Monday, 29 April 2013

IPv6 Basics

IPv6 is now major part of the CCNP curriculum, therefore I had better be proficient and well-versed in its ways if I am to pass the exams.  For me there is no better to way to learn something than to get in the console and start using it - then the theory makes sense.  Everyone is different.  So in this lab I set a few simple goals to build familiarity with IPv6:

1.  Establish a pure IPv6 network
2.  Use an IPv6 IGP like EIGRP
3.  Create IPv6 BGP peerings using loopbacks
4.  Redistribution and route-filtering

Pretty simple stuff, but great to prove that simple stuff with IPv6 is no harder than simple stuff with IPv4.  Using this topology I set about my business.


IPv6 Network

This is the easy bit.  It takes a while to get used to using IPv6 addresses.  One simple tool is the global prefix command, this can save you a bit of typing and allow you to use "simpler" host addresses.  While at it you have to enabled IPv6 unicast routing as the other global setting.  In this instance my prefix will be called "abz1":

ipv6 general-prefix abz1 2001:AE12:1234::/48
ipv6 unicast-routing

Easy now to address the interfaces:

interface FastEthernet0/0
 ipv6 address abz1 ::1/120

I am using /120 masks, as this leaves 8 bits for hosts - a force of habit from the IPv4 world.  I find it far easier getting to grips with IPv6 by thinking as I would IPv4.

Once all the interfaces are configured, a ping test is required to test the links before adding in an IGP, note the command:

R1#ping ipv6 2001:AE12:1234::2

 Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:AE12:1234::2, timeout is 2 seconds:
!!!!!

EIGRP

Without labouring the point and attempting to rewrite the manual, EIGRP works more or less as it does in IPv4, with a few subtle differences.  First of all you need to configure the global settings, then instead of using the network command you must enable it on the interface:

ipv6 router eigrp 1
 eigrp router-id 1.1.1.1

interface FastEthernet0/0
 ipv6 address abz1 1::1/120
 ipv6 eigrp 1

Yes, it is kind of annoying to have to use an IPv4 router-id.  At this point EIGRP neighbor relationships are formed and routes exchanged, check this using the show ipv6 route eigrp command:

R1#show ipv6 route eigrp
IPv6 Routing Table - default - 7 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
       B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
       I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
       EX - EIGRP external, ND - Neighbor Discovery
D   2001:AE12:1234::2:0/120 [90/30720]
     via FE80::C80B:14FF:FEC8:8, FastEthernet0/0
D   2001:AE12:1234:0:3:3:3:3/128 [90/158720]
     via FE80::C80B:14FF:FEC8:8, FastEthernet0/0

BGP

Now for a jolly I wanted to add in BGP.  I added in two loopback 0s on either end of my network to establish the BGP peerings with: normal, sane practice.  A further couple of loopbacks were added to play with routes.

BGP commands for IPv6 are all accessed via the usual BGP way.  If you are at all familiar with BGP then it is actually quite intuitive, I did not have to lookup any commands despite never having created IPv6 BGP peers before:

router bgp 65000
 bgp router-id 1.1.1.1
 bgp log-neighbor-changes
 neighbor 2001:AE12:1234:0:3:3:3:3 remote-as 65000
 neighbor 2001:AE12:1234:0:3:3:3:3 update-source Loopback 0

Remember, if you are peering with loopbacks, you better use update-source.  Go into the IPv6 address family to activate the peers:

 address-family ipv6
  no synchronization
  network 2001:AE12:1234:0:1:1:1:1/128
  neighbor 2001:AE12:1234:0:3:3:3:3 activate
 exit-address-family

This was hunky dory.  Confirm the peers using a pretty similar command to IPv4:

BGP neighbor is 2001:AE12:1234:0:3:3:3:3,  remote AS 65000, internal link
  BGP version 4, remote router ID 3.3.3.3
  BGP multisession with 2 sessions (2 established), first up for 00:46:59
  BGP table version 1, neighbor version 1/0
  BGP table version 6, neighbor version 6/0

Route Manipulation

Finally I wanted to do some route filtering, just the utter basics.  First I configured 2x loopbacks on R3, one of the routes would be filtered.  I am using /128 masks.

interface Loopback100
 no ip address
 ipv6 address 2001:AE12:1234:0:4:4:4:4/128
!
interface Loopback101
 no ip address
 ipv6 address 2001:AE12:1234:0:5:5:5:5/128

As you might IPv4 next create the access-list and route-map:

route-map 6filter permit 10
 match ipv6 address bgp
!
ipv6 access-list bgp
 permit ipv6 host 2001:AE12:1234:0:4:4:4:4 any

Finally redistribute the connected interfaces to get those routes into BGP:

 address-family ipv6
  redistribute connected route-map 6filter

Over to R1 and check the filtering of the "4:4:4:4" range.

R1#show ipv6 route bgp
IPv6 Routing Table - default - 7 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
       B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
       I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
       EX - EIGRP external, ND - Neighbor Discovery
B   2001:AE12:1234:0:4:4:4:4/128 [200/0]
     via 2001:AE12:1234:0:3:3:3:3

There we have it, just the single route.  So there it is, really IPv6 is pretty easy to use, once you start using it.  I for one am itching to get some IPv6 address space, there really comes a time when you just have to say enough with the NAT issues...

Posted by at
Labels: , , ,

3 comments:

Found this pointless and feel you must comment? Really, there is no need, we are fully aware of the pointlessness of this article. But if you must...

Subscribe to: Post Comments (Atom)