White Papers

Internet Protocol version 6 (IPv6) Conformance and Performance Testing

Contents

• Abstract
• Introduction
• Benefits of IPv6
  • Improved efficiency in routing and packet handling
  • Support for autoconfiguration and plug and play
  • Support for embedded IPSec
  • Enhanced support for Mobile IP and mobile computing devices
  • Elimination of the need for network address translation (NAT)
  • Support for widely deployed routing protocols
  • Increased number of multicast addresses, and improved support for multicast
• What is IPv6?
  • IPv6 header format
  • IPv6 extension headers
  • IPv6 addressing
• IPv6 Operation
  • Neighbor discovery
  • Router discovery
  • Stateless autoconfiguration and renumbering of IPv6 nodes
  • Path Maximum Transfer Unit (MTU)
  • DHCPv6 and Domain Name Server (DNS)
• IPv6 Deployment
  • Dual-stack backbone
  • IPv6 over IPv4 tunneling
• IPv6 Challenges
• Why Test IPv6 Technology?
  • Testing to ensure interoperability
  • Testing to characterize performance bottlenecks
• Test Solution Requirements
  • Optimized hardware platform
  • Dual stack routing protocol emulation
  • Ability to generate and analyze tunneled traffic dual stack data plane
• Ixia's Approach to IPv6 Testing
  • IPv6 conformance testing
  • IPv6 scalability and performance testing
• Conclusion
• Appendix: Sample IPv6 Test Plans
  1. IPv6 Conformance Test
  2. IPv6/IPv4 Forwarding Performance Test
  3. Tunneling Functional Test
  4. Tunneling Performance Test
  5. IPv6 Routing Performance and Scalability Test
• Glossary
• Acknowledgements

Copyright (c) 1998-2003 Ixia. All rights reserved.

The information in this document is furnished for informational use only, is subject to change without notice, and should not be construed as a commitment by Ixia. Ixia assumes no responsibility or liability for any errors or inaccuracies that may appear in this document.

Ixia and the Ixia logo are trademarks of Ixia. All other companies, product names, and logos are trademarks or registered trademarks of their respective holders.

Internet Protocol version 6: Conformance and Performance Testing

Abstract

The need for a new Internet Protocol is well understood and accepted in the networking industry. Requirements for more address space, simpler address design and handling at the IP layer, better QoS support, greater security, and an increasing number of media types and Internet-capable devices have all contributed to drive the development ofInternet Protocol version 6 (IPv6). This paper reviews the basics of IPv6, its deployment, and strategies for managing the transition from IPv4 to IPv6. Most importantly, the paper identifies key areas for IPv6 testing, and prescribes an appropriate testing methodology for each of them.

Introduction

IPv4, the current version of the Internet Protocol deployed worldwide, has proven remarkably robust, easy to implement, and interoperable with a wide range of protocols and applications. Though substantially unchanged since it was first specified in the early 1980s, IPv4 has supported the scaling of the Internet to its current global proportions. However, the ongoing explosive growth of the Internet and Internet services has exposed deficiencies in IPv4 at the Internet's current scale and complexity. IPv6 was developed specifically to address these deficiencies, enabling further Internet growth and development.

The most important issue addressed by IPv6 is the need for increased IP addresses: IPv4's 32-bit address space is nearly exhausted, while the number of Internet users continues to grow exponentially. This need is exacerbated by the continual introduction of addresshungry Internet services and applications (Internet-enabled PDAs, home and small office networks, Internet-connected vehicles and appliances, IP telephony and wireless services, etc.). The exhaustion of IPv4 addresses has been long anticipated, and various techniques have been introduced to extend the life of the existing IPv4 infrastructure, including Network Address Translation (NAT), Dynamic Host Configuration Protocol (DHCP), and Classless Inter-Domain Routing (CIDR).

While these techniques provide a workaround for the lack of address space, they fail to meet the requirements of the Internet's end-to-end architecture and peer-to-peer applications. Additionally, residential broadband Internet requires always-on, always-contactable global addresses, which are unsupportable with current IP address conversion strategies, pooling, and other temporary allocation techniques.

The global need for IP addresses has even added political force to the drive for IPv6 implementation. For latecomers to the Internet explosion, IPv6 is the only solution that will accommodate billions of new users. Many countries, such as China and Japan, have legislated an implementation schedule for IPv6 to meet their urgent deployment needs.

Simply stated, IPv6's ample (128-bit) address space provides an adequate number of globally unique addresses to support the anticipated growth and development of the Internet for the foreseeable future. However, as the following section illustrates, IPv6 is much more than just a software fix to provide more IP addresses.


Figure 1. IPv6 address format.

Benefits of IPv6

Aside from the increased address space, IPv6 offers a number of other key design improvements over IPv4.

Improved efficiency in routing and packet handling
IPv6's very large addressing space and network prefixes (Figure 1) allow the allocation of large address blocks to ISPs and other organizations. This enables an ISP or enterprise organization to aggregate the prefixes of all its customers (or internal users) into a single prefix and announce this one prefix to the IPv6 Internet.

Within the IPv6 address space, the implementation of a multi-leveled address hierarchy provides more efficient and scalable routing. This hierarchical addressing structure reduces the size of the routing tables Internet routers must store and maintain.

