16. 9.15 EIGRPv6 Metric Manupulation
• At R4, R5, R6, SW2
ipv6 router eigrp 100
variance 3
metric weights 0 0 0 1 0 0
• At R4 ve R5
int s2/0
delay 2000
int s2/1
delay 1000
17. 9.16 EIGRPv6 Default Routing
• Default route basmanın iki yolu var, summarization ve
redistribution.
• Redistribution’da, eigrp external ve AD170 olarak
gondeririz.
• Summarization da ise leak-map olmadığı için diğer bütün
routelar suppress edilir.
• At R6
-----------
Rack1R6(config-if)#ipv6 summary-address eigrp 100 ::/0 ?
<1-255> Administrative distance
<cr>
Rack1R6(config-if)#ipv6 summary-address eigrp 100 ::/0 5
23. 9.22 IPv6 Filtering
• At R3
int s2/0
ipv6 traffic-filter FILTER_OUT out
ipv6 traffic-filter FILTER_IN in
ipv6 access-list FILTER_OUT
permit tcp FC00:1:0:67::/64 any eq www
permit tcp FC00:1:0:67::/64 any range ftp-data ftp
permit tcp FC00:1:0:67::/64 any eq whois
ipv6 access-list FILTER_IN
permit tcp any eq www FC00:1:0:67::/64
permit tcp any range ftp-data ftp FC00:1:0:67::/64
permit tcp any eq whois FC00:1:0:67::/64
permit 89 any any
• AT R5
ip http server
26. 9.25 IPv6 PIM and MLD
• IPv6 multicast-routing’i
actıgımızda PIMv2 otomatik
olarak butun interface’lerde acılır,
kapatmak istediğimiz
interface’lerde tek tek no ipv6 pim
yazarız.
• Rack1R1
ipv6 multicast-routing
int s2/1
no ipv6 pim
• Rack1R3
ipv6 multicast-routing
int s2/2
no ipv6 pim
• Rack1R4
ipv6 multicast-routing
int s2/2
no ipv6 pim
• R5
ipv6 multicast-routing
ipv6 access-list MLD_FILTER
permit ipv6 any ff08::/64
int e0/0
ipv6 mld access-group MLD_FILTER
ipv6 mld join-group ff08::8
ipv6 mld query-interval 10
27. 9.26 IPv6 PIM BSR
• Rack1R6
ipv6 pim bsr candidate rp fc00:1:0:6::6 prio 100
• Rack1R4
ipv6 pim bsr candidate bsr fc00:1:0:4::4 prio 100
• Rack1R5
ipv6 route fc00:1:0:4::/64 ser 2/1 multicast //statcic
mroute yazımı için ipv6 te sona “multicast” eklenir.
• Rack1R1
ipv6 route fc80:1:0:4::/64 e0/0
FE80::A8BB:CCFF:FE00:410 multicast //
FE80::A8BB:CCFF:FE00:410 is link-local of R4 vl146
28. 9.27 IPv6 Embeded RP
• Same as static RP
• At R5
ipv6 mld join-group ff76:0640:2001:cc1e::8
• At R6
int lo 300
ipv6 add 2001:cc1e::6/128
ipv6 eigrp 100
ipv6 rip RIPNG enable
31. 9.30 Automatic 6to4 Tunnelling
• At R5
interface Tunnel345
ipv6 address 2002:9601:505::5/64
tunnel source Loopback0
tunnel mode ipv6ip 6to4
ipv6 route 2002::/16 Tunnel345
int lo200
ipv6 address 2002:9601:505:1::5/64
Not : there is no tunnel destination in config
Ipv6 adresi aşağıdaki formatta olur:
2002:IPv4Address:Subnet ID : Interface ID
(16 bits) : (32 bits) : (16 bits) : (64 bits)
Oncelikle Ipv6 adresine gomulu IPv4 adresi üzerinden karşı taraf için
destination adresi oluştururuz. Bütün 2002:: ya giden paketleri
tunele yollayarak erişimi sağlarız.
33. R3#ping 2002:9601:0303:64::3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to
2002:9601:303:64::3,
timeout is 2 seconds:
!!!!!
Gateway olarak ipv4 adresini kullanır.
Protocol id 41 // firewall’da izin
verilmeli.
