1 / 103

IPv6 Retooling or “I was hoping to retire before I had to learn IPv6.”

IPv6 Retooling or “I was hoping to retire before I had to learn IPv6.”. Rick Graziani Cabrillo College Spring 2012. Agenda. 1:00 pm (Why IPv6?) IPv6 Address Notation, Structure and Subnetting IPv6 Address Types Static Global Unicast Link-local Unicast 2:00 or 2:15 pm

Jims
Télécharger la présentation

IPv6 Retooling or “I was hoping to retire before I had to learn IPv6.”

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IPv6 Retoolingor“I was hoping to retire before I had to learn IPv6.” Rick Graziani Cabrillo College Spring 2012

  2. Agenda 1:00 pm • (Why IPv6?) • IPv6 Address Notation, Structure and Subnetting • IPv6 Address Types • Static Global Unicast • Link-local Unicast 2:00 or 2:15 pm • Packet Tracer Exercise: • Configuring Static Global Unicast and Link-local unicast Addresses 3:00 pm • Other IPv6 Address Types • EUI-64 • Host Configuration • DHCPv6 • OSPFv3 4:00 or 4:15 pm • Packet Tracer Exercise: • Configuring OSPFv3

  3. Where to go for more information

  4. Preparation IPv6 Addressing: Learn It (Use It, Teach It) • Experience a fresh and focused approach to understanding the various types of IPv6 addressing. Understanding IPv6 addresses (including Unicast, Anycast and Multicast) is fundamental to understanding how IPv6 is implemented in a network. ICMPv6 & Neighbor Discovery Protocol: Learn It (Use It, Teach It) • Description: IPv6 isn't just a longer address but a new way the network does business. ICMPv6 and Neighbor Discovery Protocol are at the heart of how the network operates.

  5. Important moments in history… • Monday, January 31, 2011 IANA allocated two blocks of IPv4 address space to APNIC, the RIR for the Asia Pacific region (39/8 and 106/8) • This triggered a global policy to allocate the remaining IANA pool of 5 /8’s equally between the five RIRs.

  6. Overall IP Address Authority RIR IPv4 Address Run-Down Model http://www.potaroo.net/tools/ipv4/index.html

  7. IPv6: More than just larger addresses… Comparing IPv4 and IPv6 Headers 32 32 16 16 128 bits 128 bits 7

  8. IPv6 is also about a new way of doing business ipv6 unicast-routing R1 Link-local address automatically created Link-local address “I just created myself an IPv6 address just for my own link.” Global unicast address created using stateless autoconfiguration 1 NDP Router Solicitation “Hey router, I need addressing and configuration information from you.” NDP Router Advertisement “Here is our network prefix (address), prefix-length (subnet mask), default gateway address and some other info.” (OR “You need to ask a DHCPv6 server.” ) 2 “I can now configure a global routable IPv6 address and I know my default gateway address without talking to a DHCPv6 server.” 3 DAD performed on global unicast address Neighbor Solicitation Message “Is anyone else using my IPv6 address?” Address Resolution (ARP) 1 Neighbor Solicitation Message “I know your IPv6 address, what is your MAC address?” NDP Neighbor Advertisement “Here is my MAC address.” 2

  9. IPv6 Address Notation, Structure and Subnetting

  10. IPv6 Address Notation One Hex digit = 4 bits • 340 trillion trillion trillion addresses, enough for every grain of sand on earth. • 340 undecillion • 128-bit IPv6 addresses are represented in: • Eight 16-bit segments • Hexadecimal (non-case sensitive) between 0000 and FFFF • Separated by colons • Example: 3ffe:1944:0100:000a:0000:00bc:2500:0d0b

  11. Rule 1: Leading 0’s • Two rules for reducing the size of written IPv6 addresses. • The first rule is: • The leading zeroes in any 16-bit segment do not have to be written. • Example • 3ffe : 1944 : 0100 : 000a : 0000 : 00bc : 2500 : 0d0b • 3ffe : 1944 : 100 : a : 0 : bc : 2500 : d0b

  12. Rule 1: Leading 0’s Examples 3ffe : 0404 : 0001 : 1000 : 0000 : 0000 : 0ef0 : bc00 3ffe : 404 : 1 : 1000 : 0 : 0 : ef0 : bc00 3ffe : 0000 : 010d : 000a : 00dd : c000 : e000 : 0001 3ffe : 0 : 10d : a : dd : c000 : e000 : 1 ff02 : 0000 : 0000 : 0000 : 0000 : 0000 : 0000 : 0005 ff02 : 0 : 0 : 0 : 0 : 0 : 0 : 5

