Академический Документы
Профессиональный Документы
Культура Документы
By Chris Grundemann
SPECIAL EDITION
2011 by Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks
logo, Junos, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the
United States and other countries. Junose is a trademark of Juniper Networks, Inc. All other
trademarks, service marks, registered trademarks, or registered service marks are the
property of their respective owners.Juniper Networks assumes no responsibility for any
inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer,
or otherwise revise this publication without notice. Products made or sold by Juniper Networks
or components thereof might be covered by one or more of the following patents that are
owned by or licensed to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440,
6,192,051, 6,333,650, 6,359,479, 6,406,312, 6,429,706, 6,459,579, 6,493,347, 6,538,518,
Find out more about the issues of IPv4 address depletion and
potential solutions in the Juniper whitepaper: Tools and Strategies for
Coping with IPv4 Address Depletion. The paper provides a frank
analysis of the current situation and the available technologies for an
IPv4 address exhausted world.
Xxxx xxx xxxxx xxxx xx xxxxxxxx xxxx xxxxx XXx6 xx xxxx,
xxxx xxxxxxx xxxxx x xxxxx, xxxxxx-xxxxxxxx xxxx xx xxx XXx6
xxxxxxxx, xxxx xxxxxxx xxxxxx xx xxxxxx xxxxxx. Xxxxx xxx
xxx xx xxxxxxx x xxx xxxx. Xxx xxxxxxxx xx xx x xxxxx
xxxxxxxxxx xxxx xxxxx xx xxxxx xxx XXx6 xxxxxxxxxxxxx xxx
xxxxxxxxx xxxxxxxxx xxxxxxxx xx xxxxxxxxxx xxxxxxxx.
This idea of zero suppression is really not all that foreign. In IPv4 the
same method is used. You dont write 192.000.002.001, you write
192.0.2.1, with all of the leading zeros suppressed.
x Xxxx Xxxxxxxxxxx: Xxxxxxxxx, xxxxxxx xx xx xxxxx xxxx
xxxx xxxxxxx xxxx xx xxxx xx xx 8 xxxxxxxx, xx xx xxxxxxxx
xx xxxxxxxx xxxxxxxx xxxxxxxxxx xxxxxxxx xx xxx xxxxx
xxxxxxx xxxxxxxxx xxx xxxxxxx, xx xxxx xx xx xx xxxx xxxx
xxxx xxxxxx x xxxxxx xxxxxxx. Xxxx xxxxxxxxxxx xxxxxxxx
x xxxxxx xxxxx (::) xx xxxx. Xxx xxxxxxx, xx
2001:0xx8::3x6x, xxx :: xxxxxxxxxx 5 xxxxxxxxxx xxxxxxxx
xx xxx xxxxx, xxxxx xxx xxxxxxx xxxx xxxxxxx 8 xxxxxxxx
xx xxxxx.
Xxxxxx 1.4 xxxxx xxx xxxxxxx XXx6 xxxxxxx xxxx xxxxxxxx
xxxxxxxxx xx XXX xxx xxxx xxxxx xxx xxxxxxxx xxxxxx xxxx
xxxx xxxxxxxxxx xxx xxxxxxxxxx. Xxx xxx xxx xxx xxxx xxxxxx
xxx xxxxxxx xx xx xxxx xxxxx xxxxxxxx xxx xxxxxxxx xxxxx.
Try It Yourself: Compressing zeros in IPv6 addressesIdentify which of the following are proper
representations of 2001:0db8:0000:0000:c5ef:0000:0000:0001.
1. 2001:0db8::c5ef:0:0:1
2. 2001:db8::c5ef::1
3. 2001:db8:0:0:c5ef::1
4. 2001:0db8:0:c5ef:0:0:1
5. 2001:db8::c5ef:0:0:1
The answers are at the end of this chapter. Now you try! How many ways can you write
2001:0db8:0000:0000:ffff:0c8a:0000:0005?
IPv6 Prefixes
Xxxx xxxx XXx4 xxxx XXXX (Xxxxxxxxx Xxxxxxxxxxx
Xxxxxxx), xxx xx xxx xxxxx xxxxxxxxxx xx XXx6 xxxxxxxxxx xx
xxx xxxxxxxxxxxx xxxxxxxxx. XXx6 xxxxxxxxx xxx xx xxxxxx
xxxx xxxxxxxx xx xxxxxxx xxxxxx xxx xxxxx xxxxxx xxxxxxxx
xxx xxxxxxxxxxx xxxx xxx xxxx xx-xxxxxxx/xxxxxx-xxxxxx
xxxxxxxx xxxx xxx XXx4 XXXX xxxxxxxx.
Xx xxx xxxx xx XXx6:
x xx-xxxxxxx xx xx XXx6 xxxxxxx xx xxx xx xxx XXX
xxxxxxxxx xxxxxx xxxxx.
x xxxxxx-xxxxxx xx x xxxxxxx xxxxx xxxxxxxxxx xxx xxxxxx
xx xxx xxxxxxxx xxxx xx xxx xxxxxxx xxxx xxxx xx xxx
xxxxxx.
Xxx xxxxxxx, xxxxxxxx xxxx xxx XXx6 xxxxxxx xxxxx xx Xxxxxx
1.1 xx xxxx xx x 64-xxx xxxxxx, xx xxxxx xx xxxxxxxxxxx xx xxx
xxxxxxxxx xxxx:
x 2001:0xx8:0000:0000:0000:0000:0000:0001/64
x 2001:xx8:0:0:0:0:0:1/64
x 2001:xx8::1/64
Xxx xxxxxx xxxxxx xx xxxxxxxxxxx xx 2001:xx8::/64. Xxx xxxxxx
xxxxx xx xxxxxxxx.
