IPv6 is the successor to IPv4 and provides a vastly larger 128-bit address space. It features stateless address autoconfiguration, no need for NAT, and built-in IPsec support. The document provides details on IPv6 addressing and headers, neighbor discovery, autoconfiguration, extensions, tools, and RFCs.
Presentation from Asterisk conference on designing a High Availability Asterisk cluster. Covers the current state of HA, available open source products vs closed source, VoIP service continuity, synchronization of configuration, etc.
Presentation from Asterisk conference on designing a High Availability Asterisk cluster. Covers the current state of HA, available open source products vs closed source, VoIP service continuity, synchronization of configuration, etc.
Protecting Intellectual Property and Data Loss Prevention (DLP)Arpin Consulting
Protecting Intellectual Property and Data Loss Prevention (DLP) – what makes your business unique, different, valuable, and attracts clients and customers - presented at the Boston Business Alliance 9/23/09
This presentation contain basic knowledge about how voIP work and what are the security threat in voIP. It will also contain how we can prevent attack on voIP system.
Enabling multimedia services on wireless networks is a great idea nowadays, especially given the user demand. But it takes more access points to install, proactive planning for application level performance requirements and multimedia aware RF management functions. Join us to learn about multimedia application behavior and how you can get your wireless network ready.
To learn more, visit us at http://www.arubanetworks.com/wlan. Join the discussion at https://community.arubanetworks.com
در این کتاب چه میخوانیم :
• ضرورت استفاده از Siem و بخش soc , noc
• بررسی عنوان IDS و IPS ها
• معماری ossec
• معماری wazuh
• نصب ossec
• نحوه مهاجرت از ossec به Wazuh
• نصب آفلاین wazuh
• ویژگیهای wazuh و امکانات آن
Protecting Intellectual Property and Data Loss Prevention (DLP)Arpin Consulting
Protecting Intellectual Property and Data Loss Prevention (DLP) – what makes your business unique, different, valuable, and attracts clients and customers - presented at the Boston Business Alliance 9/23/09
This presentation contain basic knowledge about how voIP work and what are the security threat in voIP. It will also contain how we can prevent attack on voIP system.
Enabling multimedia services on wireless networks is a great idea nowadays, especially given the user demand. But it takes more access points to install, proactive planning for application level performance requirements and multimedia aware RF management functions. Join us to learn about multimedia application behavior and how you can get your wireless network ready.
To learn more, visit us at http://www.arubanetworks.com/wlan. Join the discussion at https://community.arubanetworks.com
در این کتاب چه میخوانیم :
• ضرورت استفاده از Siem و بخش soc , noc
• بررسی عنوان IDS و IPS ها
• معماری ossec
• معماری wazuh
• نصب ossec
• نحوه مهاجرت از ossec به Wazuh
• نصب آفلاین wazuh
• ویژگیهای wazuh و امکانات آن
Radio over IP (RoIP) is a technology that has emerged over the last 10 years and has provided a powerful and flexible mechanism for linking radios and dispatch consoles. RoIP has some inherent limitations and numerous technical challenges. This workshop will provide an overview of the technology, the key standards and some of the technical issues.
The workshop will cover on the following issues:
- The difference between RoIP and VoIP — how radio systems differ from phone systems
- Implementing one-to-one connections
- Implementing many-to-many connections
- Risk management: identifying network issues affecting RoIP/VoIP quality, maintenance and redundancy
- Design elements: building blocks; calculating network bandwidth requirements
The implications of RoIP for dispatch consoles will be also be discussed: how dispatch console to radio connections can be implemented with RoIP and how RoIP can be used to provide fault-tolerant dispatch architectures.
Finally, the workshop will look at the impact of new technologies such as IPv6, wireless broadband and the switch to digital radio on the RoIP landscape.
Paul Whitfield, Team Leader: Software Engineering, Omnitronics
LTE network: How it all comes together architecture technical posterDavid Swift
Mobile network operators that want to deploy LTE now want to do so on their own terms. They want to roll out ultrafast mobile broadband safe in the knowledge that one vendor’s solution will work efficiently with another, while delivering the high level of service that subscribers expect. A standards-based network will ensure the goal is met and help drive down cost for operators, but understanding how to pull it all together can be a challenge. So how does it all come together?
