Lesson 1: Configuring IPv4 CHAPTER 6 323 14. In the elevated command prompt, enter ipconfig. Your screen should look similar to Figure 6-17. FIGURE 6-17 Static configuration of the Aberdeen computer 15. Enter ping 10.0.0.11. Your screen should look similar to Figure 6-18. FIGURE 6-18 Pinging the Canberra computer from the Aberdeen computer 16. On the Canberra computer, enter ping 10.0.0.21. Check that you have two-way connectivity. 17. Restore dynamic IPv4 configuration on both the Canberra and Aberdeen computers. exercise 2 Configuring ICS on the Canberra Computer In this exercise, you install ICS on the Canberra computer. This enables Internet access on Aberdeen and ensures that Canberra can supply DNS and DHCP services on the network. The exercise requires that Canberra can access the Internet wirelessly and is therefore optional. If you also have a wireless adapter on the Aberdeen computer, ensure that this is disabled. Ensure that both Aberdeen and Canberra are configured to obtain IPv4 settings automatically. 1. If necessary, log on to the Canberra computer using the Kim_Akers account. 2. Open Network And Sharing Center. Click Change Adapter Settings. 3 2 4 CHAPTER 6 Network Settings 3. Right-click the wireless adapter Wireless Network Connection and choose Properties. 4. Click the Sharing tab. 5. Select the Allow Other Network Users To Connect Through This Computer’s Internet Connection check box, as shown in Figure 6-19. Click OK. FIGURE 6-19 Allowing other computers to use the Canberra Internet connection 6. If necessary, log on to the Aberdeen computer using the Kim_Akers account. 7. Open Network And Sharing Center. Click Internet Options. 8. Click the Connections tab and ensure that Never Dial A Connection is selected. 9. Click LAN Settings. 10. In the Local Area Network (LAN) Settings dialog box, under Automatic Configuration, clear the Automatically Detect Settings and Use Automatic Configuration Script check boxes. 11. Under Proxy Server, clear the Use A Proxy Server For Your LAN check box. The LAN Settings dialog box should look similar to Figure 6-20. Click OK. 12. Click OK to close the Internet Properties dialog box. 13. Open Windows Internet Explorer. You should have Internet connectivity. If not, run Windows Network Diagnostics. 14. Open an elevated command prompt (if necessary). Enter ping canberra. You now have a DNS service and can resolve computer names to IPv4 addresses. Lesson 1: Configuring IPv4 CHAPTER 6 325 FIGURE 6-20 The LAN Settings dialog box on an ICS client computer Lesson Summary n IPv4 is responsible for ensuring that a packet sent across an IPv4 network reaches its destination. DHCP automatically configures computers on a network with their IPv4 configurations. DNS resolves a host name or FQDN to an IP address. n An IPv4 address identifies a computer (or other network device) on a subnet. A subnet mask defines the range of IP addresses on a subnet. n A wired small network that contains more than one computer typically implements Transmission Control Protocol/Internet Protocol (TCP/IP) configuration through ICS. Computers and other devices on a wireless or hybrid small network obtain their configurations from the WAP. n You use the Network And Sharing Center to view computers and devices on a network, connect to a network, set up a connection or network, and manage network connections. You can also use the Netsh interface ipv4 command to manage IPv4 networks. n You can access the Windows Network Diagnostics tool from the Network And Sharing Center to troubleshoot a faulty network connection. If you fail to connect to a Web site, you can access the same tool by clicking Diagnose Connection Problems. n You can use the Ping, Tracert, and Pathping commands to troubleshoot network connectivity. The Netstat command returns network protocol statistics. 3 2 6 CHAPTER 6 Network Settings Lesson Review You can use the following questions to test your knowledge of the information in Lesson 1, “Configuring IPv4.” The questions are also available on the companion DVD if you prefer to review them in electronic form. note ANSWERS Answers to these questions and explanations of why each answer choice is correct or incorrect are located in the “Answers” section at the end of the book. 1. Which command-line command displays the IP configuration of a computer’s interfaces? a. Ping B. Tracert c. Ipconfig D. Netstat 2. Which of the following methods can you use to display the properties of a LAN connection? (Choose all that apply.) a. In the Network And Sharing Center, click Internet Options. On the Connections tab of the Internet Properties dialog box, click LAN Settings. B. In the Network And Sharing Center, click Change Adapter Settings. Right-click the LAN connection and choose Status. In the Local Area Connection Status dialog box, click Properties. c. In the Network And Sharing Center, click Change Adapter Settings. Right-click the LAN connection and choose Properties. D. In the Network And Sharing Center, click Change Adapter Settings. Double-click the LAN connection. In the Local Area Connection Status dialog box, click Properties. 