  13. Rule 1: Leading 0’s • Only leading zeroes can be omitted; trailing zeroes cannot, because doing so would make the segment ambiguous. 3ffe : 1944 : 100 : a : 0 : bc : 2500 : d0b Correct Original Address 3ffe : 1944 : 0100 : 000a : 0000 : 00bc : 2500 : 0d0b Wrong, Ambiguous Original Address 3ffe : 1944 : 1000 : a000 : 0000 : bc00 : 2500 : d0b0

  14. Rule 2: Double colon :: equals 0000…0000 • The second rule can reduce this address even further: • Any single, contiguous string of one or more 16-bit segments consisting of all zeroes can be represented with a double colon. ff02 : 0000 : 0000 : 0000 : 0000 : 0000 : 0000 : 0005 ff02 : 0 : 0 : 0 : 0 : 0 : 0 : 5 ff02 : : 5 ff02::5

  15. Rule 2: Double colon :: equals 0000…0000 • Only a single contiguous string of all-zero segments can be represented with a double colon. • Example: Both of these are correct 2001 : 0d02 : 0000 : 0000 : 0014 : 0000 : 0000 : 0095 2001 : d02 :: 14 : 0 : 0 : 95 OR 2001 : d02 : 0 : 0 : 14 :: 95

  16. Rule 2: Double colon :: equals 0000…0000 • Using the double colon more than once in an IPv6 address can create ambiguity because of the ambiguity in the number of 0’s. • Example 2001:d02::14::95 2001:0d02:0000:0000:0014:0000:0000:0095 2001:0d02:0000:0000:0000:0014:0000:0095 2001:0d02:0000:0014:0000:0000:0000:0095

  17. Network Prefixes • IPv4, the prefix—the network portion of the address—can be identified by a dotted decimal netmask or bitcount. 255.255.255.0 or /24 • IPv6 prefixes are always identified by bitcount (prefix length). • Prefix length notation: 3ffe:1944:100:a::/64 16 32 48 64 bits

  18. Each hexadecimal digit is 4 bits; A hextet is a 16-bit segment 2001:0DB8:AAAA:1111:0000:0000:0000:0100/64 2001 : 0DB8 : AAAA : 1111 : 0000 : 0000 : 0000 : 0100 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits

  19. Structure of a Global Unicast Address for a typical site /48 /64 Subnet ID Global Routing Prefix Interface ID 64 bits 48 bits 16 bits Interface-ID = 64bits Prefix Length = 64bits 2001 : 0DB8 : AAAA : 1111 : 0000 : 0000 : 0000 : 0100

  20. Global Unicast Addresses and the 3-1-4 rule /48 /64 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits Subnet ID Global Routing Prefix Interface ID 3 1 4 2001 : 0DB8 : AAAA : 1111 : 0000 : 0000 : 0000 : 0100

  21. Subnetting IPv6 • 4 specific subnets to be used inside Company1: • 2340:1111:AAAA:0001::/64 • 2340:1111:AAAA:0002::/64 • 2340:1111:AAAA:0003::/64 • 2340:1111:AAAA:000A::/64 • Note: A valid abbreviation is to remove the 3 leading 0’s from the first shown quartet. • 2340:1111:AAAA:1::/64

  22. Subnetting into the Interface ID /112 /48 16bits 48 bits 64 bits Global Routing Prefix (Assigned by ISP) Subnet ID Prefix Interface ID Subnet-ID Interface ID Global Routing Prefix 2001 : 0DB8 : AAAA : 0000 : 0000 : 0000 : 0000 : 0000 2001 : 0DB8 : AAAA : 0000 : 0000 : 0000 : 0001 : 0000 2001 : 0DB8 : AAAA : 0000 : 0000 : 0000 : 0002 : 0000 thru 2001 : 0DB8 : AAAA : FFFF : FFFF : FFFF : FFFE : 0000 2001 : 0DB8 : AAAA : FFFF : FFFF : FFFF : FFFF : 0000

  23. Subnetting on a nibble boundary /68 /48 48 bits 20 bits 60 bits Global Routing Prefix (Assigned by ISP) Subnet ID Interface ID Subnet Prefix /68 • Subnetting on a nibble (4 bit) boundary makes it easier to list the subnets. • 64 – 68 - 72 – etc. • 2001:0DB8:AAAA:0000:0000::/68 • 2001:0DB8:AAAA:0000:1000::/68 • 2001:0DB8:AAAA:0000:2000::/68 • thru • 2001:0DB8:AAAA:FFFF:F000::/68

  24. Subnetting within a nibble /70 /48 48 bits 22 bits 58 bits Global Routing Prefix (Assigned by ISP) Subnet ID Interface ID Subnet Prefix /70 • 2001:0DB8:AAAA:0000:0000::/70 0000 • 2001:0DB8:AAAA:0000:0400::/70 0100 • 2001:0DB8:AAAA:0000:0800::/70 1000 • 2001:0DB8:AAAA:0000:0C00::/70 1100 Four Bits: The two leftmost bits are part of the Subnet-ID, whereas the two rightmost bits belong to the Interface ID.

