Upload
hanhan
View
220
Download
0
Embed Size (px)
Citation preview
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 2
Contents• Lab topology
• IPv6 in Common OSs • Basic IPv6 Configuration • IPv6 useful commands
• Using IPv6 with Python
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 3
Lab Topology (autoconfiguration)
IPv6 Internet
R1
H
LAN
2001:760:2e0b:1720::/64 (RA)AP
H H
H
RPiRPi
192.168.1.0/24
192.168.1.x (fixed)
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 4
IPv6 in RPi / Ubuntu (1)
• RPi Checklist: - Network connectivity (ping) / ssh [email protected]
- Login: ubuntu / raspberry
- Turn off: sudo halt
• Ubuntu Linux (debian-like) - IPv6 support in Linux since kernel 2.4.x
- (Commonly) enabled by default
- Sometimes a module to load (lsmod)
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 5
IPv6 in RPi / Ubuntu (2)
• Useful commands: - ifconfig: to check IPv6 configuration of network interfaces - ping6 <hostname-with-IPv6>|<IPv6-add>|[-I <interface>]
<link-local-ipv6address> - traceroute6 -n < hostname-with-IPv6 >|< IPv6-add> - tracepath6 -n <hostname-with-IPv6 >|< IPv6-add> - tcpdump: capture packets on an interface
• Two sets of tools to configure/check IPv6: - iptools (recommended) - ifconfig + route
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 6
IPv6 in RPi / Ubuntu: Packages• Update packages information: sudo apt-get update
• Check the package that owns a command: apt-cache search <command-name>
• Install package: sudo apt-get install <package-name>
• Examples of: commands -> packages: - dig, nslookup, host -> dnsutils - traceroute -> traceroute - traceroute6 -> iputils-tracepath - tcpdump -> tcpdump
• Exercise: Install the right package containing tracepath6
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 7
IPv6 in RPi / Ubuntu (3)ifconfig
eth0 Link encap:Ethernet HWaddr 00:E0:81:05:46:57 inet addr:192.168.88.3 Bcast:192.168.88.255 Mask:255.255.255.0 inet6 addr: fe80::2e0:81ff:fe05:4657/64 Scope:Link inet6 addr: 2001:760:2e0b:1728::3/64 Scope:Global UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2010563 errors:0 dropped:0 overruns:0 frame:0 TX packets:1700527 errors:0 dropped:0 overruns:2 carrier:0 collisions:0 txqueuelen:100 RX bytes:205094215 (195.5 Mb) TX bytes:247063610 (235.6Mb) Interrupt:11 Base address:0xe000 Memory:f8201000-f8201038 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:1675838 errors:0 dropped:0 overruns:0 frame:0 TX packets:1675838 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0
RX bytes:659846244 (629.2 Mb) TX bytes:659846244 (629.2 Mb)
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 8
IPv6 in RPi / Ubuntu (4)Ping examples
ping6 ::1 PING ::1(::1) 56 data bytes 64 bytes from ::1: icmp_seq=1 ttl=64 time=0.047 ms 64 bytes from ::1: icmp_seq=2 ttl=64 time=0.039 ms 64 bytes from ::1: icmp_seq=3 ttl=64 time=0.042 ms 64 bytes from ::1: icmp_seq=4 ttl=64 time=0.020 ms --- ::1 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 2999ms rtt min/avg/max/mdev = 0.020/0.037/0.047/0.010 ms
ping6 -I eth0 fe80::2e0:81ff:fe05:4617 PING fe80::2e0:81ff:fe05:4617(fe80::2e0:81ff:fe05:4617) from ::1 eth0: 56 data bytes 64 bytes from fe80::2e0:81ff:fe05:4617: icmp_seq=1 ttl=64 time=0.056 ms 64 bytes from fe80::2e0:81ff:fe05:4617: icmp_seq=2 ttl=64 time=0.055 ms 64 bytes from fe80::2e0:81ff:fe05:4617: icmp_seq=3 ttl=64 time=0.048 ms 64 bytes from fe80::2e0:81ff:fe05:4617: icmp_seq=4 ttl=64 time=0.128 ms --- fe80::2e0:81ff:fe05:4657 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 2997ms rtt min/avg/max/mdev = 0.048/0.071/0.128/0.034 ms
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 9
IPv6 in RPi / Ubuntu (5)• Add IPv6 address /sbin/ip -6 addr add <ipv6address>/<prefixlength> dev <interface> /sbin/ifconfig <interface> inet6 add <ipv6address>/<prefixlength>
• Delete IPv6 address /sbin/ip -6 addr del <ipv6address>/<prefixlength> dev <interface> /sbin/ifconfig <interface> inet6 del <ipv6address>/<prefixlength>
• See neighbor cache ip -6 neigh show [dev <device>]
• Add an entry to the neighbor cache ip -6 neigh add <IPv6 address> lladdr <link-layer address> dev <device>
• Delete an entry in the neighbor cache ip -6 neigh del <IPv6 address> lladdr <link-layer address> dev <device>
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 10
IPv6 in RPi / Ubuntu (6)• Check IPv6 routes /sbin/ip -6 route show [dev <device>] /sbin/route -A inet6
