HCIP--IPV6综合实验

题目要求：

 实验拓扑

 配置公网路由

system-view 
[Huawei]sysname r2
[r2]interface GigabitEthernet 0/0/1
[r2-GigabitEthernet0/0/1]ip add 23.1.1.1 24
[r2-GigabitEthernet0/0/1]q
[r2]ip route-static 0.0.0.0 0 23.1.1.2 

system-view 
[r]sysname r3
[r3]interface GigabitEthernet 0/0/0
[r3-GigabitEthernet0/0/0]ip add 23.1.1.2 24  
[r3-GigabitEthernet0/0/0]int g0/0/1
[r3-GigabitEthernet0/0/1]ip add 34.1.1.1 24

system-view 
[Huawei]sysname r4
[r4]interface GigabitEthernet 0/0/0
[r4-GigabitEthernet0/0/0]ip add 34.1.1.2 24
[r4-GigabitEthernet0/0/0]q
[r4]ip route-static 0.0.0.0 0 34.1.1.1

测试

 配置AR1、AR2上的IPV4私有路由

system-view 
[r1]interface LoopBack 0
[r1-LoopBack0]ip add 192.168.1.1 25
[r1-LoopBack0]int l1
[r1-LoopBack1]ip add 192.168.1.129 25
[r1-LoopBack1]int g0/0/0
[r1-GigabitEthernet0/0/0]ip add 192.168.0.1 30
[r1-GigabitEthernet0/0/0]q
[r1]ip route-static 0.0.0.0 0 192.168.0.2

[r2]int g0/0/0
[r2-GigabitEthernet0/0/0]ip add 192.168.0.2 30
[r2-GigabitEthernet0/0/0]int l0
[r2-LoopBack0]ip add 192.168.2.1 24
[r2-LoopBack0]q
[r2]ip route-static 192.168.1.0 24 192.168.0.1
让私有IP能访问公有IP
[r2]acl 2000
[r2-acl-basic-2000]rule permit source 192.168.0.0 0.0.255.255
[r2-acl-basic-2000]q
[r2]int g0/0/1
[r2-GigabitEthernet0/0/1]nat outbound 2000

配置AR3路由器环回地址
[r3-LoopBack0]ip add 3.3.3.3 24

 

 配置IPV6地址

6to4tunnel    普通tunnel在多个V6网络构建为一个V6网络时，存在地址规划，指数的定义tunnel链路和路由信息，工程量巨大，极难维护；

6 to 4 tunnle可以让用于自行定义IPV6地址，均需要配置一条tunnel和一条路由即可；

2002：：/16   6to4 tunnel 专用地址

IPV4兼容地址--- 每一个IPV4地址都可以转换为一段IPV6地址；

例:本地V4网络地址为12.1.1.1 对应的V4兼容地址2002:0c01:0101::/48

所以由两个公网IPV4地址可以得到两段IPV6地址

配置AR1、AR2路由器上的IPV6地址
将得到的IPV6网段进行划分
23.1.1.1 
0001 0111. 0000 0001. 0000 0001. 0000 0001
2002:1701:0101:: /48
划分
2002:1701:0101:0000:: /64 -- 2002:1701:0101:FFFF:: /64
2002:1701:0101:0000:: /64 用于AR1路由器上的两个环回地址
        2002:1701:0101:0000::1 /65
        2002:1701:0101:8000::1 /65
2002:1701:0101:0001:: / 64  用于AR1、AR2直连IP
2002:1701:0101:0002::  /64 用于AR4路由器环回地址
2002:1701:0101:0003::   /64 用于tunnelIPV6地址

配置

[r1]ipv6 
[r1]int l0
[r1-LoopBack0]ipv6 enable 
[r1-LoopBack0]ipv6 address 2002:1701:0101:0000::1 65 
[r1-LoopBack0]int l1
[r1-LoopBack1]ipv6 enable 
[r1-LoopBack1]ipv6 address 2002:1701:0101:0000:8000::1 65 
[r1-LoopBack1]int g0/0/0
[r1-GigabitEthernet0/0/0]ipv6 enable 
[r1-GigabitEthernet0/0/0]ipv6 address 2002:1701:0101:0001::1 64 
使用ripng动态路由协议
[r1]ripng 1
[r1-ripng-1]int l0  
[r1-LoopBack0]ripng 1 enable 
[r1-LoopBack0]int l1
[r1-LoopBack1]ripng 1 enable 
[r1-LoopBack1]int g0/0/0
[r1-GigabitEthernet0/0/0]ripng 1 enable 
[r1-GigabitEthernet0/0/0]q
[r1]int g0/0/0
将AR1路由器上的两条环回地址进行汇总
[r1-GigabitEthernet0/0/0]ripng summary-address  2002:1701:101:: 64

