1 / 51

Last modified 6 am 12-12-10

Introduction to IPv6 Working Connections Winter Retreat Frisco, TX Sam Bowne City College San Francisco Twitter: @ sambowne Web: samsclass.info. Last modified 6 am 12-12-10. iClicker Survey. What do you know now about IPv6?. Never heard of it Heard of it but never used it

amena
Download Presentation

Last modified 6 am 12-12-10

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction to IPv6Working Connections Winter RetreatFrisco, TXSam BowneCity College San FranciscoTwitter: @sambowneWeb: samsclass.info Last modified 6 am 12-12-10

  2. iClicker Survey

  3. What do you know now about IPv6? • Never heard of it • Heard of it but never used it • I understand the address format • I browse the Web with IPv6 • I have deployed IPv6 on servers, routers, etc.

  4. What plans do you have to use IPv6? • I don't care about IPv6 at all • I'll implement IPv6, but not for years • Planning to implement it within a year • Planning to implement it sooner than a year • I am already using IPv6

  5. Motivation Last modified 10 am 12-9-10

  6. IPv4 Exhaustion The End Of The World!

  7. IPv4 Addresses: 32 Bits • IPv4 address: 192.168.1.10 • Four bytes • In Binary: 11000000 10101000 00000001 00001010 • 2^32 total addresses • 4 billion

  8. IPv4 Address Depletion Link Baythreat-8

  9. IPv4 Address Space Class A Class B Class C Class D & E

  10. Jan 21, 2010Available Blocks: 24

  11. April 10, 2010Available Blocks: 20

  12. May 8, 2010Available Blocks: 13

  13. Nov 30, 2010Available Blocks: 7

  14. 2011: The End Link BayThreat-7

  15. Internet Registry Regions http://www.iana.org/numbers/

  16. No Reprieve • IANA will not re-purpose class D or E addresses for general use • People who ask for IPv4 addresses after exhaustion will not get them • Hoarding, scalping, and simple direct sale of used IPv4 addresses will begin soon

  17. IPv6 The Solution

  18. IPv6 Addresses: 128 Bits • IPv6 address • 2001:05c0:1000:000b:0000:0000:0000:66fb • Omitting unnecessary zeroes; • 2001:5c0:1000:b::66fb • Eight fields, each 16 bits long • 4 hexadecimal characters • 2^128 total addresses • 340 billion billionbillionbillion • Enough for a while

  19. Link BayThreat-10

  20. Federal IPv6 Transition Timeline • From Cisco (link BayThreat-11)

  21. ExecutiveSummaryThus Far

  22. IPv4 is Full Image from zinyaw.files.wordpress.com

  23. Migration to IPv6

  24. Methods of IPv6 Migration • Ignore IPv6: Stay on IPv4-only • Gateways: Devices that convert IPv6 to IPv4 • Tunnel: IPv6 over IPv4 • Dual-Stack: IPv4 and IPv6 together • Nirvana: IPv6-only

  25. IPv6 Tunnels • Fast and easy to set up--best for n00bs • Not the best for security or performance • Free IPv4-to-IPv6 Tunnels • Gogo6.com • Sixxs.net • Tunnelbroker.com

  26. GoGo6 • Easiest

  27. Demonstration

  28. Companies Already on IPv6 ipv6.google.com www.v6.facebook.com comcast6.net ipv6.cnn.com More at link Baythreat-12

  29. IPv6 Certifications • Fun, realistic projects • He.net • Link BayThreat-13

  30. IPv6 Sages • As of 12-9-10 • Link BayThreat-18

  31. IPv6 Sages at CCSF • 22 IPv6 Sages at CCSF so far (12-9-10) • Link BayThreat-19

  32. T-Shirt #1 motivator for IPv6 Certification Link Baythreat-9

  33. Security Problems

  34. Used by Ethernet

  35. Privacy Risk Anyone who has your IP address also has your MAC address! There is a "Privacy Extensions" technique to avoid this, enabled by default in Vista and Windows 7

  36. ICMPv6 • Required for all networks • Cannot be blocked • Replaces ARP • "Neighbor Discovery" is trivial

  37. THC-IPv6 • Hacker's Toolkit • Runs fine on Ubuntu, even in VMware on Windows 7 • Instructions: link BayThreat-14

  38. Other Risks • Many security appliances are not ready for IPv6, so it often bypasses them • Torrents run over IPv6 • Link BayThreat-15 • Some VPN appliances are not ready, so IPv6 connections must bypass them • Packet Amplification Attacks • Routing Header Zero • Ping-pong • Links BayThreat-16 and 17

  39. iClicker Survey

  40. What do you think of Wikileaks? • It's heroic and improving the world • It does more good than harm • It's unimportant • It does more harm than good • It's awful and must be eliminated

  41. What do you think of Anonymous? • It's heroic and improving the world • It does more good than harm • It's unimportant • It does more harm than good • It's awful and must be eliminated

  42. What plans do you have to use IPv6? • I don't care about IPv6 at all • I'll implement IPv6, but not for years • Planning to implement it within a year • Planning to implement it sooner than a year • I am already using IPv6

  43. Contact • Sam Bowne • Computer Networking and Information Technology, City College San Francisco • Email: sbowne@ccsf.edu • Twitter: @sambowne • This whole talk and all the referenced links are on my Web site: samsclass.info • In the " Winter Break 2010-2011 Events " section

  44. Class Overview

  45. Projects > Lectures • Lectures: 25% • Hands-on projects: 75% • Every student should be a Certified IPv6 Guru by the end of the class • If you have more time, and Cisco skills, you can do IPv6 dynamic routing • In Packet Tracer • On real routers

  46. Hurricane Electric IPv6 Certification (Part 1) • Registering at Hurricane Electric • Newb Test • Demonstrate basic knowledge of IPv6 • Become an IPv6 Newbie • Connecting as an IPv6 Client with the Gogo6 Tunnel • IPv6 over UDP over IPv4 • Connect to a Web server as a client over IPv6 • Become an IPv6 Explorer

  47. Hurricane Electric IPv6 Certification (Part 1) • IPv6 Web Server • You need to buy a domain name from GoDaddy ($2.17) • Apache will NOT work on Windows--use IIS instead • DNS: Creating an AAAA Record • Become an IPv6 Enthusiast

  48. Hurricane Electric IPv6 Certification (Part 1) • IPv6 Email Server • Use the Apache James Java SMTP server • Adding an MX Record to your DNS Zone • Installing the Thunderbird Email Client • Becoming an IPv6 Administrator

  49. Hurricane Electric IPv6 Certification (Part 2) DNS Configurations • Reverse DNS Servers • Routing Advertisements • Getting your own public IPv6 address block • Forward DNS Zone at Hurricane Electric • Reverse DNS Zone at Hurricane Electric • Authoritative DNS Servers • Passing the Reverse DNS Test

More Related