The “Hands on Experience with IPv6 Routing and Services” Techtorial will provide attendees an opportunity to configure, troubleshoot, design and implement an IPv6 network using IPv6 technologies and features such as: IPv6 addressing, IPv6 neighbor discovery, HSRPv6, static routing, OSPFv3, EIGRPv6 and BGPv6. You will be provided with a scenario made up of an IPv4 network where you will get the opportunity to configure and implement IPv6 based on the requirements on the network, i.e., where would you deploy dual stack, where it make sense to do funneling and how to deploy IPv6 routing protocols without impacting your existing Network infrastructure.
This session will provide a quick review of the methodology of early dispatch systems connected to radio, telephone and other resources via circuit switched interfaces such as 4WE&M, 2W analogue etc., and their restricted backhaul capabilities, leading on to the 'stand-alone' RoIP boxes that allowed 4W E&M to be converted to IP and recovered at the other end allowing backhaul via more flexible IP networks.
The next technology is dispatch systems with native IP connectivity allowing the most flexible and functional interfaces between the dispatch system and its connected resources. While some manufacturers equipment uses proprietary IP messaging, most prefer and use open standards such as P25 CSSI (console sub system interface), DFSI (digital fixed system interface) and ISSI (inter sub system interface) or the emerging DMR AIS which ensures that different vendors equipment can interoperate with each other via these interfaces. Open standards provide end users with greatly improved competitive choice and functional capability on these systems.
The session will explore examples of IP interfaces for voice dispatch systems and the functions supported, plus give a background on how these apply to many different technologies and can even be adapted for conventional radio applications:
The workshop will cover on the following issues:
- The difference between RoIP and VoIP - how radio systems differ from phone systems
- Implementing one-to-one connections
- Implementing many-to-many connection
- Risk management: Identifying network issues affecting RoIP/VoIP quality; maintenance; and redundancy
- Design elements :- building blocks; calculating network bandwidth requirements
The implications of RoIP for dispatch consoles will be also be discussed: how dispatch console to radio connections can be implemented with RoIP and how RoIP can be used to provide fault tolerant dispatch architectures.
Finally the workshop will look at the impact of new technologies such as IPv6, Wireless Broadband and the switch to Digital Radio on the RoIP landscape.
Les Scott, Manager, System Sales, Zetron
Overview of IPv6 protocol along with various transition scenarios for the migration from IPv4 to IPv6
IPv6 is the current and future Internet Protocol standard. As anticipated, IPv4 addresses became exhausted around 2012.
The IP address scarcity is the main driver for IPv6 protocol adoption.
IPv6 defines a much larger address space that should be sufficient for the foreseeable future, even taking into account Internet of Things scenarios with zillions of small devices connected to the Internet.
IPv6 is, however, much more than simply an expansion of the address space. IPv6 defines a clean address architecture with globally aggregatable addresses thus reducing routing table sizes in Internet routers.
IPv6 extension headers provide a standard mechanism for stacking protocols such as IP, IPSec, routing headers and upper layer headers such as TCP.
ICMP (Internet Control Message Protocol) is already defined for IPv4. ICMP was totally revamped for IPv6 and as ICMPv6 provides common functions like IP address and prefix assignment.
Lack of business drivers for migrating to IPv6 is responsible for sluggish adoption of IPv6 in carrier and enterprise networks.
Numerous transition mechanisms were developed to ease the transition from IPv4 to IPv6. Many of these mechanisms are complex and difficult to administer.
The transition mechanisms can be coarsely classified into dual-stack, tunneling and translation mechanisms.
As tech professionals, what we need is a way to work better so that we can create more, right? Through exploring various concepts and approaches, including the neuroscience of creativity, productivity techniques, and emerging practices that spur innovation, we'll discover not only the ways in which our brains work best, but also what’s behind the times when we feel on fire with creativity and when we don't. We’ll translate this information into processes and techniques for dramatically enhanced creative productivity. Beware: this session challenges the standard norms around concentration, focus, productivity, and may change how you work…for the better.