3. You are configuring static IPv4 addresses for two computers, Perth and Brisbane, on an isolated private wired subnet. You configure Perth with the IPv4 address 172.16.10. 140 and the subnet mask 255.255.255.0. You configure Brisbane with the IPv4 address 172.16.10. 210 and the subnet mask 255.255.255.0. You enter ping 172.16.10.140 on Brisbane, but the command times out. Similarly, entering ping 172.16.0.210 on Perth fails to locate the Brisbane computer’s IPv4 address. What is the likely reason for this lack of connectivity? a. DNS service is not available on the subnet. B. The computers should have different subnet masks. c. You have not specified a default gateway. D. You need to permit ICMPv4 traffic through the firewalls of both computers. Lesson 1: Configuring IPv4 CHAPTER 6 327 4. You have created the statically configured wired subnet 10.0.10.128/25. Currently the only device on the subnet is a router with the IPv4 address 10.0.10.129. You plug a computer into an Ethernet port on the subnet. What command configures the computer correctly on the subnet? a. netsh interface ipv4 set address "local area connection" static 10.0.10.162 255.255.255.0 10.0.10.129 B. netsh interface ipv4 set address "local area connection" static 10.0.0.162 255.255.255.128 10.0.10.129 c. netsh interface ipv4 set address name="local area connection" dhcp D. netsh interface ipv4 set address name="local area connection" static 10.0.10.16 255.255.255.128 10.0.10.129 5. You want to examine the contents of both the IPv4 and the IPv6 route table. What command do you use? (Choose all that apply.) a. netsh interface ipv4 show route B. tracert –d c. route print D. netstat –r e. netstat –a 3 2 8 CHAPTER 6 Network Settings Lesson 2: Configuring IPv6 As a network professional, you have likely worked with IPv4. You might be less familiar with the IPv6 infrastructure and the types of IPv6 address. As IPv6 usage increases, you need to be aware of IPv4-to-IPv6 transition strategy and IPv4 and IPv6 interoperability, particularly the use of Teredo addresses. This lesson looks at how you configure name resolution for unicast and multicast addresses and how you configure a network connection and connect network locations. It discusses how you resolve connectivity issues. After this lesson, you will be able to: n Identify the various types of IPv6 addresses and explain their use. n Describe the advantages of IPv6 and how these are achieved. n Identify IPv6 addresses that can be routed on the IPv4 Internet. n Implement IPv4 and IPv6 interoperability. n Troubleshoot IPv6 connectivity. Estimated lesson time: 55 minutes Analyzing the IPv6 Address Structure IPv4 and IPv6 addresses can be readily distinguished. An IPv4 address uses 32 bits, resulting in an address space of just over 4 billion. An IPv6 address uses 128 bits, resulting in an address space of 2 128 , or 340,282,366,920,938,463,463,374,607,431,768,211,456—a number too large to comprehend. This represents 6.5*2 23 or 54,525,952 addresses for every square meter of the earth’s surface. In practice, the IPv6 address space allows for multiple levels of subnetting and address allocation between the Internet backbone and individual subnets within an organization. The vastly increased address space available allows us to allocate not one but several unique IPv6 addresses to a network entity, with each address being used for a different purpose. IPv6 provides addresses that are equivalent to IPv4 address types and others that are unique to IPv6. A node can have several IPv6 addresses, each of which has its own unique purpose. This section describes the IPv6 address syntax and the various classes of IPv6 address. IPv6 Address Syntax The IPv6 128-bit address is divided at 16-bit boundaries, and each 16-bit block is converted to a 4-digit hexadecimal number. Colons are used as separators. This representation is called colon-hexadecimal. Global unicast IPv6 addresses are equivalent to IPv4 public unicast addresses. To illustrate IPv6 address syntax, consider the following IPv6 global unicast address: 21cd:0053:0000:0000:03ad:003f:af37:8d62 Lesson 2: Configuring IPv6 CHAPTER 6 329 IPv6 representation can be simplified by removing the leading zeros within each 16-bit block. However, each block must have