Small cisco boxes doing IPv6?
Merike Kaeo
merike at doubleshotsecurity.com
Mon Feb 13 21:16:24 CET 2012
On Feb 13, 2012, at 2:36 AM, Marco Hogewoning wrote:
> Time for a quick update :)
>
> Turned out it is very hard to get a random cisco reseller to confirm wether a specific feature is present or even a simple telling which software version is supposed to be shipped with the box. After a lengthy process finally found a company who at least told us they were willing to help out if the box didn't perform as expected. Unfortunately the rest of the sales people seem to be taking the fire and forget approach, nice if you are past the lab stage and know what you are after but doesn't help if you are trying to find out what to buy.
>
> Can imagine that for a small shop wanting to deploy IPv6 this can be quite a steep hill to walk up. Mistakes are easily made and can seriously eat in your already tiny budget.
>
> If it is of any help, we now have two models running 2921 and 1921 and both the systems were delivered on 15.1(4)M3, which is from december 2011, IPbase and K9 license on the box. I ran a couple of quick tests and confirmed IPv6 functionality on BGP, OSPF and IS-IS. These were no performance tests, but at least I verified the process starts and is capable of exchanging a static IPv6 route. Little disclaimer: this was the first time I ever touched IS-IS, your mileage may vary.
>
> Also setup a quick IPv6 in IPv4 tunnel, during that phase I found some 6RD related commands but haven't came round to testing anything in that area.
OK, I see that the 1921 will replace the 1841 which I have at home. It's been running IPv6 fine for a few years :)
Cosmopolitan#sh ha
Cisco IOS Software, 1841 Software (C1841-ADVIPSERVICESK9-M), Version 12.4(6)T, RELEASE SOFTWARE (fc1)
I used to have a few tunnels to varying people but have had eBGP for v6 on it for almost 8 months or so to watch the routing table grow and have native connectivity.
Cosmopolitan#sh ipv6 ro
IPv6 Routing Table - 8076 entries
Granted I only have a /29 and some wireless home stuff for streaming music (probably 12 devices total) and video plus a /48 with all of 5 devices (for now) but the CPU is ridiculously underutilized. I log all ACL exceptions and suffice to say I'm fairly strict with my filtering...more to see the exceptions roll by and see who the heck is knocking uninvited on my door.
I'd upgrade to maybe try some new functionality but I don't think I have a support contract....go native and you'll be fine. The fundamentals have worked for quite a few years :)
- merike
More information about the ipv6-ops
mailing list