Are You Ready to Teach IPv6?

Similar documents
IPv6 Addressing. Awareness Objective. IPv6 Address Format & Basic Rules. Understanding the IPv6 Address Components

Introduction to IP v6

Types of IPv4 addresses in Internet

IPv6 Fundamentals: A Straightforward Approach

IPv6 Addressing. John Rullan Cisco Certified Instructor Trainer Thomas A. Edison CTE HS

IPv6 Addressing and Subnetting

Technology Brief IPv6 White Paper.

IPv6 Addressing. How is an IPv6 address represented. Classifications of IPv6 addresses Reserved Multicast addresses. represented in Hexadecimal

Learn About Differences in Addressing Between IPv4 and IPv6

- IPv6 Addressing - (References:

Guide to Network Defense and Countermeasures Third Edition. Chapter 2 TCP/IP

IPV6 TECHNOLOGY AND DNS SETUP

Lab#2: IP Addressing and Subnetting

CloudEngine Series Switches. IPv6 Technical White Paper. Issue 01 Date HUAWEI TECHNOLOGIES CO., LTD.

Firewalls und IPv6 worauf Sie achten müssen!

This tutorial will help you in understanding IPv6 and its associated terminologies along with appropriate references and examples.

Computer Networks. Introduc)on to Naming, Addressing, and Rou)ng. Week 09. College of Information Science and Engineering Ritsumeikan University

TCP/IP Basis. OSI Model

Industry Automation White Paper Januar 2013 IPv6 in automation technology

IP Addressing. IP Addresses. Introductory material.

IPv6 Advantages. Yanick Pouffary.

IP Addressing Introductory material.

ERserver. iseries. Networking TCP/IP setup

Internet Protocol Version 6 (IPv6)

About Me. Work at Jumping Bean. Developer & Trainer Contact Info: mark@jumpingbean.co.za

Windows 7 Resource Kit

Computer Networks. Lecture 3: IP Protocol. Marcin Bieńkowski. Institute of Computer Science University of Wrocław

Joe Davies. Principal Writer Windows Server Information Experience. Presented at: Seattle Windows Networking User Group June 1, 2011

IPv6 for SMB s: Easy or Hard?

Chapter 19 Network Layer: Logical Addressing 19.1

Neighbour Discovery in IPv6

Recent advances in IPv6 insecurities Marc van Hauser Heuse Deepsec 2010, Vienna Marc Heuse

Telematics. 9th Tutorial - IP Model, IPv6, Routing

APPENDIX B. Routers route based on the network number. The router that delivers the data packet to the correct destination host uses the host ID.

Chapter 3 Configuring Basic IPv6 Connectivity

ProCurve Networking IPv6 The Next Generation of Networking

Vicenza.linux.it\LinuxCafe 1

IPv6 Protocols & Standards. ISP/IXP Workshops

Configure DHCP features benefits Differences BOOTP DHCP operation configuring verifying troubleshooting Configure N AT NAT features operation

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.

Expert Reference Series of White Papers. Binary and IP Address Basics of Subnetting

Developing an IPv6 Addressing Plan Guidelines, Rules, Best Practice

1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet

Internet Addresses (You should read Chapter 4 in Forouzan)

Implementation IPV6 in Mikrotik RouterOS. by Teddy Yuliswar

We Are HERE! Subne\ng

IPv6 Trace Analysis using Wireshark Nalini Elkins, CEO Inside Products, Inc.

Scaling the Network: Subnetting and Other Protocols. Networking CS 3470, Section 1

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ

Introduction to IPv6 and Benefits of IPv6

Procedure: You can find the problem sheet on Drive D: of the lab PCs. 1. IP address for this host computer 2. Subnet mask 3. Default gateway address

Broadband Network Architecture

Security of IPv6 and DNSSEC for penetration testers

ICS 351: Today's plan

: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)

Address Resolution Protocol (ARP), Reverse ARP, Internet Protocol (IP)

- IPv4 Addressing and Subnetting -

Networking Test 4 Study Guide

IP Networking Part 3- IP Address Management A webinar to help you prepare for the CBNE Certification

Lecture 15. IP address space managed by Internet Assigned Numbers Authority (IANA)

Addresses, Protocols, and Ports

IPv6 Basics Share Anaheim Session 14497

Variable length subnetting

IPv6 Fundamentals Ch t ap 1 er I : ntroducti ti t on I o P IPv6 Copyright Cisco Academy Yannis Xydas

IPv6 in Axis Video Products

CE363 Data Communications & Networking. Chapter 6 Network Layer: Logical Addressing

IPv6.marceln.org.

SSVVP SIP School VVoIP Professional Certification

Getting started with IPv6 on Linux

Lecture 8. IP Fundamentals

Deploying IPv6 for Service Providers. Benoit Lourdelet IPv6 Product Manager, NSSTG

Networking 4 Voice and Video over IP (VVoIP)

Computer Network Foundation. Chun-Jen (James) Chung. Arizona State University

IP Next Generation (IPv6)

Future Internet Technologies

Overview. Lecture 16: IP variations: IPv6, multicast, anycast. I think we have a problem. IPv6. IPv6 Key Features

Internet Protocol Address

This tutorial will help you in understanding IPv4 and its associated terminologies along with appropriate references and examples.

