February 9, 2012

Posts Comments

You are here: Home / Archives for IPv6

Learning IPv6 with QEMU

March 4, 2011 By 3 Comments

If you’re just getting started with IPv6 you may want to mock it up in a lab with a few hosts. While it’s pretty easy to grab a windows machine running Windows 7 and lab it up you can do this in an even more controlled environment. Here is what you need:

  • GNS3 and your own IOS image
  • a QEMU image. that has IPv6 Support

    • To get started download the QEMU image and throw it somewhere on your hard drive. I put mine in my Virtual Machines folder.

    Next, install GNS3 if you haven’t already done so.

    Now the fun part- get GNS3 to talk to QEMU. From my testing there seems to be an issue with this when running it on a Mac. When you define where the QEMU image is located and then test it fails unless it’s already running. So what I have done here is started the Qemuwrapper from the CLI. Then I go back and load it up in GNS3:

    terminal$:
terminal$:/Applications/GNS3.app/Contents/Resources/qemuwrapper/qemuwrapper.py
Qemu Emulator Wrapper (version 0.3.2)
Copyright (c) 2007-2009 Thomas Pani & Jeremy Grossmann
    


    Unpacking pemu binary.
Qemu TCP control server started (port 10525).

    Here you can see I have now tested QEMU:

    QEMU1

    And you can also see the QEMU image that I have defined:

    QEMU2

    Our next step is to build the topology. Mine is simple, two QEMU hosts and 1 router.

    QEMU3

    Now we can configure the router for simple IPv6 Connectivity:

    !
ipv6 unicast-routing
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 ipv6 address 2001:DB8:1::1/64
 ipv6 enable
 ipv6 nd prefix 2001:DB8:1::/64
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
 ipv6 address 2001:DB8:2::1/64
 ipv6 enable
 ipv6 nd prefix 2001:DB8:2::/64
!
interface FastEthernet1/0
 no ip address
 shutdown
 duplex auto
 speed auto
!

    Because we have configured the Neighbor Discovery Prefix the QEMU hosts should obtain an IPv6 address via Router Advertisements. On the QEMU host we did nothing and looking at the interface shows us that we have an IPv6 address with the same prefix:

    QEMU4

    The last 64-bits of the host address was configured using EUI-64 formatting. This, for the most part, takes the Mac address of the interface and inserts FFFE in the middle of it.

    Now we should be able to ping the gateway:

    QEMU5

    So far so good! We should also be able to verify the second QEMU host has an IPv6 address:

    QEMU6

    Now for the real test. Let’s see if this router is going to route traffic as a default gateway for the two QEMU hosts. From QEMU Host 2 we ping QEMU host 1:

    QEMU7

    Conclusion

    As you can tell configuring a simple IPv6 lab is not difficult to do. For further testing you could add a few routers and configure IPv6 Routing Protocols like OSPFv3 and EIGRP and the pass IPv6 traffic between the QEMU hosts. Alternatively you could configure an IPv4 backbone and use VTI interfaces to encrypt the IPv6 traffic over the IPv4 network. There is a ton that you can do, and it’s really not that difficult.

    Filed Under: Routing and Switching, TipTorials Tagged With: ,

    Configuring OSPFv3 for IPv6…Not a big leap.

    March 3, 2011 By Leave a Comment

    With all the talk about IPv6 I wanted to take the opportunity to show that some things don’t really change. One hinderance I hear from many of my students is that it’s uncharted territory and they are not sure what will happen. In this post I’ve used OSPF to show you that some elements of IPv6 are very similar to that of IPv4.

    We can begin with the initial configuration. It may seem like there is a bit of a difference here. In IPv6 there is no “network” command so OSPF is enabled on the interface. Also, the Router ID needs to be defined since it’s still a 32-bit identifier. So globally you need to enable the process and define the router-id, then you enable the protocol on the interface. I’ve done that here:

    ipv6 router ospf 1
 router-id 1.1.1.1
 log-adjacency-changes
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 ipv6 address 2001:DB8:1:2::1/64
 ipv6 enable
 ipv6 ospf 1 area 0
    [Read more...]

    Filed Under: CCNP Study, Routing and Switching, Study Tips Tagged With: ,

    Configuring Site-to-Site IPsec for IPv6 using Static VTI

    January 21, 2011 By Leave a Comment

    It’s noticeable that there have been a number of IPv6 posts lately. Just look at Packetlife.net, Etherealmind.com, and IOS hints. IPv6 training has picked up significantly in addition to the internet chatter. So this little tutorial post comes directly out of a discussion during my IP6FD class in San Diego this week. The Question is this: How do I configure a Site-to-Site IPsec VPN on Cisco IOS with IPv6? Here’s how it’s done using static Virtual Tunnel Interfaces (VTIs). As usual, we begin with a Topology. In the topology I used routers as Host1 and Host2. All I need them to do is generate traffic to be encrypted by R1 and R2. R1 and R2 are connected via Fast Ethernet, but you an substitute your favorite WAN technology or Internet Connectivity. There is NO IPv4 in this network.

    ipv6-encryption-topology-main.jpg

    I begin on R1 assuming that IPv6 is already enabled and that you can ping directly across all links. Start by creating an ISAKMP policy.

    R1(config)#crypto isakmp policy 10
R1(config-isakmp)#hash sha 
R1(config-isakmp)#authentication pre-share 
R1(config-isakmp)#encryption aes 192
R1(config-isakmp)#group 2
R1(config-isakmp)#exit
    [Read more...]

    Filed Under: IPv6, Security Tagged With: , ,
    « Older Posts