1 IPv6 Exercises

APNIC Training


IPv6 Tutorial Exercises





Students Manual
















April 9-11, 2007
Dhaka, Bangladesh



2 IPv6 Exercises








Contents




Exercise 1 : IPv6 Host Configuration

Exercise 2 : IPv6 Subnetting

Exercise 3 : IOS Introduction

Exercise 4 : IPv6 IX Topology

Exercise 5 : IPv6 Tunnelling Topology







3 IPv6 Exercises



Exercise 1

IPv6 Host Configuration

In the following exercise you will configure IPv6 as the default configuration on your
pc.

You will be able to verify your configuration by pinging other IPv6 enabled machines
in a peer to peer IPv6 network


About IPv6 Autoconfiguration

In IPv4 dynamic address configuration is achieved through the use of DHCP
(Dynamic Host Configuration Protocol) which allows the host machine to obtain an
IPv4 address as well as other information required for network connectivity and
operation (eg default routers, WINS Server for Windows and the DNS ( Domain
Name System) server address.

IPv6 supports a similar protocol called DHCPv6. There are though still issues in this
implementation and it is therefore not currently widely used.

However, because IPv6 also has a stateless autoconfiguration protocol (RFC2462)
that doesnt require or rely on any DHCP server, IPv6 addresses can still be
automatically assigned. There is no need for any manual configuration on the host
machine and only limited configuration required for the routers..

4 IPv6 Exercises

Configuring IPv6 under Windows XP

Source: http://www.microsoft.com/technet/itsolutions/network/ipv6/ipv6faq.mspx

To install the IPv6 protocol for Windows XP with SP2, do the following:

1. Log on to the computer with a user account that has privileges to change the
network configuration.

2. Click Start, click Control Panel, and then double-click Network
Connections.

3. Right-click any local area connection, and then click Properties.

4. Click Install.

5. In the Select Network Component Type, dialog box, click Protocol, and
then click Add.

6. In the Select Network Protocol dialog box, click Microsoft TCP/IP version
6, and then click OK.

7. Click Close to save changes to your network connection.

8. Alternately, from the Windows XP desktop, click Start, point to Programs,
point to Accessories, and then click Command Prompt.


9. At the command prompt, type netsh interface ipv6 install.

For Windows XP with SP1, do the following:


For step 6:

6. In the Select Network Protocol dialog box, click Microsoft IPv6 Developer
Edition, and then click OK.


For Windows XP with no service packs installed:

1. Log on to the computer running Windows XP with a user account that has
privileges to change network configuration.

2. Open a command prompt. From the Windows XP desktop, click Start, point
to Programs, point to Accessories, and then click Command Prompt.

3. At the command prompt, type ipv6 install.

5 IPv6 Exercises

Verifying your configuration

For Windows Server 2003, Windows XP with SP2, and Windows XP with SP1, you
can use the ipconfig command to view your IPv6 configuration.

For example:

c:\>ipconfig

Windows IP Configuration

Ethernet adapter Ethernet:

Connection-specific DNS Suffix . : wcoast.corp.example.com
IP Address. . . . . . . . . . . . : 157.54.139.57
Subnet Mask . . . . . . . . . . . : 255.255.252.0
IP Address. . . . . . . . . . . . : 2001:db8:8311:f282:1460:5260:c9b1:fda6
IP Address. . . . . . . . . . . . : 2001:db8:8311:f282:b973:4db8:97e2:e978
IP Address. . . . . . . . . . . . : 2001:db8:8311:f282:200:39ff:fe0e:fc35
IP Address. . . . . . . . . . . . : fec0::f282:200:39ff:fe0e:fc35%1
IP Address. . . . . . . . . . . . : fe80::200:39ff:fe0e:fc35%4

Default Gateway . . . . . . . . . : 157.54.136.1
fe80::210:ffff:fed6:58c0%4

Tunnel adapter 6to4 Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . : wcoast.corp.example.com
IP Address. . . . . . . . . . . . : 2002:9d3b:8b39::9d3b:8b39
Default Gateway . . . . . . . . . :

Tunnel adapter Automatic Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . : wcoast.corp.example.com
IP Address. . . . . . . . . . . . : fec0::f70f:0:5efe:157.54.139.57%1
IP Address. . . . . . . . . . . . : 2001:db8:8311:f70f:0:5efe:157.54.139.57
IP Address. . . . . . . . . . . . : fe80::5efe:157.54.139.57%2

Default Gateway . . . . . . . . . : fe80::5efe:157.56.253.8%2

For Windows Server 2003, Windows XP with SP2, and Windows XP with SP1, you
can also use the netsh interface ipv6 show address command to view your IPv6
addresses.

