IPv4 over IPv6简介

在IPv4 Internet向IPv6 Internet过渡的后期，IPv6网络已被大量部署，此时可能出现IPv4孤岛。利用隧道技术可在IPv6网络上创建隧道，从而实现IPv4孤岛的互连。这类似于在IP网络上利用隧道技术部署VPN。在IPv6网络上用于连接IPv4孤岛的隧道，称为IPv4 over IPv6隧道。

图1?IPv4 over IPv6 隧道原理

IPv4 over IPv6 隧道技术的原理如图1所示：

1. 边界设备启动IPv4/IPv6双协议栈，并配置IPv4 over IPv6隧道。

2. 边界设备在收到从IPv4网络侧发来的报文后，如果报文的目的地址不是自身，就要把收到的IPv4报文作为负载，加上IPv6报文头，封装到IPv6报文里。

3. 在IPv6网络中，封装后的报文被传递到对端的边界设备。

4. 对端边界设备对报文解封装，去掉IPv6报文头，然后将解封装后的IPv4报文发送到IPv4网络。

配置IPv6 over IPv4 GRE隧道示例

组网需求

如上图，两个IPv6网络分别通过SwitchA和SwitchC与IPv4公网中的SwitchB连接，客户希望两个IPv6网络中的PC1和PC2实现互通。

其中PC1和PC2上分别指定SwitchA和SwitchC为自己的缺省网关。

配置思路

要实现IPv6协议中的PC1和PC2通过IPv4公网互通。需要在SwitchA和SwitchC之间建立直连链路，部署GRE隧道，通过静态路由指定到达对端的报文通过Tunnel接口转发，PC1和PC2就可以互相通信了。

配置GRE隧道实现IPv6协议互通的思路如下：

1. 配置物理接口的IP地址，并配置IPv4静态路由，实现设备可以通过IPv4网络通信。

2. 在SwitchA和SwitchC上创建Tunnel接口，创建GRE隧道，并在SwitchA和SwitchC上配置经过Tunnel接口的IPv6静态路由，使PC1和PC2之间的流量通过GRE隧道传输，实现PC1和PC2互通。

操作步骤

1. 配置各物理接口的IP地址

   # 配置SwitchA。

   <HUAWEI> system-view
   [HUAWEI] sysname SwitchA
   [SwitchA] vlan batch 10 30
   [SwitchA] interface gigabitethernet 0/0/1
   [SwitchA-GigabitEthernet0/0/1] port link-type trunk
   [SwitchA-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
   [SwitchA-GigabitEthernet0/0/1] quit
   [SwitchA] interface gigabitethernet 0/0/2
   [SwitchA-GigabitEthernet0/0/2] port link-type access
   [SwitchA-GigabitEthernet0/0/2] port default vlan 30
   [SwitchA-GigabitEthernet0/0/2] quit
   [SwitchA] interface vlanif 10
   [SwitchA-Vlanif10] ip address 20.1.1.1 24
   [SwitchA-Vlanif10] quit
   [SwitchA] ipv6
   [SwitchA] interface vlanif 30
   [SwitchA-Vlanif30] ipv6 enable
   [SwitchA-Vlanif30] ipv6 address fc00:1::1 64
   [SwitchA-Vlanif30] quit

   # 配置SwitchB。

   <HUAWEI> system-view
   [HUAWEI] sysname SwitchB
   [SwitchB] vlan batch 10 20
   [SwitchB] interface gigabitethernet 0/0/1
   [SwitchB-GigabitEthernet0/0/1] port link-type trunk
   [SwitchB-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
   [SwitchB-GigabitEthernet0/0/1] quit
   [SwitchB] interface gigabitethernet 0/0/2
   [SwitchB-GigabitEthernet0/0/2] port link-type trunk
   [SwitchB-GigabitEthernet0/0/2] port trunk allow-pass vlan 20
   [SwitchB-GigabitEthernet0/0/2] quit
   [SwitchB] interface vlanif 10
   [SwitchB-Vlanif10] ip address 20.1.1.2 24
   [SwitchB-Vlanif10] quit
   [SwitchB] interface vlanif 20
   [SwitchB-Vlanif20] ip address 30.1.1.1 24
   [SwitchB-Vlanif20] quit

