How to Implement IPv6 and Configure a Cisco Router to Use IPv6
Implementation of IPv6 is spreading across the globe and network professionals are put in the spotlight as this new protocol is added to their organization’s network infrastructure.
The CCNA 604-802 exam requires candidates to have a good understanding of IPv6 and how to implement the protocol.
In my previous article, IPv6 Addresses: Form and Function, we compared the structures of the IPv4 and IPv6 addresses and headers. We also examined the differences in the types of IPv4 and IPv6 addresses.
In this article, we will take the next step and investigate what types of implementations are possible for IPv6 and how to assign an address to interface. Upcoming articles in this series will focus on some of the key features like mobility and IPSec and also look at configuring routing protocols to use IPv6.
IPv6 Implementation Strategies
There are four distinct methods to implement IPv6 in a network infrastructure:
- Native Implementation
- Dual Stack Implementation
- IPv6 Tunneling
- IPv6 Only to IPv4 Only Translation
Let’s go over each of these in more detail.
• IPv6 Native Implementation
The first implementation method is to install IPv6 in a native configuration. This configuration configures all hosts and routers to utilize IPv6 only and not in conjunction with IPv4.
Native implementation limits the network to only IPv6 communication to other networks and would require translation to interface other IPv4 networks.
• IPv6 Dual Stack Implementation
The second and most popular implementation is dual stack. Dual stack implementation allows IPv4 and IPv6 addresses to exist on the same physical and/or logical interface. This implementation is also the easiest to implement in an environment that already is established.
The primary concerns for the dual stack implementation are in software and hardware. Hardware must be evaluated in the network infrastructure to see if there is proper memory for route tables and the switch forwarding tables to handle IPv6 routes and packets. Software on the network infrastructure must support IPv6 configuration and routing protocols, while operating systems on the host side must also be IPv6 capable.
Dual stack offers the best of both worlds with hosts able to communicate with other hosts on networks that could support either protocol. Let’s take a look at what IPv4 only application stack looks like for data flow as depicted in Figure 1.
So how would a dual stack implementation work? Well, Figure 2 shows how an application must be aware of both IP stacks to utilize either. Operating systems are configured to select which one will have priority if connectivity is available on the remote side for both protocols. If applications allow, like web browsers, IPv4 or IPv6 addresses can be manually selected.
• IPv6 Tunneling
The next implementation available for IPv6 is tunneling. Tunneling is used to connect two native IPv6 implementations over an existing IPv4 only network, which is typically seen as a WAN network.
Edge routers for each IPv6 implementation are connected to the IPv4 network and a tunnel is configured between them. IPv6 original headers and payloads are not modified in the tunnel, but instead an IPv4 header is inserted in front of the IPv6 header for transmission over the IPv4 network and then stripped off on the other side.
Figure 3 displays the implementation of this tunnel and communication between two IPv6 native environments.
One of the most common tunnel protocols to use for this implementation is 6to4 and is defined in RFC 3056: Connection for IPv6 Domains via IPv4 Clouds. The 6to4 protocol supports a dynamic method to tunnel IPv6 addresses across IPv4 clouds and will utilize global unicast IPv6 prefixes for each IPv6 site for communication. 6to4 must be installed on the edge routers and will map addresses according to their global prefixes, so IPv6 route propagation to other sites is not needed.
• IPv6 Only to IPv4 Only Translation
IPv6 only to IPv4 only translation is the last implementation method we will examine. Why would we need this? Well, IPv6 nodes may require interaction with IPv4 only nodes for certain services such as: mail or web services.
There are several ways to accomplish translation. The most commonly method used is Application Level Gateways (ALG), which utilizes a server that act as proxy to services that may be other IPv6 or IPv4 nodes. Figure 4 shows how this might be implemented.
For ALGs to properly function the applications on the server must be IPv6 aware and the server must configured to support both protocols. The best location for the ALG is often identified by the location of the targeted services. For IPv6 nodes that require access, but offer no services to other IPv4 nodes, placing an ALG at the edge of the IPv6 network is the best location.
