News
发布日期:2022-06-20 浏览次数:1805 来源:崔志鹏
HCIE Datacom-ISIS双栈IPv6配置-WOLFLAB实验室
HCIE培训课程针对0基础入门学员开设,联系在线客服领取免费基础课入门资料
IS-IS最初是为OSI网络设计的一种基于链路状态算法的动态路由协议。之后为了提供对IPv4的路由支持,扩展应用到IPv4网络,称为集成IS-IS。
随着IPv6网络的建设,同样需要动态路由协议为IPv6报文的转发提供准确有效的路由信息。IS-IS路由协议结合自身具有良好的扩展性的特点,实现了对IPv6网络层协议的支持,可以发现和生成IPv6路由。
IETF的draft-ietf-isis-ipv6-05中规定了IS-IS为支持IPv6所新增的内容。为了支持IPv6路由的处理和计算,IS-IS新增了两个TLV(Type-Length-Value)和一个新的NLPID(Network Layer Protocol Identifier)。
新增的两个TLV分别是:
236号TLV(IPv6 Reachability):通过定义路由信息前缀、度量值等信息来说明网络的可达性。
232号TLV(IPv6 Interface Address):它相当于IPv4中的“IP Interface Address”TLV,只不过把原来的32比特的IPv4地址改为128比特的IPv6地址。
NLPID是标识网络层协议报文的一个8比特字段,IPv6的NLPID值为142(0x8E)。如果IS-IS支持IPv6,那么向外发布IPv6路由时必须携带NLPID值。
实验:AR1和AR3运行ipv6的ISIS
R1配置如下:
[AR1]dis current-configuration
[V200R003C00]
ipv6
#
isis 1
is-level level-2
network-entity 49.0000.0000.0001.00
#
ipv6 enable topology standard
#
interface GigabitEthernet0/0/0
ipv6 enable
ip address 1.1.13.1 255.255.255.0
ipv6 address 2001:13::1/64
isis enable 1
isis ipv6 enable 1
#
interface GigabitEthernet0/0/1
ip address 1.1.12.1 255.255.255.0
isis enable 1
#
interface LoopBack0
ipv6 enable
ip address 1.1.1.1 255.255.255.255
ipv6 address 2001::1/128
isis enable 1
isis ipv6 enable 1
此时R1和R3即建立的ISIS邻居即可以计算IPV4的路由也能计算IPV6的路由,ISIS部分IPV4的邻居或者是IPV6的邻居;
[AR1]dis isis peer verbose
Peer information for ISIS(1)
System Id Interface Circuit Id State HoldTime Type PRI
-------------------------------------------------------------------------------
0000.0000.0003 GE0/0/0 0000.0000.0001.01 Up 22s L2 64
MT IDs supported : 0(UP)
Local MT IDs : 0
Area Address(es) : 49
Peer IP Address(es) : 1.1.13.3
Peer IPv6 Address(es): FE80::2E0:FCFF:FEB9:5212
Uptime : 00:02:52
Adj Protocol : IPV4 IPV6
Restart Capable : YES
Suppressed Adj : NO
Peer System Id : 0000.0000.0003
0000.0000.0002 GE0/0/1 0000.0000.0001.02 Up 29s L2 64
MT IDs supported : 0(UP)
Local MT IDs : 0
Area Address(es) : 49
Peer IP Address(es) : 1.1.12.2
Uptime : 00:15:20
Adj Protocol : IPV4
Restart Capable : YES
Suppressed Adj : NO
Peer System Id : 0000.0000.0002
R1和R3也能学到对端环回口的路由:
[AR1]dis ipv6 routing-table protocol isis
Public Routing Table : ISIS
Summary Count : 1
ISIS Routing Table's Status : < Active >
Summary Count : 1
Destination : 2003::3 PrefixLength : 128
NextHop : FE80::2E0:FCFF:FEB9:5212 Preference : 15
Cost : 10 Protocol : ISIS-L2
RelayNextHop : :: TunnelID : 0x0
Interface : GigabitEthernet0/0/0 Flags : D
ISIS Routing Table's Status : < Inactive >
Summary Count : 0
R1通告的实节点LSP如下:
[AR1]dis isis lsdb 0000.0000.0001.00-00 verbose
Database information for ISIS(1)
--------------------------------
Level-2 Link State Database
LSPID Seq Num Checksum Holdtime Length ATT/P/OL
