Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-800-268-7737 Other Contact Options
Checkout

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:

    $

IPv6 UNIX Administration and Security

Gain a complete understanding of the differences between the IPv4 and IPv6 protocols, critical pre- and post-deployment installation techniques to ensure successful Unix operating system migration, and how to deploy mixed IPv4/IPv6 networks. Through detailed hands-on labs, you will configure IPv6-over-IPv4 tunnels and explore and understand the expanded roles of the ICMPv6 protocol vs. ICMP in IPv4.

GK# 1966

Course Overview

TOP

This powerful, Unix hands-on course covers all you need to know about IPv6 technology as well as its implementation and deployment within your network environments. Unix operating system is explored for stateless address auto-configuration, building neighbor’s tables and other Unix administration requirements. 

You’ll also learn about IPv6 cyber security threats, detection and resolution.  Discussions related to IPSec tunneling, Access Control Lists, and DNS implementation within an IPv6 network, as well as IPv6 auto-configuration vs. stateful and stateless DHCPv6 configuration of IPv6-enabled devices. Hands-on router labs configuring OSPFv3 and MP-BGP.  Finally, gain invaluable real-world experience as you configure and set up IPSec tunnels, explore DNS implementation, and analyze current security threats. 

Additionally, you’ll learn the following information from this course: 

Section 1:  Introduction to IPv6

Information Overload

IPv6 Electronic Automation

IPv6 is NOT IPv4 Extended!

Why IPv6

New technologies

  • IPv4 lifetime extension
  • Key differences between IPv4 and IPv6

Internet of Things (IoT)

CES 2014 and IoT (Internet of Things

Bosch IoT Lab Established

Smart Sensor Mesh Networking with IPv6

Key Differences between IPv4 and IPv6

DoD 2003 mandate

NIST Recommendations

DoD IPv6 Standard Profiles

2012 Government Public-Facing Servers

Current Issues with Public Servers

IPv6 Forum

IPv6 Ready Logo Program

  • IPv6 ready program example

Five Internet Registries

ARIN requirements for address licensing

IPv6 Reference Sheet 

Section 2:  IPv6 Addressing

Binary number representation

  • Decimal-to-binary conversion

Hexadecimal review

IPv6 addressing

  • Possible IPv6 addresses
  • IPv6 address notation
  • Compressing the IPv6 Address
  • IPv6 address space
  • IPv6 address prefix subnetting
  • Prefix Examples
  • IPv6 Prefixes
  • Unicast addresses
  • Link-local address
  • Site-local (deprecation)
  • Unique local address (ULA)
  • Global unicast address
  • Global address flow chart
  • Auto-configured address states

Tentative

Preferred, deprecated

Valid and invalid

Address Timers

  • IPv6 Address Timers
  • Anycast addresses
  • Multicast addresses

Well-known multicast

  • Mapping Layer 3 to Layer 2 Multicast
  • Loopback and unspecified addresses
  • 64-bit MAC address assignment
  • IPv6 Prefixes and MAC Addresses
  • Temporary IPv6 Address
  • IPv6 ping command
  • Unicast Addresses – Summary
  • IPv6 Host, Nodes, Routers and Interfaces

Section 3:  IPv6 Header Information

  • IPv4 protocol stack
  • IPv6 protocol stack
  • IPv6 dual stack
  • IPv4 and IPv6 Type Codes
  • IPv4 and IPv6 header comparison
  • New header format
  • Traffic class field
  • IPv6 header length includes
  • IPv6 extension headers

Hop-by-Hop

Destinations Options

Routing Header

  • Routing header example
  • Mobility with IPv6
  • Mobile node home agent support

Fragment Header

  • Fragment header example

IPSec Authentication Header

IPSec ESP Header

Extension header order

Extension header example

List of next header values

Section 4:  ICMPv6 Network Operation

ICMPv6 header

ICMPv6 message types

ICMPv6 error message types

ICMPv6 informational message types

Unix Ping6 Command

  • Unix ICMPv6 Echo Request message
  • Unix ICMPv6 Echo Reply message

Common Unix Commands based on Unix distributions

Unix Ifconfig Command

Ifconfig Eth0

TCPdump commands

Static IPv6 address assignment

  • Static using command line
  • Static assignment through configuration file
  • Static using GUI

Viewing Local Route Command

Unix ICMPv6 Neighbor Discoveries

  • ICMPv6 Neighbor Discoveries Defined

Unix IPv6 Neighbor Solicitation

  • ICMPv6 Neighbor Discovery
  • ICMPv6 Neighbor Solicitation message
  • Duplicate Address Detection
  • Solicited-Node Multicast Address
  • Duplicate Address analyzed
  • Neighbor Solicitation Message Process
  • Host Neighbor Cache
  • Different Unix neighbor show commands
  • Host Neighbor Cache after Solicitation

Unix IPv6 Neighbor Advertisement

  • ICMPv6 Neighbor Advertisement message

Unix Autoconfiguration Methods

Router Solicitation

  • ICMPv6 Router Solicitation message

Router Advertisement

  • ICMPv6 Router Advertisement message
  • ICMPv6 Router Advertisement vs. DHCPv6
  • Viewing a router’s neighbor cache table

SLAAC flow chart

Viewing a host routing table

Viewing a router’s neighbor cache table

Using Local IPv6 Neighbor Table

Configuring IPv6 on a MAC workstation

Unix operating systems overview

DHCPv6 Overview

  • DHCPv6 Unix overview
  • DHCPv6 Packet
  • DHCPv6 flow in Unix environment
  • Configuring Unix workstation for DHCPv6
  • Dynamic configuration

Configuring Unix server for DHCPv6

Troubleshooting DHCPv6 issues

Infoblox DHCPv6 Overview

  • Infoblox DHCPv6 operation

BlueCoat Unix

ICMPv6 Redirect

ICMPv6 Multicast messages

ICMPv6 Redirect

ICMPv6 Multicast messages

Fragmentation Service from the Source

ICMPv6 MTU path discovery

  • ICMPv6 packet too big error message
  • Unix destination cache table
  • Fragment header example
  • Fragment offset value

ICMPv6 Time Exceeded, Destination Unreachable, etc.

