Home

IPv6 Configuration on Cisco Router

March 28, 2012

Miftah Rahman Config Router , , , , , , , 6 Comments

  1. The First One…Enabling IPv6

Contoh :

Di Router interface FastEthernet 0/0 kita mo pasang IPv6

Pada saat Router(config)#ipv6 ? notice ampir sama dengan IPv4 command2nya

Kenapa mesti unicast-routing ?? karena kita mo desain alamat IPv6 unicast…ini untuk meng-enable kan IPv6 technology di router ini…Router Cisco kebanyakan udah support tapi pasif…alias mesti diaktifin dulu (bisa aja si pake multicast…nanti de dibahas kapan2, anycast beda lagi confignya)

Nah dengan mengetikkan Router(config)#ipv6unicast-routing, artinya kita sudah meng-enable Router kita untuk bisa jalanin IPv6

Figure 1.contoh command2 yang ada di Cisco Router 3600 Series

Trus kita masuk ke interface FastEthernet 0/0 (kita mo masukin / nanem IPv6 di interface itu)

Router(Config-if)#ip add 2001:db8:c18:1:: ? , kita bisa kasi link-local address (alias address buat komunikasi antar host dalam SATU NETWORK, cek lagi gih link Teori IPv6 gw)

*ups sala* ini yang bener

Atau kita bisa langsung kasi /64 EUI format address…*DAFUQ ?!?*

Router(Config-if)#ip add 2001:db8:c18:1::/64 EUI-64, maksudnya /64 apa ?? EUI-64 nyaapa ??

Jadi /64 EUI-64 itu adalah…alamat ip yang sekarang ( 2001:db8:c18:1:: ) ditambahin 48 bit alamat MAC address dibelakang IPv6 nya (coba lihat…2001:db8:c18:1:0: …Cuma ada 5 oktet, biar lengkap…ditambahin ama MAC Address, makanya alamat IPv6 “seakan2” bisa join ama MAC Address…dan bisa ada namanya link-local address)

*tapikan MAC Address Cuma 48 bit ?? gimana biar jadi 64 bit ??* coba lo cek lagi de link IPv6 gw diatas….dikasi “FFFE” ditengah-tengah 48 bit MAC Address nya biar jadi 64 bit (plus membedakan mana MAC Address asli dan mana IPv6+MAC Address)

Let’s see the example…

Liat de…pake show ipv6 int e0 (verifikasi IPv6 di interface)

alamat IPv6 nya adalah 2001:db8:c18:1::(depannya doank yang dikasi…5 oktet doank)

Dikasi MAC Address 0260.3e47.1530

Alamat utuh IPv6 Jadinya 2001:db8:c18:1:260:3EFF:FE47:1530

Notice di “selipin” FFFE kan ditengah2 alamat MAC Address nya ??

(salah satu cara liat MAC Address dari mana ?? link-local address…liat diatas…link local address itu “FE80” ditambah alamat MAC Address plus diselipin “FFFE” ditengah2nya)

Let’s Review…how to enable IPv6 on the Router (Cisco Router of course)

  1. IPv6 Name Resolution

Nah…IPv4 aja uda susah diapalin…inilagi IPv6

Untuk itu kita bisa kasi “alias” buat IPv6 nya…*akhirnya*

Sama seperti DNS IPv4 …lo ketik Rahman_Ganteng…nanti router men-translate Rahman_Ganteng jadi IPv6 *hahahahahah*

There are two ways to perform name resolution from the Cisco IOS software process (stated in picture above):

  • Define a static name for an IPv6 address using the ipv6host name [port] ipv6-address1 [ipv6-address2…ipv6-address4] command. You can define up to four IPv6 addresses for one hostname. The port option refers to the Telnet port to be used for the associated host.
  • Specify the DNS server used by the router with the ip name-serveraddress command. The address can be an IPv4 or IPv6 address. You can specify up to six DNS servers with this command.
  • Configuring IPv6 onRIPng

Inget…enable IPv6 dulu yah…contoh paling atas

Untuk meng-enable IPv6 di RIPng…sebenernya cukup command yang kedua aja (configure lewat interface langsung)…otomatis command yang pertama langsung ter-create