-------------------------------------------------------------------------------
0000.0000.0001.00-00* 0x00000016 0xae49 1145 188 0/0/0
SOURCE 0000.0000.0001.00
NLPID IPV4
NLPID IPV6 //新增NLPID
AREA ADDR 49
INTF ADDR 1.1.12.1
INTF ADDR 1.1.1.1
INTF ADDR 1.1.13.1
INTF ADDR V6 2001::1 //所有启用的了ISIS的IPV6接口地址
INTF ADDR V6 2001:13::1
Topology Standard //拓扑的类型是标准的,也就是单TOP
NBR ID 0000.0000.0001.02 COST: 10 //IPV4和IPV6共用一个TOP结构
NBR ID 0000.0000.0001.01 COST: 10
IP-Internal 1.1.12.0 255.255.255.0 COST: 10
IP-Internal 1.1.1.1 255.255.255.255 COST: 0
IP-Internal 1.1.13.0 255.255.255.0 COST: 10
IPV6 2001::1/128 COST: 0 //IPV6的网段信息
IPV6 2001:13::/64 COST: 10
R1通告的LSP如下:
Frame 35: 205 bytes on wire (1640 bits), 205 bytes captured (1640 bits) on interface -, id 0
IEEE 802.3 Ethernet
Logical-Link Control
ISO 10589 ISIS InTRA Domain Routeing Information Exchange Protocol
ISO 10589 ISIS Link State Protocol Data Unit
PDU length: 188
Remaining lifetime: 1199
LSP-ID: 0000.0000.0001.00-00
Sequence number: 0x0000001c
Checksum: 0xa24f [correct]
[Checksum Status: Good]
Type block(0x03): Partition Repair:0, Attached bits:0, Overload bit:0, IS type:3
Protocols supported (t=129, l=2) //NLPID有IPV4和IPV6
Type: 129
Length: 2
NLPIDs: IP (0xcc), IPv6 (0x8e)
Multi Topology (t=229, l=2)
Type: 229
Length: 2
IPv4 Unicast Topology (0x000) //单拓扑,IPV4和IPV6共用一个TOP
Area address(es) (t=1, l=2)
IS Reachability (t=2, l=23)
IP Interface address(es) (t=132, l=12)
IP Internal reachability (t=128, l=36)
IPv6 Interface address(es) (t=232, l=32) //LSP中会将启用了isis的所有的全球单播地址携带在232 TLV里面,HELLO报文会将报文发送接口的link-local地址携带进去;
Type: 232
Length: 32
IPv6 interface address: 2001::1
IPv6 interface address: 2001:13::1
IPv6 reachability (t=236, l=36) //描述路由信息
Type: 236
Length: 36
IPv6 Reachability: 2001::1/128
Metric: 0
0... .... = Distribution: Up //DU bit
.0.. .... = Distribution: Internal //内部路由就是internal,外部路由就是external,IPV4使用TLV来标识内部路由和外部路由,IPV6使用该bit;
..0. .... = Sub-TLV: No
Prefix Length: 128
IPv6 prefix: 2001::1
no sub-TLVs present
IPv6 Reachability: 2001:13::/64
Metric: 10
0... .... = Distribution: Up
.0.. .... = Distribution: Internal
..0. .... = Sub-TLV: No
Prefix Length: 64
IPv6 prefix: 2001:13::
no sub-TLVs present
ST和MT:
ST:默认就是ST,isis中进行邻居描述的时候用的system id进行SPT树的计算,跟IP没啥关系,IPV4地址和IPV6地址只是叶子挂上去;
如图所示:如果使用单TOP,如果RTB不支持,RTA访问RTC时走RTB,因为cost小,此时出现路由黑洞;
实验:将AR1和AR3之间的cost改成30
R1/R3:
interface GigabitEthernet0/0/0
isis cost 30 //将R1和R3互联接口的cost改成30,注意如果是ST,敲了isis ipv6 cost 30也不好使,因为ST只存在232和236描述路由信息,ST没有描述TOP信息的TLV,
此时IPV4和IPV6共用一个TOP,IPV4和IPV6都作为叶子挂在树干上;
此时R1和R3彼此就学不到对端的IPV6的isis路由了,但是R1和R3的LSDB还是完整的:
[AR1]dis ipv6 routing-table protocol isis
[AR1]
