Presentation is loading. Please wait.

Presentation is loading. Please wait.

Surachai Chitpinityon Applied Network Research Laboratory Department of Computer Engineering IPv6 OCS Training, Kasetsart University,

Similar presentations


Presentation on theme: "Surachai Chitpinityon Applied Network Research Laboratory Department of Computer Engineering IPv6 OCS Training, Kasetsart University,"— Presentation transcript:

1 Surachai Chitpinityon Applied Network Research Laboratory Department of Computer Engineering IPv6 OCS Training, Kasetsart University, 30 March 2011

2 2 Network Operation Center Kasetsart University Office of Computer Services Agenda IPv6 Introduction IPv6 Network Configuration IPv6 System Configuration

3 3 Network Operation Center Kasetsart University Office of Computer Services Agenda IPv6 Introduction IPv6 Feature Summary IPv6 Address Structure IPv6 address format IPv6 Headers IPv6 Network Configuration IPv6 Network Configuration IPv6 System Configuration IPv6 System Configuration

4 4 Network Operation Center Kasetsart University Office of Computer Services IPv6 Introduction global address is unique address same as public IPv4 address คือสามารถ reachable จาก ทุกๆ แห่งในเครือข่ายอินเทอร์เน็ต site local address เป็น address ที่อาจจัดสรรให้ ภายใน LAN หรือเครือข่ายภายใน อาจเอาไว้ใช้ใน เครือข่ายทดสอบ จะมองไม่เห็นจากข้างนอก ข้อดี ของการกำหนด site local address คือหากต้องมี การเปลี่ยน global address prefix ขององค์กร ก็ไม่ ต้องมานั่งเปลี่ยน address ภายใน ทั้งยังช่วยให้ routing table ภายในองค์กรมีขนาดเล็ก จัดการง่าย อันนี้อาจเทียบเท่ากับการใช้ private IPv4 address link local address เป็น address ที่ unique บนแต่ ละลิงค์เท่านั้น ปกติแล้ว link local address จะถูก assign อัตโนมัติ ใช้ Prefix fe80::/64 โดยที่ 64 บิต หลังจะมาจาก MAC address ของแลนการ์ดนั่นเอง ทั้งนี้เพื่อให้แน่ใจได้ว่า link local address ที่ได้จะไม่ มีวันซ้ำกันบนแต่ละลิงค์ การใช้งานก็จะเป็นลักษณะ การติดต่อระหว่าง node ต่างๆ บนลิงค์เดียวกันเท่านั้น (administrative message) Resource:http://www.ipv6.nectec.or.th/faq.php#ans6

5 5 Network Operation Center Kasetsart University Office of Computer Services IPv6 Feature Summary Increased size of address space Header simplification Extended Address Hierarchy Auto-configuration / Renumbering QoS (Integrated/Differentiated services)

6 6 Network Operation Center Kasetsart University Office of Computer Services IPv4 vs IPv6 IPv4: 32 bits 2^32 addresses = 4,294,967,296 addresses IPv6: 128 bits 2^128addresses = 340,282,366,920,938,463,463,374,607,4 31,770,000,000 addresses

7 7 Network Operation Center Kasetsart University Office of Computer Services IPv6 Address Structure Resource:Asso. Prof. Anan Phonphoem, Ph.D.

8 8 Network Operation Center Kasetsart University Office of Computer Services Prefix Type Resource:Asso. Prof. Anan Phonphoem, Ph.D.

9 9 Network Operation Center Kasetsart University Office of Computer Services Provider-Based Unicast Address Resource:Asso. Prof. Anan Phonphoem, Ph.D.

10 10 Network Operation Center Kasetsart University Office of Computer Services Address Hierarchy Resource:Asso. Prof. Anan Phonphoem, Ph.D.

11 11 Network Operation Center Kasetsart University Office of Computer Services IPv6 address format Resource:Asso. Prof. Anan Phonphoem, Ph.D. 8 groups of 4 hexadecimal digits Each group represents 16 bits Separator is “:”

12 12 Network Operation Center Kasetsart University Office of Computer Services IPv6 address format 2001:03c8:1303:1102:020c:0029:0003:1937 = 2001:3c8:1303:1102:20c:29:3: :03c8:1303:1102:0000:0000:0000:0002 = 2001:3c8:1303:1102::2

13 13 Network Operation Center Kasetsart University Office of Computer Services Special Address Unspecified address 0:0:0:0:0:0:0:0 = :: Source add. (when own add. is unknown) Resource:Asso. Prof. Anan Phonphoem, Ph.D.

14 14 Network Operation Center Kasetsart University Office of Computer Services Special Address Loopback address 0:0:0:0:0:0:0:1 = ::1 For testing Datagram is delivered to local machine Resource:Asso. Prof. Anan Phonphoem, Ph.D.

15 15 Network Operation Center Kasetsart University Office of Computer Services IPv6 Headers Resource:Asso. Prof. Anan Phonphoem, Ph.D.

