IPv6双栈部署
-
概述
此实验模拟一个企业外部门户网站进行IPv6改造,采用双栈方案,即网站IPv4与IPv6共存。实验还同时模拟了运营商网络,采用的是IPv6 OSPF。实际环境中可能不同的运营商会有不同的网络接入模式,需要根据自己的实际情况来进行调整。
前提条件:
- 设运营商已经分配IPv6地址: 2001:a:0:1::/64
- 网络设备同时支持IPv4和IPv6协议栈。
-
配置运营商网络
【该模拟运营商网络由三个路由器组成,同时运行IPv4和IPv6,使用OSPF路由协议。】
- 配置运营商路由器Router1【运营商边界路由器,直接与用户路由器互联】
- 配置运营商路由器Router3
- 配置运营商路由器Router4
- 配置本地网络
- 配置本地路由器Router0
- 配置本地服务器Server0
- 测试配置
- 查看ISP路由器Router4路由表及ping信息
- 查看ISP互联路由器R1路由表信息
- 本地服务器上分别ping ISP地址测试IPv4和IPv6连通性
hostname R1
!
ip cef
ipv6 unicast-routing [开启ipv6路由,cisco设备上ipv6 cef一般在开启ipv6路由的时候会自动启用]
ipv6 cef
!
interface GigabitEthernet0/0
ip address 2.2.2.2 255.255.255.0
duplex auto
speed auto
ipv6 address FE80::1 link-local 【运营商路由器与组织本地互联网路由器之间用link-local地址互联】
!
interface GigabitEthernet0/1
ip address 4.4.4.1 255.255.255.0
duplex auto
speed auto
ipv6 address 2001:A:0:2::1/64
ipv6 ospf 10 area 0 【接口上启用ipv6 ospf】
!
interface GigabitEthernet0/2
ip address 3.3.3.1 255.255.255.0
duplex auto
speed auto
ipv6 address 2001:A:0:3::1/64
ipv6 ospf 10 area 0
!
router ospf 1 【开启IPv4 OSPF】
log-adjacency-changes
network 3.3.3.1 0.0.0.0 area 0
network 4.4.4.1 0.0.0.0 area 0
network 2.2.2.0 0.0.0.255 area 0
!
ipv6 router ospf 10
log-adjacency-changes
redistribute static 【将到公司内部的IPv6静态路由注入到ospf中,使ISP网络可以查看到组织内部的路由信息】
!
ipv6 route 2001:A:0:1::/64 GigabitEthernet0/0 FE80::2 【ISP分给组织的IPv6地址段,通过静态路由发布到组织内部】
! hostname r3
!
ip cef
ipv6 unicast-routing
!
interface GigabitEthernet0/0
ip address 5.5.5.1 255.255.255.0
duplex auto
speed auto
ipv6 address 2001:A:0:4::2/64
ipv6 ospf 10 area 0
!
interface GigabitEthernet0/1
ip address 3.3.3.2 255.255.255.0
duplex auto
speed auto
ipv6 address 2001:A:0:3::2/64
ipv6 ospf 10 area 0
!
router ospf 1
log-adjacency-changes
network 3.3.3.2 0.0.0.0 area 0
network 5.5.5.0 0.0.0.255 area 0
!
ipv6 router ospf 10
log-adjacency-changes
! hostname R4
!
ip cef
ipv6 unicast-routing
!
!
interface GigabitEthernet0/0
ip address 5.5.5.2 255.255.255.0
duplex auto
speed auto
ipv6 address 2001:A:0:4::1/64
ipv6 ospf 10 area 0
!
interface GigabitEthernet0/1
ip address 4.4.4.2 255.255.255.0
duplex auto
speed auto
ipv6 address 2001:A:0:2::2/64
ipv6 ospf 10 area 0
!
router ospf 1
log-adjacency-changes
network 4.4.4.0 0.0.0.255 area 0
network 5.5.5.0 0.0.0.255 area 0
!
ipv6 router ospf 10
log-adjacency-changes hostname R0
!
ip cef
ipv6 unicast-routing
!
ipv6 cef
!
!
interface GigabitEthernet0/0
ip address 2.2.2.1 255.255.255.252
duplex auto
speed auto
ipv6 address FE80::2 link-local
!
interface GigabitEthernet0/1
ip address 2.2.2.9 255.255.255.248
duplex auto
speed auto
ipv6 address 2001:A:0:1:1::1/80 【将ISP分配的地址在组织内部又进一步划分了子网】
!
ip classless
ip route 0.0.0.0 0.0.0.0 2.2.2.2
!
!
ipv6 route ::/0 GigabitEthernet0/0 FE80::1 【IPv6地址缺省路由】
! IPv4 address:2.2.2.10
Netmask:255.255.255.0
Gateway:2.2.2.9
IPv6 address:2001:a:0:1:1::2/80
Gateway:2001:a:0:1:1::1 R4#sh ipv6 route
IPv6 Routing Table - 8 entries
OE2 2001:A:0:1::/64 [110/20] 【可以看到到注入到ospf中的组织内部IPv6路由信息】
via FE80::290:CFF:FE69:8402, GigabitEthernet0/1
C 2001:A:0:2::/64 [0/0]
via GigabitEthernet0/1, directly connected
L 2001:A:0:2::2/128 [0/0]
via GigabitEthernet0/1, receive
O 2001:A:0:3::/64 [110/2] 【学习到的OSPF路由信息】
via FE80::290:CFF:FE69:8402, GigabitEthernet0/1
C 2001:A:0:4::/64 [0/0]
via GigabitEthernet0/0, directly connected
L 2001:A:0:4::1/128 [0/0]
via GigabitEthernet0/0, receive
L FF00::/8 [0/0]
via Null0, receive
R4#ping 2001:a:0:1:1::2 [ping组织内部服务器,如果通了证明配置成功] R1#sh ipv6 route
S 2001:A:0:1::/64 [1/0] 【有给组织分配的静态路由信息】
via FE80::2, GigabitEthernet0/0
C 2001:A:0:2::/64 [0/0]
via GigabitEthernet0/1, directly connected
L 2001:A:0:2::1/128 [0/0]
via GigabitEthernet0/1, receive
C 2001:A:0:3::/64 [0/0]
via GigabitEthernet0/2, directly connected
L 2001:A:0:3::1/128 [0/0]
via GigabitEthernet0/2, receive
O 2001:A:0:4::/64 [110/2]
via FE80::205:5EFF:FE79:B602, GigabitEthernet0/2
L FF00::/8 [0/0]
via Null0, receive C:\>ping 2001:a:0:4::1
Pinging 2001:a:0:4::1 with 32 bytes of data:
Reply from 2001:A:0:4::1: bytes=32 time=2ms TTL=253
Reply from 2001:A:0:4::1: bytes=32 time<1ms TTL=253
Reply from 2001:A:0:4::1: bytes=32 time<1ms TTL=253
Reply from 2001:A:0:4::1: bytes=32 time<1ms TTL=253
C:\>ping 5.5.5.1
Pinging 5.5.5.1 with 32 bytes of data:
Reply from 5.5.5.1: bytes=32 time<1ms TTL=253
Reply from 5.5.5.1: bytes=32 time<1ms TTL=253
Reply from 5.5.5.1: bytes=32 time<1ms TTL=253
Reply from 5.5.5.1: bytes=32 time<1ms TTL=253
【证明已经完全联通】 ![IPv6技术精要--第1章 IPv6简介[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)