unisys ClearPath Enterprise Servers TCP/IP Implementation and Operations Guide ClearPath MCP 16.0 April
|
|
- Barnard Davis
- 8 years ago
- Views:
Transcription
1 unisys ClearPath Enterprise Servers TCP/IP Implementation and Operations Guide ClearPath MCP 16.0 April
2 NO WARRANTIES OF ANY NATURE ARE EXTENDED BY THIS DOCUMENT. Any product or related information described herein is only furnished pursuant and subject to the terms and conditions of a duly executed agreement to purchase or lease equipment or to license software. The only warranties made by Unisys, if any, with respect to the products described in this document are set forth in such agreement. Unisys cannot accept any financial or other responsibility that may be the result of your use of the information in this document or software material, including direct, special, or consequential damages. You should be very careful to ensure that the use of this information and/or software material complies with the laws, rules, and regulations of the jurisdictions with respect to which it is used. The information contained herein is subject to change without notice. Revisions may be issued to advise of such changes and/or additions. Notice to U.S. Government End Users: This is commercial computer software or hardware documentation developed at private expense. Use, reproduction, or disclosure by the Government is subject to the terms of Unisys standard commercial license for the products, and where applicable, the restricted/limited rights provisions of the contract data rights clauses. Unisys and ClearPath are registered trademarks of Unisys Corporation in the United States and other countries. All other brands and products referenced in this document are acknowledged to be the trademarks or registered trademarks of their respective holders.
3 Contents Section 1. Overview Documentation Updates What s New? Notation Conventions Terminology Conventions TCP/IP Architecture Internet Protocol Version 6 (IPv6) MCP Networking and IPv Summary of IPv6 Features Migrating to IPv Key Differences Between IPv4 and IPv IPv6 Internet Standards (IETF RFCs) TCP/IP Distributed Systems Services Section 2. Overview of TCP/IP Routing TCP/IP Routing Commands IPv4 Addressing Understanding IPv4 Address Classes Classful Addressing Limitations Subnetting IPv6 Addressing IPv6 Address Representation IPv6 Address Type Identification Unicast Addresses Global Unicast Addresses IPv6 Address Prefix Representation IPv6 Alternative Representations of Addresses Variable-Length Subnet Masking (VLSM) Classless Interdomain Routing (CIDR) CIDR in IPv4 Networks CIDR in IPv6 Networks TCP/IP IPv4 Network TCP/IP IPv6 Network Routing Information Protocol Version 2 (RIPv2) IPv6 Neighbor Discovery Support for Multiple Routes to a Destination MCP Route States Alternate Routes Dead Gateway Detection (IPv4 Networks) Discovering Unreachable Neighbors (IPv6 Networks) iii
4 Contents Parallel Routes Special Topologies Multiple Assigned Default Routes Multiple Local IP Addresses Section 3. Configuring a TCP/IP Network Using the NAU Overview of the Implementation Process Applying NAU TCP/IP Profiles Using Default Attribute Values Traversing the NAU Screens Configuring a Sample TCP/IP Network What the Sample Network Contains Adding TCP/IP to an Existing Network Starting the NAU Configuring TCP/IP on an Application Host Defining the Network Interface as a TCP/IP Connection Identifying IP Addresses, Subnet Mask, and Router Discovery Attributes for ICPs Defining TCP/IP Network Parameters Specifying the Enterprise Server TCP/IP Internet Host Name and ICMP Report Display Parameters Updating LAN Lines and Connections to Include TCP/IP Optional Enhancements to the TCP/IP Configuration Defining Known Routes to TCP/IP Hosts Not Directly Connected to the LAN Defining Unknown (Default) Routes to TCP/IP Hosts Not Directly Connected to the LAN Defining the TCP/IP ARP Address List Mapping a TCP/IP Host Name to IP Addresses Configuring Dynamic Initiation of Specified Port Numbers Configuring Port Filtering Using the FILTERFRAMES Command Configuring TCP and UDP Port Event Monitoring Configuring Default Policies for Selecting Source and Destination IPv6 Addresses Configuring TCP/IP Timer Values Configuration Procedure Configuring TCP/IP Options Configuration Procedure Configuring TCP/IP Neighbor Address Parameters Configuration Procedure Editing the ICP LAN Line Connection and Specifying a Multicast Address List Auto-Configuring BNA-over-IP (BIP) Connections Adding an IPv6 BNA-over-IP (BIP) Neighbor Configuring FC3-IOP Networking Specifying VLANID Attribute Values iv
5 Contents Specifying the VLANID Attribute in TCPIP Commands Checking Network Consistency Consistency Errors and Solutions Generating Initialization Files Printing the Network Description Reports Ending an NAU Session Initializing the TCP/IP Network Section 4. Operating TCP/IP Software Initializing the TCP/IP Network U. S. Export Regulations Concerning IPv6 and IPsec Dual Mode Initialization IPv6 Initialization Modifying the Autoconfiguration Setting IP Security (IPsec) Initialization Initialization File Names SNMP Agent Initialization Initializing TCP/IP Terminating TCP/IP on the Enterprise Server Host Inquiring on the Status of TCP/IP Software Inquiring on the Status of IPsec TCPIP Status Command Examples Setting Timer Values Setting the Routing Information Timer Value Setting the LAN Resiliency Timer Value Configuring Multiple Routes and Default Routes Configuring Multiple Routes to a Remote Destination Configuring Default IP Routes Inquiring About Routing Problems Clearing the Routing Table Specifying Selection Criteria for Route Inquiries Inquiring on the Routing Information Protocol (RIP) Setting the Routing Information Protocol Authentication Type IPv6 Default Address Selection TCPIP Address Selection Policy Inquiring on the Route Used to Reach a Remote Node Modifying TCP/IP Components Online Identifying a Local TCP/IP Host to the Network Assigning IP Addresses to a Network Interface Assigning Multiple Local IP Addresses and Mask Pairs to a Network Interface Detecting a Duplicate IP Address on Your Network Reporting on Autoconfigured Interfaces Creating a Mapping Between a TCP/IP Host and One or More IP Addresses v
6 Contents Inquiring on One or More Host Names Reaching a Remote Host or Other Network Interface on the Same Logical Host Verifying That Packets Are Received by a Remote Host Filtering TCP/IP Traffic Filtering Frames Based on Port Numbers Enabling Dynamic Port Filtering Enabling Static Port Filtering Filtering Broadcast Traffic IPv6 Protocol Filtering Filtering RIP Frames Deleting TCP/IP Components Online Deleting an IP Route to a TCP/IP Host Deleting Default IP Routes Deleting a User-Specified Mapping (TCP/IP Host to IP Address) Deleting All Learned Mappings Deleting an Enterprise Server IP Address from the Network Deleting Local IP Address and Mask Pairs Enabling a Host to Use the Address Mask Protocol Using Router Discovery Enabling a Host to Use the Router Discovery Protocol Using Neighbor Discovery Specifying Neighbor Discovery Options Setting the IPADDRESSLIST Attribute Controlling TCP/IP End System Security Differentiating Rules for Inbound/Outbound Dialogs and for TCP/UDP Protocols Initialized Security Environment Determining the Current TCP/IP End System Security State Enabling or Disabling TCP/IP End System Security Loading a Rules File Changing to Another Rules File Reviewing Security Rule Violations Authorizing the Use of Well-Known TCPIP Ports Using TCP/IP Options Enabling and Disabling IP Security (IPsec) Enabling and Disabling SSH Enabling and Disabling SSL Configuring LAN Resiliency Inquiring on the LAN Resiliency Timer TCPIP LAN Resiliency Report Disabling Mapping of Learned Host Names and IP Addresses Enabling Use of RFC 1122 MTU Enabling the Windows Server to Force the MTU to Acknowledge Every Two MTUs Protecting TCP/IP Dialogs Against ICMP Attacks vi
7 Contents Setting Path MTU Verification Interval Enabling and Disabling Session Warnings Specifying Autoconfiguration for a Network Interface Obtaining an Autoconfigured IP Address Using the MAC Address Specifying ICMPv6 Error Report Values Specifying the Default Maximum Hop Limit for a Router Closing Sockets by Job Number Specifying and Inquiring on IP Multicast Frames Updating an Initialization File to Use Multicast Addresses Deriving Ethernet Multicast Addresses from Multicast IP Addresses Enabling Multicast Address Handling for IPv4 Addresses Only Preventing a Done Report From Being Sent Specifying the Unsolicited Report Options for Multicast Listener Discovery Specifying the Window Scale Factor Specifying the TCP Selective Acknowledgement Option Disabling and Enabling the Dynamic Initiation of Specified Port Numbers Disabling the Dynamic Initiation of an Application Enabling the Dynamic Initiation of an Application Inquiring on the Dynamic Initiation Status of an Application Monitoring TCP and UDP Port Events Implementing Time-Wait for TCP/IP on MCP Systems Section 5. Troubleshooting TCP/IP Installation and Configuration Problems Verifying That TCP/IP End System Security Is Operable Verifying that IP Security (IPsec) Is Operable Inquiring About the TCP/IP Environment Displaying Enterprise Server TCP/IP Reports Monitoring TCP/IP System Activity with TCPIP DEBUG Using the Trace Option of the TCPIP DEBUG Command Using the Dump Option of the TCPIP DEBUG Command Using the TCPIP DISPLAY, TCPIP DISPLAY INTERVAL, and TCPIP DISPLAY OPTIONS Commands Using the TCPIP DISPLAY TABLE Command Understanding the TCP/IP CONNECTION RESET Report Diagnostic Codes vii
