Part 1 - Introduction: What is IPv6
Part 2 - IPv6 Addressing & Subnetting
Part 3 - IPv6 Headers & Header Extensions
Part 4 - ICMPv6 & IPv6 Neighborships
Part 6 - IPv6 DHCP (DHCPv6)
Part 7 - IPv6 on Windows
Part 8 - IPv6 on Linux
Part 9 - IPv6 on Mac
Part 11 - IPv6 Routing
Part 12 - IPv6 Security & Tunneling
IPv6 Foundation Part 11: IPv6 Routing
In this major section we will cover all the important IPv6 routing protocols and options that are available.
How Next Hop Redundancy works with IPv6 (NHRP)
Next Hop Redundancy Protocols (NHRPs), sometimes also called First Hop Redundancy Protocols (FHRPs) have the purpose to provide a redundant gateway in your network. Usually a virtual IP address (VIP) is provided, which is floating virtually between two physical routers. If one device fails, the virtual IP address is still available and will continue serving clients.
Let’s jump into the different options:
The New Subnet Router Anycast Protocol for IPv6
The only option exclusive to IPv6 and built-in, is Subnet Router Anycast.
Subnet Router Anycast is an IPv6-embedded function that can replace traditional Next Hop Redundancy Protocols such as HSRP and VRRP.
There is one defined address for the router of each subnet or network:
Subnet Router Address: all host bits are set to 0:
- network: 2a02:69e0:1234::/64
- Subnet Router Anycast address: 2a02:69e0:1234::/64 (2a02:69e0:1234:0000:0000:0000:0000:0000/64)
In IPv4 you would call this address the “network address”, it is the first address of the network (all 0s), but in IPv6 there is no reserved network address anymore! This is simply the first usable address on the network.
All routers can listen to this multicast address.
To use the feature, hosts can send traffic to this Subnet Router Anycast address and a router listening to this multicast address will forward traffic towards the destination.
By best practice you should not use this address (::) for manual configuration of devices, because it is reserved for subnet router anycast. Usually, manual configuration of this address to a host does work, but it is non conforming to standards and some implementations in your devices might remind you, that you should not do this.
VRRPv3 - Virtual Router Redundancy Protocol for IPv6
The Virtual Router Redundancy Protocol (VRRP) in Version 3 is updated for use with IPv6.
IPv6 VRRP supports IPv6 and IPv4 and was standardized in RFC5798
It offers sub-second convergence, as compared to up to 38 seconds (neighbor cache timeout) using Subnet Router Anycast or standard Router Advertisements!
HSRPv2 - Hot Standby Router Protocol for IPv6
Cisco invented the Hot Standby Router Protocol (HSRP) back in the day for IPv4. Now it was updated to Version 2 as HSRPv2, which supports IPv6.
The IPv6 HSRP protocol is still Cisco proprietary, which means you probably cannot use it with other vendors.
HSRPv2 is functionally identical with HSRPv1 for IPv4.
- The active router sends the Router Advertisement (RA) to the connected network link
- Sub-second failover to the backup router is possible by tuning the timers. The backup router will send a new Router Advertisement as soon as the old primary router fails and preempt it as the primary.
IPv6 Routing Protocols explained
Now that you know the three main options how to provide a redundant first hop gateway in your network, you need to know the next step of IPv6 routing in your network.
Let’s start with the basics again:
The IPv6 Routing Table - same, same but different
The central table that contains all routing information is called the Routing Table.
The IPv6 routing table is generated like the one for IPv4
, but both stay separate.
It contains important information:
- IPv6 Prefix (network)
- Prefix length (/64)
- Next Hop our router to destination
- Route Source (the Protocol that the route was learned from
- Next Hop interface (which interface do I use to reach the next hop, especially if the next hop is a Link Local address!)
- Metric (which route is best, do I want to prefer one over another?)
RIPng - The IPv6 Routing Information Protocol
RIPng is the IPv6 Version of the original Routing Information Protocol (RIP), which is one of the oldest distance vector routing protocols out there.
I have to say it is the one that most networking people dislike strongly.
Unfortunately, I cannot say this has changed with the IPv6 version.
RIPng was defined back in 1997 via RFC2080.
After RIPv1 and RIPv2, RIPng (next generation) was created for IPv6. It is still a Distance Vector Routing Protocol.
It is an open standard, supported by all vendors, which is nice.
As with the older versions, its metric (cost) is hop count – the maximum is 15. This means it does not scale to network sizes with more than 15 hops. For a small to medium network this might be enough, but RIPng can certainly not be recommended for larger network deployments.
The metric does not care about link speed, so a 100 Mbps link towards the target, which has 1 hop less than a 100 Gbps link would be preferred. Let’s talk about scale again…
Additionally, convergence is slower than with the other IPv6 routing protocols.
You should try RIPng in a lab setup but I don’t recommend it for production use in your network.
OSPFv3 - The best Interior Gateway Protocol for IPv6 Routing
Open Shortest Path First, in short OSPF is one of the most popular interior gateway routing protocols (IGPs) out there.
- OSPF is a Link-State Routing Protocol.
- In its newest Version OSPFv3 it fully supports IPv6 and IPv4.
- IPv6 OSPF is an open standard and supported by all vendors.
