The continuous growth of the global Internet requires that its overall architecture evolve to accommodate the new technologies that support the growing numbers of users, applications, appliances, and services. Internet Protocol Version 6 (IPv6) is designed to meet these requirements and enable a global environment where the addressing rules of the network are again transparent to the applications.
Cisco believes in providing its customers and partners with comprehensive information regarding significant emerging technologies so that they are fully informed and can work jointly with Cisco to implement the best solutions for their environments.
This paper describes the Cisco position and details current and future IPv6 support across Cisco® strategic product families.
Market Drivers
The current IP address space is unable to satisfy the potentially huge increase in the number of users or the geographical needs of the Internet expansion, let alone the requirements of emerging applications such as Internet-enabled wireless devices, home and industrial appliances, Internet-connected transportation systems, integrated telephony services, sensor networks such as radio frequency ID (RFID), IEEE 802.15.4/6LoWPAN (IPv6 over Low power Wireless Personal Area Networks), and distributed computing or gaming.
IPv6 quadruples the number of network address bits from 32 bits (in IPv4) to 128 bits, which provides more than enough globally unique IP addresses for every networked device on the planet. The use of globally unique IPv6 addresses simplifies the mechanisms used for reachability and end-to-end security for network devices, functionality that is crucial to the applications and services that are driving the demand for the addresses.
The lifetime of IPv4 has been extended using techniques such as address reuse with translation and temporary-use allocations. Although these techniques appear to increase the address space and satisfy the traditional client-server setup, they fail to meet the requirements of innovative applications and environments. The need for always-on environments (such as residential Internet through broadband, cable modem, or Ethernet to the home as well as new generation wireless infrastructure through 3G, Wi-Fi, WiMAX, and others) to be contactable precludes these techniques of IP address conversion, pooling, and temporary allocation. The ready-to-use capability required by consumer Internet appliances further increases the address requirements. IPv6 reintroduces end-to-end security and quality of service (QoS) that are not always readily available throughout a Network Address Translation (NAT)-based network.
In addition to the benefits of larger address space, IPv6 includes improvements that simplify network administration, such as:
• Simplified header for routing efficiency
• Deeper hierarchy and policies for network architecture flexibility, enabling efficient support for routing and route aggregation
• Serverless autoconfiguration, easier renumbering, and improved ready-to-use support
• Security with mandatory IP Security (IPsec) implementation for all IPv6 devices
• Improved support for Mobile IP and mobile computing devices (direct path)
• Enhanced multicast support with increased addresses and efficient mechanisms
Industry is in the early stages of large-scale IPv6 production deployment - few IPv6 innovative applications are in the market, and first-generation products need to make tradeoffs between available IPv6 services. Although the success of IPv6 will ultimately depend on the new applications that run over IPv6, a key part of the IPv6 design is its ability to integrate into and coexist with existing IPv4 networks. It is expected that IPv4 and IPv6 hosts will need to coexist for a substantial time during the steady migration from IPv4 to IPv6, and the development of transition strategies, tools, and mechanisms has been part of the basic IPv6 design from the start.
Cisco has been part of this activity, participating in the development of transition techniques and deployment strategies for its products that satisfy a range of customer and network requirements for both service providers and enterprise customers, whether they are planning a trial deployment or deploying live in a controlled environment.
Selection of a deployment strategy, or strategies, depends on the current network environment, and on factors such as the forecast amount of IPv6 traffic, and the availability of IPv6 applications on end systems and appliances, and at a given stage in the deployment. Generic deployment scenarios are described in Cisco IPv6 deployment documentation available at: https://supportforums.cisco.com/docs/DOC-13985.
As part of its IPv6 a solution, Cisco implements the main integration techniques, dual-stack, tunneling and translation required by all environments and adheres to the following overall objectives:
• Network planning and operations managers scheduling an IPv6 deployment must be able to do it when and where needed
• New or updated applications must be protocol-agnostic. IPv4 or IPv6 services are possible between hosts or applications
• Incremental upgrade and deployment, no "flag day"1
• Minimize operational cost, learning curve, and support requirements
IPv6 Innovations at Cisco
Cisco has taken a leading role in the definition and implementation of the IPv6 architecture within the IETF and continues to lead the industry in standardization. Core IPv6 standards are already published by the IETF, while at the same time enhancements are work in progress.
