评分并提供意见反馈 :
华为采用机器翻译与人工审校相结合的方式将此文档翻译成不同语言,希望能帮助您更容易理解此文档的内容。 请注意:即使是最好的机器翻译,其准确度也不及专业翻译人员的水平。 华为对于翻译的准确性不承担任何责任,并建议您参考英文文档(已提供链接)。
配置IPv6 GRE使用静态路由示例
以典型组网为背景,介绍如何配置IPv6 GRE使用静态路由,使得用户端之间的流量通过IPv6 GRE隧道传输。设备到与其相连的客户端之间需要配置静态路由。
组网需求
如图4-1,DeviceA、DeviceB、DeviceC属于VPN骨干网,它们之间运行OSPFv3。
现需要在DeviceA和DeviceC之间建立直连链路,因此在DeviceA和DeviceC之间部署IPv6 GRE隧道,通过静态路由指定到达对端的报文通过Tunnel接口转发,实现PC1和PC2相互通信。
PC1和PC2上分别指定DeviceA、DeviceC为自己的缺省网关。
配置思路
配置IPv6 GRE使用静态路由的思路如下:
路由器运行动态路由协议实现互通。
在DeviceA和DeviceC上创建Tunnel接口,指定Tunnel的源地址和目的地址。注意Tunnel的源地址是发出报文的实际接口IP地址,目的地址是接收报文的实际接口IP地址。
为使隧道支持路由,需要配置Tunnel接口的网络地址。
为使PC1和PC2之间的流量通过IPv6 GRE隧道传输,DeviceA和DeviceC上需配置到各自相连的PC的静态路由,出接口为本端的Tunnel接口。
操作步骤
- 配置接口的IP地址。
# 配置DeviceA。
<HUAWEI> system-view[~HUAWEI] sysname DeviceA
[*HUAWEI] commit
[~DeviceA] interface GigabitEthernet 1/0/0
[~DeviceA-GigabitEthernet1/0/0] undo shutdown
[~DeviceA-GigabitEthernet1/0/0] ipv6 enable
[*DeviceA-GigabitEthernet1/0/0] ipv6 address 2001:db8:1::1/64
[*DeviceA-GigabitEthernet1/0/0] quit
[*DeviceA] commit
[~DeviceA] interface GigabitEthernet 2/0/0
[~DeviceA-GigabitEthernet2/0/0] undo shutdown
[~DeviceA-GigabitEthernet2/0/0] ipv6 enable
[*DeviceA-GigabitEthernet2/0/0] ipv6 address 2001:db8:3::1/64
[*DeviceA-GigabitEthernet2/0/0] quit
[*DeviceA] commit
# 配置DeviceB。
<HUAWEI> system-view[~HUAWEI] sysname DeviceB
[*HUAWEI] commit
[~DeviceB] interface GigabitEthernet 1/0/0
[~DeviceB-GigabitEthernet1/0/0] undo shutdown
[~DeviceB-GigabitEthernet1/0/0] ipv6 enable
[*DeviceB-GigabitEthernet1/0/0] ipv6 address 2001:db8:1::2/64
[*DeviceB-GigabitEthernet1/0/0] quit
[*DeviceB] commit
[~DeviceB] interface GigabitEthernet 2/0/0
[~DeviceB-GigabitEthernet2/0/0] undo shutdown
[~DeviceB-GigabitEthernet2/0/0] ipv6 enable
[*DeviceB-GigabitEthernet2/0/0] ipv6 address 2001:db8:2::2/64
[*DeviceB-GigabitEthernet2/0/0] quit
[*DeviceB] commit
# 配置DeviceC。
<HUAWEI> system-view[~HUAWEI] sysname DeviceC
[*HUAWEI] commit
[~DeviceC] interface GigabitEthernet 1/0/0
[~DeviceC-GigabitEthernet1/0/0] undo shutdown
[~DeviceC-GigabitEthernet1/0/0] ipv6 enable
[*DeviceC-GigabitEthernet1/0/0] ipv6 address 2001:db8:2::1/64
[*DeviceC-GigabitEthernet1/0/0] quit
[*DeviceC] commit
[~DeviceC] interface GigabitEthernet 2/0/0
[~DeviceC-GigabitEthernet2/0/0] undo shutdown
[~DeviceC-GigabitEthernet2/0/0] ipv6 enable
[*DeviceC-GigabitEthernet2/0/0] ipv6 address 2001:db8:4::1/64
[*DeviceC-GigabitEthernet2/0/0] quit
[*DeviceC] commit
- 配置VPN骨干网的IGP
# 配置DeviceA。
[~DeviceA] ospfv3 1
[*DeviceA-ospfv3-1] router-id 1.1.1.1
[*DeviceA-ospfv3-1] area 0.0.0.0
[*DeviceA-ospfv3-1-area-0.0.0.0] quit
[*DeviceA-ospfv3-1] quit
[*DeviceA] commit
[~DeviceA] interface GigabitEthernet 1/0/0
[*DeviceA-GigabitEthernet1/0/0] ospfv3 1 area 0.0.0.0
[*DeviceA-GigabitEthernet1/0/0] quit
