Duration
4 days
Audience:
Employees of federal, state and local governments; and businesses working with the government.
Course Overview
This powerful, hands-on course covers all you need to know about IPv6 technology and its implementation and deployment within your network environments. The IPv6 protocol offers 128-bit IP addresses compared to IPv4’s 32-bit addresses and plays a growing role in security, VoIP, Quality of Service (QoS), and other networking technologies for medium to large enterprises.
In this course, you will gain a complete understanding of the differences between the IPv4 and IPv6 protocols, critical pre- and post-deployment installation techniques to ensure successful migration, and how to deploy mixed IPv4/IPv6 networks. Through detailed hands-on labs, you will configure IPv6-over-IPv4 tunnels and explore and understand the expanded roles of the IMCPv6 protocol vs. ICMP in IPv4.
You’ll also learn about IP Security (IPSec), Access Control Lists, and DNS implementation within an IPv6 network, as well as IPv6 auto-configuration vs. stateful and stateless DHCPv6 configuration of IPv6-enabled devices. Finally, you will gain invaluable real-world experience as you configure and set up IPSec tunnels, explore DNS implementation, configure and analyze Access Control Lists, and configure routers with various IPv6 routing protocols in informative hands-on labs.
Course Outline
1. Introduction to IPv6
- IPv6 First Appears Simple
- Why IPv6
- New Technologies
- IPv4 Lifetime Extension
- Key Differences Between IPv4 and IPv6
- Free IPv6 Brokers and Support
- IPv4 Lifetime Extension
- What Happened to IPv5?
- Key Differences between IPv4 and IPv6
- DoD 2003 Mandate
- NIST Recommendations
- DoD IPv6 Standard Profiles
- IPv6 Forum
- MoonV6, NAv6TF, and JTIC
- IPv6 Ready Logo Program
- Five Internet Registries
- ARIN Requirements for Address Licensing
- ARIN Form/Template
- ARIN Assignment
- 2012 Government Public-Facing Servers
- Current Issues with Public Servers
- IPv6 Reference Sheet
2. IPv6 Addressing
- Binary Number Representation
- Decimal-to-Binary Conversion
- Hexadecimal
- IPv6 Addressing
- Possible IPv6 Addresses
- IPv6 Address Notation
- Compressing the IPv6 Address
- IPv6 Address Space
- IPv6 Address Prefix Subnetting
- Prefix Examples
- IPv6 Prefixes
- Unicast Addresses
- Link-Local Address
- Site-Local (deprecation)
- Unique Local Address (ULA)
- Global Unicast Address
- Global Address Flow Chart
- Auto-Configured Address States
- Tentative
- Preferred, Deprecated
- Valid and Invalid
- Address Timers
- IPv6 Address Timers
- Anycast Addresses
- Multicast Addresses
- Well-Known Multicast
- Mapping Layer 3 to Layer 2 Multicast
- Loopback and Unspecified Addresses
- 64-bit MAC Address Assignment
- IPv6 Prefixes and MAC Addresses
- Temporary IPv6 Address
- IPv6 Ping Command
- Unicast Addresses
- IPv6 Host, Nodes, Routers, and Interfaces
3. IPv6 Header Information
- IPv4 Protocol Stack
- IPv6 Protocol Stack
- IPv6 Dual Stack
- IPv4 and IPv6 Type Codes
- IPv4 and IPv6 Header Comparison
- New Header Format
- Traffic Class Field
- IPv6 Header Length Includes
- IPv6 Extension Headers
- Hop-by-Hop
- Destinations Options
- Routing Header
- Mobility with IPv6
- Mobile Node Home Agent Support
- Fragment Header
- IPSec Authentication Header
- IPSec ESP Header
- Extension Header Order
- List of Next Header Values
4. ICMPv6 Network Operation
- ICMPv6 Header
- ICMPv6 Message Types
- ICMPv6 Error Message Types
- ICMPv6 Informational Message Types
- ICMPv6 Ping Operation