• Cisco engineers have been and continue to be involved on co-chairing multiple IETF Working Groups:
– IPv6 WG from 1990s to 2003
– NGTrans WG from 1990s to 2003
– Dynamic Host Configuration (DHC) WG since 2003
– Mobile IPv6 WG since 2003
– V6Ops WG since 2005
• Cisco IOS® Software IPv6 technology releases have been extensively proven in the 6Bone network (http://www.6bone.net) from 1996 to 2006.
• Since the creation of the IPv6 Forum in 1999, Cisco is a founding member of the forum (http://www.ipv6forum.com) and participates in the National IPv6 Task Force's efforts, such as within the North-America IPv6 Task Force (http://www.nav6tf.org).
• Since May 2001, Cisco IOS Software releases integrate the full IPv6 commercial feature set, with worldwide Cisco Technical Assistance Center (TAC) support.
• Cisco's long-term involvement in large-scale deployments of IPv6 such as 6NET (http://www.6net.org) and Moonv6 (http://www.moonv6.org) means Cisco Professional Services are now able to offer highly experienced consultations on IPv6 projects.
In addition to offering similar features to IPv4, Cisco develops new features that bring innovation to the IPv6 world, offering technology previews for evaluation before these features are added to commercial Cisco IOS Software products:
• Cisco IOS IPv6 Provider Edge Router (6PE) over Multiprotocol Label Switching (MPLS) and Cisco IPv6 VPN Provider Edge Router (6VPE) over MPLS.
• Cisco IOS IPv6 Broadband Access feature set, including Dynamic Host Configuration Protocol Version 6 (DHCPv6) Prefix Delegation; generic prefix configuration; and authentication, authorization, and accounting (AAA) for IPv6.
• Full IPv6 multicast services such Embedded Rendezvous Point (Embedded RP) or source-specific multicast (SSM), for next-generation triple play services.
• Cisco Mobile Wireless Home Agent IPv6 and Mobile Access Router IPv6.
• IPv6 First Hop Security, including stateful firewall and IPsec hardware encryption.
Cisco IPV6 Solutions
Products and functions not specifically named in this document are not covered as part of this Statement of Direction. Customers interested in specific details on a given Cisco product should contact their local Cisco sales office.
Cisco IOS Software
In June 2000, Cisco Systems announced a three-phase Cisco IOS Software IPv6 roadmap as documented in the Cisco IPv6 Statement of Direction. In May 2001, the first commercial release of Cisco IOS Software Release 12.2T train integrated IPv6, followed by Cisco IOS Software Release 12.0S support on Cisco 12000 Series Routers to enable integration of the new Internet protocol on core infrastructures. Today, the availability of Cisco IOS General Production, Technology, and Service Providers releases enabled IPv6 production deployment for all Cisco-based networks (see Table 1).
Table 1. Cisco IOS Software IPv6 Releases
Software Release
Platforms
Cisco IOS-XR Software Release
CRS-1 and Cisco 12000 Series Routers
Cisco IOS-XE Software Release
Cisco ASR 1000 Series Aggregation Services Routers, Cisco Catalyst® 4500-E and 4500-X Series Switches
Cisco IOS Software Release 12.3M and 12.4M
General Production
Cisco IOS Software Release 12.3T and 12.4T
Technology Development
Cisco IOS Software Release 12.0S
Cisco 12000 and 10720 Series Routers for Service Provider Infrastructure
Cisco IOS Software Release 12.2SB
Cisco 10000 and 7304 Series Routers
Cisco IOS Software Release 12.2SE
Cisco Catalyst 3750-E, 3750-X, 3560-E, 3560-X, 2960-S Series Switches
Cisco IOS Software Release 12.2SG
Cisco Catalyst 4500 and 4900 Series Switches
Cisco IOS Software Release 12.2SR
Cisco 7200 and 7600 Series Routers
Cisco IOS Software Release 12.2SX
Cisco Catalyst 6500 Series Switches
Before deploying one of these releases, please refer to Cisco Feature Navigator (http://www.cisco.com/go/fn) and to the respective platform's configuration guide to help ensure that you have all hardware and software prerequisites for your environment.
