IPv6 Essentials - Foundations of the new Internet Protocol
- 2 hours on-demand video
- 52 downloadable resources
- Full lifetime access
- Access on mobile and TV
- Certificate of Completion
Get your team access to 4,000+ top Udemy courses anytime, anywhere.Try Udemy for Business
- Understand why we need IPv6 and why it is here to stay
- Know how IPv6 addressing works and what types of addresses there are
- Know where to get those addresses
- Be able to divide or subnet an IPv6 network
- Know what's new in ICMPv6 (aka. how do you ping and traceroute?)
- Tell what the IPv6 header looks like and how it can be modified by Extension Headers
- Explain how Neighbor Discovery works (this replaces ARP)
- Configure devices to get their addresses (using DHCPv6 or stateless address autoconfiguration). We will not go into detail how IPv6 is configured on any specific vendor's software and hardware and cover the technology aspects instead. By knowing how the technology works, you will know what to look for when selecting new hardware, software, or when you need to find out how a specific configuration is done on your devices. I will show examples on Cisco IOS, Juniper JUNOS, HP, Windows and Linux for reference
- Tell what changed in DNS and how to make your website IPv6 enabled
- Run IPv6 side by side in your IPv4 network without impact (Dual Stack)
- Know what routing protocols are available for IPv6 and what the major differences to IPv6 routing protocols are
- Know what tunneling options are available and how to connect IPv6 islands over IPv4 networks
- Secure your network and keep malicious threats out
- Tell what the best practices are when setting up your secure IPv6 network
- Connect to the IPv6 Internet in the perfect way depending on your network
- Monitor your IPv6 network
- Plan and manage your IP addressing
- Connect to IPv4 hosts when you are IPv6-only and don’t run Dual Stack
- You should be familiar with IPv4
- Knowing how to subnet IPv4 is a plus (don't have to be fast, just know the basics)
- You should know what ARP does in an IPv4 network
- Knowing about VPN tunnels, what they are used for and how they work is a plus
IPv6 is not only the future of networking, it is already here today! All the big players on the Internet are already IPv6 enabled and it is now time for you to join the party!
Apart from the Internet, all other networks - from corporate to your home network - also run IP and are affected by the change that is happening right now as you read this!
This course covers all major aspects of the new Internet Protocol and what changed, compared to IPv4. You will understand the fundamentals and be ahead of your peers that are still on the sinking ship of IPv4! As of today, there are no IPv4 addresses left and we have no other option but to go ahead and deploy IPv6.
Your trainer has 14 years of experience deploying, engineering and running IPv6 and you will directly benefit from this!
The course is divided into 8 topics and spans over 31 videos with a combined length of more than 2 hours. Additionally over 50 PDF documents for quick reference and review are provided for your convenience.
The length of the training is optimised for a quick look into IPv6, covering everything you need to know and without getting too much into details that you don't need to know today.
Enjoy - and welcome to the future of networking!
- This essentials class is vendor independent and interdisciplinary. The target audience is system administrators, network engineers and IT support staff. You will need a solid understanding of IPv4. There is no need for detailed knowledge about routing protocols or server applications, but you should be familiar with networks and how computers interact using IPv4.
Hello and Welcome to IPv6 Essentials!
Get to know the course, the agenda and your trainer in this opening section.
Let's talk about:
- What is IPv6?
- Why do we need it?
- When will it be here?
- How do you get IPv6 Addresses?
- Statistics on IPv4 Depletion and IPv6 Deployment
This section discusses the special IPv6 addresses, such as:
- the Unspecified Address
- the Default Route
- the Loopback Address
- addresses from the Link-Local Scope
- addresses from the Unique-Local Scope
- addresses from the deprecated Site-Local Scope
- IPv4-mapped IPv6 addresses
- addresses used in 6to4 Tunneling
- addresses used in Teredo Tunneling
- addresses from the Documentation Prefix
In this section we will do a quick review of the IPv4 protocol header and show the differences if the new IPv6 protocol header. We will also talk about the different fields in the IPv6 header and the Extension Header types, such as:
- Hop-by-Hop Options Header
- Destination Options Header
- Routing Header
- Fragment Extension Header
- Authentication Header (AH)
- Encapsulating Security Payload Header (ESP)
- Mobility Header
Neighbor Discovery is a big topic in IPv6 and provides the basis of the new Internet Protocol. After this part you will know the key components to the Neighbor Discovery protocol suite and the different ICMPv6 Messages that are used in each network communication, such as:
- Neighbor Discovery (ND)
- Solicited-Node Multicast Address
- Router Solicitation (“RS”, ICMPv6 Type 133)
- Router Advertisement (“RA”, ICMPv6 Type 134)
- Neighbor Solicitation (“NS”, ICMPv6 Type 135)
- Neighbor Advertisement (“NA”, ICMPv6 Type 136)
- Redirect (ICMPv6 Type 137)
The basis for IPv6 is Link-Local communication. Each interface that is participating in IPv6 needs to have a Link-Local address. Let's look at how this address is generated and what is done to make sure it is unique.
