Laboratorio de IPv6 sobre IPv4
Clase de CCNA 4, Fecha: 10 de Noviembre del 2012
En este laboratorio se logró hacer pasar tráfico
IPv6 sobre un segmento con IPv4 a traves de un tunel tipo GRE
ya que no existe compatibilidad entre ambas
versiones del protocolo IP.
Para esto, se genera un túnel con extremos IPv4 y
con direccionamiento IPv6, este direccionamiento corresponde
al tramo IPv6 correspondiente al link OSPF que une
Tucumán con Mendoza.
El plan de direccionamiento IPv6 es de un escenario
extraído del libro ICND 2 de Wendell Odom y que ya utilicé
anteriormente, pero esta vez con OSPFv3 en lugar de
RIPng (RIP Next Generation).
Este laboratorio se realizó con equipos reales ya
que PT no soporta GRE con IPv6, el gráfico del escenario y parte
de la simulación está reproducida en Packet Tracer
ya que no logré documentar todo el material en clase.
Un escenario prototipo está en ftp.vilarrasa.com.ar user/pass:
ccna , y el archivo es IPv6 sobre IPv4.pkt
Valoro el trabajo que realizaron los alumnos de CCNA
4 de los sábados.
Escenario
Configuraciones de equipos
Rosario#sh runn
Building configuration...
Current configuration :
1265 bytes
!
version 12.4
!
hostname Rosario
!
ipv6 unicast-routing (habilita IPv6 globalmente)
!
interface FastEthernet0/0
no ip address (dirección IPv4)
ipv6 address 2340:1111:AAAA:1::/64 eui-64 (red local, utilizará la MAC para generar el número de IP de
host)
ipv6 ospf 1 area 0 (OSPF publica la
red asociada a esta interfaz, en IPv4 era network x.x.x.x)
!
interface FastEthernet0/1
no ip address
ipv6 address 2340:1111:AAAA:2::1/64 (red
backbone)
ipv6 ospf 1 area 0
!
ipv6 router ospf 1
router-id 1.2.3.5 (herencia de IPv4)
log-adjacency-changes
!
end
Cordoba#sh runn
Building configuration...
Current configuration :
860 bytes
!
version 12.4
!
hostname Cordoba
!
ipv6 unicast-routing
!
interface FastEthernet0/0
no ip address
ipv6 address 2340:1111:AAAA:3::/64 eui-64 (red local)
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
no ip address
ipv6 address 2340:1111:AAAA:2::2/64 (red
backbone)
ipv6 ospf 1 area 0
!
ipv6 router ospf 1
router-id 1.2.3.4
log-adjacency-changes
!
end
Cordoba#
Tucuman# sh runn
Building configuration...
Current configuration :
1474 bytes
!
version 12.4
!
hostname Tucuman
!
ipv6 unicast-routing
ipv6 cef
!
interface Tunnel0 (túnel para atravezar la red IPv4 con paquetes IPv6)
no ip address
ipv6 address 2340::2/64 (dirección
interna del túnel para que utilice OSPF)
ipv6 enable
ipv6 mtu 1400 (se reduce la MTU ya que
habrá varias cabeceras de capa 3, la IPv4, la GRE y la IPv6)
ipv6 ospf 1 area 0
tunnel source FastEthernet0/1 (orígen
IPv4 del túnel)
tunnel destination 10.0.0.2 (extremo
IPv4 del túnel)
!
interface FastEthernet0/0
no ip address
ipv6 address 2340:1111:AAAA:2::3/64 (red
backbone)
ipv6 enable
ipv6 mtu 1500
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
ip address 192.168.0.2 255.255.255.252
!
interface Ethernet0/0/0
no ip address
ipv6 address 2340:1111:AAAA:4::1/64 (red
local)
ipv6 enable
ipv6 mtu 1500
ipv6 ospf 1 area 0
!
router ospf 2
log-adjacency-changes
network 192.168.0.0 0.0.0.3 area 0 (utilizado
para alcanzar el extremo del túnel)
!
ipv6 router ospf 1
log-adjacency-changes
!
end
Mendoza# sh runn
Building configuration...
Current configuration :
1474 bytes
!
version 12.4
!
hostname Mendoza
!
ipv6 unicast-routing
ipv6 cef
!
interface Tunnel0
no ip address
ipv6 address 2340::1/64 (dirección
interna del túnel para que utilice OSPF)
ipv6 enable
ipv6 mtu 1400
ipv6 ospf 1 area 0
tunnel source FastEthernet0/1
tunnel destination 192.168.0.2
!
interface FastEthernet0/0
no ip address
ipv6 address 2340:1111:AAAA:5::1/64 (red
local)
ipv6 enable
ipv6 mtu 1500
ipv6 ospf 1 area 0
!
interface FastEthernet0/1
ip address 10.0.0.2 255.255.255.252
!
router ospf 2
log-adjacency-changes
network 10.0.0.0 0.0.0.3 area 0 (utilizado
para alcanzar el extremo del túnel)
!
ipv6 router ospf 1
log-adjacency-changes
!
end
IPv4#sh runn
Building configuration...
