Cisco

    avatar
    Created by
    ghassan

    Subdecks (5)

    Cards (277)

    • IPv4 issues
      IPv4 is running out of addresses, IPv6 is the successor to IPv4 with a much larger 128-bit address space, IPv6 includes fixes for IPv4 limitations and other enhancements, with increasing internet population, limited IPv4 address space, issues with NAT and the IoT, the time has come to begin the transition to IPv6
      View source
    • IPv4 and IPv6 coexistence
      Both IPv4 and IPv6 will coexist in the near future and the transition will take several years, IETF has created various protocols and tools to help network administrators migrate their networks to IPv6 (dual stack, tunneling, translation)
      View source
    • Dual stack
      • Devices run both IPv4 and IPv6 protocol stacks simultaneously
      View source
    • Tunneling
      • A method of transporting an IPv6 packet over an IPv4 network, the IPv6 packet is encapsulated inside an IPv4 packet
      View source
    • Translation
      • Network Address Translation 64 (NAT64) allows IPv6-enabled devices to communicate with IPv4-enabled devices using a translation technique similar to NAT for IPv4
      View source
    • Tunneling and translation are for transitioning to native IPv6 and should only be used where needed, the goal should be native IPv6 communications from source to destination
      View source
    • IPv6 address representation
      IPv6 addresses are 128 bits in length and written in hexadecimal, not case-sensitive, preferred format is x:x:x:x:x:x:x:x with each "x" consisting of four hexadecimal values, a hextet is the unofficial term used to refer to a segment of 16 bits, or four hexadecimal values
      View source
    • Rule 1 - Omit leading zero
      • The first rule to help reduce the notation of IPv6 addresses is to omit any leading 0s (zeros), this rule only applies to leading 0s, NOT to trailing 0s
      View source
    • Rule 2 - Double colon
      • A double colon (::) can replace any single, contiguous string of one or more 16-bit hextets consisting of all zeros, the double colon (::) can only be used once within an address, otherwise there would be more than one possible resulting address
      View source
    • IPv6 address types
      There are three broad categories of IPv6 addresses: unicast (uniquely identifies an interface on an IPv6-enabled device), multicast (used to send a single IPv6 packet to multiple destinations), anycast (any IPv6 unicast address that can be assigned to multiple devices, a packet sent to an anycast address is routed to the nearest device having that address)
      View source
    • IPv6 prefix length

      Prefix length is represented in slash notation and is used to indicate the network portion of an IPv6 address, the IPv6 prefix length can range from 0 to 128, the recommended IPv6 prefix length for LANs and most other types of networks is /64
      View source
    • Types of IPv6 unicast addresses
      • IPv6 devices typically have two unicast addresses: global unicast address (GUA, similar to a public IPv4 address, globally unique and internet-routable) and link-local address (LLA, required for every IPv6-enabled device, used to communicate with other devices on the same local link, not routable and confined to a single link)
      View source
    • Unique local address
      IPv6 unique local addresses (range fc00::/7 to fdff::/7) have some similarity to RFC 1918 private addresses for IPv4, but are used for local addressing within a site or between a limited number of sites, are not globally routed or translated to a global IPv6 address
      View source
    • IPv6 GUA structure
      Global routing prefix (prefix/network portion assigned by provider), subnet ID (used by organization to identify subnets), interface ID (equivalent to host portion, recommended to use /64 subnets)
      View source
    • IPv6 LLA

      Enables a device to communicate with other IPv6-enabled devices on the same link and only on that link, packets with a source or destination LLA cannot be routed, every IPv6-enabled network interface must have an LLA, if not configured manually it will be automatically created, in the fe80::/10 range
      View source
    • Static GUA configuration on a router
      Use ipv6 address ipv6-address/prefix-length command
      View source
    • Static GUA configuration on a Windows host
      Manually configure the IPv6 address, can use GUA or LLA of router interface as default gateway
      View source
    • Static LLA configuration on a router
      Use ipv6 address ipv6-link-local-address link-local command, common practice is to create a different LLA on each interface
      View source
    • Dynamic addressing for IPv6 GUAs
      Devices obtain GUA addresses dynamically through ICMPv6 messages, router solicitation (RS) messages from hosts to discover routers, router advertisement (RA) messages from routers to inform hosts on how to obtain GUA and provide network information
      View source
    • SLAAC
      • Allows a device to configure a GUA without DHCPv6, device obtains prefix from RA and uses EUI-64 or random generation to create interface ID
      View source
    • SLAAC and stateless DHCP
      • RA instructs device to use SLAAC to create GUA and stateless DHCPv6 to obtain other information like DNS server
      View source
    • Stateful DHCPv6
      • RA instructs device to use stateful DHCPv6 to obtain GUA, prefix length, DNS server address
      View source
    • SLAAC
      Stateless Address Autoconfiguration
      View source
    • Stateless DHCPv6
      Automatically obtain other configuration information such as DNS server address and domain name
      View source
    • RA message suggests devices use
      1. SLAAC to create its own IPv6 GUA
      2. Router LLA as the default gateway address
      3. Stateless DHCPv6 server to obtain other information
      View source
    • Stateful DHCPv6
      Similar to DHCP for IPv4, a device can automatically receive a GUA, prefix length, and the addresses of DNS servers
      View source
    • RA message suggests devices use
      1. Router LLA as the default gateway address
      2. Stateful DHCPv6 server to obtain a GUA, DNS server address, domain name and other necessary information
      View source
    • EUI-64 process
      • 16 bit value of fffe (in hexadecimal) is inserted into the middle of the 48-bit Ethernet MAC address
      • The 7th bit of the client MAC address is reversed from binary 0 to 1
      View source
    • Randomly generated interface ID
      Instead of using the MAC address and the EUI-64 process
      View source
    • Windows Vista and later use a randomly generated interface ID instead of one created with EUI-64
      View source
    • To ensure the uniqueness of any IPv6 unicast address, the client may use a process known as Duplicate Address Detection (DAD)
      View source
    • Link-local address (LLA)

      All IPv6 interfaces must have an IPv6 LLA
      View source
    • LLA is dynamically created using
      1. The fe80::/10 prefix
      2. The interface ID using the EUI-64 process, or a randomly generated 64-bit number
      View source
    • Cisco routers automatically create an IPv6 LLA whenever a GUA is assigned to the interface
      View source
    • Cisco IOS routers use EUI-64 to generate the interface ID for all LLAs on IPv6 interfaces by default
      View source
    • IPv6 multicast addresses

      Have the prefix ff00::/8
      View source
    • Types of IPv6 multicast addresses
      • Well-Known multicast addresses
      • Solicited node multicast addresses
      View source
    • Well-known IPv6 multicast addresses

      Assigned and reserved for predefined groups of devices
      View source
    • Well-known IPv6 multicast groups
      • ff02::1 All-nodes multicast group
      • ff02::2 All-routers multicast group
      View source
    • Solicited-node multicast address

      Similar to the all-nodes multicast address, but mapped to a special Ethernet multicast address
      View source
    See similar decks