Configuration Verification
Verify the IPv4 services.
After the configuration is complete, access the FTP service provided by the server on the Internet using PC1 on the private IPv4 network.
C:\Documents and Settings\Administrator>ftp 1.1.3.1 Connected to 1.1.3.1. 220 FTP service ready. User (1.1.3.1:(none)): admin 331 Password required for admin. Password: 230 User logged in. ftp>
Run the display firewall session table verbose command on the CPE to check the session information.
[CPE] display firewall session table verbose Current Total Sessions : 2 ftp VPN:public --> public ID: ab016391fa4c03558d54c16fac122 Zone: trust--> untrust TTL: 00:10:00 Left: 00:09:59 Interface: Tunnel1 NextHop: 1.1.3.1 MAC: 0000-0000-0000 <--packets:8 bytes:498 -->packets:12 bytes:541 192.168.0.2:1035+->1.1.3.1:21 PolicyName: --- ftp-data VPN:public --> public ID: ab016391fa4c03558d54c16acd159 Zone: untrust--> trust TTL: 00:00:10 Left: 00:00:00 Interface: GigabitEthernet1/0/0 NextHop: 192.168.0.2 MAC: 0018-826f-b3f4 <--packets:3 bytes:124 -->packets:5 bytes:370 1.1.3.1:20-->192.168.0.2:1036 PolicyName: ---The output shows that the outbound interface is the Tunnel1 interface and the tunnel is successfully established.
Verify the IPv6 services.
Ping the interface address of the CGN that connects to the IPv6 network from the CPE, that is, the address of the GigabitEthernet 1/0/2 interface.
<CPE> ping ipv6 4000::1 PING 4000::1 : 56 data bytes, press CTRL_C to break Reply from 4000::1 bytes=56 Sequence=1 hop limit=64 time = 90 ms Reply from 4000::1 bytes=56 Sequence=2 hop limit=64 time = 100 ms Reply from 4000::1 bytes=56 Sequence=3 hop limit=64 time = 40 ms Reply from 4000::1 bytes=56 Sequence=4 hop limit=64 time = 60 ms Reply from 4000::1 bytes=56 Sequence=5 hop limit=64 time = 40 ms --- 4000::1 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 40/66/100 msIf the CGN can be successfully pinged, the IPv6 routes to the CPE and CGN are configured. On the CPE and CGN, you can run the display ospfv3 routing command to view the OSPFv3 routing tables.
[CPE] display ospfv3 routing OSPFv3 Process (1) Destination Metric Next-hop 2000::/64 1 directly connected, GigabitEthernet1/0/1 3000::/64 1 directly connected, GigabitEthernet1/0/2 IA 4000::/64 2 via FE80::218:82FF:FE39:1E5C, GigabitEthernet1/0/2 IA 5000::/64 3 via FE80::218:82FF:FE39:1E5C, GigabitEthernet1/0/2According to the OSPFv3 routing table, you can learn that the CPE learns the routes from the CGN to the IPv6 MAN and IPv6 Internet.
[CGN] display ospfv3 routing OSPFv3 Process (1) Destination Metric Next-hop IA 2000::/64 3 via FE80::222:A1FF:FE30:22, GigabitEthernet1/0/2 IA 3000::/64 2 via FE80::222:A1FF:FE30:22, GigabitEthernet1/0/2 4000::/64 1 directly connected, GigabitEthernet1/0/2 5000::/64 1 directly connected, GigabitEthernet1/0/1According to the OSPFv3 routing table, you can learn that the CGN learns the routes from the CPE to the IPv6 MAN and IPv6 users.
On PC2, ping PC3.
C:\> ping6 5000::2 from 2000::2 with 32 bytes of data: Reply from 5000::2: time<1ms Reply from 5000::2: time<1ms Reply from 5000::2: time<1ms Reply from 5000::2: time<1ms Ping statistics for 5000::2: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0msIf PC3 is pinged through, the configurations of the IPv6 routes on the entire network are correct.
Enable an IPv6 user to access the IPv4 Internet.
Ping domain name www.example.com on PC2
Pinging 6000::ca01:301 with 32 bytes of data: Reply from 6000::ca01:301: time=23ms Reply from 6000::ca01:301: time=6ms Reply from 6000::ca01:301: time=12ms Reply from 6000::ca01:301: time=33ms Ping statistics for 6000::ca01:301: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 6ms, Maximum = 33ms, Average = 18msThe IPv4 address of the server can be successfully pinged on the PC.
In any view of the CGN, run the display firewall ipv6 session table command to check the NAT64 session table.
<CGN> display firewall ipv6 session table Slot: 6 CPU: 1 NAT64: icmp6 VPN: public --> public 2000::2.44152[1.1.2.14:10296] --> 6000::CA01:301.2048[1.1.3.1:2048]
According to the NAT64 session table, you can learn the translation mapping between IPv6 addresses and IPv4 addresses.
Previous