8 Contents Section 6. Running OSI Applications over a TCP/IP Network Functional Overview Overview of the Implementation Process Initializing the OSI Software on the TCP/IP Host Identifying OSI Application Endpoints Associating OSI and TCP/IP Addresses Defining an NSAP Address Which Contains an Embedded IP Address Configuring OSI-TCP/IP Address Pairs Using the NAU to Configure OSI-TCP/IP Address Pairs Using the Operations Interface (OI) to Configure OSI-TCP/IP Address Pairs Checking the OSI-TCP/IP Pairings Using Network Inquiries Sample OSI Initialization Files Configuring a More Complex Network Operating OSI Applications Appendix A. TCP/IP Commands and Inquiries Appendix B. Initialization File for the Sample Network CNS Initialization File...B 1 TCP/IP Initialization File...B 3 Appendix C. Using the NAU in a Web Browser Preparing the Web Enabler for ClearPath MCP HTML Page...C 1 Using a Sample Page...C 2 Creating a Page with the Web Enabler Wizard...C 2 Running the NAU in Web Enabler for ClearPath MCP...C 3 Appendix D. TCP/IP Capabilities TCP/IP Capabilities - Network Services... D 2 TCP/IP Capabilities - Host Services... D 7 Appendix E. TCP/IP Port Numbers Index... 1 viii
9 Figures 2 1. Two-Level Addressing Hierarchy Classful IP Addresses Subnet Address Extended-Network-Prefix Subnet Masking Subnetted Topology Unicast Address with no Internal Structure Unicast Address with Subnet Prefix General Format for Global Unicast Address VLSM Topology CIDR Routing Advertisements IPv6 CIDR Routing Advertisements Mixed Classful and Classless IPv4 Topology IPv6 Classless Topology Alternate Route Topology Parallel Route Topology Parallel Routes Through the Same Subnet Parallel Routes Through Alternate Networks Weak-Model Multihoming Topology (IPv4 Only) Resilient Weak-Model Multihoming Topology (IPv4 Only) Multiple Default Routes Topology Multiple Parallel Default Route Topology Multiple Logical Networks Topology Sample TCP/IP Network WELCOME Screen APPLICATION HOST LIST Screen APPLICATION HOST MENU Screen APPLICATION HOST ATTRIBUTES Screen ICP ASSIGNMENTS Screen SHARED ADAPTERS ICP CONFIGURATION Screen SHARED ADAPTERS CONFIGURATION Screen TCP/IP CONFIGURATION MENU Screen TCP/IP IDENTITY ADDRESS LIST Screen TCP/IP NETWORK ADDRESS PARAMETERS Screen TCP/IP MULTIPLE IDENTITY ADDRESS LIST Screen TCP/IP APPLICATION HOST PARAMETERS Screen TCP/IP ICMP REPORT DISPLAY Screen TCP/IP CONFIGURATION MENU Screen TCP/IP ROUTE LIST Screen TCP/IP ROUTE LIST Screen TCP/IP DEFAULT ROUTE LIST Screen ix
10 Figures TCP/IP ARP ADDRESS LIST Screen TCP/IP HOST MAPPING LIST Screen TCP/IP MAPPING IP ADDRESS LIST Screen TCP/IP DYNAMICINIT COMMANDS Screen TCP/IP DISABLE TCP PORT SPECIFICATION Screen TCP/IP DISABLE UDP PORT SPECIFICATION Screen TCP/IP FILTERFRAMES COMMANDS Screen TCP/IP FILTERFRAMES ENABLE TCP PORTS Screen TCP/IP MONITOREVENTS COMMANDS Screen TCP/IP MONITOREVENTS PORT SPECIFICATION Screen TCP/IP ADDRESS SELECTION POLICY Screen TCP/IP OPTION Screen TCP/IP OPTION (2/2) Screen TCP/IP CONFIGURATION MENU Screen TCP/IP NETWORK ADDRESS PARAMETERS Screen LAN DEVICE LIST Screen LAN TCP/IP DEVICE ATTRIBUTES Screen TCP/IP MULTICAST ADDRESS LIST Screen NEIGHBOR PAIRED IP ADDRESS LIST Screen ICP ASSIGNMENTS Screen DIRECT ATTACH ADAPTER CONFIGURATION Screen DIRECT ATTACH LINE CONFIGURATION Screen CONSISTENCY CHECK MENU Screen GENERATE MENU Screen Sample TCP/IP Information Summary Report for Enterprise Server PRINT GENERATED NETWORK DESCRIPTION MENU Screen PRINT SELECT INFORMATION Screen Specifying IPADDRESSLIST Values TCP/IP End System Security Phases Sample TCP/IP Network Running OSI Applications Hierarchy of NAU Screens to Enable TCP/IP Hosts to Run OSI Applications OSI MENU Screen SYSTEM LIST Screen OSI SYSTEM MENU Screen NSAPA ASSIGNMENT LIST Screen NSAPA/IP ADDRESS PAIRING Screen OSI DESTINATION NETWORK ADDRESS PAIRS Screen OSI DESTINATION NETWORK ADDRESS PAIRS Screen LOCAL IP ADDRESS ASSIGNMENT Screen Sample OSI Network Address Pairing Summary Report Initialization File for OSI in ES Initialization File for the OSI Endpoints in ES NSAPA/IP ADDRESS PAIRING Screen B 1. B 2. CNS Initialization File...B 2 TCP/IP Initialization File...B 4 x
11 Tables 1 1. Key Differences Between IPv4 and IPv IPv6 RFCs IPv4 CIDR Supernet/Subnet Table TCP/IP ICMP REPORT DISPLAY Screen Field Summary TCP/IP Options (OPTION Screen 1/2) TCP/IP Options (OPTION Screen 2/2) NAU TCP/IP Consistency Checker Error Messages IPSEC Summary Response IPMASKCONFIG Attribute Values Trace Options Dump Options ICMP Message Options Message and Table Options Diagnostic Codes for TCP/IP CONNECTION RESET Report Correcting Consistency Errors Found When Enabling TCP/IP Hosts to Use OSI Applications OSI-TCP/IP Address Pair Inquiries A 1. TCP/IP Commands and Inquiries... A 1 D 1. Network Services Capabilities... D 2 D 2. Host Services Capabilities... D 7 E 1. TCP/IP Well Known Ports... E 1 E 2. TCP/IP Registered Ports... E xi
12 Tables xii
13 Section 1 Overview This guide describes the required software and hardware components of a TCP/IP network and provides procedures for configuring, operating, and troubleshooting TCP/IP software on ClearPath MCP servers. This guide is intended for the network administrator who installs and configures TCP/IP and also for system operators. This guide assumes you are familiar with the following: System operations CNS concepts and operations Network Administrative Utility (NAU) operations Documentation Updates This document contains all the information that was available at the time of publication. Changes identified after release of this document are included in problem list entry (PLE) To obtain a copy of the PLE, contact your Unisys representative or access the current PLE from the Unisys Product Support website: Note: If you are not logged into the Product Support site, you will be asked to do so
14 Overview What s New? The following table identifies new and revised information for this release. New or Revised Information Modified the examples for network interfaces. Removed "Domain Name Services (DNS)" and replaced it with "Domain Name System (DNS)". Removed the "IEA-IOP" interface and replaced it with "FC3-IOP". Removed the "CNP" interface and replaced it with "VNP" and "MAICP4". Modified the CIDR Network example for IPv6. Modified the value entered in the Total LAN/ATM LANE Lines field. Modified the TCP Window Scale Factor range. Removed "ClearPath Network Appliance (CNA)" and replaced it with VNP and "Network Services". Added a new RFC to the Secure Shell (SSH) feature. Added a new Mac Algorithm to the NW TCPIP STATUS SSH enabled/running command response. Added a new Versions Supported to the NW TCPIP STATUS SSL enabled/running command response. Added two new Ciphers Supported to the NW TCPIP STATUS SSL enabled/running command response. Added a new response to the NW TCPIP STATUS SSL command. Modified information regarding Telnet Station Names and Incoming Telnet Sessions. Modified information regarding port filtering and filtering RIP frames. Location Section 1, "Overview" Section 3, "Configuring a TCP/IP Network Using the NAU" Section 1, "Overview" Appendix D, "TCP/IP Capabilities" Section 1, "Overview" Section 3, "Configuring a TCP/IP Network Using the NAU" Section 4, "Operating TCP/IP Software" Appendix A, "TCP/IP Commands and Inquiries" Section 2, "Overview of TCP/IP Routing" Section 3, "Configuring a TCP/IP Network Using the NAU" Section 3, "Configuring a TCP/IP Network Using the NAU" Section 3, "Configuring a TCP/IP Network Using the NAU" Section 4, "Operating TCP/IP Software" Section 3, "Configuring a TCP/IP Network Using the NAU" Appendix D, "TCP/IP Capabilities" Section 4, "Operating TCP/IP Software" Section 4, "Operating TCP/IP Software" Section 4, "Operating TCP/IP Software" Section 4, "Operating TCP/IP Software" Section 4, "Operating TCP/IP Software" Section 4, "Operating TCP/IP Software"
15 Overview New or Revised Information Added a new subsection to Section 4, describing how to implement the Time-Wait feature on an MCP System. Modified the description for the IPDESTADDR <IP address> command. Added a new RFC to the Secure Sockets Layer (SSL) feature. Added port number 22/tcp to the Secure Shell (SSH) service port. Modified the 137/tcp and 138/tcp port numbers and port name/descriptions. Modified the description for port number 139/tcp. Added port number 445/tcp and port name/description. Modified the port name/description for port number 56288/tcp. Added port number 56298/tcp to the Locum RealTime Config (SSL based port). Location Section 4, "Operating TCP/IP Software" Section 5, "Troubleshooting TCP/IP Installation and Configuration Problems" Appendix D, "TCP/IP Capabilities" Appendix E, "TCP/IP Port Numbers" Appendix E, "TCP/IP Port Numbers" Appendix E, "TCP/IP Port Numbers" Appendix E, "TCP/IP Port Numbers" Appendix E, "TCP/IP Port Numbers" Appendix E, "TCP/IP Port Numbers"
