PCl 收到来自 PC2 的 NA 消息后, 将 PC2 的 IPv6 地址以及它的 Mac 地址添加至本地的邻居缓存表中
假设 PCl 的 IPv6 地址为 2001::1/64,PC2 的 IPv6 地址为 2001::2/64
DAD 检查
DAD(Duplicate Address Detection)重复地址检测, 类似于免费 ARP 的作用一样
用 ICMPv6 里面的 type 135(NS 邻居请求)和 type 136(NA 邻居的通告)发送
作用: 用于地址分配或主机连接网络时检测重复的 IPv4 主机地址.
过程: 节点向一个自己将使用的试验地址所在的 Solicited-node 组播组发送一个以该试验地址为请求的目标地址的邻居请求 (NS) 报文, 如果收到某个其它站点回应的邻居通告 (NA) 报文, 就证明该地址已被网络上使用, 节点将不能使用该试验地址进行通信. 这种情况下, 网络管理员需要手动为该节点分配另外一个地址
无状态自动配置
网络节点向相连的路由器发送 RS, 请求地址前缀信息
路由器通过发送路由器通告 RA, 回复地址前缀信息
用 ICMPv6 里面的 type 133(NS 邻居请求)和 type 134(NA 邻居的通告)发送
举例如下:
- [R1-GigabitEthernet0/0/0]dis this
- #
- interface GigabitEthernet0/0/0
- ipv6 enable
- ipv6 address 2019::1/64
- undo ipv6 nd ra halt
- #
Router Advertisement 用于回复 RS 报文, RS 报文中包含 IPv6 地址或前缀信息
注 1: 华为默认不会发送 RA 报文, 手工开启后默认 200S 发送一次, 使用以下命令开启
[Huawei-GigabitEthernet0/0/0]undo ipv6 nd ra halt
注 2: 主动发起 RA 报文后, 同样也会被邻居路由器收到, 在邻居路由器上开启发送 RS 报文, 便可以无状态自动配置接口 IP 地址
[Huawei-GigabitEthernet0/0/0]ipv6 address auto global
注 3: 路由器收到 RA 回复后, 使用 EUI64 生成接口 IPv6 地址; 主机 (Windows) 收到 RA 回复后, 使用软件随机生成 IPv6 地址(更加安全)
IPv6 直连
两台交换机通过 GE0/0/1 接口相连, SwitchA 及 SwitchB 的 GE0/0/1 接口分别对应各自的 VLANIF100 接口, 为 VLANIF100 接口配置 IPv6 地址, 验证它们之间的三层互通性
第一步: 使能 SWITCH 的 IPV6 转发能力
配置 SwitchA
- <HUAWEI>
- system-view [HUAWEI] sysname SwitchA [SwitchA] ipv6
配置 SwitchB
- <HUAWEI>
- system-view [HUAWEI] sysname SwitchB [SwitchB] ipv6
第二步: 配置接口的 IPV6 地址
配置 SwitchA
- [SwitchA] vlan 100
- [SwitchA-vlan100] quit
- [SwitchA] interface gigabitethernet 0/0/1
- [SwitchA-GigabitEthernet0/0/1] port link-type hybrid
- [SwitchA-GigabitEthernet0/0/1] port hybrid pvid vlan 100
- [SwitchA-GigabitEthernet0/0/1] port hybrid untagged vlan 100
- [SwitchA-GigabitEthernet0/0/1] quit
- [SwitchA] interface vlanif 100
- [SwitchA-Vlanif100] ipv6 enable
- [SwitchA-Vlanif100] ipv6 address fc00:1::1/64
- [SwitchA-Vlanif100] quit
配置 SwitchB
- [SwitchB] vlan 100
- [SwitchB-vlan100] quit
- [SwitchB] interface gigabitethernet 0/0/1
- [SwitchB-GigabitEthernet0/0/1] port link-type hybrid
- [SwitchB-GigabitEthernet0/0/1] port hybrid pvid vlan 100
- [SwitchB-GigabitEthernet0/0/1] port hybrid untagged vlan 100
- [SwitchB-GigabitEthernet0/0/1] quit
- [SwitchB] interface vlanif 100
- [SwitchB-Vlanif100] ipv6 enable
- [SwitchB-Vlanif100] ipv6 address fc00:1::2/64
- [SwitchB-Vlanif100] quit
第三步验证配置结果
显示 SwitchA 的接口信息.
