Philip Smith's Internet Development Site

User Tools

Site Tools

Trace:
training:sanog32:d-6rd

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
training:sanog32:d-6rd [2018/07/24 11:11] – created philiptraining:sanog32:d-6rd [2018/08/05 19:56] (current) – [Disabling IPv6 on the Core and Access routers] philip
Line 5: Line 5:
 6rd is a technology which allows network operators to deploy IPv6 to end users without having to upgrade the entire infrastructure between them and their customer to support IPv6. This is typically the case where the ISP has old DSLAMs which don’t support IPv6 framing, or are leasing a third party’s access network which perhaps also is not quite IPv6 ready. 6rd is a technology which allows network operators to deploy IPv6 to end users without having to upgrade the entire infrastructure between them and their customer to support IPv6. This is typically the case where the ISP has old DSLAMs which don’t support IPv6 framing, or are leasing a third party’s access network which perhaps also is not quite IPv6 ready.
  
-In this lab we will configure a 6rd tunnel between our Customer router and our Border router. To do this we will disable IPv6 on our core network, leaving only IPv6 operational on our Border router.+In this lab we will configure a 6rd tunnel between our Customer router and our Border router. To do this we will disable IPv6 on our core network, leaving IPv6 operational only on our Border router.
  
-===== Disabling IPv6 on the core router =====+===== Preparation =====
  
-The first step is to disable IPv6 on the core router. Be sure to keep a copy of the configuration first!+Before we start this lab, remove any previous extra lab configuration on the Access and Customer routers and revert both routers to the configuration as it was at the end of the [[training:sanog32:d-static|Static Lab]]. Check connectivity is working from the Customer router to the rest of the lab network as expected. 
 + 
 +We also need to remove any IPv6 configured on the network as we will be replacing it with 6rd technology. The following subsections describe what needs to be done. 
 + 
 +==== Disabling IPv6 on the Core and Access routers ==== 
 + 
 +The first step is to disable IPv6 on the Access and Core routers. Be sure to keep a copy of the configuration of the Access and Core routers first! (We won’t worry about the Peering Router as it isn’t needed for this part of the lab work.)
  
 The simplest way to do this is simply to turn off IPv6 Unicast Routing, like this: The simplest way to do this is simply to turn off IPv6 Unicast Routing, like this:
Line 15: Line 21:
   no ipv6 unicast-routing   no ipv6 unicast-routing
  
- +This will remove all the IPv6 routing protocol configuration on those two routers, including OSPF/IS-IS and BGP. The IPv4 configuration will still remain, and the IPv4 routing will still function. You will notice that IPv6 addressing will remain on the router interfaces, and configuration like IPv6 packet filters etc. 
-This will remove all the IPv6 routing protocol configuration on the core router, including OSPF/IS-IS and BGP. The IPv4 configuration will still remain, and the IPv4 routing will still function. You will notice that IPv6 addressing will remain on the router interfaces, and configuration like IPv6 packet filters etc.+
  
 Confirm that IPv4 routing still works. Confirm that IPv4 routing still works.
  
 And confirm that IPv6 routing no longer works - you should no longer have any IPv6 connectivity between the Border, Peering and Access routers. And confirm that IPv6 routing no longer works - you should no longer have any IPv6 connectivity between the Border, Peering and Access routers.
 +
 +==== Originating IPv6 Aggregate on the Border router ====
 +
 +Because we have removed IPv6 routing from the Core router, we have also stopped announcing our IPv6 aggregate to the Transit network. To test that our 6rd deployment is working, we need to temporarily originate our IPv6 aggregate from the Border router. Here is an example:
 +
 +  router bgp X0
 +   address-family ipv6
 +    network 2001:DB8:X::/48
 +  !
 +  ipv6 route 2001:DB8:X::/48 Null0
 +
 +
 +
 +==== Removing IPv6 on the link to the Customer ====
 +
 +We also need to remove any remaining IPv6 configuration on the link between the Access Router and the Customer Router. Here is an example for the Access Router:
 +
 +  interface FastEthernet0/1
 +   description P2P Link to CustX
 +   no ipv6 address 2001:DB8:X:20::0/127
 +   no ipv6 nd ra suppress all
 +  !
 +  no ipv6 route 2001:DB8:X:4000::/52 2001:DB8:X:20::1
 +  !
 +
 +and here is an example for the Customer Router:
 +
 +  interface FastEthernet0/1
 +   description P2P Link to ASX0
 +   no ipv6 address 2001:DB8:X:20::1/127
 +   no ipv6 nd ra suppress all
 +  !
 +  no ipv6 route 2001:DB8:X:4000::/52 Null0
 +  no ipv6 route ::/0 2001:DB8:X:20::
 +  !
 +
 +==== Removing IPv6 configuration on Customer Router ====
 +
 +And finally we need to remove the loopback interface from the Customer Router. Remember we created it as an anchor point for testing. Simply do:
 +
 +  no interface loopback 0
 +
 +and it will be removed completely.
 +
 +We leave `ipv6 unicast-routing` turned on though, as we still will need IPv6 on the router in the next part of the lab.
  