16 16 Network Operation Center Kasetsart University Office of Computer Services Agenda IPv6 Introduction IPv6 Introduction IPv6 Network Configuration IPv6 Address Allocation Router Configuration IPv6 System Configuration IPv6 System Configuration

17 17 Network Operation Center Kasetsart University Office of Computer Services IPv6 address Allocation KU have 2 IPv6 prefix From Uninet2001:3c8:1303::/48 From Thaisarn2001:F00:2003::/48 Use only Uninet (Maybe request new IPv6 for multi-home routing)

18 18 Network Operation Center Kasetsart University Office of Computer Services IPv6 address Allocation (2) KU IPv6 address allocation CampusIPv6 PrefixOSPF Area BKK2001:3C8:1303:1000::/5210x KPS2001:3C8:1303:2000::/5220x SRC2001:3C8:1303:3000::/5230x CSC2001:3C8:1303:4000::/5240x SPN2001:3C8:1303:5000::/5250x Reserve2001:3C8:1303:6000::/52- Reserve2001:3C8:1303:f000::/52-

19 19 Network Operation Center Kasetsart University Office of Computer Services Router Configuration Network Interface Configuration #configure terminal #interface vlan 44 ipv6 address 2001:3C8:1303:112C::1/64 ipv6 enable ipv6 nd prefix 2001:3C8:1303:112C::/

20 20 Network Operation Center Kasetsart University Office of Computer Services Router Configuration OSPF Routing Configuration #configure terminal #ipv6 router ospf 100 router-id log-adjacency-changes area 0 range 2001:3C8:1303::/64 area 101 range 2001:3C8:1303:1100::/56 passive-interface default no passive-interface Vlan460 #interface vlan 44 ipv6 ospf 100 area 101

21 21 Network Operation Center Kasetsart University Office of Computer Services Router Configuration BGP Routing Configuration #configure terminal # router bgp 9411 address-family ipv6  neighbor 2001:F00:2FFF::FFFC:1 activate  neighbor 2001:F00:2FFF::FFFC:1 soft- reconfiguration inbound  network 2001:F00:2003::/48  redistribute ospf 100

22 22 Network Operation Center Kasetsart University Office of Computer Services Router Configuration Debug Command #show ipv6 ospf neighbor

23 23 Network Operation Center Kasetsart University Office of Computer Services Router Configuration Debug Command #show ipv6 route

24 24 Network Operation Center Kasetsart University Office of Computer Services Router Configuration Debug Command #sh ipv6 interface brief

25 25 Network Operation Center Kasetsart University Office of Computer Services Agenda IPv6 Introduction IPv6 Introduction IPv6 Network Configuration IPv6 Network Configuration Router Configuration Router Configuration IPv6 System Configuration IPv6 address Configuration DNS Configuration Basic Firewall Configuration

26 26 Network Operation Center Kasetsart University Office of Computer Services IPv6 Address Configuration Linux Edit file /etc/sysconfig/network #vim /etc/sysconfig/network NETWORKING_IPV6=yes

27 27 Network Operation Center Kasetsart University Office of Computer Services IPv6 Address Configuration (2) Linux (In case fix IPv6 address) Edit network interface in file /etc/sysconfig/network-scripts/ifcfg-eth0 #vim /etc/sysconfig/network-scripts/ifcfg- eth0 IPV6INIT=yes IPV6ADDR=2001:3c8:1303:1102::2/64 IPV6_DEFAULTGW=2001:3c8:1303:1102:: 1 #service network restart

28 28 Network Operation Center Kasetsart University Office of Computer Services IPv6 Address Configuration Window WindowXP Run cmd-> #ipv6 install Window7(can use IPv6) In case fix IPv6 address Control Panel->Network and Internet- >Network and Sharing Center- >Change adapter settings->(choose network interface) Local Area Network-> (right click) Properties- >(Choose Internet Protocol Version 6)- >(edit IPv6 address)

29 29 Network Operation Center Kasetsart University Office of Computer Services DNS Configuration DNS server (same IPv4 DNS server) Forward DNS Reverse DNS

30 30 Network Operation Center Kasetsart University Office of Computer Services Forward DNS Configuration Used same IPv4 zone (Ex. ku.ac.th) #vim /var/named/database/primary/ku Used AAAA type vpn IN AAAA 2001:3c8:1303:1125::12 logs IN AAAA 2001:3c8:1303:1125::fb Restart DNS service

31 31 Network Operation Center Kasetsart University Office of Computer Services Reverse DNS Configuration Create new zone in configuration file #vim /var/named/etc/named.conf zone " c ip6.arpa" in { type master; notify no; file "primary/zone/ipv6/zone_0_0_0_1"; allow-query { any; }; };

32 32 Network Operation Center Kasetsart University Office of Computer Services Reverse DNS Configuration Create new file for 2001:3c8:1303:1000:: #vim /var/named/database/primary/zone/ipv6/z one_0_0_0_ IN PTR v6gw-vl1.ocs.ku.ac.th. Restart DNS service

33 33 Network Operation Center Kasetsart University Office of Computer Services Basic Firewall Configuration Linux on personal firewall by default #vim /etc/sysconfig/ipv6tables or you can manual configuration by use command ip6tables -A INPUT -p tcp --dport 22 -j DROP ip6tables -A INPUT -p tcp -s 2001:3c8:1303:1266:ddf9:d748:c636:b0e 4 --dport 22 -j DROP ip6tables -F ip6tables -X

34 34 Network Operation Center Kasetsart University Office of Computer Services Q&A

35 35 Network Operation Center Kasetsart University Office of Computer Services Thank You


Download ppt "Surachai Chitpinityon Applied Network Research Laboratory Department of Computer Engineering IPv6 OCS Training, Kasetsart University,"

Similar presentations


Ads by Google