- [SwitchA] display ipv6 interface vlanif 100
- Vlanif100 current state : UP
- IPv6 protocol current state : UP
- IPv6 is enabled, link-local address is FE80::218:20FF:FE00:83
- Global unicast address(es):
- FC00:1::1, subnet is FC00:1::/64
- Joined group address(es):
- FF02::1:FF00:1
- FF02::1:FF00:83
- FF02::2
- FF02::1
- MTU is 1500 bytes
- ND DAD is enabled, number of DAD attempts: 1
- ND reachable time is 30000 milliseconds
- ND retransmit interval is 1000 milliseconds
- ND stale time is 1200 seconds
显示 SwitchB 的接口信息
- [SwitchB] display ipv6 interface vlanif 100
- Vlanif100 current state : UP
- IPv6 protocol current state : UP
- IPv6 is enabled, link-local address is FE80::2E0:FCFF:FE33:11
- Global unicast address(es):
- FC00:1::2, subnet is FC00:1::/64
- Joined group address(es):
- FF02::1:FF00:2
- FF02::1:FF33:11
- FF02::2
- FF02::1
- MTU is 1500 bytes
- ND DAD is enabled, number of DAD attempts: 1
- ND reachable time is 30000 milliseconds
- ND retransmit interval is 1000 milliseconds
- ND stale time is 1200 seconds
从 SwitchA 上 Ping SwitchB 的 IPv6 地址
- [SwitchA] ping ipv6 FC00:1::2
- PING FC00:1::2 : 56 data bytes, press CTRL_C to break
- Reply from FC00:1::2
- bytes=56 Sequence=1 hop limit=64 time = 12 ms
- Reply from FC00:1::2
- bytes=56 Sequence=2 hop limit=64 time = 3 ms
- Reply from FC00:1::2
- bytes=56 Sequence=3 hop limit=64 time = 3 ms
- Reply from FC00:1::2
- bytes=56 Sequence=4 hop limit=64 time = 3 ms
- Reply from FC00:1::2
- bytes=56 Sequence=5 hop limit=64 time = 3 ms
- --- FC00:1::2 ping statistics ---
- 5 packet(s) transmitted
- 5 packet(s) received
- 0.00% packet loss
- round-trip min/avg/max = 3/4/12 ms
IPv6 静态路由
IPv6 网络中属于不同网段的主机通过几台 Switch 相连, 要求不配置动态路由协议, 使不同网段的任意两台主机之间能够互通
第一步: 配置接口所属 VLAN
配置 SwitchA.SwitchB 和 SwitchC 的配置与 SwitchA 类似.
- <HUAWEI>
- system-view [HUAWEI] sysname SwitchA [SwitchA] vlan batch 10 20 [SwitchA]
- interface gigabitethernet 0/0/1 [SwitchA-GigabitEthernet0/0/1] port link-type
- trunk [SwitchA-GigabitEthernet0/0/1] port trunk allow-pass vlan 20 [SwitchA-GigabitEthernet0/0/1]
- quit [SwitchA] interface gigabitethernet 0/0/2 [SwitchA-GigabitEthernet0/0/2]
- port link-type access [SwitchA-GigabitEthernet0/0/2] port default vlan
- 10 [SwitchA-GigabitEthernet0/0/2] quit
第二步: 配置 VLANIF 接口的 IP 地址
配置 SwitchA.SwitchB 和 SwitchC 的配置与 SwitchA 类似.
- [SwitchA] ipv6
- [SwitchA] interface vlanif 10
- [SwitchA-Vlanif10] ipv6 enable
- [SwitchA-Vlanif10] ipv6 address fc00:0:0:2001::1/64
- [SwitchA-Vlanif10] quit
- [SwitchA] interface vlanif 20
- [SwitchA-Vlanif20] ipv6 enable
- [SwitchA-Vlanif20] ipv6 address fc00:0:0:2010::1/64
- [SwitchA-Vlanif20] quit
第三步: 配置主机地址和网关
根据组网图配置好各主机的 IPv6 地址, 并将 PC1 的缺省网关配置为 fc00:0:0:2001::1,PC2 的缺省网关配置为 fc00:0:0:2002::1, 主机 3 的缺省网关配置为 fc00:0:0:2003::1.
