IPv6是Internet Protocol Version 6的缩写,其中Internet Protocol译为“互联网协议”,是IETF(互联网工程任务组,Internet Engineering Task Force)设计的用于替代现行版本IP协议(IPv4)的下一代IP协议。目前的全球因特网所采用的协议族是TCP/IP协议族。IP是TCP/IP协议族中网络层的协议,是TCP/IP协议族的核心协议。目前IP协议的版本号是4(简称为IPv4),它的下一个版本就是IPv6。IPv6正处在不断发展和完善的过程中,它在不久的将来将取代目前被广泛使用的IPv4。
看完本视频,你将对IP协议及IPv6有一个全面的了解。
LinuxCBT.IPv6.Edition
LinuxCBT IPv6 Edition focuses exclusively on the burgeoning Internet Protocol Version 6 (IPv6).
The coursework explores IPv6 implementation on today's mainstream Network Operating Systems (NOSs), including: GNU/Linux, Solaris, Windows and Cisco IOS.
Given the imminent depletion of globally-unique 32-bit IPv4 addresses, and mandates set by the US Government with respect to IPv6-backbone-compliancy by Q2 2008 for government agencies, Information Technology (IT) Network/Systems Engineers/Administrators/Integrators/Directors/etc., are tasked with preparing their backbones and applicable infrastructure(VLANs/DMZs/etc.) to support Internet Protocol Version 6 (IPv6).
# Network - Visio Drawing - Topology Overview
* Explore classroom environment
* Discuss the protocols used
* Identify key infrastructure devices
* Explain network topology - Visio
* Discuss the IPv4 RFC-1918 Intranet & DMZ configuration
* Download and install NMap IPv4/IPv6 network scanning utility
* Query Intranet hosts using NMap
# Open Systems Interconnect (OSI) & TCP/IP|DOD Networking Models
* Discuss the OSI model
* Identify key IP-related services at various layers of the OSI model
* Explain Protocol Data Unit (PDU) framing at various OSI levels
* Discuss the DOD model
* Correlate TCP/IP|DOD model to the OSI model
* Identify and discuss key IPv4 layers of both networking models
* Identify and discuss key IPv6 layers of both networking models
# IPv4 Features & Limitations
* Discuss the history of IPv4
* Explain the flow of traffic in a typical IPv4 environment
* Explain IPv4 multiplexing
* Discuss Network Address Translation (NAT)
* Discuss classful and classless IPv4 addresses
* Explain the role subnet masks play in network delineation
* Discuss Address Resolution Protocol (ARP)
* Discuss IPv4 Internet Control Messaging Protocol (ICMP)
* Decode OSI layers (2-7) using 'tcpdump' packet sniffer/logger
# IPv6 Features
* Discuss the expanded bit-range used to define source/destination IPv6 addresses
* Explain the hierarchial nature of IPv6 prefixes
* Discuss the typical /48 organizational globally-unique prefix
* Explain typical ISP prefix assignments
* Discuss minimum Message Transfer Units (MTUs)
* Discuss automatic configuration of IPv6-enabled hosts - local|router|DHCP
* Explain NAT & ARP obsolescence in an IPv6 environment
* Discuss primary IPv6 address types - Unicast|Multicast|Anycast
* Describe the role multicast plays in solicitations/advertisments & reduced congestion
* Explain how layer-4 protocols (TCP/UDP) are implemented
* Identify Hexadecimal address representation
# Hexadecimal Conversions
* Analyze and discuss typical link local address auto-configured by IPv6
* Discuss the range of HEX characters
* Compare and contrast the boundaries of IPv6 and IPv4 addresses
* Explain some of the caveats of using decimal to represent IPv6 addresses
* Compare and contrast HEX and decimal character ranges
* Outline the rules for converting from decimal to HEX
* Translate decimal values to HEX
* Translate IPv4 broadcast address to HEX
* Convert IPv4 publicly routable address to a 6-to-4 IPv6 address
* Outline the rules for converting from HEX to decimal
* Translate HEX nibbles to decimal equivalent
# IPv6 Addressing - Colon Hexadecimal Notation
* List key IPv6 address rules
* Expand a 6-to-4 globally-unique IPv6 address to its full 128-bit representation
* Segment the 6-to-4 globally-unique IPv6 address into key sections
* Discuss the key sections of 6-to-4 IPv6 address with respect to routing and host identification
* Explain the rules and benefits of using Zero-compression with IPv6 addresses
* Identify unique IPv6 addresses and correlate to IPv4 - i.e. Loopback/Socket
* Identify and discuss 48-bit MAC addresses
* Explain the significance of MAC addresses in forming unique EUI-64 IPv6 addresses
* Discuss link local address limitations
* Identify key IPv6 sockets
* Use 'ping6' and 'ICMPv6' to communicate with various IPv6 addresses
* Identify the number of bits available for subnets and hosts
# IPv6 Header
* Discuss the benefits of a concise, fixed-length header
* Identify the characteristics of key IPv6 header fields
* Compare and contrast IPv4 and IPv6 headers
