IPv6 Bootcamp Course (5 Days) Course Description: This intermediate - advanced, hands-on course covers pertinent topics needed for IPv6 migration and deployment strategies. IPv6 novices can expect to gain a thorough understanding of IPv6 including hands-on implementation configuration in this accelerated course. You will gain a complete understanding of how to implement IPv6 using both interior and exterior routing protocols; configure MPLS, BGP, advanced OSPFv3, and IPv6 multicasting. You will gain an understanding of different IPv6 security vulnerabilities and learn how to protect your company s network from current IPv6 attacks. Who Needs to Attend: Networking professionals who are migrating from an IPv4 to IPv6 protocol-based network environment, whether as a user-company or an ISP, will benefit greatly from this intensive 5 day course containing many hands-on labs. Prerequisites: Fundamental understanding of TCP/IPv4. Some understanding of IPv6 is an advantage. Section 1: Introduction to IPv6 Why IPv6 New technologies o IPv4 lifetime extension o Key differences between IPv4 and IPv6 Beijing Olympics IPv5 IPv4 and IPv6 Comparison DoD 2003 mandate Transition IPv6 Day NIST Recommendations Abilene project (Internet 2) Asia IPv6 rollout MoonV6, NAv6TF, JTIC ARIN requirements for address licensing o ARIN form/template o ARIN assignment 1
Section 2: IPv6 Addressing Binary number representation o Decimal-to-binary conversion Hexadecimal review IPv6 addressing o Possible IPv6 addresses o IPv6 address notation o Address compressing o IPv6 address space o IPv6 address prefix subnetting o IPv6 prefixes o Unicast addresses o Site-local deprecation o Unique local address o Link-local address o Global unicast address o Global address flow chart o Auto-configured address states Tentative Preferred, deprecated Valid and invalid Address Timers o Anycast addresses o Multicast addresses Well-known multicast o 64-bit MAC address assignment o Mapping an MAC address to an IPv6 address o IPv6 temporary address o IPv6 ping command o Loopback and unspecified addresses Section 3: Advanced Addressing Methods Issues with Prefixes longer than ::/64 Autoconfiguration Issues ::/80 Prefix assignment of ::/128 Static IPv6 Assignment Anycast Address Deployment Local Anycast Example Anycast Discovery Remote Anycast Example Loopback address assignment Sub-interfacing using IPv6 Preferred Global and Temporary Addressing Advanced Subnetting 2
Section 4: IPv6 Header Information IPv4 protocol stack IPv6 protocol stack IPv6 dual stack New header format IPv6 extension headers o Hop-by-Hop o Destinations Options o Routing Header Routing header example Mobility with IPv6 Mobile node home agent support o Fragment Header Fragment header example o IPSec Authentication Header o IPSec ESP Header o Using multiple extension headers Section 5: ICMPv6 Network Operation ICMPv6 message types ICMPv6 ping operation o ICMPv6 Echo Request message o ICMPv6 Echo Reply message Windows XP Windows Vista and 07 Windows server 03 and 08 Windows 07 GUI configuration Common windows commands o Ipconfig command o Using different netsh commands Neighbor Solicitation o ICMPv6 Neighbor Discovery o ICMPv6 Neighbor Solicitation message Neighbor Advertisement o ICMPv6 Neighbor Advertisement message Router Solicitation o ICMPv6 Router Solicitation message Router Advertisement o ICMPv6 Router Advertisement message o ICMPv6 Router Advertisement vs. DHCPv6 o Viewing a router s neighbor cache table Configuring IPv6 on a Unix workstation o Unix ifconfig commands o Common Unix commands Configuring IPv6 on a MAC workstation Operating systems overview o Windows XP and 07 o Windows server 03 and 08 o Linux, Unix 3
