IPv6 Foundations PDF Print E-mail

Class Length:  Four Days

Course Overview

The IPv6 Foundations course is designed to teach students the fundamentals of IPv6 and build a working foundation knowledge. The class covers the basics of IPv6 addressing, and neighbor discovery process including viewing the neighbor cache table.  Furthermore, the IPv6 auto-configuration process between a client and default gateway router is detailed.  Students work in pods and are assigned live equipment in class for completing their assigned labs.  Routing protocols RIPng, OSPFv3 and BGP4+ are configured during class and each student is responsible to insure their routing protocols are working correctly.  Each host is configured for Dynamic DNS to register their IPv6 address and host name with the DDNS server.  Pings are done using both host and router names instead of actual addresses to prove DDNS operation. HTTP, FTP, TFTP, and Telnet are investigated in labs as to IPv4 vs IPv6 capabilities. Students will learn how to create an IPv6 access-list for both permitting and denying traffic through their assigned router.

What You’ll Learn

  • Foundation knowledge of IPv6
  • Both stateless and statefull auto-configuration methods
  • How host learn other host on local subnet
  • IPv6 addressing and how to subnet an IPv6 address
  • Different tunneling methods over an IPv4 only network
  • Routing protocols OSPFv3, RIPng and MP-BGP for IPv6
  • How to configure DDNS for IPv6
  • Different deployment strategies
  • Dual-stack techniques
  • IPv6 security methods to protect against current IPv6 hacks

Who Should Attend

  • Anyone needing an overview of IPv6
  • Managers that need to understand and start a foundation knowledge of IPv6
  • Technicians and field engineers requiring IPv6 knowledge

Prerequisites

  • Basic knowledge of IPv4 and network principles

Follow on Courses

  • Advanced IPv6 Migration
  • IPv6 Security Migration

IPv6 Foundations Course Outline

Section 1: Introduction to IPv6

  • Information Overload
  • IPv6 Electronic Automation
  • IPv6 is NOT IPv4
  • Why IPv6
  • New technologies
    • IPv4 lifetime extension
    • Key differences between IPv4 and IPv6
  • Internet of Things (IoT)
  • CES 2014 and IoT
  • Bosch IoT Lab Established
  • Smart Sensor Mesh Networking with IPv6
  • Key Differences between IPv4 and IPv6
  • DoD 2003 mandate
  • NIST Recommendations
  • DoD IPv6 Standard Profiles
  • 2012 Government Public-Facing Servers
  • Current Issues with Public-Facing Servers
  • IPv6 Forum
  • IPv6 Ready Logo Program
    • IPv6 ready program example
  • Five Internet Registries
  • ARIN requirements for address licensing 
    • ARIN form/template
    • ARIN assignment

Section 2: IPv6 Addressing

  • Binary number representation
    • Decimal-to-binary conversion
  • Hexadecimal review
  • IPv6 addressing
    • Possible IPv6 addresses
    • IPv6 address notation
    • Address compressing
    • IPv6 address space
    • IPv6 address prefix subnetting
    • IPv6 prefixes
    • Unicast addresses
    • Site-local deprecation
    • Unique local address (ULA)
    • Link-local address
    • Global unicast address
    • Global address flow chart
    • Auto-configured address states
      • Tentative
      • Preferred, deprecated
      • Valid and invalid
      • Address Timers
    • IPv6 Address Timers
    • Anycast addresses
    • Multicast addresses
      • Well-known multicast
    • Mapping Layer 3 to Layer 2 Multicast
    • Loopback and unspecified addresses
    • 64-bit MAC address assignment
    • Mapping an MAC address to an IPv6 address
    • IPv6 temporary address
    • IPv6 ping command
    • IPv6 Host, Nodes, Routers and Interfaces

Section 3: IPv6 Header Information

  • IPv4 protocol stack
  • IPv6 protocol stack
  • IPv6 dual stack
  • New header format
  • IPv6 extension headers 
    • Hop-by-Hop
    • Destinations Options
    • Routing Header 
      • Routing header example
      • Mobility with IPv6
      • Mobile node home agent support
    • Fragment Header 
      • Fragment header example
    • IPSec Authentication Header
    • IPSec ESP Header
    • Using multiple extension headers
    • Extension header order
    • Extension header example
    • List of next header values

