拓扑结构:
要求:
1、两个局域网基于6 to 4 tunnel可达,公网使用IPV4地址
2、R1可以访问R3的环回
3、保障网络更新安全,全网可达
使用的设备:8台
路由器
解决网络拓扑:
1、确定广播域的个数
2、分配网段
3、配置IP地址 (优先配置路由器)
确定广播域的个数
根据拓扑结构图以及要求可知,中间部分是公网,随意分配公网的IP地址(IPV4),其他部分按要求分配IPV4或者IPV6的地址,但是因为IPV6的地址非常多,所以都是公网地址
分配网段
自主分配网段,我的IPV6地址是根据我的R2的IPV4地址和R4的IPV4地址转换而来
接口网段:
| 接口 | 分配网段 |
| R1:GE 0/0/0 | 192.168.0.0/30 |
| R1:GE 0/0/0 | 2002:1700:1:1::/64 |
| R2:GE 0/0/0 R2:GE 0/0/1 | 192.168.0.0/30 23.0.0.0/30 |
| R2:GE 0/0/0 | 2002:1700:1:1::/64 |
| R3:GE 0/0/0 R3:GE 0/0/1 | 23.0.0.0/30 34.0.0.0/30 |
| R4:GE 0/0/0 R4:GE 0/0/1 | 34.0.0.0/30 2002:2200:2:1::/64 |
| R5:GE 0/0/0 R5:GE 0/0/1 | 2002:2200:2:1::/64 2002:2200:2:8001::/64 |
| R6:GE 0/0/0 R6:GE 0/0/1 | 2002:2200:2:8001::/64 2002:2200:2:8003::/64 |
| R7:GE 0/0/0 R7:GE 0/0/1 | 2002:2200:2:8003::/64 2002:2200:2:8005::/64 |
| R8:GE 0/0/0 | 2002:2200:2:8005::/64 |
环回网段:
| 环回 | 分配网段 |
| R1 LoopBack 0 R1 LoopBack 0 | 192.168.1.0/25 192.168.1.128/25 |
| R2 LoopBack 0 | 192.168.2.0/24 |
| R3 LoopBack 0 | 30.0.0.0/24 |
| IPV6环回 | 分配网段 |
| R1 LoopBack 0 R1 LoopBack 0 | 2002:1700:1::/65 2002:1700:1::/65 |
| R2 LoopBack 0 | 2002:1700:1:2::/64 |
| R4 LoopBack 0 | 2002:2200:2::/64 |
| R5 LoopBack 0 | 2002:2200:2:8000::/64 |
| R6 LoopBack 0 | 2002:2200:2:8002::/64 |
| R7 LoopBack 0 | 2002:2200:2:8004::/64 |
| R8 LoopBack 0 | 2002:2200:2:8006::/64 |
6to4tunnel接口网段:
| Tunnel | 分配网段 |
| AR2 | 2002:1700:1:3::/64 |
| AR4 | 2002:2200:2:2::/64 |
AS自治系统网段
| AS | 分配网段 |
| AS1 | 2002:2200:0002::/49 |
| AS2 | 2002:2200:0002:8000:/49 |
配置路由器IP地址
配置顺序为R2、R3、R4,先让公网可以相互通信,然后是客户网络,R1、R5、R6、R7
AR2:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname r2
[r2]interface GigabitEthernet 0/0/1
[r2-GigabitEthernet0/0/1]ip address 23.0.0.1 30
[r2-GigabitEthernet0/0/1]
[r2-GigabitEthernet0/0/1]q
[r2]ip route-static 0.0.0.0 0 23.0.0.2
[r2]interface GigabitEthernet 0/0/0
[r2-GigabitEthernet0/0/0]ip address 192.168.0.2 30
[r2-GigabitEthernet0/0/0]q
[r2]interface LoopBack 0
[r2-LoopBack0]ip address 192.168.2.1 24
[r2-LoopBack0]q
[r2]AR3:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname r3
[r3]interface GigabitEthernet 0/0/0
[r3-GigabitEthernet0/0/0]ip address 23.0.0.2 30
[r3-GigabitEthernet0/0/0]q
[r3]interface GigabitEthernet 0/0/1
[r3-GigabitEthernet0/0/1]ip address 34.0.0.1 30
[r3-GigabitEthernet0/0/1]q
[r3]interface LoopBack 0
[r3-LoopBack0]ip address 30.0.0.1 24