[AR1]dis isis lsdb 0000.0000.0003.00-00 verbose
Database information for ISIS(1)
--------------------------------
Level-2 Link State Database
LSPID Seq Num Checksum Holdtime Length ATT/P/OL
-------------------------------------------------------------------------------
0000.0000.0003.00-00 0x00000018 0xdba5 1130 188 0/0/0
SOURCE 0000.0000.0003.00
NLPID IPV4
NLPID IPV6
AREA ADDR 49
INTF ADDR 1.1.13.3
INTF ADDR 1.1.23.3
INTF ADDR 3.3.3.3
INTF ADDR V6 2001:13::3
INTF ADDR V6 2003::3
Topology Standard
NBR ID 0000.0000.0003.02 COST: 10
NBR ID 0000.0000.0001.01 COST: 30
IP-Internal 1.1.23.0 255.255.255.0 COST: 10
IP-Internal 3.3.3.3 255.255.255.255 COST: 0
IP-Internal 1.1.13.0 255.255.255.0 COST: 30
IPV6 2003::3/128 COST: 0
IPV6 2001:13::/64 COST: 30
R1发现,运行SPF算法,去往R3的2003::3/128下一跳是R2,但是R2没有运行IPV6,因为R2通告的实节点LSP,会携带NLPID,此时R1就算不出来路由了;
那此时怎么解决?
MT:多拓扑
为了MT的实现,新增了四个TLV
229:MT的标识
222:描述IPV6的TOP信息
235:多拓扑的IPV4可达信息 //这个TLV一直没见到
237:多拓扑的IPV6可达信息
此时在R1和R3上开启多TOP的功能
R1/R3:
isis 1
is-level level-2
network-entity 49.0000.0000.0001.00
#
ipv6 enable topology ipv6
此时在R1上看:
[AR1]dis isis peer
Peer information for ISIS(1)
System Id Interface Circuit Id State HoldTime Type PRI
-------------------------------------------------------------------------------
0000.0000.0003* GE0/0/0 0000.0000.0001.01 Up 22s L2 64
0000.0000.0002 GE0/0/1 0000.0000.0001.02 Up 26s L2 64
*标识跟R3建立的是MT的邻居关系
[AR1]dis isis lsdb 0000.0000.0001.00-00 verbose
Database information for ISIS(1)
--------------------------------
Level-2 Link State Database
LSPID Seq Num Checksum Holdtime Length ATT/P/OL
-------------------------------------------------------------------------------
0000.0000.0001.00-00* 0x00000027 0x4b70 998 207 0/0/0
SOURCE 0000.0000.0001.00
NLPID IPV4
NLPID IPV6
AREA ADDR 49
INTF ADDR 1.1.12.1
INTF ADDR 1.1.1.1
INTF ADDR 1.1.13.1
INTF ADDR V6 2001::1
INTF ADDR V6 2001:13::1
Topology Standard, IPV6
NBR ID 0000.0000.0001.02 COST: 10
NBR ID 0000.0000.0001.01 COST: 30
+MT NBR ID 0000.0000.0001.01 COST: 10 MT: 2 (IPV6)
IP-Internal 1.1.12.0 255.255.255.0 COST: 10
IP-Internal 1.1.1.1 255.255.255.255 COST: 0
IP-Internal 1.1.13.0 255.255.255.0 COST: 30
IPV6 2001::1/128 COST: 0 MT: 2
IPV6 2001:13::/64 COST: 10 MT: 2
[AR1]dis isis lsdb 0000.0000.0003.00-00 ver
Database information for ISIS(1)
--------------------------------
Level-2 Link State Database
LSPID Seq Num Checksum Holdtime Length ATT/P/OL
-------------------------------------------------------------------------------
0000.0000.0003.00-00 0x0000001f 0xbfcb 990 207 0/0/0
SOURCE 0000.0000.0003.00
NLPID IPV4
NLPID IPV6
AREA ADDR 49
INTF ADDR 1.1.13.3
INTF ADDR 1.1.23.3
INTF ADDR 3.3.3.3
INTF ADDR V6 2001:13::3
INTF ADDR V6 2003::3