Though the IPv6 header is larger, its format is simpler than that of the IPv4 header. The IPv6 header removes the IPv4 fields for Header Length (IHL), Identification, Flags, Fragment Offset, Header Checksum, and Padding, which speeds processing of the basic IPv6 header. Also, all fields in the IPv6 header are 64-bit aligned, taking advantage of the current generation of 64- bit processors.

Support for autoconfiguration and plug and play
The need for plug-and-play autoconfiguration and address renumbering has become increasingly important to accommodate mobile services (data and voice) and Internetcapable appliances. IPv6's built-in address autoconfiguration feature enables a large number of IP hosts to easily discover the network and obtain new, globally unique IPv6 addresses. This allows plug-and-play deployment of Internet-enabled devices such as cell phones, wireless devices, and home appliances.

The autoconfiguration feature also makes it simpler and easier to renumber an existing network. This enables network operators to manage the transition from one provider to another more easily.

Support for embedded IPSec
Optional in IPv4, IPSec is a mandatory part of the IPv6 protocol suite. IPv6 provides security extension headers, making it easier to implement encryption, authentication, and virtual private networks (VPNs). By providing globally unique addresses and embedded security, IPv6 can provide end-to-end security services such as access control, confidentiality, and data integrity with less impact on network performance.

Enhanced support for Mobile IP and mobile computing devices
Mobile IP, defined in an IETF standard, allows mobile devices to move around without breaking their existing connections an increasingly important network feature. Unlike IPv4, IPv6 mobility uses built-in autoconfiguration to obtain the Care-Of-Address, eliminating the need for a Foreign Agent. In addition, the binding process allows the Correspondent Node to communicate directly with the Mobile Node, avoiding the overhead of triangular routing required in IPv4. The result is a much more efficient Mobile IP architecture in IPv6.

Elimination of the need for network address translation (NAT)
NAT was introduced as a mechanism to share and reuse the same address space among different network segments. While it has temporarily eased the problem of IPv4 address shortage, it has also placed a burden on network devices and applications to deal with address translation. IPv6's increased address space eliminates the need for address translation, and with it, the problems and costs associated with NAT deployment.

Support for widely deployed routing protocols.
IPv6 maintains and extends support for existing Interior Gateway Protocols (IGPs) and Exterior Gateway Protocols (EGPs). For example, OSPFv3, IS-ISv6, RIPng and MBGP4+ have been well defined to support IPv6.

Increased number of multicast addresses, and improved support for multicast.
IPv6 multicast completely replaces IPv4 broadcast functionality, by handling IPv4 broadcast functions such as router discovery and router solicitation requests. Multicast saves network bandwidth and improves network efficiency.

What is IPv6?

IPv6 header format
The IPv6 header has been streamlined for efficiency (Figure 2). The new format introduces the concept of an extension header, allowing greater flexibility to support optional features. Fields in the IPv6 header are:

• Version: 4-bit Internet Protocol version number, value = 6.
• Traffic Class: 8-bit traffic class field, similar to type of service in IPv4.
• Flow Label: 20-bit flow label, used to identify traffic flow for additional control on quality of service.
• Payload Length: 16-bit unsigned integer, length of the IPv6 payload.
• Next Header: 8-bit selector, used to identify the type of header immediately following the IPv6 header.
• Hop Limit: 8-bit unsigned integer, decremented by 1 by each node that forwards the packet. The packet is discarded if Hop Limit is decremented to zero.
• Source Address: 128-bit address of the originator of the packet.
• Destination Address: 128-bit address of the intended recipient of the packet.

IPv6 extension headers
The extension header is optional in IPv6. If present, extension headers immediately follow the header field. IPv6 extension headers have the following properties:

• They are 64-bit aligned, with much lower overhead than IPv4 options.
• They have no size limit as with IPv4. The only limitation is the size of IPv6 packet.
• They are processed only by destination node. The only exception is the Hop-by-Hop header option.
• The Next Header field of the base IPv6 header identifies the extension header.

Figure 2. IPv4 and IPv6 header formats.

When multiple extension headers are present in a same IPv6 packet, they occur in this order:

• The Hop-by-Hop header carries information that needs to be examined by all the nodes along the delivery path. When present, the Hop-by-Hop option always follows immediately after the basic IPv6 header.
• The Destination header carries additional information that can be examined only by the destination node.
• The Routing header is used by the source node to list all the nodes the packet needs to traverse on the path to its destination.
• The Fragmentation header is used by the source to indicate that the packet has been fragmented to fit within the maximum transmission unit (MTU size). In IPv6, unlike IP4, packet fragmentation and assembly are done by the end nodes instead of routers, which further improves the efficiency of the IPv6 network.
• The Authentication and Encapsulating Security Payload headers (AH and ESP) are used in IPSec to provide security services to ensure the authentication, integrity, and confidentiality of a packet.

IPv6 addressing
The 128-bit IPv6 address is separated into eight 16-bit hexadecimal numbers divided by colons ( : ). The preferred format is xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx, for example: 2031:0000:1F1F:0000:0000:0100:11A0:ADDF.. The following conventions are also used to represent IPv6 addresses, including ways to shorten them and make them easier to represent:

• Leading zeros can be removed.
• 0000 = 0 (compressed form).
• :: represents one or more groups of 16 bits zeros, and can only appear once in an address. For example, 2001:0:13FF:09FF:0:0:0:0001 = 2001:0:13FF:09FF::1
• The lower four 8 bits can use decimal representation of IPv4 addresses. For example, an IPv4-compatible IPv6 address is 0:0:0:0:0:0.192.168.0.1. Unlike an IPv4 node, an IPv6 node allows more than one type of IP address: unicast, anycast, and multicast.