For example:

c:\> netsh interface ipv6 show address


Interface 4: Ethernet

Addr Type DAD State Valid Life Pref. Life Address

--------- ---------- ---------- ---------- -----------------------------------
Anonymous Preferred 596758 78191 2001:db8:8311:f282:1460:5260:c9b1:fda6
Anonymous Deprecated 510530 0 2001:db8:8311:f282:b973:4db8:97e2:e978
Public Preferred 2591874 604674 2001:db8:8311:f282:200:39ff:fe0e:fc35
Public Preferred 2591874 604674 fec0::f282:200:39ff:fe0e:fc35
Link Preferred 4294967295 4294967295 fe80::200:39ff:fe0e:fc35
Interface 3: 6to4 Tunneling Pseudo-Interface

Addr Type DAD State Valid Life Pref. Life Address

--------- ---------- ---------- ---------- -----------------------------------
Other Preferred 4294967295 4294967295 2002:9d3b:8b39::9d3b:8b39
6 IPv6 Exercises
Interface 2: Automatic Tunneling Pseudo-Interface
Addr Type DAD State Valid Life Pref. Life Address

--------- ---------- ---------- ---------- -----------------------------------
Public Preferred 2591700 604500 fec0::f70f:0:5efe:157.54.139.57
Public Preferred 2591700 604500 2001:db8:8311:f70f:0:5efe:157.54.139.57
Link Preferred 4294967295 4294967295 fe80::5efe:157.54.139.57
Interface 1: Loopback Pseudo-Interface

Addr Type DAD State Valid Life Pref. Life Address

--------- ---------- ---------- ---------- -----------------------------------
Loopback Preferred 4294967295 4294967295 ::1
Link Preferred 4294967295 4294967295 fe80::1




Testing your configuration using Ping.


Windows Server 2003, Windows XP with SP2, and Windows XP with SP1 include an
IPv6-enabled version of the ping.exe tool. When you ping a link-local address with
the ping.exe tool, you must include a zone identifier (ID) which specifies the interface
over which the ICMPv6 Echo Request messages are sent. For link-local addresses,
the zone ID is typically equal to the interface index, as displayed in the output of the
netsh interface ipv6 show interface command.

For site-local addresses, the zone ID is equal to the site number, as displayed in the
output of the netsh interface ipv6 show interface level=verbose command. If
multiple sites are not being used, a zone ID for site-local addresses is not required.

The zone ID is not needed when the destination is a global address.

To send ICMPv6 Echo Request messages to the link-local address
fe80::260:97ff:fe02:6ea5 using zone ID 4 (the interface index of an installed Ethernet
adapter), use the following command:

Note: the Zone id is YOUR interface index

ping fe80::260:97ff:fe02:6ea5%4



7 IPv6 Exercises
Exercise 2

IPv6 Subnetting

Subnetting an address in IPv6 is essentially no different from IPv4 subnetting (except
of course that there are more bits involved!!)

As in IPv4, it is important to think of address as a binary number when subnetting
(rather than in HEX or decimal). However, because of the complexity of the large 128
bit address, it is easier to work in 16 bit values using 4 HEX digits for notation. IPv6
address space can therefore be broken into eight columns separated by a colon :.
Each column contains a 4 HEX digit value and each HEX digit has 4 bit value (16 bits
per column which is equivalent to a 2 bytes per column.)

