Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 5: Configuring and Troubleshooting IPv6 TCP/IP

Published byRandell McCarthy Modified over 5 years ago

Similar presentations

Presentation on theme: "Module 5: Configuring and Troubleshooting IPv6 TCP/IP"— Presentation transcript:

1 Module 5: Configuring and Troubleshooting IPv6 TCP/IP
Course 6421A Week #2 IPv4 and IPv6 Module 5: Configuring and Troubleshooting IPv6 TCP/IP Overview of IPv4 Overview of IPv6 Coexistence with IPv6 IPv6 Tunneling Technologies Transitioning from IPv4 to IPv6 Troubleshooting IPv6

2 IP Address 4 Octal (4 Byes) separate by a “dot” between each octal
Leading bits are network ID and trailing bits are host ID Subnet mask defines how many bits are network ID and how many bits are host ID

3 IPv4 Address 3 3

4 Exercise: Convert Dotted-Decimal IP Address to Binary
27 26 25 24 23 22 21 20 27 26 25 24 23 22 21 20 4 4

5 Subnet Masks 1 in the subnet mask indicates that the corresponding bit in the IP address is part of the network ID 0 in the subnet mask indicates that the corresponding bit in the IP address is part of the host ID ANDing: Process used to separate network and host IDs from an IP address 1 AND 1  1 1 AND 0  0 0 AND 1  0

6 Exercise: ANDing Host ID Network ID
Find the network ID given a subnet mask and IP address IP Address: Subnet Mask: Convert to Binary Host ID ANDing Network ID

7 IP Address Class Network ID cannot be 127 (loopback)
ID bits cannot be all “1”s (broadcast) ID bits cannot be all “0”s. Host ID must be unique. IP address of client gateway is the router. Subnet mask: Subnet mask: Subnet mask:

8 Subnetting Supernetting
The process of creating multiple smaller networks, or subnets, from an IP network address Take some bit(s) from the host ID and make them as the network ID The number of subnets can be calculated with the formula 2n where n is the number of bits to remove from the host ID Classless Interdomain Routing (CIDR) Uses variable length subnet masks. E.g /13 means first 13 bits are network ID Supernetting Combining two or more subnetworks into a larger supernetwork: Take some bit(s) from network ID as host ID 8 8

9 Need to borrow 4 bits from hose ID
Exercise: Divide the network into 10 smaller networks using the least amount of bits necessary Need to borrow 4 bits from hose ID Subnet Mask: Convert to Decimal Value  =240 Subnet Mask:

10 Special-Use IPv4 Addresses
Mulitcast: to Reserved: to Private IP: to to to Automatic Private IP Address: to Loopback: 127.x.x.x 10 10

11 Module 5: Configuring and Troubleshooting IPv6 TCP/IP
Course 6421A Benefits of IPv6 Module 5: Configuring and Troubleshooting IPv6 TCP/IP Benefits of IPv6 include: Large address space Hierarchical addressing and routing infrastructure Stateless and Stateful address configuration Built-in security Enhanced support for prioritized delivery New protocol for neighboring node interaction Extensibility Large address space A 32-bit address space allows for 232 or 4,294,967,296 possible addresses. A 128-bit address space allows for 2128 or 340,282,366,920,938,463,463,374,607,431,768,211,456 (or 3.4´1038 or 340 undecillion) possible addresses. Hierarchical addressing and routing infrastructure The IPv6 address space is designed to be more efficient for routers. Without going into routing details, explain that the IPv6 global addressing is designed to enable efficient routing of such a large address space. IPv4 has had several updates to support the expanding issues with large routing tables. Stateless and Stateful address configuration IPv6 has auto-configure capability without a Dynamic Host Configuration Protocol (DHCP), and can find router information so that hosts can access the Internet. This is a Stateless address configuration. A Stateful address configuration is when you use the DHCP v6 protocol. However, there are differences as to how that works, which are discussed in a later topic. Built-in security IPv6 has built-in IP security, whereas in IPv4, it is an extension of the protocol. This facilitates configuration of secure network connections. Prioritized Delivery IPv6 contains a field in the packet that allows network devices to determine that the packet should be processed at a specified rate. This allows traffic prioritization. For example, when streaming video traffic, it is critical that the packets arrive in a timely manner. You can set this field to ensure that network devices determine that the packet delivery is time-sensitive. Neighbor detection IPv6 has much better detection of other devices and hosts in its local network. You can use this to create networks through which you can share information. Extensibility Finally, IPv6 has been designed so that it can be extended with much fewer constraints than IPv4.

