1. IPv6 Next Generation IP - Hoje DETALHES PRÁTICOS cfriacas@fccn.pt 26/11/2002

2. Endereços :: - pode ser usado apenas uma vez 2001:690:1fff:bb::24 = 2001:0690:1fff:00bb:0000:0000:0000:0024 16 bits: de 0000 a ffff (hexadecimal) Máscara de rede: / (de 0 a 128) Possibilita a utilização de endereços como ::CAFE ou ::ABBA

3. Endereços Facilidade de memorização –fronteira do «provider/isp» nos 32 bytes –ex: 2001:690: ::/0 (Default Route) ::1 (Localhost), similar a 127.0.0.1 (ipv4)

4. DNS BIND >9.2.1 AAAA records –www.ip6.fccn.pt. IN A194.210.30.250 –www.ip6.fccn.pt. IN AAAA 2001:690:1fff:200::2 PTR records –0.9.6.0.1.0.0.2.ip6.arpa. [os zeros não se omitem]

5. DNS Problema: Duas Árvores de Reverse –A) ip6.int (6bone) –B) ip6.arpa (RIRs) –Esta dualidade está a dificultar a camada aplicacional –Está em equação a fusão das duas hierharquias, debaixo de ip6.arpa, com gestão dos RIRs

6. DNS Servidores de DNS (em sockets de IPv6) – > DiG 9.2.1 > @2001:690:1fff:100::2 www.ip6.fccn.pt aaaa ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9436 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 5 ;; QUESTION SECTION: www.ip6.fccn.pt.INAAAA ;; ANSWER SECTION: www.ip6.fccn.pt. 86400INAAAA 2001:690:1fff:200::2 ;; AUTHORITY SECTION: ip6.fccn.pt.86400INNS ns02.fccn.pt. ip6.fccn.pt.86400INNS serv6.tbed.ip6.fccn.pt. ip6.fccn.pt.86400INNSdeepsix.ip6.fccn.pt. ;; ADDITIONAL SECTION: (…) ;;Query time: 22 msec;; ;;SERVER: 2001:690:1fff:100::2#53(2001:690:1fff:100::2) ;; WHEN: Tue Nov 26 09:48:12 2002 ;; MSG SIZE rcvd: 243

7. Aplicações de Rede Ping6 –ping6 -c 10 www.kame.net PING www.kame.net(2001:200:0:4819:210:f3ff:fe03:4d0) 56 data bytes 64 bytes from 2001:200:0:4819:210:f3ff:fe03:4d0: icmp_seq=1 ttl=49 time=416ms 64 bytes from 2001:200:0:4819:210:f3ff:fe03:4d0: icmp_seq=2 ttl=49 time=419ms 64 bytes from 2001:200:0:4819:210:f3ff:fe03:4d0: icmp_seq=3 ttl=49 time=412ms 64 bytes from 2001:200:0:4819:210:f3ff:fe03:4d0: icmp_seq=4 ttl=49 time=412ms 64 bytes from 2001:200:0:4819:210:f3ff:fe03:4d0: icmp_seq=5 ttl=49 time=416ms 64 bytes from 2001:200:0:4819:210:f3ff:fe03:4d0: icmp_seq=6 ttl=49 time=423ms 64 bytes from 2001:200:0:4819:210:f3ff:fe03:4d0: icmp_seq=7 ttl=49 time=411ms 64 bytes from 2001:200:0:4819:210:f3ff:fe03:4d0: icmp_seq=8 ttl=49 time=412ms 64 bytes from 2001:200:0:4819:210:f3ff:fe03:4d0: icmp_seq=9 ttl=49 time=415ms 64 bytes from 2001:200:0:4819:210:f3ff:fe03:4d0: icmp_seq=10 ttl=49 time=414ms --- www.kame.net ping statistics --- 10 packets transmitted, 10 received, 0% loss, time 9090ms rtt min/avg/max/mdev = 411.974/415.666/423.377/3.460 ms