16 Overview Notation Conventions The following conventions are used in this guide: In text, data that you enter at the keyboard appear in bold. In text, system responses appear indented. Optional data that you enter at the keyboard, or that might appear in a message, appears throughout this guide enclosed in square brackets; for example, [data]. For Operations Interface (OI) commands, this guide shows the full command name and often shows permitted command abbreviations in text or examples. For example, for the NW TCPIP [TCPIP]IDENTITY command, you can enter any of the following: NW TCPIP TCPIPIDENTITY NW TCPIP TCPIPID NW TCPIP ID Variables that you enter at the keyboard, and those that appear in messages or on NAU screens, appear throughout this guide enclosed in angle brackets; for example, <variable>. NAU screen names appear in uppercase letters. Terminology Conventions In this document, the term ClearPath MCP servers refers to ClearPath Libra Series, FS Series, CS Series, and LX7100 Enterprise Servers. Application host refers to a ClearPath MCP host. To simplify fully inclusive references, the term Windows is used throughout this guide to refer to supported versions of the Windows operating system. The term network interface means the interface that provides TCP/IP networking from an enterprise server to a local area network (LAN). Some examples of network interfaces include Network Services (Shared Adapters or MCP Adapters), and FC3- IOPs. The term EVLAN refers to an enhanced virtual LAN connection, a high performance network path for TCP/IP-based data transfers between the MCP and Windows servers of a ClearPath system. For more details on EVLAN, refer to the Network Services Implementation Guide
17 Overview TCP/IP Architecture Enterprise servers connected to a TCP/IP network provide a wide range of connectivity and interoperability. Using TCP/IP, you can link Unisys ClearPath MCP enterprise server systems with each other or with other vendors' systems. TCP/IP products provide the following: Support for dual IP layers, IPv4 and IPv6, enabling applications to operate over IPv4 and IPv6 simultaneously Flexible topologies over LANs and WANs LAN resiliency Integrated network management with the SNMP Agent Support of classless network topologies and route aggregation Support of multiple logical interfaces (local IP addresses) for a single network interface Multihoming of an enterprise server Network access control Support of sockets Secure sockets layer (SSL) implementation, which supports the SSL and TLS protocols Support for the RFC 1006 protocol standard (enables OSI communication over a TCP/IP network) TCP/IP distributed systems services (DSS), which are available to support your processing needs across a TCP/IP network Support for TCP/IP end system security, which enables the system administrator to monitor and control data traffic to and from networked MCP systems The system administrator can set up a security firewall by defining a set of Deny and Allow rules in an active rules file to specify which network traffic to allow or deny respectively. The TCP/IP security firewall has been enhanced to recognize IPv6 addresses. Support for IP Security (IPsec) which secures network data at the IP layer. IPsec over IPv6 networks is supported; IPsec over IPv4 is not supported. IPsec uses policies to define the security protection that is to be applied. Support for Secure Shell (SSH) for ClearPath MCP which secures data at the application layer. Secure File Transfer Protocol (SFTP) and a remote command utility (SSHCLIENT) are supported; SSH terminals are not supported
18 Overview Internet Protocol Version 6 (IPv6) IPv6 is supported by MCP networking. This section provides an overview of IPv6. IPv6 is the next generation of the Internet Protocol. It is intended to remedy the impending shortage of IP addresses caused by the rapid expansion of the Internet and the growth of devices that are "connected" such as cell phones, PDAs, and home appliances. IPv6 uses a 128-bit address field instead of the 32-bit addresses used by IPv4. As a result, IPv6 affects a large number of MCP products mainly those making use of IP addresses or facilitating the use of IP addresses for other products. The new IPv6 software architecture is based on the current MCP host-resident TCP/IP architecture implemented for IPv4. The IPv6 protocol stack coexists with the existing IPv4 host-resident TCP/IP protocol stack. This dual-stack IP architecture enables applications to operate over IPv4 and IPv6 simultaneously and provides the transition mechanism for migrating from IPv4 networks to IPv6 networks. This architecture also permits a ClearPath MCP host to participate in a mixed network topology of IPv4-only hosts, IPv6-only hosts, and hosts capable of supporting both IPv4 and IPv6. MCP Networking and IPv6 Many products, including Networking software and Network Administrative Utility (NAU), have been updated to support IPv6. Both these products require at least MCP 12.0 (53.1) irrespective of IPv4 or IPv6 functionality. Because IP Security (IPsec) is currently considered a mandatory component of IPv6, IPv6 is considered an encryption product and is restricted under U.S. federal export regulations. To use MCP IPv6 networking, you must order the IOE Encryption Option. The appropriate keys to enable IPv6 and IPsec are included as part of the Encryption Option package. MCP IPv4 networking remains available and orderable as in the past
19 Overview Summary of IPv6 Features This guide describes IPv6 features that affect TCP/IP in areas such as address configuration and resolution, route discovery, and security. Expanded Addressing Capabilities IPv6 increases the IP address size from 32 bits to 128 bits to support more levels of addressing hierarchy, a much greater number of addressable nodes, and simpler autoconfiguration of addresses. The scalability of multicast routing is improved by adding a scope field to multicast addresses. A new type of address called anycast address is defined and used to send a packet to any one of a group of nodes. See Section 2, Overview of TCP/IP Routing," for a detailed description of IPv6 addressing conventions. Header Format Simplification Some IPv4 header fields have been dropped or moved to optional extension headers to reduce the common-case processing cost of packet handling and to limit the added bandwidth cost of the IPv6 header (beyond the long addresses). Fragmentation and reassembly are limited to the source and destination nodes. Improved Support for Extensions and Options Optional Internet-layer information is encoded in separate headers, called extension headers, which can be placed between the IPv6 header and the upper-layer header in the packet. An IPv6 packet can carry zero, one, or more extension headers. Changes in the way IP header options are encoded allow for more efficient forwarding, less stringent limits on the length of options, and greater flexibility for introducing new options in the future. These headers increase and enhance the current capability of IP. For example, IPv6 has the ability to support datagrams (packets) larger than bytes, referred to as Jumbograms. This is accomplished through the use of the Jumbo Payload Hop-by-Hop option. IPv6 also provides greater network security through the use of the Authentication Headers (AH) and Encapsulating Security Payload (ESP) headers. IP Security IPv6 uses IP Security (IPsec) to enable the TCP/IP network provider to secure network traffic and communicate with other endpoints. IPsec provides security services by enabling a host to select required security protocols, determine the algorithms used for the service, and put in place any cryptographic keys required to provide the requested service. IPsec supports encrypted and authenticated datagrams through the use of ESP headers for the encryption and AH for the authentication
20 Overview IPsec and its policies are administered by Security Center. Status information can be retrieved using the following Operations Interface (OI) commands: NW TCPIP OPTION IPSEC Enables and disables IPsec. NW TCPIP STATUS IPSEC Displays detailed IPsec information. NW TCPIP DEBUG The dump type option of this command dumps all entries in all IPsec tables. The trace type option of this command traces within the IPsec module. For more information on the TCPIP OPTION and TCPIP STATUS commands, see Section 4, Operating TCP/IP Software. For more information on the TCPIP DEBUG command, see Section 5, Troubleshooting TCP/IP Installation and Configuration Problems. ICMPv6 Messages The IPv6 version of ICMP (ICMPv6) is supported and implemented by every IPv6 node. ICMPv6 messages are one of two types: error messages or informational messages. All ICMPv6 messages have three fields that are common to all messages (type, code, and checksum), and a variable-length field that varies based on the message type. ICMPv6 supports the following error and information types: Destination Unreachable Packet Too Big Time Exceeded Parameter Problem ICMPv6 supports the following new Multicast Listener Discovery (MLD) message types: Multicast Listener Query Multicast Listener Report Multicast Listener Done ICMPv6 supports the following new Neighbor Discovery message types: Router Solicitation Router Advertisement Neighbor Solicitation Neighbor Advertisement Redirect