[r2]ipv6 
[r2]int g0/0/0
[r2-GigabitEthernet0/0/0]ipv6 enable 
[r2-GigabitEthernet0/0/0]ipv6 address 2002:1701:0101:0001::2 64
[r2-GigabitEthernet0/0/0]int l0
[r2-LoopBack0]ipv6 enable 
[r2-LoopBack0]ipv6 address 2002:1701:0101:0002::1 64
[r2-LoopBack0]q
[r2]ripng 
[r2-ripng-1]int g0/0/0
[r2-GigabitEthernet0/0/0]ripng 1 enable 
[r2-GigabitEthernet0/0/0]int l0
[r2-LoopBack0]ripn
[r2-LoopBack0]ripng 1 enable 
[r2-LoopBack0]q

 配置tunnel接口
[r2]interface Tunnel 0/0/0
[r2-Tunnel0/0/0]ipv6 enable 
[r2-Tunnel0/0/0]ipv6 address 2002:1701:0101:3::1 64  
[r2-Tunnel0/0/0]tunnel-protocol ipv6-ipv4 6to4 
[r2-Tunnel0/0/0]source 23.1.1.1
为AR2写一条去往其他IPV6区域的路由
[r2]ipv6 route-static 2002:: 16 Tunnel 0/0/0
写一条缺省，为AR1生成一条去往其他IPV6区域的路由
[r2-GigabitEthernet0/0/0]ripng default-route only 

 

配置AR4右边区域IPV6地址

同样根据公网34.1.1.2 可获得一段IPV6地址，我们再将IPV6地址进行分配

34.1.1.2
0010 0010. 0000 0001. 0000 0001. 0000 0010
2002:2201:0102:: /48
2002:2201:0102:: /49   AS1
        2002:2201:0102:0000::  64    -----    2002:2201:0102:7FFFF::   64

2002:2201:0102:8000:: /49   AS2
        2002:2201:0102:8000::  64    -----     2002:2201:0102:8000:FFFF:: 64

配置

[r4]ipv6 
[r4]int g0/0/1
[r4-GigabitEthernet0/0/1]ipv6 enable 
[r4-GigabitEthernet0/0/1]ipv6 address 2002:2201:0102:0000::1 64
[r4-GigabitEthernet0/0/1]int l0
[r4-LoopBack0]ipv6 enable 
[r4-LoopBack0]ipv6  address  2002:2201:0102:1::1 64 

system-view 
[Huawei]sysname r5
[r5]ipv6 
[r5]int g0/0/0
[r5-GigabitEthernet0/0/0]ipv6  enable 
[r5-GigabitEthernet0/0/0]ipv6  address  2002:2201:0102:0000::2 64
[r5-GigabitEthernet0/0/0]int l0   
[r5-LoopBack0]ipv6 enable 
[r5-LoopBack0]ipv6 address 2002:2201:0102:8000::1 64 
[r5-LoopBack0]int g0/0/1
[r5-GigabitEthernet0/0/1]ipv6 enable 
[r5-GigabitEthernet0/0/1]ipv6 address  2002:2201:0102:8001::1 64

system-view 
[Huawei]sysname r6
[r6]ipv6 
[r6]int g0/0/0
[r6-GigabitEthernet0/0/0]ipv6 enable 
[r6-GigabitEthernet0/0/0]ipv6  address  2002:2201:0102:8001::2 64
[r6]int l0
[r6-LoopBack0]ipv6 enable 
[r6-LoopBack0]ipv6 address 2002:2201:0102:8002::1 64
[r6-LoopBack0]int g0/0/1
[r6-GigabitEthernet0/0/1]ipv6 add 2002:2201:0102:8003::1 64

system-view 
[Huawei]sysname r7
[r7]ipv6 
[r7]int g0/0/0
[r7-GigabitEthernet0/0/0]ipv6 enable 
[r7-GigabitEthernet0/0/0]ipv6 address 2002:2201:0102:8003::2 64
[r7-GigabitEthernet0/0/0]int l0
[r7-LoopBack0]ipv6 enable 
[r7-LoopBack0]ipv6 address 2002:2201:0102:8004::1 64
[r7-LoopBack0]int g0/0/0
[r7-GigabitEthernet0/0/0]int g0/0/1
[r7-GigabitEthernet0/0/1]ipv6 enable 
[r7-GigabitEthernet0/0/1]ipv6 address 2002:2201:0102:8005::1 64

system-view 
[Huawei]sysname r8
[r8]ipv6 
[r8]int g0/0/0
[r8-GigabitEthernet0/0/0]ipv6 enable    
[r8-GigabitEthernet0/0/0]ipv6 address 2002:2201:0102:8005::2 64
[r8-GigabitEthernet0/0/0]int l0
[r8-LoopBack0]ipv6 enable 
[r8-LoopBack0]ipv6 address 2002:2201:0102:8006::1 64