- ICMPv6 Echo Request Message
- ICMPv6 Echo Reply Message
- Windows XP
- Windows Vista and 07
- Windows server 03′ and 08′
- Windows 07 GUI Configuration
- Common Windows Commands
- Ipconfig Command
- Using Different Netsh Commands
- Windows Route Print Command
- Client Addresses
- ICMPv6 Neighbor Discoveries
- ICMPv6 Neighbor Discoveries Defined
- Neighbor Solicitation
- ICMPv6 Neighbor Discovery
- ICMPv6 Neighbor Solicitation Message
- Duplicate Address Detection
- Solicited-Node Multicast Address
- Duplicate Address Analyzed
- Neighbor Solicitation Message Process
- Host Neighbor Cache
- Host Neighbor Cache After Solicitation
- Neighbor Advertisement
- ICMPv6 Neighbor Advertisement Message
- Autoconfiguration Methods
- Router Solicitation
- ICMPv6 Router Solicitation Message
- Router Advertisement
- ICMPv6 Router Advertisement Message
- ICMPv6 Router Advertisement vs. DHCPv6
- Viewing a Router’s Neighbor Cache Table
- SLAAC Flow Chart
- Viewing a Host Routing Table
- Viewing a Router’s Neighbor Cache Table
- Configuring IPv6 on a Unix Workstation
- Unix Ifconfig Commands
- Common Unix Commands
- Configuring IPv6 on a MAC Workstation
- Operating Systems
- DHCPv6 Overview
- DHCPv4 and DHCPv6 Comparison
- DHCPv6 Relay Agent
- DHCPv6 08′ Server Configuration
- ICMPv6 Redirect
- ICMPv6 Multicast Messages
- Fragmentation Service from the Source
- ICMPv6 MTU Path Discovery
- ICMPv6 Packet Too Big Error Message
- Windows Destination Cache Table
- Fragment Header
- Fragment Offset Value
- ICMPv6 Time Exceeded Destination Unreachable, etc.
- ICMPv6 Multicast Listener Discovery Message
5. Routing Services and Protocols
- Current Routing Protocols
- RIPng Protocol
- RIPng Enhancements
- IPv4 RIP-2 MAC Header Snapshot
- IPv6 RIPng MAC Header Snapshot
- IPv4 RIP-2 IP Header Snapshot
- IPv6 RIPng IP Header Snapshot
- IPv4 RIP-2 UDP Header Snapshot
- IPv6 RIPng UDP Header Snapshot
- IPv4 RIP-2 Snapshot
- IPv6 RIPng Snapshot
- IPv6 RIPng Trace File
- Enabling IPv6 on Cisco
- Enabling IPv6 on a Router
- Router Configuration for IPv6
- OSPFv3
- OSPF Areas
- Link State Advertisement
- LSDB Exchange
- Entering Information into the Routing Table
- OSPFv3 Routing Table
- Forming Adjacency
- OSPF Area Border Routers
- DR and BDR Election
- DR and BDR Operation
- OSPF Hello Packet
- BGP Protocol
- BGP Neighbors
- Common MP-BGP Commands
- BGP Peering Configuration
6. IPv6 Access List
- DMZ Layer
- Packet Filtering
- IPv6 ACL Packet Flow
- IPv4 Router Access-List
- IPv4 Standard and Extended ACL
- IPv6 Standard Access List
- IPv6 Extended Access List
- IPv6 Reflexive Access List
- Access List Configurations
7. DNS
- DNS infrastructure
- DNS A Records
- DNS AAAA Resource Record
- DNS Deployment
- Bind9 Support
- Example IPv6 DNS Query Over IPv4
- Example IPv6 DNS Reply Over IPv4
- DNS Update Over IPv6 Native
- Testing DNS
- HTTP and FTP URL Access
8. IPv6 Deployment Strategies
- Reasons Delaying iPv6 Migration
- Migration Schedule
- Preliminary Stage
- Discovery Stage
- Design Stage
- Deployment Stage
- IPv6 Address Recommendations
- IPv6 Deployment Strategies
- Potential Host Types During Migration from IPv4 to IPv6
- Dual-Stack Migration Strategy
- Current Operating Systems Supporting IPv6
- Application Upgrades
- FTP over IPv6 Connection
- FTP Connection over IPv6
- Viewing Live Analyzer Traces
- TFTP over IPv6
- SMTP over IPv6
- IPv4 and IPv6 Dual-Stack DNS Support
- IPv6 Tunneling Migration Strategies
- IPv6 Tunneled over IPv4
- IPv6 Tunneling Methods Using Manual Configuration
- Tunneling Router-To-Router
