Cisco Blogs


Cisco Blog > Enterprise Networks

Deploying IPv6 in the Internet Edge

January 5, 2012
at 7:31 pm PST

cisco validated design guides - ipv6 for the internet edgeHistorically, enterprise customers have had a mixture of deployment goals and starting points for the implementation of IPv6. These starting points very often boil down to the following:

  • Core to edge
  • Edge to core
  • Internet Edge-only

Prior to about a year ago most enterprises were doing gap analysis and planning for their internal deployment of IPv6 using either core-to-edge or edge-to-core designs. Use case and timeframe dictate which of these two options an enterprise pursues.

With the core-to-edge model, there usually is no defined use case or if there is it is pretty loosely defined. There is certainly not much in the way of a defined timeframe for deployment. The core-to-edge model allows for the deployment of IPv6 in the center or “core” of the network where the enterprise can gain valuable experience on stuff like routing, access control lists, addressing, and basic network management. All of this can be done with zero impact to the existing production IPv4 network. As the use case is more defined, as the time frame is more vetted out and as resource capabilities mature, the implementation moves towards the edges of the network such as the Campus access layers or the Data Center.

The edge-to-core model has traditionally been for the early adopters or vendors such as Microsoft or Cisco or Oracle where products that need to support IPv6 are being worked on by developers (as individuals or in labs) and those developers need access to build environments or hardware/software environments over an IPv6 transport. The edge-to-core model is nearly always dependent on an “overlay” model, which is basically tunneling of some sort (manually configured tunnels, ISATAP, MPLS, IPSec, etc…). As time goes on the underlying IPv4-only infrastructure is IPv6-enabled and the tunnels come down.

I have authored two Cisco Validated Designs (CVDs) that cover both the core-to-edge and edge-to-core designs for Campus and Branch networks. You can find those CVDs here:

The more active and, quite frankly, more interesting area of deployment has been facing the Internet. Enterprise customers from all over the world have been rapidly either adding IPv6 deployment in the Internet Edge to their existing effort or perhaps this is the ONLY place they are doing IPv6.

If you are currently planning for or have already designed your IPv6-enabled Internet Edge then check out my newly published CVD:

Tags: , , , , ,

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

9 Comments.


  1. This has to be one of the most useful blog posts I have ever read from Cisco. I am extremely impressed with your expertise on IPv6 and general networking knowledge Mr McFarland. I’m pleased to see the real experts are still at Cisco.

       0 likes

  2. http://blogs.cisco.com/borderless/deploying-ipv6-on-the-internet-edge/
    The PDF link has wwww.cisco.com/ etc and as such you don’t get the pdf. Instead you get redirected to the homestore.

    Also, will the other two articles be made available in pdf?

    Thanks.

       0 likes

    • Shannon McFarland

      I am not sure what happened to the PDF link but I just fixed it. Thanks for letting us know. Also, if you follow the links to the Campus and Branch documents and then look at top and far right of the page you will see an option to download the PDF for each paper.

         0 likes

  3. Very interesting stuff, are you also responsible for creating CVD’s for end-to-end IPv6 in Datacenter/Virtualization environments like vSphere 5, NetApp and Cisco UCS and Nexus 5548.

    Any idea how many Cisco customers today are implementing IPv6 in their internal network?

       0 likes

    • Shannon McFarland

      Thanks. Yes, I do CVDs for pretty much all areas of IPv6 in the context of the enterprise. It will be awhile before we publish a CVD for the data center, but it will include stuff like network and server virtualization, multi-DC, etc…

      Thousands and thousands. ;-)

         0 likes

  4. Shanon,

    Your posts are good. I like most of the architecture/designs you/Cisco comes up with. Though, I would be really happy if you publish these designs bit earlier. In some cases, being early adopter of technology we develop architectures of our won and deploy those before Cisco publishes..:)

       0 likes

  5. Hi Shannon

    I have read very quickly and will certainly have more advanced reading as I found some very interesting information in the third one actually:

