




























































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
The Need for IPv6 Planning and Deployment Summary Address Considerations General Concepts Infrastructure Deployment Campus/Data Center WAN/Branch Remote Access Provider Considerations
Typology: Slides
1 / 108
This page cannot be seen from the preview
Don't miss anything!





























































































Reference Materials Deploying IPv6 in Campus Networks: http://www.cisco.com/en/US/docs/solutions/Enterprise/ Campus/CampIPv6.html Deploying IPv6 in Branch Networks: http://www.cisco.com/en/US/solutions/ns340/ns414/ ns742/ns816/landing_br_ipv6.html CCO IPv6 Main Page: http://www.cisco.com/go/ipv Cisco Network Designs: http://www.cisco.com/go/designzone
Agenda The Need for IPv Planning and Deployment Summary Address Considerations General Concepts Infrastructure Deployment Campus/Data Center WAN/Branch Remote Access Provider Considerations
IPv6 Provides Benefits Across the Board Manufacturing Government (Federal/Public Sector) Agriculture/ Transportation Wildlife Health Care Higher Education/Research (^) Consumer
Dramatic Increase in Enterprise Activity Why? Enterprise that is or will be expanding into emerging markets Enterprise that partners with other companies who may use IPv6 (larger enterprise, located in emerging markets, government, service providers) Adoption of Windows 7, Windows 2008, DirectAccess Frequent M&A activity Energy – High density IP-enabled endpoints (SmartGrid)
Enterprise Adoption Spectrum Preliminary Research Pilot/Early Deployment Production/ Looking for parity and beyond
IPv6 Integration Outline
Pre-Deployment Phases Deployment Phases
Address Considerations
Hierarchical Addressing and Aggregation Default is /48 – can be larger – “End-user Additional Assignment” https://www.arin.net/resources/request/ipv6_add_assign.html Provider independent – See Number Resource Policy Manual (NRPM) - https://www.arin.net/policy/nrpm.html
ULA, ULA + Global or Global What type of addressing should I deploy internal to my network? It depends: ULA-only—Today, no IPv6 NAT is useable in production so using ULA-only will not work externally to your network ULA + Global allows for the best of both worlds but at a price— much more address management with DHCP, DNS, routing and security—SAS does not always work as it should Global-only—Recommended approach but the old-school security folks that believe topology hiding is essential in security will bark at this option Let’s explore these options…
Unique-Local Addressing (RFC4193)
Not routable on the internet—basically RFC1918 for IPv6 only better—less likelihood of collisions
/48 limits use in large organizations that will need more space Semi-random generator prohibits generating sequentially ‘useable’ prefixes—no easy way to have aggregation when using multiple /48s Why not hack the generator to produce something larger than a /48 or even sequential /48s? Is it ‘legal’ to use something other than a /48? Perhaps the entire space? Forget legal, is it practical? Probably, but with dangers—remember the idea for ULA; internal addressing with a slim likelihood of address collisions with M&A. By consuming a larger space or the entire ULA space you will significantly increase the chances of pain in the future with M&A
You must always implement filters/ACLs to block any packets going in or out of your network (at the Internet perimeter) that contain a SA/DA that is in the ULA range— today this is the only way the ULA scope can be enforced
Generated ULA= fd9c:58ed:7d73::/
ULA + Global
ULA Space FD9C:58ED:7D73::/ Global – 2001:DB8:CAFE::/
Global – 2001:DB8:CAFE::/
Considerations—ULA + Global
Temporary Preferred 6d23h59m55s 23h59m55s 2001:db8:cafe:2:cd22:7629:f726:6a6b Dhcp Preferred 13d1h33m55s 6d1h33m55s fd9c:58ed:7d73:1002:8828:723c:275e:846d Other Preferred infinite infinite fe80::8828:723c:275e:846d%