• Add route through a gateway /sbin/ip -6 route add <ipv6network>/<prefixlength> via <ipv6address> [dev <device>] /sbin/route -A inet6 add <ipv6network>/<prefixlength> gw <ipv6address> [dev <device>]
• Delete route through a gateway /sbin/ip -6 route del <ipv6network>/<prefixlength> via <ipv6address> [dev <device>] /sbin/route -A inet6 del <network>/<prefixlength> [dev <device>]
• Add route through an interface /sbin/ip -6 route add <ipv6network>/<prefixlength> dev <device> metric 1 /sbin/route -A inet6 add <network>/<prefixlength> dev <device>
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 11
IPv6 in RPi / Ubuntu (7)• Delete route through an interface /sbin/ip -6 route del <ipv6network>/<prefixlength> dev <device> /sbin/route -A inet6 del <network>/<prefixlength> dev <device>
• Default route is written as default or ::/0 or 2000::/3
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 12
IPv6 in RPi / Ubuntu (8)Permanent configuration in Debian/Ubuntu: • Edit /etc/network/interfaces for network, IPv4 and IPv6: iface eth0 inet6 static address 2001:db8:1:A::1 netmask 64 gateway 2001:db8:1234:5::1
• Edit /etc/resolv.conf for DNS servers, IPv4 and IPv6 : nameserver 2001:4860:4860::8888 nameserver 2001:4860:4860::8844
• ADD the IPv6 configuration, leave the IPv4 one • Reload network configuration (for eth0): sudo sudo /etc/init.d/networking restart sudo ifdown eth0 sudo ifup eth0
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 13
IPv6 in other Linux distributionsPermanent configuration in Red Hat / Fedora:
• Edit /etc/sysconfig/network adding:
NETWORKING_IPV6=yes
• Restart network:
service network restart
or
/etc/init.d/network restart
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 14
IPv6 in RPi / Ubuntu (9)• Check TCP IPv6 services running on your Linux: netstat –tan Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State ... tcp6 0 0 :::80 :::* LISTEN ...
netstat -uan
• SSH to RPi • From Linux use the command line: ssh
For user/password on host 2001:db8:1:2::A use ssh user@2001:db8:1:2::A password
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 15
IPv6 in Mac OS X (1)
• Available since 10.2 Jaguar
• GUI available since 10.3 Panther
• System Preferences -> Network
• Select interface -> Advanced…
• Based on FreeBSD -> commands available
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 16
IPv6 in Mac OS (2)
• Advanced… -> TCP/IP
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 17
IPv6 in Mac OS (3)
• Advanced… -> DNS
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 18
IPv6 in Windows (1)
• Good IPv6: starting with Vista / Server 2008
• Enabled by default
• IPv6 configuration: GUI or netsh
• ping, tracert: same for IPv4 and IPv6
• ipconfig [/all]
• netstat
• route
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 19
IPv6 in Windows: GUI (1)
Automatic
Static
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 20
IPv6 in Windows: netsh
• netsh interface ipv6 C:>netsh interface ipv6 show interfaces
C:>netsh interface ipv6 show neighbors
C:>netsh interface ipv6 add address 5 2001:db8::2 type=unicast store=active
C:>netsh interface ipv6 show address 5
C:>netsh interface ipv6 delete address 5 2001:db8::2 store=persistent
C:>netsh interface ipv6 add dnsserver 5 2001:db8::53
C:>netsh interface ipv6 show dnsservers
C:>netsh interface ipv6 delete dnsserver 5 2001:db8::53
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 21
IPv6 and DNS• DNS resolution in Linux: dig / host / nslookup • To resolve www.example.com on 2001:db8:1::53 server dig any www.example.com @2001:db8:1::53 host –t ANY www.example.com 2001:db8:1::53 host –t AAAA www.example.com 2001:db8:1::53
• You can use different parameters with dig: • any/a/aaaa/mx/ns to indicate any type of information related
with the domain name or specific IPv4 (a), IPv6(aaaa), mail exchange (mx) or name server (ns) information
• +short to have a short answer, not so verbose • +trace to see the resolution path through different servers
• You can use different parameters with host: • -t any/aaaa/a/mx/ns
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 22
IPv6 Configuration Exercises (1)1. Write the name of the interfaces with IPv6 enabled 2. Write the IPv6 addresses of each one 3. Identify the type of the addresses
4. Check your neighbour cache 5. Ask other groups about their link-local and global
IPv6 addresses. Try to ping them 6. Check again your neighbour cache, ¿do you see
something new?
