ipV6实验——华为设备

 

实验要求：左边画圈的区域为双栈区域，V4用RIP协议，V6用RIPNG协议，中间部分为V4区域，相当于ISP，右边画圈区域用IPV6，启用OSPF协议，要求可以访问R3的环回，R3上除了IP不做任何配置，两边的区域可以通过6to4互相访问；

思路：

先配置ISP区域，并且在R2和R4上写一条静态缺省指向R3的环回；

然后对左边区域进行配置：v4地址为192.168.1.0/24 192.168.2.0/24(R1的环回) 192.168.3.0/24（R2的环回）

                                         V6地址由：2002:1701:0101::/64   2002:1701:0101:1::/64(R1环回)   2002:1701:0101:2::/64（R2环回）,地址配置完成后，在R1的g0/0/0口上将V4和V6的环回地址进行汇总，然后在R2上的RIP和RIPNG上发布一条缺省；

之后配置右边区域：

右边区域的V6地址：AS1:2002:2201:0102::/49    AS2: 2002:2201:0102:8000::/49,

地址配置完成后，启用OSPFV3 协议，然后进行BGP邻居的配置，BGP配置完成后，将AS2内的路由汇总，然后发布到宣告到BGP 中；

最后是R2和R4上的6to4tunnel的配置，完成后，在分别在R2和R4上写一条指向2002::/16的静态，下一跳为tunnel，然后将其宣告或者重发布到对应的协议中；

配置命令：

 

R1：

<R1>dis current-configuration  
[V200R003C00]
#
 sysname R1
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
 drop illegal-mac alarm
#
ipv6
#
 set cpu-usage threshold 80 restore 75
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ipv6 enable
 ip address 192.168.1.1 255.255.255.0
 rip summary-address 192.168.0.0 255.255.252.0
 ipv6 address 2002:1701:101::1/64
 ripng 1 enable
 ripng summary-address 2002:1701:101:1:: 64
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack1
 ipv6 enable
 ip address 192.168.2.1 255.255.255.128
 ipv6 address 2002:1701:101:1::1/65
 ripng 1 enable
#
interface LoopBack2
 ipv6 enable
 ip address 192.168.2.129 255.255.255.128
 ipv6 address 2002:1701:101:1:8000::1/65
 ripng 1 enable
#
rip 1
 version 2
 network 192.168.1.0
 network 192.168.2.0
#
ripng 1
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<R1> 

R2：

<R2>dis current-configuration  
[V200R003C00]
#
 sysname R2
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
 drop illegal-mac alarm
#
ipv6
#
 set cpu-usage threshold 80 restore 75
#
acl number 2000  
 rule 5 permit source 192.168.0.0 0.0.255.255
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ipv6 enable
 ip address 192.168.1.2 255.255.255.0
 ipv6 address 2002:1701:101::2/64
 ripng 1 enable
#
interface GigabitEthernet0/0/1
 ip address 23.1.1.1 255.255.255.0
 nat outbound 2000
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack1
 ipv6 enable
 ip address 192.168.3.1 255.255.255.0
 ipv6 address 2002:1701:101:2::1/64
 ripng 1 enable
#
interface LoopBack2
#
interface Tunnel0/0/0
 ipv6 enable
 ipv6 address 2002:1701:101:4::1/64
 tunnel-protocol ipv6-ipv4 6to4
 source 23.1.1.1
#
rip 1
 default-route originate
 version 2
 network 192.168.1.0
 network 192.168.3.0
#
ripng 1
 import-route static
#
ip route-static 0.0.0.0 0.0.0.0 23.1.1.2
#
ipv6 route-static 2002:: 16 Tunnel0/0/0
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<R2>

R3：

<R3>dis current-configuration  
[V200R003C00]
#
 sysname R3
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
 drop illegal-mac alarm
#
 set cpu-usage threshold 80 restore 75
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ip address 23.1.1.2 255.255.255.0
#
interface GigabitEthernet0/0/1
 ip address 34.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack1
 ip address 3.3.3.3 255.255.255.0
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<R3> 

R4：

<R4>dis current-configuration  
[V200R003C00]
#
 sysname R4
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
 drop illegal-mac alarm
#
ipv6
#
 wlan ac-global carrier id other ac id 0
#
 set cpu-usage threshold 80 restore 75
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ip address 34.1.1.2 255.255.255.0
#
interface GigabitEthernet0/0/1
 ipv6 enable
 ipv6 address 2002:2201:102:1::1/64
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack1
 ipv6 enable
 ipv6 address 2002:2201:102:2::1/64
#
interface Tunnel0/0/0
 ipv6 enable
 ipv6 address 2002:2201:102:3::1/64
 tunnel-protocol ipv6-ipv4 6to4
 source 34.1.1.2
#
bgp 1
 router-id 4.4.4.4
 peer 2002:2201:102:1::2 as-number 2
 #
 ipv4-family unicast
  undo synchronization
 #
 ipv6-family unicast
  undo synchronization
  network 2002:: 16
  peer 2002:2201:102:1::2 enable
#
ip route-static 0.0.0.0 0.0.0.0 34.1.1.1
#
ipv6 route-static 2002:: 16 Tunnel0/0/0
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<R4>

