Home

Multicast Configuration

2 Comments

Teori disini

Multicast dan MPLS itu proporsi teori dan praktek nya berkebalikan

Multicast teori banyak…praktek tinggal “ketik ini ketik itu” doang, sedang MPLS teori dikit…implementasinya bervariasi….

Initial Topology

=======================================

Dense Mode

Penjelasan:

  • Ip multicast-routing adalah keyword WAJIB…untuk aktifin multicast disebuah router
  • Aktifin multicast nya per-interface dengan keyword ip pim [sparse-mode | dense-mode]
  • Konfigurasi ini di SELURUH router-router yang pengen jalanin multicast
  • Anyway….berhubung dense mode uda mulai ditinggalin, skip to the sparse-mode

Sparse Mode

Konfigurasi sparse-mode juga harus di ketik di semua router yang mau jalanin multicast

Dan karena ini Sparse-Mode, harus ada yang namanya Rendezvous Point (RP)-nya, kali ini kita set static RP (alias manual config)




IGMP Join Request

Untuk sebuah node/roouter bisa dikirim traffic multicast…kita harus bikin sebuah itu router/node “join” multicast group (tepatnya interface dia)

Contoh: gw pengen Loopback R3 dan R4 dapet traffic multicast dari group 239.1.1.1


Ceritanya R1 mau kirim traffic video nih…berarti dia harus pake multicast, ke alamat multicast group 239.1.1.1 yang uda kita set tadi

Noh…ada reply dari R3 (23.23.23.3) dan R4 (24.24.24.4), yang artinya…traffic multicast dari R1 diterima oleh R3 dan R4

Bidirectional PIM

untuk menghemat multicast route….kita bisa pake Bidir PIM

R1(config)#ip pim bidir-enable

R1(config)#ip pim send-rp-announce Lo0 scope 255 bidir

kita cek verifikasi di R2

BIDIR

sekarang R1 nunjuk si R2 (2.2.2.2) berdasarkan kalkulasi “tree” alias logic multicast metric SPF(shortest path first) yang R1 punya jadi “penunjuk jalan” alias DF (Designated Forwarder) dan kita liat di R2…status ke 239.1.1.1 jadi Bidir-Upstream

Multicast SSM (Source Specific Multicast)

konfigurasi di semua node multicast dan interface-nya

R1(config)#ip pim ssm [default | range]

R1(config)#int fa0/0

R1(config-if)#ip igmp version 3

R1(config-if)#ip igmp join-group 232.1.1.1 source 1.1.1.1

karena SSM itu pake IGMP version 3…kita harus rubah default (versi 2) nya

notice disini ada source-nya…”gw hanya mau multicast feed dari 232.1.1.1…klo itu berasal dari 1.1.1.1

======================================

Dynamic Auto-RP

Untuk bisa jalanin Auto-RP yang dinamis, berarti kita perlu Candidate-RP dan si Mapping Agent-nya

Candidate-RP dan Mapping Agent bisa dalam 1 router yang sama…but for the sake of robustness…we’ll separate them

R1 jadi Candidate-RP

R2 jadi Mapping Agent

Disini R2 akan jadi mapping agent alias bantu2 client yang pengen ke RP dengan cara nunjukin jalan ke mereka

Scope 255 maksudnya adalah…multicast packet ini “masa hidup” nya Cuma 1 kali hop (TTL = 1)…kita bikin maksimum (biar ga repot)

Kita bikin R1 loopback0 (1.1.1.1) jadi candidate-RP dengan keyword send-rp-announce

Yuk kita cek….R1 jadi RP ga…(show ip pim rp mapping dari selain R1)

Yup…R1 jadi RP…tanda Tanya (?) itu karena kita ga pake domain/dns, ga masalah…sante

Coba kita liat show ip mroute di R1

Sekarang R1 punya tree/jalan ke (1.1.1.1, 224.0.1.39)..alias (S,G) yang nunjukin bahwa untuk ke source (S) 1.1.1.1 didapat dari group multicast 224.0.1.40 (Cisco-Discovery IP Multicast)

Karena ini sparse-mode…yang ngasi tau jalan ke RP adalah si R2 (Mapping Agent)…maka kalo kita liat di R3 (ato R4)….multicast rute nya agak lebih sedikit

