Ipv6

2,052 views

Published on

ipv6

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
2,052
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
34
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Prepared at 17.11.2011
    Last updated 10.03.2012
  • Check etmek için show frame-relay map
  • Global local(Unicast address) 2000::/3 ile başlar
  • IPv6 adresinin sonuna otomatik mac adresini ekler. İndividual ipv6 adresi oluşumunu sağlar.
  • 14400 = 4 hour for valid and preferred lifetime.
    Check etmek için //show ipv6 interface e0/0 prefix
  • RIPNG process’e verdiğimiz isim.
    Rack1R6#
    *Nov 18 13:01:19.387: RIPng: Sending multicast update on Loopback100 for RIPNG
    *Nov 18 13:01:19.387: src=FE80::A8BB:CCFF:FE00:600
    *Nov 18 13:01:19.387: dst=FF02::9 (Loopback100)
    *Nov 18 13:01:19.387: sport=521, dport=521, length=92
    *Nov 18 13:01:19.387: command=2, version=1, mbz=0, #rte=4
    *Nov 18 13:01:19.387: tag=0, metric=1, prefix=2001:1:0:146::/64
    *Nov 18 13:01:19.387: tag=0, metric=1, prefix=FC00:1:0:6::/64
    *Nov 18 13:01:19.387: tag=0, metric=2, prefix=FC00:1:0:1::/64
    *Nov 18 13:01:19.387: tag=0, metric=2, prefix=FC00:1:0:4::/64
    *Nov 18 13:01:19.387: RIPng: Sending multicast update on Ethernet0/0 for RIPNG
    Rack1R6#
  • R1-R4-R5 arasında.
    Link local adressler konfigure edilmeli.
    Frame-relay mapping ler link local adress uzerinden yapılırken broadcast kelimesi unutulmamalı.
  • R5 te, R6 nın lo100 IPv6 prefixini bloklayıp gerisine izin verme.
  • R4 R5 arasında ipv6 ve ripng yi enable ettik, R4-R5 arasındaki serial linki kullansın frame relay yedek kalsın, bunu summarization kullanmadan gercekleştir.

    Benzer konfigurasyonu R5 te de yaptık.
    Rack1R4(config-if)#do show ipv6 route fc00:1:0:5::/64
    Routing entry for FC00:1:0:5::/64
    Known via "rip RIPNG", distance 120, metric 2
    Route count is 1/1, share count 0
    Routing paths:
    FE80::A8BB:CCFF:FE00:500, Serial2/1
    Last updated 00:06:11 ago
  • R6 dan initial metric 5 ile RIPNG domainine default route basalım.
    “ipv6 rip RIPNG default-information originate only” komutu ile sadece default route’u o interface e gondeririz, diğer bütün subnetleri filtreleriz.
    Rack1R4#show ipv6 route rip
    IPv6 Routing Table - Default - 12 entries
    Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
    B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
    I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
    EX - EIGRP external
    O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
    ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
    R ::/0 [120/6]
  • EIGRPv6 i R4,R5,R6,SW2 de enable edelim.
    Lo100 leri ipv6 fc00:1:0:y::/64 y router numarası olmak uzere konfigure edelim, bu loopbackleri eigrpv6 e advertise edelim.
    Eigrpv6 i R4 R5 arasındaki frame relayde acalım.
    R 1-4-6 arasında CISCO passwordu ile authenticate olsunlar.

    Rack1R5#show ipv6 eigrp neighb
    IPv6-EIGRP neighbors for process 100
    H Address Interface Hold Uptime SRTT RTO Q Seq
    (sec) (ms) Cnt Num
    2 Link-local address: Se2/1 11 00:01:33 33 200 0 16
    FE80::A8BB:CCFF:FE00:400
    1 Link-local address: Et0/0 14 00:03:46 16 200 0 4
    FE80::A8BB:CCFF:FE00:801
    0 Link-local address: Se2/0 145 00:18:06 652 3912 0 14
    FE80::4


    Rack1R5#show ipv6 protocols
    IPv6 Routing Protocol is "connected"
    IPv6 Routing Protocol is "rip RIPNG"
    Interfaces:
    Serial2/0
    Loopback100
    Redistribution:
    None
    IPv6 Routing Protocol is "eigrp 100"
    EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
    EIGRP maximum hopcount 100
    EIGRP maximum metric variance 1
    Interfaces:
    Ethernet0/0
    Serial2/0
    Serial2/1
    Loopback100
    Redistribution:
    None
    Maximum path: 16
    Distance: internal 90 external 170
  • R5, R5 ve SW2 nin lo100 interfacelerini optimum summurize etsin.