Network layer. Assignment 3

Computer Networks By Bahaa Q. Al-Mussawi Subnetting Basics Reduced network traffic Optimized network performance Simplified management

IPv6 Network Security.

Implementing DHCPv6 on an IPv6 network

Interconnection of Heterogeneous Networks. Internetworking. Service model. Addressing Address mapping Automatic host configuration

CS 43: Computer Networks IP. Kevin Webb Swarthmore College November 5, 2013

IPv6 Functionality. Jeff Doyle IPv6 Solutions Manager

1. How many unique network IDs are there in class A addresses? # of unique hosts?

256 4 = 4,294,967,296 ten billion = 18,446,744,073,709,551,616 ten quintillion. IP Addressing. IPv4 Address Classes

IP Next Generation (IPv6)

CCNA R&S: Introduction to Networks. Chapter 5: Ethernet

IPv6 SECURITY. May The Government of the Hong Kong Special Administrative Region

IMPLEMENTATION OF IPv6

Linux as an IPv6 dual stack Firewall

2. IP Networks, IP Hosts and IP Ports

Router Security Configuration Guide Supplement - Security for IPv6 Routers

IPv6 Infrastructure Security

Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance

IP Addressing A Simplified Tutorial

Transcription:

Are You Ready to Teach IPv6? William Saichek Orange Coast College Karl Dietrich Lansing Community College

Giving Credit Where Credit is Due The slides, data and projects in this presentation were used, with permission from their authors and we would like to express our extreme gratitude to them: Dr. Sam Bowne, City College of San Francisco Mohammad Shanehsaz and Mike Qaissaunee, Brookdale Community College, Lincroft, New Jersey

Remember to perform a sacrifice to the Demo Gods before beginning your class!

IPv4 Exhaustion It s The End of the World!

IPv4 Exhaustion Address Space: 32-bits IPv4 address: 192.168.1.10 Four bytes In Binary: 11000000 10101000 00000001 00001010 2^32 total addresses Over 4 billion in theory but we all know that theoretically the bumble-bee can t fly

IPv4 Exhaustion Available pool is 18 "/8 address ranges" Each /8 has 16.8 Million Addresses 203 already allocated 35 Reserved for special uses Data from http://www.potaroo.net/tools/ipv4 as of 30-Jul-2011

IPv4 Exhaustion

IPv4 Exhaustion No Reprieve IANA will not re-purpose class D or E addresses for general use People who ask for IPv4 addresses after exhaustion will not get them Hoarding, scalping, and simple direct sale of used IPv4 addresses will begin soon

The Solution IPv6

IPv6 Addresses An IPv6 address consists of 128 bits that are divided into eight sections, or groups. It is represented by hexadecimal value of each group separated by colons Example: FEDC:BA98:7654:3210:FEDC:BA98:7654:3210 There is no such thing as a Broadcast in IPv6 instead we have Multicast, Unicast, and a new type called Anycast. The specific type of an IPv6 address is indicated by the leading bits in the address

IPv6 Address Format The 128-bit IPv6 addresses use colons to separate entries in a series of 16-bit hexadecimal groups.

IPv6 Address Format The 64-bit Interface Identifier (basically the host portion of the address) can be configured in 5 ways: Manual Configuration (static IPv6 addresses) Autoconfiguration (EUI-64 based Interface ID) DHCP v6 Pseudo-random Interface ID Cryptographically generated Interface ID

IPv6 Address Format The most common method (but not the most secure or private more on that later) for the Interface Identifier is to use the use the Extended Unique Identifier (EUI-64). Take the NICs MAC address Stick FF FE in the middle

IPv6 Representation There are three conventional forms for representing IPv6 addresses as text strings: The preferred form is: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx where the 'x's are the hexadecimal values of the eight 16-bit pieces of the address. For example: FEDC:BA98:7654:3210:FEDC:BA98:7654:3210

IPv6 Representation Compressed Form IPv6 addresses can contain long strings of zero bits. In order to make writing addresses containing zero bits easier a special syntax is available to compress the zeros. You do not have to enter leading zeros in each group Example: 0A4F can be written as A4F The "::" can also be used to compress the multiple sets of zeros within the group (but can only be used once) Example: 1080:0:0:0:8:800:200C:417A becomes 1080::8:800:200C:417A 0:0:0:0:0:0:0:1 or ::1 is the loopback address

IPv6 Representation The text representation of IPv6 address prefixes is similar to the way IPv4 addresses prefixes are written in CIDR notation: ipv6-address/prefix-length Text Form 12AB:0000:0000:CD30:0000:0000:0000:0000/60 12AB::CD30:0:0:0:0/60 or 12AB:0:0:CD30::/60 When writing both a node address and a prefix such as 12AB:0:0:CD30:123:4567:89AB:CDEF and its subnet number 12AB:0:0:CD30::/60 the two can combined as follows: 12AB:0:0:CD30:123:4567:89AB:CDEF/60

