BGP peering over IPv6 transport uses a BGPv6 peer to exchange IPv6 routes over an IPv6 transport layer. This is different than BGP+, which enables exchange of IPv6 routes over a BGPv4 peer. Also with BGP+, you must use an IPv6 tunnel to install and configure IPv6 routes in an IPv6 Routing Table Manager (RTM). BGP+ uses an IPv4 mapped IPv6 address for the next hop address and requires you to configure IPv6 static routes and install IPv6 routes in an IPv6 RTM where the next hop for the static route is an IPv6 tunnel interface.
BGPv6 supports the following:
Input/Output policies.
Redistribution of OSPFv3, IS-IS, IPv6 static route, and IPv6 direct routes into BGPv6.
Aggregation of global unicast IPv6 addresses.
Note
BGP+ also supports the preceding features.
The switch supports the BGP mulitprotocol extension, as described in RFC 4760. Also supports RFC 2545 (MP-BGP for IPv6).
The BGP protocol extensions ensure peering can be enabled with IPv6 address family capabilities.
BGPv6 does not exchange any IPv4 routes. BGPv6 advertises or learns only IPv6 routes.
|
GRT/VRF |
IPv4 Routes Exchange |
IPv6 Routes Exchange |
|
|---|---|---|---|
|
BGPv4 |
GRT |
Supported |
Supported (BGP+) |
|
VRF |
Supported |
Not supported Note:
IPv6 over IPv4 tunnels is not yet virtualized. |
|
|
BGPv6 |
GRT |
Not supported |
Supported |
|
VRF |
Not supported |
Supported |
Specify the address family attribute as IPv6 to enable IPv6 route exchange.
You can enable IPv6 route exchange by specifying the address family attribute as IPv6. Optionally, you can use non-transitive BGP properties to exchange IPv6 routes between the BGPv6 peering. Any BGPv6 speaker must maintain at least one IPv6 address to establish a BGPv6 connection. The IPv6 scoped unicast addresses can identify the address as global or link-local. If you use BGPv6 to convey IPv6 reachability information for interdomain routing, you can also announce a next hop attribute that consists of a global address and a link-local address.
Note
BGPv6 does not support adjacency on link-local.
BGPv6 uses IPsec for security. MD-5 authentication is supported for BGPv4 and is not supported for BGPv6.
The following table shows the differences between BGPv4 and BGPv6 for authentication.
|
MD5 |
IPsec |
SHA1/SHA2 |
|
|---|---|---|---|
|
BGPv4 |
Supported |
Not supported |
Not supported |
|
BGPv6 |
Not supported |
Supported Note:
IP Sec is not virtualized, hence BGPv6 is supported only in Global Router mode, and not supported in VRF mode. |
Not supported |
MD5 authentication is not supported in BGPv6 so it is not necessary to enable MD5 authentication.
Only IPsec is supported. Therefore, MD5 authentication cannot be configured.
Includes consistency checking for MD5 authentication. BGP peer and BGP peer group configuration for IPv6 addresses include a rule to block MD5 authentication. If you attempt to configure MD5 authentication, you will receive an error message.
With BGPv6, IPv6 tunneling is not required for IPv6 data traffic flow. An IPv6 tunnel is required for BGP+.