IPv6

1

IPv6IPv6

Miguel BaptistaFCCN

2

AgendaAgenda

• DNS

• DHCPv6

• Some Services with IPv6 support in FCCN

• IPv6 Network Management

3

1.1. DNSDNS

4

DNSDNS

• Domain Name System • Tranlation services from

names(FQDN) to addresses– And addresses to names

• DNS for IPv6 uses the same principles as for IPv4

http://images.google.pt/imgres?imgurl=http://images.amazon.com/images/P/0596005628.01.LZZZZZZZ.jpg&imgrefurl=http://147.45.35.100/index2.php%3Fm%3D200401&h=475&w=362&sz=32&tbnid=0ijGiybyBfsJ:&tbnh=126&tbnw=96&start=32&prev=/images%3Fq%3Ddns%26start%3D20%26hl%3Dpt-PT%26lr%3D%26sa%3DN

5

DNSDNS

• New resource record type – AAAA– Don’t use A6 or DNAME addresses

• New reverse domain – ip6.arpa– Don’t use ip6.int reverse domain

6

DNSDNS

Name server to use?– My advice, use Bind

And which version?You should use > 9.X versions (9.2). Avoid older versions

http://images.google.pt/imgres?imgurl=http://images.amazon.com/images/P/0596004109.01.LZZZZZZZ.jpg&imgrefurl=http://books.bankhacker.com/DNS%2B%26%2BBIND%2BCookbook/&h=475&w=362&sz=38&tbnid=VeDCGvttFk0J:&tbnh=126&tbnw=96&start=40&prev=/images%3Fq%3Dbind%26start%3D20%26hl%3Dpt-PT%26lr%3D%26sa%3DN

7

DNSDNS

• Example:– test.ip6.fccn.pt A 193.136.199.200

– test.ip6.fccn.pt AAAA 2001:690:866:2000::1

Reverse domain

– 200.199.136.193.int.arpa

– 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0:0.0.0.2.6.6.8.0.0.9.6.0.1.0.0.2.ip6.arpa

8

DNSDNS

• We may have some “unreachable interface” problems after insert AAAA records

• Solution: Create an IPv6 domain• Example: test.ip6.fccn.pt

http://images.google.pt/imgres?imgurl=http://www.oops.co.at/oops/homepage.jpg&imgrefurl=http://www.oops.co.at/&h=680&w=822&sz=75&tbnid=1vq_JzHH6jIJ:&tbnh=118&tbnw=143&start=16&prev=/images%3Fq%3Doops%26hl%3Dpt-PT%26lr%3D

9

DNSDNS

• One of IANA’s functions is the DNS top-level delegations

• Changes in TLDs (e.g ccTLDs) has to be approved and activated by IANA

• Introduction of IPv6-capable nameservers at ccTLDs level has to be made through IANA

10

DNSDNS

• AAAA glue records• How many servers supporting a domain should

carry AAAA records– Usually conservative approaches – One or two servers

• Don’t use long server names. 1024 bytes limit in DNS responses– Some ccTLDs had to renamed their servers (same philosophy

used by root servers)

http://images.google.pt/imgres?imgurl=http://www.hasslefreeclipart.com/clipart_school/glue.gif&imgrefurl=http://www.hasslefreeclipart.com/clipart_school/page2.html&h=311&w=245&sz=14&tbnid=6uL2koF0ZtwJ:&tbnh=113&tbnw=89&start=17&prev=/images%3Fq%3Dglue%26hl%3Dpt-PT%26lr%3D

11

DNSDNS

• 17/04/2005

– 4 TLDs

(.AEROS, .NET, .COM, .INT)

– 42 ccTLDs

• European: About half already

glued

12

DNSDNS

• FCCN:– We had to upgrade the DNS servers to dual-

stack– Then upgrade Bind software– Instalation of the F-ROOT server mirror in

Lisbon, originally in dual-stack

13

2.2. DHCPv6DHCPv6

14

DHCPv6DHCPv6

• Neighbor discovery – Based on ICMPv6 – Router Advertisement– Router discovery messages

15

DHCPv6DHCPv6

• Enabling router advertisement– Specific to an interface– Automatically enabled on ethernet and FDDI

Examples:router(config-if)# ipv6 address 2001:690:866::1/64

router(config-if)# ipv6 nd prefix 2001:690:866::/64

16

DHCPv6 – One thing to rememberDHCPv6 – One thing to remember

• Provider Independent - PI• Provider Aggregated - PA• In IPv6 we only have PA -> Renumbering

– Some IPv6 mechanisms make renumbering easier (e.g. router advertisement)

17

DHCPv6DHCPv6

• Autoconfiguration types:– Staleless (RFC 2462)

• Router advertisement (RA) messages identify the subnet

• Host generate its own global addresses using the prefix + EUI-64 identifier (based on MAC address)

• Default gateway is the router that sends RAs• If RA doesn’t carry any prefix, the host doesn’t

configure any global IPv6 address

18

DHCPv6DHCPv6

• Stateless main aspects• Requires no manual configuration of hosts• Minimal configuration of routers• No need of addicional DHCP servers