o MAC OS ICMPv6 Redirect ICMPv6 Multicast messages ICMPv6 Time Exceeded, Destination Unreachable, etc. ICMPv6 MTU path discovery o ICMPv6 packet too big error message Section 6: DNS Overview DNS infrastructure o DNS resolver o DNS A records o DNS AAAA resource record o DNS deployment o Bind9 support DNS messages o DNS query o Example: DNS query o DNS reply o Example: DNS reply Testing DNS Section 7: Advanced OSPFv3 OSPFv3 Overview OSPF Review Link State Advertisement LSDB Exchange Routing Table Update OSPFv3 Routing Table OSPF Cost Updated features for OSPFv3 Configuring a Router-id OSPFv3 Neighbors Viewing an OSPFv3 Neighbor Table DR and BDR Election Process OSPF Areas LSA Types o LSA 1-5 o New type 8 o New type 9 Area Types o Stub Area o Totally Stubby o Not-So-Stubby Area Dual ABR o Setting Preferred Metric Cost IPSec Authentication o Configuring IPSec authentication o IPv6 Area Route Summarization 4
Section 8: DHCPv6 DHCPv6 Overview DHCPv4 and DHCPv6 comparison DHCPv6 Process DHCPv6 Headers DHCPv6 Message Types Auto-Configuration Example Stateless-vs-Stateful Configuring Router Flags Configuring XP for DHCPv6 Configuring Windows 7 for DHCPv6 Configuring Linux for DHCPv6 2008 (R2) DHCPv6 Server Router client DHCPv6 support DHCPv6 IP helper Section 9: IPv6 Multicast Routing Unicast Example Multicast Example Multicast Address Types Multicast Address Structure Hop-by-Hop Header MLDv1 and MLDv2 Multicast Listener Query Multicast Listener Report Multicast Listener Done RP Registration Static Multicast Configuration Static RP Tunnel IPv6 PIM Join Message IPv6 PIM Hello Message Multicast Diagram Example Show Multicast Commands Multicast Configuration Examples IPv6 PIM-DM IPv6 PIM-SM Section 10: Advanced BGP4+ BGP Overview Administrative Distance Chart BGP Neighbors Configuring BGP Neighbors BGP Router-ID Single IPv6 EBGP Neighboring IPv6 over IPv4 Neighboring Link Failures Issues Peering using IPv6 Loopback 5
Next-Hop Attribute Next-Hop Self Command Configuring Distribute List Distribute List Example Route-Maps for IPv6 Route-Map Example Route-Map Voice and Data Example Neighbor Relationship IBGP Full-Meshing GRE Tunneling IPv6 Internal Routing Viewing BGP Attributes o Weight Values o Local Preference o MED Announcements o A/S Path Attribute o Origin Attribute Peer Group Configuration Route Redistribution BGP Configuration Example Section 11: MPLS for IPv6 MPLS and OSI Traditional IP Routing MPLS Overview o RIB, FIB, LIB, LFIB o MPLS Label Header o MPLS Labeling o MPLS Route Tagging o VRF, Route Targets o Route Distinguisher MPLS Terms LDP Labeling Viewing the LIB and LFIB Table MPLS VPN Example 6PE Overview 6PE Configuration Example BGP Peering over IPv4 only MPLS Network IPv6 Route Distinguisher 6PE Traffic Flow IPv6 MPLS Configuration Example Section 12: IPv6 Security Security Overview Hacker Types Assessing your Threats CIA Triad Authentication Methods 6
802.1x IPSec Distribute List Example Route-Map Example ACL Extension Header Hacks Hop-by-Hop Header Hack Routing Header Hack Hacker Threats for IPv6 o Neighbor Discovery o DHCPv6 o Denial of Service o Neighbor spoofing attack o Neighbor poisoning o ICMPv6 Attacks o Anycast threat Suggested Security Steps Secure Neighbor Discovery (SEND) Host Denial of Service Hack DAD Attack IPSec o IKE o Building a Security Assocation SPD, SAD o Diffie-Helman o IPSec Configuration Example Router Hacks Using /127 Serial Links Section 13: Advanced Deployment Methods IPv6 Tunneling Methods o NAT-PT o 6to4 Manual o 6to4 Automatic o ISATAP o Teredo Connecting to IPv6 network ISP Carrier Deployment o Carrier Options o NAT44 o NAT444 o LSN, CGN and NAT464 o DS-Lite o NAT64, DNS64 o DNS64 o NAT64 and DNS64 Illustrated o Government Mandate o Carrier Deployment Methods Operating systems supporting IPv6 o IPv6 protocol stack for Windows 2000 Microsoft.NET 2003 7