Cuma ada 4 multicast route (dibandingkan dengan R1 yang punya 5 rute/tree)

Dan jangan lupa…tambahin ip pim autorp listener disemua node, biar ga makan bandwidth klo RP nya ga ada (pake Dense Mode)




Multiple RP

Contoh Loopback R3 ke group 239.1.1.1 dan Loopback R4 ke group 239.2.2.2


Note: 1 group hanya ada 1 RP…klo 2 group (multiple RP), artinya kita harus setting 1 lagi jadi RP (kita pake R2)

Group-list [nomor ACL] berguna untuk nge-filter ini router pake RP yang mana…

Yuk kita cek…

Yup…R2 dapet reply dari R4, dan R1 dapet reply dari R3 dan R4 (kok?!?)

Yuk kita cek show run int lo0 di R4

Loopback R4 ternyata join 2 multicast group (239.1.1.1 dan 239.2.2.2)

================================

BSR (Bootstrap Router)

Versi “Open Source”-nya dari Auto-RP

Bsr-candidate = mapping agent

Rp-candidate = RP-nya

R2 pake Auto-RP dan BSR secara bersamaan

Cek di R3 (ato R4), clear ip pim rp dulu aja

================================

L2 Multicast

Aktifin di switch (nanti screenshot-nya…lagi ga deket switch gw)

  • Ip igmp snooping atau klo mau per-vlan
  • Ip igmp snooping vlan [nomor vlan], dan untuk join igmp per-interface kita bisa pake
  • Ip igmp snooping vlan [nomor vlan] static [IP] interface [interface and port number]

Klo ada STP, snoopingnya akan di “treat” jadi broadcast…kita bisa set berapa kali switch broadcast paket sampe dianggep normal kembali (dianggep multicast lagi) dengan keyword Ip igmp snooping tcn flood query count [jumlah]

Atau disable broadcast untuk IGMP-nya dengan cara no ip igmp snooping tcn flood

Multicast ACL

Berguna di Switch Layer 3…

(screenshot from Deep Dive Multicast by Brian McGahan from INE)

Untuk IP multicast dengan range IP XXX sampe XXX…di permit di port FaX/X

MVR (multicast VLAN registration)

Ini berguna klo kita pengen multicast yang kita punya bisa “span” ke VLAN lain, biasanya di deploy di Metro Ethernet

(screenshot from Deep Dive Multicast by Brian McGahan from INE)

Klo ada user minta “feed” dari 239.1.1.1, itu user temporary di pindah ke vlan XX

Dan kita harus define port nya juga

(screenshot from Deep Dive Multicast by Brian McGahan from INE)

================================

MSDP dan MBGP

MSDP (Multicast Source Discovery Protocol) dan MBGP (Multicast BGP) ini fitur yang saling melengkapi

MSDP digunakan untuk komunikasi multicast antar AS dan di “tune-up” via MBGP

Bsr-border maksudnya…”do not advertise PIM lewat interface ini”

Contoh kita mo konek R1 (AS 1) dan R2 (AS 2)

Disini kita konfig…R1 connect ke RP di ISP AS 2 via loopback0-nya R1 (jgn lupa di R2 juga)

Jgn lupa setting dasar2 multicast kek bsr-candidate dan lain2…

Konfigurasi multicast bgp

Karena komunikasi multicast via UDP, kita harus bikin “ngobrol” antar AS yang pake multicast dengan TCP…di BGP kita bisa bikin multicast neighbor ngobrol dengan kita pake keyword multicast dan activate

Verifikasinya:

  • Show ip rpf [nomor multicast] untuk nge-liat Reverse Path Forwarding (RPF) nya pake apa
  • Show bgp ipv4 multicast summary untuk nge-liat multicast-nya jalan ga

Jgn lupa setting BGP nya dulu ya (ya iya laaaa)

================================

IPv6 Multicast

Yang berubah adalah keyword ipv6 dan IGMP yang berubah jadi mld (multicast listener discovery)

Ketika kita ketik ipv6 multicast-routing…kita ga perlu lagi milih dense ato sparse mode, karena Cuma ada sparse…jadi otomatis jadi sparse mode

IPv6 IGMP that called MLD

Untuk join-nya kita pake MLD di IPv6

IPv6 multicast selalu dimulai dari FFXX::

