1 / 46

IPv6 技術理論與實務研習班 IPv4/IPv6 轉移機制實習

IPv6 技術理論與實務研習班 IPv4/IPv6 轉移機制實習. 大綱. Configured Tunneling 6to4 Tunnel Tunnel Broker IPv6 封包觀察與分析. 大綱. Configured Tunneling 6to4 Tunnel Tunnel Broker IPv6 封包觀察與分析. Tunneling. 目前大部分的網路仍然是 IPv4 網路,如果有兩個 IPv6 網路要互通,可能需要經過 IPv4 網路的連接。因此就需要使用 Tunnel 的技術。 Tunnel 可分為三種方式:

graham
Télécharger la présentation

IPv6 技術理論與實務研習班 IPv4/IPv6 轉移機制實習

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IPv6 技術理論與實務研習班 IPv4/IPv6轉移機制實習

  2. 大綱 • Configured Tunneling • 6to4 Tunnel • Tunnel Broker • IPv6封包觀察與分析

  3. 大綱 • Configured Tunneling • 6to4 Tunnel • Tunnel Broker • IPv6封包觀察與分析

  4. Tunneling • 目前大部分的網路仍然是IPv4網路,如果有兩個IPv6網路要互通,可能需要經過IPv4網路的連接。因此就需要使用Tunnel的技術。 • Tunnel可分為三種方式: • Automatic Tunneling • Configured Tunneling • 6to4 Tunneling

  5. Automatic Tunneling示意圖

  6. Automatic Tunneling • 雙方必須均為IPv4/IPv6 Dual Stack架構 • WIN2000安裝完IPv6通訊包即可測試 • WIN XP則需進入“命令提示字元 “DOS Mode下 • netsh interface ipv6 set v4compat=enabled • IPv6位址為「::IPv4位址」 • 如何測試:ping6 ::140.114.78.60

  7. Configure Tunneling 參考來源: http://www.ipv6.hinet.net

  8. IPv4 Networks IPv6 Island IPv6 Island IPv4 Tunnel Dual-stack node Dual-stack node IPv6 H Payload IPv4 H IPv6 H Payload IPv6 H Payload Configured Tunneling

  9. 指令介紹(一) • ipv6 if [if#] • Displays information about interfaces. • ipv6 rt • Displays the current contents of the routing table.

  10. 指令介紹(二) • ipv6 ifc if# [forwards] [advertises] [-forwards] [-advertises] [mtu #bytes] [site site-identifier] • Controls interface attributes. • ipv6 adu if#/address [lifetime VL[/PL]] [anycast] [unicast] • Adds or removes a unicast or anycast address assignment on an interface, defaulting to unicast unless anycast is specified. • ipv6 rtu prefix if#[/nexthop] [lifetime L] [preference P] [publish] [age] [spl site-prefix-length] • Adds or removes a route in the routing table.

  11. 用戶端 局端(HiNet) 範例—設定環境

  12. 範例—單機設定指令 進入“命令提示字元 “DOS Mode下 • ipv6 adu 2/2001:238:900::1 • ipv6 rtu ::/0 2/::210.65.1.26 pub lifetime 1800 • 利用ping6 3ffe:b00:c18:1::10測試是否連上6BONE

  13. 練習一 局端 IPv4 Tunnel: IPv6 Tunnel: IPv4 Network IPv6 Network 用戶端 IPv4 Tunnel: IPv6 Tunnel:

  14. 範例—網路型主機設定指令(一) • 啟動Dual Stack電腦的另一張網路卡,執行IPv6 Router Advertisement動作 • 進入“命令提示字元 “下-DOS Mode,使用ipv6 if指令,查看電腦上啟動的另一張網卡的Interface。可比對「控制台」→「網路和撥號連線」的圖示名稱比對(此為 Interface 6 )

  15. 範例—網路型主機設定指令(二) 使用下列指令來完成設定 • ipv6 rtu 2001:238:a00::/64 6 pub life 1800 • ipv6 adu 6/2001:238:a00::1 life 1800 • ipv6 ifc 6 forw adv • ipv6 ifc 5 forw • ipv6 ifc 4 forw • ipv6 ifc 3 forw • ipv6 ifc 2 forw

