book

IPv6 Network Administration

by Niall Richard Murphy, David Malone

March 2005

Intermediate to advanced

308 pages

10h 32m

English

O'Reilly Media, Inc.

Read now

Unlock full access

IPv6 Network Administration
SPECIAL OFFER: Upgrade this ebook with O’Reilly
A Note Regarding Supplemental Files
Foreword
Preface
What This Book Is ... and Is NotHistory and BackgroundThe IETF and friendsChronological overviewContenders for the thronePeopleAdoptionCommercial Services
Conventions Used in This Book
Using Code Examples
Comments and Questions
Safari Enabled
Contacting the Authors

A Note on RFCs and Internet Drafts
Acknowledgments
ContributorsSupportDonations
I. The Character of IPv6
1. The Unforeseen Limitations of IPv4
1.1. Addressing Model1.1.1. CIDR
1.2. NAT
1.3. Security
1.3.1. DNS
1.4. MAC Layer Address Resolution
1.5. Broadcast Versus Multicast
1.6. Quality of Service
1.7. Routing
1.7.1. Internal Routing Protocols1.7.2. BGP: The External Routing Protocol1.7.3. Limits to Success of BGP
1.8. Summary
2. The (Un)foreseen Successes of IPv4
2.1. Simplicity
2.2. Resiliency
2.3. Scalability
2.4. Flexibility
2.5. Autoconfiguration
2.6. Extensibility
2.7. In Short...
3. Describing IPv6
3.1. Designed for Today and Tomorrow3.1.1. Address Space Exhaustion3.1.2. Optimization
3.2. Packets and Structures
3.2.1. Basic Header Structure3.2.2. Addressing Concepts3.2.3. Notation3.2.3.1. Hex digit notation3.2.3.2. Grouping and separation3.2.3.3. Elision3.2.3.4. Scope identifiers3.2.4. Subnetting
3.3. Address Architecture
3.3.1. Global Unicast Addressing3.3.2. Link-Local Addressing3.3.3. Site-Local Addressing3.3.4. Multicast3.3.4.1. Multicast addressing in IPv63.3.4.2. Hardware support3.3.5. Anycast
3.4. ICMPv6
3.4.1. ICMP Echoes and Errors3.4.2. Neighborhood Watch3.4.2.1. Address resolution3.4.2.2. DAD3.4.2.3. NUD3.4.2.4. Redirection3.4.2.5. Router/prefix advertisement3.4.2.6. Stateless autoconfiguration3.4.2.7. ICMP name resolution3.4.3. Router Renumbering3.4.4. Multicast Listener Discovery3.4.5. Summary of ICMPv6 Types
3.5. Address Selection
3.6. More About Headers
3.6.1. Extension Headers3.6.2. Checksums3.6.3. Header Compression
3.7. Introduction to Mobile IPv6
3.8. Routing
3.8.1. RIPng3.8.2. OSPF3.8.3. Integrated IS-IS3.8.4. BGP-4+
3.9. Security
3.10. Quality of Service
3.11. The Promise of IPv6
3.11.1. Simplicity and Flexibility3.11.2. Mobility and Security
II. Deploying IPv6
4. Planning
4.1. Transition Mechanisms4.1.1. Dual Stack4.1.2. Configured Tunnelling4.1.3. Automatic Tunnelling4.1.4. 6to44.1.4.1. DJB's AutoIPv64.1.5. Teredo4.1.6. 6over44.1.7. ISATAP4.1.8. SIIT4.1.9. NAT46/64-PT4.1.10. TRT4.1.11. Bump in the Stack/API4.1.12. Proxies4.1.13. Summary of Transition Mechanisms
4.2. Obtaining IPv6 Address Space and Connectivity
4.2.1. Upstream Providers4.2.2. 6to44.2.3. 6Bone4.2.4. Only Intermittently Connected4.2.5. RIRs4.2.5.1. Relevance to IPv64.2.5.2. RIR operations background4.2.5.3. RIPE4.2.5.4. Current policy
4.3. Network Design
4.3.1. Addressing4.3.2. Subnetting4.3.3. DHCP4.3.3.1. Changes to DHCP for IPv64.3.4. Multihoming4.3.4.1. Multiple upstream providers, no BGP4.3.4.2. Multiple Upstream Providers, BGP4.3.4.3. Multiattaching
4.4. Managing IPv4 and IPv6 Coexistence
4.4.1. Fudging Native Connectivity with Ethernet
4.5. Deploying IPv6
4.6. Inputs to Deployment Plans
4.6.1. Existing IPv4 Infrastructure4.6.1.1. Converting a host at a time: dual stack4.6.1.2. Connectivity and routers4.6.1.3. Converting a host at a time: single stack4.6.2. No Existing IPv4 Infrastructure4.6.3. Topologies4.6.3.1. Edge to core or core to edge4.6.3.2. Router placement and advertisement
4.7. Worked Examples
4.7.1. Enterprise-class IPv4-connected network4.7.1.1. Transit-providing medium-size ISP4.7.1.2. Special case: Internet Exchange Point
4.8. Summary
5. Installation and Configuration
5.1. Workstations and Servers5.1.1. Windows5.1.1.1. Windows 20005.1.1.2. Windows XP5.1.1.3. Windows Server 20035.1.1.4. Other versions of Windows5.1.1.5. IPv6 applications on Windows5.1.1.6. Points of interest5.1.2. Macintosh (OS X and Darwin)5.1.3. Linux5.1.3.1. Red Hat and derivatives5.1.3.2. SuSE5.1.3.3. Debian5.1.3.4. Userland/administration support for IPv65.1.4. Solaris5.1.5. AIX5.1.6. Tru645.1.7. FreeBSD5.1.8. Other Workstation/Server OSs
