Skip to content

Posts tagged ‘ipv6’

2
Jun

DNS, Server Replacements, and IPv6

Last week I encountered a briefly puzzling situation that’s worth noting as a tip when replacing a server on the network and needing to keep the same hostname. We’re a Microsoft shop, so this speaks to Microsoft DNS and VMs running Windows Server (2008 R2 and 2012 R2), but DNS being what it is, this is likely to apply to BIND, Linux, and the rest.

In this case, we were following a very simple server replacement process with these short steps, much as one would back in the 1990’s.

  1. Rename the old server (i.e. svrsyslog –> svrsyslogold)
  2. Build the new server with the original name (svrsyslog)
  3. Set the new static IP

The relevant difference between the 90’s and now, though, is IPv6 (among many other things). Thus, in DNS, we have two records resembling those of a standard syslog server below.

dns-ipv6-1

 

What¬†doesn’t stand out in those records, however, is the IPv4 portion of the IPv6-encapsulating address. So when we changed the server name to “…old”, everything looks fine, because the “Host (A)” record updates to the new name and a corresponding “IPv6 Host (AAAA)” record follows right below.

The key here is that the IPv6 record below the updated “svrsyslog” IPv4 record may not match. In our case, the old IPv6 record never updated; only the IPv4 did. This creates problems when connecting to the new server in a dual-stacked IPv4/IPv6 environment. IPv6-aware systems attempt to resolve the new “svrsyslog” with DNS and get the old IPv6 address (because the rebuilt server didn’t update the v6 record). IPv4 points one place, while IPv6 points to another.

The solution is as simple as it is in IPv4; obscurity and unfamiliarity with IPv6 is all that makes it elusive. Open the IPv6 record of the new/original server name (in this example, SVRSYSLOG) and edit the decimal portion of the IP address. Microsoft is kind enough to translate it from hex for us is the dialog box. Make that last chunk match, and you’re good to go.

dns-ipv6-2

 

——————————————————

By Chris Gurley, MCSE, CCNA
Last updated: June 3, 2014

11
Apr

IPv6: RFC 6177 obsoletes RFC 3177

In what we believe to be a VERY wise revision, the IETF (Internet Engineering Task Force) has issued RFC 6177 to change the recommendation of indiscriminate issuing of /48 IPv6 address blocks to sites and organizations. Under RFC 3177, end sites were to be given /48 blocks, regardless of size. Thus, if an organization had multiple sites–whether a collection of small doctor’s offices or a multinational conglomerate–each of those sites would be assigned a /48.

Granted, IPv6 provides an unprecedented number of addresses and blocks, but discussions leading up to RFC 6177 argued that such a practice could be tantamount to declaring that 640K of memory is all anyone would ever need. It also was reminiscent of the early days of IPv4 when it wasn’t uncommon to give out /16’s, /12’s or even /8’s to organizations. And we all know how that ended up…

With the publication of RFC 6177 in March 2011, IETF’s recommendation has changed to assignments between /48 and /64, depending on the request. The provision and original intent of RFC 3177 to minimize hurdles in getting sufficient blocks for years ahead has still been preserved, so that end sites can maintain existing subnetting and transition to IPv6 without inordinate difficulties. The allowance, though, to assign a /56 or smaller block where appropriate will help keep IPv6’s options open as use cases and its evolution develops.

Kudos to IETF for learning from history!

Sources:

3
Mar

IPv6: Cisco IOS

Addressing. Routing. DHCP. EIGRP. HSRP. Mobility. After consuming Cisco’s 706-page IOS IPv6 Configuration Guide, these are just a few of the areas we’re processing as the deployment plan starts coming together. If you’re running something other than Cisco, some of the commands below, and of course EIGRP, may not directly apply, but perhaps you can abstract the concepts and use them in your own network.

