【思科】IPv6 过渡技术 - IPv6 in IPv4隧道

张白夕

已于 2024-06-22 10:47:47 修改

阅读量1.3k

点赞数 10

分类专栏： # 思科文章标签：服务器网络 IPv6 VPN 网络安全路由器

于 2024-06-22 09:29:25 首次发布

本文链接：https://blog.csdn.net/2301_77161465/article/details/139873997

版权

思科专栏收录该内容

21 篇文章 14 订阅

订阅专栏

在这里插入图片描述

实验要求

实验环境 : EVE

实验需求:
实现双方站点的IPv6网络可以跨 IPv4 网络进行通信

实现思路

① IPv6网络用OSPFv3来实现互通
② IPv4网络用OSPF来实现互通
③ 使用IPv6 in IPv4隧道实现Pv6网络可以跨 IPv4 网络进行通信

隧道可以在原有的IPv6头部，再加上Pv4头部，就可以帮助IPv6跨IPv4网络进行通信了

IPv6 in IPv4 与 GRE 不同点

GRE隧道的报文结构：IPv4 — GRE — IPv6
IPv6 in IPv4来说，它的报文结构发生了变化：IPv4 — IPv6

这个时候，我们可以观察到GRE的报文
Protocol协议字段：记录内层协议字段是什么

在IPv4头部中，我们可以看到，有个Protocol协议字段，里面指向了GRE
当找到了GRE这里，才说去再IPv6，这样子有点脱裤子放屁了
IPv4 → GRE → IPv6

那我就这样子，将IPv6的Protocol协议字段，直接指向IPv6头部：IPv4 → IPv6
那这样子就不会浪费空间了,大大的提高了传输效率
所以就有了IPv6 in IPv4

*GRE隧道*
在这里插入图片描述

注意点

OSPFv3 只能通过接口下宣告，不能使用Network！！！

配置

在这里插入图片描述

R1

基础配置

R1(config)#int e0/0
R1(config-if)#no shutdown
R1(config-if)#ipv6 address 2001:12::1/64
R1(config-if)#exit

R1(config)#int loopback 1
R1(config-if)#ipv6 address 2000:1:1::1/64
R1(config-if)#exit

R1(config)#int loopback 2
R1(config-if)#ipv6 address 2000:1:2::1/64
R1(config-if)#exit

R1(config)#int loopback 3
R1(config-if)#ipv6 address 2000:1:3::1/64
R1(config-if)#exit


===================================   查看接口IPv6地址 =================================
R1(config)#do show ipv6 int brief
Ethernet0/0            [up/up]
    FE80::A8BB:CCFF:FE00:1000
    2001:12::1
Ethernet0/1            [administratively down/down]
    unassigned
Ethernet0/2            [administratively down/down]
    unassigned
Ethernet0/3            [administratively down/down]
    unassigned
Loopback1              [up/up]
    FE80::A8BB:CCFF:FE00:1000
    2000:1:1::1
Loopback2              [up/up]
    FE80::A8BB:CCFF:FE00:1000
    2000:1:2::1
Loopback3              [up/up]
    FE80::A8BB:CCFF:FE00:1000
    2000:1:3::1

OSPFv3 局域网可达

## 记得要启用IPv6单播路由，才能去配置动态路由
R1(config)#ipv6 unicast-routing  
                 
## 进入OSPFv3 IPv6 地址族，设置RID为 1.1.1.1
R1(config)#router ospfv3 1
R1(config-router)#address-family ipv6
R1(config-router-af)#router-id 1.1.1.1
R1(config-router-af)#exit
R1(config-router)#exit

## 接口下宣告
R1(config)#int range e0/0,lo1,lo2,lo3
R1(config-if-range)#ospfv3 1 ipv6 area 0
R1(config-if-range)#exit

R2

基础配置

R2(config)#int e0/0
R2(config-if)#no shutdown 
R2(config-if)#ipv6 address 2001:12::2/64
R2(config-if)#exit

R2(config)#int e0/1
R2(config-if)#no shutdown 
R2(config-if)#ip address 172.16.23.2 255.255.255.0 
R2(config-if)#exit