21 Overview Automatic Stateless Address Configuration and Duplicate Address Detection To simplify host configuration, IPv6 supports automatic stateless address configuration. This enables hosts on a link to automatically configure themselves with IPv6 addresses for the link and with addresses derived from prefixes advertised by local routers. Even in the absence of a router, hosts on the same link can automatically configure themselves with link-local addresses and communicate without manual configuration. This feature allows an IPv6-enabled node to be added to a network and, without any configuration, be able to communicate with other destinations in the network. Before an address is permanently assigned to an interface, it is verified to ensure that it is not already in use by another interface on the link using duplicate address detection. For information on specifying automatic stateless address configuration and duplicate address detection, see Assigning IPv6 Addresses and Specifying Autoconfiguration for a Network Interface in Section 4, Operating TCP/IP Software. IPv6 Neighbor Discovery IPv6 discovers and records information about neighbor nodes on the local link. This enables nodes to determine which neighbors are reachable and to find routers that are able to forward packets for them. It is the primary means of discovering IPv6 routing information. Neighbor Discovery provides the following as part of the base protocol set: Router Discovery Address Resolution Neighbor Unreachability Detection Redirection These features are described in more detail in IPv6 Neighbor Discovery in Section 2, Overview of TCP/IP Routing and in Using Neighbor Discovery in Section 4, Operating TCP/IP Software. For information on using Neighbor Discovery, see Specifying Neighbor Discovery Options in Section 4, Operating TCP/IP Software. Multicast Listener Discovery V1 Multicast listener discovery allows IPv6 routers to discover nodes on its link that want to receive multicast packets and to discover which multicast addresses are of interest to its neighboring nodes. This information is used by IPv6 routers to deliver multicast information to the links on which there are listening nodes. To receive multicast input, an application must specify the multicast IP address for which it intends to receive multicast input, and the TCP/IP initialization file must be configured with the link-layer multicast address. To specify multicast listener discovery report intervals and retry limits, see Specifying the Unsolicited Report Options for Multicast Listener Discovery in Section 4, Operating TCP/IP Software
22 Overview Migrating to IPv6 In most cases, migrating hosts and networks in an enterprise to IPv6 is expected to be a gradual process. Compatibility with the existing IPv4 applications and hosts needs to be maintained during this transition period. It is also expected that Most or all remote hosts that are IPv6-capable are dual-stack. Edge routers (if not the complete network) are dual-stack in most cases, at least in the initial transition period. ClearPath MCP applications will be modified or newly written to be IPv6-capable as needed. These applications must be capable of operating on both IPv4 and IPv6 networks. Given the preceding conditions IPv6-capable MCP applications communicate with remote IPv4 hosts using the IPv4 layer, with IPv6 hosts using the IPv6 layer, and with dual-stack hosts using either the IPv4 or IPv6 layer with preference given to IPv6 for active opens. All existing unchanged MCP applications communicate with remote IPv4 hosts using the IPv4 layer. Existing unchanged applications that are not IP address-aware communicate with IPv6 hosts using the IPv6 layer, and with dual-stack hosts using either the IPv4 or IPv6 layer with preference given to IPv6 for active opens. Existing unchanged applications that are IP address-aware communicate with dualstack hosts using the IPv4 layer. If the remote host is IPv6-only, a network-based translation device can be used to facilitate the conversion between IPv4 and IPv6, transparently to hosts; the protocol used is NAT-PT. All applications using the MCP Sockets API and those using the user datagram protocol (UDP) need to be modified for IPv6. Applications using the Logical I/O and Co-op APIs over TCP connections are affected if one of the following is true: The applications need to be capable of connecting to remote hosts using explicit IP addresses. The applications handle (store, parse, generate, or display) IP addresses
23 Overview Key Differences Between IPv4 and IPv6 Table 1 1 describes the key differences between IPv4 and IPv6. Table 1 1. Key Differences Between IPv4 and IPv6 IPv4 Source and destination addresses are 32 bits (4 bytes) in length. IPsec support is optional. No identification of packet flow for quality of service (QoS) handling by routers is present within the IPv4 header. Fragmentation is done by both routers and the sending host. Header includes a checksum. Header includes options. Address Resolution Protocol (ARP) uses broadcast ARP Request frames to resolve an IPv4 address to a link-layer address. Internet Group Management Protocol (IGMP) is used to manage local subnet group memberships. ICMP Router Discovery is used to determine the IPv4 address of the best default gateway and is optional. Broadcast addresses are used to send traffic to all nodes on a subnet. Must be configured either manually or through DHCP. Uses host address (A) resource records in the Domain Name System (DNS) to map host names to IPv4 addresses. Uses pointer (PTR) resource records in the IN-ADDR.ARPA DNS domain to map IPv4 addresses to host names. Must support a 576-byte packet size (possibly fragmented). IPv6 Source and destination addresses are 128 bits (16 bytes) in length. IPsec support is required. Packet flow identification for QoS handling by routers is included in IPv6 header using the Flow Label field. Fragmentation is not done by routers, only by the sending host. Header does not include a checksum. All optional data is moved to IPv6 extension headers. ARP Request frames are replaced with Multicast Neighbor Solicitation messages. IGMP is replaced with Multicast Listener Discovery (MLD) messages. ICMP Router Discovery is replaced with ICMPv6 Router Solicitation and Router Advertisement messages and is required. There are no IPv6 broadcast addresses. Instead, a link-local scope-all-nodes multicast address is used. Does not require manual configuration or DHCP. Uses host address (AAAA) resource records in the Domain Name System (DNS) to map host names to IPv6 addresses. Uses pointer (PTR) resource records in the IP6.INT DNS domain to map IPv6 addresses to host names. Must support a 1280-byte packet size (without fragmentation)
24 Overview IPv6 Internet Standards (IETF RFCs) The following Request for Comments (RFC) identifies functions provided by IPv6 that are implemented for all supported levels of MCP Networking. Table 1 2. IPv6 RFCs RFC Number Title 2460 Internet Protocol Version 6 (IPv6) Specification 2461 Neighbor Discovery for IP Version 6 (IPv6) 2462 IPv6 Stateless Address Autoconfiguration 2464 Transmission of IPv6 Packets over Ethernet Networks 2710 Multicast Listener Discovery (MLD) for IPv Format for Literal IPv6 Addresses in URL s 3484 Default Address Selection for Internet Protocol Version 6 (IPv6) 3493 Basic Socket Interface Extensions for IPv DNS Extensions to Support IP Version Application Aspects of IPv6 Transition 4191 Default Router Preferences and More-Specific Routes 4213 Basic Transition Mechanisms for IPv6 Hosts and Routers 4291 IP Version 6 Addressing Architecture 4294 IPv6 Node Requirements 4301 Security Architecture for the Internet Protocol 4302 IP Authentication Header (AH) 4303 IP Encapsulating Security Payload (ESP) 4308 Cryptographic Suites for IPsec 4429 Optimistic Duplicate Address Detection (DAD) for IPv Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification 4835 Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH)
25 Overview TCP/IP Distributed Systems Services Unisys provides a variety of TCP/IP distributed systems services (DSS) for use on ClearPath MCP systems. TCP/IP DSS products include the following: FTP Services for ClearPath MCP This product provides file transfer capabilities with two client interfaces, one server interface, and an operator/administrator interface. The capability for securing the control and/or the data streams through the use of the SSL protocol (called FTPS) or the use of the SSH protocol (called SFTP) is available. Telnet Services This product provides station connection services from one remote host to another across a TCP/IP network. The capability for securing the Telnet session with SSL is available. TCP/IP Printing This product provides printing services between the Print System or the Remote Print System and remote hosts and network printers by means of a TCP/IP network. Domain Name System (DNS) This product provides addressing services on a TCP/IP network. Time Synchronization This product allows multiple computers in a network to perform transactions that are time sensitive. Different machines have the capability of operating on the same time reference. Remote SSH Command Utility This product allows commands to be executed at remote Unix systems via the SSH protocol. For more information on using TCP/IP DSS products, refer to the TCP/IP Distributed Systems Services Operations Guide
26 Overview
27 Section 2 Overview of TCP/IP Routing This section describes TCP/IP routing on ClearPath MCP servers. Beginning with MCP release 12.0, TCP/IP initializes in dual mode and can support both the IPv4 and IPv6 protocols running simultaneously on a ClearPath server. This section describes the basic routing concepts shared by IPv4 and IPv6 and explains the new features supported by IPv6 to enhance TCP/IP routing capabilities. This section provides the following: An overview of TCP/IP IPv4 and IPv6 routing commands IPv4 addressing and subnetting concepts IPv6 addressing concepts Conceptual material explaining variable-length subnet masking (VLSM) and classless interdomain routing (CIDR) and how these routing technologies are implemented by IPv4 and IPv6 Examples that illustrate various IPv4 and IPv6 routing topologies including the use of multiple routes to a common destination, multiple local IP addresses for a network interface, and multiple logical networks Notes: The IP addresses shown in the sample topologies in this section are for reference only. Do not use these addresses. If a routing feature is supported on both IPv4 and IPv6 networks, the sample topologies that illustrate the feature assume dual-mode operation and show support for both IPv4 and IPv6 running simultaneously. Therefore, both IPv4 addresses and IPv6 addresses are shown in the topologies, but these addresses cannot be intermixed. That is, a node with an IPv4 address cannot communicate with another node that has an IPv6 address
