Feeds:
Posts
Comments

How To : Quick IPv6 testing

IPv6 background

All the detail on IPv6 can be found at Wikipedia, https://en.wikipedia.org/wiki/IPv6_address . Thing worth pointing out, local host is represented by the address “::1”.

IPv6 address information

You need the IPv6 record in DNS, an IPv4 record is an A record, an ipV6 is 4 times the size of an A record, so its AAAA . ;^)

Windows

  • nslookup –q=aaaa <hostname>

Linux

  • Host –t aaaa < hostname>
  • %  host -t aaaa ipv6.google.com
    ipv6.google.com is an alias for ipv6.l.google.com.
    ipv6.l.google.com has IPv6 address 2607:f8b0:400e:c04::69
    %

Quick IPv6 access

You can try to ping the IPv6 address. Modern Windows and Linux have IPv6 enabled by default but if the rest of your network is not using IPv6 it won’t work for you to access other native ipv6 hosts across networks. If this works you are IPv6 ready! This probably is not the case though. To check, try the flowing:

Windows

    • ping -6  ::1
    • ping -6  ipv6.google.com

Linux

  • ping6   -n ::1
  • ping6   -n ipv6.google.com

An alternative if you need “quick access” you can use the following to access those ipv6 addresses.

Use an IPv6 proxy, e.g.

If the site is not IPv6 it should tell you. For some enterprises you may get a complaint due to transparent from outbound web filtering systems, also not all elements may load due to proxy server dynamic content limitations.

Image

Native IPv6 testing

This is harder but not too bad. To do this you’ll need to set up an IPV4 t IPv6 tunnel. There is a free service from a reputable colocation provider, Hurricane Electric (he.com) that can be found at http://tunnelbroker.net . You’ll need to register for an account.

Once you have an account you can set up a tunnel. One thing worth noting here is that tunnels use the origination point of a host and these are set up exclusive for each user, so if you are in a behind a corporate firewall and someone else is using the tunnel service with the IPV4 origination point (your outbound firewall) then you are out of luck. Also your IPv4 endpoint needs to be pingable. This said, you may need to do this from your home location or from a cloud service provider like Amazon web services. If your company has an external cloud systems provider you may be able to coordinate with your IT team for these services as well.

Systems Update configuration Requirements

I implemented this on Windows 7 (at home) and Linux on a cloud provider. The windows was cut and paste using the commands that TunnelBroker provided. Linux was a little more difficult. Details below.

Linux

I use Centos at my cloud provider, the image they provide does not enable IPv6 by default, to do this I updated my Centos5 image to current patch simply updated

/etc/sysconfig/network:

# add the following with the folling for IPv6

NETWORKING_IPV6=yes

And rebooted, all the IPv6 kernel modules automatically loaded. There more detail here:

Other tools

IPv6 Dynamic DNS – You may want to use a name instead of a ridiculously long 128 bit IP address that uses hexadecimal notation. You can use a free Dynamic DNS service to do this. What’s important is that the Dynamic DNS service has the ability to provide IPv6 responses, not all do. I have used http://freedns.afraid.org successfully for this purpose.

yum and perl tricks

easy way to see what perl packages are available in distribution:

yum list available ‘perl-*’

To use yum to install a Perl module using the module name, just place ‘”perl()”‘ around the name of the module (double quotes included) when giving it as an argument to yum. For example, to install the ‘Net::Telnet’ module, you would run ‘yum install “perl(Net::Telnet)”‘.

(found this here http://www.tnrglobal.com/blog/2008/12/easily-installing-perl-modules-with-yum/ )

 

if you are configuring a load balancer and need to quickly open a port to ensure the load balancer can “connect” you can use python if its on your system to set up a quick and dirty http server. by default it listens on port 8000. Please note that if port is less than 1024 you will need root privileges.

[jthomasser ~]$ python -m SimpleHTTPServer
Serving HTTP on 0.0.0.0 port 8000 …

[jthomasser ~]$ python -m SimpleHTTPServer 2000
Serving HTTP on 0.0.0.0 port 2000 …

[jthomasser ~]$ sudo python -m SimpleHTTPServer 500
Password:
Serving HTTP on 0.0.0.0 port 500 …

to list all containers:
zoneadm list
to get attributes of each container
zonecfg -z info

specifically to get resource control information
zonecfg -z info rctl

what every process should strive for…

put windows7 to sleep

heres a trick i just put together.

i’ve upgraded  a couple of my systems to windows7, i like it. The sleep mode seems to work pretty well. Unfortunately i’ve installed something that keeps it awake. To force it to sleep automatically  i’ve created a simple script sleep.bat:

powercfg -h off
rundll32 powrprof.dll,SetSuspendState

this will turn off hibernation and make your system sleep (otherwise it would hibernate, taking longer). i set up a scheduled task to call this daily at midnight (pick your own time) so if anyone else has been using the computer its forced into a sleep mode on a daily basis.

use the directives below to configure ssh on your device running ios 12.1 or better  (in addtion to the default telnet). this does the follwoing:

  • specify hostname
  • specify domainname
  • create a key pair (this requires the name and domain)
  • create a user to access device with e.g. establishs a “user” cisco with the passowrd cisco (change it to whatever you want).
  • enables ssh as a service on your device
  • enable remote access to sessions 0 through 4
at enable level enter configuration state
 

hostname somehost
domain somedomain.com
username cisco password 0 cisco
ip ssh time-out 120
ip ssh authentication-retries 3
ip ssh version 2

cry key generate rsa
! this will prompt you for a 512 bit key, specify 1024 or else your ssh client will complain.

line vty 0 4
 login local
 transport input telnet ssh

for more details see:
http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml

ios feature support
http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp