思科6RD-从IPv4快速过渡到IPv6部署,从理论到实现讲解
本文共 7239 字,大约阅读时间需要 24 分钟。
6RD技术的实施
6RD简介
6RD是IPv6快速部署(IPv6 Rapid Deployment)的简称,其对应标准为RFC5569,6RD是在6to4基础上发展起来的一种IPv6网络过渡技术方案。通过在现有IPv4网络中增加6RD-BR,向使用IPv6的用户提供IPv6接入;在IPv6用户的家庭网关和6RD网关之间建立6in4隧道,从而实现在IPv4网络提供IPv6服务的能力.
6RD在向IPv6过渡的过程中已经取得了部分成功,因为它容易实施,扩展性强而且可靠,同时它还是无状态的。6RD是6to4自动隧道的扩展技术,部署更加灵活。它使得运行商通过已经部署完毕的IPv4网络提供IPv6服务,当然也是通过最常用的把IPv6封装在IPv4中实现。6RD和6to4自动隧道的区别:6RD不需要特定的使用2002::/16,它可以使用运行商自己的地址块,这大大的增加了实施的便利性。32位的IPv4的目标地址需要在IPv6的有效负荷重承载
图7-12 6RD示意图
如图7-12所示,CE侧为客户的IPv6单播服务,CEs之间可以实现客户的IPv6互访,也可以通过BR(边界中继设备)访问BR后的IPv6网络。数据穿越运营商的现有IPv4网络。我们在图7-14中实施6RD,其中R3和R6为CE,而R5为BR设备。各个设备上的环回口5模拟IPv6主机。图7-13为6RD隧道的地址格式,后64位是客户自己的地址空间,前64位是授权的地址空间,其中前32位是运行商的前缀,紧更着后边32位是IPv4地址,这32位中分为IPv4通用地址前缀和IPv4通用后缀(本案例通用后缀为0.0.0.0)。
图7-13 6RD隧道的地址格式 图7-14 6RD实施拓扑
步骤1.完成IPv4网络
三台设备的配置相同,启用了eigrp作为承载路由的协议
r```outer eigrp 90network 172.16.0.0CE-R3#show ip eigrp neighbors EIGRP-IPv4 Neighbors for AS(90)H Address Interface Hold Uptime SRTT RTO Q Seq(sec) (ms) Cnt Num1 172.16.123.1 Et0/0 13 00:49:29 10 100 0 60 172.16.123.2 Et0/0 14 00:49:30 8 100 0 5CE-R3#show ip route eigrp Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGPD - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2E1 - OSPF external type 1, E2 - OSPF external type 2i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2ia - IS-IS inter area, * - candidate default, U - per-user static routeo - ODR, P - periodic downloaded static route, H - NHRP, l - LISPa - application route-
- replicated route, % - next hop override
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks
D 172.16.0.1/32 [90/409600] via 172.16.123.1, 00:49:38, Ethernet0/0
D 172.16.0.2/32 [90/409600] via 172.16.123.2, 00:49:38, Ethernet0/0环回口必须数据可达,因为IPv6的通信其实是6RD隧道的源地址之间的通信,而在本案例中,我们6RD隧道的源地址为环回接口CE-R3#ping 172.16.0.1 source loopback 0Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 172.16.0.1, timeout is 2 seconds:Packet sent with a source address of 172.16.0.3 !!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 5/5/6 msCE-R3#ping 172.16.0.2 source loopback 0Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 172.16.0.2, timeout is 2 seconds:Packet sent with a source address of 172.16.0.3 !!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 2/4/6 ms## 步骤2.实施6RD隧道以及实现IPv6的路由BR-R5ipv6 general-prefix 6RD 6rd Tunnel1 //6RD隧道1的前缀通过通用前缀获得!interface Tunnel1 no ip address no ip redirects ipv6 address 6RD ::/128 //隧道的地址通过6RD获得 tunnel source Loopback0 //隧道的源地址为环回口,而在前边的实施中已经使得环回口数据可达 tunnel mode ipv6ip 6rd //实施隧道的模式为6RD tunnel 6rd ipv4 prefix-len 16 //定义6RD隧道的通用IPv4前缀长度为16,没有定义通用IPv4后缀 tunnel 6rd prefix 2003:AABB::/32 //自定义6RD隧道的前32位!ipv6 route 2003:AABB::/32 Tunnel1 //定义静态路由,到达2003:AABB::/32前缀的出接口为隧道1!interface Loopback5 no ip address ipv6 address 2003:8888::1/64 //该接口默认IPv6互联网地址CE-R6:ipv6 general-prefix 6RD 6rd Tunnel1!interface Tunnel1 no ip address no ip redirects ipv6 address 6RD ::/128 tunnel source Loopback0 tunnel mode ipv6ip 6rd tunnel 6rd ipv4 prefix-len 16 tunnel 6rd prefix 2003:AABB::/32 tunnel 6rd br 172.16.0.1 //在客户侧的CE设备上定义BR,可以通过BR实现互联网访问!ipv6 route 2003:AABB::/32 Tunnel1 //到达IPv6的通用前缀出接口为隧道1ipv6 route ::/0 Tunnel1 2003:AABB:1:: //实施到达IPv6的默认路由出接口为隧道1,下一跳中继到BR的6RD隧道的48位通用前缀。!interface Loopback5 no ip address ipv6 address 2003:AABB:3:1::1/64CE-R3ipv6 general-prefix 6RD 6rd Tunnel1!interface Tunnel1 no ip address no ip redirects ipv6 address 6RD ::/128 tunnel source Loopback0 tunnel mode ipv6ip 6rd tunnel 6rd ipv4 