Current configuration :
763 bytes
!
version 12.4
!
hostname IPv4 (este router es sólo una conexión simple IPv4 entre Mendoza
y Tucumán)
!
interface FastEthernet0/0
ip address 192.168.0.1 255.255.255.252
!
interface FastEthernet0/1
ip address 10.0.0.2 255.255.255.252
!
router ospf 1
log-adjacency-changes
network 10.0.0.0 0.0.0.3 area 0
network 192.168.0.0 0.0.0.3 area 0
!
ip classless
!
end
Pruebas
IPv4#sh ip ospf nei (verificación del tramo IPv4)
Neighbor ID Pri
State Dead Time Address Interface
10.0.0.1 1
FULL/DR 00:00:34 10.0.0.1 FastEthernet0/1
192.168.0.2 1
FULL/DR 00:00:30 192.168.0.2 FastEthernet0/0
IPv4#sh ip route
---resumido---
10.0.0.0/30 is subnetted, 1 subnets
C 10.0.0.0 is directly connected,
FastEthernet0/1
192.168.0.0/30 is subnetted, 1 subnets
C 192.168.0.0 is directly connected,
FastEthernet0/0
IPv4#
Rosario#telnet
2340:1111:aaaa:5::1 (nos conectamos a router Mendoza
para verificar conectividad)
Trying 2340:1111:AAAA:5::1
... Open
User Access Verification
Password: (cisco)
Router>enable
Password: (class)
Mendoza#sh ip route (sólo redes IPv4)
Codes: C - connected, S - static,
R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter
area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type
2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 -
IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user
static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is
not set
10.0.0.0/30 is subnetted, 1 subnets
C 10.0.0.0 is directly connected,
FastEthernet0/1
192.168.0.0/30 is subnetted, 1 subnets
O 192.168.0.0 [110/20] via 10.0.0.1,
01:00:22, FastEthernet0/1
Mendoza#sh ipv6 route (sólo redes IPv6)
IPv6 Routing Table - Default
- 7 entries
Codes: C - Connected, L -
Local, S - Static, U - Per-user Static route
B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D -
EIGRP
EX - EIGRP external
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 -
OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
C 2340::/64 [0/0]
via Tunnel0, directly connected
L 2340::1/128 [0/0] (túnel a Tucumán)
via Tunnel0, receive
O 2340:1111:AAAA:1::/64 [110/1011]
via FE80::21F:9EFF:FEC2:7AA2, Tunnel0 (Rosario)
O 2340:1111:AAAA:2::/64 [110/1010]
via FE80::21F:9EFF:FEC2:7AA2, Tunnel0 (Córdoba)
O 2340:1111:AAAA:4::/64 [110/2]
via FE80::21F:9EFF:FEC2:7AA2, Tunnel0 (Tucumán)
C 2340:1111:AAAA:5::/64 [0/0]
via FastEthernet0/0, directly connected
L 2340:1111:AAAA:5::1/128 [0/0] (Mendoza)
via FastEthernet0/0, receive
L FF00::/8 [0/0]
via Null0, receive
Mendoza#sh ip ospf nei
Neighbor ID Pri
State Dead Time Address Interface
10.0.0.1 0
FULL/ - 00:00:35 10.0.0.1
FastEthernet0/1
Mendoza#sh ipv6 ospf
nei
Neighbor ID Pri
State Dead Time Interface ID Interface
1.2.3.6 1
FULL/ - 00:00:38 9 Tunnel0
Mendoza#sh int tunnel 0
Tunnel0 is up, line
protocol is up
Hardware is Tunnel
MTU 17916 bytes, BW 100 Kbit/sec, DLY 50000 usec,
reliability 255/255, txload 1/255, rxload 2/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
Tunnel source 10.0.0.2 (FastEthernet0/1), destination 192.168.0.2
Tunnel protocol/transport GRE/IP
Key disabled, sequencing disabled
Checksumming of packets disabled
Tunnel TTL 255
Fast tunneling enabled
Tunnel transport MTU 1476 bytes
---resumido---
Mendoza#conf t
Enter configuration
commands, one per line. End with
CNTL/Z.