Cisco IOS Software releases deliver the most complete IPv6 feature set to the market. Cisco IOS Software developments are focused on creating additional IPv6 features and innovations. A detailed list of IPv6 features and minimum software releases is available from the "IPv6 Start Here" document: http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-roadmap.html.
Cisco Hardware
Cisco IPv6 solutions are packaged in a feature set that is supported on specific platforms and applications packages. On Cisco IOS Software platforms, Cisco Feature Navigator (http://www.cisco.com/go/fn) dynamically updates the list of supported platforms as support for new platforms as features are added.
IPv6 services are part of Cisco IOS Software releases, and any router that runs IPv6 must conform to the minimum memory size required by the selected Cisco IOS Software release and feature set.
As on IPv4, high-end routers and Layer 3 switching may implement assisted hardware acceleration for IPv6. Cisco devices that benefit from IPv6 hardware forwarding are listed in Table 2.
To obtain updated information about platform support for IPv6, visit Cisco.com or contact your local Cisco sales team.
Note: Not all hardware supports all features. Consult the release notes to determine which hardware platform receives features from a particular Cisco IOS Software release train.
Table 2. Cisco IPv6 Layer 3 Solutions
Product
IPv6 Status
IPv6 Hardware Forwarding Assistance
Comments
Cisco CRS-1
Now
Yes
HW performance up to 40 Gbps (OC-768 line card)
Cisco 12000 Series
Now
Yes
HW performance up to 10 Gbps (Engine 5)
Cisco 10720 Series
Now
Yes
Cisco 10000 Series
Now
Yes
With PRE-2 and PRE-3
Cisco ASR 1000 Series
Now
Yes
Cisco 10000 Series
Now
Yes
With PRE-2, PRE-3, and PRE-4
Cisco 7600 Series
Now
Yes
With Cisco IOS Supervisor Engine 720, 720-3BXL, and 32W, RSP720, as well as 10-Gbps support (10 Gigabit Ethernet and OC-192)
Cisco 7500 Series
Now
-
End of Life
Cisco 7304
Now
-
Cisco 7301
Now
-
Cisco 7200 Series
Now
-
Cisco AS5850
Now
-
Cisco AS5400
Now
-
Cisco AS5350
Now
-
Cisco 4000 Series
-
-
End of Life
Cisco 3800 Series
Now
-
Cisco 3700 Series
Now
-
Cisco 3600 Series
Now
-
Refer to Product Bulletin #1975 on Cisco 3620
Cisco 3200 Series
Now
-
Cisco 2800 Series
Now
-
Cisco 2600 Series
Now
-
Refer to Product Bulletin #1975 for non-XM Cisco 2600 (except 2691)
Cisco 2500 Series
Now
-
End of Life
Limited support from Cisco IOS Software Release 12.2T
Cisco 1800 Series
Now
-
Cisco 1700 Series
Now
-
Cisco 870 Series
Now
-
Cisco 860 Series
No
-
No IPv6 support
Cisco 850 Series
No
-
No IPv6 support
Cisco 830 Series
Now
-
Beginning on Release 12.3(4)XG
Cisco Catalyst 6500 Series
Now
Yes
With Cisco IOS Supervisor Engine 720 and 720-3BXL, and 32W as well as 10-Gbps support
(10 Gigabit Ethernet and OC-192)
IPv6 traffic forwarding does not impact Layer 2 LAN switches, since these devices do not need to look at the Layer 3 header to forward an IPv6 frame. Thus, IPv6 hosts can be transparently attached to the following Cisco products when acting as Layer 2 switches. In addition, Layer 2 switches may integrate dedicated IPv6 features such as native IPv6 network management or Multicast Listener Discovery (MLD) snooping:
• Cisco Catalyst 2960-C and 3560-C Series Switches
• Cisco Catalyst 2960 and 2960-S Series Switches
• Cisco Catalyst 3560V2, 3560-E, 3560-X, 3750V2, 3750-E and 3750-X Series Switches
• Cisco Catalyst 4500 and 4500-E Series Switches with Cisco Catalyst Supervisor Engine 6 and 7
• Cisco Catalyst 4500-X Series
• Cisco Catalyst 6500 Series Switch
Cable Routers
Today, IPv6 services can be offered on Cisco UBR7200 Series Universal Broadband Routers by configuring IPv6 over IPv4 tunnels, but native IPv6 requires an update to the DOCSIS® specifications. As an active contributor to the CableLabs' efforts, Cisco proposed to incorporate IPv6 support into DOCSIS 3.0 specifications.
