The continuous growth of the global Internet requires that its overall architecture evolve to accommodate the new technologies that support the growing numbers of users, applications, appliances, and services. Internet Protocol Version 6 (IPv6) is designed to meet these requirements and enable a global environment where the addressing rules of the network are again transparent to the applications.
Cisco Systems® believes in providing its customers and partners with comprehensive information regarding significant emerging technologies so that they are fully informed and can work jointly with Cisco® to implement the best solutions for their environments.
This paper describes the Cisco position and details current and future IPv6 support across Cisco strategic product families.
Market Drivers
The current IP address space is unable to satisfy the potential huge increase in the number of users or the geographical needs of the Internet expansion, let alone the requirements of emerging applications such as Internet-enabled wireless devices, home and industrial appliances, Internet-connected transportations, integrated telephony services, sensors networks such as RFID, IEEE 802.15.4/6LoWPAN, and distributed computing or gaming.
IPv6 quadruples the number of network address bits from 32 bits (in IPv4) to 128 bits, which provides more than enough globally unique IP addresses for every networked device on the planet. The use of globally unique IPv6 addresses simplifies the mechanisms used for reachability and end-to-end security for network devices, functionality that is crucial to the applications and services that are driving the demand for the addresses.
The lifetime of IPv4 has been extended using techniques such as address reuse with translation and temporary-use allocations. Although these techniques appear to increase the address space and satisfy the traditional client/server setup, they fail to meet the requirements of innovative applications and environments. The need for always-on environments (such as residential Internet through broadband, cable modem, or Ethernet to the home as well as new generation wireless infrastructure through 3G, WiFi, WiMax and others) to be contactable precludes these IP address conversion, pooling, and temporary allocation techniques, and the ready-to-use capability required by consumer Internet appliances further increases the address requirements. IPv6 reintroduces end-to-end security and quality of service (QoS) that are not always readily available throughout a Network Address Translation (NAT)-based network.
In addition to the benefits of larger address space, IPv6 includes improvements that simplify network administration, such as:
• Simplified header for routing efficiency
• Deeper hierarchy and policies for network architecture flexibility, enabling efficient support for routing and route aggregation
• Serverless autoconfiguration, easier renumbering, and improved ready-to-use support
• Security with mandatory IP Security (IPSec) implementation for all IPv6 devices
• Improved support for Mobile IP and mobile computing devices (direct path)
• Enhanced multicast support with increased addresses and efficient mechanisms
Industry is in the early stages of large scale IPv6 production deployment-few IPv6 innovative applications are in the market, and first-generation products need to make tradeoffs between available IPv6 services. Although the success of IPv6 will ultimately depend on the new applications that run over IPv6, a key part of the IPv6 design is its ability to integrate into and coexist with existing IPv4 networks. It is expected that IPv4 and IPv6 hosts will need to coexist for a substantial time during the steady migration from IPv4 to IPv6, and the development of transition strategies, tools, and mechanisms has been part of the basic IPv6 design from the start.
Cisco has been part of this activity, participating in the development of transition techniques and deployment strategies for its products that satisfy a range of customer and network requirements for both service providers and enterprise customers, whether planning a trial deployment or deploying live in a controlled environment.
Selection of a deployment strategy, or strategies, depends on the current network environment, and on factors such as the forecast amount of IPv6 traffic, and the availability of IPv6 applications on end systems and appliances, and at a given stage in the deployment. Generic deployment scenarios are described in Cisco IPv6 deployment documentation available from http://www.cisco.com/en/US/tech/tk872/technologies_white_paper09186a00800c9907.shtml
Part of its IPv6 a solution, Cisco implements the main integration techniques, dual-stack, tunneling and translation, required by all environments and adheres to the following overall objectives:
• Network planning and operations managers scheduling an IPv6 deployment must be able to do it when and where needed.
• New or updated applications must be protocol agnostic. IPv4/IPv6 services are possible between hosts/applications.
• Incremental upgrade and deployment, no "flag day"1
• Minimize operational cost, learning curve, and support requirements
IPv6 Innovations at Cisco Systems
Cisco has taken a leading role in the definition and implementation of the IPv6 architecture within the IETF and continues to lead the industry in standardization. Core IPv6 standards are already published by the IETF; while at the same time enhancements are work in progress.
