ipv6 linux
play

IPv6 & Linux About Me Work at Jumping Bean Developer & - PowerPoint PPT Presentation

Mar 10, 2024 •219 likes •676 views

IPv6 & Linux About Me Work at Jumping Bean Developer & Trainer Contact Info: Twitter @mxc4 Twitter @jumpingbeansa mark@jumpingbean.co.za Goals & Motivation Why? What? Understanding of IPv6 Why IPv6?

  1. IPv6 & Linux

  2. About Me ● Work at Jumping Bean – Developer & Trainer – Contact Info: ● Twitter @mxc4 ● Twitter @jumpingbeansa ● mark@jumpingbean.co.za

  3. Goals & Motivation Why? What? ● Understanding of IPv6 ● Why IPv6? concepts, protocol vis-a-vis ● Why this talk? IPv4, ● How to set up a Linux LAN to – Information on the use IPv6, internet fragmented – Part 1 – Setting up your LAN for and confusing, IPv6 – No single how-to to get – Part 2 – Connecting to the hands dirty Internet with IPv6

  4. Why IPv6?

  5. Why IPv6? ● Replacement for IPv4, ● 128 bit IP address – IPv4 allowed for 4.3 billion possible addresses, – IPv6 allows for 340 undecillion addresses 3.40E38, – 7.9E28 more than IPv4 addresses, – ~ 4.8x10 28 addresses for every human on earth (7 billion people). – 1E32 – number of stars in the universe (estimated) – 1E82 – number of atoms in the universe (estimated)

  6. IPv6 Benefits ● No need for NAT, ● Better handling for mobile devices, – Unique, publicly routable, ● Better multicast support, address per device, ● Devices can have more than ● IPSec was mandatory, now optional, one address, ● Simplified router processing ● Eliminates network address – No support for router fragmentation, collision when merging – Packet header processing more networks, efficient ● “Simplified” auto- ● No broadcast traffic configuration,

  7. IPv6 History ● RFC 791 (IPv4) published 1981 ● RFC 2460 (IPv6) published 1998 ● A long time ago … ● Not backwardly compatible with IPv4

  8. IPv6 Addresses

  9. IPv6 Address Notation ● 128 bit address written in hexadecimal, – Written as 8 groups of 16 bits separated by a colon: ● 2001:0db8:85a3:0000:0000:8a2e:0370:7334 ● Abbreviation rules: – Drop leading zeros in 16 bit group, – If 16 bits all zero replace with empty string “::” – If there are sequential groups of 0 replaced by empty string then collapse into a single double colon :: ● 2001:db8:85a3::8a2e:370:7334

  10. IPv6 Routing Prefix & Interface ID ● “Network mask” is fixed at 64 most significant bits – no CIDR, ● Interface identifier (host portion) is fixed at 64 least significant bits ● Common to see IPv6 address with prefix mask that don't match 64 bits, – Used in routing, – Used in address block assignment, – Used in slicing up blocks for special usage

  11. IPv6 Address Prefix/Subnet

  12. IPv6 Address Allocation ● Internet Assigned Numbers Authority (IANA) assigned Regional Internet Registrars 23/12 bit blocks, ● Regional Internet registrars (Afrinic) assign blocks 19/32 to local Internet registrars, ● End User recommended to get a /48 block which means 65335 subnets but now recommended 56 subnet only 256 subnets.

  13. IPv6 Address Allocation ● Entities can apply for own, provider independent, IPv6 address block with Regional registrar ● Great for ISP independence, ● Why such large allocations? – IPv4 routing tables size (current) - 545K, – IPv6 routing table size (current) - 22K, – Generous allocation policy to avoid routing table explosion

  14. LAN Configuration

  15. IPv6 How it Works ● Other addresses ● Every interface has a link- local address, – Unique local – Network segment only, address (ULA) - site ● Additional address obtain routable, via – Global address – – Manual configuration, or internet routable, – Automatic configuration, ● SLAAC ● DHCP

  16. IPv6 Link Local ● Each interface auto-assigned a link-local ip address – fe80::/10, – Actual assigned link local is fe80::/64 – replaces layer 2 arp protocols with layer 3, ● Neighbourhood discovery map IP to Mac via Neighbour solicitation , → – Unique only on local network segment, – Used to boot strap other IPv6 protocols and addresses – Interface prefix is generated from mac address on ethernet NICs using EUI64: ● Mac address is 48 bits long, ● Interface identifier is 64 bits long – Not forwarded by routers

