效果图:r1能ping通r11和r8,r8能ping通r11
个人理解:ipv6-ipv4隧道只认前缀,例如:r2隧道的source是其接口g0/0/1,它的ipv4 address是29.1.1.1/24,那么转化过来的ipv6就是2002:1d01:0101::/48,对端的r10只能ping通2002:1d01:0101::/48网段内的ipv6。
同理,r10隧道的source是其接口g0/0/0,ipv4是91.1.1.2/24,ipv6就是2002:5b01:0102::/48,r2只能ping通这个ipv6网段内的
代码:
#做ipv6-ipv4隧道之前要先让r1和r10都能ipv4上ping通isp
#省略了r1-r2-isp-r10的ipv4接口配置
#eNSP软件可能有问题,隧道有时候会突然挂掉,上一秒能ping通下一秒又ping不通,我的故障是r10突然ipv4 ping不通isp,重启isp和r10路由器又能ping通了
[r1]
ospf 1 router-id 1.1.1.1 #ipv4 ospf-1
area 0.0.0.0
network 0.0.0.0 255.255.255.255
ipv6 #要先输这个开启ipv6功能
ospfv3 1
router-id 1.1.1.1
interface LoopBack0
ipv6 enable
ipv6 address 1::1/64
ospfv3 1 area 0.0.0.0 #将环回接口宣告进ospfv3的area 0区域
interface GigabitEthernet0/0/0
ipv6 enable
ipv6 address 2002:1D01:101::1/64
ospfv3 1 area 0.0.0.0
[r2]
ip route-static 0.0.0.0 0 29.1.1.2 #ipv4做缺省指向isp,r10同理
acl 2000
rule permit source any
interface GigabitEthernet0/0/1
ip address 29.1.1.1 24
nat outbound 2000 #不做这个r1ping不通isp
ospf 1 router-id 2.2.2.2 #ipv4 ospf-1
default-route-advertise #ipv4缺省下放给r1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 12.1.1.2 0.0.0.0
ipv6
ospfv3 1
router-id 2.2.2.2
import-route ospfv3 2 #重发布
import-route ripng 1 #重发布
interface GigabitEthernet0/0/0
ipv6 enable
ipv6 address 2002:1D01:101::2/64
ospfv3 1 area 0.0.0.0
interface GigabitEthernet0/0/2
ipv6 enable
ipv6 address 2002:1D01:101:23::1/64
ospfv3 1 area 0.0.0.0
interface Tunnel0/0/0
tunnel-protocol ipv6-ipv4 6to4 #要先写这个改隧道模式
source GigabitEthernet0/0/1
ipv6 enable
ipv6 address 2002:1D01:101:3::1/64
ospfv3 1 area 0.0.0.0
ipv6 route-static :: 0 23::2 #做缺省下一跳指向右边r3
ipv6 route-static 2002:5B01:102:: 48 Tunnel0/0/0 #做静态掩码比缺省的长,去往r10,r11的下一跳指向隧道tunnel0/0/0
#######
#R3-R8上的ipv6 bgp和ipv4 bgp基本上类似,就是有的指令要在ipv6 family里面输
#######
[r3]
ipv6
ipv6 route-static :: 0 2002:1D01:101:23::1 #缺省指向r2
ospfv3 2
router-id 3.3.3.3
import-route ospfv3 1 #重发布
default-route-advertise #下放缺省
interface GigabitEthernet0/0/0
ipv6 enable
ipv6 address 2002:1D01:101:23::2/64
ospfv3 2 area 0.0.0.0
interface GigabitEthernet0/0/1
ipv6 enable
ipv6 address 2002:1D01:101:34::1/64
ospfv3 2 area 0.0.0.0
interface LoopBack0
ipv6 enable
ipv6 address 3::3/64
ospfv3 2 area 0.0.0.0
bgp 64512
router-id 3.3.3.3
confederation id 100
peer 4::4 as-number 64512
peer 4::4 connect-interface LoopBack0
ipv6-family
import-route direct
import-route ospfv3 2
peer 4::4 enable
peer 4::4 next-hop-local
[r4]
ipv6
ospfv3 2
router-id 4.4.4.4
interface GigabitEthernet0/0/0
ipv6 enable
ipv6 address 2002:1D01:101:34::2/64
ospfv3 2 area 0.0.0.0
interface GigabitEthernet0/0/1
ipv6 enable
ipv6 address 2002:1D01:101:45::1/64
ospfv3 2 area 0.0.0.0
interface LoopBack0
ipv6 enable
ipv6 address 4::4/64
ospfv3 2 area 0.0.0.0
bgp 64512
router-id 4.4.4.4
confederation id 100
peer 3::3 as-number 64512
peer 3::3 connect-interface LoopBack0
peer 5::5 as-number 64512
peer 5::5 connect-interface LoopBack0
