Cisco : Advertising IPv6 address over IPv4 MPLS/BGP transport.

In this example I am going to present a very simple configuration example for advertising ipv6 prefixes over IPv4 ISP transport network. This method is called 6VPE where we do not need any dual stack configurations and the transport network doesn’t need to be ipv6 aware.

The whole concept becomes possible with the help of address-family in BGP. With the use of address family we advertise the prefixes , for the communication we don’t need to worry about l3 addresses(either Ipv4 or Ipv6) as it happens using labels in the core. Lets see the configuration below.

Tool used : GNS3 , Device used : Cisco IOSv Router

hostname CE-1-Site1
 !
 ipv6 unicast-routing
!
 interface Loopback1
  ip address 1.1.1.1 255.255.255.255
 !
 interface GigabitEthernet0/0
  ip address 192.168.10.1 255.255.255.252
  ipv6 address 2000::1/16
 !

 router bgp 200
  bgp log-neighbor-changes
  neighbor 2000::2 remote-as 100
  neighbor 192.168.10.2 remote-as 100
  !
  address-family ipv6
   network 2000::/16
   neighbor 2000::2 activate
   neighbor 2000::2 send-community
  exit-address-family
hostname PE-1
!
 vrf definition Cus1
  rd 100:2
  route-target export 100:2
  route-target import 100:1
  !
  address-family ipv4
  exit-address-family
  !
  address-family ipv6
  exit-address-family
 !
 ipv6 unicast-routing
 !
 interface Loopback1
  ip address 2.2.2.2 255.255.255.255
 !
 interface GigabitEthernet0/0
  vrf forwarding Cus1
  ip address 192.168.10.2 255.255.255.252
  ipv6 address 2000::2/16
 !
 interface GigabitEthernet0/1
  ip address 10.10.10.1 255.255.255.252
 !
 router ospf 1
  mpls ldp autoconfig
  router-id 2.2.2.2
  network 0.0.0.0 255.255.255.255 area 0
 !         
 router bgp 100
  bgp router-id 2.2.2.2
  bgp log-neighbor-changes
  neighbor 4.4.4.4 remote-as 100
  neighbor 4.4.4.4 update-source Loopback1
  neighbor 2000::1 remote-as 200
  !
  address-family vpnv4
   neighbor 4.4.4.4 activate
   neighbor 4.4.4.4 send-community both
  exit-address-family
  !
  address-family vpnv6
   neighbor 4.4.4.4 activate
   neighbor 4.4.4.4 send-community both
  exit-address-family
  !
  address-family ipv6 vrf Cus1
   neighbor 2000::1 remote-as 200
   neighbor 2000::1 activate
   neighbor 2000::1 send-community
  exit-address-family
hostname P-Router
!
 interface Loopback1
  ip address 3.3.3.3 255.255.255.255
 !
 interface GigabitEthernet0/0
  ip address 10.10.10.2 255.255.255.252
 !
 interface GigabitEthernet0/1
  ip address 10.10.10.5 255.255.255.252
 !
 router ospf 1
  mpls ldp autoconfig
  router-id 3.3.3.3
  network 0.0.0.0 255.255.255.255 area 0
 !
hostname PE-2
 !
 vrf definition Cus1
  rd 100:1
  route-target export 100:1
  route-target import 100:2
  !
  address-family ipv4
  exit-address-family
  !        
  address-family ipv6
  exit-address-family
 !
 ipv6 unicast-routing
!
 interface Loopback1
  ip address 4.4.4.4 255.255.255.255
 !
 interface GigabitEthernet0/0
  ip address 10.10.10.6 255.255.255.252
 !
 interface GigabitEthernet0/1
  vrf forwarding Cus1
  ip address 192.168.20.2 255.255.255.252
  ipv6 address 2001::2/16
 !
 router ospf 1
  mpls ldp autoconfig
  router-id 4.4.4.4
  network 0.0.0.0 255.255.255.255 area 0
 !
 router bgp 100
  bgp router-id 4.4.4.4
  bgp log-neighbor-changes
  neighbor 2.2.2.2 remote-as 100
  neighbor 2.2.2.2 update-source Loopback1
  neighbor 2001::1 remote-as 500
  !
  address-family vpnv4
   neighbor 2.2.2.2 activate
   neighbor 2.2.2.2 send-community both
  exit-address-family
  !
  address-family vpnv6
   neighbor 2.2.2.2 activate
   neighbor 2.2.2.2 send-community both
  exit-address-family
  !
  address-family ipv6 vrf Cus1
   neighbor 2001::1 remote-as 500
   neighbor 2001::1 activate
   neighbor 2001::1 send-community
  exit-address-family
 !
hostname CE-1-Site2
 !
 ipv6 unicast-routing
!
 interface Loopback1
  ip address 5.5.5.5 255.255.255.255
 !
 interface GigabitEthernet0/0
  ip address 192.168.20.1 255.255.255.252
  ipv6 address 2001::1/16
 !
 router bgp 500
  bgp log-neighbor-changes
  neighbor 2001::2 remote-as 100
  neighbor 192.168.20.2 remote-as 100
  !
  address-family ipv6
   network 2001::/16
   neighbor 2001::2 activate
   neighbor 2001::2 send-community
  exit-address-family
 !

Once the configuration is complete you can verify the working condition by pinging the end customer IPv6 IP addresses.

Also there are few BGP commands commands with which you can check if the prefixes are advertised.

CE-1-Site1#ping ipv6 2001::1 source 2000::1
 Type escape sequence to abort.
 Sending 5, 100-byte ICMP Echos to 2001::1, timeout is 2 seconds:
 Packet sent with a source address of 2000::1
 !!!!!
 Success rate is 100 percent (5/5), round-trip min/avg/max = 6/9/12 ms
PE-1#sh bgp vpnv6 unicast vrf Cus1 summary               
 BGP router identifier 2.2.2.2, local AS number 100
 BGP table version is 10, main routing table version 10
 2 network entries using 360 bytes of memory
 2 path entries using 224 bytes of memory
 3/2 BGP path/bestpath attribute entries using 504 bytes of memory
 2 BGP AS-PATH entries using 48 bytes of memory
 2 BGP extended community entries using 48 bytes of memory
 0 BGP route-map cache entries using 0 bytes of memory
 0 BGP filter-list cache entries using 0 bytes of memory
 BGP using 1184 total bytes of memory
 BGP activity 4/1 prefixes, 4/1 paths, scan interval 60 secs
 Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
 2000::1         4          200     115     116       10    0    0 01:39:45        1


PE-1#sh bgp vpnv6 unicast vrf Cus1     
 BGP table version is 10, local router ID is 2.2.2.2
 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, 
               r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, 
               x best-external, a additional-path, c RIB-compressed, 
               t secondary path, 
 Origin codes: i - IGP, e - EGP, ? - incomplete
 RPKI validation codes: V valid, I invalid, N Not found
  Network          Next Hop            Metric LocPrf Weight Path
 Route Distinguisher: 100:2 (default for vrf Cus1)
  r>   2000::/16        2000::1                  0             0 200 i
  *>i  2001::/16        ::FFFF:4.4.4.4           0    100      0 500 i

Now with ping working you must be curious to know how the packet is getting forwarded over the MPLS network. Here are echo request and echo response captured with the help of the wireshark.

Above packet captures clearly explain how the MPLS tags are making this communication possible.

Thank you for reading please feel free if you have any questions.


Leave a Reply