at least a single digit. With leading-zero suppression, the address representation becomes: 21cd:53:0:0:3ad:3f:af37:8d62 A contiguous sequence of 16-bit blocks set to 0 in the colon-hexadecimal format can be compressed to ::. Thus, the previous example address could be written: 21cd:53::3ad:3f:af37:8d62 note IPv6 ABBREVIATION You cannot use :: twice in the same address. Some types of addresses contain long sequences of zeros and thus provide good examples of when to use this notation. For example, the multicast address ff05:0:0:0:0:0:0:2 can be compressed to ff05::2. IPv6 Address Prefixes The prefix is the part of the address that indicates either the bits that have fixed values or the network identifier bits. IPv6 prefixes are expressed in the same way as CIDR IPv4 notation, or slash notation. For example, 21cd:53::/64 is the subnet on which the address 21cd:53::23ad:3f:af37:8d62 is located. In this case, the first 64 bits of the address are the network prefix. An IPv6 subnet prefix (or subnet ID) is assigned to a single link. Multiple subnet IDs can be assigned to the same link. This technique is called multinetting. note IPv6 DOES NOT USE DOTTED DECIMAL NOTATION IN SUBNET MASKS Only prefix length notation is supported in IPv6. IPv4 dotted decimal subnet mask representation (such as 255.255.255.0) has no direct equivalent. IPv6 Address Types The three types of IPv6 address are as follows: n Unicast Identifies a single interface within the scope of the unicast address type. Packets addressed to a unicast address are delivered to a single interface. RFC 2373 allows multiple interfaces to use the same address, provided that these interfaces appear as a single interface to the IPv6 implementation on the host. This accommodates load-balancing systems. n Multicast Identifies multiple interfaces. Packets addressed to a multicast address are delivered to all interfaces that are identified by the address. n Anycast Identifies multiple interfaces. Packets addressed to an anycast address are delivered to the nearest interface identified by the address. The nearest interface is the closest in terms of routing distance, or number of hops. An anycast address is used for one-to-many communication, with delivery to a single interface. 3 3 0 CHAPTER 6 Network Settings More Info IPv6 ADDRESSING ARCHITECTURE For more information about IPv6 address structure and architecture, see RFC 2373 at http://www.ietf.org/rfc/rfc2373.txt. note INTERFACES AND NODES IPv6 addresses identify interfaces rather than nodes. A node is identified by any unicast address that is assigned to one of its interfaces. IPv6 Unicast Addresses IPv6 supports the following types of unicast address: n Global n Link-local n Site-local n Special Global Unicast Addresses Global unicast addresses are the IPv6 equivalent of IPv4 public addresses and are globally routable and reachable on the IPv6 Internet. These addresses can be aggregated to produce an efficient routing infrastructure and are therefore sometimes known as aggregatable global unicast addresses. A global unicast address is unique across the entire IPv6 Internet. (The region over which an IP address is unique is called the scope of the address.) The Format Prefix (FP) of a global unicast address is held in the three most significant bits, which are always 001. In other words, in theory, they start with 2 or 3—but in practice, they always start with 2. The internal structure of the address is beyond the scope of the 70-680 examination and this book, but you should know that the section of the address that defines the host (the final 64 bits) is either derived from the 48-bit hardware media access control (MAC) address of the network adapter card or is assigned directly to that network adapter card. Put simply, the interface identity is provided by the network adapter hardware. More Info GLOBAL UNICAST ADDRESS STRUCTURE For more information about global unicast address structure, see RFC 2374 at http://www.ietf.org/rfc/rfc2374.txt. Link-Local Addresses Link-local IPv6 addresses are equivalent to IPv4 addresses allocated through APIPA. You can identify a link-local address by an FP of 1111 1110 10, which is followed by 54 zeros (link-local addresses always begin with fe8). Nodes use link-local addresses when communicating with neighboring nodes on the same link. The scope of a link-local address is the local link. A link- local address is always automatically configured, even if no other unicast address is allocated. Lesson 2: Configuring IPv6 CHAPTER 6 331 Site-Local Addresses Site-local IPv6 addresses are equivalent to the IPv4 private addresses. Private intranets that do not have a direct, routed connection to the IPv6 