You are previewing IPv6 Network Administration.
O'Reilly logo
IPv6 Network Administration

Book Description

What once seemed nearly impossible has turned into reality. The number of available Internet addresses is now nearly exhausted, due mostly to the explosion of commercial websites and entries from an expanding number of countries. This growing shortage has effectively put the Internet community--and some of its most brilliant engineers--on alert for the last decade. Their solution was to create IPv6, a new Internet standard which will ultimately replace the current and antiquated IPv4. As the new backbone of the Internet, this new protocol would fix the most difficult problems that the Internet faces today--scalability and management. And even though IPv6's implementation has met with some resistance over the past few years, all signs are now pointing to its gradual worldwide adoption in the very near future. Sooner or later, all network administrators will need to understand IPv6, and now is a good time to get started. IPv6 Network Administration offers administrators the complete inside info on IPv6. This book reveals the many benefits as well as the potential downsides of this next-generation protocol. It also shows readers exactly how to set up and administer an IPv6 network. A must-have for network administrators everywhere, IPv6 Network Administration delivers an even-handed approach to what will be the most fundamental change to the Internet since its inception. Some of the other IPv6 assets that are covered include:

  • routing

  • integrated auto-configuration

  • quality-of-services (QoS)

  • enhanced mobility

  • end-to-end security

IPv6 Network Administration explains what works, what doesn't, and most of all, what's practical when considering upgrading networks from the current protocol to IPv6.