Sisanya sama, Jangan lupa IPv6 routing protocol-nya, IPv6 interface address-nya…pokoknya remeh temeh nya jgn lupa hahaha

IPv6 BSR (ga ada Auto-RP di IPv6)

Verifikasinya bisa pake

  • show ipv6 pim bsr [election | candidate-rp]
  • show ipv6 mld interface

================================

Multicast Verification

Show ip pim neighbor (nge-cek ada neighbor buat nerusin packet multicast ga)

Show ip pim interface (nge-cek ada interface buat multicast ga…command yang berguna untuk nge-liat klo lo lupa aktifin multicast di interface tertentu wkwkw)

Show ip pim rp mapping (untuk nge-liat siapa yang jadi RP disebuah multicast group)

Show ip mroute (untuk nge-liat rute multicast…untuk unicast bisa pake show ip route biasa)

Notice (*, 224.0.1.40)…itu adalah (*, G) alias (all source, dan group tempat multicast)

Kebetulan 224.0.1.40 itu adalah Cisco RP-Discovery (router multicast nyari RP pake alamat itu)

Lets take a look at R2 (where the RP resides)

Tuh…dia punya 2 buah (*,G)…224.0.1.40 untuk discovery dan 239.1.1.1 adalah group multicast dari si R3 dan R4

Semakin banyak (S, G) dan (*,G)…semakin banyak “tree” alias kalkulasi yang harus dilakukan sebuah router…semakin banyak pula memory requirement-nya

Di R3 dan R4 juga sama

Di R1 ga ada 239.1.1.1 karena memang dia ga ikut multicast “feed”…tapi dia yang supply “feed” multicast nya

IPv6

6 Comments

Beberapa waktu yang lalu kita membahas yang namanya IPv4, sekarang gw akan coba membahas IPv6

Okeh..pertanyaannya adalah…kenapa IPv6 ??? ada apa dengan IPv6 ?? atau kenapa dengan IPv4 ???

Jawabannya adalah: IPv6 dibentuk karena persediaan IPv4 sudah mulai menipis

Bahkan stok IPv4 di Amerika dan Asia sudah habis kalo ga sala, yang masih BANYAK (sekitar 70% masi bisa kepake)… Itu di Afrika, silakan bikin ISP disana 😛

Yang dimaksud habis disini adalah Public IP…liat2 lagi deh apa itu public IP dan private IP

Perbedaan IPv4 dan IPv6 in picture (gambar ini gw bikin sendiri yah…)

  • 1039 itu sangat-sangat banyak….enough for people all around the world, jadi setiap devices yang BISA terhubung ke internet ada IP tersendiri
  • Bit size 128 bit untuk IPv6, banyak yah ?? ya…aga makan bandwidth…tapi worth it, dari pada 32 bit yang notabene “hanya” menghasilkan 4 milyar address
  • Karena IPv6 ini sangat banyak…keharusan memakai NAT seperti IPv4 tidak terlalu dipusingkan lagi….langsung bisa terhubung ke jaringan deh pokoknya..langsung internetan…
  • Karena address yang banyak ini….tiap devices BIASA nya sudah dikasi IP….jadi nanti mirip2 sama MAC address yang sudah “embedded” alias uda “ketanem” di dalam alatnya
  • IPv4 mengenal adanya broadcast, hal ini hilang di IPv6 karena ketika host mengirimkan broadcast, network akan banyak terbebani (broadcast = kirim paket semua devices yang ada di satu network), di IPv6 dikenal namanya anycast,
    sebuah host ketika mencari tujuan di lingkungan nya biasanya memakai broadcast…devices2 bukan yang dituju tidak akan merespon, tetapi device yang dituju akan merespon balik….dalam istilah anycast…ketika sebuah host mencari tujuan, dia akan melemparkan pencarian ke node/host/devices terdekat, yang mana adalah GATEWAY….dari gateway inilah dikirimkan ke host tempat tujuan
    • Anycast Features:
      • Multiple Devices Share the same address
      • Semua anycast node harus menyediakan servis yang serupa
      • Ketika source send packet ke anycast address –> router decided the packet path…obviously to the closest device to source
      • Cocok untuk load balancing dan content delivery service
      • Anycast use LLDP (Link Layer Discovery Protocol), kek CDP juga…so…the closest..or the nearest..or the lowest MAC address is likely to be anycast direction destination

