Prochaine session

4 jours

Inscription

IPv6 : concepts, mise en œuvre et migration

This training addresses the changes introduced by IPv6 to replace IPv4 (cohabitation, addressing, integrated security, auto-configuration, quality of service, etc.).

Duration

.

Audience

Network technicians and engineers, administrators, application developers.

Prerequisite

Have taken the course "Theory of local networks and TCP / IP protocol", or have equivalent knowledge.

Objectives

  • • Describe the reasons for the creation of IPV6
  • • Describe the new features of IPV6
  • • Describe IPv6 addressing
  • • Automatically assign IP configurations with DHCP v6
  • • Use IPv6 applications (DNS, Telnet, SSH, ...)
  • • Make IPv4 and IPv6 coexist using tunnels
  • • Implement routing on an IPv6 network
  • • Secure IPv6 communication using Ipsec

Information

Detailled program

Introduction

  • IPv4, 30 years of success
  • The reasons for the questioning, the explosion of routing tables, the exhaustion of address space
  • Emergency measures: CIDR, private addressing

Overview of the new protocol

  • Format comparison of IPv4 / IPv6 packets
  • The chaining of extension headers
  • The major extensions: Close by (Hop-by-Hop), Destination, Routing, Fragment, Authentication (AH - Authentication Header), Encryption (ESP - Encryption Security Payload), Mobility
  • Impact of IPv6 on TCP and UDP

Addressing plan

  • Address typing, representation, lifespan
  • The global unicast space
  • Interface identifiers
  • The link-local space
  • Unique local addresses
  • The multicast space
  • Anycast addresses
  • Special addresses
  • Address allocation activities, IANA, RIRs. Assignments already made
  • Workshop: Checking the activation of IPv6 on a Windows 7 host. Analysis of the workstation configuration. Observation of the formation of interface identifiers on an IPv6 host. The ping command in an IPv6 context.

Automatic configuration

  • The new attributes of the ICMP protocol in its version v6
  • The NDP (Neighbor Discovery Protocol
  • - The various messages useful for the NDP protocol
  • The different phases of an automatic stateless configuration:
  • - Creation of the link-local address
  • - Duplicate address detection mechanism
  • - Construction of the unique global address
  • How does a station discover a suitable DNS server in stateless autoconfiguration?
  • Stateful configuration, DHCPv6 protocol
  • Workshop: In a complete network integrating routers, DNS and DHCPv6 servers, IPv6 stations (Windows 7, Linux), you will configure the various elements so that the station acquires an IP configuration…:
  • - In a stateless auto-configuration / DHCP mix
  • - In a situation where the administrator preferred stateful auto-configuration implemented using a DHCPv6 server - Note: in order to prevent the handling of IOS on CISCO routers from being a prerequisite for this training, the corresponding parts of the configuration are carried out in a guided manner by the trainer.

Support for IPv6 applications

  • DNS and DDNS:
  • - AAAA registration
  • - Reverse resolution
  • - Server software
  • - The resolvers
  • Telnet, SSH, TFTP, SNMP
  • Workshop: Testing name resolution for IPv6 addresses

IPv4 - Ipv6 cohabitation, transition mechanisms

  • Double stack
  • Coexistence of IPv4-only and IPv6-only nodes
  • Address translation
  • IPv6 interconnection carried out using tunnels built in an IPv4 network:
  • - Manual tunnel
  • - GRE tunnel
  • - 6to4 automatic tunnel
  • - ISATAP tunnel
  • Workshop: Creation of a TEREDO tunnel on a W7 station behind a NAT
  • Workshop: Realization of an automatic 6to4 tunnel between two CISCO routers on the edge of an IPv4 network

First-Hop Routing Protocols (FHRP)

  • HSRP
  • GLBP
  • Workshop: Configuration of HSRPv6 on a pair of routers.

Implementing IPv6 Routing

  • Static routing
  • RIPng
  • OSPFv3
  • EIGRP for IPv6
  • Workshop: Implementation of a dynamic routing protocol, the choice of protocol is made by the participant.

IPv6 security

  • Reminder of basic concepts:
  • - Availability, Integrity, Confidentiality, Authentication, Non-repudiation
  • Integrated mechanisms of IPsec:
  • - Negotiation of encryption policies with IKE
  • - Host authentication
  • - Data privacy with ESP
  • Workshop: Deployment of an IPv6 IPsec tunnel on the public network


IPv6 : concepts, mise en œuvre et migration

Interrested by this training ? Please contact us for more details.