In the past IPv6 Global Unicast addressing used the TLA/NLA/SLA format. That
format has been replaced by a coordinated policy defined by the Regional Internet
Registry (RIRs). This new standard is the IPV6 Addressing Architecture (ARCH )
format (RRC3587).


| n bits | m bits | 128-n-m bits |
+-------------------------+-----------+----------------------------+
| global routing prefix | subnet ID | interface ID |
+-------------------------+-----------+----------------------------+


Current address allocation policy defines up to 64 bits of a global unicast address to
be reserved for the network prefix and 64 bits for the interface ID. The network ID will
include the global routing prefix (as allocated by the RIR) and the subnet IDs (as
defined by the LIR, ISP or end user network operator. An LIR or ISP allocated a /32
block by the RIR can subdivide this block into sub-allocations or end site
assignments of up to /64. This implies that the address space between the /32
allocation and the /64 is used for subnetting.



Subnetting an IPv6 Address Exercises

Given Scenario:

An ISP operator has been allocated the following IPv6 address block by APNIC

2001:00AA::/32


Scenario 1 :

This ISP has 5 downstream smaller ISP customers and needs to now sub-allocate
smaller blocks to these companies. After consideration they decide to allocate /35
blocks.

Define the address blocks (prefix and length) for the blocks the ISP allocates.
Assume the first /35 block is retained by the ISP for its own purposes.
8 IPv6 Exercises

Block Prefix/length
1
2
3
4
5
6




Scenario 2 :

The customer ISP that received the second block allocated by the ISP now needs to
assign address space to its end site customers. There are 4 such customers.

Identify the /35 block that this customer ISP holds and then define the /48 subnets
that are assigned to the end sites

ISP Block:_________________________________

Block Prefix
1
2
3
4




Scenario 3 :

One of the end sites customers now wishes to assign a series of addresses for point
to point connectivity and will use /64 assignments for this.. It needs a set of 5 such
configurations.

From the /48 that it has been assigned, determine subnetting plan you can use for
these point to point connections and then identify the appropriate of /64 subnets for
this.

block used__________________________

Block Prefix/length
1
2
3
4
5

9 IPv6 Exercises


Scenario 4

Assume one of the hosts on your network has a MAC address of 00:0d:60:89:31:9b

What will be the link local address which is generated for this machine?







Exercise 3

Introduction to IOS

In this next section you will be introduced to the Cisco Internetworking Operating
System (IOS). It is the IOS that runs the Cisco routers and also Cisco switches.
The exercises in this section will cover basic IOS router configuration concepts and
commands on order to enable you to build and configure the IPv6 network we will be
looking at
Exercise 3.1:
Connect to the router you have been assigned to as instructed in the class.

Router>

This indicates you are in USER mode.

Cisco IOS has a command interpreter called the Exec. The Exec first interprets the
command you type and then carries out the operation requested. The Exec has two
levels of access: user and privileged. These two levels of access are sometimes
referred to as modes and serve as a security barrier for access to the different levels
of commands.
User mode is used for basic tasks such as checking the router's status, connecting
(telnet-ing) to remote devices, making temporary changes to terminal settings, and
viewing basic system information. In this mode, the view of the router's configuration
and troubleshooting capabilities are very limited, and configuration changes cannot
be made.
Privileged mode is used to change the configuration of the router. The commands in
privileged mode include all those available in user mode, plus those used to set IOS
parameters, get detailed information about the router's status and configuration, test
and run debug operations, and to access global configuration modes.
10 IPv6 Exercises

Exercise 3.2:
a) To change to privileged mode, type enable at the prompt. You will need to provide
the enable password for this
In privileged mode notice that the prompt has a hash (Router#) instead of an
arrow (Router>).
b) To return to user mode, type disable at the prompt.
c) To close the console, just enter logout.

To manually configure a router, you need to be in configuration mode. This can be
accessed only from privileged mode. In configuration mode, you have access to
configuration commands that will allow you to configure the router as a whole,
including the essential commands to set up the interfaces (connections to networks)
and to configure routing and routing tables. From this mode you can also view other
configuration details and save your configuration.
A router's configuration file is loaded on bootup from NVRAM (Non volatile memory).
The configuration loaded is known as the startup-config. Once it is loaded (into
RAM) it becomes the running-config. Changes can then be made to the running-
config dynamically through configuration mode.
The configuration can also be stored on an external server (for backup) and restored
at anytime by loading it from the server using TFTP (Trivial File Transport Protocol).
The startup-config can be re-loaded at any time from NVRAM to overwrite the
running-config if errors have been made.