   # 配置SwitchC。

   <HUAWEI> system-view
   [HUAWEI] sysname SwitchC
   [SwitchC] vlan batch 20 30
   [SwitchC] interface gigabitethernet 0/0/1
   [SwitchC-GigabitEthernet0/0/1] port link-type trunk
   [SwitchC-GigabitEthernet0/0/1] port trunk allow-pass vlan 20
   [SwitchC-GigabitEthernet0/0/1] quit
   [SwitchC] interface gigabitethernet 0/0/2
   [SwitchC-GigabitEthernet0/0/2] port link-type access
   [SwitchC-GigabitEthernet0/0/2] port default vlan 30
   [SwitchC-GigabitEthernet0/0/2] quit
   [SwitchC] interface vlanif 20
   [SwitchC-Vlanif20] ip address 30.1.1.2 24
   [SwitchC-Vlanif20] quit
   [SwitchC] ipv6
   [SwitchC] interface vlanif 30
   [SwitchC-Vlanif30] ipv6 enable
   [SwitchC-Vlanif30] ipv6 address fc00:2::1 64
   [SwitchC-Vlanif30] quit

2. 配置业务环回聚合接口

   # 配置SwitchA。

   [SwitchA] interface eth-trunk 1
   [SwitchA-Eth-Trunk1] service type tunnel
   [SwitchA-Eth-Trunk1] quit
   [SwitchA] interface gigabitethernet 0/0/3
   [SwitchA-GigabitEthernet0/0/3] eth-trunk 1
   [SwitchA-GigabitEthernet0/0/3] quit

   # 配置SwitchC。

   [SwitchC] interface eth-trunk 1
   [SwitchC-Eth-Trunk1] service type tunnel
   [SwitchC-Eth-Trunk1] quit
   [SwitchC] interface gigabitethernet 0/0/3
   [SwitchC-GigabitEthernet0/0/3] eth-trunk 1
   [SwitchC-GigabitEthernet0/0/3] quit

3. 配置IPv4静态路由

   # 配置SwitchA。

   [SwitchA] ip route-static 30.1.1.0 255.255.255.0 20.1.1.2

   # 配置SwitchC。

   [SwitchC] ip route-static 20.1.1.0 255.255.255.0 30.1.1.1

4. 配置Tunnel接口

   # 配置SwitchA。

   [SwitchA] interface tunnel 1
   [SwitchA-Tunnel1] tunnel-protocol gre
   [SwitchA-Tunnel1] ipv6 enable
   [SwitchA-Tunnel1] ipv6 address 2001:db8:1::1 64
   [SwitchA-Tunnel1] eth-trunk 1
   [SwitchA-Tunnel1] source 20.1.1.1
   [SwitchA-Tunnel1] destination 30.1.1.2
   [SwitchA-Tunnel1] quit

   # 配置SwitchC。

   [SwitchC] interface tunnel 1
   [SwitchC-Tunnel1] tunnel-protocol gre
   [SwitchC-Tunnel1] ipv6 enable
   [SwitchC-Tunnel1] ipv6 address 2001:db8:1::2 64
   [SwitchC-Tunnel1] eth-trunk 1
   [SwitchC-Tunnel1] source 30.1.1.2
   [SwitchC-Tunnel1] destination 20.1.1.1
   [SwitchC-Tunnel1] quit

5. 配置Tunnel的静态路由

   # 配置SwitchA。

   [SwitchA] ipv6 route-static fc00:2:: 64 tunnel 1

   # 配置SwitchC。

   [SwitchC] ipv6 route-static fc00:1:: 64 tunnel 1

6. 检查配置结果

   # 在SwitchC上Ping?SwitchA的IPv4地址，可收到返回的报文。

   [SwitchC] ping 20.1.1.1
     PING 20.1.1.1: 56  data bytes, press CTRL_C to break
       Reply from 20.1.1.1: bytes=56 Sequence=1 ttl=254 time=84 ms
       Reply from 20.1.1.1: bytes=56 Sequence=2 ttl=254 time=27 ms
       Reply from 20.1.1.1: bytes=56 Sequence=3 ttl=254 time=25 ms
       Reply from 20.1.1.1: bytes=56 Sequence=4 ttl=254 time=3 ms
       Reply from 20.1.1.1: bytes=56 Sequence=5 ttl=254 time=24 ms
   