    Rack1R4#show ipv6 route eig
    IPv6 Routing Table - Default - 16 entries
    Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
    B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
    I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
    EX - EIGRP external
    O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
    ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
    D FC00:1::/60 [90/2297856]
    via FE80::5, Serial2/0
  • R5 te R6 nın lo100 ipv6 prefixini bloklayıp gerisine izin ver.
    RIPtakiye tamamen aynı
  • Unequal load balancing yapsın feasible’ın en fazla 3 kat kotu metric olması durumunda.
    R4 –R5 serial linkinde , frame-relay’a gore delay metrigi 2 kat iyi olsun.
    K3 değeri delayi verir.
  • R6 ipv6 eigrp domainine default route bassın.

    Rack1R5#show ipv6 route eigrp
    IPv6 Routing Table - Default - 17 entries
    Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
    B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
    I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
    EX - EIGRP external
    O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
    ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
    D ::/0 [90/307200]
    via FE80::A8BB:CCFF:FE00:400, Serial2/1
    via FE80::4, Serial2/0
  • Ospfv3 u R3, SW1, R6 arasında aç, router-id’lerini lo0 daki ip olsun.
    R3 – SW1 area 37; SW1 – R6 area 0 olsun.
    R3 – SW1 arası network tipi point-to-point olsun.
    R6 – SW1 arasındaki hello/dead timer’ı 10 kat hızlı yap.
  • R2,R3, R5 frame-relay de ospfv3 area 0 olsun. DR-BDR secimi olmasın ve hello paketleri broadcast yollanmasın.

    Rack1R3(config-if)#do show ipv6 ospf int bri
    Interface PID Area Intf ID Cost State Nbrs F/C
    Se2/0 1 0 11 64 P2MP 1/1
    Et0/0 1 37 3 10 P2P 1/1
  • Rack1SW1(config-rtr)#do show ipv6 ospf nei

    Neighbor ID Pri State Dead Time Interface ID Interface
    150.1.3.3 1 FULL/ - - 22 OSPFv3_VL0
    150.1.6.6 1 FULL/BDR 00:00:03 7 Ethernet1/0
    150.1.3.3 1 FULL/ - 00:00:35 3 Ethernet0/3

    Rack1SW1(config-rtr)#do show ipv6 ospf virtual
    Virtual Link OSPFv3_VL0 to router 150.1.3.3 is up
    Interface ID 23, IPv6 address FC00:1:0:37::3
    Run as demand circuit
    DoNotAge LSA allowed.
    Transit area 37, via interface Ethernet0/3, Cost of using 10
    Transmit Delay is 1 sec, State POINT_TO_POINT,
    Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    Adjacency State FULL (Hello suppressed)
    Index 1/2/3, retransmission queue length 0, number of retransmission 0
    First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0)
    Last retransmission scan length is 0, maximum is 0
    Last retransmission scan time is 0 msec, maximum is 0 msec

    Rack1R6>show ipv6 route ospf
    IPv6 Routing Table - Default - 21 entries
    Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
    B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
    I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
    EX - EIGRP external
    O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
    ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
    O 2001:1:0:1234::2/128 [110/148]
    via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
    O 2001:1:0:1234::3/128 [110/20]
    via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
    O 2001:1:0:1234::5/128 [110/84]
    via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
    OI FC00:1:0:37::/64 [110/20]
    via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
    OI FC00:1:0:37::3/128 [110/20]
    via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
    OI FC00:1:0:37::7/128 [110/10]
    via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
  • SW2 ve R5 i ospfv3 area 58e kur.
    SW2 de lo100 ve lo 101 i fc00:1:0:8::8/64 ve fc00:1:0:88::88/64 ver.
    Ospfv3 advertise ve summary et.