Mendoza(config)#int
tunnel 0
Mendoza(config-if)#tunnel
mode ipv6ip
Mendoza(config-if)#^Z
Mendoza#
Mendoza#sh int tunnel 0
(ver mas abajo en la captura de paquetes la salida de
este comando)
Tunnel0 is up, line
protocol is up
Hardware is Tunnel
MTU 17920 bytes, BW 100 Kbit/sec, DLY 50000 usec,
reliability 255/255, txload 2/255, rxload 5/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
Tunnel source 10.0.0.2 (FastEthernet0/1), destination 192.168.0.2
Tunnel protocol/transport IPv6/IP
Tunnel TTL 255
Tunnel transport MTU 1480 bytes
---resumido---
Mendoza#
Detalle de una trama capturada en el tramo IPv4 con
un SW 2960 y un port configurado como SPAN (port mirroring)
1. La siguiente trama
corresponde a la primera captura, con el modo del túnel por defecto.
Frame
247 (544 bytes on wire, 544 bytes captured)
Ethernet
II, Src: 00:50:50:0f:40:e0, Dst: 00:1f:9e:c2:7a:a2 (capa 2 del modelo OSI)
Destination: Cisco_c2:7a:a2
(00:1f:9e:c2:7a:a2)
Address: Cisco_c2:7a:a2
(00:1f:9e:c2:7a:a2)
.... ...0 .... .... .... .... = IG
bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique
address (factory default)
Source: Cisco_0f:40:e0 (00:50:50:0f:40:e0)
Address: Cisco_0f:40:e0
(00:50:50:0f:40:e0)
.... ...0 .... .... .... .... = IG
bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG
bit: Globally unique address (factory default)
Type: IP (0x0800) (payload de capa 3)
Internet
Protocol, Src: 10.0.0.2 (10.0.0.2), Dst: 192.168.0.2
(192.168.0.2) (capa 3 del modelo OSI)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0xc0 (DSCP
0x30: Class Selector 6; ECN: 0x00)
1100 00.. = Differentiated Services
Codepoint: Class Selector 6 (0x30)
.... ..0. = ECN-Capable Transport
(ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 530
Identification: 0x029f (671)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 254
Protocol: GRE (0x2f) (payload o carga que lleva)
Header checksum: 0xecb1 [correct]
[Good: True]
[Bad : False]
Source: 10.0.0.2 (10.0.0.2)
Destination: 192.168.0.2 (192.168.0.2)
Generic
Routing Encapsulation (IPv6)
Flags and version: 0000
0... .... .... .... = No checksum
.0.. .... .... .... = No routing
..0. .... .... .... = No key
...0 .... .... .... = No sequence
number
.... 0... .... .... = No strict source
route
.... .000 .... .... = Recursion
control: 0
.... .... 0000 0... = Flags: 0
.... .... .... .000 = Version: 0
Protocol Type: IPv6 (0x86dd) (payload o carga que lleva)
Internet
Protocol Version 6 (capa 3 del modelo OSI
reenpaquetada en GRE)
0110 .... = Version: 6
[0110 .... = This field makes the
filter "ip.version == 6" possible: 6]
.... 1100 0000 .... .... .... .... .... =
Traffic class: 0x000000c0
.... .... .... 0000 0000 0000 0000 0000 =
Flowlabel: 0x00000000
Payload length: 466
Next header: TCP (0x06) (payload de capa 3)
Hop limit: 255
Source: 2340:1111:aaaa:5::1
(2340:1111:aaaa:5::1)
Destination: 2340:1111:aaaa:2::1
(2340:1111:aaaa:2::1)
Transmission
Control Protocol, Src Port: telnet (23), Dst Port: 14408 (14408), Seq: 744,
Ack: 60, Len: 446
Source port: telnet (23)
Destination port: 14408 (14408)
Sequence number: 744 (relative sequence number)
[Next sequence number: 1190 (relative sequence number)]
Acknowledgement number: 60 (relative ack number)
Header length: 20 bytes
Flags: 0x18 (PSH, ACK)
0... .... = Congestion Window Reduced
(CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 1... = Push: Set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 4069
Checksum: 0x681e [correct]
[Good Checksum: True]
[Bad Checksum: False]
[SEQ/ACK analysis]
[This is an ACK to the segment in
frame: 246]
[The RTT to ACK the segment was:
0.093769000 seconds]
Telnet
(capa 7 del modelo OSI, se ve parte de la salida del
comando "sh runn")
Data: \b\b\b\b\b\b\b\b\b \b\b\b\b\b\b\b\b\b ipv6 address
2340::1/64\r\n
Data:
ipv6 enable\r\n
Data:
ipv6 mtu 1400\r\n
Data:
ipv6 ospf 1 area 0\r\n
Data:
tunnel source Serial0/0/0\r\n
Data:
tunnel destination 192.168.0.2\r\n
Data: !\r\n
Data: interface FastEthernet0/0\r\n
Data:
no ip address\r\n
Data:
duplex auto\r\n
Data:
speed auto\r\n
Data:
ipv6 address 2340:1111:AAAA:5::1/64\r\n
Data:
ipv6 enable\r\n
Data:
ipv6 mtu 1500\r\n
Data:
ipv6 ospf 1 area 0\r\n
Data: !\r\n
Data: interface FastEthernet0/1\r\n
Data:
no ip address\r\n
Data:
shutdown\r\n
Data:
duplex auto\r\n
Data:
speed auto\r\n
Data: !\r\n
Data: interface Serial0/0/0\r\n
Data:
--More--
2. La siguiente trama
corresponde a la segunda captura, luego de cambiar el modo del túnel.