配置AR4~AR8之间的 OSPF与BGP
[r4]bgp 1   
[r4-bgp]router-id 4.4.4.4
[r4-bgp]peer 2002:2201:102::2 as-number 2
[r4-bgp]ipv6-family 
[r4-bgp-af-ipv6]peer 2002:2201:102::2 enable 

[r5]bgp 64512
[r5-bgp]router-id 5.5.5.5
[r5-bgp]confederation id 2
[r5-bgp]peer 2002:2201:102::1 as-number 1
[r5-bgp]ipv6-family 
[r5-bgp-af-ipv6]peer 2002:2201:102::1 enable
[r5-bgp-af-ipv6]
在环回地址0接口上在添加一个简单的IP方便建邻
[r5-bgp-af-ipv6]q
[r5-bgp]q
[r5]int l0
[r5-LoopBack0]ipv6 address 5::5 64
[r5-LoopBack0]q
[r5]bgp 64512
[r5-bgp]peer 6::6 as-number 64512
[r5-bgp]peer 6::6 connect-interface LoopBack 0 5::5
[r5-bgp]ipv6-family 
[r5-bgp-af-ipv6]peer 6::6 enable

[r6]int l0
[r6-LoopBack0]ipv6 add 6::6 64
[r6-LoopBack0]q
[r6]bgp 64512
[r6-bgp]router-id 6.6.6.6
[r6-bgp]confederation id 2
[r6-bgp]peer 5::5 as-number 64512
[r6-bgp]peer 5::5 connect-interface LoopBack 0 6::6
[r6-bgp]peer 7::7 as-number 64512
[r6-bgp]peer 7::7 connect-interface LoopBack 0 6::6     
[r6-bgp]ipv6-family 
[r6-bgp-af-ipv6]peer 5::5 enable 
[r6-bgp-af-ipv6]peer 7::7 enable

[r7]int l0
[r7-LoopBack0]ipv6 add 7::7 64
[r7]bgp 64512
[r7-bgp]router-id 7.7.7.7
[r7-bgp]confederation id 2
[r7-bgp]confederation peer-as 64513
[r7-bgp]peer 6::6 as-number 64512
[r7-bgp]peer 6::6 connect-interface LoopBack 0 7::7
[r7-bgp]peer 8::8 as-number 64513
[r7-bgp]peer 8::8 connect-interface LoopBack 0 7::7
[r7-bgp]ipv6-family 
[r7-bgp-af-ipv6]peer 6::6 enable 
[r7-bgp-af-ipv6]peer 8::8 enable 
将TTL值改为2
[r7-bgp]peer 8::8 ebgp-max-hop 2

[r8-LoopBack0]ipv6 add  8::8 64
[r8]bgp 64513
[r8-bgp]router-id 8.8.8.8
[r8-bgp]confederation id 2
[r8-bgp]confederation peer-as 64512
[r8-bgp]peer 7::7 as-number 64512
[r8-bgp]peer 7::7 connect-interface LoopBack 0 8::8     
[r8-bgp]ipv6-family 
[r8-bgp-af-ipv6]peer 7::7 enable 
[r8-bgp]peer 7::7 ebgp-max-hop 2

路由
[r4]int Tunnel 0/0/0
[r4-Tunnel0/0/0]ipv6 enable 
[r4-Tunnel0/0/0]ipv6 add 2002:2201:0102:2::1 64 
[r4-Tunnel0/0/0]tunnel-protocol ipv6
[r4-Tunnel0/0/0]tunnel-protocol ipv6-ipv4 6to4 
[r4-Tunnel0/0/0]source 34.1.1.2 
[r4-Tunnel0/0/0]q
[r4]ipv6 route-static 2002:: 16 Tunnel 0/0/0
将去往AR1与AR2的路由宣告给AR5~AR8
[r4]bgp 1
[r4-bgp]ipv6 
[r4-bgp]ipv6-family 
[r4-bgp-af-ipv6]net
[r4-bgp-af-ipv6]network 2002:: 16

[r5]ipv6 route-static 2002:2201:0102:8000:: 49 null 0
[r5]bgp 64512
[r5-bgp]ipv6-family 
[r5-bgp-af-ipv6]network 2002:2201:0102:8000:: 49
[r5-bgp-af-ipv6]peer 6::6 next-hop-local 

[r6-bgp-af-ipv6]peer 7::7 reflect-client 

 

 

 测试