    Summarization’ı ABR da yaptık; IPv6 adresinin herbir 4lugunun içindekilerin hexadecimal oldugunu unutmayalım. 88 = 1000 1000 binary, decimal karsılıgı 136;

    Rack1R6>show ipv6 route ospf
    IPv6 Routing Table - Default - 22 entries
    Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
    B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
    I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
    EX - EIGRP external
    O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
    ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
    O 2001:1:0:1234::2/128 [110/148]
    via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
    O 2001:1:0:1234::3/128 [110/20]
    via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
    O 2001:1:0:1234::5/128 [110/84]
    via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
    OI FC00:1::/56 [110/94]
    via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
    OI FC00:1:0:37::/64 [110/20]
    via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
    OI FC00:1:0:37::3/128 [110/20]
    via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
    OI FC00:1:0:37::7/128 [110/10]
    via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
  • R5 te Ospfv3, ripng, eigrpv6 arasında redistribution yapalım, her biri internal path lere giderken native prefix kullansın.
  • R3 un frame relay interface’inde yapacağımız konfigurasyon ile vlan 67 dekiler sadece ftp ve http ye giriş yapabilsin.
    DNS queries ve responselarına izin ver, IPv6 routing etkilenmesin.
    R5 te http server’ı enable et.
    http = tcp 80
    ftp = tcp 20 21
    Dns = 43
    Ospf = 89
  • R6’da yapacağımız config ile SW1 IPv4 drsi 150.1.4.4 e 200::9601:404 ile ulaşsın.
    SW1 vlan 67 de ipv6 adresi ile souce ettiğinde R6 bunu 155.1.146.7 cevirsin.
    SW1 de static route konfigure edin 2000::/96 SW1 in e0/3 unu R6 ya ulaşmak için kullanmasın.

    Debug ipv6 nat detailed
  • R1 ve R5 i bgp 100 ve 500 olarak frame-relay uzerinden komsuluk kursun.
    İki adet loopback interface i bgp ye advertise edelim.
    R5’e summary olarak gitsin.

    Rack1R5#show bgp ipv6 unic
    BGP table version is 2, local router ID is 150.1.5.5
    Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
    r RIB-failure, S Stale
    Origin codes: i - IGP, e - EGP, ? - incomplete

    Network Next Hop Metric LocPrf Weight Path
    *> 2003:1::/59 2001:1:0:1234::1
    0 0 100 i
  • Enable ipv6 multicast routing on R1, R3, R4, R5,R6.
    R4-R5 arasındaki frame relay de PIM olmasın.
    R5 vlan 58 interface’inde ff08::/128
    R5 sadece ff08::/64 grubundan gelen MLD raporlarını alsın, SW2 ye dogru sadece 10 multicast state’i oluştursun.
    R5 vlan 58 interface’ine her 10 saniyede bir querry atsın.

    MLD : Multicast Listener Discovery Protocol.
    Not : butun Ipv6 adresleri ff ile baslar.
    İpv6 mld limit
    İpv6 mld querry-interval
    İpv6 mld querry-timeout
    İpv6 querry-max-response-time
  • R6 RP; R4 BSR olsun, R3, R5 teki multicast grubuna join olsun.
    in order to check the BSR “debug ipv6 pim bsr”
    Rack1R1#show ipv6 pim bsr election
    PIMv2 BSR information

    BSR Election Information
    Scope Range List: ff00::/8
    BSR Address: FC00:1:0:4::4
    Uptime: 00:05:22, BSR Priority: 100, Hash mask length: 126
    RPF: FE80::5,Serial2/0
    BS Timer: 00:01:48

    Static route’lar RPF check i sağlaması için konfigure edildi.

    sh ipv6 pim range-list
    sh ipv6 mroute
  • R5 vlan 58 i uzerinden ff76:0640:2001:cc1e::8 grubuna join olsun.
    R6 RP oldugunu annons etmeyi durdursun ve R1 pingleyebilmeye devam etsin.
  • R2, R5, R6 da loopback interfaceleri olustur. 2001:1:0:Y::Y/64
    R5 – R6 arasında tunel kuralım 2001:1:0:0:56::Y/64
    R2 – R6 arasında tunel kuralım 2001:1:0:0:26::Y/64
    r2-r6 arasında farklı l3 protocollerine uygun encaptulation kullanalım. // automatic mode GRE
    R5-r6 arasında encaptulation ipv6 over ipv4 olsun.