12 Differences Between IPv4 and IPv6
Course 6421A Differences Between IPv4 and IPv6 Module 5: Configuring and Troubleshooting IPv6 TCP/IP IPv4 IPv6 Source and destination addresses 32 bits (4 bytes) in length 128 bits (16 bytes) in length IPsec support Optional Required Address Resolution Protocol Broadcast ARP Request frames resolve IPv4 address to link layer address ARP Request frames replaced with multicast Neighbor Solicitation messages ICMP Router Discovery Determines IPv4 address of default gateway Replaced with ICMPv6 Router Solicitation and Router Advertisement messages Broadcast addresses Sends traffic to all nodes on a subnet Uses a link-local scope, all-nodes multicast address instead of an IPv6 broadcast address Configuration Configured manually or through DHCP Does not require manual configuration or DHCP Resource records Uses A resource records in DNS to map host names to IPv4 addresses Uses AAAA resource records in DNS to map host names to IPv6 addresses In the late 1970s, when the IPv4 address space was designed, it was unimaginable that it could be exhausted. However, due to technology changes and an allocation practice that did not anticipate the recent explosion of Internet hosts, the IPv4 address space was consumed to the point that by 1992, it was clear a replacement would be necessary. With IPv6, it is even harder to conceive that the IPv6 address space will be consumed. To help put this number in perspective, a 128-bit address space provides 655,570,793,348,866,943,898,599 (6.5´1023) addresses for every square meter of the Earth’s surface. It is important to remember that the decision to make the IPv6 address 128 bits in length was not so that every square meter of the Earth could have 6.5´1023 addresses. Rather, the design of the large IPv6 address enables its subdivision into hierarchical routing domains that reflect the modern-day Internet’s topology. The use of 128 bits allows for multiple hierarchy levels and flexibility in designing hierarchical addressing and routing that the current IPv4- based Internet lacks. Request for Comments (RFC) 4291 describes the IPv6 addressing architecture.

13 IPv6 Implementations Using Microsoft Technologies
Course 6421A IPv6 Implementations Using Microsoft Technologies Module 5: Configuring and Troubleshooting IPv6 TCP/IP Windows Server 2003 family The IPv6 protocol for Windows XP SP1 and Windows XP SP2 The IPv6 protocol for Windows CE .NET versions 4.1 and later The Next Generation TCP/IP stack in Windows Vista, Windows 7, and Windows Server 2008 For all of the IPv6 implementations from Microsoft, you can use IPv6 without affecting IPv4 communications. Note that IPv6 is a dual-stack implementation in Windows XP SP2 and Windows Server® 2003, and a dual-layer implementation for Windows Vista™ and Windows Server® A later topic details the key differences between the implementations. The IPv6 protocol for the Windows Server 2003 family, Windows XP SP1, and Windows XP SP2 Production quality. Installed as a separate protocol through the Network Connections folder. Dual Stack. Each protocol has its own TCP and User Datagram Protocol (UDP) implementation, which means that more code and more memory are used, and that there is more complexity. The Next Generation TCP/IP stack in Windows Vista and Windows Server 2008 Dual Layer. There is only one TCP and UDP implementation for both IPv4 and IPv6. Previous versions of the Windows operating system may have IPv6 support. However, Microsoft will not support IPv6 on older operating systems.

14 Module 5: Configuring and Troubleshooting IPv6 TCP/IP
Course 6421A The IPv6 Address Space Module 5: Configuring and Troubleshooting IPv6 TCP/IP Address Syntax: 128-bit address in binary: 128-bit address divided into 16-bit boundaries: Each 16-bit block converted to HEX (base 16): Further simplify by removing leading zeros: 2001:0DB8:0000:2F3B:02AA:00FF:FE28:9C5A 2001:DB8:0:2F3B:2AA:FF:FE28:9C5A Compressing Zeros: Some types of addresses can contain many zeros A contiguous sequence of 16-bit blocks set to 0 can be compressed using the double colon “::” Link-local: Can be compressed down to: Multicast: FE80:0:0:0:2AA:FF:FE9A:4CA2 FE80::2AA:FF:FE9A:4CA2 FF02:0:0:0:0:0:0:2 FF02::2 Address syntax Explain binary-to-decimal and binary-to-hex conversion. Alternatively, explain that using the conversion function on the Windows calculator can help students convert these numbers back and forth. Compressing zeros This is the same principle as factoring in math, but it simplifies terms. The computer recognizes “::” and substitutes it with the number of zeros needed to make the appropriate IPv6 address. To determine how many 0 bits are represented by the “::”, you can count the number of blocks in the compressed address, subtract this number from eight, and then multiply the result by 16. Converting binary to hex: Binary: 0010 1111 Values of each binary position: 8421 Adding values where the bit = 1: = 2 = 15 or hex F

15 IPv6 Prefixes IPv6 Prefixes Allocation Format prefix binary value
Course 6421A IPv6 Prefixes IPv6 Prefixes Module 5: Configuring and Troubleshooting IPv6 TCP/IP Allocation Format prefix binary value Format prefix hexadecimal value Fraction of the address space Reserved - 1/256 Reserved for NSAP allocation 1/128 Aggregatable global unicast addresses 001 2 or 3 1/8 Link-local unicast addresses FE8 1/1024 Site-local unicast addresses FEC0 Multicast addresses FF Format Prefixes define how the IPv6 address space is allocated. The format prefix defines static parts of the IPv6 address space that you can use for unicast and multicast addressing. The current unicast addressing prefixes that you can use: Aggregratable global unicast, link-local unicast, and site-local unicast. NSAP == Network Service Access Point 15

