English
HomeBlog6VPE

6VPE

Posted on Mar 30, 2024 by
  Howard
77

What Is 6VPE?

6VPE facilitates the integration of detached IPv6 networks and the provisioning of BGP MPLS VPN services by harnessing the capabilities of IPv4 and MPLS. Within this environment, customer edge (CE) devices operate with IPv6 addressing, while the core network machinery functions with IPv4 addresses. The deployment of 6VPE in a network utilizes VPN technology to create logical separations among the connected IPv6 networks, thereby enhancing their security.

Why 6VPE is Necessary?

With the transition of networks from IPv4 to IPv6, a surge in demand for VPN services compatible with IPv6 is noted. To address this, 6VPE steps in as an adaptation of the BGP MPLS IP VPN to cater to IPv6 networks, allowing for the delivery of BGP MPLS VPN services within IPv6 environments.

Transitioning from MPLS IPv4 Networks to IPv6

IPv6 is recognized for its expansive address capacity and increased quality of service and security features, driving its adoption and garnering considerable interest. In the transition phase, the coexistence of IPv4 and IPv6 networks is standard, leading to the emergence of 'IPv6 islands'. Initially, 6PE technology can connect these islands over an MPLS IPv4 network core. As IPv6 adoption escalates, so does the necessity for IPv6 VPN services. 6VPE addresses this requirement by logically separating IPv6 networks within its infrastructure, enhancing security for IPv6 connections.

Similarities between 6VPE and 6PE

6VPE and 6PE utilize BGP MPLS VPN technology to:

  • Connect IPv6 islands using MPLS, which overlays IPv6 traffic onto an IPv4 MPLS backbone, while still relying on IPv4 IGP for routing amongst provider edge (PE) and provider (P) nodes.

  • Employ MP-BGP to disseminate IPv6 routing data.

Differences between 6VPE and 6PE

6PE treats connected IPv6 networks as a singular VPN entity served by the IPv4 backbone. It doesn't isolate these IPv6 networks, as IPv6 routing information is distinct from that of IPv4 and is treated as a VRF-like structure on a 6PE router. In contrast, 6VPE ensures separation of services between various private IPv6 sites by utilizing VPN technology within the network, assigning each IPv6 VPN its own VRF, implementing the VPN-IPv6 address family, and achieving logical isolation among the IPv6 VPNs.

Advantages of 6VPE

6VPE provides significant benefits:

  • 文Simplified configuration: It integrates seamlessly with the current IPv4/MPLS networks to connect IPv6 islands, minimizing network modifications and containing configurations to the PEs, rendering the IPv4 network transparent to IPv6 services.

  • Compatibility with diverse services: 6VPE is not constrained by the IP protocol version of the backbone. IPv6 VPN traffic is predominantly routed over IPv4 tunnels, with the additional option of using CR-LSPs or GRE tunnels between PEs.

  • Enhanced security: By logically segregating IPv6 networks, 6VPE substantially heightens the security of the IPv6 network infrastructure.

Types of 6VPE Networking

6VPE networking can be categorized based on how it operates across single or multiple Autonomous Systems (AS). Here are the primary types:

Single-AS 6VPE Networking

In a single-AS 6VPE setup, Provider Edge routers (PEs) run IPv4 and IPv6, while Customer Edge routers (CEs) support IPv6. PEs and CEs can utilize static routing or a version of the IPv6 protocol like BGP4+, IS-ISv6, RIPng, or OSPFv3. The inter-PE public network tunnels might include LDP LSPs, traffic-engineered (TE) tunnels, or GRE tunnels. MPLS must be activated on GRE tunnel interfaces if GRE is used for public network connectivity.

Inter-AS 6VPE Option A Networking

Option A for Inter-AS 6VPE features AS boundary routers (ASBRs) that have interfaces tied to IPv6 VPN instances with IPv6 addressing. IPv4 is operational in the network backbone. ASBRs and PEs run both protocols. Between ASBRs, a version of the IPv6 protocol is used for communication. Data is transferred as regular IPv6 packets sans labels between ASBRs, and within an AS, packets carry either one or two labels, with the innermost label representing the IPv6 VPN service.