To enter configuration mode you use the config command. On real routers, there
are three sub-modes for config mode:
Config terminal (config t) executes configuration commands from the
terminal (from a console port or telnet) and allows you to dynamically change
the running-config. Changes take effect immediately.
Config memory (config mem) Loads the configuration file (startup-config)
stored stored in NVRAM. This will again copy the startup-config to the
running-config.
Config network (config net) is used to retrieve a configuration file stored on
a server using TFTP.

11 IPv6 Exercises

Exercise 3.3:
From privileged exec mode, enter configuration mode by typing config t

Helpful IOS features:
You can use a question mark (?) from any prompt to see the list of available
commands at that prompt. To find help for a specific command enter the first letter of
that command and a question mark without a space in between. For example,
router>t? will list all commands beginning with t available from user mode. Use the
tab key to finish off commands that you have partially typed. If there is no command
ambiguity, the tab key finishes typing for you. The Up and Down arrows are also
useful to save retyping commands previously entered.


Exercise 3.4:
Experiment with the help feature. Check out the list of commands at each exec mode.
Practice using the tab key, up and down arrows to save yourself typing time.
You can view information about a router (or switch) via the show (sh) command.
Type sh ? to see a list of all the options.
Exercise 3.5:
a. To view basic information about the router use sh version from privileged
mode. Examine the output and try and identify some of the information
shown.
b. To see the configuration file in NVRAM, enter show startup-config from
privileged mode. What do you discover?
c. To see the configuration file in RAM, enter show running-config from
privileged mode.
d. From privileged mode type copy run start to copy the running config from
RAM into NVRAM. Notice that you do not have to type the complete
command (so long as there is no ambiguity).
e. Check the config file in NVRAM again.
Note: It is important to remember to save your running-config to NVRAM after
you have made changes. If you forget to do this, once the device reboots, your
changes will be lost.
12 IPv6 Exercises

Recall that each network connected to an internetwork must have its own network id
(network prefix) in order for routing to be possible between these networks.
Remember that a router has multiple interfaces with each one connected to a
different network. A router is a device that is on multiple networks.
Exercise 3.6:

The most basic and important element in configuring a router is to configure the
interfaces that connect to networks. This is done in global configuration mode. In this
mode you are able to enter the configuration mode for each individual interface and
set the parameters for the interface. To enter interface configuration mode, specify
the type of interface (in this case fast ethernet) and the slot/port number (0/0), by
typing:
router(config)#interface fastethernet 0/0 (int f0/)
The prompt changes to show the new mode: Router (config-if)#
You now configure the IP address of this interface:
router(config-if)#ip address <ip address> <netmask>
All interfaces are by default shut down. You can bring up an interface with the no
shutdown command. Interface settings will not work until you have turned the
interface on:
router(config-if)#no shutdown
Using the following set of commands, configure the Fast Ethernet 0/1 ports on your
routers using the IP addresses as shown.

enable ipv6 unicast routing
int fastethernet 0/1
ip address 192.168.1.20X 255.255.255.0
ipv6 enable
ipv6 address 2001:1234:1::X/48
exit
copy run start

where X is the number of the router you have been allocated

13 IPv6 Exercises
Since all the routers have been configured with the same network prefixes and are
connected to the same switch, you can ping from one router to the other using either
the IPv4 or IPv6 addresses.
In order to examine the current running-configuration of your router, click on the
router to access the console and then from user mode, type:
show run
In order to check entries in the router's routing table, the sh ip route command is
accessed from privileged mode, by typing:
show ip route










14 IPv6 Exercises
Exercise 4

IPv6 IX topology

In this exercise we will expand on the configuration we have done in exercise 3 and
simulate the construction of an IX

An IX provides a peering exchange where ISPs and other providers can connect
together in order to route traffic between themselves by mutual agreement without
cost.

Each IX member network or AS maintains a presence in the IX through a router
which acts as a border router to the other networks (ASs ) in the IX. The routers are
commonly connected to a switch on a common vlan providing them with the peering
connectivity.