Internet Protocol version 6 (IPv6) is what you are going to discover onwards. Here, you will get format, features and related required information of IPv6 addresses and its related protocols.
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...Louis Göhl
Take a sprinkling of Windows 7, add Windows Server 2008 R2, IPv6 and IPsec and you have a solution that will allow direct access to your corporate network without the need for VPNs. Come to these demo-rich sessions and learn how to integrate DirectAccess into your environment. In Part 1 learn about IPv6 addressing, host configuration and transitioning technologies including 6to4, ISATAP, Teredo and IPHTTPS. Through a series of demos learn how to build an IPv6 Network and interoperate with IPv4 networks and hosts. In Part 2 we add the details of IPSec, and components that are only available with Windows 7 and Windows Server 2008 R2 to build the DirectAccess infrastructure. Learn how to control access to corporate resources and manage Internet connected PCs through group policy. Part 1 is highly recommended as a prerequisite for Part 2.
IPv6 Community Event: IPv6 Protocol ArchitectureAPNIC
APNIC Training Delivery Manager Terry Sweetser gives a technical overview of IPv6 at the IPv6 Community Event, held on 8 June 2023 in Nuku'alofa, Tonga.
Your app lives on the network - networking for web developersWim Godden
Our job might be to build web applications, but we can't build apps that rely on networking if we don't know how these networks and the big network that connects them all (this thing called the Internet) actually work.
I'll walk through the basics of networking, then dive a lot deeper (from TCP/UDP to IPv4/6, source/destination ports, sockets, DNS and even BGP).
Prepare for an eye-opener when you realize how much a typical app relies on all of these (and many more) working flawlessly... and how you can prepare your app for failure in the chain.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Ipv6 cheat sheet
1. Internet Protocol Version 6 (IPv6) Basics Cheat Sheet
by Jens Roesen
IPv6 quick facts
successor of IPv4 • 128-bit long addresses • that's 296
times the IPv4 address space • that's 2128
or 3.4x1038
or over 340
undecillion IPs overall • customer usually gets a /64 subnet, which yields 4 billion times the Ipv4 address space • no
need for network address translation (NAT) any more • no broadcasts any more • no ARP • stateless address
configuration without DHCP • improved multicast • easy IP renumbering • minimum MTU size 1280 • mobile IPv6 •
mandatory IPsec support • fixed IPv6 header size of 40 bytes • extension headers • jumbograms up to 4 GiB
IPv6 & ICMPv6 Headers
IPv6 header
0 8 16 24 32
version traffic class flow label
payload length next header hop limit
source IPv6 address
destination IPv6 address
Version (4 bits): IP version. Always 6.
Traffic class (8 bits): Used for QoS. Like the TOS field in IPv4. RFC 2474.
Flow label (20 bits): Used for packet labelling, End-to-end QoS. RFC 6437.
Payload length (16 bits): Length of the payload following the header in bytes. Limits packet size to 64 KB.
Next header (8 bits): Code for the following extension header or UL protocol. Like protocol type field in IPv4.
Hop limit (8 bits): Number of hops until the packet gets discarded. TTL in IPv4.
Source address (128 bit): IPv6 source address.
Destination address (128 bits): IPv6 destination address.
ICMPv6 header
0 8 16 24 32
ICMPv6 type ICMPv6 code ICMPv6 checksum
ICMPv6 data
ICMP type (8 bits): Error messages have a 0 high-order-bit (types 0 to 127), info messages have a 1 high-order-bit
(types 128 to 255).
ICMP code (8 bits): Further specifies the kind of message along with the type. F.i. type 1 code 4 is “destination port
unreachable”.
ICMP checksum (16 bits): Checksum to prevent data corruption.
IPv6 Extension Headers (RFC 2460 and it's updates)
Because of the IPv6 header simplification and fixed size of 40 bytes
(compared to the IPv4 header with more fields and options and 20 to 60
bytes in size) additional IP options were moved from the main IPv6 header
into additional headers. These extension headers (EH) will be appended to
the main header as needed. The first 8 bit of each EH identify the next
header (another EH or upper layer protocol) following. Only the hop-by-hop
header must be examined by every node on the path and, if present, it
must be the first header following the main IPv6 header. Every EH must only
occur once, only the destination options EH may occur twice - before a
routing EH and before the upper layer header.
