반응형
시스코 IPv6 명령어
시스코 IPv6 명령어 예제와 함께 작성된 글이며 구글에서 스크랩해왔습니다.
USEFUL CISCO COMMANDS
Enable IPv6 routing
ipv6 unicast-routing
ipv6 unicast-routing
Enable IPv6 on an interface
interface xxxxx
ipv6 enable
Configure static routes
ipv6 route prefix/prefixlen next_hop
ipv6 route ::/0 2001:db8:10a:1001::1
Configure an address
interface xxxxx
ipv6 address X:X:X:X::X/<0-128> (general address)
ipv6 address X:X:X:X::X (link-local address)
ipv6 address autoconfig (auto-configuration)
Configure an IPv6 in IPv4 tunnel
interface tunnel x
tunnel source interface
tunnel destination X.X.X.X
ipv6 address X:X:X:X::X/<0-128>
tunnel mode ipv6ip (for direct tunneling)
tunnel mode gre ip (for gre encapsulation)
Configure OSPFv3
interface Ethernet x/x
ipv6 address Y:Y:Y:Y::Y/64
ipv6 ospf 1 area 0
!
interface Ethernet x/y
ipv6 address X:X:X:X::X/64
ipv6 ospf 1 area 1
!
ipv6 router ospf 1
router-id 2.2.2.2
Configure BGP
no bgp4 default unicast
bgp router-id a.b.d.f
router bgp xxxx
neighbor X:X:X:X::X remote-as …
neighbor X:X:X:X::X …
address-family ipv6
neighbor X:X:X:X::X activate
neighbor X:X:X:X::X …
network 2001:db8::/32
no synchronization
exit address-family
Routing policy filtering
ipv6 prefix-list bgp-in-6net seq 5 deny ::/0
-> Means filter ::/0 exactly
ipv6 prefix-list bgp-in-6net seq 10 deny 3FFE:300::/24 le 28
ipv6 prefix-list bgp-in-6net seq 15 deny 2001:db8::/35 le 41
ipv6 prefix-list bgp-in-6net seq 20 permit 2002::/16
ipv6 prefix-list bgp-in-6net seq 25 permit 3FFE::/17 ge 24 le 24
ipv6 prefix-list bgp-in-6net seq 30 permit 3FFE:8000::/17 ge 28 le 28
-> Means every prefix matching 3FFE:8000::/17 with length 28
ipv6 prefix-list bgp-in-6net seq 35 permit 3FFE:4000::/18 ge 32 le 32
ipv6 prefix-list bgp-in-6net seq 40 permit 2001::/16 ge 32 le 35
-> Means every 2001::/16 derived prefix, with length between 32 and 35
ACL
ipv6 access-list vty-ipv6
permit tcp 2001:db8:0:401::/64 any eq telnet
deny ipv6 any any log-input
Applying an ACL to an interface: ipv6 traffic-filter <acl_name> in | out
Restricting access to the router: ipv6 access-class <acl_name> in | out
Applying an ACL to filter debug traffic: debug ipv6 packet [access-list <acl_name>]
Show Commands
show bgp
show bgp ipv6 unicast/multicast/all summary
show bgp ipv6 neigh <addr> routes
show bgp ipv6 neigh <addr> advertised-routes
show bgp ipv6 neigh <addr> received-routes
show ipv6 route
show ipv6 interface
show ipv6 neighbors
Serv6KnowledgeContactKnowledge© Sri Lanka Telecom. All rights reserved. Site by SLTnet | Acceptable Use policy© Sri Lanka Telecom. All rights reserved. Site by SLTnet | Acceptable Use policyUSEFUL JUNIPER (JUNOS) COMMANDS
Interface configuration
interfaces {
name_of_interface {
unit x {
family inet6 {
address Z:Z:Z:Z::Z/prefixlength;
}
}
}
}
**Note: Cannot auto-configure the router interfaces
Router advertisements (stateless autoconf)
protocols {
router-advertisement {
interface interface-name {
prefix IPv6_prefix::/prefix_length;
Configure tunnel (with Tunnel PIC)
interface{
ip-x/x/x {
tunnel {
source ipv4_source_address;
destination ipv4_destination_address;
}
family inet6 {
address ipv6_address_in_tunnel/prefixlength
gr-x/y/z {
unit 0 {...}}
}
}
}
Configure Static routes
routing-options {
rib inet6.0 { -> Means IPv6 unicast routing table
static {
route IPv6_prefix next-hop IPv6_address;
}
routing-options {
rib inet6.0 {
static {