Table of Contents

  1. IPv6 Network Administration
    1. SPECIAL OFFER: Upgrade this ebook with O’Reilly
    2. A Note Regarding Supplemental Files
    3. Foreword
    4. Preface
      1. What This Book Is ... and Is Not
        1. History and Background
          1. The IETF and friends
          2. Chronological overview
          3. Contenders for the throne
        2. People
        3. Adoption
        4. Commercial Services
      2. Conventions Used in This Book
      3. Using Code Examples
      4. Comments and Questions
      5. Safari Enabled
      6. Contacting the Authors
      7. A Note on RFCs and Internet Drafts
      8. Acknowledgments
        1. Contributors
        2. Support
        3. Donations
    5. I. The Character of IPv6
      1. 1. The Unforeseen Limitations of IPv4
        1. 1.1. Addressing Model
          1. 1.1.1. CIDR
        2. 1.2. NAT
        3. 1.3. Security
          1. 1.3.1. DNS
        4. 1.4. MAC Layer Address Resolution
        5. 1.5. Broadcast Versus Multicast
        6. 1.6. Quality of Service
        7. 1.7. Routing
          1. 1.7.1. Internal Routing Protocols
          2. 1.7.2. BGP: The External Routing Protocol
          3. 1.7.3. Limits to Success of BGP
        8. 1.8. Summary
      2. 2. The (Un)foreseen Successes of IPv4
        1. 2.1. Simplicity
        2. 2.2. Resiliency
        3. 2.3. Scalability
        4. 2.4. Flexibility
        5. 2.5. Autoconfiguration
        6. 2.6. Extensibility
        7. 2.7. In Short...
      3. 3. Describing IPv6
        1. 3.1. Designed for Today and Tomorrow
          1. 3.1.1. Address Space Exhaustion
          2. 3.1.2. Optimization
        2. 3.2. Packets and Structures
          1. 3.2.1. Basic Header Structure
          2. 3.2.2. Addressing Concepts
          3. 3.2.3. Notation
            1. 3.2.3.1. Hex digit notation
            2. 3.2.3.2. Grouping and separation
            3. 3.2.3.3. Elision
            4. 3.2.3.4. Scope identifiers
          4. 3.2.4. Subnetting
        3. 3.3. Address Architecture
          1. 3.3.1. Global Unicast Addressing
          2. 3.3.2. Link-Local Addressing
          3. 3.3.3. Site-Local Addressing
          4. 3.3.4. Multicast
            1. 3.3.4.1. Multicast addressing in IPv6
            2. 3.3.4.2. Hardware support
          5. 3.3.5. Anycast
        4. 3.4. ICMPv6
          1. 3.4.1. ICMP Echoes and Errors
          2. 3.4.2. Neighborhood Watch
            1. 3.4.2.1. Address resolution
            2. 3.4.2.2. DAD
            3. 3.4.2.3. NUD
            4. 3.4.2.4. Redirection
            5. 3.4.2.5. Router/prefix advertisement
            6. 3.4.2.6. Stateless autoconfiguration
            7. 3.4.2.7. ICMP name resolution
          3. 3.4.3. Router Renumbering
          4. 3.4.4. Multicast Listener Discovery
          5. 3.4.5. Summary of ICMPv6 Types
        5. 3.5. Address Selection
        6. 3.6. More About Headers
          1. 3.6.1. Extension Headers
          2. 3.6.2. Checksums
          3. 3.6.3. Header Compression
        7. 3.7. Introduction to Mobile IPv6
        8. 3.8. Routing
          1. 3.8.1. RIPng
          2. 3.8.2. OSPF
          3. 3.8.3. Integrated IS-IS
          4. 3.8.4. BGP-4+
        9. 3.9. Security
        10. 3.10. Quality of Service
        11. 3.11. The Promise of IPv6
          1. 3.11.1. Simplicity and Flexibility
          2. 3.11.2. Mobility and Security
    6. II. Deploying IPv6
      1. 4. Planning
        1. 4.1. Transition Mechanisms
          1. 4.1.1. Dual Stack
          2. 4.1.2. Configured Tunnelling
          3. 4.1.3. Automatic Tunnelling
          4. 4.1.4. 6to4
            1. 4.1.4.1. DJB's AutoIPv6
          5. 4.1.5. Teredo
          6. 4.1.6. 6over4
          7. 4.1.7. ISATAP
          8. 4.1.8. SIIT
          9. 4.1.9. NAT46/64-PT
          10. 4.1.10. TRT
          11. 4.1.11. Bump in the Stack/API
          12. 4.1.12. Proxies
          13. 4.1.13. Summary of Transition Mechanisms
        2. 4.2. Obtaining IPv6 Address Space and Connectivity
          1. 4.2.1. Upstream Providers
          2. 4.2.2. 6to4
          3. 4.2.3. 6Bone
          4. 4.2.4. Only Intermittently Connected
          5. 4.2.5. RIRs