局域网环境(OSPFv3)：IPv6 网络

## 需要开启IPv6单播功能
R2(config)#ipv6 unicast-routing 

## 进入OSPFv3 IPv6 地址族，设置RID为 2.2.2.2
R2(config)#router ospfv3 1
R2(config-router)#address-family ipv6
R2(config-router-af)#router-id 2.2.2.2
R2(config-router-af)#exit

## 接口下宣告
R2(config)#int range e0/0
R2(config-if-range)#ospfv3 1 ipv6 area 0
R2(config-if-range)#exit



==============================   查看 R2 学到IPv6 路由条目  ============================
R2(config)#do show ipv6 route
IPv6 Routing Table - default - 6 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
       B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP
       H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
       IS - ISIS summary, D - EIGRP, EX - EIGRP external, NM - NEMO
       ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr - Redirect
       RL - RPL, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
       OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
       la - LISP alt, lr - LISP site-registrations, ld - LISP dyn-eid
       lA - LISP away, a - Application
O   2000:1:1::1/128 [110/10]
     via FE80::A8BB:CCFF:FE00:1000, Ethernet0/0
O   2000:1:2::1/128 [110/10]
     via FE80::A8BB:CCFF:FE00:1000, Ethernet0/0
O   2000:1:3::1/128 [110/10]
     via FE80::A8BB:CCFF:FE00:1000, Ethernet0/0
C   2001:12::/64 [0/0]
     via Ethernet0/0, directly connected
L   2001:12::2/128 [0/0]
     via Ethernet0/0, receive
L   FF00::/8 [0/0]
     via Null0, receive

IPv6 in IPv4隧道

## 目的：IPv4网络内部互通
R2(config)#router ospf 110
R2(config-router)#router-id 2.2.2.2
R2(config-router)#network 172.16.23.0 0.0.0.255 area 0
R2(config-router)#exit

## 建立IPv6 in IPv4 隧道
R2(config)#int tunnel 24
R2(config-if)#tunnel mode ipv6ip            ## 把Tunnel隧道模式改为Ipv6 in Ipv4 模式
R2(config-if)#ipv6 address 2001:24::2/64    ## IPv6 接口地址
R2(config-if)#tunnel source e0/1
R2(config-if)#tunnel destination 172.16.34.4
R2(config-if)#ospfv3 1 ipv6 area 0          ## 将tunnel24 宣告进OSPFv3当中，从而达到双方内部可达
R2(config-if)#exit



==================================   查看到接口状态   ====================================
R2(config)#do show ipv6 int br
Ethernet0/0            [up/up]
    FE80::A8BB:CCFF:FE00:2000
    2001:12::2
Ethernet0/1            [up/up]
    unassigned
Ethernet0/2            [administratively down/down]
    unassigned
Ethernet0/3            [administratively down/down]
    unassigned
Tunnel24               [up/up]
    FE80::A8BB:CCFF:FE00:2000
    2001:24::2
   
==================================   此时查看到IPv6路由表   ====================================
## 可以看到我R2已经学习到R5内部的路由了

R2(config)#do show ipv6 route
IPv6 Routing Table - default - 12 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
       B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP
       H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
       IS - ISIS summary, D - EIGRP, EX - EIGRP external, NM - NEMO
       ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr - Redirect
       RL - RPL, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
       OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
       la - LISP alt, lr - LISP site-registrations, ld - LISP dyn-eid
       lA - LISP away, a - Application
O   2000:1:1::1/128 [110/10]
     via FE80::A8BB:CCFF:FE00:1000, Ethernet0/0
O   2000:1:2::1/128 [110/10]
     via FE80::A8BB:CCFF:FE00:1000, Ethernet0/0
O   2000:1:3::1/128 [110/10]
     via FE80::A8BB:CCFF:FE00:1000, Ethernet0/0
==================================================
O   2000:5:1::1/128 [110/1010]
     via FE80::A8BB:CCFF:FE00:4000, Tunnel24
O   2000:5:2::1/128 [110/1010]
     via FE80::A8BB:CCFF:FE00:4000, Tunnel24
O   2000:5:3::1/128 [110/1010]
     via FE80::A8BB:CCFF:FE00:4000, Tunnel24
==================================================
C   2001:12::/64 [0/0]
     via Ethernet0/0, directly connected
L   2001:12::2/128 [0/0]
     via Ethernet0/0, receive
C   2001:24::/64 [0/0]
     via Tunnel24, directly connected
L   2001:24::2/128 [0/0]
     via Tunnel24, receive
O   2001:45::/64 [110/1010]
     via FE80::A8BB:CCFF:FE00:4000, Tunnel24
L   FF00::/8 [0/0]
     via Null0, receive
R2(config)#