  17. Unique Local Address/Global Addresses ● Stateless Automatic Address Configuration - allows IPv6 networks to auto-configure themselves via ICMPv6 packets ● Link-Local address allows for – the issuing of router solicitation packets, – Receipt of router advertisement packets, ● Routers – Receive solicitation packets, – Send advertisement packets – Provide node with one or more network prefix and router address – Network prefix can be a ULA or global address – Client does duplicate address detection (DAD)

  18. IPv6 - Configurations ● SLAAC can be used in a number of ways: – Stateless without DHCPv6, – Stateless with DHCPv6 – Stateful with DHCPv6 ● Stateless - – Router/DHCP server does not track ip address, – Simply provides network prefix, – Node not guaranteed to get same IPv6 address, – Node configures host identifier, ● Stateful - – DHCP server keeps track of addresses handed out (leases), – DHCP can assign same IPv6 address to returning node (DUID),

  19. IPv6 - SLAAC ● Pros – Automatic configurations, – No configuration required by client, ● Cons – No updating of DNS for nodes, fixed with RFC6106, – Limited set of configurations options for auto configuration of nodes

  20. IPv6 – ULA/Global Configurations ● Without DHCP - Router can also send – DNS server information, – Router IPv6 address (default gateway), – Flags ● With DHCP – Node can obtain – Fixed IP address, – Additional configuration information – DUID – device unique id, ● DHCPv6 does not use mac address for unique identification, ● Each address assigned based on DUID and interface Association identifier, ● Designed to prevent updating DHCP server when network card changes ● DUID is created by OS or DHCPClient, ● IAID – from mac

  21. Unique Local Address ● ULA – similar to private addresses in IPv4, ● Can route traffic across network segments, ● Used for company or home lan, ● Should not be routed by gateway devices, ● Network prefix fc00::/7. As 8 th bit is always 1 will see fd00 for ula address ● You can create your own ULA or use sites such as http://unique-local-ipv6.com/

  22. Global Addresses ● Assigned by ISP or Afrinic etc, ● Globally routable, ● Similar to IPv4 public addresses, ● For ISP router will need to receive IPv6 prefix for use in configuring IP addresses for nodes, ● Global addresses currently start with 2001::

  23. How to do this on Linux?

  24. IPv6 on Linux ● How to set up a basic IPv6 network for lan, ● What we will need: – radvd – router advertisement daemon, ● “apt-get install radvd” ● or a router on your network with a router advertisement daemon running and configured with your DHCP server details, – isc-dhcp-server – dhcpv6 capable server, ● “apt-get install isc-dhcp-server” – bind9 – DNS server for Dynamic DNS updates ● “apt-get install bind9”

  25. IPv6 RADVD Configuration interface eth0 { ● Enable Ipv6 forwarding AdvSendAdvert on; prefix fd45:2222:0:1::/64 – net.ipv6.conf.default.forwarding=1 { ● Edit /etc/radvd.conf AdvOnLink on; AdvAutonomous on; – Prefix – the network prefix to }; }; advertise, can have more than one, interface eth0 { – Options AdvSendAdvert on; ● AdvOnLink – on or off link prefix fd45:2222:0:1::/64 { ● AdvAutonomous – whether this AdvOnLink on; prefix can be used for auto config AdvAutonomous on; ● Enable DHCPv6 lookup AdvManagementFlag on; – AdvManagementFlag – use stateful IP AdvOtherConfigFlag on; assignement }; – AdvOtherConfigFlag – get additional }; config from DHCP server

  26. IPv6 – DHCPv6 Set up ● Ubuntu 14.04 – has a bug ● Isc-dhcp-server can run both IPv4 and IPv6 DHCP services, cannot start dhcp server with ● IPv6 DHCP uses different ports to “-6” option to enable ipv6. IPv4, ● Usually edit /etc/default/isc- ● Most options same as for IPv4 with dhcp-server and add “-6” to 6 appended, options – subnet6, range6 ● Need to add to rc.local for now ● Use DUID instead of MAC for static address assignment, “sudo dhcpd -6 -cf /etc/dhcp/dhcpd.conf -lf ● /var/lib/dhcp/dhcpd.leases wlan0” ● Need to setup keys for dynamic DNS update

