The Next-Generation Internet Standard
Total Page:16
File Type:pdf, Size:1020Kb
IPv6 Network Administration By David Malone, Niall Murphy Publisher: O'Reilly Pub Date: March 2005 ISBN: 0-596-00934-8 Pages: 306 Table of • Contents • Index • Reviews • Examples This essential guide explains what works, what doesn't, and most of all, Reader what's practical about IPv6--the next-generation Internet standard. A • Reviews must-have for network administrators everywhere looking to fix their • Errata network's scalability and management problems. Also covers other IPv6 • Academic benefits, such as routing, integrated auto-configuration, quality-of-services (QoS), enhanced mobility, and end-to-end security. IPv6 Network Administration By David Malone, Niall Murphy Publisher: O'Reilly Pub Date: March 2005 ISBN: 0-596-00934-8 Pages: 306 Table of • Contents • Index • Reviews • Examples Reader • Reviews • Errata • Academic Copyright Foreword Preface What This Book Is ... and Is Not Conventions Used in This Book Using Code Examples Comments and Questions Safari Enabled Contacting the Authors A Note on RFCs and Internet Drafts Acknowledgments Part I: The Character of IPv6 Chapter 1. The Unforeseen Limitations of IPv4 Section 1.1. Addressing Model Section 1.2. NAT Section 1.3. Security Section 1.4. MAC Layer Address Resolution Section 1.5. Broadcast Versus Multicast Section 1.6. Quality of Service Section 1.7. Routing Section 1.8. Summary Chapter 2. The (Un)foreseen Successes of IPv4 Section 2.1. Simplicity Section 2.2. Resiliency Section 2.3. Scalability Section 2.4. Flexibility Section 2.5. Autoconfiguration Section 2.6. Extensibility Section 2.7. In Short... Chapter 3. Describing IPv6 Section 3.1. Designed for Today and Tomorrow Section 3.2. Packets and Structures Section 3.3. Address Architecture Section 3.4. ICMPv6 Section 3.5. Address Selection Section 3.6. More About Headers Section 3.7. Introduction to Mobile IPv6 Section 3.8. Routing Section 3.9. Security Section 3.10. Quality of Service Section 3.11. The Promise of IPv6 Chapter 4. Planning Section 4.1. Transition Mechanisms Section 4.2. Obtaining IPv6 Address Space and Connectivity Section 4.3. Network Design Section 4.4. Managing IPv4 and IPv6 Coexistence Section 4.5. Deploying IPv6 Section 4.6. Inputs to Deployment Plans Section 4.7. Worked Examples Section 4.8. Summary Part II: Deploying IPv6 Chapter 5. Installation and Configuration Section 5.1. Workstations and Servers Section 5.2. Routers Section 5.3. Enabling, Testing, and Troubleshooting Section 5.4. Static Routing Section 5.5. Configuring Transition Mechanisms Section 5.6. Applications Section 5.7. Gotchas Section 5.8. Summary Chapter 6. Operations Section 6.1. DNS Section 6.2. IPsec Section 6.3. Routing Section 6.4. Firewalls Section 6.5. Management Section 6.6. Providing Transition Mechanisms Section 6.7. Summary Chapter 7. Services Section 7.1. General Notes Section 7.2. Inetd/TCP Wrappers Section 7.3. HTTP Section 7.4. SMTP Section 7.5. POP/IMAP Section 7.6. NNTP Section 7.7. NTP Section 7.8. Syslog Section 7.9. Printing Section 7.10. FTP Section 7.11. Remote Login Services Section 7.12. If All Else Fails... Section 7.13. Summary Chapter 8. Programming Section 8.1. Relevant Functions Section 8.2. Some Simple Examples Section 8.3. Case Study: MMDF Section 8.4. Other Considerations for Developers Section 8.5. Summary Chapter 9. The Future Section 9.1. Unresolved Issues Section 9.2. Up and Coming Subject Areas Section 9.3. Summary Glossary Colophon Index Copyright © 2005 O'Reilly Media, Inc. All rights reserved. Printed in the United States of America. Published by O'Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O'Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://safari.oreilly.com). For more information, contact our corporate/institutional sales department: (800) 998-9938 or [email protected]. Nutshell Handbook, the Nutshell Handbook logo, and the O'Reilly logo are registered trademarks of O'Reilly Media, Inc. IPv6 Network Administration the image of a softshell turtle, and related trade dress are trademarks of O'Reilly Media, Inc. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O'Reilly Media, Inc. was aware of a trademark claim, the designations have been printed in caps or initial caps. While every precaution has been taken in the preparation of this book, the publisher and authors assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein. Foreword IPv6 has evolved during the last dozen years or so, and the road has not been easy. The process has been driven primarily by the shortage of address space under IPv4, but also by the desire for new applications that don't fit within the older protocol's limitations. The address space crisis has been delayed by several new approaches to IP addressing, the most important of them being CIDR, NAT, and RFC1918 private address space. At the same time, it was clear that these solutions only postponed the inevitable, so efforts began to redesign the IP protocol. These efforts led to IPv6. Although CIDR, NAT, and private address spaces have been successful, they didn't solve the problemthey only put it off. Today, the Regional Internet Registries have IPv4 address allocation policies that scare away those who would like to get public address space. IPv4 address space has become a scarce resource, and getting a public address block requires too much paperwork and bureaucracy. We can stretch out the IPv4 address space for 5, 10, or 50 years, but if the result is that only a privileged few can get public address space, what's the point? Enter IPv6. IPv6 provides a clean fix to the fundamental problem: too few bits in the IP address. The increased length of IPv6 addresses means that they can be assigned freely and used comfortably; they're not a scarce resource that needs to be conserved. IPv6 also makes it possible to deploy new types of applications that rely on public address space, or that encode information in the IP address itself, such as multihoming and verifiably secure local networking. The IPv6 specifications are now reasonably stable. Dozens of implementations have been deployed and used for years; if you want to use IPv6, you no longer need special software or patches. Most operating systems include IPv6 support, and some vendors even turn it on by default. IPv6 has arrived at a state where almost everyone can use it. The problem is now that they don't know how. Therefore, the most important work at the moment is enabling IPv6 deployment, and creating an atmosphere where IPv6 applications can be created and flourish. That's where we'll really see the benefit of IPv6: in new applications that go beyond the client-server paradigm, and take advantage of IPv6's end-to-end addressing and connectivity features. That's where this book comes in: it gathers knowledge scattered across the Internet about deployment and applications. There are many ways to deploy IPv6, and the more complex the network you have, the more possibilities you have. This book helps you to understand those possibilities and deploy IPv6 on your network. Have the Internet users, application developers, and vendors grown too comfortable with short-term patches to counter the problem caused by NATs and address space shortage, instead of choosing the longer-term solution, IPv6? We'll see. IPv6 is ready for deployment. For you to deploy, use, and write applications for. This book shows you how; don't let inertia hold you back. Have fun doing that! Pekka Savola IETF IPv6 Operations (v6ops) working group co-chair Preface The chief thing is not to study, but to do. Sayings of the Fathers, 1:17 IPv6 has been overhyped, undersold, rubbished, acclaimed, scuppered, and resurrectedoften several times a day by the same person in different conversations. It's been talked up and talked down, misunderstood, ignored and defended; but it is overcoming barriers and finding growing acceptance and support within the Internet community. For an obscure networking protocol of current interest to a small fraction of the population of our planet, this combination of passion and ignorance seems remarkable. You might ask, `So why all the fuss?' The motivation behind IPv6 is the need to fix the most difficult problems that the Internet faces today: address exhaustion, network management, scalability issues, and multi-homing. It is the promise of addressing[1] these issues that has sparked the interest it has aroused, and that same promise is and will drive its adoption and eventual deployment. In fact, about the only thing that IPv6 hasn't been is widely deployed enough to justify this attention! We hope to do our small part to change that by providing this book to help you make your own judgement, ignoring the gain-sayers and the hype, and focusing on what IPv6 can do for you. [1] Pun intended. We of course know that technical merit or promise alone is not enough to make something successful, so besides an excellent design and good intentions, what else does IPv6 have going for it? Well, it's been adopted as a standard by organizations such as the 3GPP[2] and well-known industry players such as Cisco, Microsoft, and Sun, it's seen an increasing amount of commercial deployment from organizations such as Microsoft and NTT, and confidence is increasing that the rightful successor to IPv4, the most popular internetworking protocol in the world, has arrived just when we need it the most.