IPv6 Forum EducationCertification LogoProgram(Course / Engineer / Trainer / Certification )

V6.6.0

(2011-05-31)

IPv6 Forum

MODIFICATION RECORD

14 March 2010: Document Created by Latif Ladid

31 May 2010: Modified by Selvakumar Manickam on Section 5.

15 June 2010: Edited by Latif Ladid

29 June 2010: Edited by Latif Ladid

14 August 2010: Edited by Latif Ladid

20 August 2010: Edited by Latif Ladid

13 June 2011: Edited by Salman Asadullah

IPv6 FORUM 1 IPv6 Education Certification Logo Program

ACKNOWLEDGMENTS

The IPv6 Forum would like to acknowledge the efforts of the following individuals and organizations in the development of this specification.

Principle Authors:

Latif Ladid, IPv6 Forum

Selvakumar Manickam, Nav6 Penang Malaysia

Salman Asadullah, Cisco Systems

Commentators:

Prof Dr.Sureswaran Ramadass,Nav6 Penang Malaysia

IPv6 Forum Certified Certification Development Team:

Chip Nielsen, Cisco Systems

Srinivasa Neppalli, Cisco Systems

Jim Bailey, Cisco Systems

Harold Ritter, Cisco Systems

Salman Asadullah, Cisco Systems

IPv6 FORUM 1 IPv6 EducationCertification Logo Program

INTRODUCTION

The IPv6 ForumIPv6 Education Logo Program prime objective is to encourage and accelerate the education and training on IPv6 and promote thereby swifter adoption of IPv6 in the education curriculum and programs ofthe universities, research institutes, vendors and training specialists.

A recent survey on IPv6 training and studies at universities have demonstrated that IPv6 training and courses are way too embryonic to have any critical impact:

Patching IPv6 with IPv4 thinking would be just extending the IPv6 address space to the Internet and not fully exploiting the rich set of new features still invisible to the normal engineer. Deploying IPv6 without upfront integration of the many built-in features such the IPv6 security and privacy protocols would be re-doing the same mistake done in the deployment of IPv4. This is even defeating the prime purpose of fixing things like security in the Internet.

It is estimated that some 20 million engineers are working on the current Internet worldwide at ISPs, corporate and all other public and private organisations and they will need training on IPv6. This is a gigantic task since it’s the first upgrade of the Internet and most probably the last one for decades to come.

The IPv6 Education Logo Program is a program intended to increase practical engineering expertise and hands-on knowledge to tackle this large undertaking ahead of us extending thereby user confidence by demonstrating that IPv6 will be deployed by qualified engineers.

The IPv6 Education Logo Program currently consist of following programs:

1 - Program

Phase I: Phase I will target mainly 5-10 days courses

- Basic Curriculum Profile (Silver)

- Advanced Curriculum Profile (Gold)

Phase II: Phase II will be a detailed course program for universities (BA,

MsC, PhD).

Phase III: Future Curriculum Programs (Diamond)

2 - Target Audiences (TA):

TA 1 - Universities - Institutes - ResearchCentres

TA 2 - Vendors

TA 3 - Training Institutes & Specialists

TA 4 - Train the Trainer Program (IPv6 Experts)

TA 5 - Students & Engineers Certification - Examination Profiles of TA 1-2-3-4

3 - Course Profile Definition:

TA 1: Universities: (Definition of curriculum profiles)

- Basic

-Advanced

TA 2: Vendors

- Basic

- Advanced

TA 3: Training Specialists

- Similar to TA 2

TA 4: Train the Trainer

- Advanced

IPv6 FORUM 1 IPv6 EducationCertification Logo Program

Table of Contents

Table of Contents

1.Foreword

2.IPv6 Education Certification Logo Program

2.1.General

2.2.IPv6 Education Logo Program

2.3.IPv6 Train The Trainer Logo Program

3.Curriculum Outline

3.1.IPv6 Forum Certified Course & Network Engineer (Silver)

3.1.1.Prerequisites

3.1.2.Course Outline

3.2.IPv6 Forum Certified Course & Network Engineer (Gold)

3.2.1.Prerequisites

3.2.2.Course Outline

3.3.IPv6 Forum Certified Train The Trainer Network Engineer (Gold)

3.3.1.IPv6 Forum Certified Train The Trainer Course (Gold)

