• 如果您觉得本站非常有看点,那么赶紧使用Ctrl+D 收藏吧

IPv6(BGP,OSPF,联邦,6 to 4 )

互联网 diligentman 6天前 6次浏览

IPv6(BGP,OSPF,联邦,6 to 4 )
IPv6(BGP,OSPF,联邦,6 to 4 )题目要求:
1、两个局域网基于6 to 4 tunnel可达
2、R1可以访问R3的环回

题目分析:
左边是双栈内网,右边是纯V6内网,中间是V4公网,通过6to4把两边V6打通
R1可以访问到3的环回(公网部分)

一、配置IP v4环境,先公网后私网

2/3/4搭建

[R2]ipv6 
[R2]int g0/0/0 
[R2-GigabitEthernet0/0/0]ip address 23.1.1.1 24

[R3]int g0/0/1
[R3-GigabitEthernet0/0/1]ip address 23.1.1.2 24 
[R3-GigabitEthernet0/0/1]int lo0
[R3-LoopBack0]ip address 3.3.3.3  24
[R3-LoopBack0]int g0/0/0
[R3-GigabitEthernet0/0/0]ip address 34.1.1.1 24

[R4]int g0/0/1
[R4-GigabitEthernet0/0/1]ip address 34.1.1.2 24
让公网通
[R2]ip route-static 0.0.0.0 0 23.1.1.2
[R4]ip route-static 0.0.0.0 0 34.1.1.1

R1/2是双栈所以是一个私有的网络

[R1-LoopBack0]ip address 192.168.1.1 25
[R1-LoopBack1]ip address 192.168.1.129 25
[R1-GigabitEthernet0/0/1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip address 192.168.0.1 30

[R2]int g0/0/1
[R2-GigabitEthernet0/0/1]ip address 192.168.0.2 30
[R2-LoopBack0]ip address 192.168.2.1 24

此时R1/2私网建好,要想私网通可以使用静态/动态

用静态

[R1]ip route-static 0.0.0.0 0 192.168.0.2
[R2]ip route-static 192.168.1.0 24 192.168.0.1

R2上做nat

[R2]acl 2000
[R2-acl-basic-2000]ru	
[R2-acl-basic-2000]rule pe	
[R2-acl-basic-2000]rule permit s	
[R2-acl-basic-2000]rule permit source 192.168.0.0 0.0.255.255
[R2-acl-basic-2000]q
[R2]int g0/0/0 
[R2-GigabitEthernet0/0/0]nat o	
[R2-GigabitEthernet0/0/0]nat outbound 2000

用R1pingR3的环回检测
即V4局域网访问广域网的部分做好了

二、IPv6子网配置RIPNG

首先要配置IP地址,得计算,因为后边玩的是6to4 tunnel R1/2内部的v6IP是拿R2/3之间接口23.1.1.1换算得来
23=16+7——1701:0101即23.1.1.1变成十六进制
2002:1701:0101::/48——IPv4兼容地址
做子网划分,而且/48范围太大了,使用起来不合适
简单划分先拉到64位
2002:1701:0101:0000::/64——2002:1701:0101:FFFF::/64
RIPNG支持子网汇总
第一个网段再分成/65位配到环回
2002:1701:0101:0000:0000:/64的(加粗的0是可以再细分为4个0的,取拆出来的4个0的第一位,变成掩码为65)
2002:1701:0101:0000:0000::/65
2002:1701:0101:0000:8000::/65

[R1]ipv6	
[R1-LoopBack0]ipv6 enable 
[R1-LoopBack0]ipv6 address 2002:1701:0101:0000:0000::1/65
[R1-LoopBack0]int lo1
[R1-LoopBack1]ipv6 enable 
[R1-LoopBack1]ipv6 address 2002:1701:0101:0000:8000::1/65
[R1-LoopBack1]int g0/0/0
[R1-GigabitEthernet0/0/0]ipv6 enable 
[R1-GigabitEthernet0/0/0]ipv6 address 2002:1701:0101:0001::1/64

