IPv6 : concepts, mise en œuvre et migration

Introduction

• IPv4, 30 years of success
• The reasons for the questioning, the explosion of routing tables, the exhaustion of address space
• Emergency measures: CIDR, private addressing

Overview of the new protocol

• Format comparison of IPv4 / IPv6 packets
• The chaining of extension headers
• The major extensions: Close by (Hop-by-Hop), Destination, Routing, Fragment, Authentication (AH - Authentication Header), Encryption (ESP - Encryption Security Payload), Mobility
• Impact of IPv6 on TCP and UDP

Addressing plan

• Address typing, representation, lifespan
• The global unicast space
• Interface identifiers
• The link-local space
• Unique local addresses
• The multicast space
• Anycast addresses
• Special addresses
• Address allocation activities, IANA, RIRs. Assignments already made
• Workshop: Checking the activation of IPv6 on a Windows 7 host. Analysis of the workstation configuration. Observation of the formation of interface identifiers on an IPv6 host. The ping command in an IPv6 context.

Automatic configuration

• The new attributes of the ICMP protocol in its version v6
• The NDP (Neighbor Discovery Protocol
• - The various messages useful for the NDP protocol
• The different phases of an automatic stateless configuration:
• - Creation of the link-local address
• - Duplicate address detection mechanism
• - Construction of the unique global address
• How does a station discover a suitable DNS server in stateless autoconfiguration?
• Stateful configuration, DHCPv6 protocol
• Workshop: In a complete network integrating routers, DNS and DHCPv6 servers, IPv6 stations (Windows 7, Linux), you will configure the various elements so that the station acquires an IP configuration…:
• - In a stateless auto-configuration / DHCP mix
• - In a situation where the administrator preferred stateful auto-configuration implemented using a DHCPv6 server - Note: in order to prevent the handling of IOS on CISCO routers from being a prerequisite for this training, the corresponding parts of the configuration are carried out in a guided manner by the trainer.

Support for IPv6 applications

• DNS and DDNS:
• - AAAA registration
• - Reverse resolution
• - Server software
• - The resolvers
• Telnet, SSH, TFTP, SNMP
• Workshop: Testing name resolution for IPv6 addresses

IPv4 - Ipv6 cohabitation, transition mechanisms

• Double stack
• Coexistence of IPv4-only and IPv6-only nodes
• Address translation
• IPv6 interconnection carried out using tunnels built in an IPv4 network:
• - Manual tunnel
• - GRE tunnel
• - 6to4 automatic tunnel
• - ISATAP tunnel
• Workshop: Creation of a TEREDO tunnel on a W7 station behind a NAT
• Workshop: Realization of an automatic 6to4 tunnel between two CISCO routers on the edge of an IPv4 network

First-Hop Routing Protocols (FHRP)

• HSRP
• GLBP
• Workshop: Configuration of HSRPv6 on a pair of routers.

Implementing IPv6 Routing

• Static routing
• RIPng
• OSPFv3
• EIGRP for IPv6
• Workshop: Implementation of a dynamic routing protocol, the choice of protocol is made by the participant.

IPv6 security

• Reminder of basic concepts:
• - Availability, Integrity, Confidentiality, Authentication, Non-repudiation
• Integrated mechanisms of IPsec:
• - Negotiation of encryption policies with IKE
• - Host authentication
• - Data privacy with ESP
• Workshop: Deployment of an IPv6 IPsec tunnel on the public network