1 / 21

IPv6 Address Provisioning

IPv6 Address Provisioning. In IPv6 world there are three provisioning aspects wich are independent of whether the IPv6 node is a Host or CE router: IPv6 address provisioning IPv6 DNS provisioning IPv6 Time provisioning using NTP. IPv6 Address provisioning:. *Host IPv6 Address provisioning

zada
Télécharger la présentation

IPv6 Address Provisioning

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IPv6 Address Provisioning In IPv6 world there are three provisioning aspects wich are independent of whether the IPv6 node is a Host or CE router: IPv6 address provisioning IPv6 DNS provisioning IPv6 Time provisioning using NTP.

  2. IPv6 Address provisioning: *Host IPv6 Address provisioning *Router IPv6 Address Provisioning( Prefix Delegation)

  3. Host IPv6 Address Provisioning • Stateless Autoconfiguration(RFC2462): IPv6-capable hosts rely on Router Advertisement (RA) messages to obtain the information needed for autoconfiguration. To acquire an IPv6 address, a host will follow three steps: a. Discover a prefix used on the link: The host can listen to periodic RAs sent by routers on the link or it can poll for routers with the help of Router Solicitation messages. The prefixes information is extracted from the RA messages.

  4. Host IPv6 Address ProvisioningCont…. b. Generate an interface ID. To have a full IPv6 address, the host must add an interface identifier to a prefix learned from the routers on the link using various methods: • Build one from the layer 2 address in the modified EUI-64 format. • Autogenerate a random address as defined in RFC 3041. • Acquire the interface ID via DHCPv6. • Acquire the interface ID via IPCPv6. • Manual configuration. • Cryptographically generated addresses (CGAs) based on RFC 3972 through a hash that includes a public key.

  5. Host IPv6 Address ProvisioningCont…. c. Verify the uniqueness of the generated IPv6 address using The Duplicate Address Detection (DAD) mechanism . 2.Statefull DHCP: Stateful DHCP is a client/server-based mechanism that provides managed provisioning of hosts. Its operation for IPv6 is described in RFC 3315. The disadvantage of using this provisioning mechanism is that it requires a more complex host implementation.Not implemented in cisco routers, Cisco produces a product named as Cisco Network Registrar (CNR) that does this task . 3.Stateless DHCP: the DHCP clients don’t use the DHCP server(s) to obtain IP address(es) information, they use the DHCP server(s) to obtain the other useful configuration informaiton (like the addresses of DNS servers).

  6. Router IPv6 Address Provisioning: Prefix Delegation • Prefix delegation (PD) is a mechanism developed to provide automated delegation of IP address blocks. The delegation is done from an ISP to its customer. The ISP does not require any knowledge of the customer's internal network topology. • The DHCP-PD protocol runs between a Customer Edge (CE) and a Provider Edge (PE) router, the CE is called a Requesting Router (RR) and the PE router a Delegating Router (DR). The RR acts as the DHCP client, and requests prefixes from the DR (DHCP server). The DR injects a route into the provider's routing system for the delegated prefix on behalf of the RR. That way, a dynamic routing protocol between the RR and the DR is not needed; however, the RR and the DR must be directly connected.

  7. Router IPv6 Address Provisioning: Prefix Delegation cont..

  8. IPv6 Broadband Network Access Two IPv6 Native access architictures are prevalent: • A closed model, based on L2TP and adapted to wholesale-oriented service providers • An open model without L2TP

  9. 1.The closed model:(Virtualized Access Layer) A wholesale network access provider (NAP) is not interested in handling subscribers at layer 3. After providing broadband access, the NAP tunnels the subscribers to an ISP for address assignment and IP traffic forwarding. In other words, the NAP provides the ISP with a virtual access layer.the CPE could be IPv6 aware or couldn't.and this modeldepend on ppp.

  10. 2.Open model without L2TP: 1.PPP based model:CPE could be IPv6 aware or not.

  11. 2.Open model without PPP:the CPE could be IPv6 Aware or not.

  12. Customer Link Encapsulation • To determine whether CPE should be IPv6 aware or not we must take a look at customer link encapsulation:(for DSL-based access) only: 1. PPPoA 2. PPPoE 3. RBE

  13. 1.PPPoA: CPE must be IPv6 Aware

  14. 2.PPPoE: the top CPE not IPv6 aware,and the bottom one is IPv6 aware.

  15. 3.RBE Access:the CPE not IPv6 aware

  16. Deployment scenarios • The customer address allocation could be static or dynamic: • Static: when the customer network is always numbered with the same address prefix • Dynamic: when the assigned address prefix changes with each connection • Most commonly, a /48 prefix will be delivered to every remote site with more than one subnet. A /64 prefix will be assigned to a customer with only one subnet or a host. As a last resort, a /128 prefix might be assigned to individual remote PCs. 1. Single Host, there are three options: • permanent /64 prefix is assigned to the pc using the RA from the PE router and here there are two possibilities: a. Upon reception of the router advertisement, the PC completes the 64 least significant bits of the IPv6 address on its own. b. Before reception of the router advertisement, at the IPv6CP level, an interface identifier is given to the PC. The “Interface-Id” attribute in the user profile is used to provide a fixed interface identifier to the PC.

  17. •Short-lived /64 prefix. •Short-lived /128 prefix.

  18. 2. Connecting a Home or a Small Business: To connect a home or small business networks to ISP the CPE should be aware of IPv6,otherwise the solution will be as of connecting single host with /64 prefix. When connecting Home or a Small Business deferent issues arise: • 1. Numbering of the PE-CPE link with global addresses (link-local addresses can be used, but do not help network management) • 2. Authentication of the connecting CPE • 3. CPE prefixes database • 4. Injection of the downstream link network and delegated customer prefixes in the ISP routing • 5. Delegation of a shorter than /64 prefix to the CPE router • 6. Autoconfiguration of hosts on links attached to the CPE router: IPv6 addresses, Internet parameters

  19. DHCPv6 PD is the solution to aforementioned deployment issues 3, 4, and 5. DHCPv6 PD delegates prefixes from the provider edge router to the CPE and operates on the PE-CPE link. • Either the provider edge router or the RADIUS database can store the DHCPv6 PD delegated prefixes. If a local database is maintained on the provider edge router for all the connecting CPEs, the stored DHCP unique identifier (DUID) of the CPE indexes the binding between a given prefix and the corresponding CPE. In the other case, the /48 prefixes are stored as prefix attributes in the RADIUS server along with the other user’s attributes. • The ISP-maintained RADIUS database performs CPE (user) authentication. This RADIUS database contains username/password pairs, corresponding /64 prefixes numbering the PE-CPE link, and delegated prefixes. This provides a solution to deployment issues 1, 2, and 3. • Standard autoconfiguration mechanisms as well as stateless DHCPv6 solve deployment issue 6.

More Related