28 Overview of TCP/IP Routing TCP/IP Routing Commands The following commands support TCP/IP routing. See Section 4, Operating TCP/IP Software, for information on how to use these commands. NW TCPIP ROUTE command NW TCPIP [TCPIP]IDENTITY command NW TCPIP RIP command (IPv4 only) NW TCPIP RIP RIPAUTHENTICATION command (IPv4 only) NW TCPIP ROUTE Command The NW TCPIP ROUTE command configures networks reachable through known routers. It enables you to configure routes that are more flexible, support resilient network topologies, and support VLSM or CIDR addressing and routing. Specific routes to remote hosts, subnets, networks, and supernets can be manually configured using the ROUTE ADD form of this command by supplying a destination and a next-hop router through which the destination can be reached. For IPv4 networks, VLSM-addressed or CIDR-addressed routes can be configured by adding a destination with the optional mask or / (slash) notation followed by the networkprefix attribute. For IPv6 networks, the IPv6 address autoconfiguration feature defaults to disabled. You can use the NW TCPIP ROUTE command to configure an IPv6 address on an interface. This initializes the IPv6 networking stacks and appropriate data structures for that interface. IPv6 networks do not support the mask attribute and use the / notation followed by the network-prefix attribute. Destinations that are configured without the mask or / networkprefix attribute notation are treated as host-specific routes. The ROUTE ADD form of the command can also be used to configure default routes. A default route is a route that is taken in the absence of a specific route (dynamically learned or manually configured) to a destination. Default routes can be assigned to specific VLSM or CIDR address aggregations (subnet/network/supernet) using the optional mask attribute (supported by IPv4 only) or / network-prefix attribute (supported by IPv4 and IPv6), and are referred to as assigned default routes. Default routes that are configured without the mask or / route-prefix attribute are treated as system default routes. The ROUTE DELETE form of the ROUTE command enables you to manually delete specific static (manually configured) routes to remote hosts, subnets, networks, or supernets and default routes. Only inactive routes (those without open dialogs) can be deleted unless forced by using the optional "NOW" keyword
29 Overview of TCP/IP Routing NW TCPIP [TCPIP]IDENTITY Command The NW TCPIP [TCPIP]IDENTITY (TCPIP ID) command enables an IPv4 network administrator to configure and delete multiple local IP addresses or address and mask pairs for each network interface. This extends MCP TCP/IP multihoming capabilities to support multiple logical networks. With IPv4 networks, you can also use this command to set the RIP Authentication type for each network interface. For IPv6, the network administrator can use the NW TCPIP ID command to enable autoconfiguration and duplicate address detection. If autoconfiguration is enabled, IPv6 hosts are automatically configured when connected to a routed IPv6 network. This means that you can use the TCPIP ID command without specifying an IPv6 address. If autoconfiguration is not enabled, IPv6 addresses must be assigned manually for communication to occur within an IPv6 network. Both a link-local address and any routed unicast addresses in which the interface will participate must be manually specified. If a link-local address is missing on an interface that is configured for IPv6, then a waiting entry is generated. For example: 2422/ :03 TCPIP/WARNING/TASK/ACCEPT/211/1/0 ACCEPT:No IPv6 link local address for interface on Network processor 211 Line 1 VLAN 0. *** ENTER: 'AX OK', OR DS You can also specify the number of consecutive Neighbor Solicitation messages sent while performing duplicate address detection on a tentative address. This ensures that an address is not already in use by another interface before it is permanently assigned to an interface. NW TCPIP RIP and NW TCPIP RIP RIPAUTHENTICATION Commands The NW TCPIP RIP and NW TCPIP RIP RIPAUTHENTICATION (TCPIP RIP RIPAA) commands are supported only by IPv4. The NW TCPIP RIP command provides current Routing Information Protocol (RIP) status and configuration information. The NW TCPIP RIP RIPAA command sets the type of RIPv2 authentication that is in effect for a specified network processor and line. Network administrators can also inquire on the current authentication types set on each device and line configured on the system. IPv6 uses dynamic route discovery to perform the same functions as RIP in IPv4. Dynamic route discovery gathers information learned from router advertisements in order to build a list of routers to which packets can be sent. If autoconfiguration is enabled, local addresses are parsed and built from the prefixes in the router advertisements
30 Overview of TCP/IP Routing IPv4 Addressing An Internet Protocol (IP) address is assigned to every host that uses the TCP/IP IPv4 protocol. This address is 32 bits in length, consisting of four octets or bytes. In decimal form, it is commonly represented as four fields, separated by dots, where each field contains a value in the range of 0 to 255. For example: Each IP address consists of two parts as shown in Figure 2 1. The first part of the address is the network-number, which identifies the network on the Internet on which the host resides. The second part of the address is the host-number, which indicates a specific host within that network. Since the leading portion of an IP address provides the network-number, it is often referred to as the network-prefix. All hosts on any given network share the same network-prefix but must have a unique host-number. bit # 0 31 Network-Number/ Network-Prefix Host-Number 001 Figure 2 1. Two-Level Addressing Hierarchy Understanding IPv4 Address Classes In order to support networks of different sizes, address space is divided into different address classes, Class A, B, and C recognized as classful addressing. Addresses within each class are self-identifying because the boundary between the network-prefix and the host-number is fixed depending on the class to which they belong. Given any classful IP address, its class can be determined from a self-encoding key at the beginning of the network-prefix as shown in Figure
31 Overview of TCP/IP Routing Class A bit # Network-Prefix Host-Number Class B bit # Network-Prefix Host-Number Class C bit # Network-Prefix Host-Number 002 Figure 2 2. Classful IP Addresses Class A (addresses that start with 1 126; 8-bit network prefix) Class A is reserved for 126 large public networks and very large corporate networks. All of these network numbers have already been assigned. Each Class A network can contain almost 17 million (2 24-2) hosts. Example: (for host on network number ). Class B (addresses that start with ; 16-bit network prefix) Class B can support 16,384 networks and is used by government agencies and very large corporations. Most of the 16,382 possible Class B addresses have already been assigned. Each Class B network can contain up to 65,534 (2 16-2) hosts. Example: (host 5.1 on network number ). Class C (addresses that start with ; 24-bit network prefix) Class C is intended for most users around the world. There are several million possible Class C networks. Each Class C network can contain up to 254 (2 8-2) hosts. Example: (host 1 on network number ). Class D (addresses that start with ) Hosts can use Class D addresses to multicast messages to a specific group of nodes. Class E (addresses that start with ) Class E is reserved for future use
IPv6 Fundamentals: A Straightforward Approach
IPv6 Fundamentals: A Straightforward Approach to Understanding IPv6 Rick Graziani Cisco Press 800 East 96th Street Indianapolis, IN 46240 IPv6 Fundamentals Contents Introduction xvi Part I: Background
More informationGuide to Network Defense and Countermeasures Third Edition. Chapter 2 TCP/IP
Guide to Network Defense and Countermeasures Third Edition Chapter 2 TCP/IP Objectives Explain the fundamentals of TCP/IP networking Describe IPv4 packet structure and explain packet fragmentation Describe
More informationIP Addressing A Simplified Tutorial
Application Note IP Addressing A Simplified Tutorial July 2002 COMPAS ID 92962 Avaya Labs 1 All information in this document is subject to change without notice. Although the information is believed to
More informationIntroduction to IP v6
IP v 1-3: defined and replaced Introduction to IP v6 IP v4 - current version; 20 years old IP v5 - streams protocol IP v6 - replacement for IP v4 During developments it was called IPng - Next Generation
More information8.2 The Internet Protocol
TCP/IP Protocol Suite HTTP SMTP DNS RTP Distributed applications Reliable stream service TCP UDP User datagram service Best-effort connectionless packet transfer Network Interface 1 IP Network Interface
More informationCourse Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.