Dan di IPv6…RIPng mesti kita kasi nama…jadinya mirip2 kek EIGRP dan OSPF dengan AS dan Process-ID nya…walaupun ga ngaru di RIP

  1. Configuring IPv6 on EIGRPv6

*maap pemirsah…GNS gw versi lama…ga ada EIGRPv6 nya…heheheh*

  • First step…enable IPv6 routing

Router(config)#ipv6 uni

  • Second Step…enable EIGRP for IPv6 (EIGRPv6)

Router(config)#ipv6 router eigrp 9

Router(config-rtr)#no shutdown

Why no shutdown?? Cisco Default for EIGRPv6 is shutdown…so this protocol is at hibernate mode

  • Third Step…adding network from IPv4 EIGRP network to IPv6 EIGRP Network

Router(config-rtr)#router eigrp 10.10.0.0

  • Fourth Step…configuring interface for IPv6 EIGRP

Router(config)#interface fa0/0.1

Router(config-if)#ipv6 address 2012::1/64

Router(config-if)#ipv6 eigrp 9

Assign IPv6 address and assign this interface for EIGRPv6 that has autonomous system number is 9

Router(config)#interface fa0/0.2

Router(config-if)# ipv6 address 2017::1/64

Router(config-if)#ipv6 eigrp 9

Remember…IPv6 enable 1 interface / NIC to have multiple address…makanya config nya di subinterface (gajuga sih…lo bisa assign IPv6 langsung di interface..ga usa di subinterface…Cuma contoh di buku CCNP Route, tepatnya di IPv6 Routing Protocol chapter banyakan confignya di subinterface)

  • yaks…segitu aja ^_^V

—-

2. Configuring IPv6 on OSPFv3

Pertama2 seperti biasa…enable IPv6 dulu lewat command ipv6 uni

Lalu ketik router ospf [process-id] tapi dengan tambahan ipv6 didepannya

Set ospf router-id nya

Lalu set ipv6 address ke subinterface (sekali lagi…lo bole assign di interface nya langsung…gw ngikutin buku)

Trus kasi ip add nya pake command ipv6 add 2012::1/64

Dan kasi command ipv6 ospf[process-id] area [area number]

Verifying and Troubleshooting IPv6

  • Verifying IPv6 commands

  • Troubleshooting IPv6 commands

Configuring IPv6 on IPv4 Network : Transition Mechanism

  • Dual Stack

    Konfigurasinya simple…konfig interface di router dengan 2 tipe IP (v4 dan v6)

    Contoh config di R1:

    Router1(config)#ipv6 uni

    Router1(config)#int fa0/0

    Router1(config-if)#ip add 192.168.1.1 255.255.255.252

    Router1(config-if)#ipv6 add 2001:1::1/64

    See…dalam 1 interface ada 2 tipe IP

    Sekarang config R2 nya

    Router2(config)#ipv6 uni

    Router2(config)#int fa0/0

    Router2(config-if)#ip add 192.168.1.2 255.255.255.252

    Router2(config-if)#ipv6 add 2001:1::2/64

  • Manual Tunnel

    Contoh diatas misal F1/0 dari router R1 adalah IPv6 island (begitu pula dengan R3)

    Tapi untuk packet IPv6 dari R1 ke R3 mesti melewati IPv4 di R2…

    Untuk itu kita harus tunneling…

    ***catatan…R1 & R2 & R3 sudah pre configured with RIP v2***

    (F0/0 di R1, F0/0 & F1/0 di R2, dan F0/0 di R3)