route IPv6_prefix discard; -> Useful to originate a network
}
Configure OSPFv3
protocols {
ospf3 {
preference 20;
area 0.0.0.0 {
interface ge-0/3/0.808 {
metric 100;
}
interface lo0.0 {
passive;
}
}
}
}
Configure BGP
protocols {
bgp {
local-as local_AS_number;
group EBGP_peers {
type external;
family inet6 {
(any | multicast | unicast)
}
neighbor neighbor_IPv6_address;
peer-as distant_AS_number;
import in-PS;
export out-PS;
}
}
}
Policy statements
policy-statement in-PS {
term from_outside_accept {
from {
route-filter 2002::/16 exact;
route-filter 3FFE::/17 prefix-length-range /24-/24;
route-filter 3FFE:8000::/17 prefix-length-range /28-/28;
route-filter 3FFE:4000::/18 prefix-length-range /32-/32;
route-filter 2000::/3 prefix-length-range /16-/16;
route-filter 2001::/16 prefix-length-range /29-/35;
}
then {
accept;
}
then reject;
}
}
Show Commands
show bgp summary
show route advert bgp <addr>
show route rece bgp <addr>
show route table inet6.0 (terse)
show interfaces
show ipv6 neighborsUSEFUL WINDOWS-XP COMMANDS
Windows XP with SP1,2 & VISTA supports IPv6
Following details are Windows XP based commands for IPv6 setup and configuration.
Check IP Config
> ipcpnfig /all
Enable IPv6:
Just execute the command below at command prompt to enable IPv6
> netsh interface ipv6 install
This will automatically create a link local address and a global ipv6 address for each interface on PC.
Windows will also wait for Router Advertisement (RA) messages and do Stateless Auto-Configuration when RA is received.
Manually Configure the IP address:
> netsh interface ipv6
netsh interface ipv6> set address “<interface-index>” <Interface IP(v6)> unicast/anycast
Ex: netsh interface ipv6> set address 4 2001:D000::1 unicast
(Windows XP does not support ##::0 address on the interface)
Configure V6-in-V4 Tunnel:
Before Creating a Tunnel, check ipv6 interface details:
netsh> interface ipv6 show interface
Querying active state...
Idx Met MTU State Name
--- ---- ----- ------------ -----
4 0 1500 Connected Local Area Connection
3 1 1280 Connected 6to4 Tunneling Pseudo-Interface
2 1 1280 Connected Automatic Tunneling Pseudo-Interface
1 0 1500 Connected Loopback Pseudo-Interface
V6-in-V4 Point-to-Point Tunnel Command:
netsh> interface ipv6 add v6v4tunnel <name> <source IP(v4)> <dest IP(v4)>
Ex: interface ipv6 add v6v4tunnel "Private" 10.0.0.1 192.168.1.1
After creating the Tunnel, check ipv6 interface details
netsh> interface ipv6 show interface
Querying active state...
Idx Met MTU State Name
--- ---- ----- ------------ -----
5 1 1280 Connected Private <--- THIS IS THE TUNNEL CREATED ABOVE
4 0 1500 Connected Local Area Connection
3 1 1280 Connected 6to4 Tunneling Pseudo-Interface
2 1 1280 Connected Automatic Tunneling Pseudo-Interface
1 0 1500 Connected Loopback Pseudo-Interface
Set IPv6 address to tunnel interface:
netsh interface ipv6> set address "private" <tunnel-ip(v6) address>
Add route to the Internet:
netsh interface ipv6> add route 2402:D000::/32 "private" 2402:D000:A3::1
Add DNS:
netsh interface ipv6> add dns "private" 2001:400:910:1:0:0:0:2 index=1
netsh interface ipv6> add dns "private" 2607:f140:ffff:fffe::3 index=2
netsh interface ipv6> sh dns
DNS Servers on Interface: Private
Index DNS Server
----- ----------------------
1 2001:400:910:1::2
2 2607:f140:ffff:fffe::3
Troubleshooting:
netsh interface ipv6> show route
Querying active state...