 ===== Setting up 6rd ===== ===== Setting up 6rd =====
Line 26: Line 76:
 ==== Background ==== ==== Background ====
  
-The lab instructors will have explained how 6rd worked during the presentations. But suffice to say, the router configuration on the CPE device is the same for all devices – there is no per end user configuration which makes 6rd a very simple to deploy technology for a service provider, as all their CPE devices can have the same configuration prior to shipping to the end-user.+The lab instructors will have explained how 6rd works during the presentations. But suffice to say, the router configuration on this CPE is the same across all CPE that would be deployed by the network operator – there is no per end user configuration which makes 6rd a very simple to deploy technology, as all their CPE devices can have the same configuration prior to shipping to the end-user.
  
 What we will set up is something similar to the diagram below. What we will set up is something similar to the diagram below.
  
-![](diagrams/6rd-diagram.png)+{{:training:sanog32:6rd-diagram.png?600|}}
  
 The Customer Router in the diagram is our Customer Router in our network. And the ISP 6rd BR capability will be configured on our autonomous system’s Border Router. The Customer Router in the diagram is our Customer Router in our network. And the ISP 6rd BR capability will be configured on our autonomous system’s Border Router.
Line 81: Line 131:
  
   ipv6 general-prefix 6RDLAB 6rd Tunnel0   ipv6 general-prefix 6RDLAB 6rd Tunnel0
- 
  
 which says: what ever prefix we learn by 6rd from Tunnel0 (ie the /60 which 6rd creates), we will assign the name “6RDLAB” – and when we need to assign addresses to other interfaces on the router, we can refer to them using this name. which says: what ever prefix we learn by 6rd from Tunnel0 (ie the /60 which 6rd creates), we will assign the name “6RDLAB” – and when we need to assign addresses to other interfaces on the router, we can refer to them using this name.
Line 90: Line 139:
    description Local LAN    description Local LAN
    ipv6 address 6RDLAB ::1:0:0:0:1/64    ipv6 address 6RDLAB ::1:0:0:0:1/64
 +  !
 +
 +For good measure, let’s recreate our Loopback interface too; this will restore our anchor point we can test against:
 +
 +  interface Loopback0
 +   description Customer Router Loopback
 +   ipv6 address 6RDLAB ::2:0:0:0:1/64
 +   no shutdown
   !   !
  
 And the resulting IPv6 addresses for the Customer router would look like this: And the resulting IPv6 addresses for the Customer router would look like this:
  
-  Cust5# show ipv6 interface brief +  Cust6# show ipv6 interface brief   
-  -to-be-done+  FastEthernet0/       [up/up]   
- +      FE80::C81D:5FF:FEAF:  
 +      2001:DB8:6:C221::  
 +  FastEthernet0/       [up/up]   
 +      unassigned   
 +  Tunnel0                [up/up]   
 +      FE80::6444:3C22 
 +  Loopback0              [up/up]   
 +    FE80::C81D:5FF:FEAF:  
 +    2001:DB8:60:C222::
 + 
 +Refer to the earlier discussion about the “general-prefix”. We have `2001:DB8:6:C220::/60` as the IPv6 subnet created by 6rd. Taking this and appending `::1:0:0:0:0` results in the first subnet to be allocated to the network the `FastEthernet0/0` interface there is automatically assigned `2001:DB8:6:C221::/64`, with the IPv6 address on the interface being `2001:DB8:6:C221::1/64`. 
 + 
 +===== Configuring the Access Router ===== 
 + 
 +The point-to-point link address from the network operator to the customer is normally not carried in the IGP or even in the BGP. However, 6rd uses the point-to-point link address as the basis for the IPv6 prefix generated for 6rd. So the network operator needs to carry the point-to-point link address at least as far as the 6BR router so that the IPv6 tunnel can see its end point on the customer router. 
 + 
 +The simple and scalable way to do this is to put the point-to-point link address into iBGP on the Access Router. Like this: 
 + 
 +  router bgp X0 
 +   address-family ipv4 
 +    network 100.68.X.32 mask 255.255.255.252 
 +  ! 
 + 
 +Once you have done this, connect to the Core and Border routers to make sure that you now see this point to point link address in the BGP. And check that connectivity works from the Border router by trying to ping the end point on the Customer router: 
 + 
 +  BRX# ping 100.68.X.34 
 + 
 +If there is no answer, check the BGP table, and that there is a default route on the Customer router point back to the Access router. 
  
 ===== Configuring the 6BR ===== ===== Configuring the 6BR =====
Line 127: Line 212:
 ===== Testing ===== ===== Testing =====
  
-With the 6BR and the Customer router now set up to support 6rd, trying some IPv4 and IPv6 traceroutes from the Customer router to the backbone Transit providers and out to the Internet.+With the 6BR and the Customer router now set up to support 6rd, trying some IPv4 and IPv6 traceroutes from the Customer router to the backbone Transit providers and out to the Internet. **Hint**: Use the Loopback interface as the source of your traceroutes and pings. 
 + 
 +(Note that the lab doesn’t have IPv6 connectivity, but at least try IPv6 traceroutes into the Transit backbone and to other groups.)
  
 What do you see? What do you see?
  
    
 +[[:training:sanog32:agenda| Back to Agenda page]]
training/sanog32/d-6rd.1532394680.txt.gz · Last modified: 2018/07/24 11:11 by philip