IPv6 Enhancement

IPv6 Enhancement:

  • Enhanced IP addressing
    • Improved global reachability and flexibility
    • Better aggregation of IP prefixes announced in routing tables (route summarization is better than IPv4)
    • Multihoming, a technique to increase the reliability of the Internet connection of an IP network. With IPv6, a host can have multiple IP addresses over one physical upstream link. For example, a host can connect to several ISPs.
    • Autoconfiguration that can include data link layer addresses in the address space (ada MAC address didalam IPv6 nya)
    • Plug-n-Play option for more devices…gw ga tau ni cara kerjanya…
    • Public-to-private, end-to-end readdressing without address translation. This makes peer-to-peer (P2P) networking more functional and easier to deploy
    • Simplified mechanisms for address renumbering and modification
  • Simplified header

    • Diatas adalah header dari IPv4 dan 6, IPv4 header ada 20 octet (1 oktet 8 bit) dan 12 basic header fields (liat digambar atas..selain option dan padding…ada 12 kolom = fields), yang diikuti oleh field option dan data portion (biasanya segment dari transport layer). Sedangkan IPv6 ada 40 oktet dan 3 IPv4 basic header fields (version, source addr, dan dest addr), dan 5 additional header fields.
    • Simplified header dari IPv6 ini mempunyai beberapa advantages like:
      • Better routing efficiency for performance and forwarding-rate scalability
      • No broadcasts and thus no potential threat of broadcast storms
      • No requirement for processing checksums (don’t ask me…I don’t know either)
      • Simplified and more efficient extension header mechanisms
      • Terdapat flow labels per flow processing untuk menghilangkan kebutuhan membuka transport inner packet (segment) to identify various traffic flows.
  • Mobility and security
    • Mobility…all devices network-connected wannabe can connect without additional IP configuration
    • IPsec is available for both IPv4 and IPv6. Although the functionalities are essentially identical in both environments, IPsec is mandatory in IPv6, making the IPv6 Internet more secure.
  • Transition richness
    • Currently, there are three main approaches:
      • Dual stack (IPv6 and IPv4 network…run at the same time..so if packet goes through IPv4 only network, it still can be accepted)
      • 6to4 tunneling (IPv6 data encapsulated with IPv4 packet…so the IPv4 network will “see” the packet is IPv4 data)
      • NAT-PT, ISATAP tunneling, and Teredo tunneling (last resort methods)…later we’ll talk about it (later nya kapan2…gw jg blum terlalu ngerti…”wah….rada-rada yang nulis artikel nih…wkwkwkwk“)

IPv6 Addressing Scheme

Now let’s talk about IPv6 addressing format

Eheheh..again…this is the header…

Tapi klo lo Tanya ke gw…chart header kek ginian buat apa…

Gw Cuma bisa bilang..ini semacam visualisasi…biar bisa dibaca oleh kita…intinya si 0101011010101 (binary digit…bahasa yg dimengerti mesin), Cuma representasi dari binary digit ini yang dibikin chart

Example of IPv6 address: FF01:0:0:0:0:0:0:1

Angka 0 bisa kita sorted out (or sorted in…whatever…NO GRAMMAR NAZI please)

So…it will become FF01::1

Another example

E3D7:0000:0000:0000:51F4:00C8:C0A8:6420 becomes E3D7::51F4:C8:C0A8:6420

3FFE:0501:0008:0000:0260:97FF:FE40:EFAB becomes 3FFE:501:8:0:260:97FF:FE40:EFAB becomes 3FFE:501:8::260:97FF:FE40:EFAB

So now You understand ?? the Zero (0) in front can be excluded to save space (and save the energy of writing 😛 )

Jujur aja…ngapalin IPv4 aja males…walaopun inget….kek 192.168.1.1 ,IPv6 ??? no way…there is (in my opinion)…should be RFC or Request for Comment for translating IPv6 to Human readable and remember-able to human…just like DNS….converting IP such as 202.134.123.123 to www.whatever.com

Dan satu lagi…. “::” hanya boleh satu kali dalam suatu IPv6 address

Contoh:

2031:0000:130F:0000:0000:09C0:876A:130B

Salah = 2031::130F::09C0:876A:130B

Benar = 2031::130F:0000:0000:09C0:876A:130B

Benar = 2031:0:130F::09C0:876A:130B

Global Unicast Address (GUA)

Global Unicast Address: IPv6 itu adalah “globally unique”, it can be routed globally without modification…that’s mean no NAT. it shares the same address format like IPv6 anycast address. GUA (global unicast address) ini di assign oleh IANA (organisasi yang ngatur IPv4 juga)

IPv6 mempunyai format alamat yang memungkinkan untuk address aggregation upward eventually to ISP. Global Unicast Addresses dari IPv6 biasanya terdiri dari 48-bit prefix dari global routing dan 16-bit subnet ID. Perusahaan/organisasi individual bisa menggunakan 16-bit subnet field untuk menciptakan hirarki pengalamatan IPv6 mereka sendiri. Field ini memungkinkan organisasi untuk menggunakan sampai 65,535 individual SUBNETS..bukan host.

So..the first /23 bit..is for registry, so..different registry such as ARIN, APNIC, RIPE, LACNIC, dan AfriNIC get the first /23 bit (so in the future we now where is the origin of the unknown IP)

The next 9 bit (or /32 bit..plus the registry) is for ISP…ISP in region of Official Registry of course (APNIC, ARIN, etc.)

16 bit next (/48) is for site prefix…for site (situs) yang dikelola oleh ISP

And then 16 bit next (/64) is for subnet prefix…each subnet has its own unique prefix IPv6 address

The rest 64 bit is for interface ID…which is MAC address

Local Unicast Address (LUA)

Adalah address yang diciptakan memang ruang lingkupnya dikonfigurasi unique on that link only,
dan tidak dapat di route keluar dari link tersebut…just like private IP in IPv4

But there’s two type of LUA (site local and link local):

  • Site-local Address: it’s more likely same compared to IPv4 private IP addresses…but I think this is obsolete…WHY CREATE PRIVATE IP WHEN WE HAVE IPv6 ??? *
  • Link-local Address: to make it easier…Router communicate network to another with IP Addresses…when in the same network…just use MAC Address by switch…it’s logically same like link-local addresses…this address only used in intra network only…not to inter network
    • Kegunaannya untuk komunikasi antar link seperti automatic address configuration, neighbor discovery, and router discovery (not using MAC address again I guess)
    • Site-local address tipically use IPv6 address begin with “FE” then followed by “C” to “F”…for example…”FEC”, “FED”, “FEF”, and “FEF”
    • Link-local address tipically use IPv6 address begin with “FE” then followed by “8” to “B”…for example…”FE8”, “FE9”, “FEA”, and “FEB” (what happen with the rest of them, like…0 to 7…don’t ask me…I don’t know either)
  • Loopback Address, tipically…this Loopback address IS NOT local unicast address…but Reserved Address…but anyway…IPv4 use 127.0.0.1 for IP loopback testing, in IPv6…they use 0:0:0:0:0:0:0:1…or can be shorten as ::1
  • Unspecified Address, in IPv4, an IP address of all zeroes (0.0.0.0) has a special meaning; it refers to the host itself, and is used when a device does not know its own address. In IPv6, this concept has been formalized, and the all-zeroes address (0:0:0:0:0:0:0:0) is named the “unspecified” address. It is typically used in the source field of a datagram that is sent by a device that seeks to have its IP address configured. You can apply address compression to this address; because the address is all zeroes, the address becomes just “::“.

Special IPv6 Address

  • :: /128 = unspecified address…hanya untuk software
  • ::1 /128 = loopback..IPv4 kan 127.0.0.1
  • 2001:db8:: /32 = example for testing…di dokumentasi tentunya
  • FE80:: /10 = link local
  • FF00:: /18 = multicast

IPv6 Address Management

You can assign an IPv6 address ID statically or dynamically:

  • Static
    • Static assignment using a manual interface ID: One way to statically assign an IPv6 address to a device is to manually assign both the prefix (network) and interface ID (host) portion of the IPv6 address….yah…manual..ketik sendiri
    • Static assignment using an EUI-64 interface ID: Another way to assign an IPv6 address is to configure the prefix (network) portion of the IPv6 address and derive the interface ID (host) portion from the Layer 2 MAC address of the device, which is known as the EUI-64 interface ID. Jadi kita ketik the first 64 bit address only…sisanya bit nya diambil dari MAC Address nya. The EUI-64 standard explains how to stretch IEEE 802 MAC addresses from 48 to 64 bits by inserting the 16-bit 0xFFFE in the middle at the 24th bit of the MAC address to create a 64-bit, unique interface identifier.