IPv6 Addresses
2001:0db8:0f61:a1ff:0000:0000:0000:0080
IPv6 addresses are written in hexadecimal and divided into eight pairs of two byte blocks, each containing four hex
digits. Addresses can be shortened by skipping leading zeros in each block. This would shorten our example address to
2001:db8:f61:a1ff:0:0:0:80. Additionally, once per IPv6 IP, we can replace consecutive blocks of zeros with a
double colon: 2001:db8:f61:a1ff::80.
The 64-bit interface ID can/should be in modified EUI-64 format. A
48-bit MAC can be transformed to an 64-bit interface ID by
inverting the 7th
(universal) bit and inserting a ff and fe byte after
the 3rd
byte. So the MAC 00:03:ba:24:a9:c6 becomes
0203:baff:fe24:a9c6. See RFC 4291 Appendix A and RFC 4941.
IPv6 Address Scopes
::/128 unspecified address
::1/128 localhost
fe80::/10 link local scope
fec0::/10 site local scope, intended as RFC 1918 successor, deprecated in RFC 3879
fc00::/7 unique local unicast scope, RFC 4193, divided into:
fc00::/8 centrally assigned by unknown (see http://bit.ly/IETFfc00), routed within a site
fd00::/8 free for all, global ID must be generated randomly, routed within a site
ff00::/8 multicast scope, after the prefix ff there are 4 bits for flags (0RPT) and 4 bits for the scope
::/96 IPv4-compatible IPv6 address, example: ::192.168.1.2, deprecated with RFC 4291
::ffff:0:0/96 IPv4-mapped IPv6 address, example: ::ffff:192.168.2.1, see RFC 4038
2000::/3 global unicast scope, divided into:
2001::/16 /32 subnets assigned to providers, they assign /48, /56 or /64 to the customer
2001::/32 Global Teredo IPv6 Service Prefix.
2001:db8::/32 Reserved for use in documentation. See RFC 3849.
2001:678::/29 Provider Independent (PI) space and anycasting TLD nameservers (f.i. 2001:678:2::/48 for DENIC)
2002::/16 6to4 scope, 2002:c058:6301:: is the 6to4 public router anycast (RFC 3068)
3ffe::/16 6Bone scope, returned to IANA with RFC 3701, you should not see these
64:ff9b::/96 prefix used for representing IPv4 addresses in the IPv6 address space, see RFC 6052
Well Known Multicast Addresses (T-Flag = 0) Multicast Scopes
ff0X::1 all nodes address (scopes 1 and 2) 1 Interface-local 5 Site-local
ff0X::2 all routers address (scopes 1, 2 and 5) 2 Link-local 8 Organization-Local
ff05::1:3 all site-local DHCP servers 3 Admin-local e Global
ff02::9 all link-local RIP routers ← A “X” in the prefix is a place holder for the scope ↑
ff02::1:ff/104 solicited-node address, the 24 low-order bits are equal to the interfaces IP 24 low-order bits
ff02::1:2 all link-local DHCP relay agents and servers
ff0X::fb Multicast Domain Name Service v6 (all scopes)
ff0X::101 Network Time Protocol (all scopes)
IPv6 Header NH 0
Hop-by-Hop Options (0) NH 60
Destination Options (60) NH 43
Routing Header(43) NH 44
Fragment Header(44) NH 51
Authentication Header (51) NH 50
ESP Header (50) NH 60
Destination Options (60) NH 6
TCP Header (6)
MAC 00 03 ba 24 a9 6c
EUI-64 02 03 ba ff fe 24 a9 6c
subnet prefix /64
interface ID
global routing prefix subnet ID
/32 – minimum allocation size, 65536 /48 subscriber sites, allocated to ISPs
/64 – lan segment, 18,446,744,073,709,551,616 v6 IPs
/48 – subscriber site, 65536 /64 lan segments
orderassuggestedinRFC2460
2. Neighbor Discovery (ND): Neighbor Solicitation (NS) and Neighbor Advertisement (NA)
Neighbor Solicitation (ICMPv6 type 135) messages are sent to determine the link-layer address of a neighbor
(multicasts) or to verify that a neighbor is still reachable (unicasts).
