CORE NETWORK SERVICES

3

DNS DHCP

ADDRESSES OF AN IPV6 HOST

4

§  Link-Local

§  Unicast

§  Loopback

§  All-Nodes Multicast

§  Solicited-Node Multicast

FE80::61CC:B8CA:FCB2:36BE

2001:db8:1C6E::6D2B:1C6E

::1

FF01::1

FF02::1:FF2B:1C6E

(at least one)  

IPV6 FORWARD DNS

5

ipv6-host IN AAAA 2001:DB8::1:2:34:56

host4711 IN A 192.249.249.111 IN AAAA 2001:db8:cafe:f9::d3

IPV6 REVERSE DNS

6

9.8.7.6.5.4.3.0.2.0.0.0.1.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa. IN PTR ipv6-host.bluecatnetworks.com.

2001:db8:cafe:f9::/64 >> 9.f.0.0.e.f.a.c.8.b.d.0.1.0.0.2.ip6.arpa.

§  “listen” Statement

§  “query-source” Statement

ISC BIND & IPV6

7

options { listen-on-v6 { 2001:db8:cafe:1::53; }; };

options { query-source-v6 address 2001:db8:cafe:1::53; };

§  “transfer-source” Statement

§  “notify-source” Statement

ISC BIND & IPV6

8

options { transfer-source-v6 2001:db8:cafe:1::53; };

options { notify-source-v6 2001:db8:cafe:1::53; };

DNS QUERIES

9

DNS Server

Resources

IPv4 = 192.168.191.3 IPv6 = 2001:DB8::1:2:345:6789

DNS Query

A/AAAA

Query via IPv6

Query via IPv4

DNS QUERIES

10

§  Filtering

§  Protocol-specific Search List

options { filter-aaaa-on-v4 yes; };

IPv6

IPv6

IPv6 IPv4 = bcnlab.corp IPv6 = v6.bcnlab.corp

Zone bcnlab.corp Zone v6.bcnlab.corp

DNS Server

ROUTER ADVERTISEMENT (RA)

11

Router

Prefix!?

Prefix, TTL, Flags

Src = link-local address (FE80::) Dst = all-routers multicast address (FF02::2)

Src = link-local address (FE80::) Dst = all-nodes multicast address (FF02::1)

ROUTER ADVERTISEMENT (RA)

12

Router

You‘re at 2001:db8:ca

fe:1::/64 A, M, O

Address  Alloca+on   Op+ons  

A  Flag   SLAAC   RFC  6106  

M  Flag   DHCPv6   DHCP  

O  Flag   SLAAC   DHCP  

RFC 6106

13

§  Recursive DNS Server

§  DNS Search List

switch# configure terminal switch(config)# interface ethernet 3/3 switch(config-if)# ipv6 nd ra dns server 2001:db8:1:2::53 sequence 0 switch(config-if)# ipv6 nd ra dns search-list bcn.corp sequence 1

Source: http://cisco.com (Nexus 7000 Series Routing Guide)  

DHCPV6

14

§  Motivation: Central Management & Auditing

subnet6 2001:db8:1:2::/64 { range6 2001:db8:1:2::1:0 2001:db8:1:2::1:ffff; option dhcp6.name-servers 2001:db8:1:2::53; option dhcp6.domain-search "bcn.corp";

}

DHCPV6

15

§  RA defines Usage of DHCPv6

§  Clients on UDP 546

§  Servers & Relays on UDP 547

§  Special Multicast Addresses §  FF02::1:2 (All-DHCP-Agents) used by Clients

§  FF05::1:3 (All-DHCP-Servers) used by Relays

DHCPV6

16

Client   Server  

SOLICIT  –  FF02::1:2  

ADVERTISE  (Unicast)  

REQUEST  (Unicast)  

REPLY  (Unicast)  

Neighbour  SolicitaLon  Message  (MulLcast)  

No  Answer  Duplicate  Address  

DetecLon  

PROTOCOL-SPECIFIC SEARCH LIST

17

IPv6

IPv6

IPv6

DHCP (v4/v6) IPv4 (119) = bcnlab.corp IPv6 (24) = v6.bcnlab.corp

DNS Server Router DNSSL

Resources

Zone bcnlab.corp Zone v6.bcnlab.corp

srv.v6.bcnlab.corp

Query via IPv4

Query via IPv6

srv.bcnlab.corp

THEORETICALLY ... ;)

18 Source: https://www.insinuator.net/2015/03/ipv6-router-advertisement-flags-rdnss-and-dhcpv6-conflicting-configurations/  

ADDRESS MANAGEMENT FOR IPV6

19 Source: https://www.insinuator.net/2013/10/ipam-requirements-in-ipv6-networks/  

§  Track dynamic Addresses (SLAAC + DHCP)

§  Connected L2/L3 Ports of Devices

§  Sorting Addresses by Categories

§  RFC 5952

§  Integration with DNS & DHCP

§  Metadata (Import, Reporting, etc.)

Thank you for your Time.