Wireless LAN Solutions
In the Cisco Unified Wireless Network software releases prior to 7.2, IPv6 unicast and multicast traffic are transparently forwarded by Cisco Wireless LAN devices.
The Cisco Unified Wireless Network Software Release 7.2 introduces IPv6 intelligence in the control plane to enable secure, reliable wireless connectivity for IPv6 clients. IPv6 client support provides a consistent end-user experience along with complete visibility and control for administrators.
The IPv6 client support features of the Cisco Unified Wireless Network Software Release 7.2 are supported on the following platforms.
• Cisco Aironet® access points running Control and Provisioning of Wireless Access Points protocol (CAPWAP)
• Cisco 2500 and 5500 Series Wireless LAN Controllers
• Cisco Catalyst 6500 Series Wireless Services Module 2 (WiSM2)
• Cisco Wireless LAN Controller Module Enhanced (WLCM-E) for Integrated Services Routers
• Cisco 3300 Series Mobility Services Engine (MSE)
The support of IPv6 addresses for management access on wireless LAN devices, including access points, controllers, Network Control System (NCS), and Mobility Service Engine (MSE) is planned for future releases. Mobile service providers who need to enable IPv6 in their environment can have the benefits of IPv6 support from the Cisco Gateway GPrS Support Node (GGSN) Release 7.0. For more information, visit: http://cisco.com/en/US/products/sw/wirelssw/ps873/products_data_sheet0900aecd80581de2.html.
Data Center Switches
The Cisco Nexus® 7000 Series Switch has been designed to support IPv6 since its inception (for product details, visit: http://www.cisco.com/en/US/products/ps9402/index.html). Customers can enable IPv6 by configuring the protocol on Cisco NX-OS Software Release. To read more details about the IPv6 feature set on the Cisco Nexus 7000 Series, please refer to the Cisco NX-OS documentation.
Multilayer Storage
The Cisco MDS 9000 Series Multilayer Switch has been designed to support IPv6 since its inception. Customers can enable IPv6 by upgrading their Cisco MDS 9000 Series products to Cisco MDS SAN-OS Release 3.x, which supports IPv6. Management will be supported through the Cisco Fabric Manager. It should be noted that no new hardware is required to support IPv6 on the existing platforms.
IPv6 functionality on Cisco MDS 9000 Series can be classified into three applications:
• IPv6 on the Out-of-Band Ethernet Port for management. This interface is used for command-line interface (CLI), Simple Network Management Protocol (SNMP), and the Storage Management Initiative Specification (SMI-S)-based management access.
• Internet Small Computer System Interface (iSCSI) protocol on the IP Storage Ports (IPS) on IP Storage Service modules for transport of SCSI protocol over IP networks.
• Fibre Channel over IP (FCIP) protocol on the IP Storage Ports (IPS) on IP Storage Service modules for transport of Fibre Channel protocol over IP networks.
The following Cisco MDS 9000 Series products support IPv6 with SAN-OS Release 3.x:
• MDS 9509 Multilayer Director
• MDS 9506 Multilayer Director
• MDS 9216 Multilayer Fabric Switch
• MDS 9216i Multilayer Fabric Switch
• MDS 9140 Multilayer Fabric Switch
• MDS 9120 Multilayer Fabric Switch
• IPS-4/8 MDS 9000 Module
• FC-32 MDS 9000 Module
• FC-16 MDS 9000 Module
The IPv6 feature set on the MDS 9000 Series can be found in the SAN-OS Release 3.x documentation: http://www.cisco.com/en/US/products/ps6493/index.html.
Security
As networking infrastructures evolve to accommodate the new Internet Protocol, security services are a key element to guarantee this adoption. Several technologies and mechanisms (packet filtering, stateful firewall, IPsec, and so on) have been made available on IPv4 in past years to face the increasing challenge of protecting the network and its resources. Although IPsec is mandated in the IPv6 specifications, it is expected that the current IPv4 solutions need to be upgraded to support IPv6 before innovation can take place. Based on its integration and coexistence strategy, Cisco is planning the required security services on its IPv6 portfolio, enabling IPv6 to be set up on production environments (see Table 3).