In the example above node 2001:db8::1 wants to reach 2001:db8::2 but does not know the link-layer address of
2001:db8::2. So it sends a NS packet to the solicited-node multicast address of 2001:db8::2
(ff02::1:ff00:0/104 followed by the last 24 bits of the interface ID) along with its own link-layer address and
receives a NA (ICMPv6 type 136) packet with the targets link-layer address.
Duplicate Address Detection (DAD): To perform DAD the NS message is sent with the unspecified source IP :: and to
the solicited-node multicast address of the IP which should be configured. If there is already a node using this desired
IP it will answer with a NA packet sent to the all-node multicast address ff02::1.
Neighbor Discovery (ND): Router Solicitation (RS) and Router Advertisement (RA)
Router Solicitation (RS) packets are sent in order to receive a Router Advertisement (RA) message independently from
the periodically sent RAs. This is typical during stateless address autoconfiguration after successful DAD. The source IP
used for the RS message can be :: or the link-local IP for this interface.
After receiving the RS message a router sends a RA message to the all-nodes multicast address. The RA message
contains, amongst others, information about the router lifetime (time in seconds the router expects to be a default
router), all available prefixes and their preferred (pltime) and valid (vltime) lifetimes. When pltime reaches zero the
address becomes deprecated and should not be used for new connections. When the vltime reaches zero the address
becomes invalid.
Stateless Address Autoconfiguration (RFC 4862) and Stateful Autoconfiguration DHCPv6 (RFC 3315)
Stateless Address Autoconfiguration (SLAAC) comes in handy when it's not important which exact address a node
uses as long as it's properly routable. SLAAC uses mechanisms of Neighbor Discovery.
Steps taken during SLAAC presuming there were no DAD errors along the way: forming a link-local address → DAD for
the link-local address → activating the link-local address and sending RS message(s) to ff02::2 → forming a global
address for each received prefix within an RA message with set "autonomous address-configuration flag" → DAD for
each tentative global address → addresses become valid and preferred (for pltime > 0). See RFC 6106 for DNS
configuration options advertising via RAs.
DHCPv6 can assign IPs and additional information like DNS/NTP Servers. A client sends a SOLICIT message (type 1) to
the All_DHCP_Relay_Agents_and_Servers multicast IP ff02::1:2. Servers answer with a ADVERTISE message (2). The
client chooses a server, sends a REQUEST message (3) and receives a REPLY message (7) with configuration options.
DAD has to be performed for every address received! Alternatively, and in coexistence with SLAAC, DHCPv6 can only
provide clients with additional information like DNS and NTP servers. The client sends a INFORMATION-REQUEST
message (11) and receives the options in a REPLY message (7). See RFC 3315 for detailed description of DHCPv6
messages and options.
Connect to IPv6 IPs on the Command Line or in a Browser
CLI # ssh '2001:db8:dead:f00d:203:baff:fe24:a9c6'
# lynx http://[2001:db8:dead:f00d:203:baff:fe24:a9c6]
# wget ftp://[2001:db8:dead:f00d:203:baff:fe24:a9c6]
Browser http://[2001:db8:dead:f00d:203:baff:fe24:a9c6]
IPv6 and DNS (RFC 3596)
The IPv6 equivalent to the IPv4 A Resource Record is the AAAA RR. No big difference there. The A6 RR with additional
fields for prefix length and prefix name defined in RFC 2874 was declared experimental in favour of AAAA RRs. See RFC
3363 and 3364 for more information and discussion.
Reverse delegation is written in nibble format with the new domain IP6.ARPA. So 2001:db8::2 becomes
2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa.. The shorter
bitstring/bitlabel format (RFC 2672 and 2673) was later discarded but may be still used by older resolvers (BIND > 8.3
and < 9.2.3). The tool ipv6calc helps with the conversion!
