当前位置:网站首页>HCIP Day 12
HCIP Day 12
2022-07-06 12:18:00 【xiaokaikaa】
IPV6
features - Upgrade point :
1、 Global unicast address ---- IPV4 Public address under address V6 Down nat
2、 Polymerizability (IANA Organize the rational distribution of addresses around the world )
3、 multi-homing — A physical interface can have multiple network segments at the same time IPV6 Address ; But different interfaces do not
Can be in the same network segment
4、 Automatic configuration 1)DHCP V6 2)auto-config The router interface is manually configured IPv6 Address , The router then prefixes its address ( network number ) Devolution to PC,PC Will be used automatically EUI-64 To supplement the host bit ;
5、 Plug and play – Hot plug
6、 End to end connections — Unwanted NAT
7、 Re addressing
8、 A simple header 1) There is no broadcasting mechanism Only multicast and unicast 2) No inspection and ( because 2 and 4 There are checksums in all layers ) 3) Stream tags — Retain —QOS
9、 Security and mobility
10、IPV4 and IPV6 coexistence
yellow — Agreement
Red — Cancel V4 The second column in is used for slicing V6 You can use the extension header to implement
Blue — replace 1、 Service type – Extended table
2、 Header length — Payload length
3、TTL– Jump limit
4、 Agreement No — Next head
gray — Retain Stream tags
IPV6 Address :
1-23 position Registration bit —IANA Assigned to various countries or organizations
24–32 position ISP position — The country is allocated to each ISP
33-48 position Site location —ISP Assigned to each enterprise
49–64 position Subnet bit ---- The network administrator divides the subnet
IPV6 Address : Use risk points 16 Hexadecimal notation , Every time 16 Bit is a paragraph ; common 8 paragraph
2031:0000:130F:0000:0000:09C0:006A:130B
In front of each address 0 It can be omitted
2031:0000:130F:0000:0000:9C0:6A:130B
If a paragraph is all 0, It can be omitted as a 0
2031:0:130F:0:0:9C0:6A:130B
If more than two consecutive sections are complete 0, It can be omitted as ::
2031:0:130F::9C0:6A:130B
2031:0000:0000:09C0:0000:0000:0000:130B
notes : If there are two parts, they are all 0, Only one part can be omitted as ::;
2031:0:0:9C0::130B
example :
FF02:0:0:0:0:0:0:0:1—FF02::1
0:0:0:0:0:0:0:1–::1
0:0:0:0:0:0:0:0–::
When using ipv6 When the protocol carries the port number , Brackets are needed to distinguish ;
http://[2031:0:130F::9C0:6A:130B]:8080/index/html
IPV6 Address classification :
1、 Unicast address one-on-one Only unicast address can be used as source address , It can also be used as a destination address
2、 multicast ( Multicast ) Address One to many As the destination address
3、 Anycast address ----- As soon as I get there
Unicast address :
1、AGUA Globally aggregatable unicast address IPV6 The public address of ( Apply for ), Global unicast delivery
At present, there are planned addresses all over the world ----2000::/3
Range –2000::-----3fff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
* among 2001::/16 ----- Present IPV6 Laboratory address at present ipv6 intenet Address
- 2002::/16-----------6to4 tunnel Private address
2、* Local link address — Automatic private address —link-local 169.254.0.0/16
FE80::/16
1) Configuration on router interface ipv6 enable command , The interface will automatically generate link-local Address ;
2) If an interface is configured IPV6 Unicast address , Must automatically generate link-local Address ; Only one interface can exist link-local Address ;
Link-local The network bit of the address is fixed to FE80::/64, The host bit uses the local Ethernet interface MAC Address to generate link-local Address host bit ; The serial link has no MAC Address , The Ethernet interface on this device will be borrowed circularly MAC;
Host bit generation method :
Link-local Address -------------- Network bit FE80::/64 after 64 Bit usage EUI-64 Add
EUI-64 Simple user interface :
(1) Ethernet interface MAC Address ----ca00.0a60.0000
stay MAC Before 24 Position and back 24 Forced insertion between bits FFFE
ca00.0aFF.FE60.0000
(2)U Bit conversion
The synthesized address , From left to right 7 Bit reflexive If the bit is 0, Turn into 1; by 1 Turn into 0;
Ca00=1100 1010 0000 0000 The seventh reflexive
1100 1000 0000 0000=c800
