NTT TOP
A WAN WAN VRRP NIC OSPF VRRP STP 1. IPv6 IPv6 2. 3. IPv6
1. IPv4 NAT IPv6 1. 2. (IPv4 ) NAT?
Unique Local IPv6 Unicast Address /8 /48 /64 /128 7 1 40 16 64 ULA Global ID Interface ID Type Subnet ID 1111110 0 FC00::/8 1 FD00::/8 FD00::/8 Global ID trunc(sha1(ntp current time + EUI-64), 40bit) Global ID RFC4193 centrally assign FC00::/8 type = 0 ULA, DNS IPv6 NAT
( )2001:db8::/32 APNIC = APINIC IPv6 Documentation Prefix http://www.apnic.net/info/faq/ipv6-documentation-prefixfaq.html IPv6 Address Prefix Reserved for Documentation, RFC3849 1. ISP ISP /48 /64 ( )NTT Com OCN 2001:380:xxxx::/48 2. JPNIC ISP 1.(PI) 2.ISP (/32) 3. 6to4
JPNIC (PI) 3 ( ) JPNIC ISP (/32) IP IPv4 IPv6 2IPv6 200 2 IPv6 IPv6 IPv6
IPv4netmask P2P /30 NW /26 /28 IPv6/64 IPv6 /64 /48 6 5/64 IPv4 HW ( CPU ) / / ACL
IPv6 IPv6 QoS IP ( v4 ) IF1 Destination 2001:db8:0001::/48 Interface IF1 1 OK! X 2001:db8:0001::/48 /48 Prefix A B G 2001:DB8:0001:0100::/56 2001:DB8:0001:0200::/56
IPv6IF FQDNIP % ifconfig ifconfig -a -a fxp0: fxp0: flags=8843<up,broadcast,running,simplex,multicast> mtu mtu 1280 1280 inet6 inet6 fe80::206:5bff:fe3b:xxxx%fxp0 prefixlen prefixlen 64 64 scopeid scopeid 0x1 0x1 inet6 inet6 2001:db8:4fd::25 prefixlen prefixlen 64 64 inet6 inet6 2001:db8:4fd::110 prefixlen prefixlen 64 64 ether ether 00:06:5b:3b:XX:XX media: media: Ethernet Ethernet autoselect autoselect (100baseTX (100baseTX <full-duplex>) <full-duplex>) status: status: active active 2001:db8::/32 Prefix XXX 2001:db8:1000:/36 YYY 2001:db8:f000:/36 2001:db8:1100:/48 2001:db8:1f00:/48 2001:db8:f100:/48
/48 /64 /5464 /5816 LAN /6464 /48 /48 /54 /54 /54 /54 /54 /54 /58 /58 /58 /58 /58 /58 LAN 64bit PC LAN PC /48 /64 /56256 LAN /64256 /48 /48 /56 /56 /56 /56 /56 /56 LAN 64bit PC LAN PC
/64 (RFC3177) RA( )/64 NW 64bit /65 /127 P2P /126 Router Anycast (RFC3513) /127(RFC3627) RA(Router Advertisement) NW DHCPv6 ( ) RA NIC
<prefix>::< > 2001:db8::53 2001:db8::25 2001:db8::80 (DNS (SMTP (WWW <prefix>::< > 2001:db8::1 2001:db8::5 (IF) ( 5 IF) RA RA /64 prefix(rfc4861) IF IPv6RA RA RA
RA RA RA Prefix: P RA RA Windows XP RA on RA IPv4 DHCP LAN IPv6 6to4IPv6 IPv4 DHCP IPv6 RA 2002:xxxx:xxxx:xxxx::/64 2002:xxxx:xxxx:xxxx::/64
RA RA RA RA ( ) IPv6 /64 /48 /?? /?? /?? /?? /?? /?? /?? /?? /?? /?? /?? /?? LAN 200 (LAN) 10 LAN /64 PC LAN 64bit PC
( ) IPv6 VLAN VLAN RA PC RA ( ) IPv6 IPv4 VLAN IPv6 3 or 4 VLAN100 (config)# interface vlan 100 IPv6 (config-if)# ipv6 enable IPv6 (config-if)# ipv6 address 2001:db8:X:Y::Z/64