16 Unicast IPv6 Address Types
Course 6421A Unicast IPv6 Address Types Module 5: Configuring and Troubleshooting IPv6 TCP/IP Interface ID 54 bits 64 bits 10 bits Format Prefix all link-local IPs have a prefix of FE80 Link-Local Address Subnet ID Format Prefix all link-local IPs have a prefix of FEC0 Site-Local Address Link-Local Global FC::/7 Site-Local/Unique-Local FD::/8 Scope Global unicast addresses Link-local addresses Site-local addresses Unique local IPv6 unicast addresses Special addresses Global Routing Prefix 001 Subnet ID Interface ID 48 bits 45 bits 64 bits 16 bits Prefix managed by IANA Prefix assigned to top-level ISP Subnet bits for organizations Client interface ID Global Unique Unicast Address A unicast address identifies a single interface within the scope of the unicast address type. With the appropriate unicast routing topology, packets addressed to a unicast address are delivered to a single interface. Use this slide to present key points of the unicast addresses. There is a subsequent slide for the major types of unicast IP addresses. Global unicast addresses Global unicast addresses are equivalent to Public IPv4. They are routable and reachable globally on the Internet’s IPv6 portion. Local-use unicast addresses There are two types of local-use unicast addresses: Link-local addresses Link-local addresses are used between on-link neighbors and for Neighbor Discovery processes. Link-local is the equivalent to Automatic Private IP Addressing (APIPA) addresses in IPv4. Link-local addresses always begin with FE80. With the 64-bit interface identifier, the prefix for link-local addresses always is FE80::/64. An IPv6 router never forwards link-local traffic beyond the link. Site-local addresses Site-local addresses are used between nodes communicating with other nodes in the same site. Site-local addresses are equivalent to the IPv4 private address space ( /8, /12, and /16). Unlike link-local addresses, site-local addresses are not configured automatically, you must assign them through the stateless or stateful address-configuration process. Unique local IPv6 unicast addresses Site-local addresses provide a private addressing alternative to using global addresses for intranet traffic. However, because you can use the site-local address prefix to address multiple sites within an organization, a site-local address prefix address can be duplicated. The ambiguity of site-local addresses in an organization adds complexity and difficulty for applications, routers, and network managers The first 7 bits have the fixed binary value of All unique local addresses have the address prefix FC00::/7. The Local (L) flag is set to 1 to indicate a local address. The L flag value set to 0 has not yet been defined. Therefore, unique local addresses with the L flag set to 1 have the address prefix of FD00::/8. 16

17 IPv6 Addresses Assigned to Hosts and Routers
IPv6 hosts and routers are typically assigned multiple IPv6 address, even with single network card: Anycast IPv6 addresses are similar to, but more efficient than, the anycast addresses in IPv4, which primarily Internet Security Providers (ISPs) use. Anycast addresses use the unicast address space, but function differently from other unicast addresses. IPv6 uses anycast addresses to identify multiple interfaces and delivers packets addressed to an anycast address to the nearest interface that the address identifies. In contrast to a multicast address, where delivery is from one to many, an anycast address delivery is from one to one-of-many. Currently, anycast addresses are assigned only to routers and used only as destination addresses. A link-local address for each interface Additional unicast addresses for each interface (can be a site-local and one or multiple global addresses) The loopback address (::1) Routers also are assigned an anycast address for each subnet

18 Module 5: Configuring and Troubleshooting IPv6 TCP/IP
Course 6421A Zone IDs Module 5: Configuring and Troubleshooting IPv6 TCP/IP Reuse Link-local addresses and/or Site-local address Zone ID specify which link Zone IDs For link-local addresses, the zone ID typically is the interface index for either the interface assigned to the address or that is slated for use as the sending interface for a link-local destination. The interface index is an integer starting at 1 that is assigned to IPv6 interfaces, which include a loopback, and one or multiple tunnel or local area network (LAN) interfaces. You can view the list of interface indexes from the netsh interface ipv6 show interface command display. For site-local addresses, the zone ID is the site ID, which is an integer assigned to an organization’s site. For organizations that do not reuse the site-local address prefix, the site ID is set to 1 by default, and you do not need to specify it. You can view the site ID from the netsh interface ipv6 show address level=verbose command display. fe80::2b0:d0ff:fee9:4143%3 fec0::f282:2b0:d0ff:fee9:4143%2