In this exercise you will:

Determine the IP addressing scheme for the IX and for your ISP lan network
Configure the external interfaces of the routers connecting your ISP to the IX
Configure static routing on these interfaces
Configure an internal lan for your ISP
Configure BGP on the router
Test this connectivity.


You will be be working with a partner in this configuration and will be
assigned a router from the list below

IPv6 network topology

IX Subnet: 2001:00AA::/48

Router 2: 2001:abc2::/32 Router 7: 2001:abc7::/32
Router 3: 2001:abc3::/32 Router 8: 2001:abc8::/32
Router 4: 2001:abc4::/32 Router 9: 2001:abc9::/32
Router 5: 2001:abc5::/32 Router 10: 2001:abca::/32
Router 6: 2001:abc6::/32







15 IPv6 Exercises




Exercise 4.1

Using the address block assigned to the IX create a subnet from the IX /48 block for
the network connecting all the IX members together. Assign interface addresses to
these routers from this subnet. Select the first /64 for this.


Exercise 4. 2

Each of the ISPs have been allocated a /32 address. From this block define /48
subnet for an internal LAN segment for this ISP

Router
no.
Router
no.

R 2 R 7
R 3 R 8
R 4 R 9
R 5 R 10
R 6




IXP Diagram
R7
R10
R9
R8
R2
R3
E0/0
E0/0
E0/0
E0/0
E0/0
E0/0
FE0/0
FE0/
0
FE0/0
R4
R5
R6
R1
S1
16 IPv6 Exercises


Exercise 4.3

From this /48 address assign an address to the internal interface of the ISP router.
The E 0/0 or F 0/0 interfaces connect to the IX, so the E0/1 or F0/1 interface will be
internal interface

Router
no.
Internal Interface Router
no.
Internal Interface
R 2 R 7
R 3 R 8
R 4 R 9
R 5 R 10
R 6




Configuring the interfaces

1. Configuring router interface with IPv6 address.

The router has several different interfaces, which are required to be configured
Assume we are configuring the e0/0.

1. Select the appropriate interface required prior to configuration.
2. Once selected ensure that the interface is up. Issue the command show
interface

Myrouter # show interface e0/0

3. Choose the interface to be configured and provide the IP Address to it.

Example: Eth0 configuration

Myrouter # configure terminal
Myrouter(config) # interface e0/0
Myrouter(config-if) #


4. Configure the IP address for the interface selected.

Example: e0/0 configuration with a /64 subnet

Myrouter(config-if) # ipv6 address ipv6 address/prefix size in CIDR

Myrouter(config-if) # ipv6 address 2001:AA::1/64


5. Enable IPv6 on the interface selected.

Example: e0/0

17 IPv6 Exercises
Myrouter(config-if) # ipv6 enable


6. Exit from the interface configuration and enable IPv6 Unicast datagram
forwarding by typing the command below.

Myrouter(config) # ipv6 unicast-routing


7. Save the configuration by issuing the command: copy run start


Exercise 4.4


Configure static routes for the IPv6 ISP networks.

For each network connected to an IX member ISP, we configure a static route on the
other routers


Myrouter(config)ipv6 route destination network/prefix <outbound interface or
next hop IP address>

Myrouter(config)ipv6 route 2001:AA::/35 2001:AA::1


We will define this list together in the workshop


Exercise 4.5

Configure BGP with the IPv6 address.

Remove the static route configuration, before proceeding to BGP.

Myrouter(config) no ipv6 route 2001:AA::/48

You will need to complete this to remove each route


Type router bgp with the AS number in the command prompt of the router user
exec mode to configure the bgp protocol.

router#configure terminal
router(config)#router bgp <ASN>
router(config-router)#no auto summary
router(config-router)#no synchronization

Where the AS number is the number of your router
18 IPv6 Exercises

Type the statement for the networks that will be announced within the your AS.

router(config-router)# network ipv6network/prefix
size)

1. Configure the neighbor peering pointing to the neighbor interface IP address.

router(config-router)# neighbor <other ASN
interface IP> remote-as <other ASN>

Sample Configuration
====================
router#configure terminal
router(config)#router bgp 1
router(config-router)# no auto-summary
router(config-router)# no synchronization
router(config-router)# network 2001:abcd::/64
router(config-router)# neighbor 2001:abcd:1234:abc1::1
remote-as 2 (for peering with other network)