R3

R3(config)#int e0/0
R3(config-if)#no shutdown 
R3(config-if)#ip address 172.16.23.3 255.255.255.0
R3(config-if)#exit

R3(config)#int e0/1
R3(config-if)#no shutdown 
R3(config-if)#ip address 172.16.34.3 255.255.255.0
R3(config-if)#exit

R3(config)#router ospf 110
R3(config-router)#router-id 3.3.3.3
R3(config-router)#network 172.16.0.0 0.0.255.255 area 0
R3(config-router)#exit

R4

基础配置

R4(config)#int e0/0
R4(config-if)#no shutdown 
R4(config-if)#ip address 172.16.34.4 255.255.255.0
R4(config-if)#exit

R4(config)#int e0/1
R4(config-if)#no shutdown 
R4(config-if)#ipv6 address 2001:45::4/64
R4(config-if)#exit

局域网环境(OSPFv3)：IPv6 网络

## 需要开启IPv6单播功能
R4(config)#ipv6 unicast-routing 

## 进入OSPFv3 IPv6 地址族，设置RID为 4.4.4.4
R4(config)#router ospfv3 1
R4(config-router)#address-family ipv6
R4(config-router-af)#router-id 4.4.4.4
R4(config-router-af)#exit
R4(config-router)#exit

## 接口下宣告
R4(config)#int e0/1
R4(config-if)#ospfv3 1 ipv6 area 0
R4(config-if)#exit

IPv6 in IPv4隧道

## 目的：IPv4网络内部互通
R4(config)#router ospf 110 
R4(config-router)#router-id 4.4.4.4
R4(config-router)#network 172.16.34.0 0.0.0.255 area 0
R4(config-router)#exit

## 建立IPv6 in IPv4 隧道
R4(config)#int tunnel 24
R4(config-if)#tunnel mode ipv6ip            ## 把Tunnel隧道模式改为IPv6 in IPv4 模式
R4(config-if)#ipv6 address 2001:24::4/64    ## IPv6 地址
R4(config-if)#tunnel source e0/0
R4(config-if)#tunnel destination 172.16.23.2
R4(config-if)#ospfv3 1 ipv6 area 0          ## 将tunnel24 宣告进OSPFv3当中，从而达到双方站点IPv6网络可达
R4(config-if)#exit

R5

基础配置

R5(config)#int e0/0
R5(config-if)#no shutdown 
R5(config-if)#ipv6 address 2001:45::5/64
R5(config-if)#exit

R5(config)#int loopback 1
R5(config-if)#ipv6 address 2000:5:1::1/64
R5(config-if)#exit

R5(config)#int loopback 2
R5(config-if)#ipv6 address 2000:5:2::1/64
R5(config-if)#exit

R5(config)#int loopback 3
R5(config-if)#ipv6 address 2000:5:3::1/64
R5(config-if)#exit


===================================   查看接口IPv6地址 =================================
R5#show ipv6 int br
Ethernet0/0            [up/up]
    FE80::A8BB:CCFF:FE00:5000
    2001:45::5
Ethernet0/1            [administratively down/down]
    unassigned
Ethernet0/2            [administratively down/down]
    unassigned
Ethernet0/3            [administratively down/down]
    unassigned
Loopback1              [up/up]
    FE80::A8BB:CCFF:FE00:5000
    2000:5:1::1
Loopback2              [up/up]
    FE80::A8BB:CCFF:FE00:5000
    2000:5:2::1
Loopback3              [up/up]
    FE80::A8BB:CCFF:FE00:5000
    2000:5:3::1