Topology Standard, IPV6
NBR ID 0000.0000.0003.02 COST: 10
NBR ID 0000.0000.0001.01 COST: 30
+MT NBR ID 0000.0000.0001.01 COST: 10 MT: 2 (IPV6)
IP-Internal 1.1.23.0 255.255.255.0 COST: 10
IP-Internal 3.3.3.3 255.255.255.255 COST: 0
IP-Internal 1.1.13.0 255.255.255.0 COST: 30
IPV6 2003::3/128 COST: 0 MT: 2
IPV6 2001:13::/64 COST: 10 MT: 2
此时可以看到IPV4和IPV6的TOP就分开算了,R1和R3也能够算出来路由了:
[AR1]dis ipv6 routing-table protocol isis
Public Routing Table : ISIS
Summary Count : 1
ISIS Routing Table's Status : < Active >
Summary Count : 1
Destination : 2003::3 PrefixLength : 128
NextHop : FE80::2E0:FCFF:FEB9:5212 Preference : 15
Cost : 10 Protocol : ISIS-L2
RelayNextHop : :: TunnelID : 0x0
Interface : GigabitEthernet0/0/0 Flags : D
AR1]ping ipv6 -a 2001::1 2003::3
PING 2003::3 : 56 data bytes, press CTRL_C to break
Reply from 2003::3
bytes=56 Sequence=1 hop limit=64 time = 20 ms
Reply from 2003::3
bytes=56 Sequence=2 hop limit=64 time = 30 ms
Reply from 2003::3
bytes=56 Sequence=3 hop limit=64 time = 20 ms
R1开启多MT发送的LSP如下:
Frame 2483: 224 bytes on wire (1792 bits), 224 bytes captured (1792 bits) on interface -, id 0
IEEE 802.3 Ethernet
Logical-Link Control
ISO 10589 ISIS InTRA Domain Routeing Information Exchange Protocol
ISO 10589 ISIS Link State Protocol Data Unit
PDU length: 207
Remaining lifetime: 1199
LSP-ID: 0000.0000.0001.00-00
Sequence number: 0x00000027
Checksum: 0x4b70 [correct]
[Checksum Status: Good]
Type block(0x03): Partition Repair:0, Attached bits:0, Overload bit:0, IS type:3
Protocols supported (t=129, l=2) //NLPID:IPV4和IPV6
Type: 129
Length: 2
NLPIDs: IP (0xcc), IPv6 (0x8e)
Multi Topology (t=229, l=4) //MT,IPV4和IPV6分别算
Type: 229
Length: 4
IPv4 Unicast Topology (0x000)
IPv6 Unicast Topology (0x002)
Area address(es) (t=1, l=2)
IS Reachability (t=2, l=23)
Multi Topology IS Reachability (t=222, l=13) //IPV6的TOP信息
Type: 222
Length: 13
0000 .... .... .... = Reserved: 0x0
.... 0000 0000 0010 = Topology ID: IPv6 routing topology (2)
IS Neighbor: 0000.0000.0001.01
IP Interface address(es) (t=132, l=12)
IP Internal reachability (t=128, l=36)
IPv6 Interface address(es) (t=232, l=32) //IPV6接口地址仍然存在
Type: 232
Length: 32
IPv6 interface address: 2001::1
IPv6 interface address: 2001:13::1
Multi Topology Reachable IPv6 Prefixes (t=237, l=38) //开启MT后IPV6的路由信息
Type: 237
Length: 38
0000 .... .... .... = Reserved: 0x0
.... 0000 0000 0010 = Topology ID: IPv6 routing topology (2)
IPv6 Reachability: 2001::1/128
IPv6 Reachability: 2001:13::/64
HCIE培训课程每月循环开班,联系WOLFLAB预约免费试听
电话:173-1636-2402
邮箱:wolflab@wolf-lab.com
地址:上海市徐汇区漕宝路82号E座1902室WOLFLAB实验室
提供: CCNA/HCIA培训 | CCNP/HCIP培训 | HCIE/CCIE培训 | WOLF | 华为认证咨询 | 思科认证咨询 |
官方微信
关注微信公众号