    Not : IPv6 tunnel uses ip protocol number 41,in access list
    in access-list 100 permit|deny 41 any any

    Rack1R6(config)#do show int tunn 26
    Tunnel26 is up, line protocol is up
    Hardware is Tunnel
    MTU 17916 bytes, BW 100 Kbit/sec, DLY 50000 usec,
    reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation TUNNEL, loopback not set
    Keepalive not set
    Tunnel source 150.1.6.6 (Loopback0), destination 150.1.2.2
    Tunnel protocol/transport GRE/IP

    Rack1R6(config)#do show int tunn 56
    Tunnel56 is up, line protocol is up
    Hardware is Tunnel
    MTU 17920 bytes, BW 100 Kbit/sec, DLY 50000 usec,
    reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation TUNNEL, loopback not set
    Keepalive not set
    Tunnel source 150.1.6.6 (Loopback0), destination 150.1.5.5
    Tunnel protocol/transport IPv6/IP
  • Ipv4 lo0 adreslerini kullanarak R3,R4,R5 te 6to 4 tunnel yapalım.
    Yeni loopback adreslerini subnet number 0 prefix length 64 ve 6to4 /48 prefix i ile oluştur.
    Static routing ile connectivity i sağla.

    Not : tunnele destinsation koymadık.
    Bu tunnel multipointtir.
    6to4 IPv6 adress : 2002 (16 bit): IPv4 adress (32 bits): subnet ID (16 bit) : interface id (64 bit).

    Rack1R5(config-if)#do show int tunn 345
    Tunnel345 is up, line protocol is up
    Hardware is Tunnel
    MTU 17920 bytes, BW 100 Kbit/sec, DLY 50000 usec,
    reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation TUNNEL, loopback not set
    Keepalive not set
    Tunnel source 150.1.5.5 (Loopback0)
    Tunnel protocol/transport IPv6 6to4
  • Loopback 0 ipv4 adreslerini kullanarak R1, SW1, SW2 yi ISATAP tuneli ile bagla.
    2001:1:0:345::/64, /64 prefixini ipv6 adresi ile tunnel end pointleri oluştur.
    Yeni loopbackleri 2001:1:0:y::y/64 ile oluştur, static routelar ile connectivity i sağla.

    64 bit prefiximiz 2001:1:0:345::/64
    EUI-64 = 0000(16 bits) + 5efe (16 bits) + IPv4 address (32 bit)

    Not: Isatap multipointtir.

    Rack1R5(config)#do show int tunn 345
    Tunnel345 is up, line protocol is up
    Hardware is Tunnel
    MTU 17920 bytes, BW 100 Kbit/sec, DLY 50000 usec,
    reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation TUNNEL, loopback not set
    Keepalive not set
    Tunnel source 150.1.5.5 (Loopback0)
    Tunnel protocol/transport IPv6 ISATAP
    Tunnel TTL 255
  • Ipv6

    1. 1. IPv6 Alp ISIK
    2. 2. 9.1 Link-local addressing • At R1 - // similiar at R2-R3-R4 int s2/0 ipv6 address fe80::1 link-local frame-relay map ipv6 fe80::5 105 broadcast frame-relay map ipv6 fe80::2 105 frame-relay map ipv6 fe80::3 105 frame-relay map ipv6 fe80::4 105 At R5 interface Serial2/0 ipv6 address FE80::5 link-local frame-relay map ipv6 FE80::4 504 broadcast frame-relay map ipv6 FE80::3 503 broadcast frame-relay map ipv6 FE80::2 502 broadcast frame-relay map ipv6 FE80::1 501 broadcast frame-relay map ip 155.1.0.4 504 broadcast frame-relay map ip 155.1.0.3 503 broadcast frame-relay map ip 155.1.0.2 502 broadcast frame-relay map ip 155.1.0.1 501 broadcast
    3. 3. IPv6 Unique Local Addressing interface Ethernet0/0 ipv6 address FC00:1:0:37::3/64
    4. 4. 9.3 global Aggregatable Addressing • At R5 interface Serial2/0 ipv6 address 2001:1:0:1234::5/64 frame-relay map ipv6 2001:1:0:1234::4 501 frame-relay map ipv6 2001:1:0:1234::3 501 frame-relay map ipv6 2001:1:0:1234::2 501 frame-relay map ipv6 2001:1:0:1234::1 501
    5. 5. 9.4 EUI Addressing • At R1 int e0/0 ipv6 address 2001:1:0:146::/64 eui-64 show ipv6 int bri Ethernet0/0 [up/up] FE80::A8BB:CCFF:FE00:100 2001:1:0:146:A8BB:CCFF:FE00:100
    6. 6. ***9.5 IPv6 Auto-coniguration *** • Ipv4’daki DHCP nin gorevi olan IP dağıtımını IPv6’te routerlar, neighbor discovery router advertisement paketleri ile yapabilirler. • At R5 ipv6 unicast-routing (config-if)#ipv6 addr fc00:1:0:58::5/64 ipv6 addr fc00:1:0:85::5/64 ipv6 nd prefix fc00:1:0:58::/64 14400 14400 no-autoconfig // kullanılmamasını istediğimiz prefixlerde no autoconfig girdik. ****//trouble shoot ederken dikkat edilmeli.**** gizli komut ipv6 nd prefix fc00:1:0:85::/64 14400 14400 ipv6 nd ra-inter 40 ipv6 nd ra-life 60 *** no ipv6 nd ra suppress // defaultta boyle geliyor ama troubleshoot ederken dikkat edilmeli. • At SW2 • **IPv6 i switchlerde acabilmek icin //”sdm prefer dual-ipv4-and-ipv6 routing” komutu + reboot gerekli (config-if)#ipv6 address autoconfig default
    7. 7. 9.6 RIPng • Global’de “ipv6 unicast-routing” açılır. • IPv6 adresi configure edilmiş interface’de açılır.// interface Ethernet0/0 ipv6 address 2001:1:0:146::/64 eui-64 ipv6 rip RIPNG enable
    8. 8. RIPng over NBMA • HUB’ta //split horizonu kapatmayı unutmamalıyız. Rack1R5(config)#ipv6 router rip RIPNG Rack1R5(config-rtr)#no split-horizon
    9. 9. RIPng Summarization • At R1 ---------------- (config-if)#ipv6 rip RIPNG summary-address fc00:1::/61
    10. 10. 9.9 RIPng Prefix Filtering • R5 ipv6 router rip RIPNG distribute-list prefix-list FILTER_R6_LO100 in ipv6 prefix-list FILTER_R6_LO100 seq 5 deny FC00:1:0:6::/64 ipv6 prefix-list FILTER_R6_LO100 seq 10 permit ::/0 le 128
    11. 11. 9.10 RIPng Metric manipulation • At R4 interface Serial2/1 ipv6 enable ipv6 rip RIPNG enable interface Serial2/0 ipv6 rip RIPNG metric-offset 2 R4#show ipv6 int bri Serial2/1 [up/up] FE80::A8BB:CCFF:FE00:400 // ipv6 enable komutu otomatik link-local adresi oluşturdu.