Section 4: ICMPv6 Network Operation

  • ICMPv6 header
  • ICMPv6 message types
  • ICMPv6 ping operation 
    • ICMPv6 Echo Request message
    • ICMPv6 Echo Reply message
  • Windows XP
  • Windows Vista and 07
  • Windows server 03’ and 08’
  • Windows 07 GUI configuration
  • Common windows commands 
    • ipconfig command
    • Using different netsh commands
  • Neighbor Solicitation 
    • ICMPv6 Neighbor Discovery
    • ICMPv6 Neighbor Solicitation message
    • Duplicate Address Detection
    • Solicited-Node Multicast Address
    • Duplicate Address Analyzed
    • Neighbor Solicitation Message Process
    • Host Neighbor Cache
    • Host Neighbor Cache after Solicitation
  • Neighbor Advertisement 
    • ICMPv6 Neighbor Advertisement message
  • Autoconfiguration Methods
  • Router Solicitation 
    • ICMPv6 Router Solicitation message
  • Router Advertisement 
    • ICMPv6 Router Advertisement message
    • ICMPv6 Router Advertisement vs. DHCPv6
    • Viewing a router’s neighbor cache table
  • SLAAC flow chart
  • Viewing a host routing table
  • Viewing a router's neighbor cache table
  • Configuring IPv6 on a Unix workstation 
    • Unix ifconfig commands
    • Common Unix commands
  • Configuring IPv6 on a MAC workstation
  • Operating systems overview
  • DHCPv6 Overview 
    • DHCPv4 and DHCPv6 comparison
    • DHCPv6 relay agent
    • DHCPv6 08’ server configuration
  • ICMPv6 Redirect
  • ICMPv6 Multicast messages
  • ICMPv6 MTU path discovery 
    • ICMPv6 packet too big error message
    • Windows destination cache table
    • Fragment header example
    • Fragment offset value
  • ICMPv6 Time Exceeded, Destination Unreachable, etc.
  • ICMPv6 Multicast Listener Discovery Message

Section 5: Routing Services and Protocols

  • Routing protocols supported by IPv6
  • RIPng protocol 
    • RIPng enhancements
    • IPv4 RIP-2 MAC header snapshot
    • IPv6 RIPng MAC header snapshot
    • IPv4 RIP-2 IP header snapshot
    • IPv6 RIPng IP header snapshot
    • IPv4 RIP-2 UDP header snapshot
    • IPv6 RIPng UDP header snapshot
    • IPv4 RIP-2 snapshot
    • IPv6 RIPng snapshot
    • IPv6 RIPng trace file
    • Enabling IPv6 on Cisco
  • OSPFv3 protocol 
    • Current OSPF RFCs
    • OSPF Areas
    • Link state advertisement
    • LSDB exchange
    • Entering information into the routing table
    • OSPFv3 routing table
    • OSPF area border routers
    • DR and BDR election
    • DR and BDR operation
    • OSPF hello packet
  • BGP protocol 
    • BGP IBGP neighboring
    • BGP EBGP neighboring
    • Configuring BGP-MP

Section 6: IPv6 Access-List

  • DMZ layer
  • Packet filtering
  • IPv6 ACL packet flow
  • IPv6 router access-list
  • IPv4 standard and extended ACL example
  • IPv6 Standard Access List 
    • Standard list example
  • IPv6 Extended Access List 
    • Extended list example
  • Reflexive access list 
    • Reflexive access list example
  • Access List configurations

Section 7: DNS Overview

  • DNS infrastructure 
    • DNS resolver
    • DNS A records
    • DNS AAAA resource record
    • DNS deployment
    • Bind9 support
  • Example IPv6 DNS query over IPv4
  • Example IPv6 DNS reply over IPv4
  • DNS update over IPv6 native
  • Testing DNS Operation
  • HTTP and FTP URL Access

