[arin-discuss] Implementing IPv6
GMail Account
ccie18532 at gmail.com
Wed Feb 27 14:37:34 EST 2013
Good afternoon:
Attached is a configuration that I have used with cisco routers. The key to
start the IPv6 in BGP is to turn-off "bgp default ipv4-unicast". Now when
you do that the BGP session becomes dual stacked IPv4 and IPv6. I have also
added an interface command. In cisco you can have multiple IPv6 addresses
and do not need the "secondary" command as you do with IPv4. This was an
IOS 12.4 configuration, but IOS 15 ain't much different.
Don't panic IPv6 is very easy once you use notepad to build your
configuration. There are no RFC 1918's so I made my own with 10::, easy to
understand and I won't announce it anyway. Now cisco has been slow in
offering NAT-66 and NAT-64, but others are doing NAT-44, NAT-46, NAT-64, and
NAT-66, (Arista, F5, etc.).
router bgp 12345
no bgp fast-external-fallover
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 1:1::2 remote-as 1
neighbor 1:1::2 description *** Fist ISP IPv6 ***
neighbor 1.1.1.1 remote-as 1
neighbor 1.1.1.1 description *** Fist ISP IPv4 ***
neighbor 2.2.2.2 remote-as 2
neighbor 2.2.2.2 description *** Second ISP IPv4 ***
neighbor 3:3::3 remote-as 3
neighbor 3:3::3 description *** Third ISP IPv6 ***
neighbor 3.3.3.3 remote-as 3
neighbor 3.3.3.3 description *** Third ISP IPv4 ***
!
address-family ipv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 soft-reconfiguration inbound
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 soft-reconfiguration inbound
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 soft-reconfiguration inbound
no auto-summary
no synchronization
network 11.11.11.0 mask 255.255.255.0
network 12.12.12.0 mask 255.255.255.0
network 21.21.21.0 mask 255.255.255.0
network 22.22.22.0 mask 255.255.255.0
network 31.31.31.0 mask 255.255.255.0
network 32.32.32.0 mask 255.255.255.0
network 222.33.0.0
exit-address-family
!
address-family ipv6
neighbor 1:1::2 activate
neighbor 1:1::2 soft-reconfiguration inbound
neighbor 1:1::2 prefix-list IPv6 in
neighbor 3:3::3 soft-reconfiguration inbound
network 12:12::/32
network 31:31::/32
exit-address-family
!
interface G0/0
description Gateway for Servers and Network Services
ip address 12.12.12.1 255.255.255.0 secondary
ip address 22.22.22.1 255.255.240.0
ip verify unicast source reachable-via rx allow-default 199
no ip redirects
no ip unreachables
no ip proxy-arp
ipv6 address 20::1/48
ipv6 address 40::1/48
ipv6 enable
no ipv6 unreachables
no ipv6 redirects
ipv6 verify unicast reverse-path RFC-2827
end
!
access-list 199 remark *** Verify Reverse Path ***
access-list 199 deny ip any any log
!
ipv6 access-list RFC-2827
deny ipv6 any any log
George Morton, Ph. D.
Principal Network Architect
Enabling the Smart Network
Dual CCIE 18532, Router/Switch & Security
954-802-1347 Cell
954-839-8486 Remote Office
202-787-3988 DC Office
The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential, proprietary, and/or
privileged material. Any review, retransmission, dissemination or other use
of, or taking of any action in reliance upon this information by persons or
entities other than the intended recipient is prohibited. If you received
this in error, please contact the sender and delete the material from all
computers.
-----Original Message-----
From: arin-discuss-bounces at arin.net [mailto:arin-discuss-bounces at arin.net]
On Behalf Of John Von Essen
Sent: Wednesday, February 27, 2013 1:52 PM
To: arin-discuss at arin.net
Subject: Re: [arin-discuss] Implementing IPv6
I dont know why this thread keeps going. IPv6 implementation is SO easy.
Step 1: Call your BGP peers and ask them to give you dual-stack IPv4/
IPv6 and setup an IPv6 BGP session.
Step 2: Configure the WAN link on your routers with dual-stack IPv4/
IPv6 and assign the IPv6 address given to you by your BGP peers.
Step 3: Add the BGP session info for v6
Step 4: Add your v6 advertisements
Step 5: Your DONE
I have Cogent, Level3, and Abovenet peers. It literally took 1-2 days to get
completely setup with IPv6, I just emailed them, requested dual- stack, got
my v6 address, brought up the peer's BGP session for v6, and boom I was
done.
