Sunday, February 1, 2015

Cisco CCNP - 300-101 - IPv6 Review

So it's that time again for me to renew my Cisco Certifications. As a result, this posts is based on my preparation for the CCNP Route Exam (300-101).

In this post I will be focusing on IPv6 Review. In some of my previous posts, I've done work on IPv6. However, this will serve as a refresher. If you wish, you can go back to these for additional guidance.

 IPv6 Header Format

   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |Version| Traffic Class |           Flow Label                  |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |         Payload Length        |  Next Header  |   Hop Limit   |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   +                                                               +
   |                                                               |
   +                         Source Address                        +
   |                                                               |
   +                                                               +
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   +                                                               +
   |                                                               |
   +                      Destination Address                      +
   |                                                               |
   +                                                               +
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


Key benefits of IPv6   
    - greater amount of addresses
    - Multiple methods of dynamic address assignments, eg. DHCP and stateless autoconfiguration
    - hosts can move around the network while retaining their addresses without loosing current session
    - No need for NAT/PAT
    - Built in IPSec support
    - Improvements in the header such as no need for routers to calculate header checksum for each packet
      Flow labels, which allows all packets sent across the same session to be easily identified
    - No layer 3 broadcast. Instead multicast is used
   

Conventions
    - 128-bit
    - IPv6 uses 32 Hexadecmial numbers, organized into 8 quarters of 4 hex digits separated by a colon
      2000:0000:0000:0000:0000:00A0:0000:0001
     

Hex Binary Table 
   
Decimal    Hex    Binary
0               0       0000
1               1
       0001
2
               2       0010
3
               3       0011
4
               4       0100
5
               5       0101
6
               6       0110
7
               7       0111
8
                     1000
9
               9       1001
10
             A       1010
11
             B       1011
12
             C       1100
13
             D       1101
14
             E       1110
15
             F       1111


Conventions for shortening an IPv6 address
    - Omit leading 0s
    - represents one or more group of 0s with a "::". This can only be done once
    - Using the example above (2000:0000:0000:0000:0000:00A0:0000:0001), we can reduce this as follows
      2000::A0:0:1
      2000:0:0:0:0:A0::1
     
      if we used 2000::A0::1 - This would be INVALID as we cannot have two or more of "::"


IPv6 prefixes are often called IPv6 subnets

Dealing with prefixes   
    Address: 2000:0000:0000:0000:0000:00A0:0000:0001/64
   
    The address above has a 64 bit prefix, this means that all hosts with the first 64 bits are in the same subnet. Thus we can rewrite the address as
    2000:0000:0000:0000::/64 - I use "::" because the host part has now all become 0s.
   
    Using a 56 bit prefix
    2000:0000:0000:0000:0000:00A0:0000:0001/56
   
    2000:0000:0000:0000::/56 - Once again "::" was used because the remainder bits are all 0s. However, even though we only used 56 bits we still have to write out the full quartet if our prefix does not fall on a 16-bit boundary   
   
    Using 3 bit prefix
    2000:0000:0000:0000:0000:00A0:0000:0001/3
   
    2000::/3 - Once again "::" was used because the remainder bits are all 0s. Remember we still have to write out the full quartet    once we are not on a 16 bit boundary.
   
   
    Using 26 bit prefix
    2000:0000:0000:0000:0000:00A0:0000:0001/26
   
    2000:0000::/26 - Once again "::" was used because the remainder bits are all 0s. Remember we still have to write out the full quartet    once we are not on a 16 bit boundary.
   
   
    Using 32 bit prefix
    2000:0000::/32 - In this case we landed on a 16 bit boundarys

   
   

Subneting in IPv6
   |         n bits         |   m bits  |       128-n-m bits         |
   +------------------------+-----------+----------------------------+
   | global routing prefix  | subnet ID |       interface ID         |
   +------------------------+-----------+----------------------------+

    2000:0000:0000:0000:0000:00A0:0000:0001/48
    Before subneting the above has 80 bits for the host field. We will borrow from here for our subnet
   
    No need to worry about the 0 or broadcast subnet in IPv6
   
    This means "global routing prefix" = 2000:0000:0000
    subnet ID (16 bits) = 0000
    Interface ID (64 bits) = 0000:00A0:0000:0001
   
   
    From the above we can create multiple subnets by changing the subnet value. eg, 00AD would give us an IPv6 address of
    2000:0000:0000:00AD:0000:00A0:0000:0001/64
   