- It is a scalable, stable and proven IPv6 routing protocol for all network sizes.
You can read more in this OSPF Wikipedia article. Covering the whole protocol is out of scope for this IPv6 Master Class.
Let’s have a look at the differences between OSPFv3 for IPv6 and the previous version OSPFv2 for IPv4:
What's changed in OSPFv3 for IPv6 compared to OSPFv2
- The Router LSA, Network LSA und Router ID stay 32 bit, so no IPv6 address can be used for these! (This is critical, as you need to have at least one IPv4 address such as a Loopback address on your router)
- Processing happens per link (interface) and not per subnet, because a single link possibly contains multiple IPv6 networks.
- Multiple OSPF instances per link are possible.
- Communication happens over Link-Local addresses (per link) except for the OSPF Virtual Link (global addresses are used as source for these)
- Authentication is not included in OSPF but done via IPv6-integrated IPsec AH (Authentication Header).
- OSPF packets are encapsulated directly into IPv6, there is no more TCP or UDP.
- The Next Header field contains protocol number 89 for OSPFv3.
OSPFv3's new LSA Types explained and compared to OSPFv2
|OSPFv3 Type||OSPFv3 Name||OSPFv2 Type||OSPFv2 Name|
Network Summary LSA
ASBR Summary LSA
NSSA External LSA
EIGRP (Enhanced IGRP) IPv6 Routing Protocol
The Enhanced Interior Gateway Routing Protocol (EIGRP) was invented by Cisco Systems and in its newest updated version for IPv6 EIGRP is capable of running Dual Stack.
EIGRP is a Link-State Routing Protocol, like OSPF. It is still a Cisco proprietary standard, so it is not available on all platform and from other vendors.
Like OSPF, EIGRP is very scalable, stable and proven in all network sizes.
Cisco provides EIGRP IPv6 Configuration Examples which you should check out.
Now let’s take a look at the differences between EIGRP for IPv6 and EIGRP for IPv4:
What's changed in IPv6 EIGRP compared to EIGRP for IPv4
- The Router ID stays 32 bit, no IPv6 address is configurable as router ID (This is critical, as you need to have at least one IPv4 address such as a Loopback address on your router).
- The EIGRP process does not start until a Router ID has been set (see above!).
- There is no Auto Summary, because IPv6 is always classless.
- EIGRP for IPv6 has no Split Horizon, because interfaces can have multiple prefixes.
- An explicit “no shutdown” in the EIGRP process is needed on start.
- The source address of the Hello Packet is the Link-Local address, target is multicast group ff02::a (all EIGRP routers).
- Updates are sent via unicast to the specific neighbor.
- Authentication can be either MD5 (or IPsec – this is not available yet)
IPv6 BGP (MP-BGP) and why I love it so much
My favorite IPv4 and IPv6 routing protocol of all time is BGP, the Border Gateway Protocol. It is the routing protocol used on the Internet and it is extremely customizable and versatile and scales limitless, hence it’s usage on the Internet.
- The current version is BGP4. BGP is a Path Vector Routing Protocol.
- BGP is also very common in MPLS VPNs.
- A Multi Protocol extension for IPv6 is available for BGP, some call it MPBGP or MP-BGP, meaning Multi Protocol BGP.
- The Multi Protocol extension enables other protocols, too.
- Configuration is done via “address-families” such as ipv4 unicast and ipv6 unicast, or vpnv4/vpnv6 for MPLS.
- Separate peerings for IPv4 and IPv6 are possible and recommended!
- A single peering to transports multiple address families over either IPv4 or IPv6 is also possible , but not recommended.
Why you should use separate IPv4 and IPv6 Peerings for BGP
You should use two separate peerings for BGP, one for each address family (IPv4 and IPv6) because:
- The next-hop for routes does not have to be set manually (the next hop is automatically set to the neighbor advertising the route. This is not possible if the transport protocol would be IPv4 and the IPv6 routing information would be on top of that)
- You have no risk of losing both IPv4 and IPv6, if the transport protocol fails. You can also do changes or maintenance without affecting the other protocol
- Configuration and troubleshooting are cleaner
IS-IS IPv6 Routing Protocol common on ISP Backbones
IS-IS is the last common IPv6 routing protocol that you need to know about. Its long form name is Intermediate System to Intermediate System and it was defined in RFC1142, which has been marked as historic recently by RFC7142.
IS-IS is a Link State Routing Protocol like OSPF and EIGRP. It is similar to OSPF because it also uses the Dijkstra Shortest Path First Algorithm (SPF).
IS-IS works on top of Layer 2 instead of Layer 3, so it has been compatible to IPv6 before IPv6 was even invented! IS-IS is completely protocol independent and IPv6-capable without modification.
This protocol is commonly used by ISPs in large backbones and you will usually not find it in an enterprise network.
IS-IS is also used for 802.1aq Shortest Path Bridging (SPB), which is a replacement for Spanning Tree. IS-IS is used as the control plane . See RFC6329 for more details.
Recommended Resources for additional reading
Apart from the links throughout this course I recommend the following resources for additional information:
Book recommendations on IPv6
I can recommend the following 3 books (Amazon referral links) which I enjoyed reading:
This concludes IPv6 Foundation Part 11: IPv6 Routing of the original IPv6 Foundation Master Class.