19 Address Autoconfiguration for IPv6
Course 6421A Address Autoconfiguration for IPv6 Module 5: Configuring and Troubleshooting IPv6 TCP/IP Preferred Deprecated Invalid Tentative Valid Time Valid Lifetime Preferred Lifetime Autoconfigured IP Timeline Check for address conflicts using neighbor solicitation 2 Derive Link-Local Address 1 If managed flag set, use DHCPv6 6 Check for a router on the network 3 Add prefixes 5 Check the router for prefixes 4 IPv6 Client There are several states the host can be in as it goes through the process and that there are several ways that you can assign an IP address and information. Based on how you set up the router, a client may need to use stateless configuration (no DHCP service), or stateful with a DHCP server involved, to either assign an IP address and other information, or just assign other information. The other information includes DNS servers and gateway. The example in this slide is the simplified process if the network is using an IPv6 router with additional prefixes and a DHCP server to configure a stateful address.  Autoconfigured address states Tentative The address is being verified as unique. Verification is done through duplicate address detection. A node cannot receive unicast traffic to a tentative address. It can, however, receive and process multicast Neighbor Advertisement messages sent in response to the Neighbor Solicitation message that is sent during duplicate address detection. Valid An address for which uniqueness has been verified and from which unicast traffic can be sent and received. The valid state covers both the preferred and deprecated states. The Valid Lifetime field in the Router Advertisement message’s Prefix Information option determines the amount of time that an address remains in the tentative and valid states. The valid lifetime must be greater than or equal to the preferred lifetime. A valid address is either preferred or deprecated. Preferred A node can send and receive unicast traffic to and from a preferred address. The Preferred Lifetime field in the Router Advertisement message’s Prefix Information option determines the period of time that an address can remain in the tentative and preferred states. Deprecated An address that is still valid, but its use is discouraged for new communication. Existing communication sessions can continue to use a deprecated address. A node can send and receive unicast traffic to and from a deprecated address. Invalid An address for which a node can no longer send or receive unicast traffic. An address enters the invalid state after its valid lifetime expires. fe80::d593:e1e:e612:53e4%10 Router configuration information Additional router prefixes IPv6 Router IPv6 DHCP Server configured with Site Local Scope DHCPv6 information received 19

20 What Are Node Types? IPv6 Network IPv4 Network Course 6421A
Module 5: Configuring and Troubleshooting IPv6 TCP/IP Node types: IPv4-only node A node that implements only IPv4 (and has only IPv4 addresses) and does not support IPv6. Most hosts and routers installed today are IPv4-only nodes. IPv6-only node A node that implements only IPv6 (and has only IPv6 addresses) and does not support IPv4. This node is able to communicate only with IPv6 nodes and applications. This type of node is not common today, but might become more prevalent as smaller devices, such as cellular phones and handheld computing devices, include the IPv6 protocol. IPv6/IPv4 node A node that implements both IPv4 and IPv6. IPv4 node A node that implements IPv4. An IPv4 node can be an IPv4-only node or an IPv6/IPv4 node. IPv6 node A node that implements IPv6. An IPv6 node can be an IPv6-only node or an IPv6/IPv4 node. For coexistence to occur, the largest number of nodes (IPv4 or IPv6 nodes) can communicate using an IPv4 infrastructure, an IPv6 infrastructure, or an infrastructure that is a combination of IPv4 and IPv6. You achieve true migration when you convert all IPv4 nodes to IPv6-only nodes. However, for the foreseeable future, practical migration is achieved when as many IPv4-only nodes as possible are converted to IPv6/IPv4 nodes. IPv4-only nodes can communicate with IPv6-only nodes only when using an IPv4-to-IPv6 proxy or translation gateway. IPv6 Only Node IPv6 Network IPv4/IPv6 Node IPv4 Network IPv4 Only Node 20

21 IPv4 and IPv6 Coexistence
Course 6421A IPv4 and IPv6 Coexistence Module 5: Configuring and Troubleshooting IPv6 TCP/IP Methods for providing coexistence of IPv4 and IPv6: Dual IP layer architecture (Windows Vista and Windows Server 2008) Dual IP layer architecture (Windows Vista, Windows 7, and Windows Server 2008) A dual IP layer architecture contains both IPv4 and IPv6 Internet layers with a single implementation of Transport layer protocols such as TCP and UDP. Dual stack architecture. (Windows Server 2003 and Windows XP) A Dual stack architecture contains both IPv4 and IPv6 Internet layers with separate protocol stacks containing separate implementations of Transport layer protocols, such as TCP and UDP. DNS Infrastructure requirements A DNS infrastructure is needed for successful coexistence because of the prevalent use of names rather than addresses to refer to network resources. Upgrading the DNS infrastructure consists of populating the DNS servers with records to support IPv6 name-to-address and address-to-name resolutions: A records for IPv4 nodes AAAA records for IPv6 nodes IPv6 over IPv4 Tunneling IPv6 over IPv4 tunneling is the encapsulation of IPv6 packets with an IPv4 header so that IPv6 packets can be sent over an IPv4 infrastructure. Dual stack architecture (Windows Server 2003 and Windows XP) DNS Infrastructure requirements IPv6 over IPv4 tunneling