- Tunneling: ICMP Ping Packet
- Routing over 6to4 Tunnel
- Silver Springs Network
- 6to4 Tunneling Devices
- 6to4 Auto-Configured Tunnel
- ISATAP
- ISATAP Link-Local Capture
- Teredo
- Other Services and Technologies
- IPv6 Supported Technologies
- Enterprise Migration Steps
- Sample Inventory List
- Possible IPv6 Subnet Assignment
- Further Considerations in Migrating IPv6
- IPv6 Integration
9. IPSec Security
- IPSec Tunneling
- IPv6 IPSec
- Security Areas Addressed
- IPSec Framework
- Authentication Header
- AH Transport Mode
- AH Tunnel Mode
- Encapsulating Security Payload
- ESP Transport Mode
- ESP Tunnel Mode
- Internet Key Exchange
- IPv6 IPSec in a Windows Environment
- Microsoft Symmetric Key Authentication
- Setting Up the IPSec6 Tunnel
LABS
Lab 1: Initial Configuring and Neighbor Discovery
- Install IPv6 for Windows XP
- View your IPv6 address
- Review your configuration results
- Ping your neighboring pod’s computer
- Use Wireshark to analyze certain captured frames
- Analyze IPv6 header information
- Analyze various neighbor solicitations messages including DaD
- Investigate your PC’s neighbor cache
Lab 2: Configuring and Analyzing IPv6 on the Network Router
- Set up the classroom network
- Configure and verify IPv6 on a Cisco router
- Analyze Router Solicitation and Router Advertisement messages
- Verify and test network connectivity
- Use the debug ipv6 nd command to view the exchange of Router Solicitations
Lab 3: ICMPv6 Packet Too Large Fragmentation
- Configure your router with a link MTU size of 1280 bytes
- Ping your neighbor’s workstation with 1500 byte frame
- Capture the ICMPv6 Packet Too Large error message
- Ping your neighbor’s workstation with 8000 byte packet
- Capture and analyze Fragment Extension Headers
Lab 4: Configuring IPv6 RIPng
- Configure IPv6 on a Cisco router
- Configure IPv6 RIGng
- Verify IPv6 RIPng configuration and operation on your router
- Analyze RIPng updates using a network analyzer
Lab 5: DDNS (Dynamic DNS)
- Configure the network to use DDNS for name resolution
- Instead of pinging by IPv6 addresses, ping FQDN names using DNS resolution
- Configure your workstation for DDNS registration
Lab 6: OSPF Configuration
- Configure IPv6 OSPFv6 on your router
- Build adjacencies between other IPv6 routers
- View IPv6 OSPFv6 routing tables for different network connections
- View live OPSFv6 route updates from local router
- Configure IPv6 encryption used between routers
Lab 7: IPv6 BGP Routing
- Enable IPv6 BGP routing protocol
- Configure IPv6 BGP autonomous systems
- Configure both IBGP and EBGP neighbor statements
- View IPv6 routing tables
Lab 8: IPv6 Access Control List
- Configure your router to block telnet access from your neighboring routers
- Configure your access list so all other network devices can access your router
- Block your neighboring router from pinging your router
- Write an access list where you can ping other routers but block neighboring ping packets
Lab 9: DNS Operation
- Configure client for IPv6 DNS name resolution
- Analyze IPv6 quad (AAAA) records
- Analyze an DNS packet
- Verify DNS operation by pinging your DNS server and analyzing a DNS query
Lab 10: Building a Manual IPv6 Tunnel
- Configure a router for tunnel operation, allowing it to carry IPv6 traffic over an IPv4 network
- Test connectivity using the IPv6 address and fix any problems that occur
- Use show commands to view your configuration and verify tunnel operation
- Analyze tunnel traffic that was captured using a network analyzer