Course Name: TCP/IP Networking Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network. TCP/IP is the globally accepted group of protocols
More informationIPv6 Trace Analysis using Wireshark Nalini Elkins, CEO Inside Products, Inc. Nalini.elkins@insidethestack.com
1 IPv6 Trace Analysis using Wireshark Nalini Elkins, CEO Inside Products, Inc. Nalini.elkins@insidethestack.com Agenda What has not changed between IPv4 and IPv6 traces What has changed between IPv4 and
More information1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet
Review questions 1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet C Media access method D Packages 2 To which TCP/IP architecture layer
More informationFirewalls und IPv6 worauf Sie achten müssen!
Firewalls und IPv6 worauf Sie achten müssen! Pascal Raemy CTO Asecus AG pascal.raemy@asecus.ch Asecus AG Asecus AG Security (Firewall, Web-Gateway, Mail-Gateway) Application Delivery (F5 Neworks with BIGIP)
More informationERserver. iseries. Networking TCP/IP setup
ERserver iseries Networking TCP/IP setup ERserver iseries Networking TCP/IP setup Copyright International Business Machines Corporation 1998, 2002. All rights reserved. US Government Users Restricted
More informationInterconnecting Cisco Network Devices 1 Course, Class Outline
www.etidaho.com (208) 327-0768 Interconnecting Cisco Network Devices 1 Course, Class Outline 5 Days Interconnecting Cisco Networking Devices, Part 1 (ICND1) v2.0 is a five-day, instructorled training course
More information100-101: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)
100-101: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1) Course Overview This course provides students with the knowledge and skills to implement and support a small switched and routed network.
More informationLecture Computer Networks
Prof. Dr. H. P. Großmann mit M. Rabel sowie H. Hutschenreiter und T. Nau Sommersemester 2012 Institut für Organisation und Management von Informationssystemen Thomas Nau, kiz Lecture Computer Networks
More informationIPv6 Fundamentals Ch t ap 1 er I : ntroducti ti t on I o P IPv6 Copyright Cisco Academy Yannis Xydas
IPv6 Fundamentals Chapter 1: Introduction ti to IPv6 Copyright Cisco Academy Yannis Xydas The Network Today The Internet of today is much different that it was 30, 15 or 5 years ago. 2 Technology Tomorrow
More information"Charting the Course...
Description "Charting the Course... Course Summary Interconnecting Cisco Networking Devices: Accelerated (CCNAX), is a course consisting of ICND1 and ICND2 content in its entirety, but with the content
More informationNetwork-Oriented Software Development. Course: CSc4360/CSc6360 Instructor: Dr. Beyah Sessions: M-W, 3:00 4:40pm Lecture 2
Network-Oriented Software Development Course: CSc4360/CSc6360 Instructor: Dr. Beyah Sessions: M-W, 3:00 4:40pm Lecture 2 Topics Layering TCP/IP Layering Internet addresses and port numbers Encapsulation
More informationTransport and Network Layer
Transport and Network Layer 1 Introduction Responsible for moving messages from end-to-end in a network Closely tied together TCP/IP: most commonly used protocol o Used in Internet o Compatible with a
More information19531 - Telematics. 9th Tutorial - IP Model, IPv6, Routing
19531 - Telematics 9th Tutorial - IP Model, IPv6, Routing Bastian Blywis Department of Mathematics and Computer Science Institute of Computer Science 06. January, 2011 Institute of Computer Science Telematics
More informationChapter 9. IP Secure
Chapter 9 IP Secure 1 Network architecture is usually explained as a stack of different layers. Figure 1 explains the OSI (Open System Interconnect) model stack and IP (Internet Protocol) model stack.
More informationChapter 3 Configuring Basic IPv6 Connectivity
Chapter 3 Configuring Basic IPv6 Connectivity This chapter explains how to get a ProCurve Routing Switch that supports IPv6 up and running. To configure basic IPv6 connectivity, you must do the following:
More informationPacket Capture. Document Scope. SonicOS Enhanced Packet Capture
Packet Capture Document Scope This solutions document describes how to configure and use the packet capture feature in SonicOS Enhanced. This document contains the following sections: Feature Overview
More informationProCurve Networking IPv6 The Next Generation of Networking
ProCurve Networking The Next Generation of Networking Introduction... 2 Benefits from... 2 The Protocol... 3 Technology Features and Benefits... 4 Larger number of addresses... 4 End-to-end connectivity...
More informationWindows 7 Resource Kit
Windows 7 Resource Kit Mitch Tulloch, Tony Northrup, and Jerry Honeycutt To learn more about this book, visit Microsoft Learning at http://www.microsoft.com/mspress/books/ 9780735627000 2009 Microsoft
More informationIP address format: Dotted decimal notation: 10000000 00001011 00000011 00011111 128.11.3.31
IP address format: 7 24 Class A 0 Network ID Host ID 14 16 Class B 1 0 Network ID Host ID 21 8 Class C 1 1 0 Network ID Host ID 28 Class D 1 1 1 0 Multicast Address Dotted decimal notation: 10000000 00001011
More informationRaritan Valley Community College Academic Course Outline. CISY 253 - Advanced Computer Networking
Raritan Valley Community College Academic Course Outline CISY 253 - Advanced Computer Networking I. Basic Course Information A. Course number and Title: CISY 253- Advanced Computer Networking (TCP/IP)
More information- IPv4 Addressing and Subnetting -
1 Hardware Addressing - IPv4 Addressing and Subnetting - A hardware address is used to uniquely identify a host within a local network. Hardware addressing is a function of the Data-Link layer of the OSI
More informationInterconnecting Cisco Networking Devices Part 2
Interconnecting Cisco Networking Devices Part 2 Course Number: ICND2 Length: 5 Day(s) Certification Exam This course will help you prepare for the following exam: 640 816: ICND2 Course Overview This course
More informationEfficient Addressing. Outline. Addressing Subnetting Supernetting CS 640 1
Efficient Addressing Outline Addressing Subnetting Supernetting CS 640 1 IPV4 Global Addresses Properties IPv4 uses 32 bit address space globally unique hierarchical: network + host 7 24 Dot Notation 10.3.2.4
More informationIndustry Automation White Paper Januar 2013 IPv6 in automation technology
Table of contents: 1 Why another White Paper IPv6?... 3 2 IPv6 for automation technology... 3 3 Basics of IPv6... 3 3.1 Turning point/initial situation... 3 3.2 Standardization... 4 3.2.1 IPv6 address
More informationEthernet. Ethernet. Network Devices
Ethernet Babak Kia Adjunct Professor Boston University College of Engineering ENG SC757 - Advanced Microprocessor Design Ethernet Ethernet is a term used to refer to a diverse set of frame based networking
More information640-816: Interconnecting Cisco Networking Devices Part 2 v1.1
640-816: Interconnecting Cisco Networking Devices Part 2 v1.1 Course Introduction Course Introduction Chapter 01 - Small Network Implementation Introducing the Review Lab Cisco IOS User Interface Functions
More informationChapter 12 Supporting Network Address Translation (NAT)
[Previous] [Next] Chapter 12 Supporting Network Address Translation (NAT) About This Chapter Network address translation (NAT) is a protocol that allows a network with private addresses to access information
More informationReview: Lecture 1 - Internet History
Review: Lecture 1 - Internet History late 60's ARPANET, NCP 1977 first internet 1980's The Internet collection of networks communicating using the TCP/IP protocols 1 Review: Lecture 1 - Administration
More informationInternetworking and IP Address
Lecture 8 Internetworking and IP Address Motivation of Internetworking Internet Architecture and Router Internet TCP/IP Reference Model and Protocols IP Addresses - Binary and Dotted Decimal IP Address
More informationAbout the Technical Reviewers
About the Author p. xiii About the Technical Reviewers p. xv Acknowledgments p. xvii Introduction p. xix IPv6 p. 1 IPv6-Why? p. 1 IPv6 Benefits p. 2 More Address Space p. 2 Innovation p. 3 Stateless Autoconfiguration
More informationIPv4 and IPv6 Integration. Formation IPv6 Workshop Location, Date
IPv4 and IPv6 Integration Formation IPv6 Workshop Location, Date Agenda Introduction Approaches to deploying IPv6 Standalone (IPv6-only) or alongside IPv4 Phased deployment plans Considerations for IPv4
More informationTechnical Support Information Belkin internal use only
The fundamentals of TCP/IP networking TCP/IP (Transmission Control Protocol / Internet Protocols) is a set of networking protocols that is used for communication on the Internet and on many other networks.