ICMPv6 Multicast Listener Discovery Message

Traceroute6 commands

Enabling/Disabling IPv6 Modules

IFconfig for network scripts

CPU usage commands, memory, disk 

Section 5:  Unix Troubleshooting, Performance and NIC Teaming

Common Unix troubleshooting commands

  • Netstat commands
  • Nslookup
  • Ifconfig
  • Hostname –d, -f, -i
  • Tcpdump
  • Errpt
  • Examples of Unix troubleshooting issues

Performance Monitoring

  • Vmstat
  • Iostat
  • Netstat
  • Unix recommend diagnostic tools
  • Performance and monitoring examples

IPv6 NIC team bond

  • Team bonding overview
  • Team bonding example
  • Team bonding configuration
  • Testing team bond configuration

Section 6:  DNS Overview

DNS infrastructure

  • DNS A records
  • DNS AAAA resource record
  • DNS deployment
  • Bind9 support

Example IPv6 DNS query over IPv4

Example IPv6 DNS reply over IPv4

Configure DNS using Unix operating system

DNS update over IPv6 native

Forward and Reverse DNS

Common Reverse DNS mistakes

Troubleshooting Issues

Unix server bind configuration

Testing DNS

HTTP and FTP URL Access

Security issues running dual-stack DNS

IPv6 DNS threats 

Section 7:  IPv6 Deployment Strategies Overview

Reasons delaying iPv6 Migration

Migration Schedule

  • Preliminary stage
  • Discovery stage
  • Design stage
  • Deployment stage
  • IPv6 address recommendations

IPv6 deployment strategies

Potential host types during migration from IPv4 to IPv6

Dual-Stack migration strategy

Current operating systems supporting IPv6

Application upgrades

FTP over IPv6 connection

FTP connection over IPv6

Viewing live analyzer traces

TFTP over IPv6

SFTP over IPv6

SMTP over IPv6

Server HTTP

SSH Example for Unix

SSH Tricks

Helpful CLI Commands

IPv4 and IPv6 dual-stack DNS support

IPv6 tunneling migration strategies

  • IPv6 tunneled over IPv4

IPv6 tunneling methods using manual configuration

  • Tunneling router-to-router
  • Tunneling:  ICMP ping packet
  • Routing over 6to4 tunnel

Silver Springs network

6to4 tunneling devices

6to4 Auto-Configured tunnel

ISATAP Example

ISATAP link-local capture

Teredo

IPv6 Tunneling hacks

Defend against tunneling issues

Firewall limitations

Routing loop attacks using IPv6 tunnels

Teredo tunneling problem

Using IPS and Firewall IPS against tunneling

Other services and technologies

IPv6 supported technologies

Enterprise migration steps

  • Sample inventory list
  • Possible IPv6 subnet assignment
  • Further considerations in migrating IPv6
  • IPv6 intergration

F5 Load Balancer

  • Load balancer overview
  • Common operation
  • Common uses

Section 8: IPSec Security

IPSec tunneling

IPv6 IPSec overview

  • Security areas addressed

IPSec Framework

  • Authentication header
  • AH Transport mode
  • AH tunnel mode
  • Encapsulating security payload
  • ESP transport mode
  • ESP tunnel mode
  • Internet key exchange

Building a Unix IPSec tunnel     

  • IPSec static tunnel configuration
  • 6in4, 6to4, Teredo
  • Free tunnel Unix brokers
  • Verifying configuration
  • Testing configuration

IPv6 Firewall

  • Setting up a IPv6 Unix firewall
  • Firewall configuration example
  • IPTables and IP6Tables for Unix
  • Viewing IP6Tables
  • Example IP6Table configuration
  • Common IP6Table commands

Scapy6 Hacking Tool

Schedule

TOP
  • Delivery Format:
  • Date:
  • Location:
  • Access Period:

$

What You'll Learn

TOP
  • Understand the features and benefits of IPv6 and services it offers
  • Deploy Unix operating system in an IPv6 environment along with configuration and show commands.
  • Deploy Stateless architecture using a Unix host and router
  • Use a variety of show commands to configure and display IPv6 services running within a Unix node
  • Use Wireshark to analyze both IPv6 network and security type packets
  • Evaluate different Unix deployment strategies when migrating to IPv6
  • Configure IP RIPng, OSPFv3, and BGP for an IPv6 network
  • Configure a dual-stack network consisting of both IPv4 and IPv6 protocol stacks
  • Deploy different tunneling techniques supporting IPv6 over IPv4 only network

Who Should Attend

TOP

Unix administrators, engineers or technical staff deploying or supporting Unix IPv6 operating system.  Professionals who are considering or making the migration from IPv4 to IPv6 protocol-based Unix network environment.

Course Delivery
Request this course in a different delivery format.
Enroll