Blog index > Cisco IPv6 for Service Provider Labs
avatar

Cisco IPv6 for SP Labs: 6PE, 6VPE, QoS with 6VPE, InterAS, CsC, 6RD, Security, Netflow v9, Multicast……

November 23, 2011

The IPv6SPSE Course is the CISCO IPv6 Training for the Service Provider
http://www.fastlaneus.com/course/fl-ipv6sps

 

The labs have been redesigned completely to support the SP environment and will follow the order of the transition phase for a Service Provider which is planning a transition to IPv6.

The Labs description is provided below…

The new labs are highlighted.

Lab #1.  Simple IPv6 Addresses configuration on R4 router and SLAAC of PC3  with Neighbor Discovery Protocol.
Turn on the Embedded Packet Capture on the Routers and then configure the IPv6 address on the routers R4 and R3, verify that the addresses on PC1, PC2 and PC3 are automatically assigned from the Routers Prefixes
DEMO: Analyze the capture of the Traffic. Explain the Neighbor Discovery exchanges: Autoconfiguration,  Duplicate Address Detection, Router Solicitations and Advertizements.

Lab #2. DNS/IPAM (NEW). DHCPv6-PD and DHCPv6 Lite
Configure a DNS/IPAM Server to allocate IPv6 addresses of our routers in our experimental network (CISCO Registrar)
Configure IPv6 routing and Addresses on R1. Check the IPv6 connectivity between R1 and R3 with pingv6.
Configure R1 as a DPCPv6-PD Server and R3 as a DHCPv6-PD Client. The LAN interface of R3 will be configured as subnet 1 of the block allocated from DHCPv6-PD
Configure R3 as DHCPv6 Lite Server to provide domain name and DNS Server Addresses to PC1 and PC2.
Configure the Routers with the proper bits and flag (Autonomous, Managed, Other) for the Workstations to know where they should get their configurations from.
Verify that PC1 and PC2 got their IPv6 addresses configured from Stateless Address Autoconfig and the domain name and DNS servers from DHCPv6.
DEMO: Explain the whole process, end to end.

Lab #3a. IPv6 Routing Protocols: OSPFv3
Configure OSPFv3 between R1, R3 and R4.  OSPFv3 is still running between R4 and R1.
Each router must have a /128 loopback advertised by OSPFv3
PC1, PC2 must ping and trace route to PC3.
DEMO: Explain the OSPFv3 Database.

Lab #3b. IPv6 Routing Protocols: ISISv6 and Redistribution.
Configure ISISv6 Level 2 ONLY on R1, R2 and R4. On R4 and R1 configure the redistribution between ISISv6 and OSPFv3
DEMO: Explain the OSPFv3 and ISISv6 databases.

Lab #3c: IPv6 Routing Protocols: MP-BGP.
Configure eBGP between the  R2 and the Internet Router. Verify that routes are received from the Internet router
Configure R4 and R1 as iBGP neighbor of R2.
Remote OSPFv3 between R1 and R3 and Replace  it with eBGP.

 

Lab #4: Transition: 6RD (NEW)
Remove IPv6 from the core routers R4, R2, R1 and configure IPv4 with ISIS routing protocol instead using a configuration provided in the lab guide or from flash no to waste any time.
Configure R4 and R1 as 6RD RG and R2 as 6RD BR.

 

Lab #5a: Transition: Basic 6PE/6VPE Lab
To prepare the next lab, this is a very simple 6PE lab for the students who are discovering IPv6 over MPLS

Lab #5b: Transition: 6VPE with Route Reflectors
Remove 6RD, add MPLS with LDP in the core routers R4, R2, R1. Configure R4 as BGP RRs. R1, R4 and R2 are configured as 6VPE for blue VRF.
R1-R3 are running eBGP and redistribute connected.
PC1, PC2 and PC3 are in the blue VRF and can ping each other.
Configure NETFLOW v9 to gather Statistics and to export data to the LANCOPE appliance.
DEMO: Tracing the route, CEFv6 and MPLS Path

Lab #6a: 6VPE Inter AS Scenario A.
Configure R2, Fa0/1 in Blue VRF. Configure on R2 BGP address-family IPv6 VRF blue , the peer R2 as an eBGP neighbor.
Verify that PC1 in one POD can ping or trace route the PC1 in the other POD.
DEMO: Traceroute from PC to PC and explain the path between the two end nodes.