- Generating a Link-Local Address
- Duplicate Address Detection
The way that addresses are usually generated (EUI-64) provides always the same address ending (the last 64 bits). This means that a client is theoretically trackable globally. There is another way: IPv6 Privacy Extensions. I will explain why this is a good solution and how it works.
If you do not want to address a device statically, there is another new option in IPv6:
Stateless Address Autoconfiguration (SLAAC). This is usually the way that clients are addresses in real world IPv6 deployments. In this section we will look at how SLAAC works and how to implement it.
In addition to Stateless Address Autoconfiguration (SLAAC), or as a replacement, you can use DHCPv6, which is a new implementation of the DHCP Protocol. DHCPv6 can provide additional information that is not commonly provided by the SLAAC mechanisms. We will also look at two examples of configuration on Cisco IOS and Linux (ISC dhcpd6 server).
In IPv6, you mostly have multiple addresses per link, at least a Link-Local address, and probably also one or more Global addresses. But for a new outbound connection, which address do you use as source? If you open your web browser, will the connection request come from the Link-Local address, or from a Unique Local address, or from a Global address - and if so - which one?
The Domain Name System (DNS) is still with us and some of you might be glad, as IPv6 addresses can be more complex than their IPv4 counterparts (only if you don't do your IPv6 addressing scheme in a way that is not recommended! ;-)
In this section I will explain the new DNS record (AAAA) that changes the old "Forward Record" (A) and what is changed with Pointers (PTR).
- Forward Record (AAAA)
- Reverse Record (PTR)
- mtr (My Traceroute)
- dig (DNS)
Routing protocols are everywhere! Even if you do not use dynamic routing in your network, you probably have a redundant Internet connection, or at least a redundant gateway. If you do, then you might be already using one of the older Next Hop Redundancy Protocols (NHRP), sometimes also called First Hop Redundancy Protocols (FHRP).
There is a new player in the game - Subnet Router Anycast. Apart from this, we will also look at the two other common NHRPs and what changed in their IPv6 version:
- Subnet Router Anycast
Routing is important for every network. If yours is is medium or large, you are probably using one of the common and already existing routing protocols. All of them are also available for IPv6, but in an updated form. Let me explain what's new and what stayed the same with each of them. We will not go into much detail but cover the basics of all common routing protocols, so you now where to look next, when you need it. We will be covering:
- EIGRP for IPv6
- IPv6 and IPv4 Security Best Practices
- IPv6 Security Best Practices
- Recommended Security Features in the Enterprise
You can only prevent attacks on your network if you know how they are carried out. In this section you will learn about the most common attacks against IPv6 and how to prevent attackers from the outside and also from the inside to harm your network.
Common attacks are:
- IPv6 ND Cache Exhaustion
- IPv6 Router Advertisements
- DHCPv6 Spoofing
- Source IP Address Spoofing
- Attacks against Routing Protocols
- Unwanted Tunneling
Tunneling is not new, but has already been used with IPv4. If you want to connect your network over the Internet, you can create a secure tunnel. With IPv6 this still applies, but additionally, you may want to connect your IPv6-only networks via the IPv4 Internet, or the other way around. You may have most parts of your network IPv6 ready, maybe Dual Stack, but small parts remain IPv4-only. In these scenarios you can apply tunneling to keep the network connected.
On the other hand you way want to connect your host at home to the IPv6 Internet, without your provider being IPv6 capable yet. There are also tunnels available for that.
We will discuss different tunneling types:
Gateway to Gateway Tunneling
- IPv6-in-IPv4 (6in4)
- GRE Tunnel (Generic Routing Encapsulation)
- 6rd - IPv6 Rapid Deployment
Host to Gateway Tunneling
- ISATAP (Intra-Site Automatic Tunnel Addressing Protocol)
- Tunnel Broker
Tunneling IPv6 over IPv6
Tunneling IPv4 over IPv6
- IPv6 Network Sizes
- Why Transit Links use /127
- Use Link-Local/Unique Local (ULA) or Global Addresses for Infrastructure?
Now that you know all about IPv6, you probably want to connect your network to the public IPv6 Internet. Understand the different connection types for your enterprise network, using BGP or static routing in multiple different ways, depending on your needs.
If you do not have a whole network to connect, but only your PC, there is also a solution to test-drive IPv6 from home before deploying it in your network!
We will discuss the different types of IPv6 Internet connectivity:
- IPv6 Addresses out of PA Space of the upstream ISP, single-homed
- IPv6 Addresses out of PA Space of the upstream ISP, dual homes
- Customer's own PI Space, Provider announced
- Customer's own PI Space, speaking BGP with the Provider
- IPv6 Tunnel using tunnel broker SixXS (no native connection)
If you are a real geek and want to run your network IPv6-only (no Dual Stack with IPv4 side by side), there are technologies to help you access these old IPv4-only servers on the Internet. All the big players have already enabled IPv6 and run their networks Dual Stack, but some old folks may remain.
Learn about NAT64 and DNS64 and how these technologies provide seamless connectivity between your IPv6-only network and remote IPv4-only services, without the need to configure your clients in any way.