[R2]ipv6 
[R2]int g0/0/1
[R2-GigabitEthernet0/0/1]ipv6 enable 
[R2-GigabitEthernet0/0/1]ipv6 address 2002:1701:0101:0001::2/64
[R2-GigabitEthernet0/0/1]int lo0
[R2-LoopBack0]ipv6 enable 
[R2-LoopBack0]ipv6 address 2002:1701:0101:0002::1/64

先使用RIPNG让R1/2跑通

[R1]ripng 1
[R1-ripng-1]int lo0
[R1-LoopBack0]ripng 1 enable 
[R1-LoopBack0]int lo1
[R1-LoopBack1]ripng 1 enable 
[R1-LoopBack1]int g0/0/0
[R1-GigabitEthernet0/0/0]ripng 1 enable 

[R2]ripng 1
[R2-ripng-1]int lo0
[R2-LoopBack0]ripng 1 enable 
[R2-LoopBack0]int g0/0/1
[R2-GigabitEthernet0/0/1]ripng 1 enable 

此时R1/2相互学到彼此环回

IPv6(BGP,OSPF,联邦,6 to 4 )此时R1/2内部通了,要做一个简单的优化,在R1上将两个环回汇总

[R1]int g0/0/1
[R1-GigabitEthernet0/0/1]int g0/0/0
[R1-GigabitEthernet0/0/0]ripng summary-address 2002:1701:0101:0000:: 64

IPv6(BGP,OSPF,联邦,6 to 4 )v6 的内部要出去就要靠6to4出去

[R2]int Tunnel 0/0/0
[R2-Tunnel0/0/0]ipv6 enable 
[R2-Tunnel0/0/0]ipv6 address 2002:1701:0101:0003::1/64
[R2-Tunnel0/0/0]tunnel-protocol  ipv6-ipv4 6to4
[R2-Tunnel0/0/0]source g0/0/0

此时R1/2上还需要有路由
[R2]ipv6 route-static 2002:: 16 Tunnel 0/0/0
此时R1是没有到外的路由的,有两个办法
1、R1上重写该路由条目
2、让2给1发个缺省(rip)
only的作用是只给发缺省,不会连环回一起传,节省路由表
[R2-GigabitEthernet0/0/1]ripng default-route only

IPv6(BGP,OSPF,联邦,6 to 4 )此时左边完成。

三、IPv6子网2

右边先规划IP
公网地址34.1.1.2换算
34=32+2——2201:0102::/48
2002:2201:0102::/48IPV4兼容地址
需要划分一下
两个AS直接划分为64不合理,两个AS最好可以汇总成一个
先一分为二,两个/49,在继续往下化,AS内部子网划分是不看EGP是看IGP的。
2002:2201:0102::/49 AS1——2002:2201:0102::/64——2002:2201:0102:7FFF::/64
2002:2201:0102:8000::/49 AS2
(R4/5之间给到AS1)

[R4]ipv6 
[R4-GigabitEthernet0/0/0]int lo0
[R4-LoopBack0]ipv6 enable 
[R4-LoopBack0]ipv6 address 2002:2201:0102::1/64
[R4-LoopBack0]int g0/0/0
[R4-GigabitEthernet0/0/0]ipv6 enable 
[R4-GigabitEthernet0/0/0]ipv6 address 2002:2201:0102:001::1/64

[R5]ipv6 
[R5]int g0/0/1
[R5-GigabitEthernet0/0/1]ipv6 enable 
[R5-GigabitEthernet0/0/1]ipv6 address 2002:2201:0102:001::2/64
[R5-GigabitEthernet0/0/1]int lo0
[R5-LoopBack0]ipv6 enable 
[R5-LoopBack0]ipv6 address 2002:2201:0102:8000::1/64
[R5-LoopBack0]int g0/0/0
[R5-GigabitEthernet0/0/0]ipv6 enable 
[R5-GigabitEthernet0/0/0]ipv6 address 2002:2201:0102:8001::1/64

