ipv6 shared soho connect
DESCRIPTION
改編 いまからはじめるIPv6 IPv6ネットワーク構築基礎 家庭・SOHO環境を対象としたIPv6ネットワーク構築法の解説 •主なトピック – IPv6インターネットへの対外接続の確保 – IPv6アドレス割り当てとデフォルトルータの配布方式 – LAN内部での端末設定のアドレス設定 – デュアルスタックネットワーク – 家庭・SOHO環境でのセキュリティTRANSCRIPT
- 1. 2014NTT Information Sharing HOSTERS IPv6 IPv6 NTT
2. 2 SOHO IPv6 IPv6 IPv6 LAN SOHO 3. HGW IPv6 3 IPv6 IPv6 IPv6 IPv6 IPv6 4. IPv6 IPv6 IPv6 IPv6 2 IPv6 IPv6 1 2 hop limit -1 FW IP GW IPv6 LAN IF IPv6 L2 GW MA C 2 4 5. SOHO IPv6 IPv6 IPv6 LAN SOHO RT58i DHCPv6 SOHO IPv6 HGW 5 6. IPv6 6 7. IPv6 ISP IPv4 2010 11 15 13 64 http://www.kokatsu.jp/blog/ipv4/data/ipv6service-list.html 7 8. IPv6 IPv4 ISP IPv4 OCN OCN IPv6 IIJ IPv6 Yahoo!BB IPv6 HGW, IPv4 IPv6 HGW IPv6 over IPv4 HGW IPv6 IPv6 IPv6 IPv4 IPv6 8 IPv 6 IPv4 9. IPv6 Windows 7 IPv4 Internet L2TP over UDP IPv6 Internet HGW OCN IPv4 /64 /64 Windows XP, Vista, 7 DHCPv6-PD RA PPP+IPV6CP IPv6 OCN IPv6 UDPv4 NAT 9 10. IIJ IPv4 /64 IIJ IPv6 IPv6 IPv4 Internet PPTP RA DNS DHCPv6 PPP+IPV6CP IPv6 IPv6 Internet HGW NAT PPTP Windows 7 10 11. Yahoo!BB 6rd IPv6 over IPv4 6to4 ISP HGW HGW IPv4 HGW Yahoo!BB IPv6 IPv6 IPv4 Internet IPv6 over IPv4 RA IPv6 Internet HGW IPv4 IPv6 IPv4 Windows 7 11 12. 6to4 6to4 6to4 IIPPvv44 IPv6 2002:c000:0201::XXXX IPv6192.0.2.1 192.0.2.1 IPv4 RFC3056 Win, Mac, UNIX, Windows Vista, 7 IPv4 IPv6 6to4 192.88.99.1 12 13. Tokyo6to4 JPIX 6to4 IPv6 http://www.tokyo6to4.net/ 13 14. 6to4 IPv4 IPv6 6to4 IPv6 IPv4: 192.168.0.0/24 IPv4 GLOBAL: 192.0.2.1 192.0.2.1 6to4 IPv4 IPv6 IPv6 RA 2002:c000:0201::/64 WZR- AMPG300NH AirMac Exterm, AirMac Express IPv6: 2002:c000:0201::XXXX/64 14 15. NAT Teredo 1 Teredo Teredo IPv4 IPv6 IPv6192.0.2.1 NA T HGW IPv6 123.0.1.2 15 6to4 IPv6 IPv4 NAT IPv4 Symmetric NAT Windows Vista, 7 IPv6 16. NAT Teredo 2 Teredo Teredo IPv4 IPv6 2001:0000:[ IPv4 ]:[ ]:[ ]:[ IPv4 ] 123.0.1.2 NAT 192.0.2.1 IPv6192.0.2.1 32 16 16 32 IPv6 ICMPv6 echo reply Teredo 123.0.1.2 ICMPv6 echo request 16 IPv6 17. 17 feel6 (DTCP) - http://start.feel6.jp/ /48 /48 Windows, Mac OS, Linux OS RT NAT 41 Hexago freenet6 (TSP) http://www.gogo6.com/ GPL NAT 18. NGN IPv6 IPv6IPv6 NGN IPv6 IPv6 ISP-B HGW IPv6 ISP-A IPv6 ISP-C HGW ISP-A ISP-B ISP-C ISP ISP SO ISP ISP-C Internet ISP IPv6 NGN ISP 18 19. NGN IPv6 IPv6 NGN IPv6 ISP HGW IPv6 IPv6 PPP IPv6 IPv6 ISP IPv6 NGN IPv6 NAT NAT66 ISP NGN IPv6 WAN I/F 19 20. IPv6 20 ISP SOHO IPv6 21. IPv6 (2) ISP RA, DHCPv6 IPv6 (1) IPv6 IPv6 21 IPv6 ::/0 [ ] IPv6LAN IPv6 2001:db8::/48 22. IPv6 delegation 