Verifying the BGP process

1. Verify that the configuration for the routing process is working properly by
typing the commands below:

show ipv6 bgp summary (to check the bgp summary table)
sh ipv6 bgp neighbour (to check neighbour list)
sh ipv6 route (to check the routing table for the BGP announcement)

19 IPv6 Exercises



Exercise 5

IPv6 Tunneling Topology

This exercise will demonstrate the tunnelling of IPv6 traffic from a number of IPV6
enabled ISPs through an IPv4 core.

There are 3 network types involved:

IPv6 network AS2, AS6, AS8
Dual stack network AS4, AS5, AS7
IPv4 network AS3

In the workshop you will be allocated to a team that will configure an ISP IPv6
network and the corresponding dual stack network.

A team will also configure the IPv4 network router.

For the layout please see the diagram below:

For this exercise you will use addresses from the IPv6 block:

2001:aaaa::/32

and from the IPv4 block:

192.168.0.0









20 IPv6 Exercises




Exercise 5.1

For each of the IPv6 networks assign a /48 from the given block

For each of the IPv4 networks assign a /24 from the given block.




Exercise 5.2


Refer back to the previous exercise for the appropriate command syntax


Configure appropriate IPv6 addresses on both interfaces of the IPv6 AS routers

Configure both an IPv6 address and an IPv4 address on the interface connecting the
dual stack routers to the IPv6 AS.
Configure a IPv4 address on the interface of the dual stack routers connecting the
dual stack routers to the IPv4 network

Configure IPv4 addresses to the interfaces of the core router.
ISP Network Diagram
FE0/0
R5
E0/0
E0/1
E0/0
E0/1 E1/0
FE0/0
FE0/1
E0/0
E0/0
E0/1
E0/0
AS2
AS4
AS3
AS5
AS6
AS7
AS8
R2
R4
R3
R5
R7
R8
R6
E0/1
E0/1
E0/1
21 IPv6 Exercises

Exercise 5.3


Configure tunnels between the dual stack routers and the core

A tunnel is configured on the dual stack router as a next hop address to the IPv6
destination network.
A IPv6 route to that network is then configured using the tunnel as the next hop.



config t
interface Tunnel 1
ipv6 unnumbered e0/1
tunnel source e0/1
tunnel destination <the IPv4 interface of the dual stack router that
connects to the target IPv6 network>
tunnel mode ipv6ip


A route is now defined to the IPv6 network using the tunnel as the next hop address.


ipv6 route <target IPv6 network> <tunnel ID>

Appropriate static routes will also need to be configured



Exercise 5.4

Configure BGP

Remember to remove static routes.

For the IPv6 networks you need to announce the networks in the AS.

You must also ensure that your IPv4 network is well connected. This means ensuring
that you have dynamic routing appropriately configured on the IPv4 routers ( or you
have configured static routes)

On the IPv6 network routers:

router#configure terminal
router(config)#router bgp <ASN>
router(config-router)#no auto summary
router(config-router)#no synchronization

Type the statement for the networks that will be announce within the AS.

router(config-router)# network ipv6network/prefix
size

For all the routers you need to configure neighbor peering
22 IPv6 Exercises

Configure the neighbor peering pointed to the neighbor interface IP address.

router(config-router)# neighbor <other ASN
interface IP> remote-as <your ASN>


Sample Configuration
====================
router#configure terminal
router(config)#router bgp 1
router(config-router)# no auto-summary
router(config-router)# no synchronization
router(config-router)# network 2001:abcd::/64 (for the
/64 network aggregate)
router(config-router)# neighbor 2001:abcd:1234:abc1::1
remote-as 1 (for peering with other network)





Exercise 5.5

Verifying BGP process

1. Verify the configuration if the routing process is working properly by typing the
commands below:

show ipv6 bgp summary (to check the bgp summary table)
sh ipv6 bgp neighbour (to check neighbour list)
sh ipv6 route (to check the routing table for the BGP announcement)