(3)link-local The address is
FE80::c800.aff.fe60.0
effect :(1) It can be used for communication in the same broadcast domain — Because local multiple interfaces may use the same MAC transformation , Therefore, in
Use link-local When accessing the opposite end of the address , The interface needs to be defined ;
(2) It is often used as the next hop address in the routing table entry generated by dynamic routing protocol ;
because IPV6 There is the concept of multi hosting , This address is the most stable ;
3、site-local Local site address ---- Private address Private network address
FEC0::/16
4、 No address specified -----::
::
1) Default ( default ) route 2) stay DHCP As an invalid address ( No address )
5、 Loopback address —127.0.0.1
::1
6、*IPV4 Compatibility address be used for 6to4 tunnel special
hypothesis IPV4 The address is 192.168.1.1
192----1100 0000–c0
168----1010 1000–a8
1-------0000 0001–01
1-------0000 0001–01
192.168.1.1 Of IPV4 The compatibility address is 2002:c0a8:0101::/48
Multicast address :
FF00::/8 All multicast addresses IPV4 Under multicast :224-239
FF02::1—224.0.0.1 All routes and all PC
FF02::2—224.0.0.2 All the routers
FF02::9—224.0.0.9–RIPNG
* Multicast address of the requested node :— be used for NDP agreement — Get peer mac Address
constitute FF02::1:FF+24 position (IPV6 After the unicast address 24 position )
As long as there is one IPV6 Unicast address , Then a multicast address of the requested node will be generated ;
example :2001::1( unicast )-------------FF02::1:FF00:1( Multicast )
Ipv6 Multicast under MAC Address :
33.33+32 position ( after 32 Position as IPV6 After multicast address 32 position )
FF02::1----33.33.00.00.00.01
agreement :
ICMPV6:internet Control management protocol — There are a large number of sub protocols
1、PMTU— route MTU Discovery Protocol adopt ICMPV6 error Package to get the minimum on the whole path MTU value
2、NDP------ Neighbor discovery protocol — Used in place of IPV4 Under the ARP agreement
hypothesis PC1 and PC2 Communications
1 nothing 2 Of MAC Address
1)1 encapsulation ICMP type 135 NS— amount to ARP Request
Source IPV6 Address (1 The interface of ip Address ) The goal is IPV6 Address ----2 Multicast address of the requested node TTL=1
Source MAC Address (1 The interface of mac Address ) The goal is MAC Address ----2 Corresponding to the multicast address of the requested node MAC
2)2 Respond ICMP type 136 NA---- amount to ARP Response to
Source IPV6 Address (2 Interface ip) The goal is ipv6 Address –1 The interface of IPv6 Address
Source MAC Address (2 The interface of mAC Address ) The goal is mac Address –1 The interface of mac Address
ICMPV6 Medium NDP Except for replacing AARP Outside , Other ARP The agreement can also be NDP replace , Consistent principle ;
3、 Prefix notification ------auto-config Only exist in Ethernet environment
Router cycle (200s) Send down IPV6 The address prefix of ( network number )
Router PC
ICMP type 134—RA ICMP type 133—ACK-RS
Source ip Address — Interface ipV6 Address Source ipv6 Address — ::
The goal is ip Address —FF02::1 TTL=1 The goal is ip Address ----FF02::1 TTL=1
The goal is MAC( All nodes MAC) The goal is MAC( All nodes MAC)
r1(config)#ipv6 unicast-routing r2(config-if)#ipv6 address autoconfig
Turn on IPV6 Unicast routing function ,
After the function is turned on , On the device auto-config
To be activated , At the same time, you can send and receive IPV6 Routing protocol ;
And it can be ipv6 Route traffic ;
The premise is that the router interface already has legal ipv6 The unicast address of ;
As long as it is turned on on the router IPV6 Unicast routing function , Then the router will send all existing IPV6 The Ethernet interface of the address sends the prefix of its address periodically ;
notes : In configuration 、 static state IPV6 Routing protocol , The unicast routing function needs to be enabled , When turned on, the router will also send prefixes to all Ethernet interfaces , If the interface administrator does not auto-config function , You can turn it off again
r1(config)#interface fastEthernet 0/0
r1(config-if)#ipv6 nd suppress-ra
To configure :
1、 Interface configuration IPV6 The unicast address of ;
1)link-local
(1)
