目标:
一、首先将r2、r3、r4这个公网先弄通
[r2]int gi 0/0/0
[r2-GigabitEthernet0/0/0]ip add 23.1.1.1 24
[r3]int gi 0/0/0
[r3-GigabitEthernet0/0/0]ip add 23.1.1.2 24
[r3-GigabitEthernet0/0/0]int gi 0/0/1
[r3-GigabitEthernet0/0/1]ip add 34.1.1.1 24
[r3]int lo0
[r3-LoopBack0]ip add 3.3.3.3 24
[r4]int gi 0/0/0
[r4-GigabitEthernet0/0/0]ip add 34.1.1.2 24
再在r2、r4上分别写一条缺省指向r3实现公网全网可达
[r2]ip route-static 0.0.0.0 0 23.1.1.2
[r4]ip route-static 0.0.0.0 0 34.1.1.1
二、在r1上配置相应的IPV4、IPV6地址
ipv4:
[r1]int gi 0/0/1
[r1-GigabitEthernet0/0/1]ip add 192.168.0.1 30
[r1-GigabitEthernet0/0/1]int lo0
[r1-LoopBack0]ip add 192.168.1.1 25
[r1-LoopBack0]int lo1
[r1-LoopBack1]ip add 192.168.1.129 25
[r2-GigabitEthernet0/0/0]ip add 192.168.0.2 30
[r2-GigabitEthernet0/0/0]int lo0
[r2-LoopBack0]ip add 192.168.2.1 24
再在r1-r2之间使用静态进行路由学习
[r1]ip route-static 0.0.0.0 0 192.168.0.2
[r1]ip route-static 192.168.1.0 24 NULL 0 防环的空接口
[r2]ip route-static 192.168.1.0 24 192.168.0.1 这里将r1的两个环回直接汇总了
现在r1和r2已经学习到了对方的环回
然后r1需要访问公网需要使用NAT实现
[r2]acl 2000
[r2-acl-basic-2000]rule permit source 192.168.0.0 0.0.255.255
[r2-acl-basic-2000]int gi 0/0/1
[r2-GigabitEthernet0/0/1]nat outbound 2000
现在r1的就可以访问呢公网了
下面为r1-r2配置ipv6地址:
首先需要基于23.1.1.1这个ipv4地址来进行划分
23.1.1.1
2002:1701:0101:: 48
再划分为:
2002:1701:0101:0000:: 64---2002:1701:0101:0000:: 64(用于r1lo0) | 2002:1701:0101:8000:: 64(用于r1lo1)
2002:1701:0101:1:: 64(用于r1-r2之间的网段)
2002:1701:101:2::1 64 (用于r2的环回)
2002:1701:0101:3::1 64(用于r2 6to4 的tunnel IPV6地址)
配置:
r1:
[r1]ipv6
[r1]int lo0
[r1-LoopBack0]ipv6 enable
[r1-LoopBack0]ipv6 add 2002:1701:0101::1 65
[r1-LoopBack1]ipv6 enable
[r1-LoopBack1]ipv6 add 2002:1701:0101:0000:8000::1 65
[r1]int gi 0/0/1
[r1-GigabitEthernet0/0/1]ipv6 enable
[r1-GigabitEthernet0/0/1]ipv6 add 2002:1701:101:1::1 64
[r1]ipv6 route-static 2002:1701:0101:: 64 NULL 0 防环的空接口
[r2]int gi 0/0/0
[r2-GigabitEthernet0/0/0]ipv6 enable
[r2-GigabitEthernet0/0/0]ipv6 add 2002:1701:101:1::2 64.