3.4. IPv6 Forum Certified Certification Program

3.4.1. Prerequisites

3.4.2. Application Process

3.4.3. Exam Topics

3.4.4. IPv6 Forum Certified Certification (Silver)

3.4.5. IPv6 Forum Certified Certification (Gold)

4.Procedure to obtain the v6 Education Logo

4.1.General

4.2.Procedure to obtain the v6 Education Logo

5.IPv6 WWW Logo Program

5.1.General

5.2.Definition - Requirements of IPv6 Education website

5.3.Definition - Specification of Checking/Validating IPv6 WWW Site Connectivity

5.3.1.IPv6 DNS Resolving Ability

5.3.2.IPv6 HTTP Access Ability

5.3.3.IPv6 WWW Maintenance Ability

5.3.4.Required quality of IPv6 Education website for validation

5.4.Procedure to obtain the v6eLogo_WWW

5.5.Image logo

5.6.Dynamic logo

6.Terminology

7.Future Programs

7.1 IPv6 Forum Certified Programmer

7.1.1 PREREQUISITES

7.1.2 COURSE OUTLINE

7.2 IPv6 Forum Certified Security Engineer

7.2.1 PREREQUISITES

7.2.2 COURSE OUTLINE

  1. Foreword

Changes to this specification are subject to public review and approval by the IPv6 Forum IPv6 Education Logo Steering Group (v6ELSG).

Version x.y.z

Where:

xthe first digit:

1presented to v6ELSGfor information;

2presented to v6ELSGfor approval;

3or greater indicates v6ELSGapproved document under change control.

ythe second digit is incremented for all changes of substance, i.e. technical enhancements, corrections, updates, etc.

zthe third digit is incremented when editorial only changes have been incorporated in the document.

The present document describes the IPv6 Education Logo Program. This document is the result of consensus between the IPv6 Education Steering Group (v6ELSG) members and industry review

IPv6 FORUM 1 IPv6 EducationCertification Logo Program

  1. IPv6 Education Certification Logo Program

2.1.General

The IPv6 Forum Education Logo Program[1] objective is to encourage and accelerate uptake of expertise to guarantee a solid deployment and adoption of IPv6 by web site owners,ISPs and content providers as well as design of new IPv6 apps.

The IPv6 Education Logo (v6eLogo) Program goal is to increase engineering quality by certifying solid curricula and recognize educated engineers.

The IPv6 Education Logo Program consists, of the following sub-programs:

  • IPv6 Education Logo Program
  • IPv6 Train The Trainer LogoProgram

The IPv6 Forum has created the IPv6 Education Steering Committee (v6eSG), to manage the IPv6 Education Logo Program.

The IPv6 Education Steering Group mission is to help support IPv6 Education and Training.

The IPv6 Education Logo Steering Group (v6eSG) is structured as follows:

  • IPv6 Forum President, Latif Ladid
  • IPv6 Forum (Ready/Enabled/Education) Logo Programs Chairperson, Yanick Pouffary, IPv6 Forum Fellow
  • IPv6 EnableLogo Steering Group Chairperson, Liu Dong, Chair China IPv6 Council/BII Group
  • IPv6 Education Logo Steering Group Chairperson, Dr. Sures Ramdass / Selvakumar Manickam, IPv6 Forum Malaysia – Nav6, Co-chair Salman Asadulah, IPv6 Forum Fellow, Cisco Distinguished Engineer
  • IPv6 Ready Logo Committee Chairperson,Hiroshi Esaki, Executive Director Japan IPv6 Promotion Council (v6PC)/WIDE Project
  • IPv6 ReadyLogo Legal/Operational, Cesar Viho, IPv6 Ready Logo Operational / IPv6 Forum Fellow / IRISA
  • IPv6 Enable Logo Technical Lead IPv6 EnableISP logo, Hiroshi Miyata, IPv6 Ready Logo Technical Lead / IPv6 Forum Fellow / TAHI Project
  • IPv6 EnableLogo Advisor,Erica Johnson, IPv6 Ready Logo Regional Officer / IPv6 Forum Fellow / UNH IOL

The v6eSG is responsible for:

  • Defining procedures, regulations and steps for the v6eLogo program.
  • Defining the strategy for deploying the IPv6 Education Logo Program
  • Administering the right to use the IPv6 Education Logo.

Final approval of the IPv6 Education procedures and scripts is done by the IPv6 Education Certification Logo Chairperson, the IPv6 Ready Logo Chairperson and IPv6 Forum President.

The IPv6 Education Logo ID data base and the IPv6 Education Web pages are administered mainly by the BII Group.

In order to maintain credibility and neutral services among vendors and users, the member that support IPv6 Education Logo Steering Group operates according to the IPv6 Ready Logo Program Code of Conduct and are tied by a signed Non Disclosure Commitment.

2.2.IPv6 Education Logo Program

The goal of the IPv6 Education WWW Logo (v6eLogo_WWW)program is for IPv6 Education Web sites. This program is to help support IPv6 deployment on Websites.

Applicant’s website will be validated for IPv6 reachability as defined in this document. If passed, the IPv6 Forum then authorizes usage of the IPv6 Education WWW Logo for that website.

The basic level validates the applicant web site IPv6 reachability. For basic levelvalidation, an automatic script will be run by the v6eSG. If the script is run successfully the applicant web site is assigned a logo ID and is listed on the IPv6 Education web page.

Note: The applicant’s web site may not be able have IPv6 reachability from the testing server(s) run by the v6eSG, not because of technical problem at the applicant’s web site, but because of technical problem at some intermediate node/network between the applicant’s web site and the testing server(s) run by the v6eSG. When the v6eSG observed the un-reachability at the applicant’s web server, anattempt will be made to identify the reachability issue.

For advanced levelvalidation, obtaining the basic level logo is prerequisite. Please note at this date this level is not yet fully defined and will be released later on.

2.3.IPv6 Train the TrainerLogo Program

IPv6 Train the Trainer Logo program is for IPv6 experts who qualify to train future IPv6 trainers.

  1. Curriculum Outline

All the training courses are delivered via instructor-led approach with hands-on lab.

Instructor-Led Training: Set in an interactive classroom environment, the instructor will introduce concepts and guide students with detailed explanations and interesting examples to meet the student expectations and requirements and at the same time keep the students engaged.

•Hands-on Lab: Step-by-step hands-on labs with detail instructions and guide are provided to reinforce all key concepts. It allows the student to reinforce concepts by performing the tasks they have just learned.

As these are certification programs, candidates are required to pass both the written and hands-on evaluation to qualify for the certificate.

3.1.IPv6 Forum Certified Course & Network Engineer (Silver)

Plan and Implement IPv6 in a Multi-Vendor, Commercial Environment.

You will learn to:

•Implementing new networking software anddevices to support IPv6.

•Implementing auto-configuration to manageIPv6 addresses.

•Configure the different IPv6 migration tools astunnelling in order to facilitate the transition.

•Obtain and configure upgrades for commonoperating systems.

3.1.1. Prerequisites

A good knowledge of general networking concepts is assumed. IPv4 is reviewed as it is compared and contrasted with IPv6, but experience on IPv6 is not critical. Knowledge on the level of Cisco Certified Network Associate (CCNA) would be an added advantage.

3.1.2.Course Outline

The Internet Protocol

•Introduction to IP

•Internet as a Datagram Network

•Internet as a Connectionless Network

•IPv6 Technical Features

•Differences between IPv4 and IPv6

•Address Space

•Quality of Service and Routing Efficiency

•Plug and Play

•Mobility

•Security

IPv6 Address Architecture and Scheme

•Notation of IPv6 addresses

•Types of addresses

•IPv6 Addressing Schemes

•A case study of IPv6 addressing scheme

OS IPv6 Configuration

•Windows

•Linux

•BSD Configuration Information

IPv6 Device Configuration

•Autoconfiguration

  • Stateless autoconfiguration
  • Stateful autoconfiguration
  • Duplicate address detection
  • Address Resolution
  • Neighbour discovery procedures
  • Neighbour solicitation messages
  • Neighbour advertisement messages

Introduction to Routing

•Introduction Static Routing

•Introduction Dynamic Routing

•Hands on (Static Routing

Translation Mechanisms

•CGN

•NAT44

•NAT444

•AFT

Introduction to Tunneling

•6-to-4

•6-in-4

•6-r-d

•Isatap

•Teredo

3.2.IPv6 Forum Certified Course & Network Engineer (Gold)

Plan and Implement Advanced IPv6 in a Multi-Vendor, Commercial Environment.

You will learn to:

•Generate and test IPv6 packets in a network.

•Plan and manage the migration of your networkto IPv6.

•Implementing new networking software anddevices to support IPv6.

•Install and configure associated network servicessuch as DNS and routing protocols.

•Update and configure common networking applicationssuch as email and Web servers.

•Configure routers and dual stack.