22 What Is a Dual Layer Architecture?
Course 6421A What Is a Dual Layer Architecture? Module 5: Configuring and Troubleshooting IPv6 TCP/IP Dual layer can create: Application Layer IPv4 packets Dual layer architecture is when both IPv4 and IPv6 are implemented in the same protocol stack. This allows for a single TCP/UDP interface. This architecture is implemented in Windows Vista and Windows Server 2008. Types of packets that can be created: IPv4 packets IPv6 packets IPv6 over IPv4 packets: these are IPv6 packets that are encapsulated with an IPv4 header Transport Layer (TCP/UDP) IPv6 packets IPv6 IPv4 IPv6 over IPv4 packets Network Interface Layer IPv6 IPv4 IPv6 over IPv4

23 What Is a Dual Stack Architecture?
Course 6421A What Is a Dual Stack Architecture? Module 5: Configuring and Troubleshooting IPv6 TCP/IP Application Layer Dual stack can create: IPv4 packets The IPv6 protocol for Windows Server 2003 and Windows XP uses the dual stack architecture. Tcpip6.sys, the IPv6 protocol driver in Windows Server 2003 and Windows XP, contains a separate implementation of TCP and UDP.  Types of packets that can be created: IPv4 packets IPv6 packets IPv6 over IPv4 packets TCP/UDP TCP/UDP IPv6 packets IPv6 IPv4 IPv6 over IPv4 packets Network Interface Layer IPv6 IPv4 IPv6 over IPv4 23

24 How Does DNS Support IPv6?
Course 6421A How Does DNS Support IPv6? Module 5: Configuring and Troubleshooting IPv6 TCP/IP DNS support for IPv6: DNS Host records are classified as AAAA records Address Records A records for IPv4 AAAA records for IPv6 Pointer Records Pointer (PTR) records in the IN-ADDR.ARPA domain for IPv4 nodes PTR records in the IP6.ARPA domain for IPv6 nodes Address selection rules By default, IPv6 addresses in DNS name-query responses are preferred over IPv4 addresses. Pointer Records are configured in the IP6.ARPA zone DNS tries to return the appropriate address (either IP 4 or IP 6 depending on the Address Selection rules)

25 What Is IPv6 Over IPv4 Tunneling?
Course 6421A What Is IPv6 Over IPv4 Tunneling? Module 5: Configuring and Troubleshooting IPv6 TCP/IP IPv4 Packet IPv6 Packet IPv6 over IPv4 tunneling allows IPv6 to communicate through an IPv4 network IPv6 over IPv4 tunneling is the encapsulation of IPv6 packets with an IPv4 header so that IPv6 packets can be sent over an IPv4 infrastructure. Within the IPv4 header: The IPv4 Protocol field is set to 41 to indicate an encapsulated IPv6 packet. The Source and Destination fields are set to IPv4 addresses of the tunnel endpoints. The tunnel endpoints are configured either manually as part of the tunnel interface or are derived automatically from the next-hop address of the matching route for the destination and the tunneling interface. Illustrate a graphical depiction of IPv6 over IPv4 tunneling. Note: Unlike tunneling for the Point-to-Point Tunneling Protocol (PPTP) and Layer Two Tunneling Protocol (L2TP), there is no exchange of messages for tunnel setup, maintenance, or termination. Additionally, IPv6 over IPv4 tunneling does not provide security for tunneled IPv6 packets. This means that when you use IPv6 tunneling, it does not need to establish a connection first. Also, the tunneling infers that it is only tunneling through IPv4 networks and does not encrypt the tunnel. IPv6 IPv4 header Upper layer protocol data unit Extension headers IPv6 header IPv4 Packet IPv6 Packet IPv4

26 Tunneling Configurations
Course 6421A Tunneling Configurations Module 5: Configuring and Troubleshooting IPv6 TCP/IP Router-to-router IPv6 over IPv4 tunnel IPv6-capable infrastructure IPv4-only infrastructure IPv6 node IPv6/IPv4 router Router-to-Router In the router-to-router tunneling configuration, two IPv6/IPv4 routers connect two IPv6- capable infrastructures over an IPv4 infrastructure. Host-to-Router or Router-to-Host In the host-to-router tunneling configuration, an IPv6/IPv4 node that resides within an IPv4 infrastructure creates an IPv6 over IPv4 tunnel to reach an IPv6/IPv4 router. The tunnel endpoints span the first path segment between the source and destination nodes. The IPv6 over IPv4 tunnel between the IPv6/IPv4 node and the IPv6/IPv4 router acts as a single hop. In the router-to-host tunneling configuration, an IPv6/IPv4 router creates an IPv6 over IPv4 tunnel across an IPv4 infrastructure to reach an IPv6/IPv4 node. The tunnel endpoints span the last segment of the path between the source node and destination node. Host-to-Host In the host-to-host tunneling configuration, an IPv6/IPv4 node that resides within an IPv4 infrastructure creates an IPv6 over IPv4 tunnel to reach another IPv6/IPv4 node that resides within the same IPv4 infrastructure. The tunnel endpoints span the entire path between the source and destination nodes. Host-to-router or Router-to-host IPv6 over IPv4 tunnel IPv6/IPv4 Node A IPv6 Node B IPv6/IPv4 router IPv6-capable infrastructure Host-host IPv6 over IPv4 tunnel IPv4-only infrastructure IPv6/IPv4 node 26