34. WB2 lab9 3.1
R4
R6
R5
R3
İpv6ip 6to4
İpv6ip 6to4İpv6ip 6to4
İpv6ip 6to4
İpv4 cloud tunnel
tunnel
tunnel
tunnel
Lo0
İpv6 addr
Lo0
İpv6 addr
Lo0
İpv6 addr
Lo0
İpv6 addr
Static route for
loopbacks over tunnel
Static route for
loopbacks over tunnel
Static route for
loopbacks over tunnel
Static route for
loopbacks over tunnel
R1-R4-R5 arasında.
Link local adressler konfigure edilmeli.
Frame-relay mapping ler link local adress uzerinden yapılırken broadcast kelimesi unutulmamalı.
R5 te, R6 nın lo100 IPv6 prefixini bloklayıp gerisine izin verme.
R4 R5 arasında ipv6 ve ripng yi enable ettik, R4-R5 arasındaki serial linki kullansın frame relay yedek kalsın, bunu summarization kullanmadan gercekleştir.
Benzer konfigurasyonu R5 te de yaptık.
Rack1R4(config-if)#do show ipv6 route fc00:1:0:5::/64
Routing entry for FC00:1:0:5::/64
Known via "rip RIPNG", distance 120, metric 2
Route count is 1/1, share count 0
Routing paths:
FE80::A8BB:CCFF:FE00:500, Serial2/1
Last updated 00:06:11 ago
R6 dan initial metric 5 ile RIPNG domainine default route basalım.
“ipv6 rip RIPNG default-information originate only” komutu ile sadece default route’u o interface e gondeririz, diğer bütün subnetleri filtreleriz.
Rack1R4#show ipv6 route rip
IPv6 Routing Table - Default - 12 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
R ::/0 [120/6]
EIGRPv6 i R4,R5,R6,SW2 de enable edelim.
Lo100 leri ipv6 fc00:1:0:y::/64 y router numarası olmak uzere konfigure edelim, bu loopbackleri eigrpv6 e advertise edelim.
Eigrpv6 i R4 R5 arasındaki frame relayde acalım.
R 1-4-6 arasında CISCO passwordu ile authenticate olsunlar.
Rack1R5#show ipv6 eigrp neighb
IPv6-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
2 Link-local address: Se2/1 11 00:01:33 33 200 0 16
FE80::A8BB:CCFF:FE00:400
1 Link-local address: Et0/0 14 00:03:46 16 200 0 4
FE80::A8BB:CCFF:FE00:801
0 Link-local address: Se2/0 145 00:18:06 652 3912 0 14
FE80::4
Rack1R5#show ipv6 protocols
IPv6 Routing Protocol is "connected"
IPv6 Routing Protocol is "rip RIPNG"
Interfaces:
Serial2/0
Loopback100
Redistribution:
None
IPv6 Routing Protocol is "eigrp 100"
EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
EIGRP maximum hopcount 100
EIGRP maximum metric variance 1
Interfaces:
Ethernet0/0
Serial2/0
Serial2/1
Loopback100
Redistribution:
None
Maximum path: 16
Distance: internal 90 external 170
R5, R5 ve SW2 nin lo100 interfacelerini optimum summurize etsin.
Rack1R4#show ipv6 route eig
IPv6 Routing Table - Default - 16 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
D FC00:1::/60 [90/2297856]
via FE80::5, Serial2/0
R5 te R6 nın lo100 ipv6 prefixini bloklayıp gerisine izin ver.
RIPtakiye tamamen aynı
Unequal load balancing yapsın feasible’ın en fazla 3 kat kotu metric olması durumunda.
R4 –R5 serial linkinde , frame-relay’a gore delay metrigi 2 kat iyi olsun.
K3 değeri delayi verir.
R6 ipv6 eigrp domainine default route bassın.
Rack1R5#show ipv6 route eigrp
IPv6 Routing Table - Default - 17 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
D ::/0 [90/307200]
via FE80::A8BB:CCFF:FE00:400, Serial2/1
via FE80::4, Serial2/0
Ospfv3 u R3, SW1, R6 arasında aç, router-id’lerini lo0 daki ip olsun.
R3 – SW1 area 37; SW1 – R6 area 0 olsun.
R3 – SW1 arası network tipi point-to-point olsun.
