Sunday, November 21, 2010

6PE - IPv6 over MPLS


As Experts predict, it appears that IPv4 will be exhausted by 2011 and many Enterprises have started migrating to IPv6. This raises a business need to Service providers to provide IPv6 services to Edge Customers.
Few possible solutions that enable Service Providers to deliver IPv6 services include:
1.      End-to-End (CE-to-CE) IPv6 tunnel over IPv4.
2.      IPv6 over Layer 2 VPN (EoMPLS/FRoMPLS)
3.      Migrating the Service Provider backbone to IPV6 (Native IPv6)
4.      IPv6 over MPLS (6PE)



Here we will discuss about 6PE and the related configuration.
6PE is one such wonderful feature which allows Service provider to deliver IPv6 services to Edge Customers without migrating the stabilized IPv4 backbone to IPv6. Most of Service Provider has MPLS backbone which forwards traffic based on labels instead of actually looking into the IP header. 6PE utilizes existing MPLS cloud to forward IPv6 traffic using labels. This requires the below,
1.      Service Provider backbone with MPLS enabled.
2.      Provider Edge devices should be enabled to support dual stack (both IPv4 and IPv6).
3.      MP-BGP between all Provider Edge devices.
This approach uses MP-BGP over IPv4, relies on IPv4 address to identify other 6PE routers and uses IPv4 signaled Label Switched Path.



How 6PE works?
1.      Receive IPv6 prefixes from CE devices.
2.      Assign labels to all received IPv6 prefixes.
3.      Exchange IPv6 prefixes along with labels between PE devices using MP-BGP.
4.      Transport IPv6 traffic from CE using existing IPv4 signalled LSPs.
Receive IPv6 prefixes from CE devices
PE device will be dual stack configured with IPv4 as core facing and the interface connected to CE device with native IPv6 address. Any IPv6 routing protocol can be used between PE and CE to exchange IPv6 prefixes. Alternatively, IPv6 static route or default route can also be used.
In our case study, RIPng is used between PE-CE to exchange prefixes as below,
R2#show ipv6 route rip
IPv6 Routing Table - default - 4 entries

R   2001:1111::1/128 [120/2]
     via FE80::A8BB:CCFF:FE03:E900, Ethernet0/0.12
R2#

Assign labels to all received IPv6 prefixes
By default, IPv6 CEF will be disabled. In order to have 6PE service up and running, we need to enable IPv6 CEF enabled on all PE devices that provides 6PE service.
R2#show ipv6 cef
%IPv6 CEF not running
R2#

Once IPv6 CEF is enabled, labels will be assigned to all IPv6 prefixes learnt via IGP as below,
R2#
R2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#ipv6 cef
R2(config)#end
R2#show mpls forwarding-table | inc 2001
*Nov 20 18:21:29.099: %SYS-5-CONFIG_I: Configured from console by console
R2#show mpls forwarding-table | inc 2001
19     No Label      2001:1111::1/128  0             Et0/0.12   FE80::A8BB:CCFF:FE03:E900
R2#

Exchange IPv6 prefixes along with labels between PE devices using MP-BGP

On PE devices, IPv6 prefixes will be redistributed into BGP and will be advertised to other PE devices. Inorder to use IPv4 signalled LSP to transmit IPv6 traffic, 6PE uses IPv4 mapped IPv6 address as Next hop while advertising IPv6 prefixes via BGP to other PEs. This IPv4 mapped IPv6 address will be format as ::FFFF.
R4#show bgp ipv6 unicast 2001:1111::1/128
BGP routing table entry for 2001:1111::1/128, version 0
Paths: (1 available, no best path)
  Not advertised to any peer
  Local
    ::FFFF:10.1.2.2 (inaccessible) from 10.1.2.2 (10.1.2.2)
      Origin incomplete, metric 2, localpref 100, valid, internal
R4#

In the above output, it can be noted that the next hop is ::FFFF:10.1.2.2 which is IPv4 mapped IPv6 address. It can also be noted that the nexthop is marked as inaccessible and so the prefix is not selected as best path. When any PE receives BGP update for IPv6 prefix with “IPv4 mapped IPv6 address” as nexthop and no label, nexthop will be marked as inaccessible and will not be used.

In order to advertise IPv6 prefix with label, we need to enable “send-label” command for the neighbor as below,

R2(config)#router bgp 65000
R2(config-router)#address-family ipv6
R2(config-router-af)#neighbor 10.1.4.4 send-label
R2(config-router-af)#
*Nov 20 18:47:16.783: %BGP-5-ADJCHANGE: neighbor 10.1.4.4 Down Capability changed
R2(config-router-af)#end
R2#
*Nov 20 18:47:34.327: %BGP-5-ADJCHANGE: neighbor 10.1.4.4 Up
R2#

(Note: This command needs to be enabled on both side inorder to have 6PE work as expected. This will flap the existing neighborship and it is expected as capabilities needs to be negotitated).

R4#show bgp ipv6 unicast 2001:1111::1/128
BGP routing table entry for 2001:1111::1/128, version 8
Paths: (1 available, best #1, table default)
  Not advertised to any peer
  Local
    ::FFFF:10.1.2.2 (metric 21) from 10.1.2.2 (10.1.2.2)
      Origin incomplete, metric 2, localpref 100, valid, internal, best
      mpls labels in/out nolabel/19
R4#

Transport IPv6 traffic from CE using existing IPv4 signalled LSPs.
Now that control plane is populated with all information, when PE receives IPv6 packet from CE, CEF lookup will be done which will provide with 2 labels. Top label is to identify the PE where destination CE is connected and bottom label to identify the IPv6 destination on PE to take forwarding decision.

In our case study, when R5 sends Ipv6 traffic destinated to 2001:1111::1/128, it will be sent to R4 acts as PE.  Label imposition will be done with 19 as bottom label and 16 as top label.

R4#show ipv6 cef 2001:1111::1/128 detail
2001:1111::1/128, epoch 0
  recursive via 10.1.2.2 label 19
    nexthop 10.1.34.3 Ethernet0/0.34 label 16
R4#

R3 on receiving this mpls packet will perform POP action and will send mpls packet with label 19 to R2.

R3#show mpls forwarding-table labels 16
Local  Outgoing      Prefix            Bytes Label   Outgoing   Next Hop   
Label  Label or VC   or Tunnel Id      Switched      interface             
16     Pop Label     10.1.2.2/32       12580         Et0/0.23   10.1.23.2  
R3#

R2 on receiving this mpls packet with label 19 will perform lookup into IPv6  table and will be sent to CE device accordingly.

R2#show mpls forwarding-table labels 19
Local  Outgoing      Prefix            Bytes Label   Outgoing   Next Hop   
Label  Label or VC   or Tunnel Id      Switched      interface             
19     No Label      2001:1111::1/128  590           Et0/0.12   FE80::A8BB:CCFF:FE03:E900
R2#


1 comment: