300 likes | 460 Views
How to Enable IPv6 in Your Subnet. Quincy Wu solomon@ipv6.club.tw March 10, 2004. Network Topology. 192.168.0.1. 192.168.0.2. 192.168.2.254. 192.168.1.254. IPv6 client. IPv6/v4 Server www.acutecom.com. IPv6 client. Linux IPv4 router. OS: Linux Red Hat 9 DHCP Daemon
E N D
How to Enable IPv6 in Your Subnet Quincy Wu solomon@ipv6.club.tw March 10, 2004
Network Topology 192.168.0.1 192.168.0.2 192.168.2.254 192.168.1.254 IPv6 client IPv6/v4 Server www.acutecom.com IPv6 client
Linux IPv4 router • OS: Linux Red Hat 9 • DHCP Daemon • Packet forwarding
Configure DHCP on Linux ddns-update-style none; ddns-updates off; option routers 192.168.131.254; option domain-name-servers 140.113.131.1, 140.113.87.43; default-lease-time 300; max-lease-time 3600; subnet 192.168.131.0 netmask 255.255.255.0 { range 192.168.131.91 192.168.131.120; host Pingtel { hardware ethernet 00:d0:1e:00:5c:b7; fixed-address 140.113.87.37; } }
Configure IPv4 Routing on Linux • Enable packet forwarding • sysctl –w net.ipv4.conf.eth2.forwarding=1 • /etc/sysctl.conf • Modify your routing table • route add –net 192.168.1.0 netmask 255.255.255.0 gw 192.168.0.1 • route add default gw 192.168.0.1 • /etc/rc.local
IPv6 宣傳短片 • IPv6 Promotion Council Overview 2001 • IPv6 Demonstration Program - Devices and Applications
IPv6 Auto-Configuration • Stateless (RFC2462) • Host autonomously configures its own Link-Local address • Router solicitation are sent by booting nodes to request RAs for configuring the interfaces. SUBNET PREFIX + MAC ADDRESS SUBNET PREFIX + MAC ADDRESS RA indicates SUBNET PREFIX SUBNET PREFIX + MAC ADDRESS SUBNET PREFIX + MAC ADDRESS At boot time, an IPv6 host build a Link-Local address, then its global IPv6 address(es) from RA
IPv6 Host Configuration • Windows 2000 SP1 • Windows XP • Linux Red Hat 9 • FreeBSD 4.9
Enable IPv6 on Windows 2000 • Download tpipv6-001205.exe • http://www.6ren.net.tw/~solomon/NBEN/IPv6/w2k_ipv6.html • Run tpipv6-001205.exe to Unzip files into a directory, say "D:\IPv6Kit". • Change working directory to D:\IPv6Kit, run "setup -x" to extract files. • Use NOTEPAD or your favorite editor to edit "HOTFIX.INF". • Change the value of "NtServicePackVersion" from 256 to be “512“ and save. • Change to 768 if you are using SP3. • Don't upgrade to IE6, otherwise your browser will not support IPv6. You can only run "ping6" and "tracert6".
Enable IPv6 in Windows XP • ipv6 install
FreeBSD 4.9 • /etc/rc.conf ipv6_enable="YES"
Linux Red Hat 9 • /etc/sysconfig/network NETWORKING_IPV6=yes
IPv6 Router Configuration • Cisco Router • IOS 12.2(4)T • Linux Router • Red Hat 9
Cisco Router LAN: 2001:288:3A1:199::/64 FastEthernet0/0 interface FastEthernet0/0 ipv6 address 2001:288:3A1:199::/64 eui-64 MAC address: 0030.8570.85e0 router# show ipv6 interface FastEthernet0/0 FastEthernet0/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80:230:85FF:FE70:85E0 Global unicast address(es): 2001:288:3A1:199:230:85FF:FE70:85E0, subnet is 2001:288:3A1:199::/64 Joined group address(es): FF02::1:FF70:85E0 FF02::1 FF02::2 MTU is 1500 bytes
IPv4 FreeBSD IPv6 Router 2001:288:3A1:218::/64 Tunnel eth0 # vi /etc/rtadvd.conf eth0:\ :addrs#1:addr="2001:288:3A1:218::":prefixlen#64: FreeBSD4.9# ifconfig eth0 inet6 2001:288:3A1:218::1/64 sysctl net.inet6.ip6.forwarding=1 sysctl net.inet6.ip6.accept_rtadv=0 rtadvd eth0
Linux IPv6 Router • Install radvd-0.7.1-3.i386.rpm • Request a /64 prefix • Enable IPv6 packet forwarding • echo "1" > /proc/sys/net/ipv6/conf/eth0/forwarding • echo "1" > /proc/sys/net/ipv6/conf/sit0/forwarding • sysctl –w net.ipv6.conf.all.forwarding=1
Linux + radvd • Revise /etc/radvd.conf interface eth1 { AdvSendAdvert on; Prefix 2001:288:381:FFFF:/64 { AdvOnLink on; AdvAutonomous on; } } • Restart radvd • /etc/rc.d/init.d/radvd stop/start
Exercise 1 192.168.0.1 192.168.0.2 192.168.2.254 192.168.1.254 3FFE:238:F88:A1::/64 3FFE:238:F88:A2::/64 IPv6 client IPv6 client IPv6 client • Linux routers advertise /64 prefix in LAN. • Notebooks in LAN receive the prefix and configure its own IPv6 address automatically. • IPv6 clients can ping its neighbors. • Observe the packets captured by filter “icmp6”.