Table 1.1
Address Type
Unspecified
Loopback
Binary Prefix
0000...0 (128 bits)
000...01 (128 bits)
IPv4 Mapped
Multicast
Link-Local Unicast
Unique Local Unicast (ULA)
1111111010
Global Unicast
(everything else)
11111111
1111110
Hex Prefix
::/128
::1/128
::ffff:0:0/96
FF00::/8
FE80::/10
FC00::/7
To learn more about IPv6 multicast addresses, see RFC 2375 IPv6
Multicast Address Assignments, RFC 3306 Unicast-Prefix-based
IPv6 Multicast Addresses, and, RFC 3307 Allocation Guidelines
for IPv6 Multicast Addresses.
Global Unicast Addresses
MORE?
For more information on ULA, read RFC 4193 Unique Local IPv6
Unicast Addresses.
IPv6 Headers
Xxx xxxxxx xx xxx XXx6 xxxxxx xx xxxx xxx xxxxxxxxxxx xxx
xxxxxxxx xxxx xxxxx xxxxxx xx xxxxxxxxxxx xxxx xxx
xxxxxxxxx xx xxxxx XXx6 xxxxxx. Xxx xxxxxxxx XX
xxxxxxxxxxx xx xxxxxxx xx xxxxxxxxx xxxxxxx, xxxxx xxx xxxxx
xx xxxxxxx xxxxxxx xxx xxxxxxxx XXx6 xxxxxx (xx xxxxx xx
Xxxxxx 1.7) xxx xxx xxxxx-xxxxx xxxxxx. Xxxx xxxxx xxx XXx6
xxxxxx xxxx xxxxxxxxx xxxx xxx XXx4 xxxxxx, xxx xxxx
xxxxxxx xxxxxxxxxxx xxx xxxxxx xxxxxxxxxx xxx xxxxxxx xx xx
xxxxx xx xxx XXx6 xxxxxxxx.
Xxx XXx6 xxxxxxx xxx xxxxxxxxxxxx xxxx x xxxxx-xxxxxx 40xxxx xxxxxx. Xxxx xxxxxxxxxx XXx6 xxxxxx xxxxxx xxx
xxxxxxxxx xxx xxxxxxxxxx xxxxx xxx xxx xxxxxx-xxxx xxxxxxx,
xxxxx xxx xxxxxxxx xxxxxxxxx xxxxxxx xxx xxxx xxxxx xx
xxxxxxx xxxx xxxxxxxx xxxxxxx xxxx, xxx xxx xxxx xxxxxxxxx
xx xxxxxxx xxxx xxxxxxxxx. Xx xxxx xxx, xxxxxxxxxxxx xxxxxxx
xxxx xxxx xxxx xxx xxxxx 40-xxxxx xx xxx xxxxxx xx xxxx xxx
xxx xxxxx xx xxxxxxx xx (xx xxxx xxxxx).
Figure 1.7 IPv6 Header Format
To learn more about the IPv6 header (and extension headers), see
RFC 2460 Internet Protocol, Version 6 (IPv6) Specification.
Extension Headers
Xxxxxxx XXx6 xxxxxxx xxxxxxxx xxxxxxxxxxx xx xxxxxxxxx
xxxxxxx xxx xxx xx xxx XXx6 xxxxxx xxxxxx, xxxxx xx xxxxxx
For more information on how the AH and ESP headers work together
and the security services they provide, see RFC 4301 Security
Architecture for the Internet Protocol.
SLAAC
Xx xxxxxxxx xx xxx xxx xxxxx xxxxxxxxxxxx xx
xxxxxx xx xxx xxxxxxxxxx xxxxx, Xxxxxxxx
Xxxxxxxxx xxxx xxxxxxx xxxxxxx
xxxxxxxxxxxxxxxxx xxxxxx Xxxxxxxxx Xxxxxxx
Xxxxxxxxxxxxxxxxx (XXXXX). XXx6 xxxxxxxxx
xxx xxxxxxxxxx xxx xxxxxxxx xxxxxxx xxxxxxxxxx
xxxxxxx XXXXx6 (xxx xxxxxx xxxxxxxxxx), xxx
XXXXX xxxxxxxx x xxxxxxxxxxx xxxxxxx
xxxxxxxxxxxxx xxxxxx xxxx xxx xx xxxxxxxxx xx
xxxx xxxxxxxxxxxxx.
XXXXX xxxxxxxx xxxx-xxx-xxxx XX xxxxxxxxxxxx
xx xxx xxxxxx: Xxxxx 1: Xxxx-Xxxxx xxxxxxx
xxxxxxxxxx; xxx xxxx, xx Xxxxx 2: Xxxxxx xxxxxxx
xxxxxxxxxx.
Phase 1 - Link-Local Address
xxxx xx
xxxxxxxxx xx
xxxxx; xxx
xxxxxxx
xxxxxxxxx
xxxxxxxxx xxxx
xx xxxxxxxxxx
xx xxxxx xxxxx.
Phase 2 - Global
Address
Xxx Xxxxx 2
xxxxx xxx
xxxxxx
xxxxxxxxxxxx:
1. Xxxxxx
Xxxxxxxxxxxxx
: Xxx xxxx
xxxxx x Xxxxxx
Xxxxxxxxxxxx
xx xxxxxx xxx
xx-xxxx
xxxxxxx xx
xxxx xx xxxxxx
xxxxxxxxxxxxx
x. Xxxx xxx
xxxxxx xx
xxxxxxx xx
xxxxxxx
xxxxxxxxx
xxxxxxxxxxxxx
xxxx xxxxxxx,
xxx xxxxxx
xxxxxxxxxxxxx
xxxx xxxxxxx x
xxxxxx xxxxxx
xxx xxx xx
xxxxxxxxxxx
xxxxx.
xxxxxxxxx.Xx
xxxx xxxx xx
xxx xxxxxx xx
XXx6
xxxxxxxxx xxx
xxxxxxxxxxxx,
xxx xx
xxxxxxxxxx
xxxxxx.