As for the people who are behind Cogent alone and have some issues with HE,
ummm.... how can you be a recent Arin member with IP resources and NOT be
multi-homed? If you're legitimately an end-user network, thats fine, but why
run BGP over a single-homed link? Just do a static route to your single ISP
and let your ISP announce your block, and since your ISP is multi-homed the
HE thing is not an issue.
Lets not confuse implementation and adoption. v6 is extremely easy to
implement, adoption is a different story. I've been native v6 for over
2 years, and of my 300+ datacenter customers - alone one is using v6 - the
rest are oblivious.
-John
On Feb 27, 2013, at 12:02 PM, Jawaid Bazyar wrote:
> What is really needed is simple cookbooks for ISPs and business
> networks - step by step checklist of everything you need to do to
> fully enable and support IPv6.
>
> We have implemented IPv6 and successfully tested it directly. What
> we don't have is clear methodology around IPv4 to v6 gateways and
> vice-versa.
>
> Make it stupid easy to implement and it will get done.
>
> On 02/27/2013 09:40 AM, Tim St. Pierre wrote:
>> So how do we make it "The end of the Freakin' IPv4 World" so people
>> will actually do this already.
>>
>> I talk to access ISPs about it all the time, and the usual response
>> is "well, we're working on it, but it's years away. It isn't really
>> a priority right now." I think if we set a deadline, like "World
>> Turn off IPv4 day", then we will actually see some traction.
>>
>> -Tim
>>
>> On 13-02-27 10:52 AM, Adrian Goins wrote:
>>> I was sucked into the Cogent/HE problems during World IPv6 day v1
>>> and v2. It ultimately affected one of my clients deciding to keep
>>> IPv6 up for their infrastructure - they saw that split in
>>> reachability as bad for their customers, since customers using HE
>>> as a tunnel broker would think that the client was the problem,
>>> not peering. For most users of the Internet discussions about
>>> peering have no value.
>>>
>>> I agree with the statement about multihoming being the solution.
>>> If you can't afford to multihome, see about getting your
>>> connectivity from a provider who _is_ multihomed. It puts you a
>>> couple hops away from the backbone, but it may be worth it to
>>> route around this issue. You might even be able to find someone in
>>> your datacenter who can throw a cross-connect to your cage and
>>> push you out to L3 or ATT or someone other than Cogent.
>>>
>>> We're up with IPv6 transit from Cogent and L3, using our own /32.
>>> I have the opportunity to get transit directly from HE, and I'm
>>> considering doing so as well. I think that the whole squabble is
>>> bad for the Internet and terrible for IPv6 adoption as a whole,
>>> but it's almost worth it for me to pay for the extra handoff to
>>> not be drawn into it any more than I have to be.
>>>
>>> What I'm waiting for is IPv6 to the real end users. If TWC or
>>> Comcast or Vz would reliably roll out IPv6 across their customer
>>> networks, it would make life much easier. One of our providers at
>>> our EU office was kind enough to enable IPv6 on our wireless link,
>>> but when I asked them about giving me a /64 or /48, they were
>>> stupefied. It hadn't occurred to them that we actually need to
>>> have an IP block in order to make use of it.
>>>
>>> I think we're still a long way off from where we should be for
>>> awareness and adoption, and, like most things business humans do,
>>> until it's actually the end of the freakin' IPv4 world, no one is
>>> going to make a move.
>>>
>>> Adrian Goins
>>> agoins at arces.net <mailto:agoins at arces.net>
>>>
>>>
>>>
>>>
>>> On Feb 22, 2013, at 3:37 PM, Kerry L. Kriegel <kkriegel at cyberlynk.net
>>> <mailto:kkriegel at cyberlynk.net>> wrote:
>>>
>>>> We only broadcast our data center /32. Cogent is the only
>>>> provider we have doing IPv6 at the moment.
>>>> AT&T says they do it, but getting it implemented across our
>>>> peering link has been in process for several months.
>>>> TWTC has the request, and may be online within the week.
>>>> TWC -- no way.
>>>> Cogent - online.
>>>> Level3 - online in about 45 days.
>>>> Thank you,
>>>> *Kerry L. Kriegel*
>>>> Network Operations Engineer
>>>> Cyberlynk Network, Inc.