  27. ddns-update-style interim; ddns-updates on; update-conflict-detection false; update-optimization false; option domain-name "jozilug.co.za"; option dhcp6.name-servers fd5d:12c9:2201:1::2; default-lease-time 600; max-lease-time 7200; include "/etc/dhcp/rndc.key"; zone jozilug.co.za. { primary 127.0.0.1; key rndc-key; } zone 1.0.0.0.1.0.2.2.c.9.2.1.d.5.d.f { primary 127.0.0.1; key rndc-key; } subnet6 fd5d:12c9:2201:1::/64 { range6 fd5d:12c9:2201:1::100 fd5d:12c9:2201:1::200; };

  28. DHCPv6 ● Can operate in several modes – Stateless mode router advertisements assign ip address, DHCP → provides DNS, time servers etc – Stateful mode DHCP assigns ip addresses and network services, → – DHCPv6-PD – prefix delegation obtains network prefix from upstream provider ● Router solicitation → – O flag get configuration information, → – M flag get IP address →

  29. DHCPv6 ● Client uses DUID to identify itself (mac address in DHCPv4) – DUID – unique per server/client, – Should not be changed in products lifetime, – Must be globally unique ● IAID – Interface association ID unique per interface and IP address

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Getting started with IPv6 on Linux Jake Edge LWN.net jake@lwn.net LinuxCon North America 19

Getting started with IPv6 on Linux Jake Edge LWN.net jake@lwn.net LinuxCon North America 19

Getting started with IPv6 on Linux Jake Edge LWN.net jake@lwn.net LinuxCon North America 19 August 2011 History and Motivation IPng project July 1994 IPv6 - RFC 2460 December 1998 IPv5 - Internet Stream Protocol used

466 views • 19 slides
IPv6 on Linux servers Dan Pri(s 16 August 2013 Why

IPv6 on Linux servers Dan Pri(s 16 August 2013 Why

IPv6 on Linux servers Dan Pri(s 16 August 2013 Why IPv6? 7 Billion people 4 Billion IPv4 addresses (2 32 )

607 views • 42 slides
Survey of inconsistencies in Linux kernel IPv4/IPv6 UAPI Roopa Prabhu Proceedings of netdev

Survey of inconsistencies in Linux kernel IPv4/IPv6 UAPI Roopa Prabhu Proceedings of netdev

Survey of inconsistencies in Linux kernel IPv4/IPv6 UAPI Roopa Prabhu Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada Agenda Goals Introduction to Kernel Netlink UAPI for IPv4/IPv6 Introduction to userspace apps

411 views • 27 slides
IPv6 IPv6 Header IPv6 Addressing IPv6 Neighbor Discovery Jyh-Cheng Chen Department of Computer

IPv6 IPv6 Header IPv6 Addressing IPv6 Neighbor Discovery Jyh-Cheng Chen Department of Computer

Outline IPv6 IPv6 Header IPv6 Addressing IPv6 Neighbor Discovery Jyh-Cheng Chen Department of Computer Science and IPv6 Autoconfiguration Institute of Communications Engineering National Tsing Hua University jcchen@cs.nthu.edu.tw

783 views • 11 slides
Internet Evolution and IPv6 Paul Wilson APNIC 1 Where are IPv6 addresses today? 2 IPv6

Internet Evolution and IPv6 Paul Wilson APNIC 1 Where are IPv6 addresses today? 2 IPv6

Internet Evolution and IPv6 Paul Wilson APNIC 1 Where are IPv6 addresses today? 2 IPv6 Global allocations by RIR APNIC 337 21% RIPENCC 737 45% ARIN 438 LACNIC AFRINIC 27% 87 37 5% 2% Unit: IPv6 pref i x 3 IPv6

603 views • 24 slides
IPv6 Ready Logo Aiding IPv6 Deployment Timothy Winters LACNIC 27 May 2017 IPv6 Forums IPv6

IPv6 Ready Logo Aiding IPv6 Deployment Timothy Winters LACNIC 27 May 2017 IPv6 Forums IPv6

IPv6 Ready Logo Aiding IPv6 Deployment Timothy Winters LACNIC 27 May 2017 IPv6 Forums IPv6 Ready Logo Goal 2001-Present: Conformance and Interoperability test program intended to increase user confidence and promote IPv6 deployment.