ipv6-family
peer 3::3 enable
peer 3::3 reflect-client
peer 5::5 enable
peer 5::5 reflect-client
[r5]
ipv6
ospfv3 2
router-id 5.5.5.5
interface GigabitEthernet0/0/0
ipv6 enable
ipv6 address 2002:1D01:101:45::2/64
ospfv3 2 area 0.0.0.0
interface GigabitEthernet0/0/1
ipv6 enable
ipv6 address 2002:1D01:101:56::1/64
ospfv3 2 area 0.0.0.0
interface LoopBack0
ipv6 enable
ipv6 address 5::5/64
ospfv3 2 area 0.0.0.0
bgp 64512
router-id 5.5.5.5
confederation id 100
confederation peer-as 64513
peer 4::4 as-number 64512
peer 4::4 connect-interface LoopBack0
peer 6::6 as-number 64513
peer 6::6 ebgp-max-hop 255
peer 6::6 connect-interface LoopBack0
ipv6-family
import-route direct
peer 4::4 enable
peer 4::4 next-hop-local
peer 6::6 enable
[r6]
ipv6
ospfv3 2
router-id 6.6.6.6
interface GigabitEthernet0/0/0
ipv6 enable
ipv6 address 2002:1D01:101:56::2/64
ospfv3 2 area 0.0.0.0
interface GigabitEthernet0/0/1
ipv6 enable
ipv6 address 2002:1D01:101:67::1/64
bgp 64513
router-id 6.6.6.6
confederation id 100
confederation peer-as 64512
peer 5::5 as-number 64512
peer 5::5 ebgp-max-hop 255
peer 5::5 connect-interface LoopBack0
peer 2002:1D01:101:67::2 as-number 101
ipv6-family
import-route direct #重发布共享直连链路
import-route ospfv3 2 #重发布共享ospfv3 2
peer 5::5 enable
peer 2002:1D01:101:67::2 enable
[r7]
ipv6
ripng 2
interface GigabitEthernet0/0/0
ipv6 enable
ipv6 address 2002:1D01:101:67::2/64
interface GigabitEthernet0/0/1
ipv6 enable
ipv6 address 2002:1D01:101:78::1/64
ripng 2 enable
ripng default-route originate #下放缺省给r8
interface LoopBack0
ipv6 enable
ipv6 address 7::7/64
ripng 2 enable
bgp 101
router-id 7.7.7.7
peer 8::8 as-number 101
peer 8::8 connect-interface LoopBack0
peer 2002:1D01:101:67::1 as-number 100
ipv6-family
network 7::7 128 #宣告7的环回出去
network 8:: 64
network 8::8 128
import-route direct #重发布直连链路出去
import-route ripng 2 #重发布ripng 2出去
peer 8::8 enable
peer 8::8 next-hop-local
peer 2002:1D01:101:67::1 enable
[r8]
ipv6
ripng 2
interface GigabitEthernet0/0/0
ipv6 enable
ipv6 address 2002:1D01:101:78::2/64
ripng 2 enable
interface LoopBack0
ipv6 enable
ipv6 address 8::8/64
ripng 2 enable
bgp 101
router-id 8.8.8.8
peer 7::7 as-number 101
peer 7::7 connect-interface LoopBack0
ipv6-family
peer 7::7 enable
#isp只配了接口ipv4指令
[r10]
ipv6
ipv6 route-static :: 0 Tunnel0/0/0
ripng 1
interface GigabitEthernet0/0/1
ipv6 enable
ipv6 address 2002:5B01:102::1/64
ripng 1 enable
ripng default-route originate #下放缺省给r11
interface LoopBack0
ipv6 enable
ipv6 address 2002:5B01:102:1::1/64
ripng 1 enable
interface Tunnel0/0/0
tunnel-protocol ipv6-ipv4 6to4
source GigabitEthernet0/0/0
ipv6 enable
ipv6 address 2002:5B01:102:3::1/64
ripng 1 enable
[r11]
ipv6
ripng 1
interface GigabitEthernet0/0/0
ipv6 enable
ipv6 address 2002:5B01:102::2/64
ripng 1 enable
interface LoopBack0
ipv6 enable
ipv6 address 2002:5B01:102:2::1/64
ripng 1 enable
#建议先通上路隧道,再通右路bgp
