IPV6 Comprehensive experiment

The experiment involves knowledge points

ipv6+ipv4&IPv6 Double stack +ripng+opsfv3+bgp Related content + Virtual link (tunnel mouth ）+nat

relevant ipv6 The knowledge points are as follows ：

features - Upgrade point ：
1、 Global unicast address ---- IPV4 Public address under address V6 Down nat
2、 Polymerizability （IANA Organize the rational distribution of addresses around the world ）
3、 multi-homing — A physical interface can have multiple network segments at the same time IPV6 Address ; But different interfaces do not
Can be in the same network segment
4、 Automatic configuration 1）DHCP V6 2）auto-config The router interface is manually configured IPv6 Address , The router then prefixes its address （ network number ） Devolution to PC,PC Will be used automatically EUI-64 To supplement the host bit ;
5、 Plug and play – Hot plug
6、 End to end connections — Unwanted NAT
7、 Re addressing
8、 A simple header 1) There is no broadcasting mechanism Only multicast and unicast 2） No inspection and （ because 2 and 4 There are checksums in all layers ） 3) Stream tags — Retain —QOS
9、 Security and mobility
10、IPV4 and IPV6 coexistence

IPV6 Address ：
1-23 position Registration bit —IANA Assigned to various countries or organizations
24–32 position ISP position — The country is allocated to each ISP
33-48 position Site location —ISP Assigned to each enterprise
49–64 position Subnet bit ---- The network administrator divides the subnet

IPV6 Address ： Use risk points 16 Hexadecimal notation , Every time 16 Bit is a paragraph ; common 8 paragraph
2031:0000:130F:0000:0000:09C0:006A:130B
In front of each address 0 It can be omitted
2031:0000:130F:0000:0000:9C0:6A:130B
If a paragraph is all 0, It can be omitted as a 0
2031:0:130F:0:0:9C0:6A:130B
If more than two consecutive sections are complete 0, It can be omitted as ：：
2031:0:130F::9C0:6A:130B

2031:0000:0000:09C0：0000:0000:0000:130B
notes ： If there are two parts, they are all 0, Only one part can be omitted as ：：;
2031:0:0:9C0::130B

IPV6 Address classification ：
1、 Unicast address one-on-one Only unicast address can be used as source address , It can also be used as a destination address
2、 multicast ( Multicast ) Address One to many As the destination address
3、 Anycast address ----- As soon as I get there

Unicast address ：
1、AGUA Globally aggregatable unicast address IPV6 The public address of （ Apply for ）, Global unicast delivery
At present, there are planned addresses all over the world ----2000：：/3
Range –2000::-----3fff:ffff:ffff:ffff:ffff:ffff:ffff:ffff

* among 2001：：/16 ----- Present IPV6 Laboratory address at present ipv6 intenet Address

• 2002::/16----------6to4 tunnel Private address
  2、* Local link address — Automatic private address —link-local 169.254.0.0/16
  FE80::/16
  1) Configuration on router interface ipv6 enable command , The interface will automatically generate link-local Address ;
  2) If an interface is configured IPV6 Unicast address , Must automatically generate link-local Address ; Only one interface can exist link-local Address ;

Link-local The network bit of the address is fixed to FE80::/64, The host bit uses the local Ethernet interface MAC Address to generate link-local Address host bit ; The serial link has no MAC Address , The Ethernet interface on this device will be borrowed circularly MAC;

Host bit generation method ：
Link-local Address -------------- Network bit FE80::/64 after 64 Bit usage EUI-64 Add
EUI-64 Simple user interface ：
（1） Ethernet interface MAC Address ----ca00.0a60.0000
stay MAC Before 24 Position and back 24 Forced insertion between bits FFFE
ca00.0aFF.FE60.0000
（2）U Bit conversion
The synthesized address , From left to right 7 Bit reflexive If the bit is 0, Turn into 1; by 1 Turn into 0;
Ca00=1100 1010 0000 0000 The seventh reflexive
1100 1000 0000 0000=c800
（3）link-local The address is
FE80::c800.aff.fe60.0

effect ：（1） It can be used for communication in the same broadcast domain — Because local multiple interfaces may use the same MAC transformation , Therefore, in
Use link-local When accessing the opposite end of the address , The interface needs to be defined ;
（2） It is often used as the next hop address in the routing table entry generated by dynamic routing protocol ;
because IPV6 There is the concept of multi hosting , This address is the most stable ;

3、site-local Local site address ---- Private address Private network address
FEC0::/16

4、 No address specified -----：：
：：
1） Default ( default ) route 2） stay DHCP As an invalid address ( No address )

5、 Loopback address —127.0.0.1
：：1

*6、IPV4 Compatibility address be used for 6to4 tunnel special

Multicast address ：
FF00::/8 All multicast addresses IPV4 Under multicast ：224-239
FF02::1—224.0.0.1 All routes and all PC
FF02::2—224.0.0.2 All the routers
FF02::9—224.0.0.9–RIPNG