Unicast. An address used to identify a single interface. A packet destined for a unicast address is delivered to the interface identified by that address. Based on the reachability of the packets, unicast supports the following address types.

Global unicast address. An address that can be reached and identified globally. A global unicast address consists of a global routing prefix, a subnet ID, and an interface ID (Figure 3). The current global unicast address allocation uses the range of addresses that start with binary value 001 (2000::/3), one-eighth of the total IPv6 address space.

Site-local unicast address. An address that can only be reached and identified within a customer site, similar to IPv4 private address 10.0.0.0/8 and 192.168.0.0/16. the site-local unicast address contains a FEC0::/10 prefix, subnet ID, and interface ID (Figure 4).

Link-local unicast address. An address that can only be reached and identified by nodes attached to the same local link. A link-local unicast address uses a FE80::/ 10 prefix and an interface ID (Figure 5).


Figure 3. Global unicast address format.


Figure 4. Site-local unicast address format.


Figure 5. Link-local unicast address format.

Anycast. The anycast address is a global address that is assigned to a set of interfaces belonging to different nodes (Figure 6). A packet destined to an anycast address is routed to the nearest interface. The anycast address has the following restrictions:

• An anycast address must not be used as source address of IPv6 packet.
• An anycast address must not be assigned to an IPv6 host. It may be assigned to an IPv6 router.

Multicast. As in IPv4, a multicast address is assigned to a set of interfaces belonging to different nodes. A packet destined to a multicast address is routed to all interfaces identified by that address. The IPv6 multicast address uses the FF00::/8 prefix, 1/256 of the total IPv6 address space (Figure 7).

Figure 6. Anycast address format.


Figure 7. Multicast address format.

IPv6 Operation

Neighbor discovery

The neighbor discovery protocol enables IPv6 nodes and routers to determine the link-layer address of a neighbor on the same network, and to find and track neighbors. The IPv6 neighbor discovery process uses IPv6 ICMP (ICMPv6) messages and solicited-node multicast addresses to determine the link-layer address of a neighbor on the same network, verify the reachability of a neighbor, and keep track of neighbor routers.

When a node wants to determine the linklayer address of another node on the same local link, a neighbor solicitation message is sent on the local link, carrying the sender's own link-layer address. After receiving the neighbor solicitation message, the destination node replies by sending a neighbor advertisement message with its own link-layer address on the local link. After the neighbor advertisement is received, the source and destination nodes can communicate. Neighbor advertisement messages are also sent when there is a change in the link-layer address of a node on a local link.

Router discovery
To discover the routers on the local link, the IPv6 router discovery process uses router advertisement and solicitation messages. Router advertisements messages are sent out periodically on each configured interface of an IPv6 router, and also in response to router solicitation messages from IPv6 nodes on the link. When a host does not have a configured unicast address, it sends a router solicitation message, enabling the host to autoconfigure itself quickly without having to wait for the next scheduled router advertisement message.

A router advertisement contains or determines:

• The type of autoconfiguration a node should use stateless or stateful.
• The Hop limit value a node should place in the IPv6 header.
• The network prefix a node should use to form the unicast address.
• The lifetime information of the included network prefix.
• The maximum transmission unit (MTU) size a node should use in sending packets.
• Whether the originating router should be used as default router.

Stateless autoconfiguration and renumbering of IPv6 nodes
Stateless autoconfiguration enables serverless basic configuration of IPv6 nodes and easy renumbering. Stateless autoconfiguration uses the network prefix information in the router advertisement messages as the /64 of prefix of the node address. The remaining 64 bits address is obtained by the MAC address assigned to the Ethernet interface combined with additional bits in EUI-64 format. For instance, a node with Ethernet interface address 0003B61A2061, combined with network prefix 2001:0001:1EEF:0000/64 provided by router advertisement, will have an IPv6 address as 2001:0001:1EEF:0000:0003:B6FF:FE1A: 2061.

Renumbering of IPv6 nodes is possible through router advertisement messages, which contain both the old and new prefix. A decrease in the lifetime value of the old prefix alerts the nodes to use the new prefix, while still keeping their current connections intact with the old prefix. During this period, nodes have two unicast addresses in use. When the old prefix is no longer usable, the router advertisements will include only the new prefix.

Path Maximum Transfer Unit (MTU)
IPv6 routers do not handle fragmentation of packets, which is done, when necessary, by the originating or source node of the packet. IPv6 uses ICMP error reports to determine whether the packet size matches the MTU size along the delivery path. When a node reports packet too big via an ICMP error report, the source node will reduce the size of the transmit packet. The process is repeated until there is no packet too big error along the delivery path. This allows a node to dynamically discover and adjust to differences in the MTU size of every link along a given data path.

DHCPv6 and Domain Name Server (DNS)
In addition to stateless autoconfiguration, IPv6 also supports stateful configuration with DHCPv6. The IPv6 node has an option to solicit an address via DHCP server when a router is not found. The operation of DHCPv6 is mostly similar to that of DHCPv4; however, DHCPv6 uses multicast for many of its messages. IPv6 also introduces a new record type to accommodate IPv6 addresses in Domain Name Servers. The AAAA record, also known as quad A , has been recommended by the IETF for mapping a host name to an IPv6 address.