[r3-LoopBack0]q
[r3]AR4:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname r4
[r4]interface GigabitEthernet 0/0/0
[r4-GigabitEthernet0/0/0]ip address 34.0.0.2 30
[r4-GigabitEthernet0/0/0]q
[r4]ip route-static 0.0.0.0 0 34.0.0.1
[r4]AR1:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname r1
[r1]interface GigabitEthernet 0/0/0
[r1-GigabitEthernet0/0/0]ip address 192.168.0.1 30
[r1-GigabitEthernet0/0/0]q
[r1]interface LoopBack 0
[r1-LoopBack0]ip address 192.168.1.1 25
[r1-LoopBack0]q
[r1]interface LoopBack 1
[r1-LoopBack1]ip address 192.168.1.129 25
[r1-LoopBack1]q
[r1]配置RIP动态路由协议
先在公网内部运行OSPF动态路由协议,将公网配置完成,使其相互通信,在接口配置认证,保证更新安全
AR1:
[r1]rip 1
[r1-rip-1]version 2
[r1-rip-1]network 192.168.1.0
[r1-rip-1]network 192.168.0.0
[r1-rip-1]q
[r1]interface GigabitEthernet 0/0/0
[r1-GigabitEthernet0/0/0]rip summary-address 192.168.1.0 255.255.255.0
[r1-GigabitEthernet0/0/0]q
[r1]
[r1]ip route-static 192.168.1.0 24 NULL 0
[r1]AR2:
[r2]rip 1
[r2-rip-1]version 2
[r2-rip-1]network 192.168.2.0
[r2-rip-1]network 192.168.0.0
[r2-rip-1]q
[r2]rip 1
[r2-rip-1]default-route originate
[r2-rip-1]q
[r2]acl 2000
[r2-acl-basic-2000]rule permit source 192.168.0.0 0.0.255.255
[r2-acl-basic-2000]q
[r2]interface GigabitEthernet 0/0/1
[r2-GigabitEthernet0/0/1]nat outbound 2000
[r2-GigabitEthernet0/0/1]q
[r2]此时R1可以和R3的环回进行通信
配置AR1和AR2的IPV6地址
AR1:
[r1]ipv6
[r1]interface LoopBack 0
[r1-LoopBack0]ipv6 enable
[r1-LoopBack0]ipv6 address 2002:1700:1::1 65
[r1-LoopBack0]q
[r1]interface LoopBack 1
[r1-LoopBack1]ipv6 enable
[r1-LoopBack1]ipv6 address 2002:1700:1:0:8000::1 65
[r1-LoopBack1]q
[r1]interface GigabitEthernet 0/0/0
[r1-GigabitEthernet0/0/0]ipv6 enable
[r1-GigabitEthernet0/0/0]ipv6 address 2002:1700:1:1::1 64
[r1-GigabitEthernet0/0/0]q
[r1]AR2:
[r2]ipv6
[r2]interface GigabitEthernet 0/0/0
[r2-GigabitEthernet0/0/0]ipv6 enable
[r2-GigabitEthernet0/0/0]ipv6 address 2002:1700:1:1::2 64
[r2-GigabitEthernet0/0/0]q
[r2]interface LoopBack 0
[r2-LoopBack0]ipv6 enable
[r2-LoopBack0]ipv6 address 2002:1700:1:2::1 64
[r2-LoopBack0]q
[r2]RIPNG:
AR1:
[r1]ripng 1
[r1-ripng-1]q
[r1]
[r1]interface LoopBack 0
[r1-LoopBack0]ripng 1 enable
[r1-LoopBack0]q
[r1]interface LoopBack 1
[r1-LoopBack1]ripng 1 enable
[r1-LoopBack1]q
[r1]interface GigabitEthernet 0/0/0
[r1-GigabitEthernet0/0/0]ripng 1 enable
[r1-GigabitEthernet0/0/0]q
