Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Ipv6 shared SOHO connect

666 views

Published on

改編 いまからはじめるIPv6
IPv6ネットワーク構築基礎
家庭・SOHO環境を対象としたIPv6ネットワーク構築法の解説

•主なトピック
– IPv6インターネットへの対外接続の確保
– IPv6アドレス割り当てとデフォルトルータの配布方式
– LAN内部での端末設定のアドレス設定
– デュアルスタックネットワーク
– 家庭・SOHO環境でのセキュリティ

Published in: Marketing
  • Be the first to comment

  • Be the first to like this

Ipv6 shared SOHO connect

  1. 1. © 2014NTT Information Sharing HOSTERS合同会社 改編 IPv6 IPv6 NTT 先生
  2. 2. 2 • – SOHO IPv6 • – IPv6 – IPv6 – LAN – – SOHO
  3. 3. HGW IPv6 3 IPv6 IPv6 IPv6 IPv6 IPv6
  4. 4. IPv6 IPv6 IPv6 IPv6 2 • IPv6 • IPv6 1 2 •hop limit -1 •FW IP • GW IPv6 LAN IF •IPv6 • L2 • GW MA C 2 4
  5. 5. • – SOHO IPv6 • – IPv6 – IPv6 – LAN – – SOHO • RT58i • DHCPv6• SOHO IPv6 HGW 5
  6. 6. IPv6 6
  7. 7. IPv6 ISP •IPv4 –2010 11 15 13 64 http://www.kokatsu.jp/blog/ipv4/data/ipv6service-list.html 7
  8. 8. IPv6 IPv4 • ISP IPv4 • •OCN OCN IPv6 •IIJ IPv6 •Yahoo!BB IPv6 •HGW, IPv4 •IPv6 HGW IPv6 over IPv4 HGW IPv6 IPv6 IPv6 •IPv4 IPv6 8 IPv 6 IPv4パケット
  9. 9. IPv6 Windows 7 IPv4 Internet L2TP over UDP IPv6 Internet HGW •OCN • IPv4 • – /64 – /64 •Windows XP, Vista, 7 DHCPv6-PD RA PPP+IPV6CP IPv6 OCN IPv6 UDPv4 NAT 9
  10. 10. •IIJ • IPv4 •/64 IIJ IPv6 IPv6 IPv4 Internet PPTP RA DNS DHCPv6 PPP+IPV6CP IPv6 IPv6 Internet HGW NAT PPTP Windows 7 10
  11. 11. •Yahoo!BB •6rd IPv6 over IPv4 –6to4 ISP •HGW HGW •IPv4 HGW Yahoo!BB IPv6 IPv6 IPv4 Internet IPv6 over IPv4 RA IPv6 Internet HGW IPv4 IPv6 IPv4 Windows 7 11
  12. 12. 6to4 6to4 6to4 IIPPvv44 IPv6 2002:c000:0201::XXXX IPv6192.0.2.1 192.0.2.1 • • •IPv4 •RFC3056 Win, Mac, UNIX, •Windows Vista, 7 • • •IPv4 IPv6 6to4 192.88.99.1 • 12
  13. 13. Tokyo6to4 • JPIX 6to4 •IPv6 http://www.tokyo6to4.net/ 13
  14. 14. 6to4 IPv4 IPv6 6to4 IPv6 IPv4: 192.168.0.0/24 IPv4 GLOBAL: 192.0.2.1 192.0.2.1 6to4 IPv4 IPv6 IPv6 RA 2002:c000:0201::/64 • WZR- AMPG300NH• AirMac Exterm, AirMac Express IPv6: 2002:c000:0201::XXXX/64 14
  15. 15. NAT Teredo 1 Teredo Teredo IPv4 IPv6 IPv6192.0.2.1 NA T HGW IPv6 123.0.1.2 15 • •6to4 •IPv6 IPv4 •NAT IPv4 •Symmetric NAT •Windows Vista, 7 • • •IPv6
  16. 16. NAT Teredo 2 Teredo Teredo IPv4 IPv6 2001:0000:[ IPv4 ]:[ ]:[ ]:[ IPv4 ] 123.0.1.2 NAT 192.0.2.1 IPv6192.0.2.1 32 16 16 32 IPv6 ICMPv6 echo reply Teredo 123.0.1.2 ICMPv6 echo request 16 IPv6
  17. 17. 17 • feel6 (DTCP) - http://start.feel6.jp/ – /48 – /48 – Windows, Mac OS, Linux OS – RT – NAT 41 •Hexago freenet6 (TSP) – http://www.gogo6.com/ – – GPL – NAT –
  18. 18. NGN IPv6 IPv6IPv6 NGN IPv6 IPv6 ISP-B HGW IPv6 ISP-A IPv6 ISP-C HGW ● ISP-A ● ISP-B ● ISP-C ISP ISP SO ISP ISP-C Internet ISP IPv6 NGN ISP 18
  19. 19. NGN IPv6 IPv6 NGN IPv6 ISP HGW IPv6 IPv6 PPP IPv6 IPv6 ISP IPv6 NGN IPv6 NAT NAT66 ISP NGN IPv6 WAN I/F 19
  20. 20. IPv6 20 ISP SOHO IPv6
  21. 21. IPv6 (2) •ISP RA, DHCPv6 • IPv6 (1) •IPv6 •IPv6 • 21 IPv6 ::/0 → [ ] IPv6LAN IPv6 2001:db8::/48
  22. 22. IPv6 delegation 2001:db8:a::/48 WAN I/F LAN 2001:db8:a::1 2001:db8:a::/64 IPv6 IPv6 128 IPv6 2001:db8:a::1234 IPv6 DHCPv 6 DHCPv6-PD Prefix Delegation I/F 64 IPv6 2001:db8:a::/64 R A MAC 64 IPv6 ( 64 ) 2001:db8:a::[mEUI64] 22 2001:db8:a::1234
  23. 23. LAN 23 HGW IPv6 LAN
  24. 24. SOHO LAN IPv6 OS Windows Vista, 7 •IPv6 •IPv6 • •DNS •RA, DHCPv6 IPv6 IPv6 Network 24 DNS
  25. 25. IPv4 IPv6 IPv4 IPv4 DNS IPv4 Network DHCPv 4 IPv6 DNS IPv6 IPv6 Network 25 DHCPv 6 RA
  26. 26. DHCPv4 DHCPv6 •IPv4 • • •DNS • NTP, SIP • MAC •IPv6 • • •DNS • NTP, SIP • DUID DHCPv6 Router Advertisement RA DHCPv 4 26 DHCPv 6
  27. 27. DHCPv6 RA 27 •Router Advertisement RA – •⇒ RA – prefix information option •⇒ RA –DNS RA •⇒ DHCPv6 RA : M/O flags Managed/Other M O OFF ON RA, DHCPv6 ON ON DHCPv6
  28. 28. stateless-DHCPv6 RFC3736 • • DNS, SIP, NTP • INFORMATION- REQUEST REPLAY DNS, SIP, NTP,… 28
  29. 29. IPv4 IPv6 IPv4 GW RA ※RA DNS Option DHCPv6 GW Option IPv4 DNS IPv4 Network DHCPv 4 IPv6 DNS IPv6 IPv6 Network DHCPv 6 RA IPv6 RA DHCPv6 • GW RA DNS DHCPv6 • DNS DHCPv6 IPv4 DHCPv4 29
  30. 30. 30 IPv6 IPv4
  31. 31. 31 • –IPv4 IPv6 • –IPv4 IPv6 • –IPv4 IPv6 IPv4 IPv6 • –IPv4 IPv6 •IPv4 IPv6 •IPv6 OS IPv4 IPv6 –Windows, Mac, Linux, UNIX
  32. 32. IPv4 IPv6 IPv4 DNS IPv6 DNS IPv4/IPv6 IPv4 Network IPv6 Network DHCPv 4 DHCPv 6 RA IPv6 IPv6 DNS IPv4 IPv4 Network IPv6 Network DHCPv 6 RA IPv4 IPv6 IPv6 DHCPv 4 IPv4 IPv4 DNS 1 IPv4/IPv6 2 IPv4/IPv6 IPv4/IPv6 32
  33. 33. • IPv4 IPv6 – IPv6 IPv4 • ※ RFC3484• – IPv6 IPv4 • IPv6 IPv4 IPv4 Network IPv6 Network 33
  34. 34. SOHO 34
  35. 35. IPv4 NAT IPv6 (*) Stateful Packet Inspection IPv4 NAT IPv6 IPv6 Internet IPv4 IPv6 SPI(*) IPv4 Internet 123.123.123.123 192.168.0.0/24 2001:db8::1234 IPv4 NAT RFC4864 Local Network Protection for IPv6 35
  36. 36. 36 • 不 –IPv4 IPv6 • IPv4/IPv6 ⇒IPv4 IPv6 IPv6 ICMP –ICMPv6 Type2 PMTUD • –6to4, Teredo •Windows Vista/7 IPv6 ⇒ [ ] LAN IPv4 – 41 IPv6 over IPv4 , 6to4
  37. 37. Windows Vista, 7 RA o ON IPv6 IPv4, IPv6 DHCPv6 DNS – IPv6/IPv4 IPv6 Google www.google.com IPv4 stateless DHCPv6 IPv6 DNS RA DHCPv6 IPv6 DNS 37
  38. 38. 最後までお付き合い頂きありがとうございま した 次回は Windows Azure Cloud Linux Deployment service の概要をお楽しみに。
  39. 39. RT58i 39
  40. 40. RT58i 1 • – IPv6 over IPv4 •192.0.2.1 ⇔ 192.0.2.254 – 2001:db8::/48 • – 2001:db8::/64 RT58i IPv6 over IPv4 IPv6 192.0.2.254 IPv6 I/F tunnel 1 I/F lan1 RA 2001:db8::/64 192.0.2.1 # IPv6 ON ipv6 routing on 40 # tunnel select 1 encapsulation ipip endpoint address 192.0.2.1 192.0.2.254 tunnel enable 1 # ipv6 route default gateway tunnel 1 # LAN ipv6 ipv6 ipv6 lan1 address 2001:db8::1/64 prefix 1 2001:db8::/64 lan1 rtadv send 1 o_flag=on ::1