IPv6 Deployment

IPv6 provides many benefits over legacy IPv4 technology; however, all agree that any successful strategy for IPv6 deployment requires it to coexist with IPv4 for some extended period of time. A number of strategies have been developed for managing this complex and prolonged transition from IPv4 to IPv6. The following subsections describe several of these strategies.

Dual-stack backbone
In dual-stack backbone deployment, all routers in the network maintain both IPv4 and IPv6 protocol stacks. Applications choose between using IPv4 or IPv6, with the application selecting the correct address based on the type of IP traffic and particular requirements of the communication.

Today, dual-stack routing is the preferred deployment strategy for network infrastructures with a mixture of IPv4 and IPv6 applications that require both protocols. This strategy has several limitations, however: all routers in the network must be upgraded to IPv6; routers also require a dual addressing scheme, dual management of the IPv4 and IPv6 routing protocols and sufficient memory for both the IPv4 and IPv6 routing tables.

IPv6 over IPv4 tunneling
IPv6 over IPv4 tunneling encapsulates IPv6 traffic within IPv4 packets, to be sent over an IPv4 backbone (Figure 8). This enables island IPv6 end systems and routers to communicate through an existing IPv4 infrastructure.

A variety of tunneling mechanisms are available for deploying IPv6 (Figure 9), as described in the following sections.

Manually configured tunnels. As defined by RFC 2893, both end points of the tunnel need to be configured with appropriate IPv6 and IPv4 addresses. The edge routers sitting at the end points, usually a dual stack router, will forward the tunneled traffic based on the configuration.

GRE (Generic Routing Encapsulation) tunnels.Defined to transport data over the IPv4 network, GRE allows one network protocol to be transmitted over another network protocol, by encapsulating the packets to be transmitted within GRE packets. GRE is an ideal mechanism to tunnel IPv6 traffic.

Figure 8. IPv6 over IPv4 tunneling.


Figure 9. IPv6 tunnel mechanisms.

IPv4-compatible tunnels or 6over4 tunnels. As defined in RFC 2893, these tunnel mechanisms automatically set up tunnels based on the IPv4-compatible IPv6 addresses. An IPv4-compatible IPv6 address defines the left-most 96 bits as zero, followed by an IPv4 address embedded in the last 32 bits. For example, 0:0:0:0:0:0.64.23.45.21 is an IPv4- compatible address.

6to4 tunnels. As defined by RFC 3056, 6to4 tunneling uses an IPv4 address embedded in the IPv6 address to identify the end point of the tunnel and setup tunnel automatically (Figure 10).

ISATAP (Intra-Site Automatic Tunnel Addressing Protocol) tunnels. As defined in draft-ietfngtrans- isatap-16, ISATAP tunneling is very similar to 6to4 tunneling, but is designed for use in a local site or campus network. The ISATAP address contains the 64-bit network prefix, 0000:5EFE, and an IPv4 address identifying the address of the tunnel end point (Figure 11).

Figure 10. 6to4 tunneling address format.


Figure 11. ISATAP tunneling address format.

MPLS (Multi-Protocol Label Switching) tunnels.Using MPLS technology, isolated IPv6 domains can communicate with each other over a MPLS IPv4 core network. Because MPLS forwarding is based on labels rather than the IP header itself, this implementation requires far fewer backbone infrastructure upgrades and less reconfiguration of core routers, providing a very cost-effective way to deploy IPv6. Additionally, MPLS's inherent VPN and traffic engineering services allow IPv6 networks to be combined into VPNs or extranets over an infrastructure supporting IPv4 VPNs and MPLS-TE.

IPv6 Challenges

Expectations for IPv6 are high: it is perceived as the protocol of the next generation Internet, replacing today's legacy IPv4-based networks. As described above, IPv6 deploys a new data plane to fix various addressing and efficiency problems with IPv4, and a new routing control plane to effectively make use of the new addresses. The impact of the new data and control planes on today's networks is significant. Failures or interruption are unacceptable in missioncritical networking environments. Network operators and service providers are facing tough questions when and how to migrate to IPv6? To answer these questions with certainty, they need assurance that in their particular networks, IPv6 will provide:

• Rapid expansion needed for more users and devices.
• Smooth transition and coexistence with IPv4.
• Robust network failure recovery.
• Deliverable Quality of Service.
• Improved network security.

Network equipment manufacturers (NEMs) face the challenge of building routers to support both IPv6 and IPv4 networks, with two sets of control and data planes. This can add significant resource requirements to routers supporting dual stacks, impacting router performance and scalability. Additional transition mechanisms like tunneling and application/address translation add complexity to router design.

For end users, IPv6 improves productivity by enabling network connectivity via a wider range of media and delivery mechanisms. But for general acceptance, the new IPv6 networks must demonstrate responsiveness at least equal to that of IPv4. In addition, while several end user environments and applications like Windows XP, Linux, and sendmail support IPv6 today, more applications are needed to enhance IPv6's overall acceptance.

Why Test IPv6 Technology?