    12. 12. 9.11 RIPng Default routing • At R6 ------ Rack1R6(config-if)# ipv6 rip RIPNG default-information originate metric 5
    13. 13. 9.12 EIGRPv6 • Diğer v6 routing protokollerinde olduğu gibi //ipv6 unicast-routing açılır. ipv6 router eigrp 100 no shut // eigrpye ozel acılır.
    14. 14. 9.13 EIGRPv6 Summarization • At R5 int s2/1 ipv6 summary-address eigrp 100 fc00:1::/60 int s2/0 ipv6 summary-address eigrp 100 fc00:1::/60
    15. 15. 9.14 EIGRP Prefix Filtering • At R5 ipv6 router eigrp 100 distribute-list prefix-list FILTER_R6_LO100 in ipv6 prefix-list FILTER_R6_LO100 seq 5 deny FC00:1:0:6::/64 ipv6 prefix-list FILTER_R6_LO100 seq 10 permit ::/0 le 128
    16. 16. 9.15 EIGRPv6 Metric Manupulation • At R4, R5, R6, SW2 ipv6 router eigrp 100 variance 3 metric weights 0 0 0 1 0 0 • At R4 ve R5 int s2/0 delay 2000 int s2/1 delay 1000
    17. 17. 9.16 EIGRPv6 Default Routing • Default route basmanın iki yolu var, summarization ve redistribution. • Redistribution’da, eigrp external ve AD170 olarak gondeririz. • Summarization da ise leak-map olmadığı için diğer bütün routelar suppress edilir. • At R6 ----------- Rack1R6(config-if)#ipv6 summary-address eigrp 100 ::/0 ? <1-255> Administrative distance <cr> Rack1R6(config-if)#ipv6 summary-address eigrp 100 ::/0 5
    18. 18. 9.17 OSPFv3 • At SW1 interface Ethernet0/3 ipv6 address FC00:1:0:37::7/64 ipv6 ospf network point-to-point ipv6 ospf 1 area 37 interface Ethernet1/0 ipv6 address FC00:1:0:67::7/64 ipv6 ospf hello-interval 1 ipv6 ospf 1 area 0 ipv6 router ospf 1 router-id 150.1.7.7
    19. 19. 9.18 OSPF over NBMA • At R2 ipv6 unicast-routing interface Serial2/0 ipv6 address FE80::2 link-local ipv6 ospf network point-to-multipoint non-broadcast ipv6 ospf neighbor FE80::5 ipv6 ospf 1 area 0 ipv6 router ospf 1 router-id 150.1.2.2 • At R5 ipv6 unicast-routing interface Serial2/0 ipv6 address FE80::5 link-local ipv6 ospf network point-to-multipoint non-broadcast ipv6 ospf neighbor FE80::2 ipv6 ospf 1 area 0 ipv6 router ospf 1 router-id 150.1.5.5
    20. 20. 9.19 OSPFv3 Virtual Links • At SW1 --------- ipv6 router ospf 1 area 37 virtual-link 150.1.3.3 • At R3 --------- ipv6 router ospf 1 area 37 virtual-link 150.1.7.7
    21. 21. 9.20 OSPFv3 Summarization • Rack1R5 ipv6 router ospf 1 area 58 range fc00:1::/56 int e0/0 ipv6 ospf 1 area 58 • SW2 interface Loopback100 ipv6 address FC00:1:0:8::8/64 ipv6 ospf 1 area 58 interface Loopback101 ipv6 address FC00:1:0:88::88/64 ipv6 ospf 1 area 58 interface vl58 ipv6 ospf 1 area 58
    22. 22. 9.21 IPv6 Redistribution • At R5 ipv6 router eigrp 100 redistribute rip RIPNG metric 1000 0 255 1 1500 include-connected redistribute ospf 1 metric 1000 0 255 1 1500 include-connected ipv6 router ospf 1 redistribute connected metric 8 redistribute rip RIPNG metric 8 redistribute eigrp 100 metric 8 ipv6 router rip RIPNG redistribute eigrp 100 metric 8 include-connected redistribute ospf 1 metric 8 include-connected • At R6 ipv6 router ospf 1 distance ospf extern 171