  41. 41. RT58i 2 RT58i I/F tunnel 1 I/F lan1 WAN IPv4 IPv6 over IPv4 WAN I/F IPv4 IPv6 192.0.2.254 # IPv6 ON ipv6 routing on IPv6 41 © 2010 NTT Information Sharing Platform # # LAN – tunnel select 1 encapsulation ipip endpoint address 192.168.0.1 192.0.2.254 tunnel enable 1 # ipv6 route default gateway tunnel 1 # LAN ipv6 ipv6 ipv6 lan1 address 2001:db8::1/64 prefix 1 2001:db8::/64 lan1 rtadv send 1 o_flag=on # NAT nat descriptor type 1 masquerade nat descriptor masquerade static 1 1 192.168.0.1 ipv6 * pp select 1 ip pp nat descriptor 1 IPv4: 192.168.0.1 IPv6: 2001:db8::1
  42. 42. RT58i 3 RT58i I/F tunnel 1 I/F lan1 DTCP IPv6 DTCP 192.0.2.254 # IPv6 ON ipv6 routing on # DTCP – feel6 tunnel select 1 tunnel dtcp dtcp.feel6.jp myname USERID PASSWORD tunnel enable 1 # ipv6 route default gateway tunnel 1 # LAN ipv6 ipv6 ipv6 lan1 address dtcp-prefix@tunnel1::1/64 prefix 1 dtcp-prefix@tunnel1::/64 lan1 rtadv send 1 o_flag=on # ipv6 filter 1 reject dtcp-prefix@tunnel1::/64 * ipv6 filter 2 pass RA: DTCP IPv6 * dtcp-prefix@tunnel1::1 * tcp * www 42 © 2010 NTT Information Sharing Platform
  43. 43. RT58i 4 RT58i RA-proxy IPv6 IPv6 IPv6 fe80::1234 native Ethernet I/F lan2 I/F lan1 # IPv6 ON ipv6 routing on # ipv6 route default gateway tunnel 1 # LAN ipv6 ipv6 ipv6 lan1 address ra-prefix@lan2::1/64 prefix 1 ra-prefix@lan2::/64 lan1 rtadv send 1 # RA-Proxy # IPv6 # filter 1 reject ra-prefix@lan2::/64 * filter 2 pass * ra-prefix@lan2::1 * tcp * www ipv6 ipv6 RA: RA RA: 2001:db8::/64 43 © 2010 NTT Information Sharing Platform
  44. 44. DHCPv6 44 © 2010 NTT Information Sharing Platform
  45. 45. DHCPv6 IPv6 RA: RA Windows Vista, 7 DHCPv6 O ON Linux/BSD DHCPv6 I/F eth0 option domain-name-servers 2001:db8::53; option domain-name “example.jp"; dhcp6s.confWIDE-DHCPv6 http://sourceforge.jp/projects/sfnet_wide-dhcpv6/ # dhcp6s -c dhcp6s.conf eth0 DHCPv6 Windows Vista C:¥> ipconfig /renew6 C:¥> ipconfig /all : DNS . : example.jp 45 © 2010 NTT Information Sharing Platform Laboratories DHCP ............. ........... IPv6 ........... : : : 2001:db8::XXXX( ) ...... : fe80::XXXX%1DHCPv6 IAID .......... DHCPv6 DUID . : 268869872 : 00-01-00-01-11-62-4C -59-00-1C-25-9F-8C-39 : 2001:db8::53DNS ........... DHCPv6
  46. 46. SOHO IPv6 46 © 2010 NTT Information Sharing Platform
  47. 47. SOHO IPv6 SOHO IPv6 NEC IPv6 IPsec, VRRP, QoS 6 UNIVERGE IX2005 IPsec, VRRP, IEEE802.1x 6 CentreCOM AR415S VPN IPv6 , SPI NetVolante RT58i DTCP, RA proxy NTT Win Vista Premium 6to4 IPv6 1 2 WZR-AMPG300NH AirMac Extreme, 6to4 IPv6 16,800 AirMac Express Extreme 9,800 TimeCapsule 29,800

×