Testing to ensure interoperability
Network operators and service providers need to understand how well new IPv6 equipment will behave in multi-vendor environments. Most of the roadblocks to initial IPv6 deployment involve interoperability among different vendor equipment as well as between IPv6 and IPv4 systems. The need for test tools to identify and isolate problems prior to deployment is too critical for operators to ignore. For NEMs, providing interoperable products is a key element to success with the introduction of any new technology. The fear of incompatibility problems between legacy IPv4 infrastructure and multiple vendors' IPv6 systems can only be dealt with via a thorough test methodology to ensure interoperability.

IPv6 is defined by over 60 IETF RFCs. The implementation of very large and complex RFCs is prone to misunderstanding and misinterpretation. Conformance testing, with a comprehensive and rigorous test methodology, increases product quality and customer confidence. Conformance testing also saves time and money, by allowing vendors to verify a product's design throughout the entire product life cycle. Problems can be identified earlier in development, reducing costly last-minute rework and post-deployment problems.

Testing to characterize performance bottlenecks
Once the IPv6 network is up and running, the next major concern is how well it will perform. IPv6 introduces new control and data planes, along with transitional technologies like tunneling and dual-stack support. A precise understanding of performance inefficiencies and limitations is essential for networks planners and operators in designing their networks. NEMs are always under pressure to deliver more performance and scalability per dollar from their equipment. Both NEMs and network operators can benefit from a test methodology that can characterize data plane performance, including such metrics as:

• Throughput.
• Packet loss.
• Latency.
• Jitter.

and control plane performance such as:

• Size of forwarding information
• Routing scalability.
• Route convergence.
• Routing stability.

Initial IPv6 development will focus primarily on the software level, to prove functionality. As the technology matures enough to mainstream deployment, implementation will move down to the hardware level for the ultimate level of performance. The new IPv6 routing protocols like OSPFv3, RIPng, ISISv6 and MBGP+ will need to process larger addresses and routes to achieve scalability similar to that of existing IPv4 networks. NEMs, service providers, and network operators must properly characterize scalability in order to understand the impact of the new IPv6 design and to prevent bottlenecks. Tunneling will be a key technology to interconnect IPv6 islands during the early stage of IPv6 deployment. The scalability and performance of a tunneling mechanism depends on the number of tunnels a device can handle; this metric must be monitored and measured.

To characterize the performance bottlenecks of a new IPv6 design properly requires a test bed that can overrun the performance and scalability limitations of a device or system under test. Creating such a test bed from hundreds of routers or switches is prohibitively expensive and difficult to manage. NEMs and service providers need test tools that can simulate real-world network conditions affordably and manageably. To stress test both the control and data planes adequately, the test tool is required to emulate hundreds of routers and also generate wire-speed traffic.

Test Solution Requirements

IPv6 test tools must be able to perform a wide variety of functions to adequately test and validate IPv6 devices and systems. For conformance testing, the test solution must be able to fully exercise the control plane of the device or system under test. For performance and scalability testing, the test solution must be able emulate IPv6-capable routers at the control plane level and scale up for large capacity testing. The solution must also be able to drive wire-speed traffic through the system at the data plane level to fully stress the device being tested.

Optimized hardware platform
While simple router emulation can be run on PCs or workstations, an optimized test system is needed to provide complete testing capabilities and high levels of scalability. For example, to emulate a large network, a network interface on a test tool must support hundreds or even thousands of IP interfaces and MAC addresses requirements that standard off-the-shelf hardware cannot support. Purpose-built test hardware is required to provide the flexibility and scalability needed to test IPv6 systems adequately.

Dual stack routing protocol emulation
The IPv6 test tools must be able to emulate the full range of routing protocols used in today's IPv4 and transitional IPv6 networks, including OSPFv2, OSPFv3, ISIS, IS-ISv6, RIP, RIPng, BGP and MBGP+. These routing protocols are used to advertise the underlying network topologies over which the IPv6 network is established.

Ability to generate and analyze tunneled traffic dual stack data plane
IPv6 test tools must be able to fully stress the dual-stack data planes of dual stack routers in addition to IPv6-only scenarios. The test tool must:

• Generate and analyze IPv4 and IPv6 packets at wire-speed.
• Allow composing and editing of IPv6 and IPv6 over IPv4 tunnel packets.
• Measure data throughput, data integrity, packet latency, and jitter on all packet types.
• Be sufficiently flexible in packet encapsulation and decapsulation to support various tunneling schemes, such as GRE, MPLS, 6to4, 6over4, and ISATAP.
• Integrate with the control plane emulation of the test tool and be able to target traffic to the IPv4 and IPv6 routes advertised by the routing emulation.

Ixia's Approach to IPv6 Testing

IPv6 conformance testing
Ixia has addressed the challenges of protocol conformance testing by developing IxANVL (Ixia Automated Network Validation Library), the industry standard conformance test suite. For protocol conformance testing, IxANVL supports over 30 protocols overall, and the IPv6 conformance test suite contains over 500 test cases to validate routers and hosts. IxANVL provides positive as well as negative test cases against the RFCs that specify these standards. Negative tests help validate device response to killer packets.

IxANVL performs its tests as a dialog: it sends packets to the router being tested, receives the packets sent in response, and then analyzes the response to determine the next action to take. This allows IxANVL to test complicated situations or reactions in a much more intelligent and flexible way than can be done by simple packet generation and capture devices.