Figure 1. interface identifier

  • Dynamic
    • Stateless autoconfiguration: ini ibarat plug-n-play, autoconfiguration dimaksudkan untuk alat2 yang bukan PC untuk terhubung ke jaringan untuk bisa terhubung ke jaringan (laptop, handphone, PDA, dll)…ngaturnya gimana ? klo itu device uda IPv6 ready ato support IPv6…dia bisa ngatur sendiri…Autoconfig, dinamakan “stateless” karena si device “not aware” of its present state, tau2 uda dikasi IP aja, ga pake minta (taken from http://ipv6.com/articles/general/Stateless-Auto-Configuration.htm)
      • Langkah pertama: ketika si device konek pertama kali ke jaringan (contoh handphone ke wireless router trus ke common router) si device dikasi Link-local Address Generation, dikasi/di generate link-local address yang the first 10 bit is 1111111010 dan followed by 54 zeroes and 64 bit interface identifier
      • Langkah kedua: alamat IP yang uda dikasi di test to ensure itu alamat blum dipake ama device lain, this process was called Link-local Address Uniqueness Test, remember…alamat MAC address bisa di copy ^_^V (alamat yg di generate itu pasti 54 zeroes, dan kebetulan ada device lain yang “nyontek” MAC address device asli)
      • Langkah ketiga: klo uda ditest dan ternyata ga ada yang make, trus itu alamat bener2 di assign deh ke device nya, TAPI HANYA BISA KONEK KE LOCAL LAN AJA, BLUM BISA KE INTERNET (link-local address assignment)
      • Langkah keempat: kontak ke router de…untuk menentukan langkah2 selanjutnya dalam autoconfiguration process
      • Langkah kelima: route direction…path selanjutnya ketika sudah konek ke router..biasanya di direct ke router yang konek ke ISP / internet
      • Langkah keenam: akhirnya diassign de Globally Unique Internet address (diperoleh dari network prefix yang di provide oleh router dan dijoin dengan device identifier)

    Singkatnya sih…si host yang IPv6 enabled mempunyai IPv6 Neighbor Discovery Protocol (NDP) that has many functions. One function allows IPv6 hosts to multicast a message that asks all routers on the link to announce two key pieces of information: the IPv6 addresses of routers willing to act as a default gateway and all known IPv6 prefixes on the link. This process uses ICMPv6 messages called a Router Solicitation (RS) and a Router Advertisement (RA).

    Keuntungan dari stateless autoconfig ini adalah:

  1. Ga perlu DHCP server…minta2 IP ama server…ngapain!??!? Cuih…hahah
  2. Langsung COLOK !!…hahha..langsung konek maksudnya
  3. Secure..salah satunya adalah klo kita liat langkah kedua
  4. Cost effective…ga pake server DHCP…pastinya
  5. Paling cocok diterapin di Wireless Network
  • DHCP for IPv6 (DHCPv6): bisa juga disebut stateful configuration, DHCPv6 enables DHCP servers to pass configuration parameters, such as IPv6 network addresses, to IPv6 nodes. It offers the capability of automatic allocation of reusable network addresses and additional configuration flexibility. This protocol is a stateful counterpart to IPv6 stateless address autoconfiguration (RFC 2462), and can be used separately or concurrently with IPv6 stateless address autoconfiguration to obtain configuration parameters. klo ada yg stateless autoconfig buat apa yang stateful ?? ya ga ??…klo gw si mikir DHCPv6 ini buat device2 yang masi IPv4 aja..blum IPv6 enable..so mereka nanti diassign untuk bisa konek ke IPv6 network (CMIIW = correct me if I’m wrong)

IPv6 Transition Strategies

Ada 3 metode untuk mentransisikan IPv6 kelingkungan IPv4 yang sekarang masih kita pakai

  1. Dual Stack

    A method that make IPv6 dan IPv4 run at the same network and at the same time, with IPv6 is preferred. So..jika IPv6 ga jalan…tarohlah paket nya masuk ke IPv4 only network…masi ada IPv4 yang bisa jalan untuk ngirim paket