prefix-len 16 tunnel 6rd prefix 2003:AABB::/32 tunnel 6rd br 172.16.0.1!ipv6 route 2003:AABB::/32 Tunnel1ipv6 route ::/0 Tunnel1 2003:AABB:1::!interface Loopback5 no ip address ipv6 address 2003:AABB:2:1::1/64验证6RD隧道和IPv6路由CE-R2#show tunnel 6rd Interface Tunnel1: Tunnel Source: 172.16.0.2 6RD: Operational, V6 Prefix: 2003:AABB::/32 V4 Prefix, Length: 16, Value: 172.16.0.0 V4 Suffix, Length: 0, Value: 0.0.0.0 Border Relay address: 172.16.0.1 General Prefix: 2003:AABB:2::/48CE-R3#show tunnel 6rd Interface Tunnel1: Tunnel Source: 172.16.0.3 6RD: Operational, V6 Prefix: 2003:AABB::/32 V4 Prefix, Length: 16, Value: 172.16.0.0 V4 Suffix, Length: 0, Value: 0.0.0.0 Border Relay address: 172.16.0.1 General Prefix: 2003:AABB:3::/48BR-R1#show tunnel 6rd Interface Tunnel1: Tunnel Source: 172.16.0.1 6RD: Operational, V6 Prefix: 2003:AABB::/32 V4 Prefix, Length: 16, Value: 172.16.0.0 V4 Suffix, Length: 0, Value: 0.0.0.0 General Prefix: 2003:AABB:1::/48 //BR设备得到的通用路由前缀CE-R3#show ipv6 routeIPv6 Routing Table - default - 6 entriesCodes: C - Connected, L - Local, S - Static, U - Per-user Static route B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea IS - ISIS summary, D - EIGRP, EX - EIGRP external, NM - NEMO ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr - Redirect O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2, ls - LISP site ld - LISP dyn-EID, a - ApplicationS ::/0 [1/0] via 2003:AABB:1::, Tunnel1S 2003:AABB::/32 [1/0] via Tunnel1, directly connectedLC 2003:AABB:3::/128 [0/0] via Tunnel1, receiveC 2003:AABB:3:1::/64 [0/0] via Loopback5, directly connectedL 2003:AABB:3:1::1/128 [0/0] via Loopback5, receiveL FF00::/8 [0/0] via Null0, receiveCE-R2#show ipv6 routeIPv6 Routing Table - default - 6 entriesCodes: C - Connected, L - Local, S - Static, U - Per-user Static route B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea IS - ISIS summary, D - EIGRP, EX - EIGRP external, NM - NEMO ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr - Redirect O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2, ls - LISP site ld - LISP dyn-EID, a - ApplicationS ::/0 [1/0] via 2003:AABB:1::, Tunnel1S 2003:AABB::/32 [1/0] via Tunnel1, directly connectedLC 2003:AABB:2::/128 [0/0] via Tunnel1, receiveC 2003:AABB:2:1::/64 [0/0] via Loopback5, directly connectedL 2003:AABB:2:1::1/128 [0/0] via Loopback5, receiveL FF00::/8 [0/0] via Null0, receiveCE-R3#ping 2003:8888::1 source lo5Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 2003:8888::1, timeout is 2 seconds:Packet sent with a source address of 2003:AABB:3:1::1!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 4/5/6 ms!CE-R2#ping 2003:8888::1 source lo5Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 2003:8888::1, timeout is 2 seconds:Packet sent with a source address of 2003:AABB:2:1::1!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
IPv6主机已经可以通信,那么报文又是如何封装的呢,读者可以通过图7-15查看图7-15 6RD隧道的封装解析
转载于:https://blog.51cto.com/enderjoe/2367434
你可能感兴趣的文章
mongodb索引
查看>>
特征探索经验
查看>>
UEditor自动调节宽度
查看>>
Unity中使用多构造函数
查看>>
语言类型的相关总结
查看>>
JAVA做验证码图片(转自CSDN)
查看>>
Delphi TServerSocket,TClientSocket实现传送文件代码
查看>>
JS无聊之作
查看>>
30天敏捷结果(2):用三个故事驱动你的一周
查看>>
浅谈输入法编程(转)
查看>>
CSS3 试试看
查看>>
Mac上搭建ELK
查看>>
443 Chapter7.Planning for High Availability in the Enterprise
查看>>
HttpHandler初探 - 页面上输出图像
查看>>
框架和语言的作用
查看>>
unidac连接ORACLE免装客户端驱动
查看>>
Cygwin + OpenSSH FOR Windows的安装配置
查看>>
咏南中间件支持手机客户端
查看>>
fastscript增加三方控件之二
查看>>
Windows Vista RTM 你准备好了么?
查看>>