Microsoft PowerPoint - 03.IPv6_Linux.ppt [相容模式]

IPv6 Linux (Cent OS 5.x) IPV6 2 IPv6 IPv6 IPv6 IPv6 IPv4 IPv6 (RFC 2460) Dual Stack Tunnel 3 4

IPv6 Native IP IPv6, DHCPv6 IPv6 IP IPv6 Tunnel Broker IPv4, Tunnel IPv6 Tunnel Broker Client IPv6 ( ) IPv6 Windows Windows Vista Windows 7/2008 Linux Fedora/CentOS Ubuntu/Debian 5 6 IPv6 nslookup (AAAA) Set type=aaaa IPv6( ) dig (UNIX Like) 7 8

IPv6( ) ping, tracert (Windows) IPv6( ) ping6, traceroute6 (UNIX Like) 9 10 IPv6 Kame http://www.kame.net IPv6 Ready Logo http://www.ipv6ready.org/ IPv6 http://interop.ipv6.org.tw/ Chapter 01 LINUX WINDOWS IPV6 IPv6 (HiNet) http://ipv6.taco.hinet.net/taco_ipv6/index.jspipv6/index.jsp 11 12

IPv6 on Linux IPv6 on Windows Windows XP Ping Linux Ping ( ) IPv6 Host Windows XP IPv6 Server CentOS 5.x Switch D-Link DES-1005D 13 14 IPv6 on Linux Linux Kernel 218 IPv6 2.1.8 Linux Kernel 2.6.x IPv6 2008 12 1 2008 12 1 Linux Foundation(Linux ) IPv6 Linux Distribution( ) ( ) IPv6 on Linux IPv6 Distribution IPv6 CentOS 5.x 15 16

IPv6 on Linux CentOS ifconfig eth0 interface fe80 Linklocal IPv6 IPv6 on Windows IPv6 WindowsXP IPv6 WindowsXP ipv6 install IPv6 IPv6 ipconfig 17 18 IPv6 on Windows ipv6 install IPv6 on Windows ipconfig fe80 IPv6 IPv6 19 20

Windows XP Ping Host Server ping Server: fe80::a00:27ff:fe84:a767 Host: fe80::21b:fcff:fec0:8e97 f ff f 0 8 Windows XP Ping Host to Server ping6 fe80::a00:27ff:fe84:a767%5 Host Ping Server ping6 interface Ping ipconfig %5 Host Server %5 21 22 Windows XP Ping Server to Host ping6 -I eth0 -c 5 fe80::21b:fcff:fec0:8e97 Linux Ping ( ) Linux Ping IPv6 Server Ping Host 23 24

Linux Ping ( ) Host1 ifconfig Host1 IPv6 IPv6 IPv6 25 IPv6 IPv6 ifconfig /sbin/ifconfig <interface> IPv6 route /sbin/route -A inet6 IPv6 Ping ping6 < ipv6address > IPv6 traceroute6 traceroute6 <ipv6 address> DNS IPv6 host -t AAAA ipv6-domainname Telnet Client telnet 3ffe:400:100::1 80 26 26 IPv6 IPv6 IPv6 # /sbin/ip -6 addr show dev <interface> # /sbin/ifconfig <interface> IPv6 # /sbin/ip -6 addr add <ipv6address>/<prefixlength> dev <interface> # /sbin/ifconfig <interface> inet6 add <ipv6address>/<prefixlength> p IPv6 # /sbin/ip -6 addr del <ipv6address>/<prefixlength> dev <interface> # /sbin/ifconfig <interface> inet6 del <ipv6address>/<prefixlength> IPv6 Depends on distribution Red Hat Fedora IPv6 vi /etc/sysconfig/network NETWORKING_IPV6=yes vi/etc/sysconfig/network-scripts/ifcfg-eth0 IPV6INIT=yes IPV6ADDR= <ipv6address>/<prefix> 6 /t/iitd/ /etc/init.d/network t restart t service network restart t 27 28 28

Linux Ping ( ) /etc/sysconfig/network-scripts/ifcfg-eth0 scripts/ifcfg eth0 #vim /etc/sysconfig/network-scripts/ifcfg-eth0 Linux Ping ( ) IPv6 IPv6 29 30 Linux Ping ( ) network /etc/rc.d/init.d/network restart Linux Ping ( ) Host2 ifconfig eth0 Host1 31 32

Linux Ping ( ) #vim /etc/sysconfig/network-scripts/ifcfg-eth0scripts/ifcfg eth0 IPv6 Linux Ping ( ) network ifconfig eth0 Host2 IPv6 33 34 Linux Ping ( ) Host1 Host2 Ping Host1: #ping6 2222::2 Chapter 02 DNS SERVER (BIND) Host2: #ping6 2222::1 35 36

Bind Bind Bind Bind IPv6 Bind Bind DNS Server IPv6 CentOS DNS Server IPv6 37 38 IPv6 DNS Server: CentOS 5.x IPv6 Host: Windows XP Switch D-Link DES-1005D Bind yum Bind #yum install bind system-config-bind bindchroot 39 40