Xx x xxxxxx
XXx6 /32 xxxxx
xxx 65,536
xxxxxxxx /48x.
Xxxxx xx
XXx6 /48 xx xxx
xxxxxx
xxxxxxx
xxxxxxxxxx xxx
xxxxx
xxxxxxxxxx
xxxxxxx xxxx xx
xx XXx4 /24.
Xx xxxx 65,536
XXx4 /24x xx
xxxx xxxxxxxx
xxx xxxxx xxxx
x /8 xxxxxxxx xx
xxxx
xxxxxxxxxxxx.
Xxxxx xxx xxxx
256 xxxxxx
XXx4 /8x
xxxxxxxx xxxxx
xxxxx xxx xxxxx
4.2 xxxxxxx
XXx6 /32x. Xxx
xxxxxxxxxx xx x
xxxxxx xx
16,777,216, x
xxx xxx xxxx
xxx 7.9 10^28
xx xxx xxxx
xxxxxxxxx
xxxxxxxxxx
xxxxxxxxx.
This method does have its own problems though. An IPv6 /48
contains roughly a septillion (1.209 x 10^24) individual addresses
while an IPv4 /24 holds only 256. Of course it is highly unlikely that
anyone will ever add a septillion (or anything close to that) hosts to a
single network, IPv6 or not (unless sometime in the future each
planet or star system were its own unified network).
Xxx xxxxxx xxxx xx xxxx xxx xxxx xx xxx XX xxxxxxxxx xx
xxxxxxxxxxx xx xxxxxxxx, xxxxxxx xxxx xxx xxxxxxx 6 xx
xxxxxxx 4.
10
26
27
Xxx xx xxx xxxxx xxxxxxxxxx xx xxxxx Xxxxxxx Xxxxxxxx xxxxxxx xxxxxxx xxxx xxxxxxxx xx XXx6 xxxxxxx xx xxxx XXx6 xxx
xxxx xxxxxxxxxxx xxxxxxxx xx xxx XXXXx (XxxxxxxxxxxXxxxxxxx Xxxxxxxxxx Xxxxxxx). Xxxxxx XXx6 xxxxxxxxxxxxx
xx xxx xxxxxxxx xxxxx xxxx XXx6 xxxxxxx xxx xx xxxxxxxxx xx
xxxx xxxx xxxxxx xxxx xxxxxxxxx xxxxxxx. Xxxxxxxxxxxx, xxx
Xxxxx XX xxxxx xxxxxxxxxxx xxx xxxxxxxxxxxxxxx xx XXx6
xxxxxxx x xxxx.
Xxxxx xxxxxxx xxxx xxxxxxx xxx xxxx xx xxxx xx xxxxxxxx xxx
xx xxx xxxxxxxxxxxxx xxx xxxxxxx xxxxx xxxxxxxx xx xxxxx x
xxxxx XXx6 xxxxxx xxxxxxx. Xxx xxxx xxxxx xxx xx xxxxxx
XXx6 xxxxxxxxx xx xxxxxxxxxx, xxx xx xxx xx xxx xxxx XXx6
xxxxxxxx xxxxxxxxx, xxx xxx xx xxxxxxxxx xxxxxx xxxxxx xx
XXx6. Xxxx xxxxxxx xxxx xxxxxxxxxx xxxx XXx6
xxxxxxxxxxxxxxx xxx xxxxxxxxxxxx xxxxxxxx, xxxx xx xxxx,
xxxxxxxxxx xxx xxxxxxx xxxx xxxxxxxx.
ALERT!
Before tackling the tasks in this chapter, you really should have
enough experience with the Junos CLI to maneuver unhindered in
both operational and configuration modes.
MORE?
If you need more information on the Junos CLI, complete with some
step-by-step instruction, see the Day One guide: Exploring the Junos
CLI available at www.juniper.net/dayone.
Figure 2.1
To configure your routers loopback interface with support for the inet6 family:
1. Enter configuration mode:
IDSG@r1> configure
Entering configuration mode
[edit]
IDSG@r1#
xxxxxx:
[edit interfaces lo0 unit 0]
IDSG@r1# set family inet6 address 2001:db8::1/128
[edit interfaces lo0 unit 0]
IDSG@r1#
SHORTCUT
NOTE
MORE?
To configure a pair of interfaces with support for family inet6 using the EUI-64 keyword:
1. First jump to the interface that you are configuring on R1:
[edit]
IDSG@r1# edit interfaces ge-1/0/4 unit 0
[edit interfaces ge-1/0/4 unit 0]
IDSG@r1#
xxxxxxxxx xx X2:
IDSG@r2> configure
Entering configuration mode
[edit]
IDSG@r2# edit interfaces ge-1/0/2 unit 0
[edit interfaces ge-1/0/2 unit 0]
IDSG@r2# set family inet6 address 2001:db8:0:1::/64 eui-64
[edit interfaces ge-1/0/2 unit 0]
IDSG@r2# top
[edit]
IDSG@r2# commit
commit complete
[edit]
IDSG@r2#
[edit]
IDSG@r2# show interfaces ge-1/0/2
unit 0 {
family inet6 {
address 2001:db8:0:1::/64 {
eui-64;
}
}
}
[edit]
IDSG@r2#
hierarchy:
[edit]
IDSG@r1# edit protocols router-advertisement
[edit protocols router-advertisement]
IDSG@r1#
[edit]
IDSG@r1# show | compare
[edit]
+ protocols {
+ router-advertisement {
+
interface ge-1/0/1.100 {
+
prefix 2001:db8:0:9::/64;
+
}
+ }
+ }
[edit]
IDSG@r1# commit
commit complete
[edit]
IDSG@r1#
NOTE
MORE?