r1(config)#interface fastEthernet 0/0
r1(config-if)#ipv6 enable
(2) Configure one manually or automatically IPV6 Of AGUA, Will generate a link-local Address
But no matter how many are configured AGUA Address , Can only produce one link-local Address ;
2) Configure the interface manually or automatically ipv6 Of AGUA Address
(1) manual
r1(config)#int s1/1
r1(config-if)#ipv6 address 2002::2/64
or
r1(config-if)#int s1/1
r1(config-if)#ipv6 address 2009::/64 eui-64
(2) Automatic configuration
Auto-config DHCPV6
Bear in mind :IPV6 The protocol has multi host characteristics ---- Multiple interfaces can be configured simultaneously on one interface ip Address to identify the interface ;
Note that the interface can be configured with multiple addresses of the same or different network segments ; However, different interfaces on the same router cannot
Configure for the same network segment ip Address ;
2、IPV6 Of ACL;
You can configure the N A watch , However, a demand point on a device can only call one table
Match one by one from top to bottom , If so, follow the previous rule , Don't view the next ;
There is no standard list , Only extended list , And the writing method is only named ; Because only extended lists are used , Therefore, it should be placed as close to the source as possible , But not on the source , Because you can't limit the flow generated by yourself ;
r2(config)#ipv6 access-list ccie
r2(config-ipv6-acl)#deny tcp host 12::1 host 12::2 eq 23 Refuse one host To another host telnet
r2(config-ipv6-acl)#deny IPV6 12::/64 12::/64 Reject all communications from one address to another
r2(config-ipv6-acl)#permit ipv6 any any Allow all
notes : stay IPV6 ACL Unmask is not used in , Use mask directly ;
r2(config-ipv6-acl)#int s1/0
r2(config-if)#ipv6 traffic-filter ccie in Pay attention to the direction when calling the interface
notes : stay IPV6 Under the ACL
The beginning implies
r2(config-ipv6-acl)#permit icmp any any nd-na
r2(config-ipv6-acl)#permit icmp any any nd-ns
Default implies
r2(config-ipv6-acl)#deny ipv6 any any
3、IV6 Unicast routing protocol ----- Before using the routing protocol, you must turn on IPV6 Unicast routing function , Otherwise, do not forward IPV6 Of traffic
【1】IPV6 Static routing protocol ;
(1) Normal static routing
r1(config)#ipv6 route 2::/64 serial 1/1
r1(config)#ipv6 route 2::/64 12::2
Target network number Out of interface or next hop
MA The network suggests the next hop , The point-to-point network recommends an interface
(2) Floating static routing – Modify the default management distance
r1(config)#ipv6 route 3::/64 12::2 ?
<1-254> Administrative distance
(3) Air interface anti ring
r2(config)#ipv6 route 2::/63 null 0 ---- On the update source router , The empty interface points to the summary address ;
(4) Default route
r2(config)#ipv6 route ::/0 12::1
notes : Belt source ping when , Only interfaces can be used ; Or use extended tracking ;
r3#ping 2::2 source loopback 0
notes : because IPV6 There are multiple hosts , When using the interface as the source , By default, the first address is used to access , It is suggested to expand tracking
r3#traceroute
Protocol [ip]: ipv6
Target IPv6 address: 2::2
Source address: 3::3
【2】RIPNG---- Use the same as RIPV2 The same algorithm ; Multicast update address FF02::9 UDP 521
r1(config)#ipv6 unicast-routing Enable unicast routing function
r1(config)#ipv6 router rip ? Configure the process number when starting the protocol , The process number has local meaning only
WORD User selected string identifying this process
r1(config)#ipv6 router rip a
r1(config-rtr)#
Meaning of declaration :1、 Activate interface 2. route
r1(config)#interface s1/1
r1(config-if)#ipv6 rip a enable
r1(config-if)#exit
r1(config)#int lo0
r1(config-if)#ipv6 rip a enable
notes :IPV6 Down to all interfaces for configuration
Manual summary : The update source router is configured on the interface where all updates are sent
r1(config)#int s1/1
r1(config-if)#ipv6 rip a summary-address 1::/63
Default route : Configure... On all interfaces connected to the intranet on the border router , Make it send a default message to all neighbors in the intranet
r3(config)#int s1/0
r3(config-if)#ipv6 rip a default-information ?