Internet can use site-local addresses without conflicting with global unicast addresses. The scope of a site-local address is the site (or organization internetwork). Site-local addresses begin with fec0. Site-local addresses can be allocated by using stateful address configuration, such as from a DHCPv6 scope. A host uses stateful address configuration when it receives router advertisement messages that do not include address prefixes. A host will also use a stateful address configuration protocol when no routers are present on the local link. Site-local addresses can also be configured through stateless address configuration. This is based on router advertisement messages that include stateless address prefixes and require that hosts do not use a stateful address configuration protocol. Alternatively, address configuration can use a combination of stateless and stateful configuration. This occurs when router advertisement message include stateless address prefixes but require that hosts use a stateful address configuration protocol. Figure 6-21 shows a global unicast and a link-local address associated with a Teredo tunnel. You can work out for yourself which is which. Teredo is discussed later in this lesson. FIGURE 6-21 A global unicast and a link-local address Link-Local and Site-Local Addresses Y ou can implement IPv6 connectivity between hosts on an isolated subnet by using link-local addresses. However, you cannot assign link-local addresses to router interfaces (default gateways) and you cannot route from one subnet to another if only link-local addresses are used. DNS servers cannot use only link- local addresses. If you use link-local addresses, you need to specify their interface IDs—that is the number after the % symbol at the end of the address. Link-local addresses are not dynamically registered in Windows DDNS. 3 3 2 CHAPTER 6 Network Settings For these reasons, site-local addresses are typically used on the subnets of a private network to implement IPv6 connectivity over the network. If every device on the network has its own global address (a stated aim of IPv6 implementation), you can also use global addresses to route between internal subnets, to peripheral zones, and to the Internet. Special Addresses Two special IPv6 addresses exist—the unspecified address and the loopback address. The unspecified address 0:0:0:0:0:0:0:0 (or ::) is used to indicate the absence of an address and is equivalent to the IPv4 unspecified address 0.0.0.0. It is typically used as a source address for packets attempting to verify whether a tentative address is unique. It is never assigned to an interface or used as a destination address. The loopback address 0:0:0:0:0:0:0:1 (or ::1) is used to identify a loopback interface and is equivalent to the IPv4 loopback address 127.0.0.1. IPv6 Multicast Addresses IPv6 multicast addresses enable an IPv6 packet to be sent to a number of hosts, all of which have the same multicast address. They have an FP of 11111111 (they always start with ff). Quick Check n What type of address is fec0:0:0:eadf::1ff? Quick Check Answer n Unicast site-local IPv6 Anycast Addresses An anycast address is assigned to multiple interfaces. Packets sent to an anycast address are forwarded by the routing infrastructure to the nearest of these interfaces. The routing infrastructure must be aware of the interfaces that are assigned anycast addresses and their distance in terms of routing metrics. Currently, anycast addresses are used only as destination addresses and are assigned only to routers. eXaM tIP A global unicast address is the IPv6 equivalent of an IPv4 public unicast address, and it typically starts with a 2. A link-local IPv6 address is equivalent to an IPv4 APIPA address and it starts with fe8. A site-local IPv6 address is equivalent to an IPv4 private address and it starts with fec0. The special IPv6 addresses :: and ::1 are equivalent to the IPv4 addresses 0.0.0.0 and 127.0.0.1. Multicast IPv6 addresses start with ff. Anycast addresses are assigned only to routers and are beyond the scope of the 70-680 examination. . look similar to Figure 6- 17. FIGURE 6- 17 Static configuration of the Aberdeen computer 15. Enter ping 10.0.0.11. Your screen should look similar to Figure 6-1 8. FIGURE 6-1 8 Pinging the Canberra. IPv6 128-bit address is divided at 16-bit boundaries, and each 16-bit block is converted to a 4-digit hexadecimal number. Colons are used as separators. This representation is called colon-hexadecimal. Global. see RFC 2 374 at http://www.ietf.org/rfc/rfc2 374 .txt. Link-Local Addresses Link-local IPv6 addresses are equivalent to IPv4 addresses allocated through APIPA. You can identify a link-local address