Inter-AS 6VPE Option B Networking

With Option B, IPv4 operates within and between ASs, and both IPv4 and IPv6 are active on the PEs. ASBRs form peer relationships via MP-EBGP, using interfaces that enable the VPNv6 address family. Packets are exchanged between ASBRs as labeled IPv6 VPN packets, while within an AS, packets carry either one or two labels similar to Option A.

Inter-AS 6VPE Option C Networking

Option C interconnects IPv4 across ASs within the backbone, with PEs supporting both IPv4 and IPv6. ASBRs create MP-EBGP peering, exchange labeled routes, and negotiate the capabilities for labeled IPv4 route advertisements. Likewise, PEs form MP-EBGP peering through loopback interfaces for labeled route exchange and negotiating VPN route advertisement capabilities. Traffic is routed between ASBRs with dual labels for IPv6 VPN packets, whereas internal AS traffic might use two or three labels, with the most inner one being the IPv6 VPN instance label.

How 6VPE Operates?

6VPE functions on two distinct layers: the control plane, which is concerned with routing information exchange, and the forwarding plane, which handles the actual data transmission.

Control Plane of 6VPE

Consider the process of route advertising from CE1 to CE2 as an illustration of the 6VPE control plane in action. The interaction from CE2 to CE1 parallels this example.

1. CE1, upon establishing a connection with PE1, announces its local IPv6 route 2001:DB8:1::1/128. They communicate via a standard IPv6 routing protocol.

2. PE1 then prefixes an RD to the incoming route from CE1, transforming it into a VPN-IPv6 route. Subsequently, PE1 broadcasts this route to PE2 through MP-BGP. PE2 incorporates this VPN-IPv6 route into its own routing table and retains the MPLS label data received in the MP-BGP Update message.

3. PE2 strips away the label details from the IPv6 route and uses an IPv6 routing protocol such as BGP4+, IS-ISv6, or RIPng to convey the route to CE2.

Forwarding Plane of 6VPE

The 6VPE forwarding plane encapsulates two labels within IPv6 packets, enabling them to navigate the IPv4 core network. The exterior label represents an MPLS tunnel label describing the path to the BGP next hop, while the inner label denotes a VPN-IPv6 label that identifies the corresponding outbound interface and associated VPN. Communication between CEs and PEs utilizes IPv6 packets; between PEs, MPLS packets are transferred. To ensure routing through the IPv4 network, PEs must support both IPv4 and IPv6 (dual stack).

Here's how an IPv6 packet travels through a 6VPE tunnel:

  • An IPv6 packet initiated by CE1 is sent to PE1.

  • 文PE1 then adds an internal label (L2) and a public label (L1) based on the IPv6 VPN routing and IPv4 address information, respectively.

  • This labeled packet is forwarded across the public network tunnel to a provider router (P), which processes the packet based solely on the label without needing to interpret the IPv6 payload.

  • The provider router (P) swaps the outer label and may apply penultimate hop popping (PHP) to remove the outer label (L1').

  • Once PE2 receives the labeled packet, it refers to the internal label (L2) to identify the specific VPN instance. PE2 then removes label L2, checks the VPN routing table using the original packet's destination IPv6 address, and forwards the packet to CE2.

Tags

You might be interested in

See profile for undefined.
FS Official
6PE
See profile for undefined.
FS Official
IPv6
See profile for undefined.
FS Official
DNS
News Letter
Videos
FS Same Day Shipping Ensures Your Business Success
01:28
Nov 20, 2023
654
FS Same Day Shipping Ensures Your Business Success
Recent Trend
Cloud-based Networks Grow with Your Business

Cloud-based Networks Grow with Your Business

Anchor Your Hybrid Cloud Networking Strategy

Anchor Your Hybrid Cloud Networking Strategy

Hot Tags
Popular
FS.com About FS FS APP Contact Privacy Terms