1 / 11

Krakow Workshop Extra Exercises

Krakow Workshop Extra Exercises. Carlos Fria ças , FCCN cfriacas@fccn.pt Luc De Ghein , CISCO ldeghein@cisco.com. IPv6 workshop Krakow May 2012. Addressing #1. Verify the existence of IPv6 in own laptops/devices Verify existing IPv6 addresses, with: « ipconfig » (Windows)

tekla
Download Presentation

Krakow Workshop Extra Exercises

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Krakow Workshop Extra Exercises Carlos Friaças, FCCN cfriacas@fccn.pt Luc De Ghein, CISCO ldeghein@cisco.com IPv6 workshop Krakow May 2012

  2. Addressing #1 Verify the existence of IPv6 in own laptops/devices • Verify existing IPv6 addresses, with: • «ipconfig» (Windows) • «ifconfig» (Linux) • Identify default gateway(s) IPv6, if they are available, using: • «ipconfig» (Windows) • «route –A inet6» (Linux) Goal: Identify IPv6 inside an operating system

  3. Addressing #2 IPv6 Address Syntax Check (Yes/No) • 2001:DB8::15 • 2001:6GA:8000:4000:2000:1000:1:2 • 2002:C189:36:78A::2 • 2A01:498:5555:7I99:2345:0911:1122:909 • 2003:4000:AAAA:CAFE:7:6:8 • AAAA:BBBB:0000:2001:192:168:0000:1 • 2004:BFA:3999::1FFF::2:3 • 2600::4444 • FE80::213:C4FF:FED2:E619 • 2A01::3333:OOOO:F Goal: Discuss IPv6 address syntax rules

  4. Addressing #3 Using the WHOIS tool on the trainer’s linux server, find out which organizations own the following IPv6 address blocks: • 2001:420::/32 • 2001:4D0::/32 • 2A01:1000::/21 • 2A00:1450::/32 • 2A02:26F0::/32 Syntax: /usr/bin/whois –h whois.<RIR>.net<NETWORK> RIRs = {RIPE|ARIN|APNIC|LACNIC|AFRINIC} Goal: Identify IPv6 address space owners note: some databases don’t accept«/32»

  5. DNS #1 Using the DIG tool (login to the trainer’s linux server, using SSH), check which domains are supported in IPv6-enabled nameservers(look for NS – nameserver - records): cnn.com nobelprize.org google.comtwitter.com facebook.comamazon.com wikipedia.org nasa.gov 6deploy.eu apple.com afrinic.net microsoft.com Syntax: dig @resolver <domain> NS Goal: Check reachability of domains from the IPv6 Internet

  6. DNS #2 From the 27 EU countries, how many have their national domain (ccTLD) supported at least by one IPv6 reachable nameserver? • AT, BE, BG, CY, CZ, DE, DK, EE, ES, FI, FR, GR, HU, IE, IT, MT, LT, LU, LV, NL, PL, PT, RO, SE, SI, SK, UK Syntax: dig <cctld> ns Goal: Check if a given domain is being supported by an IPv6 compatible DNS nameserver.

  7. DNS #3 Measure with the dig tool, from your group’s server, the query time of the root zone nameservers, over IPv4 and IPv6: Syntax: • dig -4 @[A-M].root-servers.net . soa • dig -6 @[A-M].root-servers.net . soa Goal: Analyze and compare the query time (IPv4/IPv6) of DNS nameservers

  8. Management #1 Use a SSH client to establish a remote session over IPv6 on the trainer’s linux server • Check the address of the connection’s originating system, through: • «/usr/bin/who am i» Goal: Check the origin of a SSH connection established over IPv6

  9. Management #2 Retrieve management info from equipments (routers) through the «6deployinfo» community, and the snmpget command • <community>: 6deployinfo • <ipv6 address>: 2001:DB8:1F00:1::1 and 2001:DB8:1F00:1::2 • <object>: sysDescr.0 and sysName.0 Syntax: snmpget–v 2c –c <community> udp6:[ipv6 address] <object> Goal: Check that it’s possible to obtain management information through IPv6.

  10. Security #1 Use NMAP tool (nmap.org) • Analyze ports/services opened both on IPv4 and IPv6 on the trainer’s Linux server Using Localhostaddresses: nmap 127.0.0.1 nmap -6 ::1 Using Global addresses: (find addresses with ifconfig) nmap <ipv4_address> nmap -6 <ipv6_address> Goal: Diagnose open ports, able to receive connections on a system

  11. Questions

More Related