    23. 23. 9.22 IPv6 Filtering • At R3 int s2/0 ipv6 traffic-filter FILTER_OUT out ipv6 traffic-filter FILTER_IN in ipv6 access-list FILTER_OUT permit tcp FC00:1:0:67::/64 any eq www permit tcp FC00:1:0:67::/64 any range ftp-data ftp permit tcp FC00:1:0:67::/64 any eq whois ipv6 access-list FILTER_IN permit tcp any eq www FC00:1:0:67::/64 permit tcp any range ftp-data ftp FC00:1:0:67::/64 permit tcp any eq whois FC00:1:0:67::/64 permit 89 any any • AT R5 ip http server
    24. 24. 9.23 IPv6 NAT-PT • At SW1 ipv6 route 2000::/96 fc00:1:67::6 • R6 int e0/0.67 ipv6 nat int e0/0.146 ipv6 nat ipv6 nat v6v4 source fc00:1:0:67::7 155.1.146.7 ipv6 nat v4v6 source 150.1.4.4 2000::9601:0404 ipv6 nat prefix 2000::/96 ipv6 router rip RIPNG redistribute connected SW1 R6 R4 ipv6 route 2000::/96 fc00:1:67::6 ipv6 nat ipv6 nat fc00:1:0:67::7 fc00:1:67::6 155.1.146.7 150.1.4.4
    25. 25. 9.24 IPv6 MP-BGP • At R1 router bgp 100 neighbor 2001:1:0:1234::5 remote-as 500 address-family ipv6 unicast neighbor 2001:1:0:1234::5 activate network 2003:1:0:1::/64 network 2003:1:0:10::/61 aggregate-address 2003:1::/59 summary-only • At R5 router bgp 500 address-family ipv6 unicast neighbor 2001:1:0:1234::1 remote 100 neighbor 2001:1:0:1234::1 activate
    26. 26. 9.25 IPv6 PIM and MLD • IPv6 multicast-routing’i actıgımızda PIMv2 otomatik olarak butun interface’lerde acılır, kapatmak istediğimiz interface’lerde tek tek no ipv6 pim yazarız. • Rack1R1 ipv6 multicast-routing int s2/1 no ipv6 pim • Rack1R3 ipv6 multicast-routing int s2/2 no ipv6 pim • Rack1R4 ipv6 multicast-routing int s2/2 no ipv6 pim • R5 ipv6 multicast-routing ipv6 access-list MLD_FILTER permit ipv6 any ff08::/64 int e0/0 ipv6 mld access-group MLD_FILTER ipv6 mld join-group ff08::8 ipv6 mld query-interval 10
    27. 27. 9.26 IPv6 PIM BSR • Rack1R6 ipv6 pim bsr candidate rp fc00:1:0:6::6 prio 100 • Rack1R4 ipv6 pim bsr candidate bsr fc00:1:0:4::4 prio 100 • Rack1R5 ipv6 route fc00:1:0:4::/64 ser 2/1 multicast //statcic mroute yazımı için ipv6 te sona “multicast” eklenir. • Rack1R1 ipv6 route fc80:1:0:4::/64 e0/0 FE80::A8BB:CCFF:FE00:410 multicast // FE80::A8BB:CCFF:FE00:410 is link-local of R4 vl146
    28. 28. 9.27 IPv6 Embeded RP • Same as static RP • At R5 ipv6 mld join-group ff76:0640:2001:cc1e::8 • At R6 int lo 300 ipv6 add 2001:cc1e::6/128 ipv6 eigrp 100 ipv6 rip RIPNG enable
    29. 29. 9.28 IPv6 SSM • R5 int e0/0 ipv6 mld join-group ff36::8 2001:1:0:146:21A:2FFF:FE78:4678
    30. 30. 9.29 IPv6 Tunnelling • At R6 interface Tunnel26 ipv6 address 2001:1:0:26::6/64 tunnel source Loopback0 tunnel destination 150.1.2.2 interface Tunnel56 ipv6 address 2001:1:0:56::6/64 tunnel source Loopback0 tunnel destination 150.1.5.5 tunnel mode ipv6ip ipv6 route 2001:1:0:2::/64 Tunnel26 ipv6 route 2001:1:0:5::/64 Tunnel56 int lo100 ipv6 address 2001:1:0:6::6/64 • At R2 ipv6 unicast-routing interface Tunnel26 ipv6 address 2001:1:0:26::2/64 tunnel source Loopback0 tunnel destination 150.1.6.6 int lo100 ipv6 address 2001:1:0:2::2/64 • R5 interface Tunnel56 ipv6 address 2001:1:0:56::6/64 tunnel source Loopback0 tunnel destination 150.1.6.6 tunnel mode ipv6ip int lo100 ipv6 address 2001:1:0:5::5/64
