1 how to enable ipv6 in your subnet quincy wu [email protected] march 10, 2004
TRANSCRIPT
2
IPv6 client
IPv6 clientIPv6/v4Serverwww.acutecom.com
192.168.2.254192.168.0.1 192.168.0.2
192.168.1.254
Network Topology
3
Linux IPv4 router
• OS: Linux Red Hat 9
• DHCP Daemon
• Packet forwarding
4
Configure DHCP on Linuxddns-update-style none;ddns-updates off;
option routers 192.168.131.254;option domain-name-servers 140.113.131.1, 140.113.87.43;default-lease-time 300;max-lease-time 3600;
subnet 192.168.131.0 netmask 255.255.255.0 { range 192.168.131.91 192.168.131.120; host Pingtel { hardware ethernet 00:d0:1e:00:5c:b7; fixed-address 140.113.87.37; }}
5
Configure IPv4 Routing on Linux
• Enable packet forwarding– sysctl –w net.ipv4.conf.eth2.forwarding=1– /etc/sysctl.conf
• Modify your routing table– route add –net 192.168.1.0 netmask 255.255.25
5.0 gw 192.168.0.1– route add default gw 192.168.0.1– /etc/rc.local
6
IPv6 宣傳短片• IPv6 Promotion Council Overview 2001
• IPv6 Demonstration Program - Devices and Applications
7
At boot time, an IPv6 host build a Link-Local address,
then its global IPv6 address(es) from RA
RA indicates SUBNET PREFIX
IPv6 Auto-Configuration
• Stateless (RFC2462)–Host autonomously configures its own Link-Local address–Router solicitation are sent by booting nodes to request RAs for configuring the interfaces.
SUBNET PREFIX + MAC ADDRESS
SUBNET PREFIX + MAC ADDRESS
SUBNET PREFIX + MAC ADDRESS
SUBNET PREFIX + MAC ADDRESS
SUBNET PREFIX + MAC ADDRESS
SUBNET PREFIX + MAC ADDRESS
SUBNET PREFIX + MAC ADDRESS
SUBNET PREFIX + MAC ADDRESS
8
IPv6 Host Configuration
• Windows 2000 SP1
• Windows XP
• Linux Red Hat 9
• FreeBSD 4.9
9
Enable IPv6 on Windows 2000
• Download tpipv6-001205.exe– http://www.6ren.net.tw/~solomon/NBEN/IPv6/w2k_ipv6.html
• Run tpipv6-001205.exe to Unzip files into a directory, say "D:\IPv6Kit".
• Change working directory to D:\IPv6Kit, run "setup -x" to extract files.
• Use NOTEPAD or your favorite editor to edit "HOTFIX.INF".• Change the value of "NtServicePackVersion" from 256 to be “5
12“ and save.– Change to 768 if you are using SP3.
• Don't upgrade to IE6, otherwise your browser will not support IPv6. You can only run "ping6" and "tracert6".
10
Enable IPv6 in Windows XP
• ipv6 install
11
FreeBSD 4.9
• /etc/rc.confipv6_enable="YES"
12
Linux Red Hat 9
• /etc/sysconfig/networkNETWORKING_IPV6=yes
13
IPv6 Router Configuration
• Cisco Router– IOS 12.2(4)T
• Linux Router– Red Hat 9
14
Cisco RouterLAN: 2001:288:3A1:199::/64
FastEthernet0/0
MAC address: 0030.8570.85e0
router# show ipv6 interface FastEthernet0/0FastEthernet0/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80:230:85FF:FE70:85E0Global unicast address(es): 2001:288:3A1:199:230:85FF:FE70:85E0, subnet is 2001:288:3A1:199::/64 Joined group address(es): FF02::1:FF70:85E0 FF02::1 FF02::2 MTU is 1500 bytes
interface FastEthernet0/0 ipv6 address 2001:288:3A1:199::/64 eui-64
15
FreeBSD IPv6 Router
FreeBSD4.9#ifconfig eth0 inet6 2001:288:3A1:218::1/64sysctl net.inet6.ip6.forwarding=1sysctl net.inet6.ip6.accept_rtadv=0rtadvd eth0
# vi /etc/rtadvd.confeth0:\ :addrs#1:addr="2001:288:3A1:218::":prefixlen#64:
IPv4
2001:288:3A1:218::/64
eth0Tunnel
16
Linux IPv6 Router
• Install radvd-0.7.1-3.i386.rpm
• Request a /64 prefix
• Enable IPv6 packet forwarding– echo "1" > /proc/sys/net/ipv6/conf/eth0/forwarding
– echo "1" > /proc/sys/net/ipv6/conf/sit0/forwarding
– sysctl –w net.ipv6.conf.all.forwarding=1
17
Linux + radvd
• Revise /etc/radvd.confinterface eth1 { AdvSendAdvert on; Prefix 2001:288:381:FFFF:/64 { AdvOnLink on; AdvAutonomous on; } }