* Multicast address of the requested node ：— be used for NDP agreement — Get peer mac Address
constitute FF02::1:FF+24 position （IPV6 After the unicast address 24 position ）
As long as there is one IPV6 Unicast address , Then a multicast address of the requested node will be generated ;

example ：2001：：1（ unicast ）-------------FF02::1:FF00:1（ Multicast ）

ICMPV6:internet Control management protocol — There are a large number of sub protocols
1、 PMTU— route MTU Discovery Protocol adopt ICMPV6 error Package to get the minimum on the whole path MTU value

2、NDP------ Neighbor discovery protocol — Used in place of IPV4 Under the ARP agreement
hypothesis PC1 and PC2 Communications
1 nothing 2 Of MAC Address
1）1 encapsulation ICMP type 135 NS— amount to ARP Request
Source IPV6 Address （1 The interface of ip Address ） The goal is IPV6 Address ----2 Multicast address of the requested node TTL=1
Source MAC Address （1 The interface of mac Address ） The goal is MAC Address ----2 Corresponding to the multicast address of the requested node MAC

2）2 Respond ICMP type 136 NA---- amount to ARP Response to
Source IPV6 Address （2 Interface ip） The goal is ipv6 Address –1 The interface of IPv6 Address
Source MAC Address （2 The interface of mAC Address ） The goal is mac Address –1 The interface of mac Address

ICMPV6 Medium NDP Except for replacing AARP Outside , Other ARP The agreement can also be NDP replace , Consistent principle ;

3、 Prefix notification ------auto-config Only exist in Ethernet environment
Router cycle （200s） Send down IPV6 The address prefix of （ network number ）

--------------------------------- Knowledge points have ready,let’s go！--------------------------

The experimental requirements ：

The topology ：

The experimental steps ：（ Configuration result screenshot ）

1、 First, configure the public network （ipv4 Configuration omitted , But tell me more ）
2、 Configure the private network （ipv6 Address configuration ）, function ripng
3、 stay R2 Of g0/0/1 Mouth configuration nat Transform and configure tunnel Virtual interface
4、 After completing the above configuration , Private and public networks can access each other

Next , The left side of the topology has been basically configured , On the right side of the topology IPV6 Some steps are as follows ：
5、 adopt ipv4 The public address of , To calculate the ipv6 Address segment and reasonable allocation , To configure
6、 stay AS2 Operation in the area ospfv3 agreement , Make it inter connected
R6 My neighbor table ：

ping Test screenshot ：

7、 Respectively in AS1 and AS2 function BGP agreement ,AS2 Federate configuration , So that they can learn from each other bgp route
8、 stay R4 Do on tunnel You can access to the left , stay R5 Make a summary to R4
give the result as follows ：

9、 test , stay R1 On ping R8：

The configuration command is as follows （ Not subdivided , For reference ）：

-----------------------------------------R1---------------------------------------------
interface GigabitEthernet0/0/0
 ipv6 enable 
 ip address 192.168.0.1 255.255.255.252 
 rip summary-address 192.168.1.0 255.255.255.0 
 ipv6 address 2002:1701:101:1::1/64 
 ripng 1 enable
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ipv6 enable 
 ip address 192.168.1.1 255.255.255.128 
 ipv6 address 2002:1701:101::1/65 
 ripng 1 enable
#
interface LoopBack1
 ipv6 enable 
 ip address 192.168.1.129 255.255.255.128 
 ipv6 address 2002:1701:101:0:8000::1/65 
 ripng 1 enable
#
rip 1
 undo summary
 version 2
 network 192.168.1.0
 network 192.168.0.0
#
ripng 1
#
ip route-static 192.168.1.0 255.255.255.0 NULL0


-----------------------------------------R2---------------------------------------------
acl number 2000  
 rule 5 permit source 192.168.0.0 0.0.255.255 

interface GigabitEthernet0/0/0
 ipv6 enable 
 ip address 192.168.0.2 255.255.255.252 
 ipv6 address 2002:1701:101:1::2/64 
 ripng 1 enable
 ripng default-route only
#
interface GigabitEthernet0/0/1
 ip address 23.1.1.1 255.255.255.0 
 nat outbound 2000
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ipv6 enable 
 ip address 192.168.2.1 255.255.255.0 
 ipv6 address 2002:1701:101:2::1/64 
 ripng 1 enable
#
interface Tunnel0/0/0
 ipv6 enable 
 ipv6 address 2002:1701:101:3::1/64 
 tunnel-protocol ipv6-ipv4 6to4
 source 23.1.1.1
#
rip 1
 default-route originate
 version 2
 network 192.168.2.0
 network 192.168.0.0
#
ripng 1
#
ip route-static 0.0.0.0 0.0.0.0 23.1.1.2
#
ipv6 route-static 2002:: 16 Tunnel0/0/0 
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#

-----------------------------------------R3---------------------------------------------
interface GigabitEthernet0/0/0
 ip address 23.1.1.2 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip address 34.1.1.1 255.255.255.0 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ip address 3.3.3.3 255.255.255.255 
 