Lab #6b: 6VPE Inter AS Scenario B.
Remove the VRF on R2. Remove the default filtering on R2. Configure the MP-eBGP vpnv6 neighbors between the 2 R2.
Verify that PC1 in one POD can ping or trace route the PC1 in the other POD.
DEMO: Explain the path between the two end nodes.

Lab #6c: 6VPE Inter AS Scenario C
Unconfigure the MP-eBGP vpnv6 neighbors between the 2 R2.
Configure a MP-eBGP vpnv6 multihop between the two R4s. Configure the next-hop-unchanged to avoid that the eBGP rewrite the next-hop to with the RR.
This way the next hop of a remote route remains the loopback PE address of the remote 6VPE.
Then we need to leak the loopback addresses of the 6VPEs from one AS into the other AS. We could use eBGP4+label but to make it simple in this lab we are going to use ISIS + LDP.
DEMO: Traceroute from PC to PC and Explain the path between the two end nodes.

Lab #7: 6VPE Internet Access.
Configure R2 eBGP session with the Internet Router and check that it receives eBGP routes.
Configure 6PE session with the route reflector R4 to propagate the IPv6 Internet routes to all the 6VPE routers.
Between R1 and R3 configure Frame-Relay. One of the routers but have the “frame relay into-type dce”. To enable this you must configure “frame-relay switching.
One of the Interface is in the VRF blue at the PE and the other interface is in the Global Routing Table

Lab #8a: QoS in 6VPE MPLS Environmentt.
Use the MQC to implement the DiffServ pipe mode.
http://www.cisco.com/en/US/tech/tk436/tk428/technologies_tech_note09186a008022ad7e.shtml#pipe
At the Ingress of the 6VPE, the MPLS EXP must be set independently from the IPv6 DSCP (not default).
At the Egress of the 6VPE, the MPLS EXP is used to classify the traffic.
In the MPLS core we must implement Classes of Traffic with a LLQ priority for Voice Traffic (DSCP EF, MPLS EXP=5).
Implement a Scavenger Class which may gather the traffic used to generate a DoD attack.
DEMO: Explain the QoS Police

Lab #8b: Measurement of the SLA. IP SLA
The QoS is configured, we must now monitor that the SLA is respected. We use IP SLA to monitor the traffic.
DEMO: Explain the IP SLA Statistics

Lab #9: NETFLOW v9 (NEW)
DEMO: Lancope appliance and Netflow are configured. All the data are now collected and can be presented

Lab #10: Secure the Network.
Configure R2 as the CISCO Firewall on R2, the uRPF on R2 and R3. RA Guard. Configure the Router Plane Policing.
DEMO: Show how Netflow can help to secure the network. Attack the Network with THC-ipv6. Monitor with Netflow, NDPmon

Lab #11: Migrate to a Native IPv6 Backbone.
6VPE and 6PE are removed. ISIS is configured for IPv6 in the Backbone, The Serial links are only configured with Link-Local addresses.

Lab #12: Deploy IPv6 Multicasting.
PIM-SM is configured. R4 is the RP,
PC1, PC2 and PC3 are used to send and receive some IPv6 Multicast traffic.
Netflow v9 is used to monitor the traffic forwarding by the routers,

 

Fast Lane Consulting and Education Services, Inc.
Mobile: +33676198206
Skype: fredericbovy
Email: fred.bovy@fastlaneus.com
Twitter: http://twitter.com/#!/FredBovy

Tags: , ,

Leave a Reply

You must be logged in to post a comment.