第四步: 配置 IPV6 静态路由
在 SwitchA 配置 IPv6 缺省路由
[SwitchA] ipv6 route-static :: 0 vlanif20 fc00:0:0:2010::2
在 SwitchB 配置两条 IPv6 静态路由
- [SwitchB] ipv6 route-static fc00:0:0:2001:: 64 vlanif20 fc00:0:0:2010::1
- [SwitchB] ipv6 route-static fc00:0:0:2003:: 64 vlanif40 fc00:0:0:2020::2
在 SwitchC 配置 IPv6 缺省路由
[SwitchC] ipv6 route-static :: 0 vlanif40 fc00:0:0:2020::1
第五步: 查看配置结果
查看 SwitchA 的 IPv6 路由表
- [SwitchA] display ipv6 routing-table
- Routing Table : Public
- Destinations : 7 Routes : 7
- Destination : :: PrefixLength : 0
- NextHop : FC00:0:0:2010::2 Preference : 60
- Cost : 0 Protocol : Static
- RelayNextHop : :: TunnelID : 0x0
- Interface : Vlanif20 Flags : D
- Destination : ::1 PrefixLength : 128
- NextHop : ::1 Preference : 0
- Cost : 0 Protocol : Direct
- RelayNextHop : :: TunnelID : 0x0
- Interface : InLoopBack0 Flags : D
- Destination : FC00:0:0:2001:: PrefixLength : 64
- NextHop : FC00:0:0:2001::1 Preference : 0
- Cost : 0 Protocol : Direct
- RelayNextHop : :: TunnelID : 0x0
- Interface : Vlanif10 Flags : D
- Destination : FC00:0:0:2001::1 PrefixLength : 128
- NextHop : ::1 Preference : 0
- Cost : 0 Protocol : Direct
- RelayNextHop : :: TunnelID : 0x0
- Interface : Vlanif10 Flags : D
- Destination : FC00:0:0:2010:: PrefixLength : 64
- NextHop : FC00:0:0:2010::1 Preference : 0
- Cost : 0 Protocol : Direct
- RelayNextHop : :: TunnelID : 0x0
- Interface : Vlanif20 Flags : D
- Destination : FC00:0:0:2010::1 PrefixLength : 128
- NextHop : ::1 Preference : 0
- Cost : 0 Protocol : Direct
- RelayNextHop : :: TunnelID : 0x0
- Interface : Vlanif20 Flags : D
- Destination : FE80:: PrefixLength : 10
- NextHop : :: Preference : 0
- Cost : 0 Protocol : Direct
- RelayNextHop : :: TunnelID : 0x0
- Interface : NULL0 Flags : D
使用 Ping 进行验证
- [SwitchA] ping ipv6 fc00:0:0:2003::1
- PING fc00:0:0:2003::1 : 56 data bytes, press CTRL_C to break
- Reply from FC00:0:0:2003::1
- bytes=56 Sequence=1 hop limit=63 time = 63 ms
- Reply from FC00:0:0:2003::1
- bytes=56 Sequence=2 hop limit=63 time = 62 ms
- Reply from FC00:0:0:2003::1
- bytes=56 Sequence=3 hop limit=63 time = 62 ms
- Reply from FC00:0:0:2003::1
- bytes=56 Sequence=4 hop limit=63 time = 63 ms
- Reply from FC00:0:0:2003::1
- bytes=56 Sequence=5 hop limit=63 time = 63 ms
- --- fc00:0:0:2003::1 ping statistics ---
- 5 packet(s) transmitted
- 5 packet(s) received
- 0.00% packet loss
- round-trip min/avg/max = 62/62/63 ms
使用 Tracert 进行验证.
- [SwitchA] tracert ipv6 fc00:0:0:2003::1
- traceroute to fc00:0:0:2003::1 30 hops max,60 bytes packet
- 1 FC00:0:0:2010::2 31 ms 32 ms 31 ms
- 2 FC00:0:0:2003::1 62 ms 63 ms 62 ms
来源: http://www.bubuko.com/infodetail-3341736.html