* Explain the benefits of extension headers
* Discuss how fragmentation is handled in IPv6
# ICMPv6 - Header & Applications
* Define ICMP
* Explain ICMPv6 applications
* Discuss ICMPv6 Neighbor Discovery (ND)
* Compare & contrast Neighbor Discovery to Address Resolutipn Protocol (ARP)
* List examples of ICMPv4 and ICMPv6 debugging utilities
* Explain levels of ICMPv6 messages
* Discuss important ICMPv6 error messages
* Compare and contrast ICMPv4 and ICMPv6 headers
* Use 'tcpdump' to decode ICMPv6 - Neighbor/Router Discoveries/Solicitations
* Explore ICMPv6's usage of multicast IPv6 addresses
* Discuss the role of Duplicate Address Detection (DAD) in IPv6 address conflict resolution
* Explain and explore neighbor tables
* Install RDesktop - RDP - Terminal Services client
* Connect to Windows Host in DMZ and attempt to communicate using Link Local IPv6 address
# Dual Protocol (IPv4 & IPv6) Stacks
* Discuss the pros and cons of dual protocol stacks
* Identify the independent stacks at various OSI layers
* Identify distinct IPv4 and IPv6 tools
* Enumerate and discuss the supported tunneling mechanisms in a dual-stack environment
* Explore default IPv4 and IPv6 routing tables
* Identify key unicast and multicast routing entries
* Explore IPv6 stacks on Linux | Windows | Solaris
# Common IPv6 Prefixes/Subnets
* Define IPv6 Prefixes/Subnets
* Compare and contrast IPv4 subnets with IPv6 prefixes
* Identify key prefixes - loopback, link local, site local, ISP, ISP-assigned /48, /64 Unique Host
* Discuss how router configuration and advertisments influence host configuration
* Discuss multicast prefixes
# Link Local Prefixes and Addresses
* Indicate the standard Link Local prefix
* Analyze standard Link Local addresses
* Emphasize Link Local MAC address relationship - EUI-64
* Explain features and limitations of Link Local addresses
* Configure Cisco router with IPv6 support
* Confirm broadcast domain connectivity from DMZ and internal perspectives
# Intra Site Automatic Tunneling Protocol (ISATAP) Implementation
* Define ISATAP tunneling
* Provide examples of ISATAP applications
* Identify current IPv4 - globally unique address
* Create 6-to-4 globally unique IPv6 address for use in ISATAP configuration
* Configure Cisco router with ISATAP and globally-unique prefix
* Configure Windows server to use ISATAP
* Test IPv6 routing via ISATAP from Windows, Linux, Cisco and Solaris
# IPv6 Intranet Routing Using 6-to-4 Globally-Unique Prefixes
* Distinguish between privileged and non-privileged uses
* Identify the default shell for a given user
* Discuss features of BASH
* Execute BASH
* Discuss pseudo-terminals and how to identify connected terminals
* Modify user's accounts to default to BASH using shell & SMC
* Use 'su' to switch users
* Explore key BASH commands
* Focus on BASH input, output, and error redirection
* Explore BASH command chaining
* Use logical BASH operators (&&, ||) to control program logic
* Discuss and alter BASH global and user-specific configuration files
* Reveal key information using system info commands
# IPv6 over IPv4 - 6-to-4 Intranet/Internet Tunneling
* Discuss the pros and cons of 6-to-4 tunneling
* Compare and contrast ISATAP and 6-to-4 tunneling
* Disable ISATAP tunneling
* Confirm inability to route traffic using ISATAP with ICMPv6
* Create usable IPv6 prefixes based on 6-to-4 prefix
* Configure Cisco router's physical interfaces using 6-to-4 IPv6 prefixes
* Configure Cisco router's logical VLAN with a 6-to-4 prefix
* Confirm IPv6 internal routing between various physical and logical interfaces
* Test communications between Windows | Solaris | Linux hosts
* Configure 6-to-4 tunneling on external Cisco router interface
* Confirm communications with Internet IPv4 6-to-4 hosts using 6-to-4 tunneling
* Configure Cisco router to route IPv6 Internet traffic to 6-to-4 relays
* Test communications with native IPv6 Internet hosts & web sites from edge router
* Test native IPv6 communications from internal Linux | Windows | Solaris hosts
* Implement 6-to-4 tunneling on publicly-facing Linux hosts
* Test communications with 6-to-4 and native IPv6 hosts from public Linux boxes
# DNS Configuration with IPv6
* Explain classroom DNS architecture
* Discuss IPv6 DNS compatibility with BIND and Microsoft DNS
* Explain how to perform IPv6 queries using 'dig'
* Enumerate systems for IPv6 DNS inclusion
* Configure BIND DNS with IPv6 AAAA records for applicable hosts
* Test IPv6 DNS resolution