    - Deploying IPv6 in Campus Networks

    I found a lot of details about ISATAP in this paper. I may be wrong and I have not your visibility with all your customers so please don’t take it as a criticism and maybe I am missing many things about it, but to me ISATAP already belongs to the past.
    If you need to run IPv6 in the enterprise to slowly migrate and start training the staff on IPv6, all the routers are now supporting IPv6 very well. I have been a CISCO IOS IPv6 dev-tester for 7 years and I think that IPv6 is very mature on the routers now. So why running ISATAP to run IPv6 over IPv4 to avoid the configuration of IPv6 in the routers while you want to run application in hosts?
    Enterprises needs to start slowly moving to IPv6 with dual-stack but not only on the hosts, also on the routers!
    Why investing any time on learning and implementing ISATAP when you cna run IPv6 in the network?
    Maybe ISATAP was attractive many years ago when the routers were not really ready, did not run CEFv6 and whre missing important features like the management tools but today, whaat is the benefit of ISATAP ?

    - Deploying IPv6 in Branch Networks

    Here also I found a lot about a Great Invention of CISCO, DMVPN which is great to interconnect many IPv6 sites over an IPv4 public network. Great as you only need to configure only one tunnel interface no matter how many sites will have any-to-any connectivity thanks to multipoint GRE, Great since it is protected with IPsec and you only need one IPSec config since you have onluy one tunnel interface, GREAT since you only need to configure a hub and spoke with a special config on the hub and a consimilar config on all spoke, Great because thanks to NHRP (this old protocol which came from CLassical IP and ATM in the 90s!) it will build any to any configuration with direct tunnel between spoke on demand! So you understand I am a great fan of DMVPN and I can only love your paper which gives so many details about DMVPN! But again DMVPN belongs to the past! Most providers are now providing IPv6 and you don’t have to configure IPv6 which is optimized but you still have to deal with muticast mapping and it is not as efficient as native IPv66 for sure! Some of the SPs were providing it for some customers unofficially for years but in 2012 most of them are announcing the availability of IPv6! So if your provider don’t support IPv6, just go to the competition and you will not have to deal with multipoint GRE, NHRP, IPSec configs ! DMVPM may have been one of the best things CISCO proposed to help many customers a few years ago but it also belongs to the past… Or please prove me I am wrong so I will be a good IPv6 Evangelist!

    - Deploying IPv6 in the Internet Edge
    I have alos only very quickly check this one in diagonal reading and I will definitely get back to read it more carefully as it provides plenty of very interesting details about ACE, ASA, Load-Balancing in IPv6 or NAT64 case studies and configs. Plenty of very important and updated information that most of our customers were expecting from us. Many datacenters people will love it!
    Many thanks fr this paper, I will really study it carefully.

    Now I regret a few things about IPv6 Internet Access or I have missed it reading too fast (in this case accept my apologies) what about Mobile IPv6? CISCO was a precursor and pioneered (the Sophia-Antipolis Team did a gread job with Pascal Thubert, Marco Molteni and others) and CISCO is such a contributor for it.
    Proxy Mobile IPv6 is in the heart of 4G/LTE and most of the Internet Access Edge is about smartphones which represent a huge numbers of IPv6 terminals.
    We will see a big number of IPv6 in the Internet Edge with all the Mobile IPv6 applications (NEMO, MONET, MIPv6 for Mobile Phone LTE/4G).

    T-Mobile’s IPv6 service is an IPv6-only service that uses NAT64 and DNS64 in the network to connect IPv6 mobile users with IPv4 content. They believe that the majority of the bandwidth consumed by IPv6 subscribers will be native end-to-end IPv6 without any translation required by the end of 2012 as major content providers like Google, Yahoo, Facebook, Microsoft, and many others have demonstrated during World IPv6 Day!

    Not sure about the Wireless Sensor Networks as I don’t know this domain but the basics but if all these sensors must also use the Internet to get connected it will be a huge number of nodes on the Internet Access…

    Thanks again for your paper! I will spend hours now to learn all the valuable informations about all the ACE, ASA, Load-Balancing or NAT64 case studies and configs that you have provided….

    Fred Bovy,
    CISCO 15 years CCIE #3013
    CISCO 18 years CCSI #33517 (former #95003)
    IPv6 Forum Gold Certified Engineer
    IPv6 Forum Gold Certified Trainer

       2 likes

  6. Great Post. Will cisco implement through all platforms??

       0 likes

    • Shannon McFarland

      Implement what through all platforms? IPv6 generically or what? Our goal is to have IPv6 support in products that are IP aware. ;-)

         0 likes