    ***gimana cara config RIP nya BAHH…LIAT YANG ARTIKEL2 YANG DULU2…TU DIATAS UDA ADA TOPOLOGY DESAIN BUAT RIP nya
     ***

    Jadi…yang perlu di configure untuk tunneling adalah ???!?!?! ya…R1 dan R3 aja

    Wokeh…sekarang ke configurasi R1 untuk tunneling

    R1(config)#interface tunnel 0

    R1(config-if)#ipv6 add 2001::1/64

    R1(config-if)#tunnel source fa0/0 Atau

    R1(config-if)#tunnel source 192.168.1.2
    // ip add di fa0/0 R1

    R1(config-if)#tunnel destination 192.168.1.6
    //ip add di fa0/0 R3

    R1(config-if)#tunnel mode ipv6ip

    *maap…screenshot GNS nya ilang…males config lagi…hahaha*

    konfigurasi R3 untuk tunneling

    R3(config)#interface tunnel 0

    R3(config-if)#ipv6 add 2001::2/64

    R3(config-if)#tunnel source fa0/0 Atau

    R3(config-if)#tunnel source 192.168.1.6
    // ip add di fa0/0 R3

    R3(config-if)#tunnel destination 192.168.1.2
    //ip add di fa0/0 R1

    R3(config-if)#tunnel mode ipv6ip

    *silahkeen di pingggg….2001::1 atau 2001::2 nyaaa*


IPv6

March 15, 2012

Miftah Rahman Network Theory , , , , , , , , , , , , , , , , , , , 6 Comments

Beberapa waktu yang lalu kita membahas yang namanya IPv4, sekarang gw akan coba membahas IPv6

Okeh..pertanyaannya adalah…kenapa IPv6 ??? ada apa dengan IPv6 ?? atau kenapa dengan IPv4 ???

Jawabannya adalah: IPv6 dibentuk karena persediaan IPv4 sudah mulai menipis

Bahkan stok IPv4 di Amerika dan Asia sudah habis kalo ga sala, yang masih BANYAK (sekitar 70% masi bisa kepake)… Itu di Afrika, silakan bikin ISP disana 😛

Yang dimaksud habis disini adalah Public IP…liat2 lagi deh apa itu public IP dan private IP

Perbedaan IPv4 dan IPv6 in picture (gambar ini gw bikin sendiri yah…)

  • 1039 itu sangat-sangat banyak….enough for people all around the world, jadi setiap devices yang BISA terhubung ke internet ada IP tersendiri
  • Bit size 128 bit untuk IPv6, banyak yah ?? ya…aga makan bandwidth…tapi worth it, dari pada 32 bit yang notabene “hanya” menghasilkan 4 milyar address
  • Karena IPv6 ini sangat banyak…keharusan memakai NAT seperti IPv4 tidak terlalu dipusingkan lagi….langsung bisa terhubung ke jaringan deh pokoknya..langsung internetan…
  • Karena address yang banyak ini….tiap devices BIASA nya sudah dikasi IP….jadi nanti mirip2 sama MAC address yang sudah “embedded” alias uda “ketanem” di dalam alatnya
  • IPv4 mengenal adanya broadcast, hal ini hilang di IPv6 karena ketika host mengirimkan broadcast, network akan banyak terbebani (broadcast = kirim paket semua devices yang ada di satu network), di IPv6 dikenal namanya anycast,
    sebuah host ketika mencari tujuan di lingkungan nya biasanya memakai broadcast…devices2 bukan yang dituju tidak akan merespon, tetapi device yang dituju akan merespon balik….dalam istilah anycast…ketika sebuah host mencari tujuan, dia akan melemparkan pencarian ke node/host/devices terdekat, yang mana adalah GATEWAY….dari gateway inilah dikirimkan ke host tempat tujuan
    • Anycast Features:
      • Multiple Devices Share the same address
      • Semua anycast node harus menyediakan servis yang serupa
      • Ketika source send packet ke anycast address –> router decided the packet path…obviously to the closest device to source
      • Cocok untuk load balancing dan content delivery service
      • Anycast use LLDP (Link Layer Discovery Protocol), kek CDP juga…so…the closest..or the nearest..or the lowest MAC address is likely to be anycast direction destination

IPv6 Enhancement

IPv6 Enhancement:

  • Enhanced IP addressing
    • Improved global reachability and flexibility
    • Better aggregation of IP prefixes announced in routing tables (route summarization is better than IPv4)
    • Multihoming, a technique to increase the reliability of the Internet connection of an IP network. With IPv6, a host can have multiple IP addresses over one physical upstream link. For example, a host can connect to several ISPs.
    • Autoconfiguration that can include data link layer addresses in the address space (ada MAC address didalam IPv6 nya)
    • Plug-n-Play option for more devices…gw ga tau ni cara kerjanya…
    • Public-to-private, end-to-end readdressing without address translation. This makes peer-to-peer (P2P) networking more functional and easier to deploy
    • Simplified mechanisms for address renumbering and modification
  • Simplified header