When configuring any network, it is a very good idea to stop and test
your work whenever possible. This ensures easy troubleshooting by
isolating the changes you made in each incremental step, and is
especially true when working with a new unfamiliar protocol.
Admin Link
up up
Proto
inet
10.0.1.4/24
inet6
2001:db8:0:5::4/64
Local
Remote
fe80::204:acff:fe58:c130/64
ge-1/0/2
ge-1/0/2.0
up up
up up
ge-1/0/3
ge-1/0/3.34
up up
up up
inet6
ge-1/0/3.45
up
inet6
inet6
2001:db8:0:2::4/64
fe80::2a0:c9ff:feca:9cc2/64
ge-1/0/3.32767
ge-1/0/4
gre
ipip
lo0
lo0.0
up
up
up
2001:db8:0:6:202:b300:2214:a3e/64
fe80::202:b300:2214:a3e/64
2001:db8:0:8:202:b300:2d14:a3e/64
fe80::202:b300:2d14:a3e/64
up
up
up
up
up
up
up
up
up
up
inet6
2001:db8::4
fe80::2a0:c9ff:fe31:9d8b
lo0.16385
up
up
inet
inet6
lsi
mtun
pimd
pime
tap
up
up
up
up
up
fe80::2a0:c9ff:fe31:9d8b
up
up
up
up
up
up
up inet6
2001:db8::4
fe80::2a0:c9ff:fe31:9d8b
<snip>
up
up inet6
2001:db8::4
fe80::2a0:c9ff:fe31:9d8b
<snip>
NOTE
<snip>
ge-1/0/1
ge-1/0/1.0
up up
up up
inet6
2001:db8:0:5::4/64
fe80::204:acff:fe58:c130/64
<snip>
up up
up up
inet6
ge-1/0/3.45
up
inet6
up
2001:db8:0:6:202:b300:2214:a3e/64
fe80::202:b300:2214:a3e/64
2001:db8:0:8:202:b300:2d14:a3e/64
fe80::202:b300:2d14:a3e/64
<snip>
NOTE
Xxxxx xxxxxxxx xxxx xxx xxxx xxxx xxxxxxx xxx xxxx XXx4 xxx
XXx6 xxxxxxx. Xxxx xxxxx XXx6 xxxx xxxxxxx xxxx xxxxxxx
xxx xxxxxx xxx xxx xxxxxx xx xx XXx4 xxxxxxx xxxxxx. Xxxx
xxxxx xx xxxxxxx xxxx xxx X4 xx X5 xxxx xx xxx xxxx xxx
(xxxxx xx Xxxxxx 2.1 xx xxxxxx).
Local
inet6
Remote
2001:db8:0:8:2a0:c900:2dca:9cc6/64
fe80::2a0:c900:2dca:9cc6/64
IDSG@r5>
xxxx X5:
IDSG@r4> ping 2001:db8:0:8:2a0:c900:2dca:9cc6 count 2
PING6(56=40+8+8 bytes) 2001:db8:0:8:202:b300:2d14:a3e --> 2001:db8:0:8:2a0:c900:2dca:9cc6
16 bytes from 2001:db8:0:8:2a0:c900:2dca:9cc6, icmp_seq=0 hlim=64 time=0.479 ms
16 bytes from 2001:db8:0:8:2a0:c900:2dca:9cc6, icmp_seq=1 hlim=64 time=0.306 ms
--- 2001:db8:0:8:2a0:c900:2dca:9cc6 ping6 statistics --2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/std-dev = 0.306/0.392/0.479/0.086 ms
IDSG@r4>
The lack of any IGP in the test bed at this point limits your ping
testing to directly-connected neighbors.
State
Exp
Rtr
Interface
489
yes
ge-1/0/3.45
TIP
MORE?
xxxx xxx xxxx xxx xxxxxxx xxxx xxx xxxxxx xx xxxx xxxxxxxxxx xx1/0/3.45 xxxxx xx X4):
SHORTCUT
You can apply square brackets in order to use a single set command
when adding two next hops for a route. In this case the command
would be: # set route ::/0 next-hop [ 2001:db8:0:8:202:b300:2d14:a3e
2001:db8:0:7:202:b300:2315:595 ]
SHORTCUT
Use this general procedure to add more static, aggregate and generated routes to your network.
Can you create full reachability?
*[Static/5] 00:26:08
> to 2001:db8:0:8:202:b300:2d14:a3e via ge-1/0/1.45
to 2001:db8:0:7:202:b300:2315:595 via ge-1/0/2.35
2001:db8::5/128
*[Direct/0] 5d 22:19:52
2001:db8:0:7::/64
*[Direct/0] 5d 22:19:52
*[Direct/0] 5d 22:19:52
> via ge-1/0/1.45
2001:db8:0:8:2a0:c900:2dca:9cc6/128
*[Local/0] 5d 22:19:52
Local via ge-1/0/1.45
*[Direct/0] 5d 22:19:52
> via ge-1/0/2.35
[Direct/0] 5d 22:19:52
> via ge-1/0/1.45
fe80::/64
fe80::260:b0ff:fe1b:f32d/128
*[Direct/0] 5d 22:19:52
> via lo0.0
fe80::290:2700:233f:1cbc/128
*[Local/0] 5d 22:19:52
Local via ge-1/0/2.35
fe80::2a0:c900:2dca:9cc6/128
*[Local/0] 5d 22:19:52
Local via ge-1/0/1.45 ge-1/0/1.45
Xxxxx xxxx xxx xxxxxxxx xxx xxxx xxx xxxxxxxxx, xxx xxxxxx
xx xxxxxxxxx xx xxxx xx xx XXx4 xxxxxxx xxxxxxx xxxxx.