• Cisco engineers have been and continue to be involved on co-chairing multiple IETF Working Group
– IPv6 WG from 1990's to 2003
– NGTrans WG from 1990's to 2003
– Dynamic Host Configuration (DHC) WG since 2003
– Mobile IPv6 WG since 2003
– V6Ops WG since 2005
• Cisco IOS software IPv6 technology releases have been extensively proven in the 6Bone network (http://www.6bone.net) from 1996 to 2006.
• Since its creation in 1999, Cisco is a founding member of the IPv6 Forum (http://www.ipv6forum.com) and participates in the National IPv6 Task Force's efforts, such as within the North-America IPv6 Task Force (http://www.nav6tf.org).
• Since May 2001, Cisco IOS Software Releases integrate full IPv6 commercial feature set with worldwide Cisco Technical Assistance Center (TAC) support.
• Cisco long term involvement in IPv6 large-scale deployments such as 6NET (http://www.6net.org) and Moonv6 (http://www.moonv6.org), means Cisco Professional Services are now able to offer highly experience consultancy on IPv6 projects.
In addition to offering similar features to IPv4, Cisco develops new features that bring innovation to the IPv6 world, offering technology previews for evaluation before to be added to commercial Cisco IOS products:
• Cisco IOS IPv6 Provider Edge Router (6PE) over Multiprotocol Label Switching (MPLS) and Cisco IPv6 VPN Provider Edge Router (6VPE) over MPLS
• Cisco IOS IPv6 Broadband Access feature set, including Dynamic Host Configuration Protocol Version 6 (DHCPv6) Prefix Delegation; generic prefix configuration; and authentication, authorization, and accounting (AAA) for IPv6
• Full IPv6 Multicast services such Embedded-RP or SSM, for next generation triple play services
• Mobile IPv6 Home Agent and Mobile Access Router IPv6
• IPv6 Security including Stateful Firewall and IPsec hardware encryption
Cisco IPV6 Solutions
Products and functions not specifically named in this document are not covered as part of this Statement of Direction. Customers interested in specific details on a given Cisco product should contact their local Cisco sales office.
Cisco IOS Software
In June 2000, Cisco Systems announced a three-phase Cisco IOS IPv6 Software roadmap as documented in the Cisco IPv6 Statement of Direction. In May 2001, the first commercial release of Cisco IOS Software Release 12.2T train integrated IPv6, followed by Cisco IOS Software Release 12.0S support on Cisco 12000 Series routers to enable integration of the new Internet protocol on core infrastructures. Today, the availability of Cisco IOS General Production, Technology and Service Providers releases enabled IPv6 production deployment for all Cisco-based networks (see Table 1).
Table 1. Cisco IOS IPv6 Releases
Software Release
Feature
Cisco IOS-XR Software Release
CRS-1 and Cisco 12000 Series
Cisco IOS-XE Software Release
Cisco ASR 1000 Series
Cisco IOS Software Release 12.3M and 12.4M
General production
Cisco IOS Software Release 12.3T and 12.4T
Technology development
Cisco IOS Software Release 12.0S
Cisco 12000 and 10720 Series for Service Provider infrastructure
Cisco IOS Software Release 12.2SB
Cisco 10000 and 7304 Series
Cisco IOS Software Release 12.2SE
Catalyst 3750, 3750-E, 3560, 3560-E and 2960 Series
Cisco IOS Software Release 12.2SG
Catalyst 4500 and 4900 Series
Cisco IOS Software Release 12.2SR
Cisco 7200 and 7600 Series
Cisco IOS Software Release 12.2SX
Catalyst 6500 Series
Before deploying one of these releases, please refer to Cisco Feature Navigator (www.cisco.com/go/fn) to insure all hardware and software pre-requisites for your environment.
Cisco IOS Software releases deliver the most complete IPv6 feature set to the market. Cisco IOS Software developments are focused on creating additional IPv6 features and innovations. A detailed list of IPv6 features and minimum software releases is available from the "IPv6 Start Here" document http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-roadmap.html.
Cisco Hardware
Cisco IPv6 solutions are packaged in a feature set that is supported on specific platforms and applications packages. On Cisco IOS Software platforms, Cisco Feature Navigator (http://www.cisco.com/go/fn) dynamically updates the list of supported platforms as new platform and features support are added.
IPv6 services are part of Cisco IOS Software releases, and any router that runs IPv6 must conform to the minimum memory size required by the selected Cisco IOS Software release and feature set.