403 views • 11 slides
SO YOUR IPV6 IS PUBLICNOW WHAT? BY JOE SULLIVAN JOLIET JUNIOR COLLEGE, PROFESSOR APRIL 27 TH

SO YOUR IPV6 IS PUBLICNOW WHAT? BY JOE SULLIVAN JOLIET JUNIOR COLLEGE, PROFESSOR APRIL 27 TH

SO YOUR IPV6 IS PUBLICNOW WHAT? BY JOE SULLIVAN JOLIET JUNIOR COLLEGE, PROFESSOR APRIL 27 TH 2017 CCNP, Palo Alto ACE, CCNA Video, CCNA Voice, CVNS, CVNR, CCNA Collaboratjon, H.E. IPv6 Sage, Linux Essentjals, ECSVRv1, ECSERv2, CCNA

837 views • 27 slides
Master Thesis Supporting IPv6 host-based multihoming (shim6) in Linux Firewalls Christoph Paasch

Master Thesis Supporting IPv6 host-based multihoming (shim6) in Linux Firewalls Christoph Paasch

Theoretic overview Shim6 and Firewalls: Problem statement Implementation Performance evaluation Configuring a shim6-firewall Conclusion Master Thesis Supporting IPv6 host-based multihoming (shim6) in Linux Firewalls Christoph Paasch

422 views • 31 slides
IPv6 Deployment at Monash University John Mann Agenda IPv6 is Coming IPv6 is Already

IPv6 Deployment at Monash University John Mann Agenda IPv6 is Coming IPv6 is Already

IPv6 Deployment at Monash University John Mann Agenda IPv6 is Coming IPv6 is Already Here Monash IPv6 Progress Addressing End Systems Monitoring Network Address Usage Traffic Monitoring Problems IPv6 is Coming

779 views • 41 slides
Life with IPv6 Journe Cohabitation IPv4-IPv6 16 Fvrier 2005 Keiichi SHIMA

Life with IPv6 Journe Cohabitation IPv4-IPv6 16 Fvrier 2005 Keiichi SHIMA

Life with IPv6 Journe Cohabitation IPv4-IPv6 16 Fvrier 2005 Keiichi SHIMA <keiichi@iijlab.net> IIJ Research Laboratory / WIDE project Contents IPv6 service in Japan How I live Example of IPv6 configuration Some news of IPv6

653 views • 16 slides
Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client

Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client

Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client and a server? What is Linux? Linux generally refers to a group of Unix-like free and open-source operating system distributions that use the Linux

562 views • 53 slides
Introduction to IPv6 (Chapter 4 in Huitema) IPv6,Mobility-1 S-38.121 / S-03 / N Beijar IPv6

Introduction to IPv6 (Chapter 4 in Huitema) IPv6,Mobility-1 S-38.121 / S-03 / N Beijar IPv6

Introduction to IPv6 (Chapter 4 in Huitema) IPv6,Mobility-1 S-38.121 / S-03 / N Beijar IPv6 addresses 128 bits long Written as eight 16-bit integers separated with colons E.g. 1080:0000:0000:0000:0000:0008:200C:417A =

617 views • 20 slides
IPv6 Deployment WG in IPv6 Promotion Council and its Deployment Guideline 2005.2.23 IPv6

IPv6 Deployment WG in IPv6 Promotion Council and its Deployment Guideline 2005.2.23 IPv6

IPv6 Deployment WG in IPv6 Promotion Council and its Deployment Guideline 2005.2.23 IPv6 Deployment WG Chair Takashi Arano (Intec NetCore, Inc.) IPv6 Deployment Guideline solves barriers for deployment I cant see IPv6s

319 views • 7 slides
Introduction to IPv6 (Chapter 4 in Huitema) S-38.121 / Fall-04 / N Beijar IPv6,Mobility-1 IPv6

Introduction to IPv6 (Chapter 4 in Huitema) S-38.121 / Fall-04 / N Beijar IPv6,Mobility-1 IPv6

Introduction to IPv6 (Chapter 4 in Huitema) S-38.121 / Fall-04 / N Beijar IPv6,Mobility-1 IPv6 addresses 128 bits long Written as eight 16-bit integers separated with colons E.g. 1080:0000:0000:0000:0000:0008:200C:417A =

556 views • 20 slides
Introducing IPv6-only in the Internet: Balkanisation or Translation? Alain.Durand@sun.com

Introducing IPv6-only in the Internet: Balkanisation or Translation? Alain.Durand@sun.com

Introducing IPv6-only in the Internet: Balkanisation or Translation? Alain.Durand@sun.com When will IPv6-only deployment happen? Hypothesis 1 1st node is All IPv4 nodes dual-stack speak also IPv6 IPv4-only IPv4 & IPv6 IPv6-only

675 views • 25 slides
IPv6 Introduction by Harald Welte <laforge@rfc2460.org> IPv6 Introduction What? Why?

