The following protocols supports IPv6 multicast:
The following protocols do not support IPv6 multicast:
Similarities between 6to4 and ISATAP
- Both imbed IPv4 address in the IPv6 prefix
- Both do NOT support multicast
- Both tunnel IPv6 packet inside IPv4 packet, thus have header overhead
- Both use IPv4 as the transport to connect IPv6 networks
Differences between 6to4 and ISATAP
- ISATAP use DNS (isatap.domain) or Potential Router List (PRL) to find its ISTAP gateway. 6to4 uses an fixed anycast address of 126.96.36.199
- ISATAP was designed to tunnel IPv6 packet over IPv4 network within a site. 6to4 was designed to tunnel IPv6 networks over IPv4 networks among sites
- ISATAP can use Global Unique Address. 6to4 has to use 2002::/16 address
- In 6PE and 6VPE deployment, the P LSRs are NOT IPv6 enable. Thus, the MPLS core does NOT support ICMPv6
- Two ICMPv6 that are critical to IPv6 networks are
- IPv6 ICMP response
- PMTU Discovery
- To address these issues, we can:
- for IPv6 ICMP response, we can use MPLS traceroute at the PE
- for PMTU Discovery, the PE can be configured to response with ICMP too big message on behalf of the core LSR.
- Normally in order provide IPv6 services and to keep the core simple, SP choose to run 6PE or 6VPE, where the core P routers are completed IPv6 unaware.
- Two labels are imposed on IPv6 traffic, the 1st label is for the LSP within the core. The second label is for the IPv6 prefixes, or VPNIPv6 prefixes at the PE.
- However that means IPv6 traffic share the same LSP with IPv4/IPv4VPN traffic between two PE.
- Some SP desires to have a separate LSP for IPv6 in the core, between two PE.
- To archive that, we just need to add another loopback interface with IPv4 address on all IPv6 PE. Then we will run MP-iBGP among these PE using the new loopback as the BGP source address/next-hop address and exchange IPv6 and IPv6VPN prefixes over these new MP-iBGP peers. Because the IP address of the loopback interface LSR are different, new LSP will be created for IPv6 traffic.
- mobile IPv4 traffic is asymmetric. The tunnel from the home agent to the mobile node is unidirectional. The return traffic from the mobile node back to the corresponding node is NOT tunnel. The source IP of the packets from the mobile node is the Home Address (HoA). Since many network edges perform source IP filter, this represent an issue.
- Where else for mobile IPv6. The tunnel between the Home Agent (HA) and the Mobile Node (MN) is bidirectional. This resolves the source IP packet filter the is present in Mobile IPv4.
- Because the traffic from the MN to the Corresponding Node (CN) transverses the HA, the routing is potentially sub-optimum. If the CN supports Mobile IPv6, it can then establish a direct tunnel with the MN for optimized routing.
- It is a protocol that enable IP connectivity between IPv6 hosts (or networks) over IPv4 transport.
- It DOES NOT provide IPv6 to IPv4 or IPv4 to IPv6 connectivity
- The 1st 16-bit of the IPv6 header is always a 2002
- It is NOT a tunneling protocol. IPv4 address is embedded in the IPv6 address (the 32-bit immediately after the 1st 16-bit of IPv6 address)
- For a 6to4 hosts or network to access the public IPv6 network, you need to connect to a 6to4 relay. A 6to4 relay connects a 6to4 network to a public IPv6 network.
- The 6to4 relay is an anycast address of 188.8.131.52, which is mapped to 2002:c058:6391::
6VPE is a method to route IPv6 packets over MPLS networks using MPLS VPN. Its is very similar to MPLS L3 VPN for IPv4.
The following are the requirements to run 6VPE:
- MPLS core running IPv4 IGP and LDP or RSVR for TE
- PE must be capable of running IPv6
- PE have VRFs for customers
- Full mesh MP-iBGP among PE, to distribute VPN IPv6 prefixes and and their associated labels. (vpnv6 + label)
- PE and CE must run IPv6 routing protocol (or static)
- The BGP next hop of the vpnv6 prefix is an IPv4-mapped IPv6 address of the egress PE
- vpnv6 prefix is a 192-bit prefix that is the result of prepending 128-bit IPv6 with 64-bit RD
- Same idea as in MPLS L3 VPN for IPv4, thus the concept is familiar with many engineers/NOC
- It is a peer to peer architecture. only one peer is required for each CE, that is the peer to its PE. Adding new site required changes only on the local PE for the new CE.
IPv6 Internet Access through 6VPE
We have three options:
- Use global routing table on PE, with sub-interface to CE
- Advertise Internet routes into customer VRF
- Static VRF routes
- Static default route on PE customer VRF pointing to global routing table
- Static customer route in PE global routing table pointing toward the CE router