[R6]ipv6 
[R6]int g0/0/1
[R6-GigabitEthernet0/0/1]ipv6 enable 
[R6-GigabitEthernet0/0/1]ipv6 address 2002:2201:0102:8001::2/64
[R6-GigabitEthernet0/0/1]int lo0
[R6-LoopBack0]ipv6 address 2002:2201:0102:8002::1/64
[R6-LoopBack0]int g0/0/0
[R6-GigabitEthernet0/0/0]ipv6 address 2002:2201:0102:8003::1/64

[R7-GigabitEthernet0/0/1]ipv6 address 2002:2201:0102:8003::2/64
[R7-LoopBack0]ipv6 address 2002:2201:0102:8004::1/64
[R7-GigabitEthernet0/0/0]ipv6 address 2002:2201:0102:8005::1/64

[R8-GigabitEthernet0/0/1]ipv6 address 2002:2201:0102:8005::2/64
[R8-LoopBack0]ipv6 address 2002:2201:0102:8006::1/64

配好以后先起IGP——跑OSPFV3

[R5]ospfv3 1
[R5-ospfv3-1]router-id 5.5.5.5 
[R5-ospfv3-1]int lo0
[R5-LoopBack0]ospfv3 1 area 0
[R5-LoopBack0]int g0/0/0
[R5-GigabitEthernet0/0/0]ospfv3 1 area 0
[R5-GigabitEthernet0/0/0]int g0/0/1
[R5-GigabitEthernet0/0/1]ospfv3 1 area 0

[R6]ospfv3 1 
[R6-ospfv3-1]router-id 6.6.6.6
[R6-ospfv3-1]int lo0
[R6-LoopBack0]ospfv3 1 area 0
[R6-LoopBack0]int g0/0/0
[R6-GigabitEthernet0/0/0]ospfv3 1 area 0
[R6-GigabitEthernet0/0/0]int g0/0/1
[R6-GigabitEthernet0/0/1]ospfv3 1 area 0
[R6-GigabitEthernet0/0/1]

[R7]ospfv3  1
[R7-ospfv3-1]router-id 7.7.7.7
[R7-ospfv3-1]int g0/0/0
[R7-GigabitEthernet0/0/0]ospfv3 1 area 0
[R7-GigabitEthernet0/0/0]int lo0
[R7-LoopBack0]ospfv3 1 area 0
[R7-LoopBack0]int g0/0/1
[R7-GigabitEthernet0/0/1]ospfv3 1 area 0

[R8]ospfv3 1
[R8-ospfv3-1]router-id 8.8.8.8
[R8-ospfv3-1]int lo0
[R8-LoopBack0]ospfv3 1 area 0
[R8-GigabitEthernet0/0/0]int g0/0/1
[R8-GigabitEthernet0/0/1]ospfv3 1 area 0

查看建邻情况

IPv6(BGP,OSPF,联邦,6 to 4 )IPv6(BGP,OSPF,联邦,6 to 4 )R8上看路由表
IPv6(BGP,OSPF,联邦,6 to 4 )
起BGP

display ipv6 interface brief 
[R4]bgp 1
[R4-bgp]router-id 4.4.4.4
[R4-bgp]peer 2002:2201:102:1::2 as-number 2
[R4-bgp]ipv6-family
[R4-bgp-af-ipv6]peer 2002:2201:102:1::2 enable 

[R5-bgp]router-id 5.5.5.5
[R5-bgp]confederation id 2
[R5-bgp]peer  2002:2201:102:1::1 as-number 1
[R5-bgp]ipv6-family
[R5-bgp-af-ipv6]peer  2002:2201:102:1::1 enable 

后期用环回建邻容易把自己搞晕,引入多数组概念

[R8-LoopBack0]ipv6 address 8::8/64
[R7-LoopBack0]ipv6 address 7::7/64
[R6-LoopBack0]ipv6 address 6::6/64
[R5-LoopBack0]ipv6 address 5::5/64
不用宣告,本身就跑OSPF



[R5-bgp]peer 6::6 as-number 64512
[R5-bgp]peer 6::6 connect-interface lo0
[R5-bgp]ipv6-family
[R5-bgp-af-ipv6]peer 6::6 enable 

