IPv6中OSPFv3配置與協議分析(Huawei)
- 掌握OSPFv3的基本配置。
- 理解OSPFv3鄰居關係建立過程。
- 瞭解OSPFv3協議的各種LSDB同步過程。
- 瞭解OSPFv3各種LSA的格式及作用。
配置命令:
[rta]dis cu
[V200R003C00]
#
sysname rta
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
ipv6
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
ospfv3 1
router-id 1.1.1.1
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ipv6 enable
ipv6 address 1::1/64
undo ipv6 nd ra halt
ospfv3 1 area 0.0.0.1
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack1
ipv6 enable
ipv6 address 3::1/128
ospfv3 1 area 0.0.0.1
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<rtb>dis cu
[V200R003C00]
#
sysname rtb
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
ipv6
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
ospfv3 1
router-id 2.2.2.2
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ipv6 enable
ipv6 address 1::2/64
undo ipv6 nd ra halt
ospfv3 1 area 0.0.0.1
#
interface GigabitEthernet0/0/1
ipv6 enable
ipv6 address 2::1/64
undo ipv6 nd ra halt
ospfv3 1 area 0.0.0.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack1
ipv6 enable
ipv6 address 4::1/128
ospfv3 1 area 0.0.0.1
#
interface LoopBack2
ipv6 enable
ipv6 address 5::1/128
ospfv3 1 area 0.0.0.0
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<rtc>dis cu
[V200R003C00]
#
sysname rtc
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
ipv6
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
ospfv3 1
router-id 3.3.3.3
import-route direct
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
#
interface GigabitEthernet0/0/1
ipv6 enable
ipv6 address 2::2/64
undo ipv6 nd ra halt
ospfv3 1 area 0.0.0.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack1
ipv6 enable
ipv6 address 6::1/128
ospfv3 1 area 0.0.0.0
#
interface LoopBack2
ipv6 enable
ipv6 address 7::1/128
ospfv3 1 area 0.0.0.0
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
<rtc>
配置結束後檢查裝置聯通性:ping2::2.
RTA上的路由表
[rta]dis ipv6 routing-table
Routing Table : Public
Destinations : 10 Routes : 10
Destination : ::1 PrefixLength : 128
NextHop : ::1 Preference : 0
Cost : 0 Protocol : Direct
RelayNextHop : :: TunnelID : 0x0
Interface : InLoopBack0 Flags : D
Destination : 1:: PrefixLength : 64
NextHop : 1::1 Preference : 0
Cost : 0 Protocol : Direct
RelayNextHop : :: TunnelID : 0x0
Interface : GigabitEthernet0/0/0 Flags : D
Destination : 1::1 PrefixLength : 128
NextHop : ::1 Preference : 0
Cost : 0 Protocol : Direct
RelayNextHop : :: TunnelID : 0x0
Interface : GigabitEthernet0/0/0 Flags : D
Destination : 2:: PrefixLength : 64
NextHop : FE80::2E0:FCFF:FED0:28AE Preference : 10
Cost : 2 Protocol : OSPFv3
RelayNextHop : :: TunnelID : 0x0
Interface : GigabitEthernet0/0/0 Flags : D
Destination : 3::1 PrefixLength : 128
NextHop : ::1 Preference : 0
Cost : 0 Protocol : Direct
RelayNextHop : :: TunnelID : 0x0
Interface : LoopBack1 Flags : D
Destination : 4::1 PrefixLength : 128
NextHop : FE80::2E0:FCFF:FED0:28AE Preference : 10
Cost : 1 Protocol : OSPFv3
RelayNextHop : :: TunnelID : 0x0
