Cisco: IPv6 over IPv4 MPLS (6PE)

Let’s assume that you have an IPv4 core backbone on which you did enable MPLS. Your customers are connected to your PE routers and they need to have IPv6 reachability between their sites. To have things more clear, please have a look to the following network topology:
IPv6 transport over IPv4 MPLS

As you can see in the above image, customers have the IPv6 addresses 2001::1/128 and 2001::2/128. Actually in this topology, “my customers” are two Loopback addresses (Lo200) configured under PE routers, to minimize the used resources (routers).

We have a typical MPLS (LDP) construction with following characteristics:
- OSPF is used for IGP
- each router has a L0 interface advertised into IGP
- L0 of each router is configured as MPLS LDP router-id
- PE routers have an additional L100 interface advertised into IGP
- iBGP on the PE routers is configured using L100 interface as neighbour peer points

You can find below some output of iBGP and MPLS configuration:

PE1

router bgp 65300
 no bgp default ipv4-unicast
 bgp log-neighbor-changes
 neighbor 22.22.22.22 remote-as 65300
 neighbor 22.22.22.22 update-source Loopback0
 neighbor 22.22.22.22 timers 1 4
 !
 address-family vpnv4
  neighbor 22.22.22.22 activate
  neighbor 22.22.22.22 send-community extended
 exit-address-family
!
!
PE1#sh bgp vpnv4 unicast all sum | i 65300
BGP router identifier 11.11.11.11, local AS number 65300
22.22.22.22     4 65300    7374    7376       19    0    0 00:04:11        1
!
!
PE1#show mpls forwarding-table 
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop    
tag    tag or VC   or Tunnel Id      switched   interface              
16     16          22.22.22.22/32    0          Fa0/0      10.10.11.1   
17     18          10.10.22.0/24     0          Fa0/0      10.10.11.1   
18     Pop tag     10.10.12.0/24     0          Fa0/0      10.10.11.1    
20     Pop tag     1.1.1.1/32        0          Fa0/0      10.10.11.1   
21     19          2.2.2.2/32        0          Fa0/0      10.10.11.1

PE2

router bgp 65300
 no bgp default ipv4-unicast
 bgp log-neighbor-changes
 neighbor 11.11.11.11 remote-as 65300
 neighbor 11.11.11.11 update-source Loopback0
 neighbor 11.11.11.11 timers 1 4
 !
 address-family vpnv4
  neighbor 11.11.11.11 activate
  neighbor 11.11.11.11 send-community extended
 exit-address-family
!
!
PE2#show bgp vpnv4 unicast all summary | i 65300
BGP router identifier 22.22.22.22, local AS number 65300
11.11.11.11     4 65300    7518    7516       19    0    0 00:06:33        1
!
!
PE2#show mpls forwarding-table 
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop    
tag    tag or VC   or Tunnel Id      switched   interface              
16     17          11.11.11.11/32    0          Fa0/0      10.10.22.1   
17     Pop tag     10.10.12.0/24     0          Fa0/0      10.10.22.1   
18     18          10.10.11.0/24     0          Fa0/0      10.10.22.1                                
20     19          1.1.1.1/32        0          Fa0/0      10.10.22.1   
21     Pop tag     2.2.2.2/32        0          Fa0/0      10.10.22.1

At this point we have a functional IPv4 MPLS. Now, let’s use the MPLS to transport IPv6 networks. First, on the PE routers we have to enable IPv6 routing support and CEF:

ipv6 unicast-routing
ipv6 cef

Next, I’ll have the L200 interface configured:

PE1#show ipv6 int lo200
Loopback200 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::C002:15FF:FE10:0 
  No Virtual link-local address(es):
  Global unicast address(es):
    2001::1, subnet is 2001::1/128 
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:FF00:1
    FF02::1:FF10:0
  MTU is 1514 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ICMP unreachables are sent
  ND DAD is not supported
  ND reachable time is 30000 milliseconds
  Hosts use stateless autoconfig for addresses.
PE2#sh ipv6 int lo200
Loopback200 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::C003:15FF:FE10:0 
  No Virtual link-local address(es):
  Global unicast address(es):
    2001::2, subnet is 2001::2/128 
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:FF00:2
    FF02::1:FF10:0
  MTU is 1514 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ICMP unreachables are sent
  ND DAD is not supported
  ND reachable time is 30000 milliseconds
  Hosts use stateless autoconfig for addresses.

Now let’s make the magic and configure the PE routers so that the IPv6 networks are reachable. We will make this by using the 6PE method. This solution include that the Provider edge routers (PE) are IPv6 capable and it enables IPv6 sites to communicate with each other over an MPLS IPv4 core network using MPLS label switched paths (LSPs). To make it clear the Provider routers (P) inside MPLS have not idea about any IPv6 addressing or routing.

The 6PE routers are configured to be dual-stack using IPv4 and IPv6, and use the IPv4 mapped IPv6 address for IPv6 prefix reachability exchange. The 6PE uses multiprotocol internal BGP (MP-iBGP) to distribute IPv6 routes over the MPLS IPv4 core network and to attach an MPLS label to each route.

Let’s enable this. The BGP configuration looks like this:

PE1#
router bgp 65300
 !
 address-family ipv6 
  neighbor 22.22.22.22 activate 
  neighbor 22.22.22.22 send-label 
  network 2001::1/128 
  no synchronization 
 exit-address-family
PE2#
router bgp 65300
 !
 address-family ipv6
  neighbor 11.11.11.11 activate
  neighbor 11.11.11.11 send-label
  network 2001::2/128
  no synchronization
 exit-address-family

I did enable the BGP neighbour under IPv6 address family using the IPv4 addresses. The IPv4 addresses are already know in MPLS using the IPv4 IGP protocol (OSPF). Very important here is the send-label option as it enables binding and advertisement of aggregate labels when advertising IPv6 prefixes in BGP.

Let’s check on the PE routers if we receive properly the IPv6 addresses:

PE1#show bgp ipv6 unicast 2001::2/128
BGP routing table entry for 2001::2/128, version 16
Paths: (1 available, best #1, table Global-IPv6-Table)
  Not advertised to any peer
  Local
    ::FFFF:22.22.22.22 (metric 31) from 22.22.22.22 (22.22.22.22)
      Origin IGP, metric 0, localpref 100, valid, internal, best
      mpls labels in/out nolabel/22
!
!
PE1#show ipv6 route 2001::2/128 | b 2001::2
B   2001::2/128 [200/0]
     via ::FFFF:22.22.22.22, IPv6-mpls
PE2#show bgp ipv6 unicast 2001::1/128
BGP routing table entry for 2001::1/128, version 14
Paths: (1 available, best #1, table Global-IPv6-Table)
  Not advertised to any peer
  Local
    ::FFFF:11.11.11.11 (metric 31) from 11.11.11.11 (11.11.11.11)
      Origin IGP, metric 0, localpref 100, valid, internal, best
      mpls labels in/out nolabel/23
!
!
PE2#show ipv6 route 2001::1/128 | b 2001
B   2001::1/128 [200/0]
     via ::FFFF:11.11.11.11, IPv6-mpls

And the last test:

PE2#ping ipv6 2001::1 source 2001::2
 
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001::1, timeout is 2 seconds:
Packet sent with a source address of 2001::2
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/17/24 ms

If you have questions or there is something which is not clear please let me know by using the Comments section below.


Leave a Reply