    31. 31. 9.30 Automatic 6to4 Tunnelling • At R5 interface Tunnel345 ipv6 address 2002:9601:505::5/64 tunnel source Loopback0 tunnel mode ipv6ip 6to4 ipv6 route 2002::/16 Tunnel345 int lo200 ipv6 address 2002:9601:505:1::5/64 Not : there is no tunnel destination in config Ipv6 adresi aşağıdaki formatta olur: 2002:IPv4Address:Subnet ID : Interface ID (16 bits) : (32 bits) : (16 bits) : (64 bits) Oncelikle Ipv6 adresine gomulu IPv4 adresi üzerinden karşı taraf için destination adresi oluştururuz. Bütün 2002:: ya giden paketleri tunele yollayarak erişimi sağlarız.
    32. 32. • R3 int tunnel 345 tunnel source lo0 tunnel mode ipv6ip 6to4 ipv6 address 2002:9601:303::3/64 ipv6 route 2002::/16 Tunnel 345 int lo200 ipv6 address 2002:9601:303:1::3/64 • R4 int tunnel 345 tunnel source lo0 tunnel mode ipv6ip 6to4 ipv6 address 2002:9601:404::4/64 ipv6 route 2002::/16 Tunnel 345 int lo200 ipv6 address 2002:9601:404:1::4/64
    33. 33. R3#ping 2002:9601:0303:64::3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2002:9601:303:64::3, timeout is 2 seconds: !!!!! Gateway olarak ipv4 adresini kullanır. Protocol id 41 // firewall’da izin verilmeli.
    34. 34. WB2 lab9 3.1 R4 R6 R5 R3 İpv6ip 6to4 İpv6ip 6to4İpv6ip 6to4 İpv6ip 6to4 İpv4 cloud tunnel tunnel tunnel tunnel Lo0 İpv6 addr Lo0 İpv6 addr Lo0 İpv6 addr Lo0 İpv6 addr Static route for loopbacks over tunnel Static route for loopbacks over tunnel Static route for loopbacks over tunnel Static route for loopbacks over tunnel
    35. 35. 9.31 ISATAP Tunnelling • At R3 interface Tunnel345 ipv6 address 2001:1:0:345::/64 eui-64 tunnel source Loopback0 tunnel mode ipv6ip isatap ipv6 route 2001:1:0:5::/64 2001:1:0:345:0:5EFE:9601:505 ipv6 route 2001:1:0:4::/64 2001:1:0:345:0:5EFE:9601:404 int lo100 ipv6 address 2001:1:0:3::3/64 • At R5 interface Tunnel345 ipv6 address 2001:1:0:345::/64 eui-64 tunnel source Loopback0 tunnel mode ipv6ip isatap ipv6 route 2001:1:0:3::/64 2001:1:0:345:0:5EFE:9601:303 ipv6 route 2001:1:0:4::/64 2001:1:0:345:0:5EFE:9601:404 int lo100 ipv6 address 2001:1:0:5::5/64
    36. 36. • At R4 interface Tunnel345 ipv6 address 2001:1:0:345::/64 eui-64 tunnel source Loopback0 tunnel mode ipv6ip isatap ipv6 route 2001:1:0:4::/64 2001:1:0:345:0:5EFE:9601:303 ipv6 route 2001:1:0:4::/64 2001:1:0:345:0:5EFE:9601:505 int lo100 ipv6 address 2001:1:0:4::4/64 • Source lo0 adresinden tunnel ipv6 adresini oluşturuyor. R1#sh ipv6 int br Tunnel345 [up/up] FE80::5EFE:9601:303 2001:1:0:345:0:5EFE:9601:303
    37. 37. R3#ping 2001:1:0:345:0:5EFE:9601:404 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2001:1:0:345:0:5EFE:9601:404, timeout is 2 seconds: !!!!! PS : Protocol id 41

    ×