Publish Type Met Prefix Idx Gateway/Interface Name
------- -------- ---- --------------- --- ---------------------
no Manual 1 2402:d000::/32 5 2402:d000:a3::1
netsh interface ipv6> ping <ipv6 addr>
netsh interface ipv6> tracert <ipv6 addr>
ISATAP client - Manual configuration
Since SP1 ISATAP like all IPv6 functionality is configured with the netsh command. One only needs the IPv4 address of the ISATAP server. (Of course another requirement is that IPv6 has been installed beforehand.) The command to switch on ISATAP is:
c:\ netsh interface ipv6 isatap set router <IPv4 address of the ISATAP router>
ISATAP client - Automatic configuration
When the IPv6 protocol is started (e.g. at boot or installation) and finds that there is no native IPv6 connectivity available, the host tries to resolve the hostname "ISATAP" (on Windows XP without SP1 "_ISATAP"). If it receives an IPv4 address to this name the host will configure itself as an ISATAP client to this server and sets the default route accordingly. Please note that the host will also configure 6to4 but just as a backup or to communicate with 6to4-hosts.
Windows XP Limitations
Then there are the OS quirks. For example, Windows XP boxes support IPv6 … mostly. But, if you’re a native IPv6 Windows XP box you can’t actually do DNS lookups over the IPv6 stack, you can only do them over IPv4. So, in order to make a Windows XP box work in one of these IPv6-only EYOD networks, you need either a special LAN for XP boxes that provides local IPv4 DNS resolution services, with global IPv6 connectivity, or you need a hacked DNS resolver (e.g., BIND) running on the local system to mitigate the Windows XP problem. It turns out Active Directory and some other functions on Windows XP have similar problems when IPv6-enabled, and Microsoft is aware of the issue and recommends Windows Vista if you’re planning on doing much with IPv6 in Windows environments.
Configuring ISATAP
Dualstack Cisco routers with an ISATAP
supporting IOS version can be configured as ISATAP servers.
For that a tunnel interface has to be configured specifying the special tunnel mode ipv6ip isatap.
!
interface Tunnel1
no ip address
no ip redirects
ipv6 address 2001:638:500:11::/64 eui-64
no ipv6 nd suppress-ra
tunnel source Ethernet0
tunnel mode ipv6ip isatap
!
The ethernet interface used as tunnel source had the IPv4 address 128.176.191.76. By specifying the tunnel mode as ipv6ip isatap and the IPv6 address as 2001:638:500:11::/64 eui-64 the router configures itself with the valid ISATAP address 2001:638:500:11:0:5EFE:80B0:BF4C. It also automatically sets up the route 2001:638:500:11::/64 for the tunnel.
Please note that by explicitly specifying no ipv6 nd suppress-ra the router was told to indeed send out router advertisements on this interface which is not the default setting for a tunnel.
The router can now be used as ISATAP server for clients of any kind.
© Sri Lanka Telecom. All rights reserved. Site by SLTnet | Acceptable Use policy
반응형
'Network > 라우터설정' 카테고리의 다른 글
| 시스코 라우터(2600) 앞면에 ACTIVITY LED가 깜빡거릴때 (0) | 2009.09.29 |
|---|---|
| CCNA 시스코 라우터 암호 설정 (0) | 2009.09.28 |
| [스크랩] 시스코 라우터 IPv6 기본 세팅 명령어 (0) | 2009.08.14 |
| show ip route 명령어 입력 시 Default gateway is not set 이라 나오면서 라우팅 테이블이 출력 안될 경우 (0) | 2009.08.11 |
| IPv6 환경에서 호스트, 라우터 세팅 (0) | 2009.08.04 |