[r2-GigabitEthernet0/0/0]int lo0
[r2-LoopBack0]ipv6 enable
[r2-LoopBack0]ipv6 add 2002:1701:101:2::1 64
然后在r1和r2上分别启动RIPNG
[r1-GigabitEthernet0/0/1]ripng 1 enable
[r1-GigabitEthernet0/0/1]int lo0
[r1-LoopBack0]ripng 1 enable
[r1-LoopBack0]int lo1
[r1-LoopBack1]rip
[r1-LoopBack1]ripng 1 enable
[r2]int gi 0/0/0
[r2-GigabitEthernet0/0/0]ripng 1 enable
[r2-GigabitEthernet0/0/0]int lo0
[r2-LoopBack0]ripng 1 enable
[r2-GigabitEthernet0/0/0]ripng default-route only
这时r1-r2之间也通过ripng学习到了对方的ipv6环回
r2学习到了r1的两个环回;这里可以汇总优化以下这两条环回
[r1-GigabitEthernet0/0/1]ripng summary-address 2002:1701:0101:: 64
现在r2只学习一条路由
三、因为r3为ipv4环境r2想要与r4来连接需要使用6to4tunnel来实现
r2:
[r2]int Tunnel 0/0/0
[r2-Tunnel0/0/0]ipv6 enable
[r2-Tunnel0/0/0]ipv6 address 2002:1701:0101:3::1 64
[r2-Tunnel0/0/0]tunnel-protocol ipv6-ipv4 6to4 创建6to4
[r2-Tunnel0/0/0]source 23.1.1.1
[r2-Tunnel0/0/0]q
[r2]ipv6 route-static 2002:: 16 Tunnel 0/0/0 所有访问2002:: 16的都走 tunnel 0/0/0接口
[r2]int gi 0/0/0
[r2-GigabitEthernet0/0/0]ripng default-route only r2会给r1一条指向自己的缺省,并且只会发一条缺省(即r1访问所有非本区域网段都走这跳缺省)
四、下面配置r4--r8这个IPV6网络
首先需要基于34.1.1.2划分
34.1.1.2
2002:2201:0102:: 48
再划分为:
2002:2201:0102:0000:: 49(AS1)
2002:2201:0102:0000::64(用于r4环回)
2002:2201:0102:1::64(用于r4-r5)
2002:2201:0102:8000:: 49(AS2)
2002:2201:0102:8000: 64(用于r5环回)
2002:2201:0102:8001: 64(用于r5-r6)
2002:2201:0102:8002: 64(用于r6环回)
2002:2201:0102:8003: 64(用于r6-r7)
2002:2201:0102:8004: 64(用于r7环回)
2002:2201:0102:8005: 64(用于r7-r8)
2002:2201:0102:8006: 64(用于r8环回)
[r4]ipv6
[r4]int lo0
[r4-LoopBack0]ipv6 enable
[r4-LoopBack0]ipv6 address 2002:2201:0102::1 64
[r4-LoopBack0]int gi 0/0/1
[r4-GigabitEthernet0/0/1]ipv6 enable
[r4-GigabitEthernet0/0/1]ipv6 add 2002:2201:0102:1::1 64
[r5]ipv6
[r5]int gi 0/0/0
[r5-GigabitEthernet0/0/0]int gi 0/0/0
[r5-GigabitEthernet0/0/0]ipv6 enable
[r5-GigabitEthernet0/0/0]ipv6 add 2002:2201:0102:1::2 64
[r5-LoopBack0]int gi 0/0/1
[r5-GigabitEthernet0/0/1]ipv6 enable
[r5-GigabitEthernet0/0/1]ipv6 add 2002:2201:0102:8001::1 64
[r6]ipv6
[r6]int gi 0/0/0
[r6-GigabitEthernet0/0/0]ipv6 enable
[r6-GigabitEthernet0/0/0]ipv6 add 2002:2201:0102:8001::2 64
[r6-LoopBack0]ipv6 enable
[r6-LoopBack0]ipv6 add 2002:2201:0102:8002::1 64
[r6-LoopBack0]int gi 0/0/1
[r6-GigabitEthernet0/0/1]ipv6 enable
[r6-GigabitEthernet0/0/1]ipv6 add 2002:2201:0102:8003::1 64
[r7]ipv6
[r7]int gi 0/0/0
[r7-GigabitEthernet0/0/0]ipv6 enable
[r7-GigabitEthernet0/0/0]ipv6 add 2002:2201:0102:8003::2 64
[r7-GigabitEthernet0/0/0]int lo0
[r7-LoopBack0]ipv6 enable
[r7-LoopBack0]ipv6 add 2002:2201:0102:8004::1 64
[r7-LoopBack0]int gi 0/0/1
[r7-GigabitEthernet0/0/1]ipv6 enable
[r7-GigabitEthernet0/0/1]ipv6 add 2002:2201:0102:8005::1 64
[r8]ipv6
[r8]int GigabitEthernet 0/0/0
[r8-GigabitEthernet0/0/0]ipv6 enable
[r8-GigabitEthernet0/0/0]ipv6 add 2002:2201:0102:8005::2 64
[r8-GigabitEthernet0/0/0]int lo0
[r8-LoopBack0]ipv6 enable
[r8-LoopBack0]ipv6 add 2002:2201:0102:8006::1 64
现在4/5/6/7/8的所有ipv6地址配置完成了;
五、现在在5/6/7/8之间启动IGP使用ospfv3
[r5]ospfv3 1
[r5-ospfv3-1]router-id 5.5.5.5
[r5-ospfv3-1]int lo0
[r5-LoopBack0]ospfv3 1 area 0
[r5-LoopBack0]int gi 0/0/1
[r5-GigabitEthernet0/0/1]ospfv3 1 area 0