[*DeviceA] commit
# 配置DeviceB。
[~DeviceB] ospfv3 1
[*DeviceB-ospfv3-1] router-id 2.2.2.2
[*DeviceB-ospfv3-1] area 0.0.0.0
[*DeviceB-ospfv3-1-area-0.0.0.0] quit
[*DeviceB-ospfv3-1] quit
[*DeviceB] commit
[~DeviceB] interface GigabitEthernet 1/0/0
[*DeviceB-GigabitEthernet1/0/0] ospfv3 1 area 0.0.0.0
[~DeviceB-GigabitEthernet1/0/0] quit
[*DeviceB] commit
[~DeviceB] interface GigabitEthernet 2/0/0
[*DeviceB-GigabitEthernet2/0/0] ospfv3 1 area 0.0.0.0
[*DeviceB-GigabitEthernet2/0/0] quit
[*DeviceB] commit
# 配置DeviceC。
[~DeviceC] ospfv3 1
[*DeviceC-ospfv3-1] router-id 3.3.3.3
[*DeviceC-ospfv3-1] area 0.0.0.0
[*DeviceC-ospfv3-1-area-0.0.0.0] quit
[*DeviceC-ospfv3-1] quit
[*DeviceC] commit
[~DeviceC] interface GigabitEthernet 1/0/0
[*DeviceC-GigabitEthernet1/0/0] ospfv3 1 area 0.0.0.0
[*DeviceC-GigabitEthernet1/0/0] quit
[*DeviceC] commit
配置完成后,在DeviceA和DeviceC上执行display ipv6 routing-table命令,可以看到它们能够学到去往对端接口网段地址的OSPFv3路由。
# 以DeviceA的显示为例。
[~DeviceA] display ipv6 routing-table
Routing Table : _public_ Destinations : 9 Routes : 9 Destination : ::1 PrefixLength : 128 NextHop : ::1 Preference : 0 Cost : 0 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : InLoopBack0 Flags : D Destination : ::FFFF:127.0.0.0 PrefixLength : 104 NextHop : ::FFFF:127.0.0.1 Preference : 0 Cost : 0 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : InLoopBack0 Flags : D Destination : ::FFFF:127.0.0.1 PrefixLength : 128 NextHop : ::1 Preference : 0 Cost : 0 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : InLoopBack0 Flags : D Destination : 2001:DB8:1:: PrefixLength : 64 NextHop : 2001:DB8:1::1 Preference : 0 Cost : 0 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : GigabitEthernet1/0/0 Flags : D Destination : 2001:DB8:1::1 PrefixLength : 128 NextHop : ::1 Preference : 0 Cost : 0 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : GigabitEthernet1/0/0 Flags : D Destination : 2001:DB8:2:: PrefixLength : 64 NextHop : FE80::3A00:10FF:FE03:0 Preference : 10 Cost : 2 Protocol : OSPFv3 RelayNextHop : :: TunnelID : 0x0 Interface : GigabitEthernet1/0/0 Flags : D Destination : 2001:DB8:3:: PrefixLength : 64 NextHop : 2001:DB8:3::1 Preference : 0 Cost : 0 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : GigabitEthernet2/0/0 Flags : D Destination : 2001:DB8:3::1 PrefixLength : 128 NextHop : ::1 Preference : 0 Cost : 0 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : GigabitEthernet2/0/0 Flags : D Destination : FE80:: PrefixLength : 10 NextHop : :: Preference : 0 Cost : 0 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : NULL0 Flags : D - 配置Tunnel接口
# 配置DeviceA。
[~DeviceA] interface GigabitEthernet 1/0/0
[*DeviceA-GigabitEthernet1/0/0] binding tunnel gre
[*DeviceA-GigabitEthernet1/0/0] quit
[*DeviceA] commit
[~DeviceA] interface tunnel 1