-----------------------------------------R4---------------------------------------------
interface GigabitEthernet0/0/0
 ip address 34.1.1.2 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ipv6 enable 
 ipv6 address 2002:2201:102:1::1/64 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ipv6 enable 
 ipv6 address 2002:2201:102::1/64 
#
interface Tunnel0/0/0
 ipv6 enable 
 ipv6 address 2002:2201:102:2::1/64 
 tunnel-protocol ipv6-ipv4 6to4
 source 34.1.1.2
#
bgp 1
 router-id 4.4.4.4
 peer 2002:2201:102:1::2 as-number 2 
 #
 ipv4-family unicast
  undo synchronization
 #
 ipv6-family unicast
  undo synchronization
  network 2002:: 16 
  peer 2002:2201:102:1::2 enable
#
ip route-static 0.0.0.0 0.0.0.0 34.1.1.1
#
ipv6 route-static 2002:: 16 Tunnel0/0/0 
#

-----------------------------------------R5---------------------------------------------
ospfv3 1
 router-id 5.5.5.5
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ipv6 enable 
 ipv6 address 2002:2201:102:1::2/64 
#
interface GigabitEthernet0/0/1
 ipv6 enable 
 ipv6 address 2002:2201:102:8001::1/64 
 ospfv3 1 area 0.0.0.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ipv6 enable 
 ipv6 address FEC0::5/128 
 ipv6 address 2002:2201:102:8000::1/64 
 ospfv3 1 area 0.0.0.0
#
bgp 64512
 router-id 5.5.5.5
 confederation id 2
 peer 2002:2201:102:1::1 as-number 1 
 peer FEC0::6 as-number 64512 
 peer FEC0::6 connect-interface LoopBack0 FEC0::5
 #
 ipv4-family unicast
  undo synchronization
 #
 ipv6-family unicast
  undo synchronization
  network 2002:2201:102:8000:: 49 
  peer 2002:2201:102:1::1 enable
  peer FEC0::6 enable
  peer FEC0::6 next-hop-local 
#
ipv6 route-static 2002:2201:102:8000:: 49 NULL0 
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#

-----------------------------------------R6---------------------------------------------
#
ospfv3 1
 router-id 6.6.6.6
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ipv6 enable 
 ipv6 address 2002:2201:102:8001::2/64 
 ospfv3 1 area 0.0.0.0
#
interface GigabitEthernet0/0/1
 ipv6 enable 
 ipv6 address 2002:2201:102:8003::1/64 
 ospfv3 1 area 0.0.0.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ipv6 enable 
 ipv6 address 2002:2201:102:8002::1/64 
 ipv6 address FEC0::6/128 
 ospfv3 1 area 0.0.0.0
#
bgp 64512
 router-id 6.6.6.6
 confederation id 2
 peer FEC0::5 as-number 64512 
 peer FEC0::5 connect-interface LoopBack0 FEC0::6
 peer FEC0::7 as-number 64512 
 peer FEC0::7 connect-interface LoopBack0 FEC0::6
 #
 ipv4-family unicast
  undo synchronization
 #
 ipv6-family unicast
  undo synchronization
  peer FEC0::5 enable
  peer FEC0::5 reflect-client
  peer FEC0::7 enable
#

-----------------------------------------R7---------------------------------------------
#
ospfv3 1
 router-id 7.7.7.7
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ipv6 enable 
 ipv6 address 2002:2201:102:8003::2/64 
 ospfv3 1 area 0.0.0.0
#
interface GigabitEthernet0/0/1
 ipv6 enable 
 ipv6 address 2002:2201:102:8005::1/64 
 ospfv3 1 area 0.0.0.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ipv6 enable 
 ipv6 address 2002:2201:102:8004::1/64 
 ipv6 address FEC0::7/128 
 ospfv3 1 area 0.0.0.0
#
bgp 64512
 router-id 7.7.7.7
 confederation id 2
 confederation peer-as 64513
 peer FEC0::6 as-number 64512 
 peer FEC0::6 connect-interface LoopBack0 FEC0::7
 peer FEC0::8 as-number 64513 
 peer FEC0::8 ebgp-max-hop 2 
 peer FEC0::8 connect-interface LoopBack0 FEC0::7
 #
 ipv4-family unicast
  undo synchronization
 #
 ipv6-family unicast
  undo synchronization
  peer FEC0::6 enable
  peer FEC0::8 enable
#

-----------------------------------------R8---------------------------------------------
#
ospfv3 1
 router-id 8.8.8.8
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ipv6 enable 
 ipv6 address 2002:2201:102:8005::2/64 
 ospfv3 1 area 0.0.0.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ipv6 enable 
 ipv6 address 2002:2201:102:8006::1/64 
 ipv6 address FEC0::8/128 
 ospfv3 1 area 0.0.0.0
#
bgp 64513
 router-id 8.8.8.8
 confederation id 2
 confederation peer-as 64512
 peer FEC0::7 as-number 64512 
 peer FEC0::7 ebgp-max-hop 2 
 peer FEC0::7 connect-interface LoopBack0 FEC0::8
 #
 ipv4-family unicast
  undo synchronization
 #
 ipv6-family unicast
  undo synchronization
  peer FEC0::7 enable
#