3.2.1.Prerequisites

A good knowledge of general networking concepts is assumed. Certified IPv6 Network Engineer (CNE6) Level 1 or similar is necessary to pursue this training program.

3.2.2.Course Outline

•IPv6 Packet Generation

•Understanding scapy6

•Crafting packets

•Testing with various configurations

•IPv6 Packet Detection

•Understading SNORT IPv6 Capabilities

•Native IPv6

•IPv6 over Tunnels

•IPsec

•IPv6 IPsec overview

•Security policies and security associations

•IPsec tunneling

•IPsec Framework

•Authentication header

•Encapsulating security payload

•ESP transport mode

•ISAKMP/IKE

  • Internet key exchange IPv6 IPSec in a Windows environment
  • Microsoft symmetric key authentication
  • Setting up the IPSec tunnel
  • IPv6 Integration

•Header translation

•Tunnel Brokers

•Teredo Tunneling

•6-in-4 Tunneling

•6rd

•ds-lite

•Steps to migrate to IPv6

•Hardware

•Software

  • Operating System (OS)
  • Windows Vista/7/2008 Server
  • Linux
  • Mac OS
  • Legacy OS
  • DNS
  • Web
  • E-mail

•Name Service in IPv6

  • IPv6 and DNS
  • AAAA and A6 records•
  • Reverse lookup in IP.ARPA
  • DNS Setup

•Routing protocols

  • Dynamic routing and its advantages overthe static routing
  • RIPng
  • OSPFv3
  • ISIS for IPv6
  • BGP4+

•DHCPv6

  • Stateful address management
  • Stateless address management
  • Manual address management

3.3.IPv6 Forum Certified Train The Trainer Network Engineer (Gold)

IPv6 Forum will certify and qualify trainers to teach IPv6 Forums’ instructor-led courses. The train-the-trainer (TTT) program covers the standard syllabus with an addition of 1-day trainer’s training that will cover the following:

1)Know-how on setting up IPv6 network.

2)Configuring servers to support and enable IPv6 connectivity.

3)Advanced knowledge required for the trainer.

4)Additional evaluation catered specifically for trainer candidates.

3.3.1.IPv6 Forum Certified Train The Trainer Course (Gold)

IPv6 training courses can be developed and delivered by IPv6 experts worldwide. In order to qualify for the IPv6 Forum’s course certification, the course has to comply to the objectives highlighted for training courses highlighted from Section 5.1 through section 5.5 has to be observed by the course being evaluated to ensure consistency and standards of IPv6 capacity building is adhered to.

Through the evaluation of these courses, we can also indicate which processes should be improved, to affect better results.

The evaluation team will be comprised of esteemed members of the IPv6 Forum Global who will vet and advice on the courses brought forward and finally decides to award either Silver or Gold to the evaluated courses.

IPv6 Forum will evaluate based on (but not limited to) the following criteria:

•Content relevance to IPv6.

•Course length and class size appropriateness for training goals.

•Quality of lecturers and course materials.

•Participatory and action-learning methods used.

List of courses shown in the table below:

3.4. IPv6 Forum Certified Certification

The IPv6 Forum Certified Certification program will certify vendor certifications that assess IPv6 expertise per IPv6 Forum’s specification.

Two levels of certification are provided by the IPv6 Forum Certified Certification program. Silver certifications will include beginner and intermediate IPv6 topics. Gold certification will include topics of all skill levels including advanced IPv6 topics.

This specification provides mandatory topics and optional subtopics requiredto obtain IPv6 Forum Certified Certification status.

3.4.1. Prerequisites

Prior to receiving IPv6 Forum Certified Certification status, the vendor education web site must be reachable via IPv6. Please refer to Section 5 for details on the IPv6 Education WWW Logo program.

3.4.2. Application Process

The following information is required to apply for IPv6 Forum Certified Certification:

  1. Primary contact information
  2. Certification program name
  3. Certification program objective
  4. Publicly available exam blueprint URL
  5. If applying for IPv6 Forum Certified Certification (Silver)
  1. Please list the topics covered in the written exam from section 3.4.4.
  2. Please list the topics covered in the lab exam (if applicable) from section 3.4.4.
  1. If applying for IPv6 Forum Certified Certification (Gold)
  2. Please list the topics covered in the written exam from section 3.4.4 and 3.4.5.
  3. Please list the topics covered in the lab exam (if applicable) from section 3.4.4 and 3.4.5.

