1 / 35

Introduction to IPv6

Introduction to IPv6. Last modified 2-28-11. Motivation. Last modified 7 am 6-4-11. IPv4 Exhaustion. The End Of The World!. IPv4 Addresses: 32 Bits. IPv4 address: 192.168.1.10 Four bytes In Binary: 11000000 10101000 00000001 00001010 2^32 total addresses 4 billion.

keene
Download Presentation

Introduction to IPv6

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction to IPv6 Last modified 2-28-11

  2. Motivation Last modified 7 am 6-4-11

  3. IPv4 Exhaustion The End Of The World!

  4. IPv4 Addresses: 32 Bits • IPv4 address: 192.168.1.10 • Four bytes • In Binary: 11000000 10101000 00000001 00001010 • 2^32 total addresses • 4 billion

  5. Internet Registry Regions http://www.iana.org/numbers/

  6. IPv4 Address Depletion

  7. No Reprieve • IANA will not re-purpose class D or E addresses for general use • People who ask for IPv4 addresses after exhaustion will not get them • Hoarding, scalping, and simple direct sale of used IPv4 addresses will begin soon

  8. IPv6 The Solution

  9. IPv6 Addresses: 128 Bits • IPv6 address • 2001:05c0:1000:000b:0000:0000:0000:66fb • Omitting unnecessary zeroes; • 2001:5c0:1000:b::66fb • Eight fields, each 16 bits long • 4 hexadecimal characters • 2^128 total addresses • 340 billion billionbillionbillion • Enough for a while

  10. Link BayThreat-10

  11. Federal IPv6 Transition Timeline • From Cisco (link BayThreat-11)

  12. Migration to IPv6

  13. Methods of IPv6 Migration • Ignore IPv6: Stay on IPv4-only • Gateways: Devices that convert IPv6 to IPv4 • Tunnel: IPv6 over IPv4 • Dual-Stack: IPv4 and IPv6 together • Nirvana: IPv6-only

  14. IPv6 Tunnels • Fast and easy to set up--best for n00bs • Not the best for security or performance • Free IPv4-to-IPv6 Tunnels • Gogo6.com • Sixxs.net • Tunnelbroker.com

  15. GoGo6 • Easiest

  16. Demonstration

  17. Companies Already on IPv6 ipv6.google.com www.v6.facebook.com comcast6.net ipv6.cnn.com More at link Baythreat-12

  18. IPv6 Certifications • Fun, realistic projects • He.net • Link BayThreat-13

  19. IPv6 Sages • As of 12-9-10 • Link BayThreat-18

  20. IPv6 Sages at CCSF • 22 IPv6 Sages at CCSF so far (12-9-10) • Link BayThreat-19

  21. T-Shirt #1 motivator for IPv6 Certification Link Baythreat-9

  22. Security Problems

  23. Used by Ethernet

  24. Privacy Risk Anyone who has your IP address also has your MAC address! There is a "Privacy Extensions" technique to avoid this, enabled by default in Vista and Windows 7

  25. ICMPv6 • Required for all networks • Cannot be blocked • Replaces ARP • "Neighbor Discovery" is trivial

  26. THC-IPv6 • Hacker's Toolkit • Runs fine on Ubuntu, even in VMware on Windows 7 • Instructions: link BayThreat-14

  27. Other Risks • Many security appliances are not ready for IPv6, so it often bypasses them • Torrents run over IPv6 • Link BayThreat-15 • Some VPN appliances are not ready, so IPv6 connections must bypass them • Packet Amplification Attacks • Routing Header Zero • Ping-pong • Links BayThreat-16 and 17

  28. Class Overview

  29. IPv6 Certification • Every student should be a Certified IPv6 Guru by the end of the class • Many extra credit projects go beyond that • Cisco routing for students who know Cisco routing • Windows: Router advertisements • Linux: IPv6-to-IPv4 Reverse Proxy

  30. Hurricane Electric IPv6 Certification (Part 1) • Registering at Hurricane Electric • Newb Test • Demonstrate basic knowledge of IPv6 • Become an IPv6 Newbie • Connecting as an IPv6 Client with the Gogo6 Tunnel • IPv6 over UDP over IPv4 • Connect to a Web server as a client over IPv6 • Become an IPv6 Explorer

  31. Hurricane Electric IPv6 Certification (Part 1) • IPv6 Web Server • You need to buy a domain name from GoDaddy ($2.17) • Apache will NOT work on Windows--use IIS instead • DNS: Creating an AAAA Record • Become an IPv6 Enthusiast

  32. Hurricane Electric IPv6 Certification (Part 1) • IPv6 Email Server • Use the Apache James Java SMTP server • Adding an MX Record to your DNS Zone • Installing the Thunderbird Email Client • Becoming an IPv6 Administrator

  33. Hurricane Electric IPv6 Certification (Part 2) DNS Configurations • Reverse DNS Servers • Routing Advertisements • Getting your own public IPv6 address block • Forward DNS Zone at Hurricane Electric • Reverse DNS Zone at Hurricane Electric • Authoritative DNS Servers • Passing the Reverse DNS Test

  34. Hurricane Electric IPv6 Certification (Part 2) • Becoming an IPv6 Professional • Becoming an IPv6 Guru • Becoming an IPv6 Sage • Get the T-Shirt • Fame, Fortune, Glory

  35. The Hardest Part • You need to make THREE accounts • Hurricane Electric • Gogo6 • Freenet6 • Each one has a name and password you need to write down

More Related