>>>> Office: 414-858-9335
>>>> Fax: 414-858-9336
>>>> *From:*Michael Wallace [mailto:michael at birdhosting.com
<http://birdhosting.com
>>>> >]
>>>> *Sent:*Friday, February 22, 2013 10:53 AM
>>>> *To:*Kerry L. Kriegel; arin-discuss at arin.net
<mailto:arin-discuss at arin.net
>>>> >
>>>> *Subject:*re: [arin-discuss] Implementing IPv6
>>>>
>>>> There are plenty of providers out there that do IPv6. We are
>>>> currently terminating to a bunch of them. Abovenet, Level3, HE,
>>>> etc etc. Are you broadcasting the BGP for these?
>>>>
>>>> Thanks,
>>>>
>>>> Michael Wallace
>>>> Bird Hosting
>>>>
>>>>
------------------------------------------------------------------------
>>>>
>>>> *From*: "Kerry L. Kriegel" <kkriegel at cyberlynk.net
<mailto:kkriegel at cyberlynk.net
>>>> >>
>>>> *Sent*: Friday, February 22, 2013 8:48 AM
>>>> *To*:arin-discuss at arin.net <mailto:arin-discuss at arin.net>
>>>> *Subject*: [arin-discuss] Implementing IPv6
>>>>
>>>> We received our /32 IPv6 block from ARIN awhile back but before
>>>> we could do anything with it we needed to do some hardware / IOS
>>>> upgrades on our backbone. We got enough of that finished last
>>>> week that we decided to "roll out" IPv6 and see how things looked.
>>>> After a couple days of trouble shooting why none of the engineers
>>>> in our data center could reach their Hurricane Electric Tunnel
>>>> networks at home (and vice versa), I stopped looking at our
>>>> backbone and started looking at Google.
>>>> It appears that the squabble started in 2009 between Cogent and
>>>> HE is still in progress. I was wondering if anyone on this list
>>>> had any "inside" information about the problem and whether or not
>>>> there was an end in sight. It seems to me that having a
>>>> disconnect between two major players is going to hinder IPv6
>>>> adaptation.
>>>> Thank you,
>>>> *Kerry L. Kriegel*
>>>> Network Operations Engineer
>>>> Cyberlynk Network, Inc.
>>>> Office: 414-858-9335
>>>> Fax: 414-858-9336
>>>> _______________________________________________
>>>> ARIN-Discuss
>>>> You are receiving this message because you are subscribed to
>>>> the ARIN Discussion Mailing List (ARIN-discuss at arin.net
<mailto:ARIN-discuss at arin.net
>>>> >).
>>>> Unsubscribe or manage your mailing list subscription at:
>>>> http://lists.arin.net/mailman/listinfo/arin-discuss
>>>> Please contact info at arin.net if you experience any issues.
>>>
>>>
>>>
>>> _______________________________________________
>>> ARIN-Discuss
>>> You are receiving this message because you are subscribed to
>>> the ARIN Discussion Mailing List (ARIN-discuss at arin.net).
>>> Unsubscribe or manage your mailing list subscription at:
>>> http://lists.arin.net/mailman/listinfo/arin-discuss
>>> Please contactinfo at arin.net if you experience any issues.
>>
>>
>> --
>> --
>> Tim St. Pierre
>> System Operator
>> Communicate Freely
>> 289 225 1220 x5101
>> tim at communicatefreely.net
>> www.communicatefreely.net
>>
>>
>> _______________________________________________
>> ARIN-Discuss
>> You are receiving this message because you are subscribed to
>> the ARIN Discussion Mailing List (ARIN-discuss at arin.net).
>> Unsubscribe or manage your mailing list subscription at:
>> http://lists.arin.net/mailman/listinfo/arin-discuss
>> Please contact info at arin.net if you experience any issues.
>
> --
>
> Jawaid Bazyar
>
> President
>
> ph 303.815.1814
>
> fax 303.815.1001
>
> Jawaid.Bazyar at foreThought.net <email:Jawaid.Bazyar at foreThought.net>
> <http://www.foreThought.net>
> Note our new address: 2347 Curtis St, Denver CO 80205
>
> _______________________________________________
> ARIN-Discuss
> You are receiving this message because you are subscribed to
> the ARIN Discussion Mailing List (ARIN-discuss at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-discuss
> Please contact info at arin.net if you experience any issues.
_______________________________________________
ARIN-Discuss
You are receiving this message because you are subscribed to
the ARIN Discussion Mailing List (ARIN-discuss at arin.net).
Unsubscribe or manage your mailing list subscription at:
http://lists.arin.net/mailman/listinfo/arin-discuss
Please contact info at arin.net if you experience any issues.
More information about the ARIN-discuss
mailing list