• Stateless problems – Impossible to automatically send DNS server

addresses– IPv6 addresses depends on networks adapters

19

DHCPv6DHCPv6

• Autoconfiguration types:– Stateful (RFC 3315)

• Based on DHCPv6 servers• Hosts get their addresses and other configuration

info (DNS, NTP servers) through a DHCPv6 server• Server maintain a database of assigned addresses • Client uses link local address to connect the server

20

DHCPv6DHCPv6

• The two types of configuration can complement each other

• Example:– we can obtain DNS server address from DHCPv6

In dual-stack we can obtain DNS server addresses from DHCPv4

21

DHCPv6DHCPv6

• DHCPv6 Server/client Implementations– Dibbler

• Linux and Windows support

– Project DHCPv6• Linux support

22

DHCPv6 - ExampleDHCPv6 - Example

Backbone RCTS

Switch

mad.ip6.fccn.pt

FCCNge-0/1/0.0

2001:690:866:2::1fe80::205:8500:15a1:801f

eth0 2001:690:866:2::3

fe80::20e:cff:fe31:c81e

Kahuna6.ip6.fccn.pt

eth1 fe80::2e0:29ff:fe06:aa54

• Scenario – DHCPv6 Server will assign the IPv6

address - 2001:690:866:2::1b/128– router advertisement without network

prefix

23

DHCPv6 - ExampleDHCPv6 - Example# ifconfig eth1

eth1 Link encap:Ethernet HWaddr 00:E0:29:06:AA:54 inet6 addr: 2001:690:866:2::1b/128 Scope:Global

# route -A inet6Kernel IPv6 routing table

destination Next Hop Flags Metric Ref Use Iface*/0 fe80::205:8500:15a1:801f UGDA 1024 30 0 eth1

# traceroute6 www.kame.nettraceroute www.kame.net (2001:200:0:8002:203:47ff:fea5:3085)

2001:690:866:2:2e0:29ff:fe06:aa54, 30 hops max, 16 byte packets

1 2001:690:866:2::1 (2001:690:866:2::1) 0.584 ms 0.509 ms 0.474 ms 2 fccn.nl6.nl.6net.org (2001:798:22:203::1) 35.196 ms 35.085 ms 35.087 ms

24

3. Services with IPv6 3. Services with IPv6 support in FCCNsupport in FCCN

25

Some Services with IPv6 support in FCCN Some Services with IPv6 support in FCCN

• Full operational– DNS (Bind)– WWW (Apache)– FTP (vsftpd)

• In progress …– Instant Messanger (Jabber)– Directory Server (OpenLDAP)– Nagios– VOIP

• SIP router, Asterisk

– NTP

26

4. IPv6 Network 4. IPv6 Network ManagementManagement

27

IPv6 Network ManagementIPv6 Network Management

• Network Management– Configuration of equipments– links

• Services Management– Mail– DNS

28


• Basic Management– SSH, Telnet via IPv6– TFTP/IPV6 – FTP/IPV6 not supported on Cisco routers

http://www.daemonnews.org/199912/ssh.jpg

29


• SNMP/MIBs over IPv6 – Routers from major vendors support SNMP– If necessary, in dual-stack we can use IPv4 to

retrieve information– MIBs are essencial for the network

management

SNMP Server

MIB

SNMP Agent

SNMP

30


• IPv6 MIBs– At the beginning IPv4 and IPv6 MIBs

dissociated– Unified MIBs are on standardization track

31


• Cisco– Unified MIBS– No distinction between IPv4 e IPv6 traffic at the interface level

from the MIBS– Information available from CLI

• Show interface accounting

• Juniper– Different counters for IPv4 e IPv6– In beginning apply some filters … (permit IPv6 traffic, but count

it)

32


• NRENs mainly use GPL or home-made tools

• Comercial platforms– HP-OpenView, Ciscoworks (have or will have IPv6 support )– Tivoli Netview,Infovista (no IPv6 support)

33


• 6NET WP6 : Managing large scale IPv6 networks

• Monitoring tools for IPv6– Tested– Documented

• http://tools.6net.org

34

IPv6 Network ManagementIPv6 Network ManagementLAN• Traffic & Service management (Web, DNS...)

– Argus, Nagios, Ntop

• End-to-End– Iperf or Pchar

• Configuration Management– Rancid

• Analysys of packets on shared links– Ethereal, tcpdump or Ntop

• IPv6 multicast management– Multicast Beacon

35

IPv6 Network ManagementIPv6 Network ManagementWAN

• Traffic Management– MRTG, Cricket

• Equipment and link status– Intermapper, Nagios

• Routing management– ASpath-tree (routing policy study)

• Accounting management– Ipflow, Cisco NFC v5.0

• Configuration management– Rancid

• Looking Glasses– Cisco Looking glass V6, LG – Looking Glass

36

Questions?Questions?

Date post:	30-Dec-2015
Category:	Documents
Upload:	katell-potts
View:	34 times
Download:	1 times

IPv6

Documents