Let’s look quickly at some other translation methods that could be employed. Other translation methods include NAT-PT, TCP-UDP relay, Bump in the Stack (BIS), Dual Stack Translation Mechanism (DSTM), and SOCKS-based IPV6/IPv4 gateway.
- NAT is not favored for use with IPv6, but it does offer a mechanism to achieve connectivity to end IPv4 nodes.
- TCP-UDP relay is similar to NAT-PT, but performs translation at the Transport Layer of the OSI stack and not the Network Layer.
- BIS is designed to work with dual stack hosts and was used as an initial step for translation since many applications did not support IPv6.
- DSTM allows dual stacked hosts in IPv6 only domains to communicate to other IPv4 hosts by dynamically creating tunnels for communication.
- SOCKS-based IPv6/IPv4 gateway is based on the SOCKSv5 protocol and is a proxy mechanism to translate addresses.
Translation between IPv6 and IPv4 is an advanced topic that requires more in depth study beyond the current CCNA scope and is taken up in more detail for CCNP candidates.
Implementing IPv6 Addresses on Cisco Router Interfaces
Now that we have talked about IPv6 implementation schemes, let’s look at how to implement IPv6 addresses on a router interface. Before this can be accomplished, you need to verify that the current version of IOS code on the Cisco router will support IPv6.
Once you have logged into a router and entered enabled mode, type “show ipv6 ?” at the router prompt. If a syntax error occurs, the IOS version is not setup to support IPv6 and will need to be upgraded.
To enable IPv6 on a router for configuration, IPv6 unicast routing and CEF forwarding will need to be enabled. Enter configuration mode on the router and type the following:
Router (config) #ipv6 unicast-routing
Router (config) #ipv6 cef distributed
This will enable IPv6 to be statically configured for routes and on interfaces. Now let’s configure and interface with IPv6 address.
Below is an example of a ten Gigabit Ethernet interface 2/1 that has a sub interface assigned. The designation of the interface is ten 2/1.1. IP address currently assigned to the interface is 192.168.100.1/30. A show interface gives us this result:
Router# show interface ten 2/1.1
TenGigabitEthernet2/1.1 is up, line protocol is up (connected)
Hardware is C6k 10000Mb 802.3, address is 001c.b0b4.7400 (bia 001c.b0b4.7400)
Description: “Interface 1″
Internet address is 192.168.100.1/30
MTU 9216 bytes, BW 10000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 501.
ARP type: ARPA, ARP Timeout 04:00:00routert#sh int ten 2/1
Now let’s enter configuration mode again and add ipv6 address.
Router (config) #interface ten 2/1.1
Router (config-subif) #ipv6 address FEC0:0:0:100::1/128
We have now configured the interface with an IPv6 IP address, but to see the result and all the associated IPv6 types of addresses that were discussed in my previous article, a special show command is needed for the interface. The example below displays the IPv6 addresses assigned to the ten 2/1.1 interface:
Router# show ipv6 interface ten 2/1.1
TenGigabitEthernet2/1.1 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::21C:B0FF:FEB4:7400
Description: “Interface 1″
Global unicast address(es):
FEC0:0:0:100::1, subnet is FEC0:0:0:100::1/128
Joined group address(es):
MTU is 9216 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds
ND advertised reachable time is 0 milliseconds
ND advertised retransmit interval is 0 milliseconds
ND router advertisements are sent every 200 seconds
ND router advertisements live for 1800 seconds
Hosts use stateless autoconfig for addresses
You can clearly see that interface has a link-local and a global unicast address. Also, the Joined group addresses define the multicast and anycast addresses also needed for our router interface using IPv6.
What Did We Learn?
In this article we looked at the various methods for implementing the IPv6 protocol and talked about how to configure a Cisco router interface to use IPv6.
Understanding the implementations is an element for CCNA candidates to be aware of and so is IPv6 address assignment to router interfaces. These topics are basic building blocks overall IPv6 design and configuration and future articles will drill down into more features and configuration.
IPv6 has some real complexity, but proper training and education can empower you with the tools to take full advantage of this protocol.