5.2. Routers
5.2.1. Cisco5.2.2. Juniper
5.3. Enabling, Testing, and Troubleshooting
5.3.1. Turning on IPv65.3.2. Testing with ping and telnet5.3.3. Know Thy Neighbor (Before Thyself)5.3.4. Configuring Name Resolution5.3.5. Testing Further Afield: ping, telnet, and traceroute
5.4. Static Routing
5.5. Configuring Transition Mechanisms
5.5.1. Configured Tunnels5.5.2. 6to4 configuration
5.6. Applications
5.6.1. Web Browsers5.6.1.1. Unix5.6.1.2. Windows5.6.1.3. Mac OS5.6.2. Email Clients5.6.2.1. Lotus5.6.2.2. Mozilla5.6.2.3. Mutt5.6.2.4. Sylpheed5.6.3. SSH5.6.4. Miscellaneous
5.7. Gotchas
5.8. Summary
6. Operations
6.1. DNS6.1.1. Record Types6.1.1.1. IPv4 DNS lookups6.1.1.2. V6 lookups6.1.1.3. Setting up DNS6.1.2. IPv6 Transport6.1.3. Recursive DNS Servers6.1.3.1. AAAA bug workarounds6.1.4. Gotchas
6.2. IPsec
6.2.1. Configuration
6.3. Routing
6.3.1. Router Advertisements and Renumbering6.3.1.1. IOS6.3.1.2. JUNOS6.3.1.3. KAME's rtadvd6.3.1.4. Other route advertisement daemons6.3.1.5. Softly softly6.3.2. Multiple Routers6.3.3. Routing Protocols6.3.3.1. RIP6.3.3.2. OSPF6.3.3.3. Integrated IS-IS6.3.3.4. BGP6.3.4. Multicast Routing
6.4. Firewalls
6.4.1. Filtering on IPv6 Addresses6.4.2. Filtering ICMPv66.4.3. Ingress and Egress Filtering6.4.4. Suspicious Addresses6.4.5. Packages Available for IPv6 Firewalling6.4.6. Impact of IPv6 Deployment on IPv4 Filtering6.4.7. Port Scanning6.4.8. Gotchas
6.5. Management
6.5.1. Running DHCPv66.5.2. SNMP6.5.3. Scripting Network Monitoring6.5.4. Intrusion Detection
6.6. Providing Transition Mechanisms
6.6.1. 6to4 Relay Routers6.6.2. Faith6.6.3. Hacking Native Connectivity Around Incompatible Equipment6.6.3.1. When your gateway router doesn't support IPv66.6.3.2. Ethernet in the WAN6.6.3.3. Troublesome ATM devices6.6.3.4. MPLS and 6PE6.6.3.5. Accounting for hacks
6.7. Summary
7. Services
7.1. General Notes
7.2. Inetd/TCP Wrappers
7.3. HTTP
7.3.1. Apache7.3.1.1. Apache as a server on dual-stacked or IPv6 only hosts7.3.1.2. Apache for reverse proxying (IP address-based)7.3.1.3. Apache for reverse proxying (name-based)7.3.1.4. Gotchas7.3.2. IIS7.3.3. General Issues7.3.4. HTTP Proxies and Caches7.3.5. Using Apache as a Proxy/Cache7.3.6. Using Apache to Fetch Content for an IPv4-Only Proxy/Cache7.3.7. Using Apache to Allow IPv6 Clients to Access an IPv4 Only Proxy/Cache7.3.8. Small Proxies
7.4. SMTP
7.4.1. Sendmail7.4.2. Postfix7.4.3. Qmail7.4.4. Exim
7.5. POP/IMAP
7.5.1. WU-IMAP7.5.2. Courier-IMAP7.5.3. Qpopper7.5.4. Cyrus Imapd2
7.6. NNTP
7.7. NTP
7.7.1. Mills's Ntpd7.7.2. Other Time-Synchronization Software
7.8. Syslog
7.9. Printing
7.10. FTP
7.11. Remote Login Services
7.11.1. Telnetd7.11.2. SSH
7.12. If All Else Fails...
7.13. Summary
8. Programming
8.1. Relevant Functions8.1.1. Socket Functions8.1.2. Address Resolution Functions
8.2. Some Simple Examples
8.2.1. Parsing and Printing Names and Addresses8.2.2. A UDP Echo Server and Client8.2.3. A TCP Client and Server
8.3. Case Study: MMDF
8.3.1. Incoming SMTP Channel8.3.2. Outgoing SMTP Channel8.3.3. DNS Table Code
8.4. Other Considerations for Developers
8.4.1. Switching Between IPv4 and IPv68.4.2. How Long Is a sockaddr?8.4.3. When IPv6 Addresses Don't Fit8.4.4. Services on Dual-Stacked Hosts8.4.5. Mapped IPv4 Addresses8.4.6. Tools for Auditing Sockets Code8.4.7. Online Guides to Coding for IPv68.4.8. Languages Other than C
8.5. Summary
9. The Future
9.1. Unresolved Issues9.1.1. Site-Local Addresses9.1.2. Anycast9.1.3. DNS9.1.3.1. Anycast recursive DNS9.1.3.2. DNS discovery9.1.4. Multihoming9.1.4.1. 8+89.1.4.2. MHAP9.1.4.3. Geographical addressing9.1.4.4. SCTP9.1.4.5. Layer 3 Shim9.1.4.6. Better the devil you know?
9.2. Up and Coming Subject Areas
9.2.1. Cellular Devices9.2.2. P2P Applications9.2.3. SIP, IM, and VoIP9.2.4. Supporting Notes for Understanding 3G9.2.4.1. Architecture9.2.5. 3G from the IETF Point of View9.2.6. IPv6 in a 3G Network
9.3. Summary
Glossary
Index
About the Authors
Colophon
SPECIAL OFFER: Upgrade this ebook with O’Reilly