[r1]
[r1]interface GigabitEthernet 0/0/0
[r1-GigabitEthernet0/0/0]ripng summary-address 2002:1700:1:0000:: 64
[r1-GigabitEthernet0/0/0]q
[r1]AR2:
[r2]ripng 1
[r2-ripng-1]q
[r2]interface GigabitEthernet 0/0/0
[r2-GigabitEthernet0/0/0]ripng 1 enable
[r2-GigabitEthernet0/0/0]q
[r2]interface LoopBack 0
[r2-LoopBack0]ripng 1 enable
[r2-LoopBack0]q
[r2]
[r2]interface GigabitEthernet 0/0/0
[r2-GigabitEthernet0/0/0]ripng default-route only
[r2-GigabitEthernet0/0/0]q
[r2]配置6to4 tunnel
AR2:
[r2]interface Tunnel 0/0/0
[r2-Tunnel0/0/0]ipv6 enable
[r2-Tunnel0/0/0]ipv6 address 2002:1700:1:3::1 64
[r2-Tunnel0/0/0]tunnel-protocol ipv6-ipv4 6to4
[r2-Tunnel0/0/0]source 23.0.0.1
[r2-Tunnel0/0/0]q
[r2]ipv6 route-static 2002:: 16 Tunnel 0/0/0
[r2]AR1:
[r1]ipv6 route-static 2002:1700:1:0000:: 64 NULL 0AR4:
[r4]interface Tunnel 0/0/0
[r4-Tunnel0/0/0]ipv6 enable
[r4-Tunnel0/0/0]ipv6 address 2002:2200:2:2::1 64
[r4-Tunnel0/0/0]tunnel-protocol ipv6-ipv4 6to4
[r4-Tunnel0/0/0]source 34.0.0.2
[r4-Tunnel0/0/0]q
[r4]ipv6 route-static 2002:: 16 Tunnel 0/0/0
[r4]bgp 1
[r4-bgp]ipv6-family
[r4-bgp-af-ipv6]network 2002:: 16
[r4-bgp-af-ipv6]q
[r4-bgp]q
[r4]配置右边的IPV6地址:
[r4]ipv6
[r4]interface LoopBack 0
[r4-LoopBack0]ipv6 enable
[r4-LoopBack0]ipv6 address 2002:2200:2::1 64
[r4-LoopBack0]q
[r4]interface GigabitEthernet 0/0/1
[r4-GigabitEthernet0/0/1]ipv6 enable
[r4-GigabitEthernet0/0/1]ipv6 address 2002:2200:2:1::1 64
[r4-GigabitEthernet0/0/1]q
[r4]AR5:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname r5
[r5]ipv6
[r5]interface GigabitEthernet 0/0/0
[r5-GigabitEthernet0/0/0]ipv6 enable
[r5-GigabitEthernet0/0/0]ipv6 address 2002:2200:2:1::2 64
[r5-GigabitEthernet0/0/0]q
[r5]interface LoopBack 0
[r5-LoopBack0]ipv6 enable
[r5-LoopBack0]ipv6 address 2002:2200:2:8000::1 64
[r5-LoopBack0]q
[r5]interface GigabitEthernet 0/0/1
[r5-GigabitEthernet0/0/1]ipv6 enable
[r5-GigabitEthernet0/0/1]ipv6 address 2002:2200:2:8001::1 64
[r5-GigabitEthernet0/0/1]q
[r5]AR6:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname r6
[r6]ipv6
[r6]interface GigabitEthernet 0/0/0
[r6-GigabitEthernet0/0/0]ipv6 enable
[r6-GigabitEthernet0/0/0]ipv6 address 2002:2200:2:8001::2 64
[r6-GigabitEthernet0/0/0]q
[r6]interface LoopBack 0
[r6-LoopBack0]ipv6 enable
[r6-LoopBack0]ipv6 address 2002:2200:2:8002::1 64
[r6-LoopBack0]q
[r6]interface GigabitEthernet 0/0/1