2. IPv4 IPv6 prefix next-hop next-hop prefix /48/64
IPv4 IPv6 IPv4, IPv6 CPU/Memory IPv4, IPv6 v6nw IPv6 L2 (IPv6 ping)
IPv6 ff00::/8 128 8 4 4 112 0 1 2 3 4 5 6-7 8 9 - D E F ff01::1 ff02::1 ff01::2 ff02::2 ff05::2 ff02::1 ICMP echo ICMP echo ff02::9 RIPng ff02::5 (OSPFv3)
static routing v4 RIPng IPv6 OSPFv3 BGP4+ ISP PIM-SM static routing IPv4 static routing Next-hop Next-hop IF link-local
RIPng OSPFv3
BGP4 BGP4+(MP-BGP) MP_REACH_NLRI (IPv4 ) Router-id 32bit AS v4/v6 ( ) OSPFv3 VLANOSPFv3 OSPFv3 ( 10 ) (config)# ipv6 router ospf 10 ID IPv432bit (config-rtr)# router-id x.x.x.x (config-rtr)# passive-interface vlan 10 vlan 10 (config)# interface vlan 10 OSPFv3 10, area 0 (config-if)# ipv6 ospf 10 area 0
( ) OSPFv3 ) 3.
FW IPv6 NAT IPv6 NAT NATNW IPv6 End-to-End NAT SPI Local Network Protection for IPv6 (RFC 4864) NAT
NAT IPv4NAT IPv6 NAPT Stateful Packet Inspection SPI IPv6 SPI TCP DNS, NTP ICMPv6 type 1,2,3 ( ) Type Type Type 1: Destination Unreachable 2: Packet Too Big 3: Time Exceeded (NDP)
RFC4941 ID IPv6 MACEUI-64 Windows Windows XP C: > netsh interface ipv6 show address interface= mode=normal Interface 6: Addr Type DAD State Valid Life Pref. Life Address --------- ---------- ------------ ------------ --------------------------- Temporary Preferred 6d22h54m54s 22h52m7s 2001:db8:155b:3837:d902:a54 C: > netsh interface ipv6 show privacy --------------------------------------------- : enabled : 7d : 1d C: > netsh interface ipv6 set privacy state=disable mode=persistent
IPv4 ICMPv6 ICMP IPv6 ICMPv6 ICMPv6 Destination Unreachable Type = 1 Packet Too Big Type = 2 Time Exceeded Type = 3 Recommendations for Filtering ICMPv6 Messages in Firewalls (RFC4890) ICMPv6 TCP IPv4 TCP Traceroute6 IPv6
ICMPv6 ICMP IPv4 xdsl BAS WWW MTU 1500 MTU 1454 MTU 1500 MTU Maximum Transmission Unit IPv6 MTU MTU ICMPv6 IPv6 MTURFC1981) MTU 1500 MTU 1454 MTU 1500 MTU 1280 MTU 1500 xdsl 1500 BAS WWW ICMP (MTU=1454) 1454 ICMP (MTU=1280) 1280 IPv4 MTURFC1191 ICMP
IPv4 MTU DF IPv6 (v4 ) ping telnet ssh ls prefix prefix Special-Use IPv6 Addresses (RFC5156) ( ) fec0::/10 ULA fc00::/7 ff00::/8 2001:db8::/32 IPv4 (::a.b.c.d/96) IPv4 (::ffff:a.b.c.d/96) IPv4 a.b.c.d
IPv6 hop-by-hop TCP SPI IPv6 Log IPv6 IPv6 End-to-End IPsec P2P
( ) xxx (config)# ipv6 access-list xxx 2001:db8::/32 (config-ipv6-acl)# 100 permit ipv6 2001:db8::/32 any interface (config)# interface gigabitethernet XXX in (config-if)# ipv6 traffic-filter xxx in