More informationInternetworking Microsoft TCP/IP on Microsoft Windows NT 4.0
Internetworking Microsoft TCP/IP on Microsoft Windows NT 4.0 Course length: 5 Days Course No. 688 - Five days - Instructor-led Introduction This course provides students with the knowledge and skills required
More informationHow To Learn Cisco Cisco Ios And Cisco Vlan
Interconnecting Cisco Networking Devices: Accelerated Course CCNAX v2.0; 5 Days, Instructor-led Course Description Interconnecting Cisco Networking Devices: Accelerated (CCNAX) v2.0 is a 60-hour instructor-led
More informationINTERCONNECTING CISCO NETWORK DEVICES PART 1 V2.0 (ICND 1)
INTERCONNECTING CISCO NETWORK DEVICES PART 1 V2.0 (ICND 1) COURSE OVERVIEW: Interconnecting Cisco Networking Devices, Part 1 (ICND1) v2.0 is a five-day, instructor-led training course that teaches learners
More informationITL BULLETIN FOR JANUARY 2011
ITL BULLETIN FOR JANUARY 2011 INTERNET PROTOCOL VERSION 6 (IPv6): NIST GUIDELINES HELP ORGANIZATIONS MANAGE THE SECURE DEPLOYMENT OF THE NEW NETWORK PROTOCOL Shirley Radack, Editor Computer Security Division
More informationIPv6 SECURITY. May 2011. The Government of the Hong Kong Special Administrative Region
IPv6 SECURITY May 2011 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the express
More informations@lm@n CompTIA Exam N10-006 CompTIA Network+ certification Version: 5.1 [ Total Questions: 1146 ]
s@lm@n CompTIA Exam N10-006 CompTIA Network+ certification Version: 5.1 [ Total Questions: 1146 ] Topic break down Topic No. of Questions Topic 1: Network Architecture 183 Topic 2: Network Operations 149
More information2. IP Networks, IP Hosts and IP Ports
1. Introduction to IP... 1 2. IP Networks, IP Hosts and IP Ports... 1 3. IP Packet Structure... 2 4. IP Address Structure... 2 Network Portion... 2 Host Portion... 3 Global vs. Private IP Addresses...3
More informationNetworking. Systems Design and. Development. CRC Press. Taylor & Francis Croup. Boca Raton London New York. CRC Press is an imprint of the
Networking Systems Design and Development Lee Chao CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an Informa business AN AUERBACH BOOK
More informationChapter 3 LAN Configuration
Chapter 3 LAN Configuration This chapter describes how to configure the advanced LAN features of your ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN. This chapter contains the following sections
More informationCCT vs. CCENT Skill Set Comparison
Operation of IP Data Networks Recognize the purpose and functions of various network devices such as Routers, Switches, Bridges and Hubs Select the components required to meet a given network specification
More informationIPv6 Fundamentals, Design, and Deployment
IPv6 Fundamentals, Design, and Deployment Course IP6FD v3.0; 5 Days, Instructor-led Course Description The IPv6 Fundamentals, Design, and Deployment (IP6FD) v3.0 course is an instructor-led course that
More informationPacket Monitor in SonicOS 5.8
Packet Monitor in SonicOS 5.8 Document Contents This document contains the following sections: Packet Monitor Overview on page 1 Configuring Packet Monitor on page 5 Using Packet Monitor and Packet Mirror
More informationIPv6 in Axis Video Products
TECHNICAL NOTE REFERENCE DOCUMENT IPv6 in Axis Video Products Created: 2006-01-31 Last updated: 2006-05-29 TABLE OF CONTENTS DOCUMENT HISTORY... 2 1 IPV6 IN GENERAL... 3 1.1 The IPv6 address... 3 1.1.1
More informationTechnology Brief IPv6 White Paper.
Technology Brief White Paper. Page 1 of 37 Table of Contents 1 Overview... 3 1.1 Background... 3 1.2 Advantages of... 5 2 Packet... 9 2.1 Basic Header... 9 2.1.1 Extension Headers... 11 2.1.2 ICMP Packet...
More informationChapter 13 Internet Protocol (IP)
Chapter 13 Internet Protocol (IP) Introduction... 13-5 IP Packets... 13-5 Addressing... 13-7 Subnets... 13-8 Assigning an IP Address... 13-9 Multihoming... 13-11 Local Interfaces... 13-11 Address Resolution
More informationRARP: Reverse Address Resolution Protocol
SFWR 4C03: Computer Networks and Computer Security January 19-22 2004 Lecturer: Kartik Krishnan Lectures 7-9 RARP: Reverse Address Resolution Protocol When a system with a local disk is bootstrapped it
More informationNetworking Technology Online Course Outline
Networking Technology Online Course Outline Introduction Networking Technology Introduction Welcome to InfoComm University About InfoComm International About Networking Technology Network Technology Course
More informationHow To Understand and Configure Your Network for IntraVUE
How To Understand and Configure Your Network for IntraVUE Summary This document attempts to standardize the methods used to configure Intrauve in situations where there is little or no understanding of
More informationAddress Resolution Protocol (ARP), Reverse ARP, Internet Protocol (IP)
Tik-110.350 Computer Networks (3 cr) Spring 2000 Address Resolution Protocol (ARP), Reverse ARP, Internet Protocol (IP) Professor Arto Karila Helsinki University of Technology E-mail: Arto.Karila@hut.fi
More informationSSVVP SIP School VVoIP Professional Certification
SSVVP SIP School VVoIP Professional Certification Exam Objectives The SSVVP exam is designed to test your skills and knowledge on the basics of Networking, Voice over IP and Video over IP. Everything that
More informationProcedure: You can find the problem sheet on Drive D: of the lab PCs. 1. IP address for this host computer 2. Subnet mask 3. Default gateway address
Objectives University of Jordan Faculty of Engineering & Technology Computer Engineering Department Computer Networks Laboratory 907528 Lab.4 Basic Network Operation and Troubleshooting 1. To become familiar
More informationIPv6 Hardening Guide for Windows Servers
IPv6 Hardening Guide for Windows Servers How to Securely Configure Windows Servers to Prevent IPv6-related Attacks Version: 1.0 Date: 22/12/2014 Classification: Public Author(s): Antonios Atlasis TABLE
More informationIP Addressing and Subnetting. 2002, Cisco Systems, Inc. All rights reserved.
IP Addressing and Subnetting 2002, Cisco Systems, Inc. All rights reserved. 1 Objectives Upon completion, you will be able to: Discuss the Types of Network Addressing Explain the Form of an IP Address
More informationunisys ClearPath Enterprise Servers Network Services Implementation Guide ClearPath MCP 15.0 April 2013 4198 6670 029
unisys ClearPath Enterprise Servers Network Services Implementation Guide ClearPath MCP 15.0 April 2013 4198 6670 029 NO WARRANTIES OF ANY NATURE ARE EXTENDED BY THIS DOCUMENT. Any product or related information
More informationModule 2: Assigning IP Addresses in a Multiple Subnet Network
Module 2: Assigning IP Addresses in a Multiple Subnet Network Contents Overview 1 Lesson: Assigning IP Addresses 2 Lesson: Creating a Subnet 19 Lesson: Using IP Routing Tables 29 Lesson: Overcoming Limitations
More informationSubnetting,Supernetting, VLSM & CIDR
Subnetting,Supernetting, VLSM & CIDR WHAT - IP Address Unique 32 or 128 bit Binary, used to identify a system on a Network or Internet. Network Portion Host Portion CLASSFULL ADDRESSING IP address space
More informationGuideline for setting up a functional VPN
Guideline for setting up a functional VPN Why do I want a VPN? VPN by definition creates a private, trusted network across an untrusted medium. It allows you to connect offices and people from around the
More informationIPv6 Diagnostic and Troubleshooting
8 IPv6 Diagnostic and Troubleshooting Contents Introduction.................................................. 8-2 ICMP Rate-Limiting........................................... 8-2 Ping for IPv6 (Ping6)..........................................