NOTE
The show route command will display all active routing tables on the
router when you do not specify one. This may include inet.0, inet6.0,
or any other configured routing table and all of the routes contained
within each.
Xxxxx xxx xxxxxxx xxxxxx xxxxx xxx xx xxxxxxx xxxx xxxx
xxxxxx. Xxxxx xxxxxxxx xxx xxxxxx xxx xxxxxxxxx xxxxxx xxxx
xxxx xxxxxxxxxx xxx xxxx xxxx xxxx xxx xxxxxx (xxxxxxxxx xx x
* xx +):
::/0
<snip>
*[Static/5] 00:13:09
> to 2001:db8:0:8:202:b300:2d14:a3e via ge-1/0/1.45
to 2001:db8:0:7:202:b300:2315:595 via ge-1/0/2.35
2001:db8:0:7::/64
*[Aggregate/130] 2d 20:20:22
Reject
Xxxx, xxx xxx xxx xxxx xxx xxxx xxx xx xxxx xxx xxxxxx xxx
xxxx xxxxx. Xxxx xxxx xxx xxxxxx xxxxxxx xxxxx xxxx xxxx
xxxx xxxxxxxxxx xxxx-xxxx xxx xxxx xxx xxxxxxxx xxxx xx xxx
xx-1/0/1.45 xx X4:
::/0
<snip>
2001:db8:0:7::/64
*[Static/5] 00:13:09
> to 2001:db8:0:8:202:b300:2d14:a3e via ge-1/0/1.45
to 2001:db8:0:7:202:b300:2315:595 via ge-1/0/2.35
*[Aggregate/130] 2d 20:20:22
Reject
MORE?
Xxx xxx xxx xxxx xxx xxxxxxx xxx xxxxxxxxxx X4 xx xxxxx X3x
xxxxxxxxx. Xxxx xxx xxxxxxxx xxxxx xx xxx xxxxxxxxx xxxx xxxxx
xxxxxx xxxxx xxxxxxxxx xxx xxxx xx X4 xx xxx xxxxxxxx xxxx
xxx X5x xxxxxxx xxxxx. Xxx xxxxxx xxxxx xx xxxxxxx xxxxxxx
xxxx xxxxx xxxxxx xxxxxx xxx xxxxxxxxx xxx xxxx xxxxx
xxxxxxx xxxxxx! Xxxxxxxxxxxx, xxxxx xx xxxxx xxxxx-xxx
XXx6 xxxxxxxxxxxx xx xxx xxxxxxx xxx.
Xx xxxxx xx xxx xxxx xxxxxxxxxxxx, xxxx xxxxxxxxxxx, xxx
xxxxxxx xxxxxxx xx x xxxxxxx xx xx xxxxxxxxx xxxxxxxxx xx
xxxx xxxx xx XXX.
Xxxxx xxxxx xxxx x xxxxx xxxx xx xxxx x xxxxx, xxx xxxx
xxxxxx, xx xxxxxx xxxx xxxxxxxx Xxx Xx Xxxxxxxx xxxxxxxx,
xxxxxxx XXx6 XXXx xxx xxxxxx xx xx xxx xxxx xxxxxxx.
28
48
49
This chapter assumes that you have experience with dynamic routing
in IPv4 and at least a basic understanding of IGP routing. If you feel
you need more information on Interior Gateway Protocols, see Part 5
of the Junos Software Routing Protocols Configuration Guide available at www.juniper.net/techpubs.
Xxxxxxxxxx, xxx XXX xxx xxxxxx xxxx xxxx xxx xxxxxxxx xxxxx
xx xxxx xxxxxxx xxx xxxx xxxxxxxx. Xxxxx xxxxxxx xxxxx
xxxxxxxx xxx xxxxxx xxxx x xxxxx xxxxxxxxxxxxx xx xxx xxxxx
xxxxxxxxx xxx xx xxxxxx xxxxxxxx xx xxxxxx xxx. Xx xxx xxxx
xxxxxxx xxxxxxx xx xx XXX, xxxx xxxx xx xxxx xxxxxxxx xx
xxxx xxxxxxx.
MORE?
Discovering RIPng
Xxxxxxx Xxxxxxxxxxx Xxxxxxxx xxxx xxxxxxxxxx (XXXxx) xxx
XXx6, xxxx XXX xxx XXx4, xx x xxxxxxxx-xxxxxx xxxxx XXX
xxxxx xxxx xxx xxxxx xx xxx xxxxxx xxx xx xxxxxxxx xxx xxxxxxx xxxxxxxxxx-xxxxx xxxxxxxxxx xxxxxxx.
Xx xxxxx xxxx xxxxxxxx xxxxx xxx xxxx xxxxxxxxxxxx, XXXxx
xx x xxxxxxx xxxxxxxx xxxxxxxx xxxx XXX xxx xx xxx xxx
xxxxxxxxx xxxxxxxxxxx xx Xxxxx:
x XXXxx xxxx 128xxx XX xxxxxxxxx xxx xxxxxxxxx xxx xx
xxxx xxxx xx XXx6 xxxxxxxx.
x XXXxx xxxxxx xx xxx XXx6 xxxxxxxxxxxxxx xxxxxxxxxx
xxx xxxx xxxx xxx xxxxxxxxx xxx xxx xxxxxxxxxxxxxx xx
xxxxxxx.
x Xxxxx xx xx xxxxxxx xxx xxxxxxxx xxxxxxxxx xx XXXxx.
x Xxxxx xx xx xxxxxxx xxx XXXxx xxxxxxx xxxxx xxxxxx.
Xxxxxx xxxxxxxx XXXxx xx xxxx XXx6 XXX, xxx xxxx xx
xxxxxxxxxx xxx xxxxxxxxxxxxx xxxxxxxxxxx xx xxxx xxxxxxxx:
x Xxx xxxxxxx xxxxxxx xxxx xxxx xxx xxxxxx 15 xxxx.
x XXXxx xxxx x xxxxx xxxxxx (xxx xxxxx) xx xxxxxx xxxxxx.