As on IPv4, high-end routers and Layer 3 switching may implement assisted hardware acceleration for IPv6. Cisco devices that benefit from IPv6 hardware forwarding are indicated in Table 2.
To obtain updated information about platform support for IPv6, access Cisco.com or contact your local Cisco sales team.
Note: Not all hardware supports all features. Consult the release notes to determine which hardware platform receives features from a particular IOS release train.
Table 2. Cisco IPv6 Layer 3 Solutions
Product
IPv6 Status
IPv6 Hardware Forwarding Assistance
Comments
Cisco CRS-1
Now
Yes
HW Performance up to 40Gb/s (OC-768 line card)
Cisco 12000 Series
Now
Yes
HW Performance up to 10 Gb/s (Engine 5)
Cisco 10720 Series
Now
Yes
Cisco 10000 Series
Now
Yes
With PRE-2 and PRE-3
Cisco ASR 1000 Series
Now
Yes
Cisco 10000 Series
Now
Yes
With PRE2, PRE3 and PRE4
Cisco 7600 Series
Now
Yes
With Supervisor Engine 720, 720-3BXL, and 32W, RSP720, as well as 10Gb/s support (10GE and OC-192)
Cisco 7500 Series
Now
-
End of Life
Cisco 7304
Now
-
Cisco 7301
Now
-
Cisco 7200 Series
Now
-
Cisco AS5850
Now
-
Cisco AS5400
Now
-
Cisco AS5350
Now
-
Cisco 4000 Series
-
-
End of Life
Cisco 3800 Series
Now
-
Cisco 3700 Series
Now
-
Cisco 3600 Series
Now
-
Refer to Product Bulletin #1975 on Cisco 3620
Cisco 3200 Series
Now
-
Cisco 2800 Series
Now
-
Cisco 2600 Series
Now
-
Refer to Product Bulletin #1975 for non-XM Cisco 2600 (except 2691)
Cisco 2500 Series
Now
-
End of Life
Limited support from Cisco IOS Software Release 12.2T
Cisco 1800 Series
Now
-
Cisco 1700 Series
Now
-
Cisco 870 series
Now
-
Cisco 860 series
Now
-
Cisco 850 series
No
-
No IPv6 support
Cisco 830 Series
Now
-
Beginning on Release 12.3(4)XG
Cisco Catalyst 6500 Series
Now
Yes
With Supervisor Engine 720 and 720-3BXL, and 32W as well as 10Gb/s support
(10GE and OC-192)
Cisco Catalyst 4500 Series
Now
Yes
With Supervisor Engine 6E
Cisco Catalyst 3750 and 3750-E Series
Now
Yes
Cisco Catalyst 3560 and 3560-E Series
Now
Yes
Layer 2 Switches
IPv6 traffic forwarding does not impact Layer 2 LAN switches, since these devices do not need to look at the Layer 3 header to forward an IPv6 frame; thus IPv6 hosts can be transparently attached to the following Cisco products. In addition, Layer 2 switches may integrate dedicated IPv6 features such as native IPv6 network management or MLD snooping (Cisco products marked with "*" in the list).
• Cisco Catalyst Express 500 Series Switch
• Cisco Catalyst 2900XL Series Switch
• Cisco Catalyst 2960 Series (*)
• Cisco Catalyst 3500XL Series Switch
• Cisco Catalyst 3560, 3560-E, 3750 and 3750-E Series Switch (*)
• Cisco Catalyst 4500 Series Switch
• Cisco Catalyst 4500-E Series Switch (*)
• Cisco Catalyst 5000 Series Switch
• Cisco Catalyst 6500 Series Switch (*)
Cable Routers
Today, IPv6 services can be offered on Cisco UBR7200 Series cable routers by configuring IPv6 over IPv4 tunnels, but native IPv6 requires an update to the DOCSIS specifications. As an active contributor to the Cable Labs efforts, Cisco proposed to incorporate IPv6 support into DOCSIS 3.0 specifications.
Wireless Solutions
In an IEEE 802.11 dual-stack environment, IPv6 Unicast and Multicast traffic are transparently forwarded by Cisco Wireless devices.
The Cisco Nexus 7000 Family has been designed to support IPv6 since its inception. See product details on http://www.cisco.com/en/US/products/ps9402/index.html. Customers can enable IPv6 by configuring the protocol on Cisco NX-OS software release. To read more details about the IPv6 feature set on the Nexus 7000 Family, please refer to the Cisco NX-OS documentation.
