> > > IPV6PRACK Detailed outline

IPv6 Hands-On Workshop (IPV6PRACK)

Course Description Schedule Course Outline

Detailed Course Outline

IPv4 Review

  • This is needed to better understand the evolution from IPv4 to IPv6. This includes the IPv4 addresses and all the workaround, which have extended the life of IPv4 for 20 years.

IPv6 Header

  • The evolution of the Internet since IPv4.
  • IPv6 Header explained
  • IPv6 Header Extensions

IPv6 Addresses

  • Introduction, representation, format, notation.
  • Unicast Addresses: Global Unicast, Unique Local Addresses, how to Reserve a ULA on the web
  • Interface ID: EUI-64, Privacy Extension.
  • Multicast Addresses
  • Anycast Addresses
  • Special addresses: loopback, unspecified, site-local deprecated and others reserved addresses.
  • Addressing Hierarchy
  • Provider Aggregatable Versus Provider Independent
  • Multihoming: the issue and the solutions: Router based, Host based, NPT6
  • Autoconfiguration Stateful (dhcpv6) and Stateless (SLAAC)

ICMPv6

  • ICMPv6 Message format
  • Error Messages
  • Information Messages

Neighbor Discovery Protocol

  • MAC address resolution
  • Neighbor state machine
  • Neighbor Unreachability detection
  • Default Router Selection
  • Autoconfiguration
  • Multicast Group Management

IPv6 on Hosts

  • Windows
  • MAC OS X
  • Linux
  • Firewalls

Hands-On:

  • Setup the IPv6 Addresses on hosts and display the configuration.
  • Take a capture of SLAAC process between a PC and a router (RS/RA, DAD/NS/NA)
  • Take a capture of the Neighbor Discovery process (NS/NA)
  • Take a capture of a periodic RA Announcement

IPv6 on Cisco Routers

  • Cisco routers operations mode
  • Configuration commands
  • Troubleshooting commands

Hands-On:

  • Configure IPv6 static routes on a CISCO router.
  • Take a capture of a ping and a traceroute between a PC and a router

First Hop Routing Protocols (FHRP)

  • Default router Availability
  • The solutions: ND, HSRPv6, GLBP, VRRP, RIPng
  • IPv6 Applications
  • DHCPv6: Stateful, Stateless and Prefix Delegation
  • DNS: what is needed to support for IPv6
  • IPv6 Routers and Network Management
  • Mobile IPv6, NEMO, MANET

Hands-On:

  • Setup a DHCPv6 server on a Cisco router or a PC (Linux or Windows)
  • Setup DNS Server on a PC (Linux or Windows)

IPv6 supported Routing Protocols

  • RIPng, OSPFv3, ISIS, MP-BGP

Hands-On:

  • Configure and monitor OSPFv3 on the routers
  • Configure and monitor BGP on the routers

IPv6 Multicast

  • PIM-SM or ASM Versus PIM-SSM
  • MLD: Differences between MLDv1 and MLDv2
  • Strategies for RP: Static, Embedded RP, Anycast RP, PIM-BSR

Hands-On:

  • Configure multicast routing on the routers
  • Configure a listener on a router and ping it from a PC
  • Monitor multicast routing on the router

Transition to IPv6

  • History of the Transition to IPv6 since the beginning of IPv6
  • Dual-Stack
  • Translation: NAT, NAT-PT, NAT64, NAT46, NAT444, NAT464
  • Tunnels: 6in4, 6to4, 6RD, GRE, DVMRP, DS-Lite

Hands-On:

  • Configure 6in4 and 6RD Tunnels

Introduction to MPLS

  • IPv6 over MPLS for IPv4: 6PE, 6VPE

Hands-On:

  • Configure 6VPE and 6PE between the routers
  • Capture the MP-BGP session startup and explain the OPEN messages
  • Capture some MPLS traffic and explain the labels

QoS in IPv6 Networks

  • What is new with IPv6?
  • The Flow Label field
  • The QoS models for 6PE and 6VPE: Uniform mode, Pipe Mode and Short Pipe mode

Hands-On:

  • Configure the remarking of the Traffic Class for some IPv6 packets at the ingress PE
  • Capture the MPLS traffic and find if the MPLS EXPerimental bits are consistent with the remarked IPv6 Traffic Class

Introduction to Security in IPv6

  • What do we need to protect, deny or permit from the IPv6 Header?
  • Threats on Neighbor Discovery Protocol.

Hands-On:

  • Use THC IPv6 Tools to generate some fake RA then check the routers tables at the hosts
  • Use THC IPv6 Tools to prevent any host to join the network

Cryptographically Generated Address

  • Protect the default router with X.509 Certificates
  • Secured Neighbor Discovery Protocol (SEND)

Hands-On:

  • Demonstration of SEND between routers

Introduction to IPSec

  • IPSec Authentication and Encryption

Hands-On:

  • Configuration of IPSec encryption between routers

DHCPv6, DNS Attacks and Countermeasures

  • Use MD5 Authentication or IPSec for Routing Protocols
  • Secure DNS: Introduction to DNSSEC
  • Secure the routers access
  • Secure the Internet connection
  • IPv6 Firewalls: Router based or Host Based ?
  • IPv6 Firewalls: CISCO IOS Firewall and Zone-Based Firewall, FORTINET, iptables
 

Accessing our website tells us you are happy to receive all our cookies. However you can change your cookie settings at any time. Find out more.   Got it!