Xxxxx XXXx xxx xxxxxxxxxx xxxxxxxxxx xxxxx xxx xxxx
xxxx xxxx xxxxxxxx xxx xxxxxxxxxxxx xx xxxx xxxxxxxx
xxxxx.
x Xxxx xxxxx XXXxx xx xxxxxx xxxxxxxx, xxx xxxxxx xx xxxx
xxx xxxxxxx xxxxxxxxx xxxxxxxx xx xxxxxxx xxxx xxxx xxx
xx xxxxx xxxxx, xxxxxxxxxx xx x xxxxxxx xxxx xx xxxxxx.
MORE?
To To learn more about RIPng, see RFC 2080: RIPng for IPv6
(http://tools.ietf.org/rfc/rfc2080.txt) and RFC 2081: RIPng Protocol
Applicability Statement (http://tools.ietf.org/rfc/rfc2081.txt).
Configuring RIPng
Xxxxx xx xxx xxxxxxx xxxx xxx xxxxxxx xxxxx xx Xxxxxx 2.1,
xxxx xxxxxxxxx XXXxx xx xxxxxxx X1 xxxxxxx X4 xxxxx xx
xxxx xxxxxxxx xxxx xxx.
Xxx xxxxx xxxx xx xxxxxxxxxxx XXXxx xx xxxxxxx xxx xxxx xx
xxxx xxxxxxxxxxx XXX xxxxxx x xxxxx xxx xxxx xxx
xxxxxxxxxx xxxx xxx xxxx xx xxx XXXxx xxxx. Xxxx xxxxx
xxxx X1.
ALERT!
hierarchy:
[edit]
IDSG@r1# edit protocols ripng
[edit protocols ripng]
IDSG@r1#
xxxxxxxxx:
[edit protocols ripng group r1-r4]
IDSG@r1# set neighbor ge-1/0/1.100
[edit protocols ripng group r1-r4]
IDSG@r1# set neighbor ge-1/0/2.0
[edit protocols ripng group r1-r4]
IDSG@r1# set neighbor ge-1/0/3.0
xxxxxxx XXXxx:
[edit policy-options policy-statement ripng-export]
Xx xxx xxx xxxxxxxx xxxx XXX, xxxx xxxxx xxxxxx xxxx xxx
xxxxx xxx xxxxxxxx xxxx xx Xxxxx xx xxxxxxxxx XXXxx xxx
XXx6 xxx xxxx xxxxxx xxxxxxxxx xx xxxxx xxxx xxxx
xxxxxxxxxxx XXX xxx XXx4. Xxx xxxx xx xxx xxx xxx xxxxxxxx
xxxx XXX, xxx xxxxxx xxxxxx xxxx xxx xxxxx-xxxxxx xxxxxxxxx
xxx xxxxx xx xxx xxxxxx xxxx xx xxx xxxxxxx xxxxxx. Xxxx
xxxxxxxxx xx xxx xxxxxxxxx xxx xxxxxx xxxxxxxx xx xxx
xxxxxx, xxx xx xxxx xxxxxxxxxx xxx xxxxxxx Xxxxx xxxxxx
xxxxxxxxxxxxx xx xxxxxxx XXx4 xxx XXx6. Xxxx xx xxxxxxx
xxxxx xxxxx XXXxx xxxxxxxx xxxx xxx xxxxxxxxx xxxxxx.
Although the route-filter statement is not required in this case; it is
best practice to make all policy (IPv4 and IPv6 alike) as specific as
possible to avoid conflicts with future configuration changes.
BEST PRACTICE
MORE?
Verifying RIPng
Xx xxx xxx xx xxxx xx xxxxx xx xxxx xxxxx, xxx xxxxxxxxxxxx
xx XXXxx xx xxxxx xxxxxxx xx xxx xxxxxxxx xxxxx, xxx
xxxxxxxx xxxx, xxx xxxxxxxxx XXX. Xx xxxxx xxxxxxxx xxxxx
xxxxx xxx xxxxxxxxx xxxxx:
1. Confirm that RIPng is running on the correct interfaces.
2. Xxxxxx xxxx xxx xxxxxx xx xxxxxxx xxx xxxxxxxxx xxx
xxxxxxxx xxxxxx.
3. Xxxxxxx xxxx xxx xxxxxxxx xxxxxx xxx xxxxxxx xxx xxxxxx.
4. Xxxxxxx xxxx xxx xxxxxxxxxx xxxxxxx.
output from the show ripng neighbor command already displayed (in
this case we are looking for the address to reach R4 and know that
R3 connects to R4 via interface ge-1/0/4.34):
Source
Dest
In
Neighbor State Address
Address Send Recv Met
<snip>
ge-1/0/4.34
Up fe80::202:b300:2215:595
ff02::9 yes yes
2. Xxx xxx xxxx xxxxxxx xx xxxxx xxx xxxx xxxxx xxxxxxxxxxxxxxxxxxx xxxxx
xxxxxxx:
Xxx xxxxxx xxxxxxxx xxxx xxx xxxxxx xxx XXXxx xxxxxx xxx
xxxxx xxxx xxxx X3 xx X4, xxxxx xx xxx xxxxxxxxxx xxxxxx
xxxxxx. Xxx xxxxx xx xxxx xx xxxx xxx xx xxx XXXxx xxxx xxxx
xxxxx xx xxx xxxx-xxxxx xxxxxxx xx xxx xxxxxxxxxxx xxxxxx;
xxxx xx xxxxxxxxx xxxx XXx4, xxxxx xxx xx xxxx-xxxxx
xxxxxxxxxx.