[R6]bgp 64512
[R6-bgp]router-id 6.6.6.6
[R6-bgp]confederation id 2
[R6-bgp]peer 5::5 as-number 64512
[R6-bgp]peer 5::5 connect-interface  lo0
[R6-bgp]ipv6-family 
[R6-bgp-af-ipv6]pe	
[R6-bgp-af-ipv6]peer 5::5 enable 


IPv6(BGP,OSPF,联邦,6 to 4 )IPv6(BGP,OSPF,联邦,6 to 4 )

IPv6(BGP,OSPF,联邦,6 to 4 )若此时不做修改会一直处于该状态建不起来邻居(华为问题,思科不存在,默认使用的地址的问题)

[R6-bgp]peer 5::5 connect-interface lo0 6::6
[R5-bgp]peer 6::6 connect-interface  lo0  5::5


[R6-bgp]peer 7::7 as-number 64512
[R6-bgp]peer 7::7 connect-interface lo0 6::6
[R6-bgp]ipv6-family
[R6-bgp-af-ipv6]peer 7::7 enable 

[R7]bgp 64512
[R7-bgp]router-id 7.7.7.7
[R7-bgp]confederation id 2
[R7-bgp]confederation peer-as 64513
[R7-bgp]peer 6::6 as-number 64512
[R7-bgp]peer 6::6 connect-interface lo0 7::7
[R7-bgp]peer 8::8 as-number 64513	
[R7-bgp]peer 8::8 connect-interface lo0 7::7
[R7-bgp]peer 8::8 ebgp-max-hop  2
[R7-bgp]ipv6-family 
[R7-bgp-af-ipv6]peer 6::6 en
[R7-bgp-af-ipv6]peer 8::8 enable 

[R8]bgp 64513
[R8-bgp]router-id 8.8.8.8
[R8-bgp]confederation id 2
[R8-bgp]confederation peer-as 64512
[R8-bgp]peer 7::7 as-number 64512
[R8-bgp]peer 7::7 connect-interface lo0 8::8 
[R8-bgp]peer 7::7 ebgp-max-hop  2
[R8-bgp]ipv6-family
[R8-bgp-af-ipv6]peer 7::7 en

IPv6(BGP,OSPF,联邦,6 to 4 )
BGP建邻完成
分析还缺哪些路由,将路由表完善实验即完成
R5/6/7/8学去往外边路由,而R4要学去往右边和却往左边的路由
4要出去就要打tunnel

[R4]int t0/0/0
[R4-Tunnel0/0/0]ipv6 enable 
[R4-Tunnel0/0/0]ipv6 address 2002:2201:0102:2::1/64
[R4-Tunnel0/0/0]tunnel-protocol ipv6-ipv4 6to4
[R4-Tunnel0/0/0]source g0/0/1
[R4]ipv6 route-static 2002:: 16 Tunnel 0/0/0

[R5]ipv6 route-static 2002:2201:0102:8000:: 49 NULL 0
[R5]bgp 64512
[R5-bgp]ipv6-family 
[R5-bgp-af-ipv6]network  2002:2201:0102:8000:: 49

IPv6(BGP,OSPF,联邦,6 to 4 )
R4把两边路由去向学到了,现在就是缺IGP内部到外网的路由

[R4]bgp 1
[R4-bgp]ipv6-family 
[R4-bgp-af-ipv6]network 2002:: 16

IPv6(BGP,OSPF,联邦,6 to 4 )
IPv6(BGP,OSPF,联邦,6 to 4 )

[R5]bgp 64512
[R5-bgp]ipv6-family 
[R5-bgp-af-ipv6]peer 6::6 next-hop-local 

但6不会给7,需要调反射器

[R6]bgp 64512
[R6-bgp]ipv6-family
[R6-bgp-af-ipv6]peer 7::7 reflect-client 

IPv6(BGP,OSPF,联邦,6 to 4 )IPv6(BGP,OSPF,联邦,6 to 4 )IPv6(BGP,OSPF,联邦,6 to 4 )
实验完成。


喜欢 (0)