OSPFv3 局域网可达

## 记得要启用IPv6单播路由，才能去配置动态路由
R5(config)#ipv6 unicast-routing  
                 
## 进入OSPFv3 IPv6 地址族，设置RID为 5.5.5.5
R5(config)#router ospfv3 1
R5(config-router)#address-family ipv6 
R5(config-router-af)#router-id 5.5.5.5
R5(config-router-af)#exit
R5(config-router)#exit

## 接口下宣告
R5(config)#int range e0/0,lo1,lo2,lo3
R5(config-if-range)#ospfv3 1 ipv6 area 0
R5(config-if-range)#exit

检查

R1 的路由表

在这里插入图片描述

R5 的路由表

在这里插入图片描述

R1 Ping R5

R1#ping 2000:5:1::1 source lo 1
在这里插入图片描述

抓包分析

抓的是 R2的e0/1口
其实这个时候就可以看到，数据包发送的时候
此时就只新增了IPv4报文头这样子就比GRE少了一个封装字段，提高了传输效率

Ping包
在这里插入图片描述

配置文档

R1

! 
ipv6 unicast-routing 
!
interface Loopback1
 ipv6 address 2000:1:1::1/64
 ospfv3 1 ipv6 area 0
!
interface Loopback2
 ipv6 address 2000:1:2::1/64
 ospfv3 1 ipv6 area 0
!
interface Loopback3
 ipv6 address 2000:1:3::1/64
 ospfv3 1 ipv6 area 0
!
interface Ethernet0/0
 ipv6 address 2001:12::1/64
 ospfv3 1 ipv6 area 0
!
router ospfv3 1
 !
 address-family ipv6 unicast
  router-id 1.1.1.1
!

R2

!
ipv6 unicast-routing 
!
interface Tunnel24
 tunnel mode ipv6ip
 ipv6 address 2001:24::2/64
 ospfv3 1 ipv6 area 0
 tunnel source Ethernet0/1
 tunnel destination 172.16.34.4
!
interface Ethernet0/0
 no shutdown
 ipv6 address 2001:12::2/64
 ospfv3 1 ipv6 area 0
!
interface Ethernet0/1
 no shutdown
 ip address 172.16.23.2 255.255.255.0
! 
router ospfv3 1
 !
 address-family ipv6 unicast
  router-id 2.2.2.2
!
router ospf 110
 router-id 2.2.2.2
 network 172.16.23.0 0.0.0.255 area 0
!

R3

!
interface Ethernet0/0
 no shutdown
 ip address 172.16.23.3 255.255.255.0
!
interface Ethernet0/1
 no shutdown
 ip address 172.16.34.3 255.255.255.0
!         
router ospf 110
 router-id 3.3.3.3
 network 172.16.0.0 0.0.255.255 area 0
!

R4

!
ipv6 unicast-routing
!
interface Tunnel24
 tunnel mode ipv6ip
 ipv6 address 2001:24::4/64
 ospfv3 1 ipv6 area 0
 tunnel source Ethernet0/0
 tunnel destination 172.16.23.2
!
interface Ethernet0/0
 no shutdown
 ip address 172.16.34.4 255.255.255.0
!
interface Ethernet0/1
 no shutdown
 ipv6 address 2001:45::4/64
 ospfv3 1 ipv6 area 0
!
router ospfv3 1
 !
 address-family ipv6 unicast
  router-id 4.4.4.4
!
router ospf 110
 router-id 4.4.4.4
 network 172.16.34.0 0.0.0.255 area 0
!

R5

!
ipv6 unicast-routing
!
interface Loopback1
 ipv6 address 2000:5:1::1/64
 ospfv3 1 ipv6 area 0
!
interface Loopback2
 ipv6 address 2000:5:2::1/64
 ospfv3 1 ipv6 area 0
!
interface Loopback3
 ipv6 address 2000:5:3::1/64
 ospfv3 1 ipv6 area 0
!
interface Ethernet0/0 
 no shutdown
 ipv6 address 2001:45::5/64
 ospfv3 1 ipv6 area 0
!
router ospfv3 1
 !
 address-family ipv6 unicast
  router-id 5.5.5.5
!