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 23
Lab Topology (static)
IPv6 Internet
R1
H
LANAP
H H
H
RPiRPi
192.168.1.0/24
Get a number:X IPv6 Address: 2001:760:2e0b:1720::X/64
2001:760:2e0b:1720::/64 (RA)
RPi with 192.168.1.Y has 2001:760:2e0b:1720::Y/64
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 24
IPv6 Configuration Exercises (2)7. Check your IPv6 routes 8. What’s your IPv6 gateway? Write it. ¿What type of address
is it? ¿How do you think it has been configured?
9. Using commands, configure the global IPv6 address assigned to your Host (RPi, Laptop)
10. Using commands configure the default route towards the IPv6 router in our lab
11. Check your IPv6 routes again
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 25
IPv6 Configuration Exercises (3)12. Using commands, delete the address and the default route
added before 13. Configure permanently the global IPv6 address assigned to
your Host (RPi, Laptop) 14. Configure permanently the default route towards the lab
IPv6 router 15. Check again your IPv6 routes 16. What’s your IPv6 gateway? Write it. ¿What type of address
is it? ¿How do you think it has been configured?
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 26
IPv6 Configuration Exercises (4)17. What are your IPv6 DNS servers? 18. Configure the following public IPv6 DNS servers: nameserver 2001:4860:4860::8888 nameserver 2001:4860:4860::8844
19. Use them to resolve (take note of the addresses): • www.facebook.com • www.google.com • www.wikipedia.org • www.youtube.com • www.yahoo.com • maps.google.com • docs.google.com
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 27
IPv6 Configuration Exercises (5)20. Ping the IPv4 and IPv6 addresses of the sites
mentioned before 21. Traceroute the IPv4 and IPv6 addresses of the web
sites mentioned before 22. Check services running on your host:
What IPv6 services do you see running on with TCP?
What IPv6 services do you see running on with UDP?
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 28
IPv6 with Python
• We will see:
1. IPv6 address and prefix management • ipaddress module: IPv4/IPv6 manipulation library
2. IPv6 communication using Python • socket module
• Simple Client/Server
• More advanced Client/Server
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 29
IPv6 with Python: ipaddress (1)import ipaddress
addr = ipaddress.IPv6Address(‘2001:db8:0001:0001:1230:0000:0000:0001')
addr.compressed addr.exploded addr.version addr.is_multicast addr.is_private addr.is_global addr.is_unspecified addr.is_reserved addr.is_loopback addr.is_link_local
str(addr) int(addr)
addr + 10
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 30
IPv6 with Python: ipaddress (2)import ipaddress
net = ipaddress.IPv6Network(‘2001:db8:0001:0001::/64’)
net.compressed net.exploded net.is_multicast net.is_private net.is_unspecified net.is_reserved net.is_loopback net.is_link_local net.is_global
net.num_addresses
net.overlaps(ipaddress.IPv6Network('2001:db9:1:1::/64')) net.overlaps(ipaddress.IPv6Network('2001:db8::/32'))
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 31
IPv6 with Python: ipaddress (3)import ipaddress
net29 = ipaddress.IPv6Network(‘2001:db8::/29’)
list(net29.subnets()) list(net29.subnets(new_prefix=32)) list(net29.subnets(prefixlen_diff=3))
list(net29.address_exclude(ipaddress.IPv6Network('2001:dbc::/32')))
ipaddress.IPv6Network(net29.supernet()) ipaddress.IPv6Network(net29.supernet(new_prefix=24)) ipaddress.IPv6Network(net29.supernet(prefixlen_diff=1))
ipaddress.IPv6Address('2001:db8:1:1::A') in ipaddress.IPv6Network(‘2001:db8:1:1::/64') ipaddress.IPv6Address('2001:db8:1:2::A') in ipaddress.IPv6Network('2001:db8:1:1::/64')
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 32
Simple Client / Server
• Server listening for clients (TCP)
• Clients sent string of characters
• Server prints it, sends it back to client uppercase
R1
Client
SC
Server
IPv6 AddressListening port
Request
Answer2
1
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 33
IPv6 with Python: Simple Server (1)import socket # time module for sleep() function import time