IxANVL can run on standalone workstations or via Ixia's optimized test platforms. IxANVL can be completely automated using a scripting interface, and IxANVL source code is also available to users for customization, allowing a great degree of testing flexibility.

IPv6 scalability and performance testing
The general methodology employed by Ixia for testing the scalability and performance of IPv6 routers involves first surrounding the device or system under test (DUT/SUT) with Ixia hardware test interfaces. The Ixia system then emulates everything else needed to test the device, including other IPv6/IPv4 dual stack routers, IP route injection, IPv6 routing protocols, and traffic transmission. In this way, large and complex topologies can be simulated to test the DUT/SUT in realistic system environments, with a minimum of hardware requirements. For example, in Figure 12, four Ixia test interfaces are connected to the DUT with numerous routers being emulated per interface.

Ixia has developed two primary applications for IPv6 performance testing, IxExplorer and IxScriptMate, each with a distinct testing focus.

IxExplorer. IxExplorer provides a high level of flexibility and functionality in protocol emulation, traffic generation, and analysis. IxExplorer is the primary controlling application for Ixia's purpose-built hardware test platform, allowing detailed configuration of protocols and analysis of test results.

Within IxExplorer, a comprehensive set of IPv6 routing protocols is supported, including OSPFv3, IS-ISv6, RIPng, and MBGP+ as well as multicast protocol MLD. IxExplorer controls the protocols' operation on Ixia's test hardware architecture, which supports a CPU running Linux on each test port. This dedicated emulation environment allows hundreds of dual-stack routers to be emulated on each network interface. Hundreds of thousands of routes can be advertised from each interface, and line rate traffic can be generated over the established connections. Alternatively, Ixia's IxChariot product can be used to transmit emulated enterprise application traffic over the IPv6 routers or network being tested to measure end-to-end application response times.


Figure 12. Ixia router simulation.

IxScriptMate. IxScriptMate provides a framework for running automated test scenarios. Numerous test suites have been developed within the IxScriptMate environment for testing IPv6 and IPv4 traffic throughput performance, latency, tunneling and routing performance, and scalability. IxScriptMate simplifies the configuration process by defining a configuration for the test and displaying the relevant parameters for user input. Tests then run automatically, and the results are presented to the user.

Conclusion

Though the benefits of IPv6 are well understood, the cost of overhauling the existing IPv4 infrastructure is prohibitive for many network operators and service providers. The current attitude toward IPv6 in the US market could be characterized as IPv4 is working. Why change? The real driving force for IPv6 will come from countries and regions whose only choice for global competitiveness in the next decade is to change to larger address space. The path to complete global IPv6 connectivity will be lengthy and full of challenges. Many transitional schemes and strategies will be used to ease the pains and minimize investment into IPv6 deployment.

The need for better test tools and methodology is essential for the success of IPv6. Both NEMs and network operators rely on test tools to identify design flaws and interoperability issues. Ixia's expertise in testing has been a large contributor to the success of the IPv4 Internet, and Ixia's comprehensive test tools provide the power and flexibility to manage the transition to IPv6.

IPv6 Testing - Sample Test Plans

The test plans presented here illustrate how Ixia's solutions address the challenges of IPv6 testing.

1. IPv6 Conformance Test
2. IPv6/IPv4 Forwarding Performance Test
3. Tunneling Functional Test
4. Tunneling Performance Test
5. IPv6 Routing Performance and Scalability Test

1. IPv6 Conformance Test

Objective:Verify the DUT's compliance with the following features defined in various RFCs:

• IPv6 (RFC 2460)
• Transmission of IPv6 Packets over Ethernet Networks (RFC 2464)
• IPv6 over PPP (RFC 2474)
• ICMPv6 (RFC 2463)
• Stateless Address Autoconfiguration (RFC 2462)
• Path MTU Discovery (RFC 1981)
• Neighbor Discovery Protocol (RFC 2461)
• Multicast Listener Discovery (RFC 2710)
• Tunneling (RFC 2529, RFC 2893, and RFC 3056)

Additional test suites are available for legacy IPv4 and IPv6 routing. Both IPv6 and IPv4 should be tested in a dual stack implementation.


Figure 1. IPv6 conformance test setup.

Test setup:An IxANVL Linux workstation connects directly to the DUT, or via Ixia test hardware, with one or two test interfaces (see Figure 1). The Ixia test platform will emulate either hosts or routers in IPv6 and IPv4 mode, depending on the configuration of each test case.

Methodology: IxANVL runs a number of test cases against the DUT based on the direct interpretation of various IPv6 RFCs.

1. Configure each IxANVL network interface with the appropriate network parameters, including those of the DUT, such as IP address, MAC address, gateway, etc.
2. Specify configuration of the DUT, typically via command scripts such as Expect scripts. IxANVL is able to automatically execute the scripts to configure the DUT before, during, or after the test.
3. Select a set of test cases to run in IxANVL (see Figure 2).
4. Run IxANVL in a batch mode with the command scripts, reconfiguring the DUT as required between test cases to match the IxANVL test setup.

Result: Number of tests passed/failed, including reasons for failed cases (see Figure 3).


Figure 2. IxANVL conformance test cases.

Figure 3. IxANVL test results.