IPv6 in Home Network • FreeBSD with Configured Tunnel • Linux with Configured Tunnel • Windows XP with Configured Tunnel • Windows 2000 with 6to4 Tunnel
IPv6 Network IPv6 Network IPv4 Transport Header Transport Header IPv6 over IPv4 Tunnels IPv6 Header Data • Tunneling is encapsulating the IPv6 packet in the IPv4 packet • Tunneling can be used by routers and hosts IPv6 Host IPv6 Host Dual-Stack Router Dual-Stack Router Tunnel: IPv6 in IPv4 packet IPv4 Header IPv6 Header Data
IPv6 Tunneling (RFC 2893) IPv6 Network IPv6 Tunnel Transport Layer Header IPv6 Header Data IPv6 Tunnel Service Provider IPv4 Backbone Transport Layer Header IPv4 Header IPv6 Header Data IPv6 Tunnel IPv6 Network
IPv4 Manually Configured Tunnel Dual-Stack Host Dual-Stack Router IPv4: 140.110.199.254 IPv6: 2001:288:03a1:210::3/127 IPv4: 61.218.105.10 IPv6: 2001:288:03a1:210::2/127 FreeBSD4.7# gifconfig gif0 61.218.105.10 140.110.199.254 ifconfig gif0 inet6 2001:288:03a1:210::2 2001:288:3a1:210::3 prefixlen 128
Linux Tunnel /etc/sysconfig/network-scripts/ifcfg-sit1 DEVICE=sit1 BOOTPROTO=none ONBOOT=yes IPV6INIT=yes #Remote end-ISP IPv4 addr IPV6TUNNELIPV4=140.110.199.250 #Yourself IPv6 tunnel addr from ISP IPV6ADDR=2001:288:3A1:210::2/127 ifup sit1
Windows XP Tunnel • netsh interface ipv6 • add v6v4tunnel “T1" 10.0.0.1 192.168.0.1 • Syntax: add v6v4tunnel [[interface=]String] localIPv4Address remoteIPv4Address • add address “T1“ 2001:238:192::1 • add route 2001:238:F88:A::30/127 “T1” • Now you can ping the remote tunnel endpoint 2001:238:F88:A::31 • Use Ethereal to capture packets with filter “ip host 192.168.0.1”.
Exercise 2 Router 2 192.168.2.254 192.168.0.1 192.168.0.2 192.168.1.254 3FFE:238:F88:A1::/64 Host 1 192.168.1.1 Host2 192.168.1.2 Host 3 192.168.2.3 IPv6 client IPv6 client IPv6 client • Establish a tunnel between Host1 & Router 2. • Establish a tunnel between Host2 & Host3 • Observe the packets captured by filter “ip host”.
IPv6 Network IPv6 Network IPv4 6to4 Tunnel (RFC 3056) 6to4 Router1 6to4 Router2 E0 E0 131.243.129.44 140.110.199.250 Network prefix: 2002:83F3:812C::/48 Network prefix: 2002:8C6E:C7FA::/48 = = router2# interface Ethernet0 ip address 140.110.199.250 255.255.255.0 ipv6 address 2002:8C6E:C7FA:1::/64 eui-64 interface Tunnel0 no ip address ipv6 unnumbered Ethernet0 tunnel source Ethernet0 tunnel mode ipv6ip 6to4 ipv6 route 2002::/16 Tunnel0 • 6to4 Tunnel: • Is an automatic tunnel method • Gives a prefix to the attached • IPv6 network • 2002::/16 assigned to 6to4 • Requires one global IPv4 address • on each Ingress/Egress site
IPv6 Network IPv6 Network IPv4 6to4 Tunnel 2002:8C6E:C7FA:2::5 2002:83F3:812C:1::3 6to4 Router1 6to4 Router2 E0 E0 131.243.129.44 140.110.199.250 Network prefix: 2002:83F3:812C::/48 Network prefix: 2002:8C6E:C7FA::/48 IPv4 SRC 131.243.129.44 IPv4 DEST 140.110.199.250 IPv6 SRC 2002:83F3:812C:1::3 IPv6 SRC 2002:83F3:812C:1::3 IPv6 SRC 2002:83F3:812C:1::3 IPv6 DEST 2002:8C6E:C7FA:2::5 IPv6 DEST 2002:8C6E:C7FA:2::5 IPv6 DEST 2002:8C6E:C7FA:2::5 Data Data Data
6to4 Tunnel in Windows XP • 6to4 Tunnel is enabled in Windows XP by default.