# Define the values to be used for the Server SERVERADDR, SERVERPORT = '::1', 9999
# try to detect whether IPv6 is supported at the present system if not socket.has_ipv6: raise Exception("Local machine has no IPv6 support enabled")
#Prepare the address and port needed to make the server listen addrs = socket.getaddrinfo(SERVERADDR, SERVERPORT, socket.AF_INET6, 0, socket.SOL_TCP) entry0 = addrs[0] sockaddr = entry0[-1]
s = socket.socket(socket.AF_INET6, socket.SOCK_STREAM) s.bind(sockaddr) s.listen(1) print ("server opened socket connection:", s, ", address: '%s'" % sockaddr[0])
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 34
IPv6 with Python: Simple Server (2)# Wait for a client to connect conn, addr = s.accept() time.sleep(1) print ('Server: Connected by', addr)
# Receive data from client data = conn.recv(1024) print("Data Received from Client: ",data)
# Send data back in Uppercase Letters as answer conn.send(data.upper()) print("Data Sent to Client: ",data.upper())
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 35
IPv6 with Python: Simple Client# USE: python Client.py Message to be sent to server
import socket import sys
# Use any IPv6 address of the Server SERVERADDR, SERVERPORT = "::1", 9999 data = " ".join(sys.argv[1:])
# Create a socket (SOCK_STREAM means a TCP socket) with socket.socket(socket.AF_INET6, socket.SOCK_STREAM) as sock: # Connect to server and send data sock.connect((SERVERADDR, SERVERPORT)) sock.sendall(bytes(data + "\n", "utf-8"))
# Receive data from the server and shut down received = str(sock.recv(1024), "utf-8")
print("Sent: {}".format(data)) print("Received: {}".format(received))
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 36
Advanced Client / Server
• Server listening for clients (TCP)
• Clients sent string of characters
• Server process it, sends back an answer
R1
Client
SC
ServerIPv6 AddressListening port
Request
Answer3
1
Process &
Answer
2
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 37
IPv6 with Python: Advanced Server (1)import socket import time # Define the values to be used for the Server SERVERADDR, SERVERPORT = '::1', 9999 temperature = "30 Degrees Celsius" humidity = "45%" status = "OK code 000" error_msg = "ERROR: Unknown message"
# try to detect whether IPv6 is supported at the present system if not socket.has_ipv6: raise Exception("Local machine has no IPv6 support enabled")
#Prepare the address and port needed to make the server listen addrs = socket.getaddrinfo(SERVERADDR, SERVERPORT, socket.AF_INET6, 0, socket.SOL_TCP) entry0 = addrs[0] sockaddr = entry0[-1] s = socket.socket(socket.AF_INET6, socket.SOCK_STREAM) s.bind(sockaddr) s.listen(1) print ("server opened socket connection:", s, ", address: '%s'" % sockaddr[0])
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 38
IPv6 with Python: Advanced Server (2)while (1): conn, addr = s.accept() time.sleep(1) print ('Server: Connected by', addr) # Receive data from client data_rx = conn.recv(1024) data = data_rx.decode('utf-8') print("REQUEST Received from Client: ",data_rx) # Process data received and send a proper answer if data == "temperature": conn.send(bytes(temperature, "utf-8")) print("Temperature Sent to Client: ",temperature) elif data == "humidity": conn.send(bytes(humidity, "utf-8")) print("Humidity Sent to Client: ",humidity) elif data == "status": conn.send(bytes(status, "utf-8")) print("Status Sent to Client: ",status) else: conn.send(bytes(error_msg, "utf-8")) print("ERROR Sent to Client: ",error_msg)
Alvaro Vives | Workshop on Open Source Solutions for the IoT | 27 June 2017 39
IPv6 with Python: Advanced Client# USE: python Client.py Message to be sent to server import socket import sys
# Use any IPv6 address of the Server SERVERADDR, SERVERPORT = "::1", 9999
while(1): # Create a socket (SOCK_STREAM means a TCP socket) with socket.socket(socket.AF_INET6, socket.SOCK_STREAM) as sock: # Connect to server sock.connect((SERVERADDR, SERVERPORT)) # Request the text to be sent to the server data = input("Enter the message to server (temperature | humidity | status): ") # Send data to server sock.sendall(bytes(data + "\n", "utf-8")) # Receive data from the server and shut down received = str(sock.recv(1024), "utf-8") print("Sent: {}".format(data)) print("Received: {}".format(received))
[email protected] @TrainingRIPENCC