only Advertise only the default route
originate Originate the default route
choice only The default route will be issued , At the same time, other routes will not be forwarded
choice originate Both default and details are sent
【3】OSPF V3 In the original OSPFV2 On the basis of , Use the new LSA To carry V6 Information about ; Regional rules ,SPF The algorithm is the same as IPV4 It's exactly the same .
r1(config)#ipv6 unicast-routing
r1(config)#ipv6 router ospf 1 You need to configure the process number when starting
r1(config-rtr)#
r1(config-rtr)#router-id 1.1.1.1 RID Still used IPV4 Address , The same rules OSPF V2 Agreement
Declare :
1、 Activate interface 2、 Delivery routing 3、 Zoning
r1(config)#interface lo0
r1(config-if)#ipv6 ospf 1 area 0
r1(config-if)#int s1/1
r1(config-if)#ipv6 ospf 1 area 0
r1(config-if)#int lo1
r1(config-if)#ipv6 ospf 1 area 0
After configuration, a neighbor table is generated ,MA Network exists DR/BDR The election , The election rules are the same as OSPFV2 Agreement ;
In addition, the state of each neighbor is also the same ;
r1#show ipv6 ospf neighbor Neighborhood watch
Neighbor ID Pri State Dead Time Interface ID Interface
2.2.2.2 1 FULL/ - 00:00:30 3 Serial1/1
r2#show ipv6 ospf database Database table
r1#show ipv6 route Routing table
IPv6 Routing Table - 13 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
Default routing configuration : Configure... On the border router
r3(config)#ipv6 router ospf 1
r3(config-rtr)#default-information originate ?
always Always advertise default route Force issue
metric OSPF default metric Modify the starting metric
metric-type OSPF metric type for default routes Modify the measurement type , Default 2
route-map Route-map reference relation route-map
【4】BGPV4+ stay BGPV4 Based on configuration IPV6 Relationship ;
r2(config)#router b 2
r2(config-router)#b router-id 2.2.2.2
r2(config-router)#neighbor 12::1 remote-as 1
r2(config-router)#neighbor 3::3 remote-as 3
r2(config-router)#neighbor 3::3 update-source loopback 0
r2(config-router)#neighbor 3::3 ebgp-multihop
At this time, there are only V4 Neighbors under , No, V6 Relationship ; Cannot pass V6 route
Therefore, it is necessary to establish V4 Build on the neighbor relationship V6 The neighborhood of , Pass on V6 Information about
notes :BGP V4+ Use family mode to configure IPV6 Information about , The principle is in the original BGPV4 The extended configuration mode developed in the protocol ;
r1(config-router)#address-family ipv6 Get into IPV6 Family model
r1(config-router-af)#neighbor 12::2 activate Establish... With the neighbor IPV6 The neighborhood of
notes : About IPV6 After neighbor building, all configurations must be carried out in family mode ;
r1# show bgp ipv6 summary see BGP The neighborhood of
BGP router identifier 1.1.1.1, local AS number 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
12::2 4 2 15 16 2 0 0 00:00:28 0
r1(config)#router b 1
r1(config-router)#address-family ipv6
r1(config-router-af)#network 1::/64 Announce routing
see IPV6 Of BGP surface
r1#show bgp ipv6
BGP table version is 2, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1::/64 :: 0 32768 i
IPV6 Other configurations under
r2(config)#router bgp 2
r2(config-router)#address-family ipv6
r2(config-router-af)#neighbor 3::3 next-hop-self
r2(config-router-af)#neighbor 3::3 route-reflector-client
r2(config-router-af)#neighbor 3::3 route-map ccie out
4、IPV4 and IPV6 coexistence ;