• Restart radvd– /etc/rc.d/init.d/radvd stop/start
18
Machines in the same subnet will obtain the IPv6 Prefix
19
Exercise 1
IPv6 client IPv6 client
192.168.2.254192.168.0.1 192.168.0.2
192.168.1.254
IPv6 client
3FFE:238:F88:A1::/64 3FFE:238:F88:A2::/64
1. Linux routers advertise /64 prefix in LAN.
2. Notebooks in LAN receive the prefix and configure its own IPv6 address automatically.
3. IPv6 clients can ping its neighbors.
4. Observe the packets captured by filter “icmp6”.
20
IPv6 in Home Network
• FreeBSD with Configured Tunnel
• Linux with Configured Tunnel
• Windows XP with Configured Tunnel
• Windows 2000 with 6to4 Tunnel
21
IPv6 over IPv4 Tunnels
• Tunneling is encapsulating the IPv6 packet in the IPv4 packet
• Tunneling can be used by routers and hosts
IPv4IPv6 Network
IPv6 Network
Tunnel: IPv6 in IPv4 packet
IPv6 Host
Dual-Stack Router
Dual-Stack Router
IPv6 Host
IPv6 HeaderIPv6 HeaderIPv4 HeaderIPv4 Header
IPv6 HeaderIPv6 Header Transport Header
Transport Header DataData
DataDataTransport Header
Transport Header
22
IPv6 Tunneling (RFC 2893)
Service Provider IPv4 Backbone
Service Provider IPv4 Backbone
IPv6 Tunnel
IPv6 Tunnel
IPv6 Tunnel
IPv6 Network
IPv6 Network
IPv6 HeaderIPv6 Header Transport Layer Header
Transport Layer HeaderIPv4 HeaderIPv4 Header
IPv6 HeaderIPv6 Header Transport Layer Header
Transport Layer Header DataData
DataData
23
IPv4
Manually Configured TunnelDual-Stack
Router
IPv4: 140.110.199.254
IPv6: 2001:288:03a1:210::3/127
FreeBSD4.7#gifconfig gif0 61.218.105.10 140.110.199.254ifconfig gif0 inet6 2001:288:03a1:210::2 2001:288:3a1:210::3 prefixlen 128
Dual-Stack Host
IPv4: 61.218.105.10
IPv6: 2001:288:03a1:210::2/127
24
Linux Tunnel
/etc/sysconfig/network-scripts/ifcfg-sit1 DEVICE=sit1
BOOTPROTO=none
ONBOOT=yes
IPV6INIT=yes
#Remote end-ISP IPv4 addr
IPV6TUNNELIPV4=140.110.199.250
#Yourself IPv6 tunnel addr from ISP
IPV6ADDR=2001:288:3A1:210::2/127
ifup sit1
25
Windows XP Tunnel
• netsh interface ipv6– add v6v4tunnel “T1" 10.0.0.1 192.168.0.1
• Syntax: add v6v4tunnel [[interface=]String] localIPv4Address remoteIPv4Address
– add address “T1“ 2001:238:192::1– add route 2001:238:F88:A::30/127 “T1”
• Now you can ping the remote tunnel endpoint 2001:238:F88:A::31
• Use Ethereal to capture packets with filter “ip host 192.168.0.1”.
26
Tunnel Packets
27
Exercise 2
IPv6 client IPv6 client
Router 2
192.168.2.254192.168.0.1 192.168.0.2
192.168.1.254
IPv6 client
3FFE:238:F88:A1::/64
1. Establish a tunnel between Host1 & Router 2.
2. Establish a tunnel between Host2 & Host3
3. Observe the packets captured by filter “ip host”.
Host 3
192.168.2.3
Host 1
192.168.1.1
Host2
192.168.1.2
28
6to4 Tunnel (RFC 3056)
IPv4IPv6 Network
IPv6 Network
6to4 Router2
6to4 Router1
131.243.129.44 140.110.199.250Network prefix:
2002:83F3:812C::/48
Network prefix:
2002:8C6E:C7FA::/48= =
E0 E0
router2#interface Ethernet0 ip address 140.110.199.250 255.255.255.0 ipv6 address 2002:8C6E:C7FA:1::/64 eui-64interface Tunnel0 no ip address ipv6 unnumbered Ethernet0 tunnel source Ethernet0 tunnel mode ipv6ip 6to4
ipv6 route 2002::/16 Tunnel0
• 6to4 Tunnel: Is an automatic tunnel method
Gives a prefix to the attached
IPv6 network
2002::/16 assigned to 6to4
Requires one global IPv4 address
on each Ingress/Egress site
29
6to4 Tunnel
IPv4IPv6 Network
IPv6 Network
6to4 Router2
6to4 Router1
131.243.129.44 140.110.199.250Network prefix:
2002:83F3:812C::/48
Network prefix:
2002:8C6E:C7FA::/48
E0 E0
2002:83F3:812C:1::3
2002:8C6E:C7FA:2::5
IPv6 SRC 2002:83F3:812C:1::3
IPv6 SRC 2002:83F3:812C:1::3
DataData
IPv6 DEST 2002:8C6E:C7FA:2::5
IPv6 DEST 2002:8C6E:C7FA:2::5
IPv6 SRC 2002:83F3:812C:1::3
IPv6 SRC 2002:83F3:812C:1::3
DataData
IPv6 DEST 2002:8C6E:C7FA:2::5
IPv6 DEST 2002:8C6E:C7FA:2::5
IPv6 SRC 2002:83F3:812C:1::3
IPv6 SRC 2002:83F3:812C:1::3
DataData
IPv6 DEST 2002:8C6E:C7FA:2::5
IPv6 DEST 2002:8C6E:C7FA:2::5
IPv4 SRC 131.243.129.44
IPv4 SRC 131.243.129.44
IPv4 DEST 140.110.199.250
IPv4 DEST 140.110.199.250
30
6to4 Tunnel in Windows XP• 6to4 Tunnel is enabled in Windows XP by
default.