Table 3. Cisco Security Solutions
Feature Set
Solution/Product
Status
Packet filtering
Cisco IOS Software standard ACL
Now
Cisco IOS Software extended ACL including option header filtering and parsing; hardware support on platforms doing IPv6 hardware forwarding
Now
Cisco IOS Software reflexive ACL
Now
IPv6 over IPv4 tunnels protection
Cisco IOS IPv4 IPsec to protect configured, 6 to 4 tunnels
Cisco ASA 5500 Series Adaptive Security Appliances
Now
Cisco Catalyst 6500/7600 Series Firewall Services Module (FWSM)
Now
Security applications
IPv6 packet flow control and analysis: access control packet protocol decode analysis via network access module (NAM) and real-time monitor (RTM)
Now
CiscoWorks Access Control List Manager (ACLM) and Cisco Secure Access Control Server (ACS)
Configuration and control of security features of IPv6-capable devices: CiscoWorks VPN/Security Management Solution (VMS) Configuration tools
Security monitoring of IPv6 networks
VMS monitoring tools
CiscoWorks QoS Policy Manager (QPM)
Network Management Applications
Fundamental to the successful deployment of IPv6 is the smooth integration of the protocol into network management applications. Several elements must be considered before a fully native IPv6 management solution becomes available. These elements are:
• IPv6 stack on Network Management Station (NMS)
• IPv6 stack on network devices
• NMS applications running over an IPv6 stack
• SNMP over an IPv6 transport
• IPv6 address family support on public and private MIB when required
As it is expected that both IPv4 and IPv6 must be simultaneously managed for several years, the development of IPv6-specific management applications will be aligned with customer requirements and hardware device instrumentation support over time. Beginning now, this integration and coexistence strategy applies to Cisco network management solutions as well (Table 4).
Table 4. Cisco IPv6 Network Management Solution
Feature Set
Solution/Product
Comments
Instrumentation
Cisco IOS IPv6 Start Here manual: http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-roadmap.html.
Cisco-IETF-IP-MIB and IP-MIB
Cisco IOS Software
Cisco-IETF-IP-MIB is based on early draft (ID-00) of RFC 4293. New releases of Cisco IOS software replace Cisco-IETF-IP-MIB implementation by IP-MIB, which complies with RFC 4293. Refer to Cisco IOS IPv6 Start Here to get the appropriate Cisco IOS Software releases.
Cisco-IETF-IP-Forwarding MIB and IP-Forward MIB
Cisco IOS Software
Cisco-IETF-IP-Forwarding-MIB is based on early draft (ID-00) of RFC 4293. New releases of Cisco IOS software replace Cisco-IETF-IP-Forwarding MIB implementation by IP-Forward- MIB, which complies with RFC 4292. Refer to Cisco IOS IPv6 Start Here to get the appropriate Cisco IOS Software releases.
NetFlow IPv6 record
Cisco IOS Software
Refer to Cisco IOS IPv6 Start Here to get the appropriate Cisco IOS Software releases.
Refer to Table 1 of Cisco IOS IPv6 Start Here to get the appropriate Cisco IOS Software Releases.
SNMP over an IPv6 network layer
Cisco IOS Software
Refer to Table-1 of Cisco IOS IPv6 Start Here to get the appropriate Cisco IOS Software Releases. http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-roadmap.html.
Syslog over an IPv6 network layer
Cisco IOS Software
Refer to Table-1 of Cisco IOS IPv6 Start Here to get the appropriate Cisco IOS Software Releases.
Secure Shell (SSH)
Cisco IOS Software
Refer to Table-1 of Cisco IOS IPv6 Start Here to get the appropriate Cisco IOS Software Releases.
Telnet
Cisco IOS Software
Refer to Table-1 of Cisco IOS IPv6 Start Here to get the appropriate Cisco IOS Software Releases.
Domain Name System (DNS) Resolver
Cisco IOS Software
Refer to Table-1 of Cisco IOS IPv6 Start Here to get the appropriate Cisco IOS Software Releases.