  2. Tunneling

    Yaitu metode yang membuat packet2 IPv6 dibungkus dengan IPv4 packet, so the paket is “readable” in IPv4 network. Metode ini berguna kalau packet dari IPv6 network mo dikirim ke another IPv6 network tapi harus melalui traditional IPv4 network untuk sampai ke another IPv6 network…this is what we call Tunneling

    Ada 4 tipe tipe tunneling (2 yang paling atas adalah yang paling umum)

  • Manual 6to4 Tunneling: IPv6 packet di encapsulasi kedalam IPv4 packet, require dual-stack router (jadi routernya disuru encapsulasi IPv6 nya instead of dual stacking it), configurasi IPv4 dan IPv6 nya di input manual

  • Dynamic 6to4 Tunneling: Automatically establishes the connection of IPv6 islands/network through an IPv4 network, typically the Internet. It dynamically applies a valid, unique IPv6 prefix to each IPv6 island, which enables the fast deployment of IPv6 in a corporate network without address retrieval from the ISPs or registries.


  • Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) tunneling: Automatic overlay tunneling mechanism that uses the underlying IPv4 network as a link layer for IPv6. ISATAP tunnels allow individual IPv4 or IPv6 dual-stack hosts within a site to communicate with other such hosts on a virtual link, creating an IPv6 network using the IPv4 infrastructure
  • Teredo tunneling: An IPv6 transition technology that provides host-to-host automatic tunneling instead of gateway tunneling. This approach passes unicast IPv6 traffic when dual-stacked hosts (hosts that are running both IPv6 and IPv4) are located behind one or multiple IPv4 NATs. technology that gives full IPv6 connectivity for IPv6-capable hosts which are on the IPv4 Internet but which have no direct native connection to an IPv6 network. Compared to other similar protocols its distinguishing feature is that it is able to perform its function even from behind network address translation (NAT) devices such as home routers. Singkat kata…Teredo digunakan ketika client mo konek ke internet (yang mana IPv4) lewat ISP..nah…ISP ngasi kan IPv4 Public address kan ?? klo mo masuk IPv6 ya ga bisa…Teredo ini meng-encapsulasi IPv6 packets within UDP/IPv4 datagrams, which most NATs can forward properly. Thus, IPv6-aware hosts behind NATs can be used as Teredo tunnel endpoints even when they don’t have a dedicated public IPv4 address. In effect, a host implementing Teredo can gain IPv6 connectivity with no cooperation from the local network environment. Teredo is intended to be a temporary measure: in the long term, all IPv6 hosts should use native IPv6 connectivity. (panjang juga ya…ga singkat…hahaha)

3. NAT-PT

Cisco IOS Release 12.3(2)T and later (with the appropriate feature set) also include NAT-PT between IPv6 and IPv4. This translation allows direct communication between hosts that use different versions of the IP protocol. These translations are more complex than IPv4 NAT. At this time, this translation technique is the least favorable option and should be used as a last resort.

IPv6 Integration Philosophy…”Dual stack where you can, tunnel where you must

IPv6 Challenge

Like IPv4 classless interdomain routing (CIDR), IPv6 uses longest prefix match routing. IPv6 uses modified versions of most of the common routing protocols to handle longer IPv6 addresses and different header structures.

Larger address spaces make room for large address allocations to ISPs and organizations. An ISP aggregates all of the prefixes of its customers into a single prefix and announces the single prefix to the IPv6 Internet. The increased address space is sufficient to allow organizations to define a single prefix for their entire network.

But how does this affect router performance? A brief review of how a router functions in a network helps illustrate how IPv6 affects routing. Conceptually, a router has three functional areas:

  • The control plane handles the interaction of the router with the other network elements, providing the information needed to make decisions and control the overall router operation. This plane runs processes such as routing protocols and network management. These functions are generally complex.
  • The data plane handles packet forwarding from one physical or logical interface to another. It involves different switching mechanisms such as process switching and Cisco Express Forwarding (CEF) on Cisco IOS software routers.
  • Enhanced services include advanced features applied when forwarding data, such as packet filtering, quality of service (QoS), encryption, translation, and accounting.