8. Aplicações de Rede Traceroute6 –traceroute www.kame.net traceroute to apple.kame.net (2001:200:0:4819:210:f3ff:fe03:4d0) from2001:690:1fff:7::170, 30 hops max, 16 byte packets 1 2001:690:1fff:7::1 (2001:690:1fff:7::1) 1.396 ms 1.123 ms 1.649 ms 2 GTIPv6.TUNEL.2.GTFCCN.ip6.fccn.pt (2001:690:1fff:bb::26) 6.545 ms5.145 ms 4.478 ms 3 t_intl_switch.backbone.ipv6.renater.fr (2001:660:80:4130::1) 71.834 ms71.977 ms 70.868 ms 4 2001:660:3000:d:140:11:: (2001:660:3000:d:140:11::) 71.444 ms * 71.165ms 5 pc7.otemachi.wide.ad.jp (2001:200:0:1802:2e0:18ff:fe98:a28d) 427.215 ms418.534 ms 420.744 ms 6 pc3.nezu.wide.ad.jp (2001:200:0:1c03:2e0:18ff:fe98:9bb3) 424.779 ms470.879 ms 424.821 ms 7 pc7.nezu.wide.ad.jp (2001:200:0:1c03:250:daff:fe88:b94e) 418.051 ms421.481 ms 421.636 ms 8 pc3.yagami.wide.ad.jp (2001:200:0:1c04::1000:2000) 422.425 ms 423.934ms 424.732 ms 9 gr2000.k2c.wide.ad.jp (2001:200:0:4819::2000:1) 425.715 ms 421.81 ms427.248 ms 10 2001:200:0:4819:210:f3ff:fe03:4d0 (2001:200:0:4819:210:f3ff:fe03:4d0)425.515 ms 426.584 ms 428.732 ms

9. Segurança NMAP6 –nmap6 2001:690:1fff:200::2 Starting nmap V. 2.54BETA36 ( www.insecure.org/nmap/ ) Found route through interface: eth0 Interesting ports on serv6.tbed.ip6.fccn.pt (2001:690:1fff:200::2): (The 1554 ports scanned but not shown below are in state: closed) Port State Service 21/tcp open ftp 22/tcp open ssh 53/tcp open domain 80/tcp open http Nmap run completed -- 1 IP address (1 host up) scanned in 21 seconds

10. Routing Sumário [Cisco] –gt-ipv6#sh ipv6 route summary IPv6 Routing Table Summary - 544 entries 39 local, 35 connected, 24 static, 9 RIP, 408 BGP 29 IS-IS Number of prefixes: /0: 1, /8: 1, /10: 1, /16: 1, /24: 49, /28: 52, /32: 152, /33: 1 /34: 2, /35: 76, /36: 2, /40: 8, /44: 2, /48: 64, /60: 1, /64: 43 /96: 1, /126: 1, /127: 45, /128: 41

11. Looking Glass

12. BGP4+ Protocolo Exterior Sobre linhas nativas e sobre túneis (GRE/IPv6IP) [Cisco] Activação de cada «neighbor» na secção address_family específica

13. BGP4+ Neighbors –gt-ipv6#sh bgp sum BGP router identifier 193.136.2.250, local AS number 1930 BGP table version is 9724, main routing table version 9724 411 network entries and 3091 paths using 264029 bytes of memory 2583 BGP path attribute entries using 155160 bytes of memory 2496 BGP AS-PATH entries using 67220 bytes of memory 94 BGP community entries using 3076 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP activity 668/5991 prefixes, 13388/10297 paths, scan interval 60 secs Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/DownState/PfxRcd 2001:608:0:3::6 4 5539 28188 11930 9724 0 0 07:13:12 400 2001:650:0:2::16 4 3561 21322 12409 9724 0 0 07:13:06 306 2001:660:80:4130::1 4 2200 10710 7238 9724 0 0 07:11:19 289 2001:668:0:3::2:20 4 3257 10702 10735 9724 0 0 07:13:45 1 2001:780::8 4 12337 11266 12036 9724 0 0 07:13:07 276 2001:7F8:2:8006::2 4 1752 7505 11748 9724 0 0 07:13:24 312