    Likewise subnet ID of E02F = 2000:0000:0000:E02F:0000:00A0:0000:0001/64
   

   
Interface ID
    - Interface IDs should be unique and thus are based on the interface MAC address
    - Converts the 6 byte (48-bit) MAC address to an 8 byte (64-bit) value
    - Using MAC address 01:02:03:04:05:06
      first split the MAC into 2 3 byte portion - 01:02:03 and 04:05:06
      Next in insert FFFE in the middle - 01:02:03:FF:FE:04:05:06
      The above extended the 48-bit MAC address to 64-bit
      Next to change to EUI-64 bit format, we flip the 7 bit in the leftmost byte
      In the address "01:02:03:FF:FE:04:05:06" "01" would be the leftmost byte
      01 (hex) = 0000 0001 (Binary)
      The 7th bit is "0" when flipped it becomes "1"
      New value = Binary: 0000 0011 or Hex 03
      The new EUI-64 address is 03:02:03:FF:FE:04:05:06
      The above host ID can now be assigned to any device
   
   
   
How IPv6 hosts obtain their IP, DNS, etc
    - Stateful DHCP
      Similar to DHCP in IPv4
      Does not provide default router configuration
      Relies on Neighbor Discovery Protocol which occurs between local routers and clients
      Uses Stateful and Stateless configuration. In stateful, the server tracks and maintains lease information, in stateless it does not.
      In IPv4 DHCP hosts send broadcast, in IPv6 hosts send IPv6 multicast
      IPv6 multicast addresses start with FF00::/8
     
    - Stateless Autoconfig
      Core tool
      allows hosts to learn IP (prefix, host, prefix length), DNS, default router, etc
      Uses Neighbor Discover Protocol (NDP)
      Derives the EUI-64 address
      Stateless DHCP to learn DNS IPv6 addresses
      Router Solicitation (uses ICMPv6)   
   
    - static configuration
      Manually configure the entire 128-bit address
      Host uses Network Diccovery Protocol (NDP) to learn DNS, default routers, etc
   
    - Static configuration with EUI-64
      Manually configure the prefix and let the device use an EUI-64 address for the interface
      Host uses Network Diccovery Protocol (NDP) to learn DNS, default routers, etc
     
     
     
Types of IPv6 address   
    - Unicast - similar to IPv4. Every interface must have a unique address
        - Unique Local
            - Similar to IPv4 private addresses
            - These addresses should be used within a private organization
            - begins with FC00::/7
           
      | 7 bits |1|  40 bits   |  16 bits  |          64 bits           |
      +--------+-+------------+-----------+----------------------------+
      | Prefix |L| Global ID  | Subnet ID |        Interface ID        |
      +--------+-+------------+-----------+----------------------------+           
           
            - If L bit set address is locally assigned. This makes the first byte "FD"
           
        - Link Local
            - These packets should not leave the local subnet
            - Router does not forward packets with Link Local address
            - Used on a single subnet
            - Used RS and RA messages
            - Used by Neighbor Diccovery
            - next hop address for IP Routes
            - Each host can calculate its own address
            - Addresses start with FE80::/10
           
           
    - Multicast - represents a dynamic group of hosts.
        FF02::1 - All IPv6 nodes on a link
        FF02::2 - All IPv6 routers on a link
        FF02::5, FF02::6 - OSPF
        FF02::9 - RIP v2
        FF02::A - EIGRP
        FF02::1:2 - DHCP Relay Agents
        FF05::1:3 - DHCP Servers
        FF05::101 - NTP servers

       
    - Anycast - Allows servers that serves the same function to use the same IP. It results in a nearest server first design.


   
Detecting Duplicate Addresses
    - Network Discovery Matter
        - Neighbor database get queried
   
    - Duplicate Address Detection (DAD)
    - Inverse Network Discovery
       
   
All IPv6 routing devices send updates either to Unicast or Multicast addresses
IPv6 interface typically have 2 IPv6 addresses, one link local and one global unicast
IPv6 allows for multiple IPs on an interface without the need for secondary address

Hex of all 0s, represent an unknown address
    Examples are: - 0000:0000:0000:0000:0000:0000:0000:0000:/128-bit
                    ::/128
The above address can be used as a source IP when a host has no suitable IP

Loopback
    0000:0000:0000:0000:0000:0000:0000:0001:/128-bit
    1::/128
   
   

Reference:
CCNP official Cert Guide - CCNP Routing and Switching - Route 300-101
https://www.ietf.org/rfc/rfc2460.txt
https://tools.ietf.org/html/rfc3513
https://tools.ietf.org/html/rfc4193

No comments:

Post a Comment