The host command will look for both A and AAAA records, using dig you have to explicitly ask for AAAA records (dig
host.example.com aaaa). Reverse lookups as usual can be done using host without further switches (host
2001:db8::1) or with dig using the -x switch (dig -x 2001:db8::1).
Linux IPv6 Interface Configuration examples (Steps might slightly differ between distributions)
Manual configuration: You can temporarily configure an IPv6 address with the ifconfig or ip command:
# ifconfig eth0 inet6 add 2001:db8::2/64
# ip addr add 2001:db8::2/64 dev eth0
Add a default route
# route -A inet6 add default 2001:db8::1
# ip -6 route add default via 2001:db8::1
To check the configuration use ifconfig eth0 or ip -6 addr show eth0 respectively route -A inet6 or ip
-6 route show. For making the changes permanent you'll have to edit the config files specific for your distribution.
Automatic configuration using SLAAC: Just having IPv6 enabled and IPv4 configured on the interface should normally
do the trick.
SLAAC with privacy extensions (RFC 4941): To deal with security and privacy concerns regarding EUI-64 interface IDs
enable and prefer temporary addresses over other public addresses with:
# sudo sysctl net.ipv6.conf.all.use_tempaddr = 2
# sudo sysctl net.ipv6.conf.all.use_tempaddr=2
To make these settings boot proof put them into /etc/sysctl.conf.
Change valid and preferred lifetime of temporary addresses by editing net.ipv6.conf.all.temp_valid_lft and
net.ipv6.conf.all.temp_prefered_lft. Defaults are 604800 (7d) and 86400 (1d) seconds.
*NIX IPv6 Console Tools
ping6 IPv6 version of ping. Solaris ping supports IPv6 out of the box.
traceroute6
tracepath6
IPv6 versions of traceroute and tracepath. Also try mtr -6.
ip -6 Configure or view interfaces, routes, ND, list neighbors, multicasts.... on linux
ipv6calc Powerful tool for all sorts of conversions and information gathering. See
http://www.deepspace6.net/projects/ipv6calc.html
tcpdump ip6
snoop inet6
Packet sniffing tools with IPv6 options. Also works with options like icmp6.
IPv6 RFCs (available at http://tools.ietf.org/html/rfc<RFC number>)
RFC 2460 IPv6 Specifications RFC 4193 Unique Local IPv6 Unicast Addresses
RFC 4291 IPv6 Addressing Architectures RFC 2375 IPv6 Multicast Address Assignments
RFC 4861 IPv6 Neighbor Discovery RFC 3849 IPv6 Address Prefix For Documentation
RFC 4862 IPv6 Stateless Address Configuration RFC 4941 Privacy Extensions for SLAAC in IPv6
RFC 1981 Path MTU Discovery for IPv6 RFC 6147 DNS64 – DNS Extensions for NAT64
RFC 3596 DNS Extensions to Support IP Version 6 RFC 6146 Stateful NAT64
RFC 4443 ICMPv6 for IPv6 RFC 6434 IPv6 Node Requirements
RFC 3587 IPv6 Global Unicast Address Format RFC 6540 IPv6 Support Required for All IP-Capable Nodes
2001:db8::1 → ff02::1:ff00:2 (destination IP is the destinations solicited-node multicast address)
ICMPv6 type 135, target 2001:db8::2, option 1 (source link-layer addr) 00:03:ba:24:a9:6c
2001:db8::2 → 2001:db8::1, ICMPv6 type 136, Flags: S
target 2001:db8::2, option 2 (target link-layer) 00:03:ba:2e:02:c1
INITIATOR
TARGET
:: or fe80::203:baff:fe24:a96c → ff02::2, ICMPv6 type 133 (RS)
option 1 (source link-layer) 00:03:ba:24:a9:6c (only when source IP is not ::)
fe80::21e:79ff:fe1e:f000 → ff02::1, ICMPv6 type 134 (RA), lifetime 1800s
option 2, option 3 (prefix information) 2001:db8::/64, pltime = 7d, vltime = 30d
NODE
ROUTER
or
or
all = for all (current) interfaces
default = for new interfaces
eth0, wlan0, enp3s0 usw = specific interface