2. IPv6/IPv4 Forwarding Performance Test
Objective:Characterize the performance of the data plane in forwarding IPv6 and IPv4 traffic. IETF RFC2544 defines how to characterize data plane performance. Ixia has implemented the RFC2544 test in IxScriptMate. Four tests have been developed to support RFC2544:

• The back-to-back test determines how the DUT responds to different quantities of frames with the minimum gap allowed by the protocol specification.
• The frame loss test determines how the DUT responds to streams with different loading.
• The throughput test finds the highest rate at which the DUT can forward frames.
• The latency test reveals how much processing overhead the DUT requires to forward frames.

Figure 4. Packet forwarding performance test setup.

Test setup:A minimum of two Ixia ports will be used for this test, in conjunction with the IxScriptMate RFC2544 test (see Figure 4).

Methodology: This test will involve several test ports to match the DUT's port density. Ideally, the test should flood traffic to every input port of the DUT. A number of Ixia load modules will be connected to the DUT. Ixia's IxScriptMate is used to perform the RFC 2544 benchmark test.

1. Connect appropriate Ixia load modules with the DUT. Try to match the DUT's port density.
2. Run IxScriptMate on the client console. Select RFC2544 test.
3. Configure appropriate port and traffic parameters for each one of RFC2544 tests. Set the protocol type as IPv6 under Traffic Setup menu (see Figure 5).
4. Execute all four tests to characterize IPv6 performance.

Mixed traffic with IPv4: Testers can run another instance of IxScriptMate on the same console. The second IxScriptMate will run the same RFC2544 test with additional ports assigned to generate and measure IPv4 performance. Users can adjust the number of ports running IPv6 traffic (with the first instance of IxScriptMate), and the number of ports running IPv4 traffic (with the second instance of IxScriptMate). The goal is to generate a mixed IPv6 and IPv4 traffic to stress a dual-stack DUT.

Test Inputs:

• Packet length
• Offered load
• IPv6 and IPv4 mixed ratio

Results:

• Throughput
• Latency
• Packet loss

Figure 5. Configuring port and traffic parameters.


3. Tunneling Functional Test
Objective:Verify correct encapsulation and decapsulation between IPv6 and IPv4.


Figure 6. Tunneling functional test.

Test setup: Two Ixia ports will be connected to the DUT for this test - one to generate IPv6 traffic and a second one to monitor IPv6 over IPv4 tunnels (see Figure 6). The IxExplorer application will be used to generate and analyze IP packets. Various tunneling schemes will be exercised.

Methodology:

1. Configure the DUT to support the tunneling scheme under test.
2. Set up one Ixia port to generate IPv6 traffic with the properly configured IPv6 addresses to match the tunneling schemes supported by the DUT.
3. Set up the IPv6 traffic stream to include the proper data integrity signature.
4. Set up the receiving port to measure the tunnel traffic. Set up a capture buffer to analyze tunneled packets.

Test Inputs:

• Offered load
• Packet length
• Packet headers and payload
• Address range

Results: (Figure 7)

• Header and payload integrity check
• Packet loss
• Address translation - verify the IPv4 addresses

Figure 7. Tunneling functional test results.


4. Tunneling Performance Test
Objectives: Characterize the DUT's performance in encapsulating and decapsulating IPv6 tunneled traffic. IxScriptMate supports three tests for tunneling performance:

• The Tunnel Capacity Test finds how many frames the DUT loses with various numbers of tunnels.
• The Tunnel Frame Loss Test finds how many frames the DUT loses at various frame rates.
• The Tunnel Throughput Test searches for the maximum rate at which the DUT receives and forwards frames with no frame loss.

Figure 8. Tunneling performance test setup.

Test setup: A minimum of two Ixia ports will be used in this test, in conjunction with the IxScriptMate IPv6 Tunneling Test. It uses IPv6 tunnels with pairs of ports with one-to-one traffic mapping; one port transmits to one receive port. Users can specify multiple pairs of test ports to increase the loading. The transmit ports generate IPv6 packets and the receive ports expect IPv6 over IPv4 tunnel traffic. See Figure 8.

Methodology:

1. Configure the DUT to support the tunneling scheme under test. IxScriptMate currently supports manually configured tunnels, IPv4-Compatible tunnels, 6to4 tunnels, and ISATAP tunnels.
2. Set up the appropriate test parameters under IxScriptMate.
3. Repeat steps 1 and 2 for different tunneling schemes supported by the DUT.
4. Execute all three tests to characterize performance.

Test Inputs: (see Figure 9)

• Tunnel end points - IPv6 and IPv4 addresses
• Tunneling methods - Manually configured, IPv4-compatible, 6to4, and ISATAP
• The number of tunnels (required for tunnel capacity test)
• Maximum transmit rate
• Loss tolerance
• Frame sizes

Results: (see Figure 10)

• Frame loss
• Tunnel throughput
• Latency
• Packet integrity error
• Packet sequence error

Figure 9. Tunneling performance test parameters.


Figure 10. Tunneling performance test results.


5. IPv6 Routing Performance and Scalability Test
Objectives: Characterize the performance and the scalability of the IPv6 control plane. The IPv6 routing protocols, such as BGP4+, will be tested and characterized. The Ixia test tool emulates many peers/adjacencies and routes behind each test port; therefore, many complicated test scenarios can be done with only a few test ports. The typical tests in this category are:

• Forwarding Information Base
• Routing Scalability
• Route Convergence
• Routing Stability

Figure 11. Routing performance and scalability test.