[r6-GigabitEthernet0/0/1]ipv6 enable
[r6-GigabitEthernet0/0/1]ipv6 address 2002:2200:2:8003::1 64
[r6-GigabitEthernet0/0/1]q
[r6]AR7:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname r7
[r7]ipv6
[r7]interface GigabitEthernet 0/0/0
[r7-GigabitEthernet0/0/0]ipv6 enable
[r7-GigabitEthernet0/0/0]ipv6 address 2002:2200:2:8003::2 64
[r7-GigabitEthernet0/0/0]q
[r7]interface LoopBack 0
[r7-LoopBack0]ipv6 enable
[r7-LoopBack0]ipv6 address 2002:2200:2:8004::1 64
[r7-LoopBack0]q
[r7]interface GigabitEthernet 0/0/1
[r7-GigabitEthernet0/0/1]ipv6 enable
[r7-GigabitEthernet0/0/1]ipv6 address 2002:2200:2:8005::1 64
[r7-GigabitEthernet0/0/1]q
[r7]AR8:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname r8
[r8]ipv6
[r8]interface GigabitEthernet 0/0/0
[r8-GigabitEthernet0/0/0]ipv6 enable
[r8-GigabitEthernet0/0/0]ipv6 address 2002:2200:2:8005::2 64
[r8-GigabitEthernet0/0/0]q
[r8]interface LoopBack 0
[r8-LoopBack0]ipv6 enable
[r8-LoopBack0]ipv6 address 2002:2200:2:8006::1 64
[r8-LoopBack0]q
[r8]运行OSPFV3
AR5:
[r5]ospfv3 1
[r5-ospfv3-1]router-id 5.5.5.5
[r5-ospfv3-1]q
[r5]interface LoopBack 0
[r5-LoopBack0]ospfv3 1 area 0
[r5-LoopBack0]q
[r5]interface GigabitEthernet 0/0/1
[r5-GigabitEthernet0/0/1]ospfv3 1 area 0
[r5-GigabitEthernet0/0/1]q
[r5]AR6:
[r6]ospfv3 1
[r6-ospfv3-1]router-id 6.6.6.6
[r6-ospfv3-1]q
[r6]interface GigabitEthernet 0/0/0
[r6-GigabitEthernet0/0/0]ospfv3 1 area 0
[r6-GigabitEthernet0/0/0]q
[r6]interface LoopBack 0
[r6-LoopBack0]ospfv3 1 area 0
[r6-LoopBack0]q
[r6]interface GigabitEthernet 0/0/1
[r6-GigabitEthernet0/0/1]ospfv3 1 area 0
[r6-GigabitEthernet0/0/1]q
[r6]AR7:
[r7]ospfv3 1
[r7-ospfv3-1]router-id 7.7.7.7
[r7-ospfv3-1]q
[r7]interface GigabitEthernet 0/0/0
[r7-GigabitEthernet0/0/0]ospfv3 1 area 0
[r7-GigabitEthernet0/0/0]q
[r7]interface GigabitEthernet 0/0/1
[r7-GigabitEthernet0/0/1]ospfv3 1 area 0
[r7-GigabitEthernet0/0/1]q
[r7]interface LoopBack 0
[r7-LoopBack0]ospfv3 1 area 0
[r7-LoopBack0]q
[r7]AR8:
[r8]ospfv3 1
[r8-ospfv3-1]router-id 8.8.8.8
[r8-ospfv3-1]q
[r8]interface GigabitEthernet 0/0/0
[r8-GigabitEthernet0/0/0]ospfv3 1 area 0
[r8-GigabitEthernet0/0/0]q
[r8]interface LoopBack 0
[r8-LoopBack0]ospfv3 1 area 0
[r8-LoopBack0]q
[r8]配置BGP协议
AR4:
[r4]bgp 1
[r4-bgp]router-id 4.4.4.4
[r4-bgp]peer 2002:2200:2:1::2 as-number 2
[r4-bgp]ipv6-family
[r4-bgp-af-ipv6]peer 2002:2200:2:1::2 enable