IPv6 Types Unicast: Packets addressed to a Unicast address are delivered to a single interface (for load balancing multiple interfaces can use the same address). There are several forms of Unicast address assignments in IPv6, including the followings: The Global Aggregatable Unicast address The Link-Local address, The Site-Local address, The IPv4-capable host address. The specific type of an IPv6 address is indicated by the leading bits in the address Global Unicast addresses are publicly routable addresses (same as IPv4)

Aggregatable Global Address The IPv6 Global Unicast Address allocation uses the range of addresses that start with binary value 001 (2000::/3). The aggregatable global address typically consists of a 45-bit global routing prefix and a 16-bit subnet ID or Site-Level Aggregator (SLA). Aggregatable global addresses are used on links that are aggregated upward through organizations, and eventually to the Internet service providers (ISPs). They are equivilant to public IPv4 addresses

Link-Local Unicast Address Link-Local addresses are like Automatic Private IP Addressing (APIPA) in IPv4 in that they are not meant to be routed in the internal router or outside The Link-Local addresses are designed to be used for addressing on a single link for purposes such as auto-address configuration, neighbor discovery, or when no routers are present Routers must not forward any packets with link-local source or destination addresses to other links

Site-Local Unicast addresses Site Local addresses are like Link-Local, in that it is a private IPv6 addresses and can not be routed to the internet. However, they can be routed within your organization or company They are equivalent to IPv4 private address They can be assigned either manually or dynamically Routers must not forward any packets with site-local source or destination addresses outside of the site. Always begin with the Hex Address of FEC0::/48

IPv4-Compatible IPv6 Address IPv4-compatible IPv6 addresses are assigned to nodes that support both the IPv4 and IPv6 protocol stacks and are used in automatic tunnels. An IPv4-compatible IPv6 address is an IPv6 unicast address that has zeros in the high-order 96 bits of the address and an IPv4 address in the low-order 32 bits of the address. The format of an IPv4-compatible IPv6 address is 0:0:0:0:0:0:A.B.C.D or ::A.B.C.D. The entire 128-bit IPv4-compatible IPv6 address is used as the IPv6 address of a node and the IPv4 address embedded in the low-order 32 bits is used as the IPv4 address of the node.

IPv6 Types Multicast Similar to IPv4, IPv6 Multicast packets are addressed to a Multicast Address and are delivered to all interfaces identified by that assigned Multicast Address (one to many addresses)

IPv6 Types Anycast Like multicast addresses, an Anycast address identifies multiple interfaces, but there is a big difference: The Anycast packet is delivered to only one address in a Multicast group actually it sends it to the first IPv6 address it finds defined in terms of routing distance. And again this address is special because you can apply a single address to more than one interface (one-to-one-of-many)

The specific type of and IPv6 address is indicated by the leading bits in the address IPv6 Addresses

IPv6 Packet Header Simplified Fixed length All optional/additional information is encoded into Extension Headers No checksum Uses a Payload Length instead of a Total Length Time to Live field is replaced by Hop Limit

IPv6 Packet Header

Image from zinyaw.files.wordpress.com So IPv4 is Full

Methods of IPv6 Migration Ignore IPv6: Stay on IPv4-only Gateways: Devices that convert IPv6 to IPv4 Tunnel: IPv6 over IPv4 Dual-Stack: IPv4 and IPv6 together Nirvana: IPv6-only

IPv6 Tunnels Fast and easy to set up Not the best for security or performance Free IPv4-to-IPv6 Tunnel Providers Gogo6.com Sixxs.net Tunnelbroker.com

Easiest to use but there are some issues with performance and stability. GoGo6

IPv6 and DNS New resource record introduced: AAAA

Security and Privacy Issues MAC addresses are globally unique (mostly) Anyone who has your IP address also has your MAC address! Users are mobile, but Even though the network prefix changes, the Interface ID does not Users can be ID d and tracked There is a "Privacy Extensions" technique to avoid this, enabled by default in Vista and Windows 7

Security and Privacy Issues ICMPv6 Required for all networks Cannot be blocked Replaces ARP "Neighbor Discovery" is trivial

Security and Privacy Issues THC-IPv6 Hacker's Toolkit Runs fine on Ubuntu, even in VMware on Windows 7

Other Risks Many security appliances are not ready for IPv6, so it often bypasses them Torrents run over IPv6 Some VPN appliances are not ready, so IPv6 connections must bypass them Packet Amplification Attacks Routing Header Zero Ping-Pong

IPv6 Certification If you re teaching Network+, you can easily have your students become IPv6 certified through Hurricane Electric It s Fun It s Realistic It s Free

So Why Should We Be Teaching IPv6? Advantages: More efficient address allocation End-to-end addressing (no more NAT) Fragmentation only by the source host Routers do not have to calculate header checksum (faster packet switching) Multicasting instead of broadcasting Built-in security mechanisms Single control protocol (ICMPv6) Auto-Configuration Modular header structure

Now Let s Get Our Hands Dirty Demonstration using Packet Tracer with Cisco Routers, WiFi Access Points and PC s

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information