    • Diatas adalah header dari IPv4 dan 6, IPv4 header ada 20 octet (1 oktet 8 bit) dan 12 basic header fields (liat digambar atas..selain option dan padding…ada 12 kolom = fields), yang diikuti oleh field option dan data portion (biasanya segment dari transport layer). Sedangkan IPv6 ada 40 oktet dan 3 IPv4 basic header fields (version, source addr, dan dest addr), dan 5 additional header fields.
    • Simplified header dari IPv6 ini mempunyai beberapa advantages like:
      • Better routing efficiency for performance and forwarding-rate scalability
      • No broadcasts and thus no potential threat of broadcast storms
      • No requirement for processing checksums (don’t ask me…I don’t know either)
      • Simplified and more efficient extension header mechanisms
      • Terdapat flow labels per flow processing untuk menghilangkan kebutuhan membuka transport inner packet (segment) to identify various traffic flows.
  • Mobility and security
    • Mobility…all devices network-connected wannabe can connect without additional IP configuration
    • IPsec is available for both IPv4 and IPv6. Although the functionalities are essentially identical in both environments, IPsec is mandatory in IPv6, making the IPv6 Internet more secure.
  • Transition richness
    • Currently, there are three main approaches:
      • Dual stack (IPv6 and IPv4 network…run at the same time..so if packet goes through IPv4 only network, it still can be accepted)
      • 6to4 tunneling (IPv6 data encapsulated with IPv4 packet…so the IPv4 network will “see” the packet is IPv4 data)
      • NAT-PT, ISATAP tunneling, and Teredo tunneling (last resort methods)…later we’ll talk about it (later nya kapan2…gw jg blum terlalu ngerti…”wah….rada-rada yang nulis artikel nih…wkwkwkwk“)

IPv6 Addressing Scheme

Now let’s talk about IPv6 addressing format

Eheheh..again…this is the header…

Tapi klo lo Tanya ke gw…chart header kek ginian buat apa…

Gw Cuma bisa bilang..ini semacam visualisasi…biar bisa dibaca oleh kita…intinya si 0101011010101 (binary digit…bahasa yg dimengerti mesin), Cuma representasi dari binary digit ini yang dibikin chart

Example of IPv6 address: FF01:0:0:0:0:0:0:1

Angka 0 bisa kita sorted out (or sorted in…whatever…NO GRAMMAR NAZI please)

So…it will become FF01::1

Another example

E3D7:0000:0000:0000:51F4:00C8:C0A8:6420 becomes E3D7::51F4:C8:C0A8:6420

3FFE:0501:0008:0000:0260:97FF:FE40:EFAB becomes 3FFE:501:8:0:260:97FF:FE40:EFAB becomes 3FFE:501:8::260:97FF:FE40:EFAB

So now You understand ?? the Zero (0) in front can be excluded to save space (and save the energy of writing 😛 )

Jujur aja…ngapalin IPv4 aja males…walaopun inget….kek 192.168.1.1 ,IPv6 ??? no way…there is (in my opinion)…should be RFC or Request for Comment for translating IPv6 to Human readable and remember-able to human…just like DNS….converting IP such as 202.134.123.123 to www.whatever.com

Dan satu lagi…. “::” hanya boleh satu kali dalam suatu IPv6 address

Contoh:

2031:0000:130F:0000:0000:09C0:876A:130B

Salah = 2031::130F::09C0:876A:130B

Benar = 2031::130F:0000:0000:09C0:876A:130B

Benar = 2031:0:130F::09C0:876A:130B

Global Unicast Address (GUA)

Global Unicast Address: IPv6 itu adalah “globally unique”, it can be routed globally without modification…that’s mean no NAT. it shares the same address format like IPv6 anycast address. GUA (global unicast address) ini di assign oleh IANA (organisasi yang ngatur IPv4 juga)

IPv6 mempunyai format alamat yang memungkinkan untuk address aggregation upward eventually to ISP. Global Unicast Addresses dari IPv6 biasanya terdiri dari 48-bit prefix dari global routing dan 16-bit subnet ID. Perusahaan/organisasi individual bisa menggunakan 16-bit subnet field untuk menciptakan hirarki pengalamatan IPv6 mereka sendiri. Field ini memungkinkan organisasi untuk menggunakan sampai 65,535 individual SUBNETS..bukan host.