Multilayer Storage
The Cisco MDS 9000 Family has been designed to support IPv6 since its inception. Customers can enable IPv6 by upgrading their Cisco MDS 9000 Family products to SAN-OS version 3.x that supports IPv6. Management will be supported through the Cisco Fabric Manager. It should be noted that no new hardware is required to support IPv6 on the existing platforms.
IPv6 functionality on MDS 9000 Family can be classified into three applications:
• IPv6 on the Out-of-Band Ethernet Port for management. This interface is used for CLI, SNMP, and SMI-S based management access.
• ISCSI protocol on the IP Storage Ports (IPS) on IP Storage Service modules for transport of SCSI protocol over IP networks.
• FCIP protocol on the IP Storage Ports (IPS) on IP Storage Service modules for transport of Fibre Channel protocol over IP networks.
The following Cisco MDS 9000 products support IPv6 with SAN-OS release 3.x:
As networking infrastructures evolve to accommodate the new Internet Protocol, security services are a key element to guarantee this adoption. Several technologies and mechanisms (packet filtering, stateful firewall, IPSec, etc.) have been made available on IPv4 in past years to face the increasing challenge of protecting the network and its resources. Although IPSec is mandated in the IPv6 specifications, it is expected that the current IPv4 solutions need to be upgraded to support IPv6 before innovation can take place. Based on its integration and coexistence strategy, Cisco is planning the required security services on its IPv6 portfolio enabling IPv6 to be set up on production environments (see Table 3).
Table 3.Cisco Security Solutions
Feature Set
Solution/Product
Status
Packet filtering
Cisco IOS Software standard ACL
Now
Cisco IOS Software extended ACL including option header filtering and parsing. Hardware support on platforms doing IPv6 hardware forwarding
Now
Cisco IOS Software reflexive ACL
Now
IPv6 over IPv4 tunnels protection
Cisco IOS IPv4 IPsec to protect Configured, 6to4 tunnels
Cisco ASA 5500 Series Adaptive Security Appliances
Now
Cisco Catalyst 6500/7600 Series Firewall Services Module (FWSM)
Now
Security applications
IPv6 packet flow control and analysis, access control packet protocol decode analysis via network access module (NAM) and Real-Time Monitor (RTM)
Now
CiscoWorks Access Control List Manager (ACLM) and CiscoSecure Access Control Server (ACS)
Configuration and control of security features of IPv6-capable devices CiscoWorks VPN/Security Management Solution (VMS) Configuration tools
Security monitoring of IPv6 networks
VMS monitoring tools
CiscoWorks QoS Policy Manager (QPM)
Network Management Applications
Fundamental to the successful deployment of IPv6 is the smooth integration of the protocol into network management applications. Several elements must be considered before a fully native IPv6 management solution becomes available; they are:
• IPv6 stack on Network Management Station (NMS)
• IPv6 stack on network devices
• NMS applications running over an IPv6 stack
• SNMP over an IPv6 transport
• IPv6 address family support on public and private MIB when required
As it is expected that both IPv4 and IPv6 must be simultaneously managed for several years, the development of IPv6-specific management applications will be aligned with customer requirements and hardware device instrumentation support over time. Beginning now, integration and coexistence strategy applies to Cisco network management solutions as well.
Cisco-IETF-IP-MIB is based on early draft (ID-00) of RFC 4293. New releases of Cisco IOS software replace Cisco-IETF-IP-MIB implementation by IP-MIB which complies RFC 4293. Refer to Cisco IOS IPv6 Start Here to get the appropriate Cisco IOS Software Releases.
Cisco-IETF-IP-Forwarding MIB and IP-Forward MIB
Cisco IOS Software
Cisco-IETF-IP-Forwarding-MIB is based on early draft (ID-00) of RFC 4293. New releases of Cisco IOS software replace Cisco-IETF-IP-Forwarding MIB implementation by IP-Forward- MIB which complies RFC 4292. Refer to Cisco IOS IPv6 Start Here to get the appropriate Cisco IOS Software Releases.
NetFlow IPv6 record
Cisco IOS Software
Refer to Cisco IOS IPv6 Start Here to get the appropriate Cisco IOS Software Releases.
