresses: 192.168.100.2 IPv6 addresses: fe80::226:88ff:fe02:6b81

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

BGP Configuration Example

! BGP configuration is almost identical for IPv6 as it is for IPv4; the major difference is you specify an IPv6 address for the local and peer addresses:

[edit routing-options] user@R1# show router-id 192.168.100.1; autonomous-system 64700;

[edit protocols bgp] user@R1# show group int-64700 { type internal; local-address fec0:0:0:1001::1; neighbor fec0:0:0:1002::1;

}

group ext-65100 { type external; peer-as 65100; neighbor fec0:0:0:2005::2;

}

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Monitoring BGP Operations

! Use the same operational show commands for BGP in IPv4 and IPv6 environments:

user@R1> show bgp summary

Groups: 2 Peers: 2 Down peers: 0

Table

Tot Paths Act Paths Suppressed

History Damp State

Pending

inet6.0

0

0

0

0

0

0

Peer

AS

InPkt

OutPkt

OutQ

Flaps Last Up/Dwn State|

#Active/Received/Accepted/Damped

fec0:0:0:1002::1

64700

11

12

0

0

4:00 Establ

inet6.0: 0/0/0/0

fec0:0:0:2005::2

65100

11

12

0

0

4:05 Establ

inet6.0: 0/0/0/0

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Agenda: IPv6

! Introduction to IPv6 ! Routing Protocol Configuration Examples " Tunneling IPv6 over IPv4

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Tunneling IPv6 Tra "c over IPv4 Networks

! Tunneling:

•Encapsulate the native IPv6 packet inside IPv4 •Forwards the IPv4 packet through the IPv4 network •De-encapsulates the IPv6 packet and forward/process natively

! Many approaches to tunneling:

•IPv4-compatible addresses •Configured tunnels

6to4

6over4

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Case Study: Objective and Topology

! Implement an IPv6-over-IPv4 tunnel to transport IPv6 traffic over the Internet and between sites A and B

User A

Internet
Internet

Site A

Site B

R1

sites A and B U s e r A Internet Site A Site B R1 R2

R2

sites A and B U s e r A Internet Site A Site B R1 R2
sites A and B U s e r A Internet Site A Site B R1 R2

::1

A and B U s e r A Internet Site A Site B R1 R2 ::1

::2

::1

::2

e r A Internet Site A Site B R1 R2 ::1 ::2 : : 1 ::2

User B

FEC0:0:0:2000::/64

FEC0:0:0:2001::/64

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Case Study: Defining the Tunnel Interface

[edit] user@R1# show interfaces gr-0/0/0 unit 0 { tunnel { source 192.168.1.1; destination 192.168.2.1;

[edit] user@R2# show interfaces gr-0/0/0 unit 0 { tunnel { source 192.168.2.1; destination 192.168.1.1;

}

inet6
inet6
 

}

inet6
inet6
 

family

{

family

{

address fec0:0:0:1000::1/126;

}

address fec0:0:0:1000::2/126;

}

}

User A

}

Internet
Internet

Site A

192.168.1.1

R1

192.168.2.1

R2

s e r A } Internet Site A 192.168.1.1 R1 192.168.2.1 R2 ::1 Site B ::2

::1

Site B

A } Internet Site A 192.168.1.1 R1 192.168.2.1 R2 ::1 Site B ::2 : : 1
A } Internet Site A 192.168.1.1 R1 192.168.2.1 R2 ::1 Site B ::2 : : 1
A } Internet Site A 192.168.1.1 R1 192.168.2.1 R2 ::1 Site B ::2 : : 1

::2

::1

::2

A 192.168.1.1 R1 192.168.2.1 R2 ::1 Site B ::2 : : 1 ::2 User B FEC0:0:0:2000::/64

User B

FEC0:0:0:2000::/64

FEC0:0:0:2001::/64

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Case Study: Defining the Required Routes

[edit] user@R1# show routing-options rib inet6.0 { static { route fec0:0:0:2001::/64 next-hop gr-0/0/0.0;

}

}

static { route 192.168.2.1/32 next-hop 172.18.1.1;

}

Internet
Internet

Site A

192.168.1.1

R1

192.168.2.1

R2

::1

Site B

::2 ::1 User A
::2
::1
User A
A 192.168.1.1 R1 192.168.2.1 R2 ::1 Site B ::2 ::1 User A ::2 User B FEC0:0:0:2000::/64

::2

R1 192.168.2.1 R2 ::1 Site B ::2 ::1 User A ::2 User B FEC0:0:0:2000::/64 FEC0:0:0:2001::/64 Note:

User B

FEC0:0:0:2000::/64

FEC0:0:0:2001::/64

Note: R2 requires a similar configuration.