So..the first /23 bit..is for registry, so..different registry such as ARIN, APNIC, RIPE, LACNIC, dan AfriNIC get the first /23 bit (so in the future we now where is the origin of the unknown IP)

The next 9 bit (or /32 bit..plus the registry) is for ISP…ISP in region of Official Registry of course (APNIC, ARIN, etc.)

16 bit next (/48) is for site prefix…for site (situs) yang dikelola oleh ISP

And then 16 bit next (/64) is for subnet prefix…each subnet has its own unique prefix IPv6 address

The rest 64 bit is for interface ID…which is MAC address

Local Unicast Address (LUA)

Adalah address yang diciptakan memang ruang lingkupnya dikonfigurasi unique on that link only,
dan tidak dapat di route keluar dari link tersebut…just like private IP in IPv4

But there’s two type of LUA (site local and link local):

  • Site-local Address: it’s more likely same compared to IPv4 private IP addresses…but I think this is obsolete…WHY CREATE PRIVATE IP WHEN WE HAVE IPv6 ??? *
  • Link-local Address: to make it easier…Router communicate network to another with IP Addresses…when in the same network…just use MAC Address by switch…it’s logically same like link-local addresses…this address only used in intra network only…not to inter network
    • Kegunaannya untuk komunikasi antar link seperti automatic address configuration, neighbor discovery, and router discovery (not using MAC address again I guess)
    • Site-local address tipically use IPv6 address begin with “FE” then followed by “C” to “F”…for example…”FEC”, “FED”, “FEF”, and “FEF”
    • Link-local address tipically use IPv6 address begin with “FE” then followed by “8” to “B”…for example…”FE8”, “FE9”, “FEA”, and “FEB” (what happen with the rest of them, like…0 to 7…don’t ask me…I don’t know either)
  • Loopback Address, tipically…this Loopback address IS NOT local unicast address…but Reserved Address…but anyway…IPv4 use 127.0.0.1 for IP loopback testing, in IPv6…they use 0:0:0:0:0:0:0:1…or can be shorten as ::1
  • Unspecified Address, in IPv4, an IP address of all zeroes (0.0.0.0) has a special meaning; it refers to the host itself, and is used when a device does not know its own address. In IPv6, this concept has been formalized, and the all-zeroes address (0:0:0:0:0:0:0:0) is named the “unspecified” address. It is typically used in the source field of a datagram that is sent by a device that seeks to have its IP address configured. You can apply address compression to this address; because the address is all zeroes, the address becomes just “::“.

Special IPv6 Address

  • :: /128 = unspecified address…hanya untuk software
  • ::1 /128 = loopback..IPv4 kan 127.0.0.1
  • 2001:db8:: /32 = example for testing…di dokumentasi tentunya
  • FE80:: /10 = link local
  • FF00:: /18 = multicast

IPv6 Address Management

You can assign an IPv6 address ID statically or dynamically:

  • Static
    • Static assignment using a manual interface ID: One way to statically assign an IPv6 address to a device is to manually assign both the prefix (network) and interface ID (host) portion of the IPv6 address….yah…manual..ketik sendiri
    • Static assignment using an EUI-64 interface ID: Another way to assign an IPv6 address is to configure the prefix (network) portion of the IPv6 address and derive the interface ID (host) portion from the Layer 2 MAC address of the device, which is known as the EUI-64 interface ID. Jadi kita ketik the first 64 bit address only…sisanya bit nya diambil dari MAC Address nya. The EUI-64 standard explains how to stretch IEEE 802 MAC addresses from 48 to 64 bits by inserting the 16-bit 0xFFFE in the middle at the 24th bit of the MAC address to create a 64-bit, unique interface identifier.