Section 8: IPv6 Deployment Strategies

  • Reason delaying IPv6 Migration
  • Migration Schedule
    • Preliminary stage
    • Discovery stage
    • Design stage
    • Deployment stage
    • IPv6 address recommendations
  • IPv6 deployment strategies
  • Potential host types during migration from IPv4 to IPv6
  • Dual-stack migration strategy
  • Current operating system supporting IPv6
  • Application upgrades
  • FTP over IPv6
  • Viewing live analyzer traces
  • TFTP over IPv6 example
  • SMTP over IPv6 example
  • IPv4 and IPv6 dual-stack DNS support
  • IPv6 tunneling migration strategies
    • IPv6 tunneled over IPv4
  • IPv6 tunneling methods using manual configuration
    • Tunneling router-to-router
    • Tunneling ICMPv6 ping packet
    • Routing over 6to4 tunnel
  • Silver Springs Network
  • 6to4 tunneling devices
  • 6to4 Auto-Configured tunnel
  • ISATAP Example
  • ISATAP link-local capture
  • Teredo
  • Other services and technologies
  • IPv6 supported technologies
  • Enterprise migration steps
    • Sample inventory list
    • Possible IPv6 subnet assignment
    • Further consideration in migrating IPv6
    • IPv6 intergration

Section 9: IPv6 Security

  • IPSec tunneling
  • IPv6 IPSec overview 
    • Security areas addressed
  • IPSec Framework 
    • Authentication header
    • AH transport mode
    • AH tunnel mode
    • Encapsulating security payload
    • ESP transport mode
    • ESP tunnel mode
    • Internet key exchange
  • IPv6 IPSec in a Windows environment
  • Microsoft symmetric key authentication
  • Setting up the IPSec6 tunnel

Introduction to IPv6 Migration Labs:

Lab 1: Initial Configuring and Neighbor Discovery

  • Install IPv6 for Windows XP
  • View your IPv6 address
  • Review your configuration results
  • Ping your neighboring pod's computer
  • Use Wireshark to analyze certain captured frames
  • Analyze IPv6 header information
  • Analyze various neighbor solicitations messages including DaD
  • Investigate your PCs neighbor cache

Lab 2: Configuring and Analyzing IPv6 on the Network Router

  • Set up the classroom network
  • Configure and verify IPv6 on a Cisco router
  • Analyze Router Solicitation and Router Advertisement messages
  • Use the debug ipv6 nd command to view the exchange of Router Solicitations

Lab 3: ICMPv6 Packet Too Large Fragmentation

  • Configure your router with a link MTU size of 1280 bytes
  • Ping your neighbor's workstation with 1500 byte frame
  • Capture the ICMPv6 Packet Too Large error message
  • Ping your neighbor's workstation with 8000 byte packet
  • Capture and analyze Fragment Extension Headers

Lab 4: Configuring IPv6 RIPng

  • Configure IPv6 on a Cisco router
  • Configure IPv6 RIGng
  • Verify IPv6 RIPng configuration and operation on your router
  • Analyze RIPng updates using a network analyzer

Lab 5: DDNS (Dynamic DNS)

  • Configure the network to use Dynamic DNS for name resolution. Instead of pinging by IPv6 addresses, instead host names are.
  • Each student will configured their workstation for Dynamic DNS registration.

Lab 6: OSPF Configuration

  • Configure IPv6 OSPFv6 on your router
  • Build adjacencies between other IPv6 routers
  • View IPv6 OSPFv6 routing tables for different network connections
  • View live OPSFv6 route updates from local router
  • Configure IPv6 encryption used between routers

Lab 7: IPv6 BGP Routing

  • Enable IPv6 BGP routing protocol
  • Configure IPv6 BGP autonomous systems
  • Configure both IBGP and EBGP neighbor statements
  • View IPv6 routing tables

Lab 8: IPv6 Access Control List

  • Configure your router to block telnet access from your neighboring routers
  • Configure your access list so all other network devices can access your router
  • Block your neighboring router from pinging your router
  • Write an access list where you can ping other routers, but block neighboring ping packets

Lab 9: DNS Operation

  • Configure client for IPv6 DNS name resolution
  • Analyze IPv6 quad (AAA) records
  • Analyze an DNS packet
  • Verify DNS operation by pinging your DNS server and analyzing a DNS query

Lab 10: Building a Manual IPv6 Tunnel

  • Configure a router for tunnel operation, allowing it to carry IPv6 traffic over an IPv4 network
  • Test connectivity using the IPv6 address and fix any problems that occur
  • Use show commands to view your configuration and verify tunnel operation

Download course outline: IPv6 Foundations Outline