Xxx xxxx xxxxxx xxxx X3 xx xxxxxxxxx xxx xxxxxxx xxxxxx
xxxx X4.
2. Xxxx xxx xxx xxxxxxxx xxxxxxx xxxx xxx xxxx xxxxx xxxxxxxxxxxxxxx xxxxx
Exploring OSPF3
Xxxxxx XXXxx, xxxxx xx x xxxxxxxx xxxxxxxx xxxx XXX,
XXXX3 xx xxxxxx x xxxxxxxx xxxxxxx xx XXXX xxxxx
xxxxxxxx XXx6. XXXX (xxxxxxxxx XXXXx2 xxx XXXX3) xx xx
XXX xxxxx xxxx xxxx-xxxxx xxxxxxxxxxx xxx xxx xxxxxxxx
xxxx xxxxx (xx Xxxxxxxx) xxxxxxxxx xx xxxx xxxxxxx xxxxxxxxx
xxxxx xxxxxxxxx xxxx xx xxx xxxxxx.
Xxxx xx xxx xxxxxxx xxxxxxxxxxx xxxxxxx XXXX3 xxx
XXXXx2 xxxxxxx:
x XXXX3 xxxxx xxx xxxxxxxx XX xxxxxxxxxxx xx x 32-xxx
xxxxxx XX.
x XXXX3 xxxx xxx xxxx xxxxxx xxxx xxx xxxxxx.
x XXXX3 xxxxxx xxx xxxxxxx xxxx-xxxxx xxxxxxxxxxxxxx
(XXXx) xx xxx xxxxx xxx xxxxxx xxxxxxxxxxx.
x XXXX3 xxxxxxxx xxx xxx XXX xxxxx: xxx xxxx-XXX xxx
xxx xxxxx-xxxx-xxxxxx-XXX.
x Xx XXXX3, xxxx 3 xxx xxxx 4 xxxxxxx XXXx xxxx xxxx
xxxxxxx xx xxxxx-xxxx-xxxxxx-XXXx xxx xxxxx-xxxxxxxxxx-XXXx xxxxxxxxxxxx.
x XXXX3 xxxx xxxx-xxxxx xxxxxxxxx xxx xxx xxxxxxxx
xxxxxxxxx (xxxxxx xxxxxxx xxxxx).
x XXXX3 xxxxxx xx xxx XXx6 xxxxxxxxxxxxxx xxxxxx
xxxxxxx xx xxxxxxxx xxxxxxxxxxxxxx xxxxxxxxxxx xxxxxx
xxx xxxxxx.
Xxxx XXXXx2, XXXX3 xxxxxxx xxxxxxx xxxxxxxxxxx xxxxxxx
xx xxx xxxxxxx xxx xxxxxxxxxx xxx xxxxxx xxxxxxx xxx xxxxxxx
xxxx xxxxxxxx xxxxxxx. XXXX3 xxxxxx xxxx xxx xx x xxxx
xxxxxx xxx xxxxxxxx xx xxxxxx xxx xxxx.
MORE?
Want to learn more about OSPF3? Check out RFC 5340: OSPF for
IPv6 at http://tools.ietf.org/rfc/rfc5340.txt.
Configuring OSPF3
Xx xxxxxxxxx XXXX3 xx xxx xxxx xx xxx xxxx xxx xxxxxxx, xx
xxxxxxxxxxx xxxx xx Xxxxxx 2.1, xxx xxxxxxx xxxxx xx xx
xxxxxxxxxx xx xxxxxxxxxxx xx Xxxxxx 3.1:
x X1 xxx X2: Xxxxxxxx xxxxxxx
x X3 xxx X4: Xxxx Xxxxxx Xxxxxxx (XXXx) xxx xxxx 1
x X5: Xxxx 1 xxxxxx
Figure 3.1
BEST PRACTICE
xxxx:
[edit protocols ospf3]
IDSG@r1# set area 0 interface lo0.0 passive
[edit protocols ospf3]
IDSG@r1#
+ routing-options {
+ router-id 1.1.1.1;
+ }
[edit protocols]
+ ospf3 {
+
area 0.0.0.0 {
+
interface lo0.0 {
+
passive;
+
}
+
interface ge-1/0/2.0;
+
interface ge-1/0/3.0;
+
interface ge-1/0/4.0;
+
}
+ }
[edit]
IDSG@r1# commit
commit complete
[edit]
IDSG@r1#
MORE?
Try It Yourself: Configure OSPF3Now its your turn to configure OSPF3! Use what you have
learned in this section along with what you already know about OSPF to configure your test
bed. Try setting up multiple areas and area types. Can you configure a stubby area? How about a
totally-stubby not-so-stubby-area? Also, experiment with export-policies like we used with
RIPng to inject other routes into OSPF3. Remember to set those router IDs!
Verifying OSPF3
Xxxx xxxx XXX xxxxxxxx xx XXXxx, xxxxxxxxxxxx xx XXXX3
xx Xxxxx xxxxxxx xxxxxxx xxx xxxxxxxxx xxx xxxxxxxxx XXXX:
x Xxxxxx XXXX3 xxxxxxxxxxx.
x Xxxxxxx xxxx xxx xxxxxxxx xxxxxx xxx xxxxxxx xxx xxxxxx
xx XXXX3.
x Xxxxxxx xxxxxx xxx xxxxxxxx xx xxxxxx xx xxxxxxxxx xxx
XXXX3 xxxx xxxxx xxxxxxxx.
x Xxxxxxx xxxx xxx xxxxxxxxxx xxxxxxx.
Xxxx xxxxxx xxxxx xxxxxxx xxx xxxxxxxxx xxxx-xx-xxxx
xxxxxxxxxx. Xxx xxxxx xxxx x xxx xxxx-xxxxxx xxxxx xxx xxx.