[*DeviceA-Tunnel1] tunnel-protocol gre ipv6
[*DeviceA-Tunnel1] ipv6 enable
[*DeviceA-Tunnel1] ipv6 address 2001:db8:5::1/64
[*DeviceA-Tunnel1] source 2001:db8:1::1
[*DeviceA-Tunnel1] destination 2001:db8:2::1
[*DeviceA-Tunnel1] quit
[*DeviceA] commit
# 配置DeviceC。
[~DeviceC] interface GigabitEthernet 1/0/0
[*DeviceC-GigabitEthernet1/0/0] binding tunnel gre
[*DeviceC-GigabitEthernet1/0/0] quit
[*DeviceC] commit
[~DeviceC] interface tunnel 1
[*DeviceC-Tunnel1] tunnel-protocol gre ipv6
[*DeviceC-Tunnel1] ipv6 enable
[*DeviceC-Tunnel1] ipv6 address 2001:db8:5::2/64
[*DeviceC-Tunnel1] source 2001:db8:2::1
[*DeviceC-Tunnel1] destination 2001:db8:1::1
[*DeviceC-Tunnel1] quit
[*DeviceC] commit
配置完成后,Tunnel接口状态变为Up,Tunnel接口之间可以Ping通。
# 以DeviceA的显示为例:
[~DeviceA] display ipv6 interface Tunnel1
Tunnel1 current state : UP IPv6 protocol current state : UP IPv6 is enabled, link-local address is FE80::200:174:A191:F872 Global unicast address(es): 2001:DB8:5::1, subnet is 2001:DB8:5::/64 Joined group address(es): FF02::1:FF00:1 FF02::1:FF91:F872 FF02::2 FF02::1 MTU is 1448 bytes ND DAD is enabled, number of DAD attempts: 1 ND reachable time is 1200000 milliseconds ND retransmit interval is 1000 milliseconds Hosts use stateless autoconfig for addresses[~DeviceA] ping ipv6 -a 2001:db8:5::1 2001:db8:5::2
PING 2001:DB8:5::2 : 56 data bytes, press CTRL_C to break Reply from 2001:DB8:5::2 bytes=56 Sequence=1 hop limit=64 time=6 ms Reply from 2001:DB8:5::2 bytes=56 Sequence=2 hop limit=64 time=5 ms Reply from 2001:DB8:5::2 bytes=56 Sequence=3 hop limit=64 time=5 ms Reply from 2001:DB8:5::2 bytes=56 Sequence=4 hop limit=64 time=6 ms Reply from 2001:DB8:5::2 bytes=56 Sequence=5 hop limit=64 time=4 ms --- 2001:DB8:5::2 ping statistics--- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max=4/5/6 ms - 配置IPv6静态路由
# 配置DeviceA。
[~DeviceA] ipv6 route-static 2001:db8:4:: 64 tunnel1
[*DeviceA] commit
# 配置DeviceC。
[~DeviceC] ipv6 route-static 2001:db8:3:: 64 tunnel1
[*DeviceC] commit
- 检查配置结果
配置完成后,在DeviceA和DeviceC上执行display ipv6 routing-table命令,可以看到使用Tunnel接口去往对端用户侧网段的IPv6静态路由。
# 以DeviceA的显示为例。
[~DeviceA] display ipv6 routing-table
Routing Table : _public_ Destinations : 12 Routes : 12 Destination : ::1 PrefixLength : 128 NextHop : ::1 Preference : 0 Cost : 0 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : InLoopBack0 Flags : D Destination : ::FFFF:127.0.0.0 PrefixLength : 104 NextHop : ::FFFF:127.0.0.1 Preference : 0 Cost : 0 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : InLoopBack0 Flags : D Destination : ::FFFF:127.0.0.1 PrefixLength : 128 NextHop : ::1 Preference : 0 Cost : 0 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : InLoopBack0 Flags : D Destination : 2001:DB8:1:: PrefixLength : 64 NextHop : 