            1. 4.2.5.1. Relevance to IPv6
            2. 4.2.5.2. RIR operations background
            3. 4.2.5.3. RIPE
            4. 4.2.5.4. Current policy
        3. 4.3. Network Design
          1. 4.3.1. Addressing
          2. 4.3.2. Subnetting
          3. 4.3.3. DHCP
            1. 4.3.3.1. Changes to DHCP for IPv6
          4. 4.3.4. Multihoming
            1. 4.3.4.1. Multiple upstream providers, no BGP
            2. 4.3.4.2. Multiple Upstream Providers, BGP
            3. 4.3.4.3. Multiattaching
        4. 4.4. Managing IPv4 and IPv6 Coexistence
          1. 4.4.1. Fudging Native Connectivity with Ethernet
        5. 4.5. Deploying IPv6
        6. 4.6. Inputs to Deployment Plans
          1. 4.6.1. Existing IPv4 Infrastructure
            1. 4.6.1.1. Converting a host at a time: dual stack
            2. 4.6.1.2. Connectivity and routers
            3. 4.6.1.3. Converting a host at a time: single stack
          2. 4.6.2. No Existing IPv4 Infrastructure
          3. 4.6.3. Topologies
            1. 4.6.3.1. Edge to core or core to edge
            2. 4.6.3.2. Router placement and advertisement
        7. 4.7. Worked Examples
          1. 4.7.1. Enterprise-class IPv4-connected network
            1. 4.7.1.1. Transit-providing medium-size ISP
            2. 4.7.1.2. Special case: Internet Exchange Point
        8. 4.8. Summary
      2. 5. Installation and Configuration
        1. 5.1. Workstations and Servers
          1. 5.1.1. Windows
            1. 5.1.1.1. Windows 2000
            2. 5.1.1.2. Windows XP
            3. 5.1.1.3. Windows Server 2003
            4. 5.1.1.4. Other versions of Windows
            5. 5.1.1.5. IPv6 applications on Windows
            6. 5.1.1.6. Points of interest
          2. 5.1.2. Macintosh (OS X and Darwin)
          3. 5.1.3. Linux
            1. 5.1.3.1. Red Hat and derivatives
            2. 5.1.3.2. SuSE
            3. 5.1.3.3. Debian
            4. 5.1.3.4. Userland/administration support for IPv6
          4. 5.1.4. Solaris
          5. 5.1.5. AIX
          6. 5.1.6. Tru64
          7. 5.1.7. FreeBSD
          8. 5.1.8. Other Workstation/Server OSs
        2. 5.2. Routers
          1. 5.2.1. Cisco
          2. 5.2.2. Juniper
        3. 5.3. Enabling, Testing, and Troubleshooting
          1. 5.3.1. Turning on IPv6
          2. 5.3.2. Testing with ping and telnet
          3. 5.3.3. Know Thy Neighbor (Before Thyself)
          4. 5.3.4. Configuring Name Resolution
          5. 5.3.5. Testing Further Afield: ping, telnet, and traceroute
        4. 5.4. Static Routing
        5. 5.5. Configuring Transition Mechanisms
          1. 5.5.1. Configured Tunnels
          2. 5.5.2. 6to4 configuration
        6. 5.6. Applications
          1. 5.6.1. Web Browsers
            1. 5.6.1.1. Unix
            2. 5.6.1.2. Windows
            3. 5.6.1.3. Mac OS
          2. 5.6.2. Email Clients
            1. 5.6.2.1. Lotus
            2. 5.6.2.2. Mozilla
            3. 5.6.2.3. Mutt
            4. 5.6.2.4. Sylpheed
          3. 5.6.3. SSH
          4. 5.6.4. Miscellaneous
        7. 5.7. Gotchas
        8. 5.8. Summary
      3. 6. Operations
        1. 6.1. DNS
          1. 6.1.1. Record Types
            1. 6.1.1.1. IPv4 DNS lookups
            2. 6.1.1.2. V6 lookups
            3. 6.1.1.3. Setting up DNS
          2. 6.1.2. IPv6 Transport
          3. 6.1.3. Recursive DNS Servers
            1. 6.1.3.1. AAAA bug workarounds
          4. 6.1.4. Gotchas
        2. 6.2. IPsec
          1. 6.2.1. Configuration
        3. 6.3. Routing
          1. 6.3.1. Router Advertisements and Renumbering
            1. 6.3.1.1. IOS
            2. 6.3.1.2. JUNOS
            3. 6.3.1.3. KAME's rtadvd
            4. 6.3.1.4. Other route advertisement daemons
            5. 6.3.1.5. Softly softly
          2. 6.3.2. Multiple Routers
          3. 6.3.3. Routing Protocols
            1. 6.3.3.1. RIP
            2. 6.3.3.2. OSPF
            3. 6.3.3.3. Integrated IS-IS
            4. 6.3.3.4. BGP
          4. 6.3.4. Multicast Routing
        4. 6.4. Firewalls
          1. 6.4.1. Filtering on IPv6 Addresses
          2. 6.4.2. Filtering ICMPv6
          3. 6.4.3. Ingress and Egress Filtering