Figure 1. interface identifier

  • Dynamic
    • Stateless autoconfiguration: ini ibarat plug-n-play, autoconfiguration dimaksudkan untuk alat2 yang bukan PC untuk terhubung ke jaringan untuk bisa terhubung ke jaringan (laptop, handphone, PDA, dll)…ngaturnya gimana ? klo itu device uda IPv6 ready ato support IPv6…dia bisa ngatur sendiri…Autoconfig, dinamakan “stateless” karena si device “not aware” of its present state, tau2 uda dikasi IP aja, ga pake minta (taken from http://ipv6.com/articles/general/Stateless-Auto-Configuration.htm)
      • Langkah pertama: ketika si device konek pertama kali ke jaringan (contoh handphone ke wireless router trus ke common router) si device dikasi Link-local Address Generation, dikasi/di generate link-local address yang the first 10 bit is 1111111010 dan followed by 54 zeroes and 64 bit interface identifier
      • Langkah kedua: alamat IP yang uda dikasi di test to ensure itu alamat blum dipake ama device lain, this process was called Link-local Address Uniqueness Test, remember…alamat MAC address bisa di copy ^_^V (alamat yg di generate itu pasti 54 zeroes, dan kebetulan ada device lain yang “nyontek” MAC address device asli)
      • Langkah ketiga: klo uda ditest dan ternyata ga ada yang make, trus itu alamat bener2 di assign deh ke device nya, TAPI HANYA BISA KONEK KE LOCAL LAN AJA, BLUM BISA KE INTERNET (link-local address assignment)
      • Langkah keempat: kontak ke router de…untuk menentukan langkah2 selanjutnya dalam autoconfiguration process
      • Langkah kelima: route direction…path selanjutnya ketika sudah konek ke router..biasanya di direct ke router yang konek ke ISP / internet
      • Langkah keenam: akhirnya diassign de Globally Unique Internet address (diperoleh dari network prefix yang di provide oleh router dan dijoin dengan device identifier)

    Singkatnya sih…si host yang IPv6 enabled mempunyai IPv6 Neighbor Discovery Protocol (NDP) that has many functions. One function allows IPv6 hosts to multicast a message that asks all routers on the link to announce two key pieces of information: the IPv6 addresses of routers willing to act as a default gateway and all known IPv6 prefixes on the link. This process uses ICMPv6 messages called a Router Solicitation (RS) and a Router Advertisement (RA).

    Keuntungan dari stateless autoconfig ini adalah:

  1. Ga perlu DHCP server…minta2 IP ama server…ngapain!??!? Cuih…hahah
  2. Langsung COLOK !!…hahha..langsung konek maksudnya
  3. Secure..salah satunya adalah klo kita liat langkah kedua
  4. Cost effective…ga pake server DHCP…pastinya
  5. Paling cocok diterapin di Wireless Network
  • DHCP for IPv6 (DHCPv6): bisa juga disebut stateful configuration, DHCPv6 enables DHCP servers to pass configuration parameters, such as IPv6 network addresses, to IPv6 nodes. It offers the capability of automatic allocation of reusable network addresses and additional configuration flexibility. This protocol is a stateful counterpart to IPv6 stateless address autoconfiguration (RFC 2462), and can be used separately or concurrently with IPv6 stateless address autoconfiguration to obtain configuration parameters. klo ada yg stateless autoconfig buat apa yang stateful ?? ya ga ??…klo gw si mikir DHCPv6 ini buat device2 yang masi IPv4 aja..blum IPv6 enable..so mereka nanti diassign untuk bisa konek ke IPv6 network (CMIIW = correct me if I’m wrong)

IPv6 Transition Strategies

Ada 3 metode untuk mentransisikan IPv6 kelingkungan IPv4 yang sekarang masih kita pakai

  1. Dual Stack

    A method that make IPv6 dan IPv4 run at the same network and at the same time, with IPv6 is preferred. So..jika IPv6 ga jalan…tarohlah paket nya masuk ke IPv4 only network…masi ada IPv4 yang bisa jalan untuk ngirim paket