  25. IPv6 Address Types

  26. IPv6 Address Types: Starting with Global Unicast IPv6 Addressing Unicast Multicast Anycast Assigned Solicited Node FF00::/8 FF02::1:FF00:0000/104 Embedded IPv4 Unspecified Address Unique Local Global Unicast Link-Local Loopback 2000::/3 3FFF::/3 ::1/128 ::/128 FC00::/7 FDFF::/7 FE80::/10 FEBF::/10 ::/80 Note: There are no broadcast addresses in IPv6

  27. Structure of a Global Unicast Address m bits n bits 128-n-m bits Global Routing Prefix Subnet ID Interface ID Range 2000::/3 to 3FFF::/3 001 • Global unicast addresses are what we similar to IPv4 addresses. • Routable • Unique IANA’s allocation of IPv6 address space in 1/8th sections

  28. Global Routing Prefix Sizes Subnet ID Interface ID Global Routing Prefix /56 /32 /48 /64 /23 *RIR *ISP Prefix *Site Prefix Possible Home Site Prefix Subnet Prefix * This is a minimum allocation. The prefix-length may be less if it can be justified.

  29. Static Global Unicast Addresses Global Unicast Manual Dynamic IPv6 Unnumbered Stateless Autoconfiguration IPv6 Address DHCPv6 Static EUI-64

  30. Global unicast addresses 2001:0DB8:AAAA:0002::/64 Global Unicast: 2001:0DB8:AAAA:1::1/64 Fa0/1 .1 Fa0/0 .2 R1 R2 Fa0/0 2001:0DB8:AAAA:1::/64 Global Unicast: 2001:0DB8:AAAA:1::0100 PC-1

  31. Configuring a Static Global Unicast Address R1(config)# interface fastethernet 0/0 R1(config-if)# ipv6 address 2001:db8:aaaa:1::1/64 R1(config-if)# no shutdown R1(config-if)# • Exactly the same as an IPv4 address only different • No space between IPv6 address and Prefix-length • IOS commands for IPv6 are very similar to their IPv4 counterpart. • All 0’s and all 1’s are valid IPv6 host IPv6 addresses

  32. show running-config command on router R1 R1# show running-config <output omitted for brevity> interface FastEthernet0/0 no ip address duplex auto speed auto ipv6 address 2001:DB8:AAAA:1::1/64 ! interface FastEthernet0/1 no ip address duplex auto speed auto ipv6 address 2001:DB8:AAAA:2::1/64

  33. show ipv6 interface brief command on router R1 R1# show ipv6 interface brief FastEthernet0/0 [up/up] FE80::203:6BFF:FEE9:D480 2001:DB8:AAAA:1::1 FastEthernet0/1 [up/up] FE80::203:6BFF:FEE9:D481 2001:DB8:AAAA:2::1 R1# Link-local unicast address Global unicast address • Link-local address automatically created when (before) the global unicast address is. • We will discuss link-local addresses next.

  34. show ipv6 interface fastethernet 0/0 command on R1 R1# show ipv6 interface fastethernet 0/0 FastEthernet0/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::203:6BFF:FEE9:D480 Global unicast address(es): 2001:DB8:AAAA:1::1, subnet is 2001:DB8:AAAA:1::/64 Joined group address(es): FF02::1 FF02::2 FF02::1:FF00:1 FF02::1:FFE9:D480 MTU is 1500 bytes ICMP error messages limited to one every 100 milliseconds ICMP redirects are enabled ND DAD is enabled, number of DAD attempts: 1 ND reachable time is 30000 milliseconds ND advertised reachable time is 0 milliseconds ND advertised retransmit interval is 0 milliseconds ND router advertisements are sent every 200 seconds ND router advertisements live for 1800 seconds Hosts use stateless autoconfig for addresses. R1#