          4. 6.4.4. Suspicious Addresses
          5. 6.4.5. Packages Available for IPv6 Firewalling
          6. 6.4.6. Impact of IPv6 Deployment on IPv4 Filtering
          7. 6.4.7. Port Scanning
          8. 6.4.8. Gotchas
        5. 6.5. Management
          1. 6.5.1. Running DHCPv6
          2. 6.5.2. SNMP
          3. 6.5.3. Scripting Network Monitoring
          4. 6.5.4. Intrusion Detection
        6. 6.6. Providing Transition Mechanisms
          1. 6.6.1. 6to4 Relay Routers
          2. 6.6.2. Faith
          3. 6.6.3. Hacking Native Connectivity Around Incompatible Equipment
            1. 6.6.3.1. When your gateway router doesn't support IPv6
            2. 6.6.3.2. Ethernet in the WAN
            3. 6.6.3.3. Troublesome ATM devices
            4. 6.6.3.4. MPLS and 6PE
            5. 6.6.3.5. Accounting for hacks
        7. 6.7. Summary
      4. 7. Services
        1. 7.1. General Notes
        2. 7.2. Inetd/TCP Wrappers
        3. 7.3. HTTP
          1. 7.3.1. Apache
            1. 7.3.1.1. Apache as a server on dual-stacked or IPv6 only hosts
            2. 7.3.1.2. Apache for reverse proxying (IP address-based)
            3. 7.3.1.3. Apache for reverse proxying (name-based)
            4. 7.3.1.4. Gotchas
          2. 7.3.2. IIS
          3. 7.3.3. General Issues
          4. 7.3.4. HTTP Proxies and Caches
          5. 7.3.5. Using Apache as a Proxy/Cache
          6. 7.3.6. Using Apache to Fetch Content for an IPv4-Only Proxy/Cache
          7. 7.3.7. Using Apache to Allow IPv6 Clients to Access an IPv4 Only Proxy/Cache
          8. 7.3.8. Small Proxies
        4. 7.4. SMTP
          1. 7.4.1. Sendmail
          2. 7.4.2. Postfix
          3. 7.4.3. Qmail
          4. 7.4.4. Exim
        5. 7.5. POP/IMAP
          1. 7.5.1. WU-IMAP
          2. 7.5.2. Courier-IMAP
          3. 7.5.3. Qpopper
          4. 7.5.4. Cyrus Imapd2
        6. 7.6. NNTP
        7. 7.7. NTP
          1. 7.7.1. Mills's Ntpd
          2. 7.7.2. Other Time-Synchronization Software
        8. 7.8. Syslog
        9. 7.9. Printing
        10. 7.10. FTP
        11. 7.11. Remote Login Services
          1. 7.11.1. Telnetd
          2. 7.11.2. SSH
        12. 7.12. If All Else Fails...
        13. 7.13. Summary
      5. 8. Programming
        1. 8.1. Relevant Functions
          1. 8.1.1. Socket Functions
          2. 8.1.2. Address Resolution Functions
        2. 8.2. Some Simple Examples
          1. 8.2.1. Parsing and Printing Names and Addresses
          2. 8.2.2. A UDP Echo Server and Client
          3. 8.2.3. A TCP Client and Server
        3. 8.3. Case Study: MMDF
          1. 8.3.1. Incoming SMTP Channel
          2. 8.3.2. Outgoing SMTP Channel
          3. 8.3.3. DNS Table Code
        4. 8.4. Other Considerations for Developers
          1. 8.4.1. Switching Between IPv4 and IPv6
          2. 8.4.2. How Long Is a sockaddr?
          3. 8.4.3. When IPv6 Addresses Don't Fit
          4. 8.4.4. Services on Dual-Stacked Hosts
          5. 8.4.5. Mapped IPv4 Addresses
          6. 8.4.6. Tools for Auditing Sockets Code
          7. 8.4.7. Online Guides to Coding for IPv6
          8. 8.4.8. Languages Other than C
        5. 8.5. Summary
      6. 9. The Future
        1. 9.1. Unresolved Issues
          1. 9.1.1. Site-Local Addresses
          2. 9.1.2. Anycast
          3. 9.1.3. DNS
            1. 9.1.3.1. Anycast recursive DNS
            2. 9.1.3.2. DNS discovery
          4. 9.1.4. Multihoming
            1. 9.1.4.1. 8+8
            2. 9.1.4.2. MHAP
            3. 9.1.4.3. Geographical addressing
            4. 9.1.4.4. SCTP
            5. 9.1.4.5. Layer 3 Shim
            6. 9.1.4.6. Better the devil you know?
        2. 9.2. Up and Coming Subject Areas
          1. 9.2.1. Cellular Devices
          2. 9.2.2. P2P Applications
          3. 9.2.3. SIP, IM, and VoIP
          4. 9.2.4. Supporting Notes for Understanding 3G
            1. 9.2.4.1. Architecture
          5. 9.2.5. 3G from the IETF Point of View
          6. 9.2.6. IPv6 in a 3G Network
        3. 9.3. Summary
    7. Glossary
    8. Index
    9. About the Authors
    10. Colophon
    11. SPECIAL OFFER: Upgrade this ebook with O’Reilly