  2. Tunneling

    Yaitu metode yang membuat packet2 IPv6 dibungkus dengan IPv4 packet, so the paket is “readable” in IPv4 network. Metode ini berguna kalau packet dari IPv6 network mo dikirim ke another IPv6 network tapi harus melalui traditional IPv4 network untuk sampai ke another IPv6 network…this is what we call Tunneling

    Ada 4 tipe tipe tunneling (2 yang paling atas adalah yang paling umum)

  • Manual 6to4 Tunneling: IPv6 packet di encapsulasi kedalam IPv4 packet, require dual-stack router (jadi routernya disuru encapsulasi IPv6 nya instead of dual stacking it), configurasi IPv4 dan IPv6 nya di input manual

  • Dynamic 6to4 Tunneling: Automatically establishes the connection of IPv6 islands/network through an IPv4 network, typically the Internet. It dynamically applies a valid, unique IPv6 prefix to each IPv6 island, which enables the fast deployment of IPv6 in a corporate network without address retrieval from the ISPs or registries.


  • Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) tunneling: Automatic overlay tunneling mechanism that uses the underlying IPv4 network as a link layer for IPv6. ISATAP tunnels allow individual IPv4 or IPv6 dual-stack hosts within a site to communicate with other such hosts on a virtual link, creating an IPv6 network using the IPv4 infrastructure
  • Teredo tunneling: An IPv6 transition technology that provides host-to-host automatic tunneling instead of gateway tunneling. This approach passes unicast IPv6 traffic when dual-stacked hosts (hosts that are running both IPv6 and IPv4) are located behind one or multiple IPv4 NATs. technology that gives full IPv6 connectivity for IPv6-capable hosts which are on the IPv4 Internet but which have no direct native connection to an IPv6 network. Compared to other similar protocols its distinguishing feature is that it is able to perform its function even from behind network address translation (NAT) devices such as home routers. Singkat kata…Teredo digunakan ketika client mo konek ke internet (yang mana IPv4) lewat ISP..nah…ISP ngasi kan IPv4 Public address kan ?? klo mo masuk IPv6 ya ga bisa…Teredo ini meng-encapsulasi IPv6 packets within UDP/IPv4 datagrams, which most NATs can forward properly. Thus, IPv6-aware hosts behind NATs can be used as Teredo tunnel endpoints even when they don’t have a dedicated public IPv4 address. In effect, a host implementing Teredo can gain IPv6 connectivity with no cooperation from the local network environment. Teredo is intended to be a temporary measure: in the long term, all IPv6 hosts should use native IPv6 connectivity. (panjang juga ya…ga singkat…hahaha)

3. NAT-PT

Cisco IOS Release 12.3(2)T and later (with the appropriate feature set) also include NAT-PT between IPv6 and IPv4. This translation allows direct communication between hosts that use different versions of the IP protocol. These translations are more complex than IPv4 NAT. At this time, this translation technique is the least favorable option and should be used as a last resort.

IPv6 Integration Philosophy…”Dual stack where you can, tunnel where you must

IPv6 Challenge

Like IPv4 classless interdomain routing (CIDR), IPv6 uses longest prefix match routing. IPv6 uses modified versions of most of the common routing protocols to handle longer IPv6 addresses and different header structures.

Larger address spaces make room for large address allocations to ISPs and organizations. An ISP aggregates all of the prefixes of its customers into a single prefix and announces the single prefix to the IPv6 Internet. The increased address space is sufficient to allow organizations to define a single prefix for their entire network.

But how does this affect router performance? A brief review of how a router functions in a network helps illustrate how IPv6 affects routing. Conceptually, a router has three functional areas:

  • The control plane handles the interaction of the router with the other network elements, providing the information needed to make decisions and control the overall router operation. This plane runs processes such as routing protocols and network management. These functions are generally complex.
  • The data plane handles packet forwarding from one physical or logical interface to another. It involves different switching mechanisms such as process switching and Cisco Express Forwarding (CEF) on Cisco IOS software routers.
  • Enhanced services include advanced features applied when forwarding data, such as packet filtering, quality of service (QoS), encryption, translation, and accounting.