2001:db8:a::/48 WAN I/F LAN 2001:db8:a::1 2001:db8:a::/64 IPv6 IPv6 128 IPv6 2001:db8:a::1234 IPv6 DHCPv 6 DHCPv6-PD Prefix Delegation I/F 64 IPv6 2001:db8:a::/64 R A MAC 64 IPv6 ( 64 ) 2001:db8:a::[mEUI64] 22 2001:db8:a::1234 23. LAN 23 HGW IPv6 LAN 24. SOHO LAN IPv6 OS Windows Vista, 7 IPv6 IPv6 DNS RA, DHCPv6 IPv6 IPv6 Network 24 DNS 25. IPv4 IPv6 IPv4 IPv4 DNS IPv4 Network DHCPv 4 IPv6 DNS IPv6 IPv6 Network 25 DHCPv 6 RA 26. DHCPv4 DHCPv6 IPv4 DNS NTP, SIP MAC IPv6 DNS NTP, SIP DUID DHCPv6 Router Advertisement RA DHCPv 4 26 DHCPv 6 27. DHCPv6 RA 27 Router Advertisement RA RA prefix information option RA DNS RA DHCPv6 RA : M/O flags Managed/Other M O OFF ON RA, DHCPv6 ON ON DHCPv6 28. stateless-DHCPv6 RFC3736 DNS, SIP, NTP INFORMATION- REQUEST REPLAY DNS, SIP, NTP, 28 29. IPv4 IPv6 IPv4 GW RA RA DNS Option DHCPv6 GW Option IPv4 DNS IPv4 Network DHCPv 4 IPv6 DNS IPv6 IPv6 Network DHCPv 6 RA IPv6 RA DHCPv6 GW RA DNS DHCPv6 DNS DHCPv6 IPv4 DHCPv4 29 30. 30 IPv6 IPv4 31. 31 IPv4 IPv6 IPv4 IPv6 IPv4 IPv6 IPv4 IPv6 IPv4 IPv6 IPv4 IPv6 IPv6 OS IPv4 IPv6 Windows, Mac, Linux, UNIX 32. IPv4 IPv6 IPv4 DNS IPv6 DNS IPv4/IPv6 IPv4 Network IPv6 Network DHCPv 4 DHCPv 6 RA IPv6 IPv6 DNS IPv4 IPv4 Network IPv6 Network DHCPv 6 RA IPv4 IPv6 IPv6 DHCPv 4 IPv4 IPv4 DNS 1 IPv4/IPv6 2 IPv4/IPv6 IPv4/IPv6 32 33. IPv4 IPv6 IPv6 IPv4 RFC3484 IPv6 IPv4 IPv6 IPv4 IPv4 Network IPv6 Network 33 34. SOHO 34 35. IPv4 NAT IPv6 (*) Stateful Packet Inspection IPv4 NAT IPv6 IPv6 Internet IPv4 IPv6 SPI(*) IPv4 Internet 123.123.123.123 192.168.0.0/24 2001:db8::1234 IPv4 NAT RFC4864 Local Network Protection for IPv6 35 36. 36 IPv4 IPv6 IPv4/IPv6 IPv4 IPv6 IPv6 ICMP ICMPv6 Type2 PMTUD 6to4, Teredo Windows Vista/7 IPv6 [ ] LAN IPv4 41 IPv6 over IPv4 , 6to4 37. Windows Vista, 7 RA o ON IPv6 IPv4, IPv6 DHCPv6 DNS IPv6/IPv4 IPv6 Google www.google.com IPv4 stateless DHCPv6 IPv6 DNS RA DHCPv6 IPv6 DNS 37 38. Windows Azure Cloud Linux Deployment service 39. RT58i 39 40. RT58i 1 IPv6 over IPv4 192.0.2.1 192.0.2.254 2001:db8::/48 2001:db8::/64 RT58i IPv6 over IPv4 IPv6 192.0.2.254 IPv6 I/F tunnel 1 I/F lan1 RA 2001:db8::/64 192.0.2.1 # IPv6 ON ipv6 routing on 40 # tunnel select 1 encapsulation ipip endpoint address 192.0.2.1 192.0.2.254 tunnel enable 1 # ipv6 route default gateway tunnel 1 # LAN ipv6 ipv6 ipv6 lan1 address 2001:db8::1/64 prefix 1 2001:db8::/64 lan1 rtadv send 1 o_flag=on ::1 41. RT58i 2 RT58i I/F tunnel 1 I/F lan1 WAN IPv4 IPv6 over IPv4 