【1】 Ordinary tunnel
r1(config)#interface tunnel 0
r1(config-if)#ipv6 address 10::1/64 The tunnel The interface must work on V6 Environmental Science
r1(config-if)#tunnel source 12.1.1.1
r1(config-if)#tunnel destination 23.1.1.2
r1(config-if)#tunnel mode ipv6ip The mode must be modified to ipv6ip
notes : ordinary tunnel Need to be based on all ipv6 The network is configured with a tunnel , And another static route needs to be configured ;
【2】6to4tunnel— Only one tunnel needs to be configured , A static can access all IPV6 The Internet
The public network of the border router IPV4 The address is converted to IPV4 Compatibility address , Then apply the address to the intranet ; Configure a static route to the compatible address , Pass... Through a tunnel ; Data transfer , Once the route reaches the tunnel portal , The tunnel will be based on the target IPV6 Address calculation corresponds to IPV4 Address ;
advantage :1、 You don't have to specify tunnel The goal is 2、 A static route is enough
12.1.1.1 Compatibility address :2002:C01:101::/48
23.1.1.2 Compatibility address :2002:1701:102::/48
notes : When this address is used , It is generally divided into 64 position ;
To configure :
r1(config)#interface l0
r1(config-if)#ipv6 address 2002:c01:101::1/64
r1(config-if)#exit
r1(config)#interface tunnel 0
First, you need to configure the tunnel interface IPV6 Address ----4 Methods
r1(config-if)#ipv6 address 2002:c01:101:1::1/64 Use one 6TO4 Address
r1(config-if)#ipv6 address 2002:c01:101:2::/64 eui-64 Use 6to4 Address
r1(config-if)#ipv6 enable Equivalent to no address
r1(config-if)#ipv6 unnumbered loopback 0 Borrow an intranet IPv6 The address of the interface
r1(config-if)#tunnel source s1/1 Definition IPV6 The interface where the source address is located
r1(config-if)#tunnel mode ipv6ip 6to4 Pattern mark
R1(config)#ipv6 route 2002::/16 tunnel 0
【3】 Double stack — One device is connected at the same time IPV4/IPV6 The Internet , If target IP by V6 Address using V6 Source ip, adopt V6 Routing table delivery ;V4 Empathy ;
When doing DNS When inquiring , Priority query V6 Network DNS The server ;
Huawei IPV6 To configure
[r1]ipv6 Must be turned on on the device first IPV6 service
[r1]interface GigabitEthernet 0/0/1
[r1-GigabitEthernet0/0/1]ipv6 enable Then activate... On the interface IPV6 service , Can be configured ipv6 Address
To configure ipv6 Address
[r1-GigabitEthernet0/0/1]ipv6 address 2001::1/64
[r1-GigabitEthernet0/0/1]ipv6 address 2002::1/64
[r1-GigabitEthernet0/0/1]ipv6 address 2003::1/64
[r1-GigabitEthernet0/0/1]ipv6 address 2009::/64 eui-64
[r1]display ipv6 interface GigabitEthernet 0/0/1
notes : Multi hosting is that multiple hosts can be configured on the same interface IPV6 Address ; But Huawei is in the same network segment of the same interface ip Only one can be configured ; All manufacturers must configure different network segments on different interfaces ip;
static state :
The basic way of writing
[r1]ipv6 route-static 2:: 64 12::2
[r1]ipv6 route-static 2:: 64 GigabitEthernet 0/0/1
Target segment Next hop or exit interface
MA Network use next hop , The point-to-point network uses the out interface ;
[r1]ping ipv6 2::2
Summary – Reach multiple continuous subnets , And based on the same path , The summary of the target network segment can be written as a ;
default --[r1]ipv6 route-static :: 0 12::2
Empty interface –[r1]ipv6 route-static 1:: 63 NULL 0