  35. PC-1: Static Global Unicast Address 2001:0DB8:AAAA:0002::/64 Global Unicast: 2001:0DB8:AAAA:1::1/64 Fa0/1 .1 Fa0/0 .2 R1 R2 Fa0/0 2001:0DB8:AAAA:1::0100 64 2001:0DB8:AAAA:1::1 2001:0DB8:AAAA:1::/64 Global Unicast: 2001:0DB8:AAAA:1::0100 PC-1

  36. Link-local Unicast IPv6 Addressing Unicast Multicast Anycast Assigned Solicited Node FF00::/8 FF02::1:FF00:0000/104 Embedded IPv4 Unspecified Address Unique Local Global Unicast Link-Local Loopback 2000::/3 3FFF::/3 ::1/128 ::/128 FC00::/7 FDFF::/7 FE80::/10 FEBF::/10 ::/80

  37. Link-local unicast address Remaining 54 bits 64 bits 10 bits /64 1111 1110 10 Interface ID FE80::/10 EUI-64, Random or Manual Configuration • Link-local addresses: • Used to communicate with other devices on the link. • Are NOT routable off the link. • An IPv6 device must have at least a link-local address. • Used by: • Hosts to communicate to the IPv6 network before it has a global unicast address. • Used as the default gateway address by hosts. • Adjacent routers to exchange routing updates

  38. Link-local addresses 2001:0DB8:AAAA:0002::/64 Global Unicast: 2001:0DB8:AAAA:1::1/64 Fa0/1 .1 Fa0/0 .2 R1 R2 Link-local address: ? Fa0/0 • Link-local address automatically created when (before) the global unicast address is. • FE80 + 64-bit Interface ID • EUI-64 Format • Randomly generated • Link-local address can also be created statically. 2001:0DB8:AAAA:1::/64 Global Unicast: 2001:0DB8:AAAA:1::0100 PC-1 Link-local address: ?

  39. IPv6 link-local addresses for PC1 and PC2 /64 FE80 :: Interface ID PC1> ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : IPv6 Address. . . . . . . . . . . : 2001:db8:aaaa:1::100 Link-local IPv6 Address . . . . . : fe80::50a5:8a35:a5bb:66e1%11 Default Gateway . . . . . . . . . : 2001:db8:aaaa:1::1 EUI-64, Random or Manual Configuration • Windows operating systems, Windows XP and Server 2003 use EUI-64. • Windows Vista and newer do not use EUI-64 create a random 64-bit Interface ID. The %value following the link-local address is a Windows Zone ID and not part of IPv6.

  40. R1’s Link-local address on Fa 0/0 Link-local address using EUI-64 format R1# show ipv6 interface fastethernet 0/0 FastEthernet0/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::203:6BFF:FEE9:D480 Global unicast address(es): 2001:DB8:AAAA:1::1, subnet is 2001:DB8:AAAA:1::/64 Joined group address(es): FF02::1 FF02::2 FF02::1:FF00:1 FF02::1:FFE9:D480 <output omitted for brevity> R1# show interface fastethernet 0/0 FastEthernet0/0 is up, line protocol is up Hardware is AmdFE, address is 0003.6be9.d480 (bia 0003.6be9.d480) MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 <output omitted for brevity> Ethernet MAC address

  41. R1’s MAC Address for FastEthernet 0/0 OUI (Organization Unique Identifier) 48 bits Device Identifier 48 bits Hexadecimal 00 03 6B E9 D4 80 Binary 0000 0000 0000 0011 0110 1011 1110 1001 1101 0100 1000 0000

  42. Modified EUI-64 Format: Create a 64-bit Interface ID from a 48-bit address OUI (Organization Unique Identifier) 48 bits Device Identifier 48 bits Hexadecimal 00 03 6B E9 D4 80 Step 1: Split the MAC address 0000 0000 0000 0011 0110 1011 1110 1001 1101 0100 1000 0000 Binary Step 2: Insert FFFE 1111 1111 1110 1001 1101 0100 1000 0000 0000 0000 0000 0011 0110 1011 1111 1110 Binary Step 3: Flip the U/L bit 0000 0010 0000 0011 0110 1011 1111 1111 1110 1001 1101 0100 1000 0000 1111 1110 Binary Modified EUI-64 Interface ID in Hexadecimal Notation FF FE 02 03 6B E9 D4 80 Binary

  43. R1’s Link-local address on Fa 0/0 Link-local address using EUI-64 format R1# show ipv6 interface fastethernet 0/0 FastEthernet0/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::203:6BFF:FEE9:D480 Global unicast address(es): 2001:DB8:AAAA:1::1, subnet is 2001:DB8:AAAA:1::/64 Joined group address(es): FF02::1 FF02::2 FF02::1:FF00:1 FF02::1:FFE9:D480 <output omitted for brevity> R1# show interface fastethernet 0/0 FastEthernet0/0 is up, line protocol is up Hardware is AmdFE, address is 0003.6be9.d480 (bia 0003.6be9.d480) MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 <output omitted for brevity> Ethernet MAC address

