[c-nsp] IPv6 deployment
Mark Tinka
mtinka at globaltransit.net
Tue Nov 16 04:13:54 EST 2010
On Tuesday, November 16, 2010 02:13:47 pm Edward Iong wrote:
> 1. Can IPv4 and IPv6 devices exist at the same time in
> the same LAN?
Yes, this is called dual-stack.
Single-stack is when only one of these IP protocols exists
on the wire.
> and can they communicate with each other?
Well, not really - v4 talks to v4, and v6 talks to v6. But
there are options one can use to transport one of these
protocols over the other.
> 2. If both IPv4 and IPv6 devices can be in the same LAN,
> what kind of rounting technology can route the ip
> packet?
OSPFv3 provides v6 support for link-state routing, as does
the current implementation of IS-IS.
Current BGP-4 also supports v6 address families. So many of
the routing protocols you're used to today already support a
decent amount of v6. Static routing too :-).
> 3. To route the traffic to the other LAN through
> WAN(MPLS), is it 6to4 will need to be in place?
If you choose the dual-stack option (which is my
recommendation since it's simpler), you don't need to worry
about making your MPLS network carry v6 traffic, although it
can.
Using MPLS to carry v6 traffic is known as 6PE.
> 4. To
> access internet, it points to our PIX instead of PE
> router(MPLS), so is it I will need to implement 6to4 as
> well(if ISP can only provide ipv4 public address)?
Not sure whether the PIX supports v6 (never used one
before). If it does, dual-stack is your friend. If it
doesn't, not sure whether the PIX supports 6-in-4 tunneling.
I find 6-in-4 tunneling to be the next best option after
dual-stacking, in case your platform can run it. But that's
just me...
> 5. We
> are using Microsoft IAS for Wireless connection and
> network device access authentication. If we implement
> IPv6, will IAS support IPv6?
Not sure, don't use Windows much. But I know v6 is now
mainstream in Vista and 7, but uncertain how much it bleeds
into its other native applications.
Someone else more Windows savvy than me can probably answer
this one.
Linux and FreeBSD have decent v6 support, as does Mac (a few
things are broken, but it's a work-in-progress).
> 6. Will PIX support IPv6?
> will have many site2site vpn connection.
See 4, above.
> If anyone who has experiences in IPv6 implementation
> project, please let me know as well.
We've been running v6 in our Transit network since 2007 - I
started running v6 in commercial production networks in
2005.
We went the dual-stack route, even with our MPLS network in
place. Lots of things to look out for, but there's is plenty
of experience here:
http://www.getipv6.info/index.php/Main_Page
http://www.civil-tongue.net/6and4/
Lots of other resources online, too. The 'c-nsp' archives
are quite handy too.
One piece of advice I'd give, make sure any kit or software
you're buying now supports v6, as well as any features
you're looking to implement in your network. You don't want
to realize, 36 months from now, that all the millions you
spent on hardware can't support v6.
Cheers,
Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20101116/34ac96c7/attachment.bin>
More information about the cisco-nsp
mailing list