2001:DB8:1::1 Preference : 0 Cost : 0 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : GigabitEthernet1/0/0 Flags : D Destination : 2001:DB8:1::1 PrefixLength : 128 NextHop : ::1 Preference : 0 Cost : 0 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : GigabitEthernet1/0/0 Flags : D Destination : 2001:DB8:2:: PrefixLength : 64 NextHop : FE80::3A00:10FF:FE03:0 Preference : 10 Cost : 2 Protocol : OSPFv3 RelayNextHop : :: TunnelID : 0x0 Interface : GigabitEthernet1/0/0 Flags : D Destination : 2001:DB8:3:: PrefixLength : 64 NextHop : 2001:DB8:3::1 Preference : 0 Cost : 0 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : GigabitEthernet2/0/0 Flags : D Destination : 2001:DB8:3::1 PrefixLength : 128 NextHop : ::1 Preference : 0 Cost : 0 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : GigabitEthernet2/0/0 Flags : D Destination : 2001:DB8:4:: PrefixLength : 64 NextHop : 2001:DB8:5::1 Preference : 60 Cost : 0 Protocol : Static RelayNextHop : :: TunnelID : 0x0 Interface : Tunnel1 Flags : D Destination : 2001:DB8:5:: PrefixLength : 64 NextHop : 2001:DB8:5::1 Preference : 0 Cost : 0 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : Tunnel1 Flags : D Destination : 2001:DB8:5::1 PrefixLength : 128 NextHop : ::1 Preference : 0 Cost : 0 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : Tunnel1 Flags : D Destination : FE80:: PrefixLength : 10 NextHop : :: Preference : 0 Cost : 0 Protocol : Direct RelayNextHop : :: TunnelID : 0x0 Interface : NULL0 Flags : D
配置文件
DeviceA的配置文件
# sysname DeviceA # ospfv3 1 router-id 1.1.1.1 area 0.0.0.0 # interface GigabitEthernet1/0/0 undo shutdown ipv6 enable ipv6 address 2001:DB8:1::1/64 ospfv3 1 area 0.0.0.0 binding tunnel gre # interface GigabitEthernet2/0/0 undo shutdown ipv6 enable ipv6 address 2001:DB8:3::1/64 # interface Tunnel1 ipv6 enable ipv6 address 2001:DB8:5::1/64 tunnel-protocol gre ipv6 source 2001:DB8:1::1 destination 2001:DB8:2::1 # ipv6 route-static 2001:DB8:4:: 64 Tunnel1 # return
DeviceB的配置文件
# sysname DeviceB # ospfv3 1 router-id 2.2.2.2 area 0.0.0.0 # interface GigabitEthernet1/0/0 undo shutdown ipv6 enable ipv6 address 2001:DB8:1::2/64 ospfv3 1 area 0.0.0.0 # interface GigabitEthernet2/0/0 undo shutdown ipv6 enable ipv6 address 2001:DB8:2::2/64 ospfv3 1 area 0.0.0.0 # return
DeviceC的配置文件
# sysname DeviceC # ospfv3 1 router-id 3.3.3.3 area 0.0.0.0 # interface GigabitEthernet1/0/0 undo shutdown ipv6 enable ipv6 address 2001:DB8:2::1/64 ospfv3 1 area 0.0.0.0 binding tunnel gre # interface GigabitEthernet2/0/0 undo shutdown ipv6 enable ipv6 address 2001:DB8:4::1/64 # interface Tunnel1 ipv6 enable ipv6 address 2001:DB8:5::2/64 tunnel-protocol gre ipv6 source 2001:DB8:2::1 destination 2001:DB8:1::1 # ipv6 route-static 2001:DB8:3:: 64 Tunnel1 # return