27 Types of Tunnels Tunnel Key Points
Course 6421A Types of Tunnels Module 5: Configuring and Troubleshooting IPv6 TCP/IP Tunnel Key Points Configured Requires manual configuration of tunnel endpoints Automatic Tunnel endpoints are determined automatically by the use of logical tunnel interfaces, routes, and destination IPv6 addresses Configured A configured tunnel requires manual configuration of tunnel endpoints. In a configured tunnel, the IPv4 addresses of tunnel endpoints are not derived from addresses that are encoded in the next-hop address when sending or forwarding the packet. Typical for router-to-router configurations. Automatic An automatic tunnel is a tunnel that does not require manual configuration. Tunnel endpoints for automatic tunnels are determined by the use of routes, next-hop addresses based on destination IPv6 addresses, and logical tunnel interfaces. Automatic tunnels support Intra-Site Automatic Tunnel Addressing Protocol (ISATAP). 27

28 Tunneling Technologies Usage
Course 6421A Tunneling Technologies Usage Module 5: Configuring and Troubleshooting IPv6 TCP/IP Tunneling Technology Usage ISATAP Local intranets Autoconfiguration on host Allows IPv6 nodes to communicate over an IPv4 subnet Enabled by default 6to4 IPv6 to IPv6 networks over the IPv4 Internet Teredo IPv6 to IPv6 through IPv4 NAT Disabled by default ISATAP ISATAP tunneling is used in local intranets. It takes advantage of autoconfiguration and is the primary way in which IPv6 nodes communicate over IPv4. ISATAP addresses are enabled by default. 6to4 6to4 tunneling allows IPv6 routers and hosts to communicate over the IPv4 Internet. 6to4 also is autoconfigured on the host and may require the manual configuration of a 6to4 router. Teredo Teredo is a tunneling technology used to traverse IPv4 Network Address Translations (NATs) to allow IPv6 networks to communicate. Additionally, explain that PortProxy facilitates communication between nodes or applications that cannot connect using a common Internet layer protocol (IPv4 or IPv6). PortProxy facilitates communication between nodes or applications that cannot connect using a common Internet layer protocol (IPv4 or IPv6) 28

29 What Is ISATAP Tunneling?
Course 6421A What Is ISATAP Tunneling? Module 5: Configuring and Troubleshooting IPv6 TCP/IP ISATAP addresses: [64-bit unicast prefix]:0:5EFE:w.x.y.z w.x.y.z is a public or private IPv4 address Example: FE80::5EFE: Address assignment and automatic tunneling technology for unicast IPv6 traffic between IPv6/IPv4 nodes across an IPv4 intranet ISATAP treats an IPv4 infrastructure as a single link An IPv6 transition technology named ISATAP (RFC 4214) allows you to deploy unicast IPv6 connectivity on an existing IPv4 networking environment. Its impact on your IPv4 support infrastructure is reduced to the configuration of one ISATAP router. With ISATAP, IPv4- dependent applications continue to utilize IPv4 while you can deploy newer IPv6-capable applications immediately. Both types of traffic will share a single common IPv4 infrastructure. You can use ISATAP-based connectivity immediately to deliver IPv6 services while the IPv4- only infrastructure is migrated gradually to integrate native IPv6 capabilities. This is useful because organizations can begin to deploy IPv6 infrastructure and applications into their environments without significant investment in new technology. ISATAP is an address-assignment and host-to-host, host-to-router, and router-to-host automatic tunneling technology that you can use to provide unicast IPv6 connectivity between IPv6/IPv4 hosts across an IPv4 intranet. ISATAP Router ISATAP allows IPv6 clients in an IPv4 subnet communicate without additional manual configuration. An ISATAP router allows the clients to communicate with other IPv6 clients in pure IPv6 or mixed subnets. How ISATAP tunneling works Use the diagram portion of the build slide to explain how ISATAP tunneling works. ISATAP tunneling can be initiated in several ways. The ISATAP router can be resolved by resolving the name “ISATAP” to an IPv4 address or by using the Netsh Interface IPv6 ISATAP set Router command. To resolve “ISATAP” in the naming infrastructure, it is important to define the name at a level that works best for the administrator. After the router is found, the host will communicate with the router using IPv4. The router will provide information to the host about the IPv6 ISATAP network prefix and whether the particular router is a default router. 29