Content preview from IPv6 Network Administration

Chapter 4. Planning

When in trouble or in doubt Run in circles, scream and shout.
Anonymous

At this stage, we've already looked at a good deal of the theory behind IPv6. It's now a good time to start thinking about the issues around deploying IPv6 in a wider environment, such as your company, college, or ISP network. In this chapter, we provide recommendations for what to think about and what to do when planning an IPv6 deployment; how to introduce IPv6 to your network, how to interoperate with IPv4, and planning for the growth of IPv6, all with an eye to maintaining stability and manageability on your network. We provide worked examples of IPv6 deployment for networks which are hopefully quite similar to yours, and also highlight under exactly what circumstances our recommendations are applicable. By the end of this chapter you should hopefully have a toolbox of techniques for implementing IPv6, and also the right mental framework for using that toolbox.

Since we will be talking in some detail about the planning process, it's incumbent upon us to outline the important building-blocks and techniques of IPv6 network design before we talk about how we actually put them together. So, ahead of outlining step-by-step plans, we need to tell you about getting connectivity, getting address space, and the intricacies of selecting transition mechanisms, amongst other things. With those under your belt, you'll be in a position to get the most out of the worked examples.

Note that a significant ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Cisco Self-Study: Implementing IPv6 Networks (IPV6)

Publisher Resources

ISBN: 0596009348Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

IPv6 Network Administration

by Niall Richard Murphy, David Malone

Chapter 4. Planning

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.