Internet Protocol Analysis/IPv6

This lesson continues the Internet layer and looks at IPv6 and a variety of IPv6 transition technologies. Activities include using Wireshark to examine IPv6 network traffic.

Readings

 * 1)  IPv6
 * 2)  Link-local address
 * 3)  Teredo tunneling
 * 4)  ISATAP
 * 5)  6to4
 * 6)  6in4
 * 7)  NAT64

Multimedia

 * 1) YouTube: An overview of IPv4 and IPv6 - CompTIA Network+ N10-005: 1.3
 * 2) YouTube: IPv6 Transition Technology

Activities

 * 1) Use netsh to  configure IPv6 settings.
 * 2) Use Wireshark to  capture and analyze local IPv6 traffic.
 * 3) Use Wireshark to  capture and analyze remote IPv6 traffic.
 * 4) Use Wireshark to  capture and analyze IPv6 Teredo traffic.
 * 5) Use Wireshark to  capture and analyze IPv6 6to4 traffic.
 * 6) Use Wireshark to  capture and analyze IPv6 6in4 traffic.
 * 7) Consider situations in which a packet analyzer might be used to troubleshoot IPv6 traffic.

Lesson Summary

 * IPv6 is an Internet-layer protocol for packet-switched internetworking and provides end-to-end datagram transmission across multiple IP networks.
 * IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated problem of running out of IPv4 addresses.
 * IPv6 uses 128-bit addresses, commonly displayed to users as eight groups of four hexadecimal digits separated by colons.
 * In an IPv6 address, leading zeroes may be removed from any group of hexadecimal digits. Multiple consecutive groups of zeroes may be replaced with a double colon.
 * The IPv6 subnet size has been standardized by fixing the size of the host identifier portion of an address to 64 bits.
 * IPv6 does not implement interoperability features with IPv4, but essentially creates a parallel, independent network. Exchanging traffic between the two networks requires special translator gateways.
 * Work on IPv6 began by 1992, and was first published in a series of RFCs in 1996.
 * Most transport and application-layer protocols need little or no change to operate over IPv6.
 * Multicasting is part of the base specification in IPv6. IPv6 does not implement traditional IP broadcast and does not define broadcast addresses.
 * IPv6 hosts can configure themselves automatically when connected to a routed IPv6 network using the Neighbor Discovery Protocol via Internet Control Message Protocol version 6 (ICMPv6) router discovery messages.
 * IPv6 routers do not perform fragmentation.
 * Privacy extensions for IPv6 allow the operating system to generate ephemeral IP addresses by concatenating a randomly generated host identifier with the assigned network prefix for communication with remote hosts.
 * The IPv6 header consists of a fixed portion with minimal functionality required for all packets and may be followed by optional extensions to implement special features. The fixed header requires 40 octets (320 bits) and contains the source and destination addresses, traffic classification options, a hop counter, and the type of the optional extension or payload which follows the fixed header.
 * The IPv6 loopback address is ::1.
 * Link-local addresses begin with fe80::/10.
 * Tunneling may be used to enable IPv4 networks to communicate with IPv6 networks. In tunneling, IPv6 packets are encapsulated within IPv4 packets, in effect using IPv4 as a link layer for IPv6.
 * Teredo is an automatic inter-site tunneling technique that uses UDP encapsulation and can cross Network Address Translation (NAT) nodes. Teredo addresses begin with 2001:0::/32.
 * ISATAP is an automatic intra-site tunneling technique that uses IPv4 encapsulation. It cannot cross NAT nodes. ISATAP addresses begin with fe80::200:5efe/96.
 * 6to4 is an automatic inter-site tunneling technique that uses IPv4 encapsulation. It cannot cross NAT nodes.  6to4 addresses begin with 2002::/16 and relay through 192.88.99.1.
 * 6in4 is a configured inter-site tunneling technique that uses IPv4 encapsulation. It can cross NAT nodes with proper configuration.  6in4 addresses are public addresses assigned by the tunnel broker, and therefore create security risks.
 * NAT64 is a network address translation technique that allows IPv6-only hosts to communicate with IPv4-only servers. NAT64 server addresses begin with 64:ff9b::/96.

Key Terms

 * anycast
 * A network addressing and routing methodology in which datagrams from a single sender are routed to the topologically nearest node in a group of potential receivers, though it may be sent to several nodes, all identified by the same destination address.


 * Data Over Cable Service Interface Specification (DOCSIS)
 * An international telecommunications standard that permits the addition of high-speed data transfer to an existing cable TV (CATV) system.


 * end-to-end principle
 * A classic computer network design principle which states that application-specific functions ought to reside in the end hosts of a network rather than in intermediary nodes – provided they can be implemented completely and correctly in the end hosts.


 * hop count
 * A count of the intermediate devices (routers) through which data must pass between source and destination.


 * jumbogram
 * An internet layer packet exceeding the standard Maximum Transmission Unit (MTU) of the underlying network technology.


 * Mobile IP
 * An Internet Engineering Task Force (IETF) standard communications protocol that is designed to allow mobile device users to move from one network to another while maintaining a permanent IP address.


 * Path MTU Discovery (PMTUD)
 * A standardized technique for determining the maximum transmission unit (MTU) size on the network path between two Internet Protocol (IP) hosts.


 * proxy server
 * A computer system or application that acts as an intermediary for requests from clients seeking resources from other servers.


 * Quality of Service (QoS)
 * The ability to provide different priority to different applications, users, or data flows, or to guarantee a certain level of performance to a data flow.


 * Stateless Address Autoconfiguration (SLAAC)
 * A method by which a node automatically creates a link-local address with the prefix fe80::/64 on each IPv6-enabled interface, even if globally routable addresses are manually configured or obtained through configuration protocols.


 * tunneling protocol
 * The use of one network protocol (the delivery protocol) to encapsulate a different payload protocol.


 * World IPv6 Launch
 * The Internet Society declared June 6, 2012 to be the date for "World IPv6 Launch", with participating major websites enabling IPv6 permanently, participating ISPs offering IPv6 connectivity, and participating router manufacturers offering devices enabled for IPv6 by default.

Assessments

 * /Lesson Flashcards/
 * /Terms Flashcards/
 * /Quiz/