[Godlisten Sumari]

What Is Dual Stack?

Dual Stack means a device (like a router, server, or computer) is configured to run both IPv4 and IPv6 simultaneously. It can communicate using either protocol, depending on what the other device supports.

How It Works:

<ul data-start=”458″ data-end=”779″>

[Godlisten Sumari]

Requirements for BGP IPv6 Peering

*Both routers must:

<ul data-start=”598″ data-end=”706″>

[Godlisten Sumari]

In OSPF or IS-IS:

<ul data-start=”714″ data-end=”950″>

[Godlisten Sumari]

Key Features of OSPFv3

1. Support for IPv6:

   • OSPFv3 is specifically designed to handle IPv6 addresses and routing. It uses the IPv6 protocol suite for its routing operations.

2. Link-State Protocol:

   • Like OSPFv2, OSPFv3 is a link-state routing protocol. Routers maintain a database of the topology of the network and use this information to calculate the shortest path to each destination.

3. Multiple Instances:

   • OSPFv3 allows multiple instances of the protocol to run on the same link, enabling multiple OSPFv3 processes to coexist and providing support for multiple routing domains.

4. Flexibility with Network Prefixes:

   • OSPFv3 can handle multiple network prefixes and subnets. It uses a new approach called “Address Family Identifier” (AFI) to support this flexibility.

5. Protocol and Network Layer Separation:

   • OSPFv3 separates the routing protocol from the network layer. This means that OSPFv3 does not include address information in its LSAs (Link-State Advertisements), allowing for a cleaner separation of responsibilities.

6. Improved Security:

   • OSPFv3 supports IPsec for authentication and confidentiality, providing better security mechanisms than OSPFv2, which relied on simpler password-based authentication.

[Godlisten Sumari]

Static routing in IPv6 works similarly to IPv4, but it is designed to handle IPv6’s larger address space and more advanced features like address auto-configuration and link-local addresses. With IPv6 static routing, the administrator manually sets up routes for the router to forward packets to specific destinations.

Key Concepts in IPv6 Static Routing:

• Source Router: The router where the static route is configured.
• Destination Network: The IPv6 network that the traffic is meant to reach.
• Next-Hop: The IPv6 address of the next-hop router or the interface where the traffic should be forwarded.

[Godlisten Sumari]

Key components of IPv6 routing include:

• IPv6 Address Types: Unicast (single device), Multicast (multiple devices), and Anycast (nearest device).
• Routing Protocols: Similar to IPv4, IPv6 supports both static and dynamic routing protocols such as OSPFv3 (Open Shortest Path First), BGP (Border Gateway Protocol), and RIPng (Routing Information Protocol next generation).
• Neighbor Discovery Protocol (NDP): Replaces ARP in IPv6, handling device discovery, address resolution, and duplicate address detection.
• Dual Stack Networks: Networks can operate in both IPv4 and IPv6 simultaneously during the transition to full IPv6.

[Godlisten Sumari]

Communication and Message Types

• DHCPv4:

  • Uses broadcast communication to reach all devices on the network, as IPv4 devices may not initially have an address.
  • Uses a four-step message exchange:
    1. Discover: The client broadcasts a request for an IP.
    2. Offer: The server offers an IP address.
    3. Request: The client requests the offered IP.
    4. ACK: The server acknowledges the assignment.

• DHCPv6:

  • Uses multicast instead of broadcast, as IPv6 supports multicast by design. DHCPv6 uses the multicast address ff02::1:2 for communication.
  • Uses a two-step message exchange (for stateful):
    1. Solicit: The client requests an address.
    2. Advertise, Request, and Reply: The server responds with an offer, and the client requests the offered address.
  • DHCPv6 supports both stateful and stateless modes. The M flag (Managed) and O flag (Other) in Router Advertisements determine if DHCPv6 is used for stateful address assignment or just for other information.

[Godlisten Sumari]

Stateless Address Autoconfiguration (SLAAC) is an IPv6 mechanism that allows devices to automatically configure their own IP addresses without the need for a DHCP server. Here’s how it works

• ICMPv6 RA: Routers periodically send ICMPv6 Router Advertisement (RA) messages on the network, or they respond to Router Solicitation (RS) messages from devices seeking network configuration information.
• RA Contents: The RA contains information like the network prefix, the A flag (Autonomous Address Configuration), and the L flag (On-link). These indicate whether SLAAC is allowed for address generation and if the prefix can be used for direct communication within the link.

[Godlisten Sumari]

In IPv6 provisioning, Router Advertisements (RA) are sent by routers to inform devices about network settings. These RAs contain flags that determine how devices should configure their IPv6 addresses. The key RA flags used in provisioning are:

1. M Flag (Managed Address Configuration Flag):

• Purpose: Instructs devices to use Stateful DHCPv6 to obtain an IPv6 address.
• Action: If set to “1”, devices should request an address from a DHCPv6 server. If “0”, they rely on other mechanisms like SLAAC.

2. O Flag (Other Configuration Flag):

• Purpose: Instructs devices to use Stateless DHCPv6 for additional configuration information (like DNS servers), but not for IP addresses.
• Action: If set to “1”, devices use DHCPv6 to get additional configuration details, but still use SLAAC for their IP address.

3. A Flag (Autonomous Address Configuration Flag):

• Purpose: Indicates whether devices can use SLAAC to configure their IPv6 addresses automatically.
• Action: If set to “1”, devices generate their own address using the prefix in the RA and their interface ID.