Here’s a rundown of the IOS commands we’ll be utilizing as we begin to implement:

  • ipv6 address: (Interface) Apply to VLAN interfaces, routing interfaces, etc (i.e. vlan20, g1/10, g2/0/23)
  • ipv6 general-prefix: (Global) Specifies the prefix of your IPv6 address space (i.e. 2001:d8:91B5::/48)
  • ipv6 unicast-routing: (Global) Enables IPv6 routing on the switch/router
  • ip name-server: (Global) Not specific to IPv4 or v6, but necessary to add IPv6 name server addresses
  • ipv6 dhcp relay destination: (Interface) Configure on all interfaces that need DHCP relaying
  • ipv6 eigrp: (Interface) Unlike IPv4, EIGRP is interface-specific (no “network” statements); apply to routing interfaces
  • ipv6 router eigrp: (Global) Creates the EIGRP router process on the switch
  • ipv6 hello-interval eigrp: (Interface) Configured on interfaces using EIGRP to set the frequency of hello packets to adjacent routers
  • ipv6 hold-time eigrp: (Interface) Configured on interfaces using EIGRP to tell neighbors how long the sender is valid

Coming next: a consolidated IPv6 deployment plan, derived from NIST Guidelines for the Secure Deployment of IPv6

——————————————————

By Chris Gurley, MCSE, CCNA
Last updated: March 3, 2011

22
Feb

IPv6: An Intro

IPv6, for those unfamiliar, is the Internet Protocol version 6, the next evolution of network addressing and the internet. Just like Bill Gates’ famous statement about 640KB being all that we’d ever need in computing, so the designers of IPv4 (Internet Protocol version 4) thought of the 4.3 billion addresses in the 32 bits of IPv4. Surely that’s enough! Nearly one per every person on earth?!? But how many of us have a smart phone (iPhone, Android, BlackBerry, etc), a home computer, an Xbox or PS3…not to mention any internet-connected devices at your place of employment?

Those 4.3B quickly disappear, especially when a lot of blocks were eliminated from distribution from day 1 (10.x.x.x, 172.16.x.x-172.31.x.x, 192.168.x.x, and all the multicast and experimental chunks). Add to that the Class A’s (16 million address blocks) wastefully given to large corporations, and you can see where the addresses went. Two weeks ago, the last Class A and thus, the last allotment from the centralized addressing authority, IANA, was dispensed. In technical terms, IPv4 is officially spent. Sure, ISPs still have supplies, but those are now a non-replenishable¬† resource.

Enter IPv6. 128 bits of addressing glory. The IETF (Internet Engineering Task Force) decided that once was enough with regards to running out of space (at least until we expand to other worlds). How many addresses is that, you ask? Read moreRead more

14
Feb

Coming Attractions: Service Manager & IPv6

On this fine evening, we wanted to share with you a little preview of coming attractions, which will hopefully appear in future posts. Two of our projects revolve around Microsoft System Center Service Manager and IPv6 (separate endeavors). Both of these hold good promise for our organization and where we go with each may help you as well.

Through the years, we’ve used a couple different help desk and change management tools–Track-It! and Alloy Navigator–and in each, we’ve run into issues and shortcomings. Track-It! was fine as a ticketing system, but provided very little correlation (if any), no audit trail, and sparse asset management. Alloy is a step in the right direction with a pretty comprehensive set of features, ranging from Purchase Orders to Incident and Change Management to Asset tracking, but the application and system itself are fraught with bugs, counter-intuitive processes, etc. In other words, lots of ongoing work which is worthy of many tickets itself.

So we’re venturing into Microsoft’s Service Manager territory and are very interested in the integration with the rest of the System Center suite (Configuration Manager and Operations Manager), as well as Active Directory. We’re also checking out Provance IT Asset Management, a management pack for SM, which enhances the product and provides an otherwise absent financial piece. Looking good so far!

On the networking side, we’ve been in the R&D phase with IPv6 (Internet Protocol version 6) for a few months now since receiving our own /48 block of addresses from ARIN. The documentation online is a bit sparse and mostly targeted to either consumers (Teredo) or ISPs, but we’re finding some nuggets in the digging.¬† Some good resources thus far are:

IPv6 is quite the undertaking, but as we work to roll it out in our organization, we’ll be sharing info to help in yours.