To verify OSPF3 neighbor adjacency status:
DR-ID
2.2.2.2
1.1.1.1
3.3.3.3
0.0.0.0
5.5.5.5
BDR-ID
3.3.3.3
3.3.3.3
4.4.4.4
0.0.0.0
3.3.3.3
Nbrs
1
1
1
0
1
IDSG@r3>
31
33
34
33
Because OSPF and OSPF3 appear under the same protocol in the
Junos routing table, best practice recommends using the show route
protocol ospf3 and show route protocol ospf2 commands when viewing
OSPF routes. This helps to eliminate confusion when viewing the
routing tables.
InterArPfx 0.0.0.16
InterArPfx 0.0.0.17
InterArPfx 0.0.0.18
IntraArPfx *0.0.0.1
IntraArPfx *0.0.0.2
IntraArPfx *0.0.0.3
4.4.4.4
4.4.4.4
4.4.4.4
5.5.5.5
5.5.5.5
5.5.5.5
0x80000025
0x80000024
0x80000025
0x80000022
0x80000020
0x8000001f
573 0xd3e2 36
573 0xefc4 36
424 0xf5bb 36
1773 0x145 52
573 0x3d4f 44
2073 0x2567 44
InterArPfx 0.0.0.3
3.3.3.3
Prefix 2001:db8::3/128
Prefix-options 0x0, Metric 0
InterArPfx 0.0.0.5
3.3.3.3
Prefix 2001:db8:0:1::/64
Prefix-options 0x0, Metric 20
InterArPfx 0.0.0.6
3.3.3.3
Prefix 2001:db8:0:2::/64
Prefix-options 0x0, Metric 20
InterArPfx 0.0.0.7
3.3.3.3
Prefix 2001:db8:0:3::/64
Prefix-options 0x0, Metric 10
InterArPfx 0.0.0.8
3.3.3.3
Prefix 2001:db8:0:4::/64
Prefix-options 0x0, Metric 10
InterArPfx 0.0.0.9
3.3.3.3
Prefix 2001:db8:0:5::/64
Prefix-options 0x0, Metric 20
InterArPfx 0.0.0.10
3.3.3.3
Prefix 2001:db8:0:6::/64
Prefix-options 0x0, Metric 10
InterArPfx 0.0.0.11
3.3.3.3
Prefix 2001:db8::4/128
Prefix-options 0x0, Metric 10
IDSG@r5>
Xxxxx xxx xxxx xx! Xxx xxxx xx xxx xxxxxxxx xxxxxxxxx xxx
xxx xxxx 0 xxxxxxx, xxxxx xxxx xxx xx xxx xxxx 0 /64x, xxx
xxxxx xxxxxxxxxx xx X3x XxxxxXxXxx XXXx. Xxxxx
xxxxxxxxxx xxxxx xxxxxx xxxxxxxxxx xxx xxxxxxx xxx xxx xx
xxxxxxxxx xxxx XXXX3 xx xxxxxxxxxx xxx xxxxxxxxx
xxxxxxxxx.
To conduct ping and traceroute testing
http://www.juniper.net/dayone
50
72
74
T1 Interface
The following is an example T1 interface with a typical physical
layer configuration. First the set command required to add an EUI-64
based IPv6 address is shown. Next you see the entire interface
config, including the newly added unit 0, complete with IPv6 address
configuration.
[edit interfaces t1-6/0/0:2:7]
IDSG@r10# set unit 0 family inet6 address 2001:db8:0:1::/64 eui-64
{master}[edit]
IDSG@r10# show interfaces t1-6/0/0:2:7 | display inheritance | except ##
hold-time up 0 down 250;
encapsulation ppp;
unit 0 {
family inet6 {
address 2001:db8:0:1::/64 {
eui-64;
}
}
}
SONET Interface
Xxxx xxxxxxx xxxxxxxxxxxx x xxxxxxx xxxxxx xxxx XXXXX
(XXX) xxxxxxxxxxx. Xxxxx xxx xxxxx xxx xxx xxx xxxxxxx xxxx
xx xxx xxx XXx6 xxxxxxx xxxxx xxxxxx xxxx6. Xxxx xxx xxxxxx
xxxxxxxxx xxxxxxxxxxxxx xx xxxxxxxxx, xxxxxxxxx xxx XXx6
xxxxxxx xxxxx xxxx 0.
{master}[edit interfaces so-0/0/0]
IDSG@r10# set unit 0 family inet6 address 2001:db8:0:1::ff13/127
{master}[edit]
IDSG@r10# show interfaces so-0/0/0
mtu 9178;
clocking internal;
sonet-options {
fcs 32;
rfc-2615;
}
unit 0 {
family inet6 {
address 2001:db8:0:1::ff13/127;
}
}
{master}[edit]
IDSG@r10#
MLPPP Interface
Xxxx xxxxxxx xx xx xx XXXXX xxxxxxxxx xxxxx x
XxxxxXxxxxxxx 100 XXX. Xxxxx xxx xxxxxx xxxx xxx xxx
xxxxxxx xx xxxxxxxxx xxxxxx xxx xxxxx xx xxxxxxxxxx. X
xxxxxxx xxxx xxxxxxxxx xxxxxxxxxxxxx xx xxxxxxxxx
xxxxxxxxx xxx xxx xxxxxxx.
{master}[edit interfaces lsq-7/0/0 unit 11]
IDSG@r10# set family inet6 address 2001:db8:0:1::/64 eui-64
{master}[edit interfaces lsq-7/0/0 unit 11]
IDSG@r10# show
description 44/HCGS/103547/TWCS - C AND M ASSOCIATES # 305999 [MLPPP-M];
encapsulation multilink-ppp;
family inet6 {
address 2001:db8:0:1::/64 {
eui-64;
}
}
{master}[edit interfaces lsq-7/0/0 unit 11]
IDSG@r10#
Appendix 75
76