[r6]ospfv3 1
[r6-ospfv3-1]router-id 6.6.6.6
[r6-ospfv3-1]int lo0
[r6-LoopBack0]ospfv3 1 area 0
[r6-LoopBack0]int gi0/0/0
[r6-GigabitEthernet0/0/0]ospfv3 1 area 0
[r6-GigabitEthernet0/0/0]int gi 0/0/1
[r6-GigabitEthernet0/0/1]ospfv3 1 area 0
[r7]ospfv3 1
[r7-ospfv3-1]router-id 7.7.7.7
[r7-ospfv3-1]int lo0
[r7-LoopBack0]ospfv3 1 area 0
[r7-LoopBack0]int gi 0/0/0
[r7-GigabitEthernet0/0/0]ospfv3 1 area 0
[r7-GigabitEthernet0/0/0]int gi 0/0/1
[r7-GigabitEthernet0/0/1]ospfv3 1 area 0
[r8]ospfv3 1
[r8-ospfv3-1]router-id 8.8.8.8
[r8-ospfv3-1]int lo0
[r8-LoopBack0]ospfv3 1 area 0
[r8-LoopBack0]int gi 0/0/0
[r8-GigabitEthernet0/0/0]ospfv3 1 area 0
六、在4/5/6/7/8之间进行BGP的配置
[r4]bgp 1
[r4-bgp]router-id 4.4.4.4
[r4-bgp]peer 2002:2201:102:1::2 as 2
[r4-bgp]ipv6-family
[r4-bgp-af-ipv6]peer 2002:2201:102:1::2 enable
[r5]bgp 64512
[r5-bgp]router-id 5.5.5.5
[r5-bgp]confederation id 2
[r5-bgp]peer 2002:2201:102:1::1 as 1
[r5-bgp]ipv6-family
[r5-bgp-af-ipv6]peer 2002:2201:102:1::1 enable
注意:这里可以使用IPV6的多宿主方式在每个需要使用环回建邻的路由器上给复杂的环回ipv6地址再写一方便好些的ip
[r5-LoopBack0]ipv6 add 5::5 128
[r6-LoopBack0]ipv6 add 6::6 128
[r7-LoopBack0]ipv6 add 7::7 128
[r8-LoopBack0]ipv6 add 8::8 128
[r5]bgp 64512
[r5-bgp]peer 6::6 as 64512
[r5-bgp]router-id 5.5.5.5
[r5-bgp]confederation id 2
[r5-bgp]peer 6::6 connect-interface lo0
[r5-bgp]peer 6::6 connect-interface lo0 5::5
[r5-bgp]ipv6-family
[r5-bgp-af-ipv6]peer 6::6 enable
[r6]bgp 64512
[r6-bgp]router-id 6.6.6.6
[r6-bgp]confederation id 2
[r6-bgp]peer 5::5 as 64512
[r6-bgp]peer 5::5 connect-interface lo0 6::6
[r6-bgp]peer 7::7 as 64512
[r6-bgp]peer 7::7 connect-interface lo0 6::6
[r6-bgp]ipv6-family
[r6-bgp-af-ipv6]peer 5::5 enable
[r6-bgp-af-ipv6]peer 7::7 enable
[r7]bgp 64512
[r7-bgp]router-id 7.7.7.7
[r7-bgp]confederation id 2
[r7-bgp]confederation peer-as 64513
[r7-bgp]peer 6::6 as 64512
[r7-bgp]peer 6::6 connect-interface lo0 7::7
[r7-bgp]peer 8::8 as 64513
[r7-bgp]peer 8::8 connect-interface lo0 7::7
[r7-bgp]peer 8::8 ebgp-max-hop 2
[r7-bgp]ipv6-family
[r7-bgp-af-ipv6]peer 6::6 enable
[r7-bgp-af-ipv6]peer 8::8 enable
[r8]bgp 64513
[r8-bgp]router-id 8.8.8.8
[r8-bgp]confederation id 2
[r8-bgp]confederation peer-as 64512
[r8-bgp]peer 7::7 as 64512
[r8-bgp]peer 7::7 connect-interface lo0 8::8
[r8-bgp]peer 7::7 ebgp-max-hop 2
[r8-bgp]ipv6-family
[r8-bgp-af-ipv6]peer 7::7 enable
七、现在需要实现全网可达
首先为r4配置tunnel 0/0/0
[r4]int Tunnel 0/0/0
[r4-Tunnel0/0/0]ipv6 enable
[r4-Tunnel0/0/0]ipv6 add 2002:2201:0102:2::1 64
[r4-Tunnel0/0/0]tunnel-protocol ipv6-ipv4 6to4
[r4-Tunnel0/0/0]source 34.1.1.2
下面将5/6/7/8汇总之后传递给r4(r1、r2、r3就可以访问到右侧的路由器了)
[r5]ipv6 route-static 2002:2201:0102:8000:: 49 NULL 0
[r5]bgp 64512
[r5-bgp]ipv6-family
[r5-bgp-af-ipv6]network 2002:2201:0102:8000:: 49
[r4]ipv6 route-static 2002:: 16 Tunnel 0/0/0
然后让r4将自己左侧的2002:: 16 宣告给右侧-右侧的路由器就可以访问到左侧的路由器了
[r4]bgp 1
[r4-bgp]ipv6-family
[r4-bgp-af-ipv6]network 2002:: 16
这里还需要在bgp的传递时将源ip修改为本地不然会导致学习到的路由不优
[r5-bgp-af-ipv6]peer 6::6 next-hop-local
因为IBGP的水平分割r6无法将r5学习到的路由发送给r7
解决方法;路由反射器
[r6]bgp 64512
[r6-bgp]ipv6-family
[r6-bgp-af-ipv6]peer 7::7 reflect-client r6指定r7为客户端
测试:(r1可以通过ipv6ping通r8的环回)