4. L Flag (On-link Flag):

• Purpose: Indicates that the prefix in the RA can be used for on-link communication without needing a router.
• Action: If set to “1”, devices treat the prefix as valid for direct communication within the local link.

[Godlisten Sumari]

Stateless Address Autoconfiguration (SLAAC):

• Overview: SLAAC allows devices to automatically configure their own IPv6 addresses without needing a server. A device generates its address based on the network prefix (received from a router) and its own interface identifier (often derived from its MAC address).
• How it Works:
  • The router advertises the network prefix using ICMPv6 Router Advertisement (RA) messages.
  • Devices listen to these messages, construct their address by appending their interface ID to the prefix, and use Neighbor Discovery Protocol (NDP) to ensure address uniqueness.
• Advantages: No need for a DHCP server, simpler setup.
• Limitations: Less control over address assignment and no central logging or tracking of addresses.

[Godlisten Sumari]

Stateless Address Autoconfiguration (SLAAC) is an IPv6 mechanism that allows devices to configure their own IP addresses without requiring a DHCP server. It uses Router Advertisements (RA) sent by routers to communicate essential network configuration information like prefixes, subnet masks, and default gateways.

[Godlisten Sumari]

• Router Discovery: Hosts discover routers and network configurations.

• Prefix Discovery: Hosts learn network prefixes to configure their own IPv6 addresses.

• Neighbor Discovery: Nodes discover the link-layer (MAC) address of other devices on the local network.

• Duplicate Address Detection (DAD): Ensures that no two devices use the same IPv6 address.

• Redirect: Routers inform hosts of better routing paths for specific destinations.

[Godlisten Sumari]

Neighbor Discovery Protocol (NDP) is a key component of IPv6, performing several essential functions that replace and extend functionalities of IPv4’s ARP (Address Resolution Protocol), ICMP, and Router Discovery. NDP uses ICMPv6 (Internet Control Message Protocol for IPv6) messages to manage interactions between IPv6 devices on the same link or network.

[Godlisten Sumari]

Securing IPv6 Router Advertisements (RA) is important to protect the network from various attacks, such as rogue RAs or neighbor discovery attacks. These attacks can mislead hosts into accepting incorrect routing information, disrupt network connectivity, or even lead to a man-in-the-middle attack.

[Godlisten Sumari]

Verify IPv6 Configuration

Once IPv6 is configured, you can verify the settings using built-in tools.

* Using Command Prompt<div>

1. Open Command Prompt by typing

cmd

2. in the Start menu and pressing Enter. Type

ipconfig

and press Enter. </div><div>

This will display the current network configuration for all interfaces.

<ul style=”background-color: var(–bb-content-background-color); font-family: inherit; font-size: inherit; color: var(–bb-body-text-color);”>

[Godlisten Sumari]

In IPv6, a privacy address (also known as a temporary address) is used to enhance the privacy of users by generating random, short-lived IP addresses for outgoing connections. This helps protect users from tracking based on their IP addresses. Privacy addresses are generated using Stateless Address Autoconfiguration (SLAAC) but with a randomized interface identifier rather than the traditional one derived from the device’s MAC address.

Windows: IPv6 privacy extensions are enabled by default. To check or modify the settings:

• Open a command prompt with administrator privileges. Use the command

<i style="background-color: var(--bb-content-background-color); font-family: inherit; font-size: inherit; color: var(--bb-body-text-color);">netsh interface ipv6 show privacy

• Enable or disable privacy addresses using:

<i style="background-color: var(--bb-content-background-color); font-family: inherit; font-size: inherit; color: var(--bb-body-text-color);">netsh interface ipv6 set privacy state=enable

<i style="background-color: var(--bb-content-background-color); font-family: inherit; font-size: inherit; color: var(--bb-body-text-color);">netsh interface ipv6 set privacy state=disable

• This reply was modified 1 année, 8 mois ago by  Adebowale Aduloju. Reason: removed some html codes

[Godlisten Sumari]

SLAAC (Stateless Address Autoconfiguration): Hosts generate their own IP addresses using the network prefix from the router and a unique identifier derived from the MAC address and DHCPv6: Similar to DHCP in IPv4, it provides IP addresses and other configuration details like DNS servers.

[Godlisten Sumari]

• IPv4: Has a complex header with 12 mandatory fields, including fields for fragmentation, options, and a checksum.
• IPv6: Has a simplified header with only 8 mandatory fields. The fixed-length header, 40 bytes is designed for better performance, with optional features handled via extension headers.
• Perspective: IPv6 simplifies packet processing by routers because of the reduced number of fields, which enhances efficiency, especially in high-speed networks.

[Godlisten Sumari]

An Anycast address in IPv6 is a special type of address that is assigned to multiple interfaces on different devices, but represents a single destination. The primary goal of an Anycast address is to deliver data to the nearest or most optimal node in a group of potential receivers, based on the routing protocol’s decision. It is used for load balancing, redundancy, and optimizing traffic distribution.

[Godlisten Sumari]

The IID can be generated based on a device’s MAC address using the EUI-64 format,

• The 48-bit MAC address is split into two 24-bit segments.
• The hexadecimal value 0xFFFE
  is inserted between the two segments, expanding it to 64 bits.
• The Universal/Local (U/L) bit is inverted changing from 0 to 1 or 1 to 0 to indicate if the address is globally unique or locally administered.

Administrators can assign a specific IID for special cases, such as servers or routers, to ensure a fixed, easily identifiable address.