[r4-bgp-af-ipv6]q
[r4-bgp]q
[r4]AR5:
[r5]interface LoopBack 0
[r5-LoopBack0]ipv6 enable
[r5-LoopBack0]ipv6 address 5::5 64
[r5-LoopBack0]q
[r5]bgp 64512
[r5-bgp]router-id 5.5.5.5
[r5-bgp]confederation id 2
[r5-bgp]peer 2002:2200:2:1::1 as-number 1
[r5-bgp]peer 6::6 as-number 64512
[r5-bgp]peer 6::6 connect-interface LoopBack 0 5::5
[r5-bgp]ipv6-family
[r5-bgp-af-ipv6]peer 2002:2200:2:1::1 enable
[r5-bgp-af-ipv6]peer 6::6 enable
[r5-bgp-af-ipv6]q
[r5-bgp]AR6:
[r6]interface LoopBack 0
[r6-LoopBack0]ipv6 address 6::6 64
[r6-LoopBack0]q
[r6]bgp 64512
[r6-bgp]router-id 6.6.6.6
[r6-bgp]confederation id 2
[r6-bgp]peer 5::5 as-number 64512
[r6-bgp]peer 5::5 connect-interface LoopBack 0 6::6
[r6-bgp]peer 7::7 as-number 64512
[r6-bgp]peer 7::7 connect-interface LoopBack 0 6::6
[r6-bgp]ipv6-family
[r6-bgp-af-ipv6]peer 5::5 enable
[r6-bgp-af-ipv6]peer 7::7 enable
[r6-bgp-af-ipv6]q
[r6-bgp]q
[r6]AR7:
[r7]interface LoopBack 0
[r7-LoopBack0]ipv6 address 7::7 64
[r7-LoopBack0]q
[r7]bgp 64512
[r7-bgp]router-id 7.7.7.7
[r7-bgp]confederation id 2
[r7-bgp]confederation peer-as 64513
[r7-bgp]peer 6::6 as-number 64512
[r7-bgp]peer 6::6 connect-interface LoopBack 0 7::7
[r7-bgp]peer 8::8 as-number 64513
[r7-bgp]peer 8::8 connect-interface LoopBack 0 7::7
[r7-bgp]peer 8::8 ebgp-max-hop 2
[r7-bgp]ipv6-family
[r7-bgp-af-ipv6]peer 6::6 enable
[r7-bgp-af-ipv6]peer 8::8 enable
[r7-bgp-af-ipv6]q
[r7-bgp]q
[r7]AR8:
[r8]interface LoopBack 0
[r8-LoopBack0]ipv6 address 8::8 64
[r8-LoopBack0]q
[r8]bgp 64513
[r8-bgp]router-id 8.8.8.8
[r8-bgp]confederation id 2
[r8-bgp]confederation peer-as 64512
[r8-bgp]peer 7::7 as-number 64512
[r8-bgp]peer 7::7 connect-interface LoopBack 0 8::8
[r8-bgp]peer 7::7 ebgp-max-hop 2
[r8-bgp]ipv6-family
[r8-bgp-af-ipv6]peer 7::7 enable
[r8-bgp-af-ipv6]q
[r8-bgp]q
[r8]AR5:
[r5]ipv6 route-static 2002:2200:2:8000:: 49 NULL 0
[r5]bgp 64512
[r5-bgp]ipv6-family
[r5-bgp-af-ipv6]network 2002:2200:2:8000:: 49
[r5-bgp-af-ipv6]peer 6::6 next-hop-local
[r5-bgp-af-ipv6]q
[r5-bgp]q
[r5]AR6:
[r6]bgp 64512
[r6-bgp]ipv6-family
[r6-bgp-af-ipv6]peer 7::7 reflect-client
[r6-bgp-af-ipv6]q
[r6-bgp]q
[r6]AR7:
[r7]bgp 64512
[r7-bgp]ipv6-family
[r7-bgp-af-ipv6]peer 6::6 next-hop-local
[r7-bgp-af-ipv6]q
[r7-bgp]q
[r7]注:IPV6地址比较长,比较复杂,一定要划分合理,配置仔细,否则就会出现ping不同的结果
最后R8可以和R1正常通信
R1可以正常访问R3的环回。实验到此为止,要求全部完成。
