© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v Deploying IPv6 IPv6 Service Provider Deployment Strategies
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v Objectives Describe the three main approaches for IPv4-only ISPs to offer IPv6 services to their existing or new customers Identify the advantages and disadvantages of dual-stack deployment Identify the advantages and disadvantages of IPv6-only deployment Identify advantages and disadvantages of encapsulation Identify advantages and disadvantages of various IPv6 services Identify security issues in IPv6 networks Describe the two key service provider strategies for phased deployment of IPv6
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v Existing ISP network, then dual stacked IPv6 Service Provider Deployment Provider Edge Provider Core Services (web, mail) RADIUS DNS, DHCP Customer Enterprise Network CPE ISP Network (IPv4) ISP Network (IPv6) ISP Network
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v ISP network edge upgrade, IPv4-core Upgrade Network Edge IPv6 Service Provider Deployment (Cont.) Provider Edge Provider Core Services (web, mail) RADIUS DNS, DHCP Customer Enterprise Network CPE ISP Network (IPv6) ISP Network ISP Network (IPv4)
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v Dual-Stack Core (and Mostly) Edge Dual Stack IPv6-only link Customer: IPv6-only router Customer: IPv4-only router IPv4-only link Dual-stack router core Dual-stack link Dual-stack router edge Core Internet Internet IPv6
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v Dual Stack Pros and Cons The Dual Stack approach has some distinct advantages and drawbacks: Advantages Only those systems required to facilitate IPv6 connectivity need be altered IPv4-only applications should continue to function without alteration Drawbacks Increased management of DNS, routing protocols, and address management Costly approach for larger deployments
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v IPv6 Only Primary DNS ISP IPv4 Network Other IPv6 Networks POP (IPv6) ISP IPv6 Network POP (IPv6) IPv4/IPv6 LAN NAT or Proxies Customer DNS IPv6 CPE IPv4 CPE POP (IPv4) Other IPv4 Networks POP (IPv4) IPv4 Servers RADIUS, NMS,… IPv6 ISP Proxies, DNS, Web, News,… IPv6 Servers RADIUS, NMS,… IPv4 ISP Proxies, DNS, Web, News,…
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v IPv6-only Pros and Cons IPv6-only deployments can be achieved by deploying IPv6 networks on Layer 2 infrastructure, which has both pros and cons Advantages IPv4 infrastructure is untouched and does not impact revenue or operations Stable migration path for both existing, IPv4-only customers and those wishing to integrate IPv6 Disadvantages No network management support for large IPv6 deployments No native6 IPv6 over MPLS support
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v IPv4-Core, Dual Stack at Edge Encapsulation ISP IPv6 Network Other IPv4 Networks POP (IPv4) NAT or Proxies Customer DNS/IPv6 Support IPv4 ISP Proxies, DNS, Web, News,… IPv4 Servers RADIUS, NMS,… CPE/ IPv6 Support v6 v4 POP (IPv4) ISP IPv4 Network Primary DNS IPv6-in-IPv4 Tunnel POP (IPv6) POP (IPv4) IPv4/IPv6 LAN
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v Manually Configured Tunnel Pros and Cons ISPs my use manually configured tunnels as method for deploying IPv6. This approach is largely beneficial, with one significant drawback Advantages Very targeted IPv6 deployment method, enabling delivery of IPv6 connectivity without significant changes to the network ISPs can gauge demand and observe traffic volumes before making substantial capital expenditures in IPv6 deployment Drawback Manual tunnels do not scale well. As the volume of tunnels scales beyond dozens into hundreds and thousands, configuration and management requirements become ungainly
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v IPv6 Services Most ISPs provide services other than simple connectivity, including: MIP – Mobile IP services allow mobile nodes continuous seamless access to the network as they move QoS – QoS is provided within the core of the ISP networks and provides customers the ability to receive a tailored response from the network for critical applications Multicasting – multicasting can be provided by ISPs in order to more efficiently carry rich media services like streaming audio or IPTV
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v Key Service Provider Strategies Service providers may roll out services in phases: At the customer edge, allowing ISP investments in IPv6 services near paying customers, and without a large investment in the core network In the core, taking advantage of the economies of running a single architecture end-to-end in the network, in the core, access, and distribution layers
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v Service Layer Address Allocation For address allocation policy for broadband deployments, there are several scenarios, based on IETF recommendations: Permanent /48 – allows large customer to maintain a stable prefix over time Permanent /64 – allows small customer to maintain stable prefix over time Short-lived /64 – for client-oriented customers that do not need stable addresses, and do not run IPv6-based services Permanent /128 – single, stable address for an individual device Short-lived /128 – single, variable address for individual device
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v Selection Guidelines Enterprises typically have multiple networks, and desire stable addressing – for these customers a Permanent /48 is typical Small enterprises also will typically want stable addresses, but they may only have a single subnet, making Permanent /64 ideal Any customer running servers, or running peer-to-peer applications, will want a consistent prefix, and thus a permanent assignment In general, users running in client-server mode, and not running servers themselves, do not need stable addresses, and may desire the anonymity that comes from a dynamic /64 assignment, for example
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v Permanent /48 Access NAS AAA Router Advertisement CPE /64
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v Permanent /64 NAS AAA Router Advertisement CPE /64 (Bridge) /64 Access
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v Short-lived /64 NAS AAA Router Advertisement CPE /64 (Bridge) /64 Access
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v Permanent /128 NAS AAA Router Advertisement Single host Access
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v Short-lived /128 NAS AAA Router Advertisement Single host Access
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v Encapsulation Support DSLAM RADIUS PPPoA PPPoE RBE CPE PPPoA client CPE Bridging NAS NAS RBE-enabled Host PC Host PC PPoE client Host PC
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v Office Broadband Deployment AAA ATM NAS PC PPoE client Office suite A PC Office suite C PC PPoE client Office suite A PC Office suite C Suite C CPE PPoE client
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v Dual stack implementation provides native support for IPv4 and IPv6, but it adds administrative complexity. IPv6-only deployment provides end-to-end IPv6 without affecting IPv4 traffic, but it is potentially expensive. There are significant challenges to overcome when deploying an all-IPv6 network today. Encapsulation with manually configured tunnels requires the lowest capital outlay but requires higher future administrative costs. IPv6 services that add value for a client include Mobile IP, QoS, and multicasting. Of these, QoS is mostly unchanged from the IPv4 model, at least until the flow label is standardized and new services are introduced that provide additional value to customers. Summary
© 2006 Cisco Systems, Inc. All rights reserved. IP6FD v Topic Review 1. Why might dual-stack implementation require the configuration of additional memory? 2.IPv6-only deployments are highly desirable for service providers using WANs or MANs with which connection technologies? 3. What is a concern as the number of manually configured tunnels increases in a network?