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Case Study: Verifying Operations (1 of 3)

! Use the show interfaces interface-name terse command to verify that the tunnel interface is up

lab@R1> show interfaces gr-0/0/0 terse

Interface

Admin Link Proto

Local

Remote

gr-0/0/0

up

up

gr-0/0/0.0

up

up

inet6

fe80::226:88ff:fe02:7480/64

fec0:0:0:1000::1/126

lab@R2> show interfaces gr-0/0/0 terse

Interface

Admin Link Proto

Local

Remote

gr-0/0/0

up

up

gr-0/0/0.0

up

up

inet6

fe80::226:88ff:fe02:6b80/64

User A

fec0:0:0:1000::2/126

Site A

U s e r A fec0:0:0:1000::2/126 Site A 192.168.1.1 ::1 R1 Internet 192.168.2.1 R2 ::1 Site

192.168.1.1

::1

R1

s e r A fec0:0:0:1000::2/126 Site A 192.168.1.1 ::1 R1 Internet 192.168.2.1 R2 ::1 Site B
Internet
Internet

192.168.2.1

R2

Site A 192.168.1.1 ::1 R1 Internet 192.168.2.1 R2 ::1 Site B ::2 ::2 User B FEC0:0:0:2000::/64

::1

Site B

Site A 192.168.1.1 ::1 R1 Internet 192.168.2.1 R2 ::1 Site B ::2 ::2 User B FEC0:0:0:2000::/64

::2

::2

::1 R1 Internet 192.168.2.1 R2 ::1 Site B ::2 ::2 User B FEC0:0:0:2000::/64 FEC0:0:0:2001::/64 Remember that

User B

FEC0:0:0:2000::/64

FEC0:0:0:2001::/64

Remember that GRE tunnels are stateless, so you should always ensure that both sides are up.

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Case Study: Verifying Operations (2 of 3)

! Use the show route command to ensure the required routes are installed on both tunnel endpoints

user@R1> show route 192.168.2.1

inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

192.168.2.1/32

*[Static/5] 01:49:40

> to 172.18.1.1 via ge-0/0/3.0

user@R1> show route table inet6.0 fec0:0:0:2001::/64

inet6.0: 7 destinations, 8 routes (7 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

fec0:0:0:2001::/64 *[Static/5] 00:31:03

> via gr-0/0/0.0

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Case Study: Verifying Operations (3 of 3)

! Send traffic through the tunnel, and confirm interface statistics are increasing on the tunnel interface

user@R1> ping fec0:0:0:2001::2 source fec0:0:0:2000::1 rapid count 25 PING6(56=40+8+8 bytes) fec0:0:0:2000::1 --> fec0:0:0:2001::2 !!!!!!!!!!!!!!!!!!!!!!!!! --- fec0:0:0:2001::2 ping6 statistics --- 25 packets transmitted, 25 packets received, 0% packet loss round-trip min/avg/max/stddev = 1.492/3.185/8.064/2.521 ms

user@R1> show interfaces gr-0/0/0.0 detail | find "traffic statistics" Traffic statistics:

User A

Input packets:

25

Output packets:

25

Internet
Internet

Site A

192.168.1.1

R1

192.168.2.1

R2

25 … Internet Site A 192.168.1.1 R1 192.168.2.1 R2 ::1 Site B ::2 : : 1

::1

Site B

… Internet Site A 192.168.1.1 R1 192.168.2.1 R2 ::1 Site B ::2 : : 1 ::2
… Internet Site A 192.168.1.1 R1 192.168.2.1 R2 ::1 Site B ::2 : : 1 ::2
… Internet Site A 192.168.1.1 R1 192.168.2.1 R2 ::1 Site B ::2 : : 1 ::2

::2

::1

::2

A 192.168.1.1 R1 192.168.2.1 R2 ::1 Site B ::2 : : 1 ::2 User B FEC0:0:0:2000::/64

User B

FEC0:0:0:2000::/64

FEC0:0:0:2001::/64

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Summary

! In this appendix, we:

•Described some differences between IPv4 and IPv6 •Listed IPv6 address types and described the IPv6 addressing format •Enabled an interface for IPv6 operation •Configured and monitored routing for IPv6 environments •Tunneled IPv6 traffic over an IPv4 network

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-

Review Questions

1. Name three benefits of switching from IPv4 to IPv6.

2. What types of unicast address exist?

3. What command would you use to view IPv6 OSPF neighbors?

© 2010 Juniper Networks, Inc. All rights reserved. Worldwide Education Services www.juniper.net | A-
© 2010 Juniper Networks, Inc. All rights reserved.
Worldwide Education Services
www.juniper.net | A-
Worldwide Education Services
Worldwide Education Services