30 Module 5: Configuring and Troubleshooting IPv6 TCP/IP
Course 6421A What Is 6to4 Tunneling? Module 5: Configuring and Troubleshooting IPv6 TCP/IP 6to4 address: 2002:WWXX:YYZZ:Subnet_ID:Interface_ID Address assignment and automatic tunneling technology for unicast traffic between IPv6/IPv4 nodes across the IPv4 Internet 6to4 treats the IPv4 Internet as a single link Field Value IPv6 Source Address 2002:9D3C:5B7B:1::1 IPv6 Destination Address 2002:836B:D231:2::3 IPv4 Source Address IPv4 Destination Address IPv6 host B IPv6/IPv4 6to4 relay 6to4 router IPv6 host C IPv6 Internet IPv6 host D IPv6-only IPv6 host A Site 1 Site 2 IPv4 Internet Explain that you use 6to4 tunneling when there is a need to connect IPv6 hosts and networks that are connected using only IPv4. This is used commonly in a router-to-router configuration to connect two business networks that are using IPv6. 6to4 is an address-assignment and router-to-router, host-to-router, and router-to-host automatic tunneling technology that you can use to provide unicast IPv6 connectivity between IPv6 sites and hosts across the IPv4 Internet. 6to4 treats the entire IPv4 Internet as a single link. 6to4 is described in RFC 3056. Explain that in a 6to4 address, WWXX:YYZZ is the colon-hexadecimal representation of w.x.y.z, a public IPv4 address. 6to4 router functionality Describe the functionality of a 6to4 router: Enables IPv6 forwarding on both the 6to4 tunneling and private interfaces. Connects the private interface to a single-subnet intranet, and uses private IPv4 addresses from the /24 prefix. Determines a 64-bit IPv6 subnet prefix to advertise on the private intranet. Enables the 6to4 component to derive the intranet subnet prefix from 2002:WWXX:YYZZ:InterfaceIndex::/64, in which InterfaceIndex is the interface index of the private interface. Sends Router Advertisement messages on the private interface. Enables the router advertisements to advertise the Internet Connection Sharing computer as a default router and contain the derived 6to4 subnet prefix. How 6to4 tunneling works Explain how 6to4 tunneling works by using the diagram and table in the second portion of the build slide. Within a site, local IPv6 routers advertise 2002:WWXX:YYZZ:Subnet_ID::/64 subnet prefixes so that hosts autoconfigure 6to4 addresses. IPv6 routers within the site deliver traffic between 6to4 hosts. Hosts on individual subnets are configured automatically with a 64-bit subnet route for direct delivery to neighbors and a default route with the next-hop address of the advertising router. IPv6 traffic that does not match any of the subnet prefixes that the site uses is forwarded to a 6to4 router on the site border. The 6to4 router on the site border has a 2002::/16 route that forwards traffic to other 6to4 sites and a default route (::/0) that forwards traffic to a 6to4 relay.

31 What Is Teredo Tunneling?
Course 6421A What Is Teredo Tunneling? Module 5: Configuring and Troubleshooting IPv6 TCP/IP Address-assignment and automatic tunneling technology for unicast traffic between IPv6/IPv4 nodes located behind one or more IPv4 NATs on the IPv4 Internet Automatically adjusts behavior based on the type of the local NAT Establish a Teredo server 1 Establish communications between Teredo clients 3 Discover the kind of NAT running at a given host 2 How Teredo works: Overview of Teredo tunneling Teredo tunneling is used to tunnel across the IPv4 network when the clients are behind an IPv4 NAT. Ensure that students understand the difference between 6to4 and Teredo tunneling, and that Teredo is designed as a last resort transition technology for IPv6 connectivity. If native IPv6, ISATAP, or 6to4 connectivity is present between communicating nodes, Teredo is not used. As more IPv4 NATs are upgraded to support 6to4 and IPv6 connectivity, Teredo will be used less and less, until eventually it is not used at all. The Teredo client resolves the name teredo.ipv6.microsoft.com for Teredo servers. Based on responses, the Teredo client determines: The Teredo server IPv4 address. The type of NAT. Externally mapped address and port for Teredo traffic. Teredo components Teredo client. An IPv6/IPv4 node that supports a Teredo tunneling interface through which packets are tunneled to either other Teredo clients or nodes on the IPv6 Internet through a Teredo relay. Teredo server. An IPv6/IPv4 node that is connected to both the IPv4 Internet and the IPv6 Internet. The role of the Teredo server is to assist in the initial configuration of Teredo clients and to facilitate the initial communication between either Teredo clients in different sites or between Teredo clients and IPv6-only hosts on the IPv6 Internet. Teredo relay. An IPv6/IPv4 router that can forward packets between Teredo clients on the IPv4 Internet and IPv6-only hosts on the IPv6 Internet. Teredo host-specific relay. An IPv6/IPv4 node that has an interface and connectivity to both the IPv4 Internet and the IPv6 Internet, and which can communicate directly with Teredo clients over the IPv4 Internet without the need for an intermediate Teredo relay. Connectivity to the IPv4 Internet is through a public IPv4 address or a private IPv4 address and a neighboring NAT. Connectivity to the IPv6 Internet is through a direct connection to the IPv6 Internet or through an IPv6 transition technology, such as 6to4. 31

