icmpv6
1path mtu discovery (pmtud路径mtu发现协议)
整个路径mut发现,当发现一段线路的mtu过小就会发送icmp error消息,说包过大让其进行分片,用来测试整个路径mtu最小值
2ndr-replace arp(邻居发现协议替代arp)
当a想访问b的时候,发现不知道目标的mac,就会发送一个组播icmp type=135的消息,当b收到会单播回复一个type=136的消息。包含的内容
icmp type =135
src=a
dst=solicited-node multicast of b
data=link-layer address of a
query=what is your link address
icmp type=136
src=b
dst=a
data=link-layer address of b
ns 135邻居请求
na 136邻居通告
实验:
r1:
int e0/0
ipv6 address 2001::1/64
no sh
r2:
int e0/0
ipv6 address 2001::2/64
no sh
show ipv6 neighbors(看到以太网对方mac,等于ipv4的show arp)
ndp-prefix advertisement(前缀通告)
pa packet defaintions:
icmp type=134
src=router link-local address
dst=all-nodes multicast address ff02::1
data=options,prefix,lifetime,autoconfig flag
ra 134 路由通告,通告路由器网络号
边界网关发出来的。
rs 133 回应
rs packet defintions:
icmp type=133
src=unspecified address ::
dst=all-routers multicast address ff02::2
实验:
r2:
int e0/0
ipv6 address autoconfig
no sh
show ipv6 int e0/0
r1:
ipv6 unicast-routing(运行ipv6的路由器才会发送请求)
icmpv6
type:135和136替代arp
type:133和134通告前缀
duplicate address detection(重复地址检测)
icmp type=135
src=0(::)
dst=solicited-node multicast of a
data=link-layer address of a
query=what is your link address
如果收到就会冲突,
ip gratuitous-arps(ipv4免费arp)
在运行路由协议的路由器可以关闭ra消息
r1:
ipv6 nd suppress-ra(关掉ra消息)
重编址
int e0
ipv6 nd prefix 2001:db8:c18:1::/64 43200 0
ipv6 nd prefix 2001:db8:c18:2::/64 43200 43200
or
int e0
ipv6 nd prefix 2::/64 at JUN 12 12:00 JUN 1 12:00
ipv6 nd prefix 2001:sb8:c18:2::/64 43200 43200
ipv6 acl例:
ipv6 access-list blocksite deny fe:ce:0:0:2/64 any
ipv6 access-list blocksite permit any
interface e0
ipv6 traffic-filter blocksite out
实验:
r1:
ipv6 access-list wolf
permit ipv6 host 2001:::1 any
int e0/0
ipv6 traffic-filter wolf out
ipv6 acl隐含条件
permit icmp any any nd-ns
permit icmp any any nd-na
deny ipv6 any any
ipv6 静态路由
r1:
int lo0
ipv6 address 1::1/64
r2:
int e0/0
ipv6 address 2001::2/64
int lo0
ipv6 address 2:2/64
r1:
ipv6 route 2::/64 2001::2
r2:
ipv6 route 1::/64 2001::1
show ipv6 route
ipv6 rip
协议封装udp521
组播地址ff02::9
实验:
r1:
ipv6 unicast-routing
ipv6 router rip a(名字本地有效,可以起多个进程)
inter e0/0
ipv6 rip a enable
int lo0
ipv6 rip a enable
r2:
ipv6 unicast-routing
ipv6 router rip a
int e0/0
ipv6 rip a enable
int lo0
ipv6 rip a enable
debug ipv6 rip
ipv6 router rip a
split-horizon(开启水平分割)
在ipv4开启水平分割
int e0/0
ip split-horizon
ipv6 ospf
version 3
协议号89
ff02::5/6
实验:
r1:
ipv6 unicast-routing
ipv6 router ospf 110
router-id 1.1.1.1
int e0/0
ipv6 ospf 110 area 0
int lo0
ipv6 ospf 110 area 0
r2:
ipv6 unicast-routing
ipv6 router ospf 110
router-id 2.2.2.2
int e0/0
ipv6 ospf 110 area 0
int lo0
ipv6 ospf 110 area 0
ipv6 isis
直接封装进2层头部,
l1
l2
r1:
ipv6 unicast-routing
router isis
net 49.0001.1111.1111.1111.00
log-adjacency-changes all(打开log信息)
int e0/0
ipv6 router isis
int lo0
ipv6 router isis
r2:
ipv6 unicast-routing
router isis
net 49.0001.2222.2222.2222.00
log-adjacency-changes all
int e0/0
ipv6 router isis
int lo0
ipv6 router isis
show clns neighbors
r1:
int lo100
ipv6 address 100::1/64
router isis(重发布)
address-family ipv6 地址族
redistribute connected
r1:
router bgp 1bgp router-id 1.1.1.1
no syn
no au
neighbor 2001::2 remote-as 2
address-framily ipv6
neighbor 2001::2 active
no bgp default ipv4-unicast(关闭bgp ipv4)
show bgp ipv6 summary
r2:
router bgp 2
bgp router-id 2.2.2.2
no syn
no au
neighbor 2001::1 remote-as 1
address-framily ipv6
neighbor 2001:1 activate
no bgp default ipv4-unicast(关闭bgp ipv4)
show bgp ipv6 summary
r1:
address-family ipv6
network 1::/64
show bgp ipv6
ipv4传递ipv6路由
1.双栈:在路由器上即配置ipv6地址再配置ipv4,上网线探测ipv6 dns。
例:
int e0
ip add 192.168.99.1 255.255.255.0
ipv6 address 1::1/127
2.overlay tunnel
实验:
r1:
int s0/0
ip add 12.1.1.1 255.255.255.0
no sh
int s0/1
ip add 13.1.1.1 255.255.255.0
no sh
int lo0
ip add 1.1.1.1 255.255.255.0
no sh
r2:
int s0/0
ip add 12.1.1.2 255.255.255.0
no sh
int lo0
ip add 2.2.2.2 255.255.255.0
r3:
int s0/1
ip add 13.1.1.3 255.255.255.0
no sh
int lo0
ip add 3.3.3.3 255.255.255.0
no sh
int e0/0
ipv6 address 3::3/64
no sh
r2:
int e0/0
ipv6 address 2::2/64
r1:
router ospf 110
router-id 1.1.1.1
net 12.1.1.0 0.0.0.255 area 0
net 13.1.1.0 0.0.0.255 area 0
net 1.1.1.0 0.0.0.255 area 0
r2:
router ospf 110
router-id 2.2.2.2
net 12.1.1.0 0.0.0.255 area0
net 2.2.2.0 0.0.0.255 area 0
r3:
router ospf 110
router-id 3.3.3.3
network 13.1.1.0 0.0.0.255 area 0
net 3.3.3.0 0.0.0.255 area 0
r2:
interface tunnel 2
tunnel source 2.2.2.2
tunnel destination 3.3.3.3
tunnel mode ipv6ip(把ipv6转成ipv4)
r3:
interface tunnel 3
tunnel source 3.3.3.3
tunnel destination 2.2.2.2
tunnel mode ipv6ip
r2:
int tunnel 2
ipv6 enable
r3:
int tunnel 3
ipv6 enable
r2:
ipv 6 router rip a
inter tunnel 2
ipv6 rip a enable
int e0/0
ipv6 rip a enable
r3:
ipv6 router rip a
inter tunnel 3
ipv6 rip a enable
int e0/0
ipv6 rip a enable
6to4 tunnel
router1#
interface loopback0
ip add 192.168.99.1 255.255.255.0
int e0
ipv6 add 2002:c0a8:6301:1::/64 eui-64
inter tunnel0
ipv6 unnumbered e0
tunnel source lo0
tunnel mode ipv6ip 6to4
ipv6 route 2002::/16 tunnel0
router2#interface lo0
ip add 192.168.30.1 255.255.255.0
int e0
ipv6 add 2002:c0a8:1e01:1::/64 eui-64
inter tunnel0
no ip address
ipv6 unnumbered ethernet0
tunnel source loopback0
tunnel mode ipv6ip 6to4
ipv6 route 2002::/16 tunnel0
1.自动tunnel不用指定tunnel destination
2.几乎没有ipv6路由表。
实验:
r2:
int e0/0
ipv6 address 2002:202:202::2/64
int tunnel 2
tunnel source 2.2.2.2
tunnel mode ipv6ip 6to4
ipv6 unnumbered e0(借用e0口地址)
ipv6 route 2002::/16 tunnel2
r3:
int e0/0
ipv6 address 2002:303:303::3/64
int tunnel 3
tunnel source 3.3.3.3
tunnel mode ipv6ip 6to4
ipv6 unnumbered e0/0
ip route 2002::/16 tunnel 3
浙公网安备 33010602011771号