Test setup: IxExplorer will be used to emulate multiple BGP peers and routes behind each physical port. A minimum of two Ixia test ports will be connected to the DUT for this test. Users can add more Ixia ports to match the DUT's capacity. See Figure 11.

Methodology:

1. Configure a number of IPv6 addresses that will be emulated by an Ixia port under the Protocol Interfaces folder.
2. Configure a number of BGP peers under the BGP protocol folder. The user can easily increase the number of peers in a spreadsheet setting.
3. Configure a number of routes for each BGP peer (Figure 12). Again, the user has complete control over how the routes will be set up, including the mandatory and optional BGP attributes for each route.
4. Start up the BGP emulation and observe all the routes that are registered and propagated by the DUT.
5. Set up automatic traffic streams to target all the advertised routes. Verify that the DUT can deliver traffic to the proper destination based on the emulated topologies.
6. Flap the emulated routes to simulate Internet instability (Figure 13).
7. Repeat the test procedure for OSPFv3, IS-ISv6 and RIPng.

Test Inputs: The size of the emulated topology can be adjusted to meet different test scenarios by varying:

• The number of emulated routers.
• The number of peers/adjacencies.
• The number of routes or LSA/LSP.
• The routes or links attributes.
• The duration and frequency of routes flapping.

Results: The key measurement goal is to determine the DUT's capability to forward traffic correctly under heavy loading and with dynamic fluctuation in the control plane. Typical measurements are:

• Packet loss
• Packet sequence error
• Misdirected packets

Figure 12. Ixia emulates multiple BGP peers with advertised routes.


Figure 13. Emulated routes can be flapped to simulate Internet instability.

Glossary

Care-Of-Address (COA)
A temporary IP address for a mobile device, the COA enables message delivery when the device is connecting from outside its home network. The care-of address identifies the device's current point of attachment to the Internet and makes it possible to connect from a different location without changing the device's permanent IP address: messages sent to the known permanent address are rerouted to the care-of address while the recipient can be reached there.

Classless Inter-Domain Routing (CIDR)
CIDR allocates and specifies the Internet addresses used in inter-domain routing more flexibly than was possible with the original system of IPv4 address classes. As a result, the number of available Internet addresses has been greatly increased.

Correspondent Node
A peer node with which a mobile node is communicating. The correspondent node may be either mobile or stationary.

Dynamic Host Configuration Protocol (DHCP)
A communications protocol. DHCP automates the assignment of IP addresses in an organization's network. DHCP lets a network administrator supervise and distribute IP addresses from a central point and automatically sends a new IP address when a computer is plugged into a different place in the network.

Exterior Gateway Protocol (EGP)
A protocol that distributes routing information to the routers that connect networks.

Foreign Agent (FA)
(In Mobile IP,) a router serving as a mobility agent for a mobile node. A foreign agent works in conjunction with another type of mobility agent known as a home agent to support Internet traffic forwarding for a device connecting to the Internet from outside its home network.

Generic Routing Encapsulation (GRE)
A protocol that allows one network protocol to be transmitted over another network protocol, by encapsulating the packets to be transmitted within GRE packets.

Intermediate System to Intermediate System (IS-ISv6)
An OSI/IP routing protocol, IS-ISv6 is the new version that supports IPv6 addressing. MPLS traffic engineering parameters can be distributed with IS-IS using extensions to the protocol (IS-IS-TE).

Internet Control Message Protocol v6 (ICMPv6)
An extension to IP that allows for the generation of error messages, test packets, and informational messages related to IP.

Internet Gateway Protocol (IGP)
Protocol that distributes routing information to the routers within a network. The term gateway is historical; router is currently the preferred term. Example IGPs are OSPF, IS-IS and RIP.

Intra-Site Automatic Tunnel Addressing Protocol (ISATAP)
An IPv6 transition mechanism, ISATAP allows IPv6-in- IPv4 tunnels to be created automatically within a site. To obtain address and routing information, each host queries an ISATAP router within the site.

Maximum Transfer Unit (MTU)
The largest size packet or frame that can be sent in a packet- or frame-based network such as the Internet. If the MTU size is too large, the packet may encounter a router that can't handle the packet, resulting in retransmission. Too small an MTU size means relatively more header overhead and more acknowledgements that have to be sent and handled.

Mobile Node
A node that can change its point of attachment from one link to another, while still being reachable via its home address.

Multi-Protocol Border Gateway Protocol Plus (MBGP+)
MBGP+ enhances BGP to support more types of advertised routes, including IPv6 routes.

Network Address Translation (NAT)
The translation of an Internet Protocol address used within one network to a different IP address known within another network. This allows duplicate IP addresses to be used within an organization and unique addresses outside.

Open Shortest Path First (OSPF)v3
A link-state routing protocol used by IP routers located within a single Autonomous System (AS) to determine routing paths. OSPFv3 is the version supports IPv6 addresses.

Routing Information Protocol next generation (RIPng)
An Internet routing protocol that uses hop count as a routing metric. RIP is the most common IGP used in the Internet. RIPng is the new version that supports IPv6 addresses.

Acknowledgements

Authors: Dean Lee, Elliott Stewart

[ back | top of page | back to white papers ]