More informationNetworking 4 Voice and Video over IP (VVoIP)
Networking 4 Voice and Video over IP (VVoIP) Course Objectives This course will give delegates a good understanding of LANs, WANs and VVoIP (Voice and Video over IP). It is aimed at those who want to move
More informationInternet Protocol Version 6 (IPv6)
Internet Protocol Version 6 (IPv6) Raj Jain Washington University Saint Louis, MO 63131 Jain@cse.wustl.edu These slides are available on-line at: http://www.cse.wustl.edu/~jain/cse473-05/ 14-1 Overview
More informationIP Networking. Overview. Networks Impact Daily Life. IP Networking - Part 1. How Networks Impact Daily Life. How Networks Impact Daily Life
Overview Dipl.-Ing. Peter Schrotter Institute of Communication Networks and Satellite Communications Graz University of Technology, Austria Fundamentals of Communicating over the Network Application Layer
More informationInterconnection of Heterogeneous Networks. Internetworking. Service model. Addressing Address mapping Automatic host configuration
Interconnection of Heterogeneous Networks Internetworking Service model Addressing Address mapping Automatic host configuration Wireless LAN network@home outer Ethernet PPS Internet-Praktikum Internetworking
More informationIP - The Internet Protocol
Orientation IP - The Internet Protocol IP (Internet Protocol) is a Network Layer Protocol. IP s current version is Version 4 (IPv4). It is specified in RFC 891. TCP UDP Transport Layer ICMP IP IGMP Network
More informationTCP/IP Fundamentals. OSI Seven Layer Model & Seminar Outline
OSI Seven Layer Model & Seminar Outline TCP/IP Fundamentals This seminar will present TCP/IP communications starting from Layer 2 up to Layer 4 (TCP/IP applications cover Layers 5-7) IP Addresses Data
More informationInternet Protocol: IP packet headers. vendredi 18 octobre 13
Internet Protocol: IP packet headers 1 IPv4 header V L TOS Total Length Identification F Frag TTL Proto Checksum Options Source address Destination address Data (payload) Padding V: Version (IPv4 ; IPv6)
More informationAS/400e. TCP/IP routing and workload balancing
AS/400e TCP/IP routing and workload balancing AS/400e TCP/IP routing and workload balancing Copyright International Business Machines Corporation 2000. All rights reserved. US Government Users Restricted
More informationStep-by-Step Guide for Setting Up IPv6 in a Test Lab
Step-by-Step Guide for Setting Up IPv6 in a Test Lab Microsoft Corporation Published: July, 2006 Author: Microsoft Corporation Abstract This guide describes how to configure Internet Protocol version 6
More informationWHITE PAPER. Understanding IP Addressing: Everything You Ever Wanted To Know
WHITE PAPER Understanding IP Addressing: Everything You Ever Wanted To Know Understanding IP Addressing: Everything You Ever Wanted To Know CONTENTS Internet Scaling Problems 1 Classful IP Addressing 3
More informationInternet Addresses (You should read Chapter 4 in Forouzan)
Internet Addresses (You should read Chapter 4 in Forouzan) IP Address is 32 Bits Long Conceptually the address is the pair (NETID, HOSTID) Addresses are assigned by the internet company for assignment
More informationIETF IPv6 Request for Comments (RFCs) Updated 2008-12-01
IETF IPv6 Request for Comments (RFCs) Updated 2008-12-01 RFC Title 5380 Hierarchical Mobile IPv6 (HMIPv6) Mobility Management 5350 IANA Considerations for the IPv4 and IPv6 Router Alert Options 5340 OSPF
More informationTypes of IPv4 addresses in Internet
Types of IPv4 addresses in Internet PA (Provider Aggregatable): Blocks of addresses that may be sub-assigned to other ISPs or to other companies that also may leased the addresses to their customers May
More informationNeighbour Discovery in IPv6
Neighbour Discovery in IPv6 Andrew Hines Topic No: 17 Email: hines@zitmail.uni-paderborn.de Organiser: Christian Schindelhauer University of Paderborn Immatriculation No: 6225220 August 4, 2004 1 Abstract
More informationCisco Certified Network Associate Exam. Operation of IP Data Networks. LAN Switching Technologies. IP addressing (IPv4 / IPv6)
Cisco Certified Network Associate Exam Exam Number 200-120 CCNA Associated Certifications CCNA Routing and Switching Operation of IP Data Networks Operation of IP Data Networks Recognize the purpose and
More informationSSVP SIP School VoIP Professional Certification
SSVP SIP School VoIP Professional Certification Exam Objectives The SSVP exam is designed to test your skills and knowledge on the basics of Networking and Voice over IP. Everything that you need to cover
More informationChapter 3: Review of Important Networking Concepts. Magda El Zarki Dept. of CS UC Irvine elzarki@uci.edu http://www.ics.uci.
Chapter 3: Review of Important Networking Concepts Magda El Zarki Dept. of CS UC Irvine elzarki@uci.edu http://www.ics.uci.edu/~magda 1 Networking Concepts Protocol Architecture Protocol Layers Encapsulation
More informationJoe Davies. Principal Writer Windows Server Information Experience. Presented at: Seattle Windows Networking User Group June 1, 2011
Joe Davies Principal Writer Windows Server Information Experience Presented at: Seattle Windows Networking User Group June 1, 2011 2011 Microsoft Corporation IPv6 addressing and DNS review IPv6 subnetting
More informationInternetworking and Internet-1. Global Addresses
Internetworking and Internet Global Addresses IP servcie model has two parts Datagram (connectionless) packet delivery model Global addressing scheme awaytoidentifyall H in the internetwork Properties
More informationInternet Protocols Fall 2005. Lectures 7-8 Andreas Terzis
Internet Protocols Fall 2005 Lectures 7-8 Andreas Terzis Outline Internet Protocol Service Model Fragmentation Addressing Original addressing scheme Subnetting CIDR Forwarding ICMP ARP Address Shortage
More informationCloudEngine Series Switches. IPv6 Technical White Paper. Issue 01 Date 2014-02-19 HUAWEI TECHNOLOGIES CO., LTD.
Issue 01 Date 2014-02-19 HUAWEI TECHNOLOGIES CO., LTD. 2014. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of
More informationA host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.
A firewall is a software- or hardware-based network security system that allows or denies network traffic according to a set of rules. Firewalls can be categorized by their location on the network: A network-based
More informationUIP1868P User Interface Guide
UIP1868P User Interface Guide (Firmware version 0.13.4 and later) V1.1 Monday, July 8, 2005 Table of Contents Opening the UIP1868P's Configuration Utility... 3 Connecting to Your Broadband Modem... 4 Setting
More informationDedication Preface 1. The Age of IPv6 1.1 INTRODUCTION 1.2 PROTOCOL STACK 1.3 CONCLUSIONS 2. Protocol Architecture 2.1 INTRODUCTION 2.
Dedication Preface 1. The Age of IPv6 1.1 INTRODUCTION 1.2 PROTOCOL STACK 1.3 CONCLUSIONS 2. Protocol Architecture 2.1 INTRODUCTION 2.2 COMPARISONS OF IP HEADER FORMATS 2.3 EXTENSION HEADERS 2.3.1 Options
More informationIPv6 Associated Protocols
IPv6 Associated Protocols 1 New Protocols (1) New features are specified in IPv6 Protocol -RFC 2460 DS Neighbor Discovery (NDP) -RFC 4861 DS Auto-configuration : Stateless Address Auto-configuration -RFC
More informationTomás P. de Miguel DIT-UPM. dit UPM
Tomás P. de Miguel DIT- 15 12 Internet Mobile Market Phone.com 15 12 in Millions 9 6 3 9 6 3 0 1996 1997 1998 1999 2000 2001 0 Wireless Internet E-mail subscribers 2 (January 2001) Mobility The ability
More information> Technical Configuration Guide for Microsoft Network Load Balancing. Ethernet Switch and Ethernet Routing Switch Engineering
Ethernet Switch and Ethernet Routing Switch Engineering > Technical Configuration Guide for Microsoft Network Load Balancing Enterprise Solutions Engineering Document Date: March 9, 2006 Document Version:
More informationSecurity in IPv6. Basic Security Requirements and Techniques. Confidentiality. Integrity
Basic Security Requirements and Techniques Confidentiality The property that stored or transmitted information cannot be read or altered by an unauthorized party Integrity The property that any alteration
More informationTCP/IP Basis. OSI Model
TCP/IP Basis 高 雄 大 學 資 訊 工 程 學 系 嚴 力 行 Source OSI Model Destination Application Presentation Session Transport Network Data-Link Physical ENCAPSULATION DATA SEGMENT PACKET FRAME BITS 0101010101010101010
More informationNETWORK LAYER/INTERNET PROTOCOLS
CHAPTER 3 NETWORK LAYER/INTERNET PROTOCOLS You will learn about the following in this chapter: IP operation, fields and functions ICMP messages and meanings Fragmentation and reassembly of datagrams IP
More informationInterconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0
Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0 COURSE OVERVIEW: Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0 is a five-day, instructor-led training course that teaches learners
More information2057-15. First Workshop on Open Source and Internet Technology for Scientific Environment: with case studies from Environmental Monitoring
2057-15 First Workshop on Open Source and Internet Technology for Scientific Environment: with case studies from Environmental Monitoring 7-25 September 2009 TCP/IP Networking Abhaya S. Induruwa Department
More informationWe Are HERE! Subne\ng
TELE 302 Network Design Lecture 21 Addressing Strategies Source: McCabe 12.1 ~ 12.4 Jeremiah Deng TELE Programme, University of Otago, 2013 We Are HERE! Requirements analysis Flow Analysis Logical Design
More informationRouter Security Configuration Guide Supplement - Security for IPv6 Routers
Report Number: I33-002R-06 Router Security Configuration Guide Supplement - Security for IPv6 Routers A supplement to the NSA Router Security Configuration Guide offering security principles and guidance
More information