IPv6 Control Plane

Enabling IPv6 on a router starts its control plane operating processes specifically for IPv6. Protocol characteristics shape the performance of these processes and the amount of resources necessary to operate them:

  • IPv6 address size – Address size affects the information-processing functions of a router. Systems using a 64-bit CPU, bus, or memory structure can pass both the IPv4 source and destination address in a single processing cycle. For IPv6, the source and destination addresses require two cycles each-four cycles to process source and destination address information. As a result, routers relying exclusively on software processing are likely to perform slower than when in an IPv4 environment.
  • Multiple IPv6 node addresses – Because IPv6 nodes can use several IPv6 unicast addresses, memory consumption of the Neighbor Discovery cache may be affected.
  • IPv6 routing protocols – IPv6 routing protocols are similar to their IPv4 counterparts, but since an IPv6 prefix is four times larger than an IPv4 prefix, routing updates have to carry more information.
  • Routing table Size – Increased IPv6 address space leads to larger networks and a much larger Internet. This implies larger routing tables and higher memory requirements to support them.

IPv6 Data Plane

The data plane forwards IP packets based on the decisions made by the control plane. The forwarding engine parses the relevant IP packet information and does a lookup to match the parsed information against the forwarding policies defined by the control plane. IPv6 affects the performance of parsing and lookup functions:

  • Parsing IPv6 extension headers – Applications, including mobile IPv6, often use IPv6 address information in extension headers, thus increasing their size. These additional fields require additional processing. For example, a router using ACLs to filter Layer 4 information needs to apply the ACLs to packets with extension headers as well as those without. If the length of the extension header exceeds the fixed length of the hardware register of the router, hardware switching fails, and packets may be punted to software switching or dropped. This severely affects the forwarding performance of the router.
  • IPv6 address lookup – IPv6 performs a lookup on packets entering the router to find the correct output interface. In IPv4, the forwarding decision process parses a 32-bit destination address. In IPv6, the forwarding decision could conceivably require parsing a 128-bit address. Most routers today perform lookups using an application-specific integrated circuit (ASIC) with a fixed configuration that performs the functions for which it was originally designed – IPv4. Again, this could result in punting packets into slower software processing, or dropping them all together.

IPv6 Challenge Solution ??

Just make a better router/switch will you ?!?

IPv6-Enabled Routing Protocol

  1. RIPng

    Stand for RIP new generation, not powerfull or less powerful than earlier RIP

    RIPng includes the following features:

  • Based on IPv4 RIP version 2 (RIPv2) and is similar to RIPv2
  • Uses IPv6 for transport
  • Includes the IPv6 prefix and next-hop IPv6 address
  • Uses the multicast group FF02::9 as the destination address for RIP updates (this is similar to the broadcast function performed by RIP in IPv4)
  • Sends updates on UDP port 521
  • Is supported by Cisco IOS Release 12.2(2)T and later

In dual-stacked deployments, both RIP and RIPng are required.

  1. EIGRPv6

    Multicast address yg digunakan oleh EIGRPv6 adalah FF02::A, EIGRP didesain oleh Cisco untuk bisa menghandle banyak protocol selain IP, bisa IPX atau AppleTalk atau yang lain…tidak terkecuali IPv6, jadi ga terlalu banyak perbedaan.

    Perbedaan mendasarnya adalah EIGRPv4 mendukung auto summarization sedang IPv6 tidak DAAAAAAAN authentikasi yang dipakai oleh EIGRPv6 adalah IPv6 AH/ESP standard (bukan EIGRP specific authentication)

  2. OSPFv3

    OSPFv2 adalah yang kita pakai sekarang..v1 nya uda obsolete

    Multicast address yg digunakan oleh OSPFv3 adalah FF02::5 (untuk all OSPF Router) tapi untuk ALL DESIGNATED ROUTER pakai FF02::6

  3. IS-IS IPv6 (Intermediate System to Intermediate System)

    Alamat IPv6 Multicast address untuk IS-IS adalah FF02::8

Untuk lebih lengkapnya tentang multicast address

Figure 2. taken from IANA.org

IANA.org (address list for IPv6)

WOKEH….SAMPAI DISINI DULU PEMIRSAH…LATER I’LL POST IPv6 – HOW TO CONFIGURE IT ON CISCO ROUTER