     --- 20.1.1.1 ping statistics ---
       5 packet(s) transmitted
       5 packet(s) received
       0.00% packet loss
       round-trip min/avg/max = 3/32/84 ms

   # 在SwitchC上Ping?SwitchA的IPv6地址，可收到返回的报文。

   [SwitchC] ping ipv6 fc00:1::1
     PING fc00:1::1 : 56  data bytes, press CTRL_C to break
       Reply from FC00:1::1
       bytes=56 Sequence=1 hop limit=64  time = 28 ms
       Reply from FC00:1::1
       bytes=56 Sequence=2 hop limit=64  time = 27 ms
       Reply from FC00:1::1
       bytes=56 Sequence=3 hop limit=64  time = 26 ms
       Reply from FC00:1::1
       bytes=56 Sequence=4 hop limit=64  time = 27 ms
       Reply from FC00:1::1
       bytes=56 Sequence=5 hop limit=64  time = 26 ms
   
     --- fc00:1::1 ping statistics ---
       5 packet(s) transmitted
       5 packet(s) received
       0.00% packet loss
   round-trip min/avg/max = 26/26/28 ms

配置文件

• SwitchA的配置文件

  #
  sysname SwitchA
  #    
  ipv6      
  #  
  vlan batch 10 30
  #
  interface Vlanif10
   ip address 20.1.1.1 255.255.255.0
  #
  interface Vlanif30
   ipv6 enable
   ipv6 address FC00:1::1/64
  #
  interface Eth-Trunk1  
   service type tunnel
  #
  interface GigabitEthernet0/0/1
   port link-type trunk
   port trunk allow-pass vlan 10
  #
  interface GigabitEthernet0/0/2
   port link-type access
   port default vlan 30
  #
  interface GigabitEthernet0/0/3
   eth-trunk 1 
  #
  interface Tunnel1
   ipv6 enable
   ipv6 address 2001:db8:1::1/64
   tunnel-protocol gre
   source 20.1.1.1
   destination 30.1.1.2
   eth-trunk 1
  #
  ip route-static 30.1.1.0 255.255.255.0 20.1.1.2
  #                                                                               
  ipv6 route-static FC00:2:: 64 Tunnel1 
  #
  return

• SwitchB的配置文件

  #
  sysname SwitchB
  #
  vlan batch 10 20
  #
  interface Vlanif10
   ip address 20.1.1.2 255.255.255.0
  #
  interface Vlanif20
   ip address 30.1.1.1 255.255.255.0
  #
  interface GigabitEthernet0/0/1
   port link-type trunk
   port trunk allow-pass vlan 10
  #
  interface GigabitEthernet0/0/2
   port link-type trunk
   port trunk allow-pass vlan 20
  #
  return

• SwitchC的配置文件

  #
  sysname SwitchC
  #    
  ipv6     
  #
  vlan batch 20 30
  #
  interface Vlanif20
   ip address 30.1.1.2 255.255.255.0
  #
  interface Vlanif30
   ipv6 enable
   ipv6 address FC00:2::1/64
  #
  interface Eth-Trunk1  
   service type tunnel
  #
  interface GigabitEthernet0/0/1
   port link-type trunk
   port trunk allow-pass vlan 20
  #
  interface GigabitEthernet0/0/2
   port link-type access
   port default vlan 30
  #
  interface GigabitEthernet0/0/3
   eth-trunk 1 
  #
  interface Tunnel1
   ipv6 enable
   ipv6 address 2001:db8:1::2/64
   tunnel-protocol gre
   source 30.1.1.2
   destination 20.1.1.1
   eth-trunk 1
  #
  ip route-static 20.1.1.0 255.255.255.0 30.1.1.1
  #                                                                               
  ipv6 route-static FC00:1:: 64 Tunnel1 
  #
  return

周工这里还有很多实验：关注+点赞+发送私信“题库”领取

HCIA实验拓扑

HCIP实验拓扑

关注+点赞+发送私信“题库”领取