IPv6 Introduction by Harald Welte <laforge@rfc2460.org> IPv6 Introduction What? Why?

IPv6 Introduction by Harald Welte <laforge@rfc2460.org> IPv6 Introduction What? Why? What is IPv6? Successor of currently used IP Version 4 Specified 1995 in RFC 2460 Why? Address space in IPv4 too small Routing tables too large

476 views • 19 slides
IPv6 Yourself Jumping Bean What is IPv6? Replacement for IPv4, 128 bit IP address

IPv6 Yourself Jumping Bean What is IPv6? Replacement for IPv4, 128 bit IP address

IPv6 Yourself Jumping Bean What is IPv6? Replacement for IPv4, 128 bit IP address IPv4 allowed for 4.3 billion possible addresses, IPv6 allows for 340 undecillion addresses 3.40E38, 7.9E28 more than IPv4 addresses, ~ 4.8x10

1.07k views • 28 slides
Network Programming - I Tevfik Ko ar Louisiana State University November 9 th , 2010 1 2

Network Programming - I Tevfik Ko ar Louisiana State University November 9 th , 2010 1 2

CSC 4304 - Systems Programming Network Programming Fall 2010 Lecture - XV Network Programming - I Tevfik Ko ar Louisiana State University November 9 th , 2010 1 2 Sockets Ports A Socket is comprised of: Ports 0 through 1023 are

412 views • 5 slides
Review for CIS 1.0 CIS 1.0 review for final, by Yuqing Tang Final The Topics of CIS 1.0

Review for CIS 1.0 CIS 1.0 review for final, by Yuqing Tang Final The Topics of CIS 1.0

Review for CIS 1.0 CIS 1.0 review for final, by Yuqing Tang Final The Topics of CIS 1.0 Computer system hardware and software Machine architecture How hardware components being organized How computer program and data

1.19k views • 105 slides
DNS-OARC and the Open Knowledge Network Keith Mitchell DNS-OARC President WIE-KISMET Workshop

DNS-OARC and the Open Knowledge Network Keith Mitchell DNS-OARC President WIE-KISMET Workshop

DNS-OARC and the Open Knowledge Network Keith Mitchell DNS-OARC President WIE-KISMET Workshop December 2019 OARC's Mission Statement The Domain Name System Operations Analysis and Research Center (DNS-OARC) is a non-profit, membership

163 views • 12 slides
Andreas Mller Overview q Introduction to Network Address Translation q Behavior of NAT

Andreas Mller Overview q Introduction to Network Address Translation q Behavior of NAT

Chair for Network Architectures and Services Prof. Carle Department for Computer Science TU Mnchen ilab 2 Advanced NAT Andreas Mller Overview q Introduction to Network Address Translation q Behavior of NAT q The NAT Traversal

1k views • 43 slides
Simple Network Management Pwnd Information Data Leakage Attacks Against SNMP Introduction Deral

Simple Network Management Pwnd Information Data Leakage Attacks Against SNMP Introduction Deral

Simple Network Management Pwnd Information Data Leakage Attacks Against SNMP Introduction Deral Heiland Matthew Kienow deral_heiland@rapid7.com mkienow@inokii.com dh@layereddefense.com @HacksForProfit @Percent_X Why ? Add value ?

939 views • 66 slides
Postmarketing Drug Safety and Inspection Readiness June 19, 2018 Center for Drug Evaluation and

Postmarketing Drug Safety and Inspection Readiness June 19, 2018 Center for Drug Evaluation and

Postmarketing Drug Safety and Inspection Readiness June 19, 2018 Center for Drug Evaluation and Research (CDER) Small Business and Industry Assistance (SBIA) Webinar United States Food and Drug Administration (FDA) CDER / Office of Compliance

625 views • 61 slides
Seminar: Ubiquitous Computing Instant Networking and Dynamic Service Discovery Tim Niemueller <

Seminar: Ubiquitous Computing Instant Networking and Dynamic Service Discovery Tim Niemueller <

Introduction Instant Networking Name Resolution Service Discovery Summary Seminar: Ubiquitous Computing Instant Networking and Dynamic Service Discovery Tim Niemueller < tim@niemueller.de > Supervisor: Karl-Heinz-Krempels Lehrstuhl f

1.82k views • 134 slides

More recommend