Floating static --[r1]ipv6 route-static 3:: 64 12::2 preference 61
OSPF:
[r1]ospfv3
[r1-ospfv3-1]router-id 1.1.1.1
[r1-GigabitEthernet0/0/1]ospfv3 1 area 0 Enter the interface to declare
BGP:
r1]bgp 1
[r1-bgp]router-id 1.1.1.1
[r1-bgp]pe 2::2 as-number 1
[r1-bgp]pe 2::2 connect-interface LoopBack 0
[r1-bgp]ipv6-family
[r1-bgp-af-ipv6]peer 2::2 enable In establishment V4 After the relationship , Enter again V4+ To build a relationship
After that all BGP Configure in family mode
IPV4 and IPV6 coexistence :
1、 Use ordinary GRE Let's take two V6 The network is based on a V4 Network communication
[r1]interface Tunnel 0/0/0
[r1-Tunnel0/0/0]ipv6 enable
[r1-Tunnel0/0/0]ipv6 address 10::1/64
[r1-Tunnel0/0/0]tunnel-protocol gre
[r1-Tunnel0/0/0]source 12.1.1.1
[r1-Tunnel0/0/0]destination 23.1.1.2
[r1]ipv6 route-static 3:: 64 10::2
2、6to4tunnel Ordinary tunnel In more than one V6 The network is built as a V6 When the network , There is an address plan , The definition of index tunnel Link and routing information , The amount of work is huge , Extremely difficult to maintain ;
6 to 4 tunnle Can be used to define IPV6 Address , All need to be configured with a tunnel And a route ;
2002::/16 6to4 tunnel Private address
IPV4 Compatible address — every last IPV4 The address can be converted into a segment IPV6 Address ;
example : Local V4 The network address is 12.1.1.1 Corresponding V4 Compatible address 2002:0c01:0101::/48
0c01:0101=12.1.1.1
[r1-LoopBack0]int t0/0/1
[r1-Tunnel0/0/1]ipv6 enable
[r1-Tunnel0/0/1]ipv6 address 2002:c01:101:1::1/64
[r1-Tunnel0/0/1]tunnel-protocol ipv6-ipv4 6to4
[r1-Tunnel0/0/1]source 12.1.1.1
[r1-Tunnel0/0/1]q
[r1]ipv6 route-static 2002:: 16 Tunnel 0/0/1
3/ Double stack Equipment room V4/V6 The network works at the same time
边栏推荐
- Raspberry pie tap switch button to use
- 几个关于指针的声明【C语言】
- 列表的使用
- Learning notes of JS variable scope and function
- History object
- GCC compilation options
- I2C bus timing explanation
- RuntimeError: cuDNN error: CUDNN_ STATUS_ NOT_ INITIALIZED
- [esp32 learning-2] esp32 address mapping
- JS object and event learning notes
猜你喜欢
C language callback function [C language]
Detailed explanation of Union [C language]
Classification, understanding and application of common methods of JS array
Reno7 60W超级闪充充电架构
I2C bus timing explanation
基于Redis的分布式锁 以及 超详细的改进思路
A possible cause and solution of "stuck" main thread of RT thread
Navigator object (determine browser type)
OPPO VOOC快充电路和协议
Working principle of genius telephone watch Z3
随机推荐
【ESP32学习-1】Arduino ESP32开发环境搭建
inline详细讲解【C语言】
Fashion-Gen: The Generative Fashion Dataset and Challenge 论文解读&数据集介绍
AMBA、AHB、APB、AXI的理解
Detailed explanation of Union [C language]
.elf .map .list .hex文件
JS variable types and common type conversions
荣耀Magic 3Pro 充电架构分析
记一次云服务器被密码爆破的经历——关小黑屋、改密码、改端口
Custom view puzzle getcolor r.color The color obtained by colorprimary is incorrect
[golang] leetcode intermediate - fill in the next right node pointer of each node & the k-smallest element in the binary search tree
Characteristics, task status and startup of UCOS III
Types de variables JS et transformations de type communes
Reno7 60W super flash charging architecture
Esp8266 uses Arduino to connect Alibaba cloud Internet of things
Esp8266 connects to bafayun (TCP maker cloud) through Arduino IED
Kconfig Kbuild
. elf . map . list . Hex file
arduino获取随机数
Togglebutton realizes the effect of switching lights