WAN I/F IPv4 IPv6 192.0.2.254 # IPv6 ON ipv6 routing on IPv6 41 2010 NTT Information Sharing Platform # # LAN tunnel select 1 encapsulation ipip endpoint address 192.168.0.1 192.0.2.254 tunnel enable 1 # ipv6 route default gateway tunnel 1 # LAN ipv6 ipv6 ipv6 lan1 address 2001:db8::1/64 prefix 1 2001:db8::/64 lan1 rtadv send 1 o_flag=on # NAT nat descriptor type 1 masquerade nat descriptor masquerade static 1 1 192.168.0.1 ipv6 * pp select 1 ip pp nat descriptor 1 IPv4: 192.168.0.1 IPv6: 2001:db8::1 42. RT58i 3 RT58i I/F tunnel 1 I/F lan1 DTCP IPv6 DTCP 192.0.2.254 # IPv6 ON ipv6 routing on # DTCP feel6 tunnel select 1 tunnel dtcp dtcp.feel6.jp myname USERID PASSWORD tunnel enable 1 # ipv6 route default gateway tunnel 1 # LAN ipv6 ipv6 ipv6 lan1 address dtcp-prefix@tunnel1::1/64 prefix 1 dtcp-prefix@tunnel1::/64 lan1 rtadv send 1 o_flag=on # ipv6 filter 1 reject dtcp-prefix@tunnel1::/64 * ipv6 filter 2 pass RA: DTCP IPv6 * dtcp-prefix@tunnel1::1 * tcp * www 42 2010 NTT Information Sharing Platform 43. RT58i 4 RT58i RA-proxy IPv6 IPv6 IPv6 fe80::1234 native Ethernet I/F lan2 I/F lan1 # IPv6 ON ipv6 routing on # ipv6 route default gateway tunnel 1 # LAN ipv6 ipv6 ipv6 lan1 address ra-prefix@lan2::1/64 prefix 1 ra-prefix@lan2::/64 lan1 rtadv send 1 # RA-Proxy # IPv6 # filter 1 reject ra-prefix@lan2::/64 * filter 2 pass * ra-prefix@lan2::1 * tcp * www ipv6 ipv6 RA: RA RA: 2001:db8::/64 43 2010 NTT Information Sharing Platform 44. DHCPv6 44 2010 NTT Information Sharing Platform 45. DHCPv6 IPv6 RA: RA Windows Vista, 7 DHCPv6 O ON Linux/BSD DHCPv6 I/F eth0 option domain-name-servers 2001:db8::53; option domain-name example.jp"; dhcp6s.confWIDE-DHCPv6 http://sourceforge.jp/projects/sfnet_wide-dhcpv6/ # dhcp6s -c dhcp6s.conf eth0 DHCPv6 Windows Vista C:> ipconfig /renew6 C:> ipconfig /all : DNS . : example.jp 45 2010 NTT Information Sharing Platform Laboratories DHCP ............. ........... IPv6 ........... : : : 2001:db8::XXXX( ) ...... : fe80::XXXX%1DHCPv6 IAID .......... DHCPv6 DUID . : 268869872 : 00-01-00-01-11-62-4C -59-00-1C-25-9F-8C-39 : 2001:db8::53DNS ........... DHCPv6 46. SOHO IPv6 46 2010 NTT Information Sharing Platform 47. SOHO IPv6 SOHO IPv6 NEC IPv6 IPsec, VRRP, QoS 6 UNIVERGE IX2005 IPsec, VRRP, IEEE802.1x 6 CentreCOM AR415S VPN IPv6 , SPI NetVolante RT58i DTCP, RA proxy NTT Win Vista Premium 6to4 IPv6 1 2 WZR-AMPG300NH AirMac Extreme, 6to4 IPv6 16,800 AirMac Express Extreme 9,800 TimeCapsule 29,800