Bind /var/named/chroot/ bind-chroot bind /var/named/chroot system-config-bind bind /usr/share/system-config-bind/profiles/default 1. named.conf /usr/share/system-config-bind/profiles/default named.conf /var/named/chroot/etc # cd /usr/share/system-conf-bind/profiles/default # cp named.conf /var/named/chroot/etc/ / t / Bind 2. /usr/share/system-config-bind/profiles/default/named (zone) # cd /usr/share/system-config-bind/profiles/default/named stem r files/defa lt/named # cp *.* /var/named/chroot/var/named/ 41 42 Bind 3. named.root /usr/share/doc/bind-9.3.4/sample/var/named named.root /var/named/chroot/var/named/ # cd /usr/share/doc/bind-9.3.4/sample/var/named ar/named # cp named.root /var/named/chroot/var/named/ bind /etc/init.d/named start Bind named.conf options { listen-on-v6{any;}; }; zone "demo2.v6class.tw." IN { type master; file "demo2.v6class.tw.txt"; allow-update { none; }; }; bind /etc/init.d/named restart 43 44

v6class.tw.txt txt $TTL 86400 @ IN SOA v6class.tw. root.localhost. ( 2011030804 ; Serial 28800 ; Refresh 14400 ; Retry 720000 ; Expire 86400 ) ; Minimum @ IN NS ns1.v6class.tw. @ IN NS ns2.v6class.tw. ns1 IN A 163.28.6.33 ns2 IN A 163.28.6.33 ns1 IN AAAA 2001:288:1:1002::15 ns2 IN AAAA 2001:288:1:1002::15 demo IN NS ns1.demo.v6class.tw. demo IN NS ns2.demo.v6class.tw. ns1.demo IN A 211.72.210.2 ns2.demo IN A 211.72.210.2 ns1.demo IN AAAA 2001:f10:7001:6:20c:29ff:fe74:df51 ns2.demo IN AAAA 2001:f10:7001:6:20c:29ff:fe74:df51 45 AAAA demo.v6class.tw.txt $TTL 86400 @ IN SOA demo.v6class.tw. root.localhost. ( 2011030804 ; Serial 28800 ; Refresh 14400 ; Retry 720000 ; Expire 86400 ) ; Minimum @ IN NS ns1.demo.v6class.tw. @ IN NS ns2.demo.v6class.tw. ns1 IN A 211.72.210.2 ns2 IN A 211.72.210.2 ns1 IN AAAA 2001:f10:7001:6:20c:29ff:fe74:df51 ns2 IN AAAA 2001:f10:7001:6:20c:29ff:fe74:df51 www IN A 211.72.210.116 www IN AAAA 2001:288:4:2::116 46 Bind IPv6 Bind IPv6 netstat Bind IPv4 IPv6 53 port #netstat -antlp grep : 53 IPv4 IPv6 DNS 47 48

Chapter 04 WEB SERVER (APACHE) 49 50 Apache Apache Server Apache Server IPv6 Web Server Apache Apache Unix-like OS Web Server Apache2 IPv6/IPv4 Dual Stack CentOS5.x Apache p 2.2.3-22 IPv6 Web Server 51 52

IPv6 Web Server: CentOS 5.x IPv6 Host: Windows XP Switch D-Link DES-1005D Browser: Internet Explorer 8.0 Apache Server yum Apache #yum install httpd 53 54 Apache Server Apache Server /etc/httpd/conf/httpd.confconf Apache IPv4/IPv6 55 56

IPv6 Web Server Server: fe80::a00:27ff:fe84:a767 Host: fe80::21b:fcff:fec0:8e97 Host ipconfig %11 IPv6 Web Server IPv6 Server 57 58 Virtual Host NameVirtualHost *:80 <VirtualHost *:80> ServerAdmin dar@twnic.net.tw DocumentRoot "/var/www/html/demov6" ServerName www.ipv6day.tw ServerAlias v4.ipv6day.tw ServerAlias ds.ipv6day.tw ServerAlias demv6.ipv6po.tw ServerAlias 2001:f10:7001:6:20c:29ff:fe74:df51 ErrorLog "logs/demov6.ipv6po.tw-error_log" 6i 6 l " CustomLog "logs/demov6.ipv6po.tw-access_log" common </VirtualHost> <VirtualHost *:80> ServerAdmin dar@twnic.net.tw DocumentRoot "/var/www/html/ds" ServerName ds.demo.v6class.tw ServerAlias v4.demo.v6class.tw ServerAlias v6.demo.v6class.tw ErrorLog "logs/ds.demo.v6class.tw-error _ log" CustomLog "logs/ds.demo.v6class.tw-access_log" common </VirtualHost> 59 IPv6 IPv6 60

IPv6 IPv6 61 62 Chapter 07 FIREWALL(IP6TABLES) iptables ip6tables iptables/ip6tables ipv6 web 63 64

iptables ip6tables ip6tables Kernel 2.4 iptables Linux NAT(Network Address Translation) IP IPv6 ip6tables ip6tables iptables ip6tables IPv6 Address/Prefix iptables iptables ip6tables IPv6 Server with Firewall : CentOS 5.x IPv6 Host: Windows XP Switch D-Link DES-1005D 65 66 iptables/ip6tables #ip6tables -L ACCEPT iptables/ip6tables v6 v4 #ip6tables -F #ip6tables X #ip6tables Z #iptables F #iptables X #iptables -Z 67 68

iptables/ip6tables v6 #ip6tables -L ipv6 web IPv4 IPv6 IPv6 IPv4 IPv6 v4 #iptables -L 69 70 ipv6 web ip6tables #ip6tables -A INPUT -i eth0 -p tcp --dport 80 -j DROP -A INPUT chain -i -p --dport port -j ipv6 web IE IPv4 IPv6 IPv4 71 72

ipv6 web IPv6!! ~ 73 74