Dynamic Host Configuration Protocol Version 6 (DHCPv6) Server, Relay and Prefix Delegation
Cisco IOS Software
Refer to Table-1 of Cisco IOS IPv6 Start Here to get the appropriate Cisco IOS Software Releases.
Network Management Applications (NMA)
NetFlow Collector
NFC 5.x
To manage NetFlow IPv6 records.
DNS/DHCP servers for IPv6
Cisco CNS Network Registrar 6.2
IPv6 traffic monitoring
NAM modules on Catalyst 6500 and Cisco Integrated Services Routers (ISR)
Refer to product bulletin #2170.
Campus and devices management
CiscoWorks LAN Management Server (LMS) 2.5
Enable IPv6 management functionality using SNMP over IPv4 transport on dual stacks.
Support for SNMP, SSH/Telnet over IPv6 transport. The IPv4 stack is still required on the CiscoWorks LAN Management Server.
Network Management Appliances
Network Analyzer Module (NAM)
Cisco Catalyst 6500 and Cisco ISR routers
NAM Software Release 3.x
IPv6 Assessment and Migration Services
Networks today are critical to business operations and to the mission-critical operations of both commercial companies and government agencies and institutions. The challenge of migration from IPv4 networks to IPv6 networks, and the coexistence of both IPv4 and IPv6 in many networks, will require thoughtful planning to prevent disruption of network services. The federally mandated IPv6 network by June 30, 2008 creates added pressure for successful migration planning by the federal government and its agencies.
Cisco offers expert advice and services to support your network as you prepare, plan, design, implement, operate, and optimize an IPv6 network. Cisco provides comprehensive services in which engineers can work with your team or partner to plan, design, implement, and optimize the foundational components of your IPv6 network and help you successfully meet your goals for network migration.
Cisco can assess the implications of IPv6 for your environment, including product compliance, address provisioning and management, routing policies, security, and infrastructure design. This assessment also identifies opportunities to take advantage of IPv6 features and functionality to simplify your environment, as well as areas of risk to be considered during your transition to IPv6.
Making changes to your network architecture requires careful planning and preparation. Cisco will analyze your architecture requirements from business, technical, and implementation viewpoints. Service deliverables include a requirements analysis, site survey, logical network design, physical network design, documentation, and an acceptance test plan. Cisco can facilitate a smooth implementation process through proven, written procedures and side-by-side coaching.
For more information on Cisco IPv6 Assessment and Migration Services, please contact your local Cisco representative.
Conclusion
Fundamental to the successful market adoption of the new Internet Protocol standard is the smooth integration and coexistence of IPv6 on the existing IPv4 Internet. Since June 2000, Cisco has taken a leadership role to address this by incrementally integrating IPv6 into its technology portfolio. Cisco has planned for both IPv4 and IPv6 versions to coexist for the foreseeable future, and both IPv4 and IPv6 will be included in Cisco portfolio upgrades. As market requirements mature and adoption grows, Cisco will continue to enhance and deliver additional standards-compliant IPv6 features across its products.
Detailed List of IPv6 Supported RFCs or draft RFCs across Cisco products: http://www.cisco.com/en/US/docs/ios-xml/ios/ipv6/configuration/15-2mt/ip6-rfcs.html.
• IETF v6 Ops WG has essentially replaced the NGtrans effort. The difference is that v6ops is focused on outlining transition scenarios and identifying the specific tools (many from the NGtrans effort) that will be used in a transition. Visit: http://www.ietf.org/html.charters/v6ops-charter.html. Additional v6ops information at: http://www.6bone.net/v6ops/
• IETF MIPv6 WG Mobile IPv6 (MIPv6) specifies routing support to permit an IPv6 host to continue using its "permanent" home address as it moves around the Internet: http://www.ietf.org/html.charters/mip6-charter.html
• The 6Bone was an IPv6 pilot network set up to test the deployment and evolution of IPv6 protocol around the world. Since June 6, 2006, 6Bone has been phased-out. http://www.6bone.net/
• The IPv6 Forum. Cisco is a founding and active member of the IPv6 Forum. The mission is to promote the use of IPv6 protocol: http://www.ipv6forum.com/