o Installing IPv6 on a.net device o Windows commands o Client types DNS infrastructure Dual stack implementation o IPv4 and IPv6 dual-stack operation o IPv4 and IPv6 type codes o IPv6 over Ethernet IPv6 tunneling o 6to4 o ISATAP o 6over4 o Teredo o DSTM - Tunneling IPv4 over IPv6 ISP prefix numbering o Prefix auto-configuration o Mobile IP support o IPv6 support technologies IPv6 Bootcamp Labs Lab 1: Initial Configuring and Neighbor Discovery Install IPv6 for Windows XP View your IPv6 address Review your configuration results Ping your neighboring pod's computer Use EtherPeek to analyze certain captured frames Analyze IPv6 header information Analyze various neighbor solicitations messages including DaD Investigate your PCs neighbor cache Lab 2: Configuring and Analyzing IPv6 on the Network Router Set up the classroom network Configure and verify IPv6 on a Cisco router Analyze Router Solicitation and Router Advertisement messages Use the debug ipv6 nd command to view the exchange of Router Solicitations Lab 3: ICMPv6 Packet Too Large Fragmentation Configure your router with a link MTU size of 1280 bytes Ping your neighbor's workstation with 1500 byte frame Capture the ICMPv6 Packet Too Large error message Ping your neighbor's workstation with 8000 byte packet Capture and analyze Fragment Extension Headers Lab 4: Initial Dual Stack Network Configuration Configure dual stacks on router Configure DNS for name and address resolution 8
Configure host workstation for dual stack Lab 5: DNS Operation Configure client for IPv6 DNS name resolution Analyze IPv6 quad (AAA) records Analyze an DNS packet Verify DNS operation by pinging your DNS server and analyzing a DNS query Lab 6: Configuring OSPFv3 Areas Advanced IPv6 Area Summarizations Creating Dual ABR Routers Configure Router Summarizations Configure Totally Stubby Areas Lab 7: DHCPv6 Deployment Deploy DHCPv6 in a Windows 7 network Use Windows 2008 (R2) server for DHCPv6 Configure Cisco routers to forward DHCPv6 request Lab 8: Multicasting Using IPv6 Configure PIM-SM for IPv6 multicasting Send and receive multicast video over IPv6 only network Lab 9: Initial BGP4+ Configuration BGP4+ Deployment IBGP and EBGP Peering Test and verify proper BGP configuration Configure IPv6 Route Map Configure IPv6 Distribute List Lab 10: BGP4+ Route Policy Configuration Configure a BGP route policy Test route policy for proper configuration Lab 11: BGP Weight Values Configure weight values to control local BGP routing Test BGP weight value for proper configuration Lab 12: Initial MPLS Configuration Configure an MPLS Dual-Stack Deployment Test proper MPLS tagging operation Lab 13: MPLS 6PE Configuration Configure 6PE routers for MPLS tagging Route traffic over an IPv4 only MPLS Network Build EBGP 6PE peering neighbors over MPLS network View and test MPLS P routers for proper tagging operation Use show commands to verify proper configuration 9
Lab 14: Configuring HSRP Protocol Configure and test HSRP protocol operation Work in pairs to test HSRP redundancy Lab 15: Building a Manual IPv6 Tunnel Configure a router for tunnel operation, allowing it to carry IPv6 traffic over an IPv4 network Test connectivity using the IPv6 address and fix any problems that occur Use show commands to view your configuration and verify tunnel operation Configure multiple tunnels with routing over the tunnels Analyze tunnel traffic that was captured using a network analyzer 10