R6 – SW1 arasındaki hello/dead timer’ı 10 kat hızlı yap.
R2,R3, R5 frame-relay de ospfv3 area 0 olsun. DR-BDR secimi olmasın ve hello paketleri broadcast yollanmasın.
Rack1R3(config-if)#do show ipv6 ospf int bri
Interface PID Area Intf ID Cost State Nbrs F/C
Se2/0 1 0 11 64 P2MP 1/1
Et0/0 1 37 3 10 P2P 1/1
Rack1SW1(config-rtr)#do show ipv6 ospf nei
Neighbor ID Pri State Dead Time Interface ID Interface
150.1.3.3 1 FULL/ - - 22 OSPFv3_VL0
150.1.6.6 1 FULL/BDR 00:00:03 7 Ethernet1/0
150.1.3.3 1 FULL/ - 00:00:35 3 Ethernet0/3
Rack1SW1(config-rtr)#do show ipv6 ospf virtual
Virtual Link OSPFv3_VL0 to router 150.1.3.3 is up
Interface ID 23, IPv6 address FC00:1:0:37::3
Run as demand circuit
DoNotAge LSA allowed.
Transit area 37, via interface Ethernet0/3, Cost of using 10
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Adjacency State FULL (Hello suppressed)
Index 1/2/3, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0)/0x0(0) Next 0x0(0)/0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
Rack1R6>show ipv6 route ospf
IPv6 Routing Table - Default - 21 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
O 2001:1:0:1234::2/128 [110/148]
via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
O 2001:1:0:1234::3/128 [110/20]
via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
O 2001:1:0:1234::5/128 [110/84]
via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
OI FC00:1:0:37::/64 [110/20]
via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
OI FC00:1:0:37::3/128 [110/20]
via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
OI FC00:1:0:37::7/128 [110/10]
via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
SW2 ve R5 i ospfv3 area 58e kur.
SW2 de lo100 ve lo 101 i fc00:1:0:8::8/64 ve fc00:1:0:88::88/64 ver.
Ospfv3 advertise ve summary et.
Summarization’ı ABR da yaptık; IPv6 adresinin herbir 4lugunun içindekilerin hexadecimal oldugunu unutmayalım. 88 = 1000 1000 binary, decimal karsılıgı 136;
Rack1R6>show ipv6 route ospf
IPv6 Routing Table - Default - 22 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
O 2001:1:0:1234::2/128 [110/148]
via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
O 2001:1:0:1234::3/128 [110/20]
via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
O 2001:1:0:1234::5/128 [110/84]
via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
OI FC00:1::/56 [110/94]
via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
OI FC00:1:0:37::/64 [110/20]
via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
OI FC00:1:0:37::3/128 [110/20]
via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
OI FC00:1:0:37::7/128 [110/10]
via FE80::A8BB:CCFF:FE00:701, Ethernet1/0
R5 te Ospfv3, ripng, eigrpv6 arasında redistribution yapalım, her biri internal path lere giderken native prefix kullansın.
R3 un frame relay interface’inde yapacağımız konfigurasyon ile vlan 67 dekiler sadece ftp ve http ye giriş yapabilsin.
DNS queries ve responselarına izin ver, IPv6 routing etkilenmesin.
R5 te http server’ı enable et.
http = tcp 80
ftp = tcp 20 21
Dns = 43
Ospf = 89
R6’da yapacağımız config ile SW1 IPv4 drsi 150.1.4.4 e 200::9601:404 ile ulaşsın.
SW1 vlan 67 de ipv6 adresi ile souce ettiğinde R6 bunu 155.1.146.7 cevirsin.
SW1 de static route konfigure edin 2000::/96 SW1 in e0/3 unu R6 ya ulaşmak için kullanmasın.
Debug ipv6 nat detailed
R1 ve R5 i bgp 100 ve 500 olarak frame-relay uzerinden komsuluk kursun.
İki adet loopback interface i bgp ye advertise edelim.
R5’e summary olarak gitsin.
Rack1R5#show bgp ipv6 unic
BGP table version is 2, local router ID is 150.1.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 2003:1::/59 2001:1:0:1234::1
0 0 100 i
Enable ipv6 multicast routing on R1, R3, R4, R5,R6.
R4-R5 arasındaki frame relay de PIM olmasın.