R5：

<R5>dis current-configuration  
[V200R003C00]
#
 sysname R5
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
 drop illegal-mac alarm
#
ipv6
#
 wlan ac-global carrier id other ac id 0
#
 set cpu-usage threshold 80 restore 75
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
ospfv3 1
 router-id 5.5.5.5
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ipv6 enable
 ipv6 address 2002:2201:102:1::2/64
#
interface GigabitEthernet0/0/1
 ipv6 enable
 ipv6 address 2002:2201:102:8000::1/64
 ospfv3 1 area 0.0.0.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack1
 ipv6 enable
 ipv6 address 2002:2201:102:8001::1/64
 ipv6 address 5::5/64
 ospfv3 1 area 0.0.0.0
#
bgp 64512
 router-id 5.5.5.5
 confederation id 2
 confederation peer-as 64513
 peer 6::6 as-number 64512
 peer 6::6 connect-interface LoopBack1 5::5
 peer 2002:2201:102:1::1 as-number 1
 #
 ipv4-family unicast
  undo synchronization
 #
 ipv6-family unicast
  undo synchronization
  network 2002:2201:102:8000:: 49
  peer 6::6 enable
  peer 6::6 next-hop-local
  peer 2002:2201:102:1::1 enable
#
ipv6 route-static 2002:2201:102:8000:: 49 NULL0
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<R5>

R6：

<R6>dis current-configuration  
[V200R003C00]
#
 sysname R6
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
 drop illegal-mac alarm
#
ipv6
#
 wlan ac-global carrier id other ac id 0
#
 set cpu-usage threshold 80 restore 75
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
ospfv3 1
 router-id 6.6.6.6
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ipv6 enable
 ipv6 address 2002:2201:102:8000::2/64
 ospfv3 1 area 0.0.0.0
#
interface GigabitEthernet0/0/1
 ipv6 enable
 ipv6 address 2002:2201:102:8002::1/64
 ospfv3 1 area 0.0.0.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack1
 ipv6 enable
 ipv6 address 2002:2201:102:8003::1/64
 ipv6 address 6::6/64
 ospfv3 1 area 0.0.0.0
#
bgp 64512
 router-id 6.6.6.6
 confederation id 2
 confederation peer-as 64513
 peer 5::5 as-number 64512
 peer 5::5 connect-interface LoopBack1 6::6
 peer 7::7 as-number 64512
 peer 7::7 connect-interface LoopBack1 6::6
 #
 ipv4-family unicast
  undo synchronization
 #
 ipv6-family unicast
  undo synchronization
  peer 5::5 enable
  peer 7::7 enable
  peer 7::7 reflect-client
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<R6>

R7 :

<R 7>dis current-configuration  
[V200R003C00]
#
 sysname R 7
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
 drop illegal-mac alarm
#
ipv6
#
 set cpu-usage threshold 80 restore 75
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
ospfv3 1
 router-id 7.7.7.7
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ipv6 enable
 ipv6 address 2002:2201:102:8002::2/64
 ospfv3 1 area 0.0.0.0
#
interface GigabitEthernet0/0/1
 ipv6 enable
 ipv6 address 2002:2201:102:8004::1/64
 ospfv3 1 area 0.0.0.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack1
 ipv6 enable
 ipv6 address 2002:2201:102:8005::1/64
 ipv6 address 7::7/64
 ospfv3 1 area 0.0.0.0
#
bgp 64512
 router-id 7.7.7.7
 confederation id 2
 confederation peer-as 64513
 peer 6::6 as-number 64512
 peer 6::6 connect-interface LoopBack1 7::7
 peer 8::8 as-number 64513
 peer 8::8 ebgp-max-hop 2
 peer 8::8 connect-interface LoopBack1 7::7
 #
 ipv4-family unicast
  undo synchronization
 #
 ipv6-family unicast
  undo synchronization
  peer 6::6 enable
  peer 8::8 enable
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<R 7>

R8:

<R8>dis current-configuration  
[V200R003C00]
#
 sysname R8
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
 drop illegal-mac alarm
#
ipv6
#
 set cpu-usage threshold 80 restore 75
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
ospfv3 1
 router-id 8.8.8.8
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ipv6 enable
 ipv6 address 2002:2201:102:8004::2/64
 ospfv3 1 area 0.0.0.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack1
 ipv6 enable
 ipv6 address 2002:2201:102:8006::1/64
 ipv6 address 8::8/64
 ospfv3 1 area 0.0.0.0
#
bgp 64513
 router-id 8.8.8.8
 confederation id 2
 confederation peer-as 64512
 peer 7::7 as-number 64512
 peer 7::7 ebgp-max-hop 2
 peer 7::7 connect-interface LoopBack1 8::8
 #
 ipv4-family unicast
  undo synchronization
 #
 ipv6-family unicast
  undo synchronization
  peer 7::7 enable
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<R8> 

测试：

pingR3的环回：

 

两边局域网虎互ping

 

 

 

 

实验完成；