IPv6 on PC Based Router

Download Report

Transcript IPv6 on PC Based Router

IPv6 on PC Based
Router
Mohd Norman Maraddin
National Advanced IPv6 Centre (NAv6)
6th floor, School of Computer Sciences
Universiti Sains Malaysia
11800 Minden, Penang, Malaysia
[email protected]
Overview
• IPv6 Tunnel & Dual Stack
IPv6 Tunnel
Dual-stack router
Dual-stack router
IPv4 / IPv6
IPv4 / IPv6
IPv4 / IPv6
IPv4: 192.168.99.1
IPv4: 192.168.30.1
IPv6: 3ffe:b00:800:1::3
IPv6: 3ffe:b00:800:1::2
Dual Stack
Outline
• PC Based Router
• More cheaper than hardware router
• Configure the PC to become powerful
router
• Suitable for Education, Research and
Small Industries.
• Two major platform:
• FreeBSD,
• Linux (Fedora/CentOS),
• And also available in Windows
platform but not widely implement
Fedora/CentOS Router-Background
• Why Fedora / CentOS?
• Fedora Core / CentOS is a free operating system
that offers the best combination of stable and
cutting-edge software that exists in the free
software world.
• Fedora / CentOS offers
– advanced networking
– security and compatibility features
Enabling IPv6 on Fedora/CentOS Router
•
Fedora Core 1 or above and CentOS 3.0 or above support IPv6
•
Firstly, we need to configure /etc/sysconfig/network file
–
–
–
–
–
•
NETWORKING=yes // enable machine to work on IPv4
HOSTNAME=V6training.nav6.org
FORWARD_IPV4=yes
NETWORKING_IPV6=yes // enable machine to work on IPv6
IPV6FORWARDING=yes // enable IPv6 packets forwarding
Then edit /etc/sysconfig/network-scripts/ifcfg-eth0 to assign IPv6
address
–
–
–
–
–
–
–
–
DEVICE=eth0
BOOTPROTO=static
ONBOOT=yes
NETMASK=255.255.254.0
IPADDR=203.80.17.131
IPV6INIT=yes // initial IPv6 to this interface
IPV6ADDR=2001:C18:E001:403::1/64 // assign IPv6 Address
DEFAULTGW=2001:c18:e001::1/64 // assign IPv6 Gateway
Router Advertisement
Edit /etc/radvd.conf file
interface eth0 {
AdvSendAdvert on;
MinRtrAdvInterval 3;
MaxRtrAdvInterval 10;
prefix 3ffe:ffff:0100:f101::/64 { //needed
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr on;
AdvPreferredLifetime 20; //optional
AdvValidLifetime 30; //optional
};
};
FreeBSD Router-Background
• Why FreeBSD?
• FreeBSD is an advanced operating system for x86 compatible,
amd64 compatible Alpha/AXP, IA-64, PC-98 and UltraSPARC®
architectures.
• It is derived from BSD, the version of UNIX® developed at the
University of California, Berkeley.
• FreeBSD offers
–
–
–
–
advanced networking
performance
robust
security and compatibility features
FreeBSD Router-Background (Cont.)
• Version 4.0 RELEASE or above support IPv6
• In order to create Manually Configured IPv6 Tunnel, Generic Tunnel
Interface (GIF) interface is required.
• The gif interface is a generic tunneling pseudo-device for IPv4 and
IPv6. It can be tunnel IPv[4,6] traffic over IPv[4,6]. Gif interface only
available on NetBSD release.
Enabling IPv6 on FreeBSD Router
• IPv6 Tunnel
– Use Generic Tunnel Interface (GIF) interface
– Creating & configuration by command line, or
– Configure /etc/rc.conf file.
• Dual Stack interface.
– Configure /etc/rc.conf file.
IPv6 Tunnel Configuration
Command Line Configuration
• Make sure you login as root privileges. Type these lines on
command line.
– # ifconfig gif0 create // creating the gif interface
– # ifconfig gif0 tunnel 219.93.32.171 203.115.224.12
// provide tunnel start-points and tunnel endpoint
– # ifconfig gif0 up // make tunnel interface up
– # ifconfig gif0 inet6 2001:c18:0:5000::e prefixlen 126
// assign IPv6 address to tunnel interface
IPv6 Tunnel Configuration (Cont.)
Tunnel Configuration by Script
• In term to automatically setup the gif tunnel when rebooted next time
• Make sure you login as root privileges. Type these lines inside
/etc/rc.conf file.
–
–
–
–
–
–
–
–
ipv6_enable="YES“ // enable IPv6 on this PC
ipv6_gateway_enable="YES" // enable this PC as IPv6 router
ipv6_network_interfaces="gif0" // assign gif0 as IPv6 network interface
gif_interfaces="gif0“ // can be many gif interfaces (tunnels) (eg: gif1, gif2)
gifconfig_gif0="219.93.32.171 203.115.224.12" // setting up tunnel endpoints
ipv6_static_routes="default"
ipv6_route_default="default -interface gif0“ // assign default route
ipv6_ifconfig_gif0="2001:c18:0:5000::E prefixlen 126“ // assign IPv6 address
Dual Stack Configuration
• Editing /etc/rc.conf
–
–
–
–
–
–
ipv6_enable="YES“ // enable IPv6 on this PC
ipv6_gateway_enable="YES" // enable this PC as IPv6 router
ipv6_network_interfaces=“xl0" // assign xl0 as IPv6 network interface
ipv6_static_routes="default"
ipv6_route_default="default -interface xl0“ // assign default route
ipv6_ifconfig_gif0="2001:c18:0:2000::3 prefixlen 64“ // assign IPv6 address
Router Advertisement
• Editing /etc/rc.conf
• rtadvd_enable="YES“ // enable router advertisement daemon
• rtadvd_interface="xl1“ // clarify router advertisement interface
• ipv6_ifconfig_xl1_alias0="2001:c18:403:1::1 prefixlen 64“
// assign IPv6 address on router advertisment interface
Routing Protocol (Quagga)
• Quagga is a routing software suite,
providing implementations of OSPFv2,
OSPFv3, RIP v1 and v2, RIPv3 and
BGPv4 for Unix platforms, particularly
FreeBSD, Linux, Solaris and NetBSD.
• Quagga is a fork of GNU Zebra.
Installing Quagga
• Can be download from: http://www.quagga.net or using FreeBSD
ports (release 5.4 and higher).
• Install using FreeBSD ports:
– Browse to quagga ports directory
#cd /usr/ports/net/quagga
– Installing quagga
#make install clean
– browse to quagga configuration directory
#cd /usr/local/etc/quagga
– copy the sample configuration file to quagga configuration directory. It
can be zebra, ospfd, bgpd and etc.
#cp /usr/local/share/examples/quagga/zebra.conf.sample
zebra.conf
Installing Quagga (Cont.1)
• Edit /etc/rc.conf
– quagga_enable="YES"
– quagga_daemons="zebra bgpd ospfd“
• Start the selecting daemons (zebra)
#/etc/rc.d/quagga start
Installing Quagga (Cont.2)
• Edit zebra.conf
– #vi /usr/local/etc/quagga/zebra.conf
–
–
–
–
–
–
–
–
–
–
–
interface xl0
description network 219.93.32.0/24
ip address 219.93.32.171/24
!
ip route 0.0.0.0/0 219.93.32.171
!
description network 2001:c18:0:5000::/126
ipv6 address 2001:c18:0:5000::e/126
!
ipv6 route ::/0 2001:c18:0:5000::e/126 xl0
line vty
Installing Quagga (Cont.3)
• Edit bgpd.conf
– #vi /usr/local/etc/quagga/bgpd.conf
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
router bgp 64600
bgp router-id 219.92.32.171
neighbor 2001:c18:0:5000::d remote-as 10204
neighbor 2001:c18:0:5000::d interface gif0
neighbor 2001:c18:0:5000::d update-source gif0
!
address-family ipv6
network 2001:c18:403::/48
neighbor 2001:c18:0:5000::d activate
neighbor 2001:c18:0:5000::d soft-reconfiguration inbound
neighbor 2001:c18:0:5000::d prefix-list NRGUSM out
exit-address-family
!
ipv6 prefix-list NRGUSM seq 20 permit 2001:c18:403::/48
ipv6 prefix-list NRGUSM seq 100 deny ::/0 le 128
!
line vty
Installing Quagga (Cont.4)
Ospfv3 Example:
Testing Quagga Configuration
• For zebra
– #telnet localhost zebra
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
nav6rt# telnet localhost zebra
Trying ::1...
Connected to localhost.cs.usm.my.
Escape character is '^]'.
Hello, this is Quagga (version 0.98.2).
Copyright 1996-2004 Kunihiro Ishiguro, et al.
User Access Verification
Password:
NAv6_Router>
NAv6_Router> show ipv6 route
Codes: K - kernel route, C - connected, S - static, R - RIPng, O - OSPFv3,
I - ISIS, B - BGP, * - FIB route.
K>* ::/96 via ::1, lo0, rej
C>* ::1/128 is directly connected, lo0
K>* ::ffff:0.0.0.0/96 via ::1, lo0, rej
B>* 2001:200::/32 [20/0] via fe80::2b0:c2ff:fe4c:f800, gif0, 2d06h39m
……
……
……
C>* fe80::/64 is directly connected, xl0
K>* ff02::/16 via ::1, lo0, rej
Installing Quagga (cont.5)
• Install Quagga using RPM for CentOS
Platform.
•
•
•
•
# yum install quaqqa
# service quagga start
# service quagga restart
# service quagga stop
// to install
// to start
// to restart
// to stop
Testing Quagga Configuration
• For zebra
– #telnet localhost zebra
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
nav6rt# telnet localhost zebra
Trying ::1...
Connected to localhost.cs.usm.my.
Escape character is '^]'.
Hello, this is Quagga (version 0.98.2).
Copyright 1996-2004 Kunihiro Ishiguro, et al.
User Access Verification
Password:
NAv6_Router>
NAv6_Router> show ipv6 route
Codes: K - kernel route, C - connected, S - static, R - RIPng, O - OSPFv3,
I - ISIS, B - BGP, * - FIB route.
K>* ::/96 via ::1, lo0, rej
C>* ::1/128 is directly connected, lo0
K>* ::ffff:0.0.0.0/96 via ::1, lo0, rej
B>* 2001:200::/32 [20/0] via fe80::2b0:c2ff:fe4c:f800, gif0, 2d06h39m
……
……
……
C>* fe80::/64 is directly connected, xl0
K>* ff02::/16 via ::1, lo0, rej
Q&A
Thank You!!