  16. 範例—網路型主機設定指令(三) • 將另外一台電腦(IPv6 Host)的網路卡增加IPv6 Protocol • 如同前2頁之步驟,與作為 Gateway之Host同一子網路則該Host會自動進行IPv6 Address Auto-configure。下圖是 IPv6 Host使用 ipv6 rt 指令看到routing table以及使用 ping6 測試。

  17. 練習二 局端 IPv4 Tunnel: IPv6 Tunnel: 用戶端 IPv4 Tunnel: IPv6 Tunnel: IPv4 Network Dual Stack IPv6 Host IPv6 Network LAN(global): IPv6 Network

  18. 大綱 • Configured Tunneling • 6to4 Tunnel • Tunnel Broker • IPv6封包觀察與分析

  19. 6to4 prefix ISPv4 assigned managed auto-configured 2002 IPv4 SLA Interface ID 6to4 • IPv6 addressing • Any isolated IPv6 domain can autonomously build its own globally unique IPv6 prefix. • The globally unique IPv4 address of the domain border router is used for this purpose. Public IPv4 address of dual-stack GW internet Router 4/6 Well known 0x2002 IPv6 island

  20. 注意事項 • 確認電腦可以連上IPv4網際網路(可用ping工具),並有一個固定的Public IPv4 Address • 僅適用於Dual Stack 的單機上並且中間之網路環境不宜有Firewall或NAT之應用存在 • 必須先找到一個 Relay Server並以其IPv4 Address作為IPv6 Gateway的子項 ,如:

  21. IPv4 Network IPv6 Network Dual Stack IPv4: 203.54.210.49 IPv6: 2002:cb4a:d231: :cb4a:d231 範例—設定環境 6to4 gateway IPv4:67.113.12.90

  22. 範例—設定IPv6 6to4 Tunnel IPv6 6to4 :2002::/16 + IPv4 Address == > /48 如 : 2002::/16 + 203.54.210.49 === > 2002 :cb4a:d231::/48 而本身電腦的 IPv6 Interface 可取 2002 :cb4a:d231: :cb4a:d231/48 進入“命令提示字元 “下-DOS Mode • ipv6 rtu 2002::/16 2 • ipv6 adu 2/2002:cb4a:d231::cb4a:d231 • ipv6 rtu ::/0 2/::67.113.12.90 pub life 1800

  23. 範例—檢查執行結果 • ipv6 rt • ping6 3ffe:b00:c18:1::10

  24. 練習三 6to4 gateway IPv4: IPv4 Network IPv6 Network Dual Stack IPv4: IPv6:

  25. 大綱 • Configured Tunneling • 6to4 Tunnel • Tunnel Broker • IPv6封包觀察與分析

  26. DNS 伺服器 (3) (2) (1) 使用者 隧道伺服器 隧道代理 IPv6 Island (4) IPv6 IPv6 over IPv4 隧道 隧道終點 隧道終點 IPv4網路 Tunnel Broker

  27. Tunnel Broker • 中華電信研究所 http://tb.ipv6.chttl.com.tw • HiNet http://203.74.21.3/cgi-bin/tb.pl

  28. CHTTL Tunnel Broker Service • 註冊新帳號 • 登入網頁 • 新增Tunnel • 檢視Tunnel • 刪除Tunnel

  29. 註冊新帳號

  30. 登入網頁

  31. 登入網頁

  32. 新增Tunnel

  33. 新增Tunnel(一)

  34. 新增Tunnel(二)

  35. 檢視Tunnel

  36. 刪除Tunnel

  37. 大綱 • Configured Tunneling • 6to4 Tunnel • Tunnel Broker • IPv6封包觀察與分析

  38. 深入IPv6-封包觀察與分析 • 封包分析軟體之介紹與安裝 • Tunneling封包之觀察

  39. 封包分析軟體之安裝 • 分析軟體下載ethereal-setup-0.9.5.exe (http://www.ethereal.com/distribution/win32/) • 驅動程式下載WinPcap_2_3.exe (http://winpcap.polito.it/install/default.htm)

  40. 送出封包

  41. 開始抓取封包 2.選取介面 1.選取Capture 3.按「OK」

  42. 正在抓取中… 數字會增加 按下「Stop」則停止抓取封包

  43. 觀察與分析封包 1.選取封包 2.封包解析視窗 3.封包內容Dump

  44. Tunneling之封包 IPv4 Header IPv6 Header Payload…

  45. Question?

More Related