* Configure Microsoft DNS with IPv6 AAAA records for applicable hosts
* Test IPv6 DNS resolution using 'dig' and 'nslookup'
* Discuss reverse DNS nibble format
* Configure reverse IPv6 DNS
* Test reverse DNS
# Static IPv6 Address Configuration
* Discuss pros and cons of static IPv6 configuration
* Identify key configuration files
* Discuss rules related to unique IPv6 address creation
* Configure static IPv6 address for Solaris
* Configure static IPv6 address for Linux
* Configure static IPv6 address for Windows
* Confirm static addresses from various hosts
# Apache HTTPD & IIS IPv6 Configuration
* Discuss Apache IPv6 benefits and features
* Install Apache HTTPD
* Explain IPv6 address syntax when used in URLs
* Test connectivity to default Apache site using IPv6 address in browser
* Define IP-based virtual hosts with IPv6 support
* Test IP-based virtual host connectivity
* Define Name-based virtual hosts with IPv6 support
* Test Name-based virtual host connectivity
* Identify key files and utilities related to Apache SSL configuration
* Generate SSL/TLS certificates and assign to default web site
* Test secure SSL/TLS connectivity
* Generate multiple SSL/TLS certificates for multiple Apache virtual hosts
* Assign SSL/TLS certificates to various Apache virtual hosts
* Test secure SSL/TLS connectivity to Apachve virtual hosts
* Discuss caveats related to IIS IPv6 support on Windows
* Configure Internet Information Server (IIS) to support IPv6 on Windows
* Test accessing content served by IIS using IPv6
# Secure Shell Version 2 (SSHv2) IPv6 Implementation
* Discuss SSHv2 IPv4 and IPv6 connection features
* Assign IPv4 and IPv6 records to DNS configuration
* Confirm SSHv2 IPv6 configuration
* Connect to Linux and Solaris hosts using SSHv2 and IPv6
* Confirm connectivity via IPv6 on Linux/Solaris hosts
* Connect to Cisco router using SSHv2 and IPv6
* Confirm connectivity via IPv6 on Cisco router
* Use PuTTY on Windows server to connect to various IPv6 systems
* Confirm PuTTY IPv6 connectivity on destination systems
# Very Secure FTPD (VSFTPD) IPv6 Implemenation
* Explain VSFTPD's support for IPv6
* Configure VSFTPD to accept IPv6 traffic
* Examine network statistics table for IPv4 and IPv6
* Test connectivity from Linux | Windows | Solaris
# Network Mapper (NMap) IPv6 Implementation
* Discuss features and benefits of NMap
* Download and install NMap
* Explain IPv6 limitations
* Map the Intranet using IPv4
* Discuss rules related to NMap IPv6 scanning
* Scan the local system using IPv6
* Scan a range of IPv6 hosts
* Scan hosts using IPv6 DNS
# TCPDump Packet Capture Tool - IPv6 Implemenation
* Enumerate features and benefits of TCPDump
* Explain Berkeley Packet Filters (BPFs) used to parse IPv6 traffic
* Perform filtered and non-filtered IPv6 sniffs/dumps
* Examine results
* Log packets to TCPDump format for post-processing by Ethereal
* Capture clear-text communications and log to TCPDump for further analysis
# Ethereal Packet Capture/Analysis Tool - IPv6 Implemenation
* Discuss features & benefits
* Install Ethereal
* Alter X11 security to permit Ethereal to write to non-privileged user's desktop
* Explore Ethereal's Graphical User Interface (GUI)
* Store packet-capture profiles
* Capture IPv4 packets
* Analyze IPv4 packets
* Capture and analyze IPv6 packets
* Apply BPFs to packet capture profiles
* Compare and contrast capture and display filters
* Analyze TCPDump captures based on BPFs
* Filter BPF-based captures with display filters
* Examine layers 2-7 of OSI, including key IPv6 fields
* Capture IPv6 Neighbor Discoveries (NDs) and Router Advertisments (RAs)
* Examine results
# IP6Tables - Linux Firewall for IPv6
* Discuss features & benefits
* Compare and contrast IPTables (IPv4) with IP6Tables (IPv6)
* Identify key binaries and kernel loadable modules
* Explain IP6Tables' default tables and chains
* Write IPv6 ACLs using IP6Tables and commit configuration
* Test the results of IPv6 ACLs from various hosts
# Cisco Access Control Lists for IPv6
* Discuss features of IPv6 ACLS
* Define IPv6 ACL to protect the Virtual Terminal (vty) for SSH | Telnet access to router
* Apply VTY IPv6 ACL and test connectivity from various IPv4 and IPv6 hosts
* Test inbound communications from external IPv4 and IPv6 hosts
* Define and apply IPv6 ACL to protect external, Internet-facing IPv6 interface
* Test inbound IPv6 connectivity from external IPv6 hosts
* Use NMap to confirm IPv6 ACLs from inbound and outbound perspectives
* Evaluate IPv6 ACL counters and log