IPv6 Control Plane

Enabling IPv6 on a router starts its control plane operating processes specifically for IPv6. Protocol characteristics shape the performance of these processes and the amount of resources necessary to operate them:

  • IPv6 address size – Address size affects the information-processing functions of a router. Systems using a 64-bit CPU, bus, or memory structure can pass both the IPv4 source and destination address in a single processing cycle. For IPv6, the source and destination addresses require two cycles each-four cycles to process source and destination address information. As a result, routers relying exclusively on software processing are likely to perform slower than when in an IPv4 environment.
  • Multiple IPv6 node addresses – Because IPv6 nodes can use several IPv6 unicast addresses, memory consumption of the Neighbor Discovery cache may be affected.
  • IPv6 routing protocols – IPv6 routing protocols are similar to their IPv4 counterparts, but since an IPv6 prefix is four times larger than an IPv4 prefix, routing updates have to carry more information.
  • Routing table Size – Increased IPv6 address space leads to larger networks and a much larger Internet. This implies larger routing tables and higher memory requirements to support them.

IPv6 Data Plane

The data plane forwards IP packets based on the decisions made by the control plane. The forwarding engine parses the relevant IP packet information and does a lookup to match the parsed information against the forwarding policies defined by the control plane. IPv6 affects the performance of parsing and lookup functions:

  • Parsing IPv6 extension headers – Applications, including mobile IPv6, often use IPv6 address information in extension headers, thus increasing their size. These additional fields require additional processing. For example, a router using ACLs to filter Layer 4 information needs to apply the ACLs to packets with extension headers as well as those without. If the length of the extension header exceeds the fixed length of the hardware register of the router, hardware switching fails, and packets may be punted to software switching or dropped. This severely affects the forwarding performance of the router.
  • IPv6 address lookup – IPv6 performs a lookup on packets entering the router to find the correct output interface. In IPv4, the forwarding decision process parses a 32-bit destination address. In IPv6, the forwarding decision could conceivably require parsing a 128-bit address. Most routers today perform lookups using an application-specific integrated circuit (ASIC) with a fixed configuration that performs the functions for which it was originally designed – IPv4. Again, this could result in punting packets into slower software processing, or dropping them all together.

IPv6 Challenge Solution ??

Just make a better router/switch will you ?!?

IPv6-Enabled Routing Protocol

  1. RIPng

    Stand for RIP new generation, not powerfull or less powerful than earlier RIP

    RIPng includes the following features:

  • Based on IPv4 RIP version 2 (RIPv2) and is similar to RIPv2
  • Uses IPv6 for transport
  • Includes the IPv6 prefix and next-hop IPv6 address
  • Uses the multicast group FF02::9 as the destination address for RIP updates (this is similar to the broadcast function performed by RIP in IPv4)
  • Sends updates on UDP port 521
  • Is supported by Cisco IOS Release 12.2(2)T and later

In dual-stacked deployments, both RIP and RIPng are required.

  1. EIGRPv6

    Multicast address yg digunakan oleh EIGRPv6 adalah FF02::A, EIGRP didesain oleh Cisco untuk bisa menghandle banyak protocol selain IP, bisa IPX atau AppleTalk atau yang lain…tidak terkecuali IPv6, jadi ga terlalu banyak perbedaan.

    Perbedaan mendasarnya adalah EIGRPv4 mendukung auto summarization sedang IPv6 tidak DAAAAAAAN authentikasi yang dipakai oleh EIGRPv6 adalah IPv6 AH/ESP standard (bukan EIGRP specific authentication)

  2. OSPFv3

    OSPFv2 adalah yang kita pakai sekarang..v1 nya uda obsolete

    Multicast address yg digunakan oleh OSPFv3 adalah FF02::5 (untuk all OSPF Router) tapi untuk ALL DESIGNATED ROUTER pakai FF02::6

  3. IS-IS IPv6 (Intermediate System to Intermediate System)

    Alamat IPv6 Multicast address untuk IS-IS adalah FF02::8

Untuk lebih lengkapnya tentang multicast address

Figure 2. taken from IANA.org

IANA.org (address list for IPv6)

WOKEH….SAMPAI DISINI DULU PEMIRSAH…LATER I’LL POST IPv6 – HOW TO CONFIGURE IT ON CISCO ROUTER