3.4.3. Exam Topics

In order to be certified as an IPv6 Forum Certified Certification (Silver), the required exams must cover all mandatory exam topics in section 3.4.4. The sub topics are “Optional” but are included for reference. These sub topics can be used as guidelines, but are not mandatory to meet the specification.

In order to be certified as an IPv6 Forum Certified Certification (Gold), the required exams must cover all mandatory exam topics in section 3.4.4 and section 3.4.5. As with the Silver program, the sub topics in the Gold section are optional and included for reference.

Mandatory exam topics (highlighted in bold) must be covered in both written and lab exam (if applicable).

3.4.4. IPv6 Forum Certified Certification (Silver)

  • IPv6 Introduction
  • IPv6 packet format
  • Header fields
  • IPv6 extension headers
  • ICMPv6
  • Message types
  • Differences between IPv4 and IPv6
  • Address space
  • IPv6 Address Architecture and Scheme
  • Notation of IPv6 addresses
  • Types of addresses
  • IPv6 addressing schemes
  • EUI-64
  • Random addressing (RFC 3041)
  • Manual addressing
  • Address lifetimes
  • IPv6 Device Configuration
  • Autoconfiguration
  • Stateless autoconfiguration
  • Stateful autoconfiguration
  • Privacy extensions (RFC 4941)
  • Duplicate address detection
  • Address resolution
  • Differences between IPv4 ARP and IPv6 ND
  • Neighbor discovery procedures
  • Default router selection
  • Neighbor solicitation messages
  • Router solicitation
  • Neighbor solicitation
  • Inverse neighbor solicitation
  • Neighbor advertisement messages
  • Router advertisement
  • Neighbor advertisement
  • Inverse neighbor advertisement
  • Operating system details/specifics
  • DHCPv6
  • Stateful address management
  • Stateless address management
  • Manual address management
  • Introduction to Tunneling
  • 6-in-4 Tunneling
  • Tunnel Broker
  • 6RD
  • Name Service in IPv6
  • IPv6 and DNS
  • AAAA records
  • DNSSEC
  • Reverse lookup in IP6.ARPA
  • DNS Setup
  • Dual stack MX records
  • Introduction to IPv6 Security
  • Perimeter security
  • Packet filtering
  • Unmonitored IPv6 risks and mitigation
  • First hop security
  • Rogue Router Advertisement Guard
  • Introduction to IPv6 Network Management
  • SNMPv3
  • IPv6 Impact to Applications
  • Application best practices
  • Dual stack hosts

3.4.5. IPv6 Forum Certified Certification (Gold)

  • IPv6 Tunneling and Translation Mechanisms
  • NAT44
  • NAT64
  • AFT
  • DS-Lite
  • 6PE
  • NAT-PT Deprecation (RFC 4966)
  • ALG / Proxy
  • ISATAP
  • Teredo
  • 6to4 Tunneling
  • Operating system details/specifics on how tunneling is handled

•Routing Protocols & MPLS

  • Static routing
  • RIPng
  • ISIS for IPv6
  • BGP4+
  • OSPFv3
  • 6VPE
  • Operating system details/specifics on how routing is handled

•Network Management

  • IPv6 information retrieval
  • Fault management
  • Performance management
  • Configuration management
  • Availability management
  • Operating system details/specifics on how network management is handled

•IPv6 Multicast

  • IPv6 multicast address format
  • Protocol Independent Multicast (PIM)
  • Multicast Listener Discovery (MLD)
  • Embedded Rendezvous Point (RP)
  • Operating system details/specifics on how multicast is handled

•IPv6 Mobility

  • Basic operations
  • Operating system details/specifics on how mobility is handled

•IPv6 Security

  • IPsec over IPv6
  • IKEv2
  • IPsec digital certificates
  • Operating system details/specifics on how security is handled

•IPv6 Troubleshooting

  • Basic troubleshooting methodology/plan
  • Packet sniffing and analysis
  • Use of ipconfig/ifconfig, ping/ping6, traceroute/traceroute6
  • Troubleshooting routing/tunneling/vpn/translation
  • Troubleshooting LAN/WAN environments
  • Troubleshooting dual-stack host issues
  • Troubleshooting application issues

IPv6 FORUM 1 IPv6 EducationCertification Logo Program

  1. Procedure to obtain the v6 Education Logo
  2. General

The IPv6 Forum will verify the applications in terms of source, credibility and usefulness and will monitor the certification process over time making sure the quality is maintained and possible re-certification is requested when needed.