32 Process for Transitioning to IPv6
Course 6421A Process for Transitioning to IPv6 Module 5: Configuring and Troubleshooting IPv6 TCP/IP Applications 1 The migration from IPv4 to IPv6 is expected to take considerable amount of time. This reality was taken into consideration when designing IPv6. As a result, the IPv6 transition plan is a multistep process that allows for extended coexistence. To achieve the goal of a pure IPv6 environment, the following general process guidelines are provided: Upgrade your applications to be independent of IPv6 or IPv4. Update the DNS infrastructure to support IPv6 address and PTR records. Upgrade hosts to IPv6/IPv4 nodes. Upgrade routing infrastructure for native IPv6 routing. Convert IPv6/IPv4 nodes to IPv6-only nodes. DNS infrastructure 2 Upgrade hosts to IPv6/IPv4 nodes 3 Upgrade routing infrastructure for native IPv6 routing 4 Convert IPv6/IPv4 nodes to IPv6-only nodes 5

33 Methods Used to Troubleshoot IPv6
Course 6421A Methods Used to Troubleshoot IPv6 Module 5: Configuring and Troubleshooting IPv6 TCP/IP Verify IPv6 connectivity View/manage Configuration w/ ipconfig and netsh Verify reach-ability w/ ping and pathping Check Packet filtering View / manage IPv6 routing table w/ rout print ü To troubleshoot IPv6, depending on the type of problem, you can: Start at the bottom of the stack, and move up. Start at the top of the stack, and move down. When starting at the top of the stack, the methods used to troubleshoot IPv6 include: Verify IPv6 connectivity: Verify configuration. Manage configuration. Verify reachability. View and manage the IPv6 routing table. Verify router reliability. Verify DNS name resolution for IPv6 addresses: Verify DNS configuration. Display and flush the DNS client resolver cache. Test DNS name resolution with the Ping tool. Use the Nslookup tool to view DNS server responses. Verify IPv6-based TCP sessions: Check for packet filtering. Verify TCP connection establishment. Verify DNS name resolution for IPv6 addresses Verify DNS configuration Display and flush DNS client resolver cache Use ping and nslookup tool ü Verify IPv6-based TCP connections Check for packet filtering Verify TCP Connection establishment ü

Download ppt "Module 5: Configuring and Troubleshooting IPv6 TCP/IP"

Similar presentations

Future Directions For IP Architectures Ipv6 Cs686 Sadik Gokhan Caglar.

Future Directions For IP Architectures Ipv6 Cs686 Sadik Gokhan Caglar.
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
December 5, 2007 CS-622 IPv6: The Next Generation 1 IPv6 The Next Generation Saroj Patil Nadine Sundquist Chuck Short CS622-F2007 University of Colorado,

December 5, 2007 CS-622 IPv6: The Next Generation 1 IPv6 The Next Generation Saroj Patil Nadine Sundquist Chuck Short CS622-F2007 University of Colorado,
1 IPv6. 2 Problem: 32-bit address space will be completely allocated by 2008. Solution: Design a new IP with a larger address space, called the IP version.

1 IPv6. 2 Problem: 32-bit address space will be completely allocated by Solution: Design a new IP with a larger address space, called the IP version.
IPV6. Features of IPv6 New header format Large address space More efficient routing IPsec header support required Simple automatic configuration New protocol.

IPV6. Features of IPv6 New header format Large address space More efficient routing IPsec header support required Simple automatic configuration New protocol.
Implementing IPv6 Module B 8: Implementing IPv6

Implementing IPv6 Module B 8: Implementing IPv6
IPv4 & IPv6 Coexistence & Migration Joe Zhao SW2 Great China R&D Center ZyXEL Communications, Inc.

IPv4 & IPv6 Coexistence & Migration Joe Zhao SW2 Great China R&D Center ZyXEL Communications, Inc.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Introduction to IPv4 Introduction to Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Introduction to IPv4 Introduction to Networks.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Limited address space The most visible and urgent problem with using IPv4 on the modern Internet is the rapid depletion of public addresses. Due to the.

Limited address space The most visible and urgent problem with using IPv4 on the modern Internet is the rapid depletion of public addresses. Due to the.
1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.

1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.
Module 4: Configuring Network Connectivity

Module 4: Configuring Network Connectivity
IPv6 Network Security.

IPv6 Network Security.
Understanding Internet Protocol

Understanding Internet Protocol
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: IP Addressing Introduction to Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: IP Addressing Introduction to Networks.
思科网络技术学院理事会. 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

思科网络技术学院理事会. 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Configuring and Troubleshooting Network Connections

Configuring and Troubleshooting Network Connections
Chapter 8b Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Describe the structure of an IPv4 address.  Describe.

Chapter 8b Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Describe the structure of an IPv4 address.  Describe.
Module 4: Configuring Network Connectivity

Module 4: Configuring Network Connectivity
1 Chapter Overview IP (v4) Address IPv6. 2 IPv4 Addresses Internet Protocol (IP) is the only network layer protocol with its own addressing system and.

1 Chapter Overview IP (v4) Address IPv6. 2 IPv4 Addresses Internet Protocol (IP) is the only network layer protocol with its own addressing system and.

Similar presentations

Ads by Google