R5 vlan 58 interface’inde ff08::/128
R5 sadece ff08::/64 grubundan gelen MLD raporlarını alsın, SW2 ye dogru sadece 10 multicast state’i oluştursun.
R5 vlan 58 interface’ine her 10 saniyede bir querry atsın.
MLD : Multicast Listener Discovery Protocol.
Not : butun Ipv6 adresleri ff ile baslar.
İpv6 mld limit
İpv6 mld querry-interval
İpv6 mld querry-timeout
İpv6 querry-max-response-time
R6 RP; R4 BSR olsun, R3, R5 teki multicast grubuna join olsun.
in order to check the BSR “debug ipv6 pim bsr”
Rack1R1#show ipv6 pim bsr election
PIMv2 BSR information
BSR Election Information
Scope Range List: ff00::/8
BSR Address: FC00:1:0:4::4
Uptime: 00:05:22, BSR Priority: 100, Hash mask length: 126
RPF: FE80::5,Serial2/0
BS Timer: 00:01:48
Static route’lar RPF check i sağlaması için konfigure edildi.
sh ipv6 pim range-list
sh ipv6 mroute
R5 vlan 58 i uzerinden ff76:0640:2001:cc1e::8 grubuna join olsun.
R6 RP oldugunu annons etmeyi durdursun ve R1 pingleyebilmeye devam etsin.
R2, R5, R6 da loopback interfaceleri olustur. 2001:1:0:Y::Y/64
R5 – R6 arasında tunel kuralım 2001:1:0:0:56::Y/64
R2 – R6 arasında tunel kuralım 2001:1:0:0:26::Y/64
r2-r6 arasında farklı l3 protocollerine uygun encaptulation kullanalım. // automatic mode GRE
R5-r6 arasında encaptulation ipv6 over ipv4 olsun.
Not : IPv6 tunnel uses ip protocol number 41,in access list
in access-list 100 permit|deny 41 any any
Rack1R6(config)#do show int tunn 26
Tunnel26 is up, line protocol is up
Hardware is Tunnel
MTU 17916 bytes, BW 100 Kbit/sec, DLY 50000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
Tunnel source 150.1.6.6 (Loopback0), destination 150.1.2.2
Tunnel protocol/transport GRE/IP
Rack1R6(config)#do show int tunn 56
Tunnel56 is up, line protocol is up
Hardware is Tunnel
MTU 17920 bytes, BW 100 Kbit/sec, DLY 50000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
Tunnel source 150.1.6.6 (Loopback0), destination 150.1.5.5
Tunnel protocol/transport IPv6/IP
Ipv4 lo0 adreslerini kullanarak R3,R4,R5 te 6to 4 tunnel yapalım.
Yeni loopback adreslerini subnet number 0 prefix length 64 ve 6to4 /48 prefix i ile oluştur.
Static routing ile connectivity i sağla.
Not : tunnele destinsation koymadık.
Bu tunnel multipointtir.
6to4 IPv6 adress : 2002 (16 bit): IPv4 adress (32 bits): subnet ID (16 bit) : interface id (64 bit).
Rack1R5(config-if)#do show int tunn 345
Tunnel345 is up, line protocol is up
Hardware is Tunnel
MTU 17920 bytes, BW 100 Kbit/sec, DLY 50000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
Tunnel source 150.1.5.5 (Loopback0)
Tunnel protocol/transport IPv6 6to4
Loopback 0 ipv4 adreslerini kullanarak R1, SW1, SW2 yi ISATAP tuneli ile bagla.
2001:1:0:345::/64, /64 prefixini ipv6 adresi ile tunnel end pointleri oluştur.
Yeni loopbackleri 2001:1:0:y::y/64 ile oluştur, static routelar ile connectivity i sağla.
64 bit prefiximiz 2001:1:0:345::/64
EUI-64 = 0000(16 bits) + 5efe (16 bits) + IPv4 address (32 bit)
Not: Isatap multipointtir.
Rack1R5(config)#do show int tunn 345
Tunnel345 is up, line protocol is up
Hardware is Tunnel
MTU 17920 bytes, BW 100 Kbit/sec, DLY 50000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
Tunnel source 150.1.5.5 (Loopback0)
Tunnel protocol/transport IPv6 ISATAP
Tunnel TTL 255