14. IGP OSPFv3 suportado pela Juniper Networks e pelo software Zebra IS-IS é o IGP suportado em algumas versões de IOS da Cisco

15. IGP - IS-IS gt-ipv6#sh ipv6 route isis IPv6 Routing Table - 544 entries Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea Timers: Uptime/Expires I1 2001:690:1FFF:BB::/127 [115/20] via FE80::2D0:97FF:FEA4:D820, FastEthernet0/0.6, 3d02h/never I1 2001:690:1FFF:BB::2/127 [115/20] via FE80::2D0:97FF:FEA4:D820, FastEthernet0/0.6, 3d02h/never I1 2001:690:1FFF:BB::4/127 [115/30] via FE80::2D0:97FF:FEA4:D820, FastEthernet0/0.6, 3d02h/never I1 2001:690:1FFF:BB::8/127 [115/20] via FE80::250:50FF:FE0A:9A80, Serial0/1, 3d19h/never via FE80::2D0:97FF:FEA4:D820, FastEthernet0/0.6, 3d02h/never via FE80::250:50FF:FE0A:9A80, FastEthernet0/0.6, 3d02h/never (...) I2 2001:690:1FFF::/48 [115/20] via FE80::2D0:97FF:FEA4:D820, FastEthernet0/0.6, 3d02h/never via FE80::230:80FF:FE3A:2C00, FastEthernet0/0.6, 3d02h/never I2 2001:690::/32 [115/10] via FE80::250:50FF:FE0A:9A80, FastEthernet0/0.6, 3d02h/never via FE80::250:50FF:FE0A:9A80, Serial0/1, 3d02h/never I2 3FFE:31AA::/64 [115/10] via FE80::2D0:97FF:FEA4:D820, FastEthernet0/0.6, 3d02h/never

16. IGP - IS-IS CLNS –gt-ipv6#sh clns neighbors System Id Interface SNPA State Holdtime TypeProtocol 0000.0000.0007 Fa0/0.6 0060.086d.751f Up 26 L2 IS-IS ipv6-pix Fa0/0.6 0050.500a.9a80 Up 76 L1L2 IS-IS maui Fa0/0.6 0030.803a.2c00 Up 79 L1L2 IS-IS 0000.0000.000B Fa0/0.6 0060.974f.942f Init 26 L2 IS-IS lucky6 Fa0/0.6 0002.fd51.4880 Up 87 L1L2 IS-IS gt10 Fa0/0.6 00d0.97a4.d820 Up 76 L1L2 IS-IS horizon6 Fa0/0.6 00e0.8f68.7800 Up 28 L1L2 IS-IS ipv6-pix Se0/1 *PPP* Up 28 L1L2 IS-IS gt10 Se0/3 *PPP* Up 43 L1L2 IS-IS

17. IGP - IS-IS Topologia –gt-ipv6#sh isis topology IS-IS paths to level-1 routers System Id Metric Next-Hop Interface SNPA gt-ipv6 -- gt14 20 gt10 Fa0/0.6 00d0.97a4.d820 gt10 10 gt10 Fa0/0.6 00d0.97a4.d820 ipv6-pix 10 ipv6-pix Fa0/0.6 0050.500a.9a80 ipv6-pix Se0/1 *PPP* horizon6 10 horizon6 Fa0/0.6 00e0.8f68.7800 invicta6 20 gt10 Fa0/0.6 00d0.97a4.d820 lucky6 10 lucky6 Fa0/0.6 0002.fd51.4880 voip6 30 gt10 Fa0/0.6 00d0.97a4.d820 maui 10 maui Fa0/0.6 0030.803a.2c00 TestDoor 20 gt10 Fa0/0.6 00d0.97a4.d820 IS-IS paths to level-2 routers System Id Metric Next-Hop Interface SNPA gt-ipv6 -- gt14 20 gt10 Fa0/0.6 00d0.97a4.d820 gt10 10 gt10 Fa0/0.6 00d0.97a4.d820 (...)

18. Por último... ip6adm@fccn.pt Links –http://www.ip6.fccn.pt –http://www.ipv6forum.org –http://www.hs247.org –http://www.6bone.net –http://www.kame.net