Interface : GigabitEthernet0/0/0 Flags : D
Destination : 5::1 PrefixLength : 128
NextHop : FE80::2E0:FCFF:FED0:28AE Preference : 10
Cost : 1 Protocol : OSPFv3
RelayNextHop : :: TunnelID : 0x0
Interface : GigabitEthernet0/0/0 Flags : D
Destination : 6::1 PrefixLength : 128
NextHop : FE80::2E0:FCFF:FED0:28AE Preference : 10
Cost : 2 Protocol : OSPFv3
RelayNextHop : :: TunnelID : 0x0
Interface : GigabitEthernet0/0/0 Flags : D
Destination : 7::1 PrefixLength : 128
NextHop : FE80::2E0:FCFF:FED0:28AE Preference : 10
Cost : 2 Protocol : OSPFv3
RelayNextHop : :: TunnelID : 0x0
Interface : GigabitEthernet0/0/0 Flags : D
Destination : FE80:: PrefixLength : 10
NextHop : :: Preference : 0
Cost : 0 Protocol : Direct
RelayNextHop : :: TunnelID : 0x0
Interface : NULL0 Flags : D
RTA上的OSPFv3路由出現字首為1-7的路由條目:
RTA的鏈路狀態資料庫:
[rta]dis ospfv3 lsdb
* indicates STALE LSA
OSPFv3 Router with ID (1.1.1.1) (Process 1)
Link-LSA (Interface GigabitEthernet0/0/0)
Link State ID Origin Router Age Seq# CkSum Prefix
0.0.0.3 1.1.1.1 0638 0x80000001 0x3131 1
0.0.0.3 2.2.2.2 0539 0x80000001 0x19bd 1
Router-LSA (Area 0.0.0.1)
Link State ID Origin Router Age Seq# CkSum Link
0.0.0.0 1.1.1.1 0528 0x80000005 0xf21a 1
0.0.0.0 2.2.2.2 0444 0x80000006 0xd531 1
Network-LSA (Area 0.0.0.1)
Link State ID Origin Router Age Seq# CkSum
0.0.0.3 1.1.1.1 0528 0x80000001 0x7a9b
Inter-Area-Prefix-LSA (Area 0.0.0.1)
Link State ID Origin Router Age Seq# CkSum
0.0.0.1 2.2.2.2 0341 0x80000001 0x5199
0.0.0.2 2.2.2.2 0408 0x80000001 0x514d
0.0.0.3 2.2.2.2 0308 0x80000001 0x5942
0.0.0.4 2.2.2.2 0275 0x80000001 0x5b3e
Inter-Area-Router-LSA (Area 0.0.0.1)
Link State ID Origin Router Age Seq# CkSum
3.3.3.3 2.2.2.2 0265 0x80000001 0xed18
Intra-Area-Prefix-LSA (Area 0.0.0.1)
Link State ID Origin Router Age Seq# CkSum Prefix Reference
0.0.0.1 1.1.1.1 0522 0x80000005 0x3635 1 Router-LSA
0.0.0.2 1.1.1.1 0527 0x80000001 0x1a9d 1 Network-LSA
0.0.0.1 2.2.2.2 0444 0x80000001 0x66ff 1 Router-LSA
檢視link-LSA的詳細資訊:
[rta]dis ospfv3 lsdb link
OSPFv3 Router with ID (1.1.1.1) (Process 1)
Link-LSA (Interface GigabitEthernet0/0/0)
LS Age: 672
LS Type: Link-LSA
Link State ID: 0.0.0.3
Originating Router: 1.1.1.1
LS Seq Number: 0x80000001
Retransmit Count: 0
Checksum: 0x3131
Length: 56
Priority: 1
Options: 0x000013 (-|R|-|-|E|V6)
Link-Local Address: FE80::2E0:FCFF:FE12:608
Number of Prefixes: 1
Prefix: 1::/64
Prefix Options: 0 (-|-|-|-|-)
LS Age: 573
LS Type: Link-LSA
Link State ID: 0.0.0.3
Originating Router: 2.2.2.2
LS Seq Number: 0x80000001
Retransmit Count: 0
Checksum: 0x19BD
Length: 56
Priority: 1
Options: 0x000013 (-|R|-|-|E|V6)
Link-Local Address: FE80::2E0:FCFF:FED0:28AE
Number of Prefixes: 1
Prefix: 1::/64
Prefix Options: 0 (-|-|-|-|-)
觀察鄰居建立及LSDB同步過程:
- 在RTA的g0/0/0口先shutdiown,在undo shutdown,然後進行抓包:
- hello報文:
RTA傳送的hello報文,報文源地址為RTA的介面的鏈路本地地址,目的地址為ALLSPFRouters組播地址,OSPFv3頭和hello報文中沒有攜帶ipv6地址資訊,僅攜帶 routerID
OSPFv3各種LSA分析:
Router LSA不在包含地址字首資訊,僅僅描述了路由器周圍的拓撲連線情況因為RTB只有一個介面,所以只給RTA傳送一條。
RTB傳送的LSU:
- Link-LSA
- Intra-area-prefix-LSA
- Network-LSA