20 April 2017

IPv6 over IPv4 Tunneling

Overlay tunneling encapsulates IPv6 packets in IPv4 packets for delivery across an IPv4 infrastructure (a core network or the figure below). By using overlay tunnels, you can communicate with isolated IPv6 networks without upgrading the IPv4 infrastructure between them. Overlay tunnels can be configured between border devices or between a border device and a host; however, both tunnel endpoints must support both the IPv4 and IPv6 protocol stacks. IPv6 supports the following types of overlay tunneling mechanisms:

  • Manual
  • Generic routing encapsulation (GRE)
  • IPv4-compatible
  • 6to4
  • Intrasite Automatic Tunnel Addressing Protocol (ISATAP) 

 
The config is simple.


R1# show running-config
!
ip cef
ipv6 unicast-routing
ipv6 cef
!
interface Loopback0
no ip address
ipv6 address 2001:DB8:1::1/64
ipv6 ospf 1 area 0
!
interface Tunnel0
no ip address
ipv6 address 2001:DB8:10::1/64
ipv6 ospf 1 area 0
tunnel source Ethernet0/0
tunnel mode ipv6ip
tunnel destination 209.165.201.6
!
interface Ethernet0/0
ip address 209.165.201.1 255.255.255.252
!
router ospfv3 1
!
address-family ipv6 unicast
exit-address-family
!
router bgp 100
bgp router-id 1.1.1.1
bgp log-neighbor-changes
neighbor 209.165.201.2 remote-as 200
!
address-family ipv4
network 209.165.201.0 mask 255.255.255.252
neighbor 209.165.201.2 activate
exit-address-family
!
end

R3# show ipv6 int brief
Ethernet0/1            [up/up]
    unassigned
Loopback0              [up/up]
    FE80::A8BB:CCFF:FE00:3000
    2001:DB8:3::3
Tunnel0                [up/up]
    FE80::D1A5:C906
    2001:DB8:10::2

R3# tracer 2001:DB8:1::1
Tracing the route to 2001:DB8:1::1

  1 2001:DB8:10::1 2 msec 2 msec 1 msec

R1# debug ipv6 icmp
*Apr 20 18:04:41.250: ICMPv6: Sent Unreachable code 4, Src=2001:DB8:10::1, Dst=2001:DB8:10::2
*Apr 20 18:04:41.251: ICMPv6: Sent Unreachable code 4, Src=2001:DB8:10::1, Dst=2001:DB8:10::2


biOos

25 February 2017

Multiprotocol BGP (MP-BGP) Example

MBGP Overview

Multiprotocol BGP (MBGP) is defined in RFC 2283.  This RFC defines extensions to the existing BGP protocol to allow it to carry more than just IPv4 route prefixes.  Examples of some of the new types of routing information include (but are not limited to):

• IPv4 prefixes for Unicast routing
• IPv4 prefixes for Multicast RPF checking
• IPv6 prefixes for Unicast routing

A common misconception is that MBGP is a replacement for PIM.  This is incorrect. MBGP does not propagate any multicast state information nor does it build any sort of multicast distribution trees. MBGP can distribute unicast prefixes that can be used for the multicast RPF check.

Because MBGP is an extension to the existing BGP protocol, the same basic rules apply to path selection, path validation, etc.

Previously, BGP only maintained a single Routing Information Base (RIB) for IPv4 unicast prefixes.  In the case of MBGP, separate RIB’s must be maintained for each type of routing information being exchanged. This implies that a separate Unicast RIB (U-RIB) and a separate Multicast RIB (M-RIB) can be maintained by MBGP. The example below give us an idea:



R1# sh run | s router bgp
router bgp 100
bgp router-id 1.1.1.1
bgp log-neighbor-changes
no bgp default ipv4-unicast !enable the mp-bgp
neighbor 2001:0:1:1::2 remote-as 200
neighbor 172.16.1.3 remote-as 300
!
address-family ipv4
network 10.3.0.0 mask 255.255.255.0
neighbor 172.16.1.3 activate
exit-address-family
!
address-family ipv6
network 2001:0:0:10::/64
neighbor 2001:0:1:1::2 activate
exit-address-family

R2# sh run | s router bgp
router bgp 200
bgp router-id 2.2.2.2
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 2001:0:1:1::1 remote-as 100
neighbor 192.168.1.3 remote-as 300
!
address-family ipv4
network 10.3.1.0 mask 255.255.255.0
neighbor 192.168.1.3 activate
exit-address-family
!
address-family ipv6
network 2001:0:0:20::/64
neighbor 2001:0:1:1::1 activate
exit-address-family

R3# sh run | s router bgp
router bgp 300
bgp router-id 3.3.3.3
bgp log-neighbor-changes
network 10.3.2.0 mask 255.255.255.0
neighbor 172.16.1.1 remote-as 100
neighbor 192.168.1.2 remote-as 200

R1# sh ip bgp
BGP table version is 4, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, 
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, 
x best-external, a additional-path, c RIB-compressed, 
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network          Next Hop            Metric LocPrf Weight Path
*>  10.3.0.0/24      0.0.0.0                  0         32768 i
*>  10.3.1.0/24      172.16.1.3                             0 300 200 i
*>  10.3.2.0/24      172.16.1.3               0             0 300 i

R1# sh ipv6 route
IPv6 Routing Table - default - 6 entries
...
...

C   2001:0:0:10::/64 [0/0]
via Loopback0, directly connected
L   2001:0:0:10::1/128 [0/0]
via Loopback0, receive
B   2001:0:0:20::/64 [20/0]
via FE80::A8BB:CCFF:FE00:200, Ethernet0/0
C   2001:0:1:1::/64 [0/0]
via Ethernet0/0, directly connected
L   2001:0:1:1::1/128 [0/0]
via Ethernet0/0, receive
L   FF00::/8 [0/0]
via Null0, receive

R1# ping 2001:0:0:20::1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:0:0:20::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

biOos