  44. IPv6 Topology with Link-local addresses 2001:0DB8:AAAA:0002::/64 FE80::1 FE80::2 Global Unicast: 2001:0DB8:AAAA:1::1/64 Fa0/1 .1 Fa0/0 .2 R1 R2 FE80::203:6BFF:FEE9:D480 (EUI-64) FE80::1 Fa0/0 • Dynamic link-local addresses can make it difficult to identify the device. • Because routers use link-local addresses for exchanging routing updates and hosts use it as their default gateway address, it is advantageous to use a static address that we can easily remember and identify. • Link-local addresses only have to be unique on the link! 2001:0DB8:AAAA:1::/64 Global Unicast: 2001:0DB8:AAAA:1::0100 PC-1 FE80::50A5:8A35:A5BB:66E1 (Random)

  45. Ping link-local address R1# ping fe80::2 Output Interface: ser 0/0/0 % Invalid interface. Use full interface name without spaces (e.g. Serial0/1) Output Interface: serial0/0/0 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to FE80::2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 4/26/32 ms R1# • Can ping link-local addresses but must include exit-interface.

  46. ipv6 enable command Router(config)# interface fastethernet 0/1 Router(config-if)# ipv6 enable Router(config-if)# end Router# show ipv6 interface brief FastEthernet0/1 [up/up] FE80::20C:30FF:FE10:92E1 Router# • Link-local addresses are automatically created whenever a global unicast address is configured. • If all global unicast addresses on the interface is removed (no command) then the link-local address is removed as well. • The ipv6 enable command will: • Create a link-local address when there is no global unicast address • Maintain the link-local address even when the global unicast address is removed.

  47. 2001:0DB8:AAAA:2::/64 2001:0DB8:AAAA:3::/64 FE80::1 FE80::2 FE80::2 FE80::3 Fa0/1 .1 Fa0/0 .2 R1 R2 R3 Fa0/0 FE80::3 Fa0/0 FE80::1 Configuring static link-local addresses 2001:0DB8:AAAA:1::/64 2001:0DB8:AAAA:4::/64 R1(config)# ipv6 unicast-routing R2(config)# ipv6 unicast-routing R3(config)# ipv6 unicast-routing • A router’s interfaces can be enabled for IPv6 like any other device on the network. • For the router to “act” as an IPv6 router it must be enabled with the ipv6-unicast routing command. • This enables the router to: • Send Router Advertisement messages (coming). • Enable the forwarding of IPv6 packets. • Participate in IPv6 routing protocols (RIPng, EIGRP for IPv6, OSPFv3)

  48. Global Unicast Addresses PC-1: Dynamic? Router: Dynamic? 2001:0DB8:AAAA:0002::/64 Global Unicast: 2001:0DB8:AAAA:1::1/64 Fa0/1 .1 Fa0/0 .2 R1 R2 Fa0/0 2001:0DB8:AAAA:1::/64 After the lab! PC-1 Global Unicast: ?????

  49. Packet Tracer Exercise:Configuring Static Global Unicast and Link-local unicast Addresses

  50. Configure global unicast and link-local addresses on all routers. • Link-local addresses: • R1: FE80::1 • R2: FE80::2 • R3: FE80::3 • R4: FE80::4 • Hosts are preconfigured • Examine global, link-local and default gateway addresses • Add new hosts Rick’s Café Network Topology PC-2 2001:0DB8:CAFE:0002::/64 Fa 0/0 Rick’s Cafe 2001:0DB8:CAFE::/48 Ser 0/0/0 .2 Ser 0/0/1 .1 R2 2001:0DB8:CAFE:A001::/64 2001:0DB8:CAFE:A002::/64 Ser 0/0/0 .1 2001:0DB8:FEED:0001::/64 Link to ISP Ser 0/0/1 .2 2001:0DB8:CAFE:A003::/64 Ser 0/0/1 .1 Ser 0/0/ .1 Ser 0/0/0 .2 Ser 0/0/0 .2 R1 R3 ISP Fa 0/0 Fa 0/0 Fa 0/0 2001:0DB8:CAFE:0001::/64 2001:0DB8:CAFE:0003::/64 2001:0DB8:FACE:C0DE::/64 PC-4 PC-1 PC-3

More Related