Frame 68 (610 bytes on
wire, 610 bytes captured)
Ethernet II,
Src: 00:50:50:0f:40:e0, Dst: 00:1f:9e:c2:7a:a2 (capa
2 del modelo OSI)
Destination: Cisco_c2:7a:a2 (00:1f:9e:c2:7a:a2)
Address: Cisco_c2:7a:a2 (00:1f:9e:c2:7a:a2)
Source: Cisco_0f:40:e0 (00:50:50:0f:40:e0)
Address: Cisco_0f:40:e0 (00:50:50:0f:40:e0)
Type: IP (0x0800) (protocolo de
capa 3 que lleva como payload)
Internet Protocol, Src:
10.0.0.2 (10.0.0.2), Dst: 192.168.0.2 (192.168.0.2)
(capa 3 OSI)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0xc0 (DSCP 0x30: Class Selector
6; ECN: 0x00)
1100 00.. = Differentiated Services Codepoint: Class Selector
6 (0x30)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 596
Identification: 0x04cd (1229)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 254
Protocol: IPv6 (0x29) (protocolo
que lleva como payload, en lugar de llevar TCP o UDP lleva IPv6)
Header checksum: 0xea47 [correct]
[Good: True]
[Bad : False]
Source: 10.0.0.2 (10.0.0.2)
Destination: 192.168.0.2 (192.168.0.2)
Internet Protocol Version
6
0110 .... = Version: 6
[0110 .... = This field makes the filter "ip.version
== 6" possible: 6]
.... 1100 0000 .... .... .... .... .... = Traffic class:
0x000000c0
.... .... .... 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000
Payload length: 536
Next header: TCP (0x06) (protocolo que lleva como payload)
Hop limit: 255
Source: 2340:1111:aaaa:5::1 (2340:1111:aaaa:5::1)
Destination:
2340:1111:aaaa:2::1 (2340:1111:aaaa:2::1)
Transmission Control
Protocol, Src Port: telnet (23), Dst Port: 21087 (21087) (capa 4 del modelo
OSI)
Source port: telnet (23)
Destination port: 21087
(21087)
Sequence number: 65
(relative sequence number)
[Next sequence number: 581
(relative sequence number)]
Acknowledgement number: 28
(relative ack number)
Header length: 20 bytes
Flags: 0x10 (ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 3759
Checksum: 0x1281 [correct]
[Good Checksum: True]
[Bad Checksum: False]
Telnet (capa 7 del modelo OSI, se puede ver parte de la salida del
comando "sh int tunnel 0")
Data: Tunnel0 is up, line protocol is up \r\n
Data: Hardware is
Tunnel\r\n
Data: MTU 17920 bytes,
BW 100 Kbit/sec, DLY 50000 usec, \r\n
Data: reliability
255/255, txload 2/255, rxload 5/255\r\n
Data: Encapsulation
TUNNEL, loopback not set\r\n
Data: Keepalive not
set\r\n
Data: Tunnel source
10.0.0.2 (Serial0/0/0), destination 192.168.0.2\r\n
Data: Tunnel
protocol/transport IPv6/IP\r\n
Data: Tunnel TTL
255\r\n
Data: Tunnel transport
MTU 1480 bytes\r\n
Data: Tunnel transmit
bandwidth 8000 (kbps)\r\n
Data: Tunnel receive
bandwidth 8000 (kbps)\r\n
Data: Last input
00:00:00, output 00:00:00, output han
Detalle:(en rojo lo tipeado y en azul el eco de lo tipeado y
la salida del comando)
(2012) My girlfriend have an RJ45 in some place ?
Rosario, Argentina