IPv6 : concepts, mise en œuvre et migration
This training addresses the changes introduced by IPv6 to replace IPv4 (cohabitation, addressing, integrated security, auto-configuration, quality of service, etc.).
Duration
.
Audience
Network technicians and engineers, administrators, application developers.
Prerequisite
Have taken the course "Theory of local networks and TCP / IP protocol", or have equivalent knowledge.
Objectives
- • Describe the reasons for the creation of IPV6
- • Describe the new features of IPV6
- • Describe IPv6 addressing
- • Automatically assign IP configurations with DHCP v6
- • Use IPv6 applications (DNS, Telnet, SSH, ...)
- • Make IPv4 and IPv6 coexist using tunnels
- • Implement routing on an IPv6 network
- • Secure IPv6 communication using Ipsec
Information
Detailled program
Introduction
- IPv4, 30 years of success
- The reasons for the questioning, the explosion of routing tables, the exhaustion of address space
- Emergency measures: CIDR, private addressing
Overview of the new protocol
- Format comparison of IPv4 / IPv6 packets
- The chaining of extension headers
- The major extensions: Close by (Hop-by-Hop), Destination, Routing, Fragment, Authentication (AH - Authentication Header), Encryption (ESP - Encryption Security Payload), Mobility
- Impact of IPv6 on TCP and UDP
Addressing plan
- Address typing, representation, lifespan
- The global unicast space
- Interface identifiers
- The link-local space
- Unique local addresses
- The multicast space
- Anycast addresses
- Special addresses
- Address allocation activities, IANA, RIRs. Assignments already made
- Workshop: Checking the activation of IPv6 on a Windows 7 host. Analysis of the workstation configuration. Observation of the formation of interface identifiers on an IPv6 host. The ping command in an IPv6 context.
Automatic configuration
- The new attributes of the ICMP protocol in its version v6
- The NDP (Neighbor Discovery Protocol
- - The various messages useful for the NDP protocol
- The different phases of an automatic stateless configuration:
- - Creation of the link-local address
- - Duplicate address detection mechanism
- - Construction of the unique global address
- How does a station discover a suitable DNS server in stateless autoconfiguration?
- Stateful configuration, DHCPv6 protocol
- Workshop: In a complete network integrating routers, DNS and DHCPv6 servers, IPv6 stations (Windows 7, Linux), you will configure the various elements so that the station acquires an IP configuration…:
- - In a stateless auto-configuration / DHCP mix
- - In a situation where the administrator preferred stateful auto-configuration implemented using a DHCPv6 server - Note: in order to prevent the handling of IOS on CISCO routers from being a prerequisite for this training, the corresponding parts of the configuration are carried out in a guided manner by the trainer.
Support for IPv6 applications
- DNS and DDNS:
- - AAAA registration
- - Reverse resolution
- - Server software
- - The resolvers
- Telnet, SSH, TFTP, SNMP
- Workshop: Testing name resolution for IPv6 addresses
IPv4 - Ipv6 cohabitation, transition mechanisms
- Double stack
- Coexistence of IPv4-only and IPv6-only nodes
- Address translation
- IPv6 interconnection carried out using tunnels built in an IPv4 network:
- - Manual tunnel
- - GRE tunnel
- - 6to4 automatic tunnel
- - ISATAP tunnel
- Workshop: Creation of a TEREDO tunnel on a W7 station behind a NAT
- Workshop: Realization of an automatic 6to4 tunnel between two CISCO routers on the edge of an IPv4 network
First-Hop Routing Protocols (FHRP)
- HSRP
- GLBP
- Workshop: Configuration of HSRPv6 on a pair of routers.
Implementing IPv6 Routing
- Static routing
- RIPng
- OSPFv3
- EIGRP for IPv6
- Workshop: Implementation of a dynamic routing protocol, the choice of protocol is made by the participant.
IPv6 security
- Reminder of basic concepts:
- - Availability, Integrity, Confidentiality, Authentication, Non-repudiation
- Integrated mechanisms of IPsec:
- - Negotiation of encryption policies with IKE
- - Host authentication
- - Data privacy with ESP
- Workshop: Deployment of an IPv6 IPsec tunnel on the public network