新信息_7-12-21
R1#sho ipv6 rout 2001:db8:B2:200::2:2
Routing entry for 2001:db8:B2:200::2:2/128
Known via "static", distance 1, metric 0
Route count is 1/1, share count 0
Routing paths:
2001:db8:B2:38B2::2:201, TenGigabitEthernet1/0/1.200
Last updated 3d23h ago
R2#sho ipv6 route 2001:db8:B2:3800::2:2
Routing entry for 2001:db8:B2:3800::2:2/128
Known via "static", distance 1, metric 0
Route count is 1/1, share count 0
Routing paths:
2001:db8:B2:2B1::2:201, TenGigabitEthernet0/1/1.200
Last updated 1w5d ago
R1
show ipv6 ospf interface
Tunnel200 is up, line protocol is up
Link Local Address FE80::2E4F:52FF:FE8B:FC00, Interface ID 28
Area 0, Process ID 200, Instance ID 0, Router ID 70.25.200.21
Network Type POINT_TO_POINT, Cost: 200
AES-CBC-128 encryption SHA-1 auth (Area) SPI 2000, secure socket UP (errors: 0)
Transmit Delay is 1 sec, State POINT_TO_POINT, BFD enabled
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:03
Graceful restart helper support enabled
Index 1/2/2, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 3
Last flood scan time is 0 msec, maximum is 1 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 7.5.200.21
Suppress hello for 0 neighbor(s)
R2
sho ipv6 ospf interface
Tunnel200 is up, line protocol is up
Link Local Address FE80::7ABC:1AFF:FE45:D00, Interface ID 30
Area 0, Process ID 200, Instance ID 0, Router ID 7.5.200.21
Network Type POINT_TO_POINT, Cost: 200
AES-CBC-128 encryption SHA-1 auth (Area) SPI 2000, secure socket UP (errors: 0)
Transmit Delay is 1 sec, State POINT_TO_POINT, BFD enabled
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:09
Graceful restart helper support enabled
Index 1/2/2, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 2
Last flood scan time is 0 msec, maximum is 1 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 70.25.200.21
Suppress hello for 0 neighbor(s)
新信息_7-9-21 我已经更新了更多细节的拓扑。今天,当我打开隧道时,我能够登录到 R2,这样我就可以看到上面是否发生了任何不同的事情。但它表现出类似的行为。OSPFv3 adj 形成为 Full 并且隧道似乎已启动,但将通过隧道的 ping 和跟踪失败。我尝试修改两个路由器上的 Tu200 接口,使其具有 ipv6 MTU1400 和 ipv6 tcp adjust-mss 1360。那里没有骰子。我还检查了两个防火墙中的路由。每个防火墙有 2 条静态路由。FW1 有一条使用 int20.200 到达 2001:db8:b2:200::2:2 的路由,下一跳为 2001:db8:b2:3802::4:201。第二条路线是使用 int13.200 下一跳 2001:db8:b2:38b2::2:200 到达 2001:db8:b2:3800::2:2。FW2的路由是dest-2001:db8:b2:3800::2:2 int20.200 NH 2001:db8:b2:3802::4:200和dest-2001:db8:b2:200::2:2 int13.200 NH 2001:db8:b2:2b1::2:200。如果还有什么我可以添加的帮助,请告诉我。我现在正在尝试使用 NetSIM 自己建立一个实验室来解决这个问题。感谢大家。
原帖 我在使用 GRE 隧道时遇到问题。正如您在我添加的基本拓扑中看到的那样,我在两个 Cisco 路由器之间有一个 GRE 隧道。R1 是 ASR1006-X,R2 是 ASR1002-HX。R1 直接连接到 Palo Alto 3260 (FW1)。R2 到另一个 PA3260 (FW2)。每个防火墙都与一个 Aviat Microwave 单元相连,这些单元相互通信。GRE 隧道建立在此微波连接上。我确实有另一条通向 R2 的路径没有在拓扑中描述,因此当隧道未启动时我能够到达它。我看到的问题是,当我启动隧道时,我立即失去了与 R2 的连接。OSPFv3 出现并将到 R2 的路径更改为通过隧道(这是我们所希望的)。不幸的是,我们正在失去管理 R2 背后任何事物的能力。我会注意到 ospf adj 保持完整,所以我知道 ospf 正在通过隧道进行 Tx/Rx。我只是不明白为什么所有其他流量都失败了。任何想法将不胜感激。如果您想到任何事情,我还可以添加任何可能有用的其他信息。
这里有一些配置:
R1
hostname R1
!
!
vrf definition DATA
ipv6 multicast multitopology
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
address-family ipv6 multicast
exit-address-family
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
interface Loopback0
no ip address
ipv6 address 2001:db8:B2:3800::2:200/128
ipv6 enable
no ipv6 pim
ospfv3 200 ipv6 area 0
!
interface Loopback1
vrf forwarding DATA
no ip address
ipv6 address 2001:db8:B1:3800::2:200/128
ipv6 enable
ipv6 multicast boundary scope 4
ospfv3 100 ipv6 area 0
!
interface Loopback100
vrf forwarding DATA
no ip address
ipv6 address 2001:db8:B1:3800::2:2/128
ipv6 enable
ipv6 multicast boundary scope 4
!
interface Loopback200
no ip address
ipv6 address 2001:db8:B2:3800::2:2/128
ipv6 enable
no ipv6 pim
!
interface Tunnel100
bandwidth 380000
vrf forwarding DATA
no ip address
ipv6 address 2001:db8:B1:3802::A:200/127
ipv6 enable
ipv6 multicast boundary scope 4
qos pre-classify
ospfv3 100 network point-to-point
ospfv3 100 cost 200
ospfv3 100 bfd
ospfv3 100 ipv6 area 0
bfd interval 350 min_rx 350 multiplier 3
tunnel source Loopback100
tunnel mode gre ipv6
tunnel destination 2001:db8:B1:200::2:2
tunnel path-mtu-discovery
tunnel vrf DATA
tunnel bandwidth transmit 380000
tunnel bandwidth receive 380000
!
interface Tunnel200
bandwidth 380000
no ip address
ipv6 address 2001:db8:B2:3802::A:200/127
ipv6 enable
no ipv6 pim
qos pre-classify
ospfv3 200 network point-to-point
ospfv3 200 cost 200
ospfv3 200 ipv6 area 0
ospfv3 200 ipv6 bfd
bfd interval 350 min_rx 350 multiplier 3
tunnel source Loopback200
tunnel mode gre ipv6
tunnel destination 2001:db8:B2:200::2:2
tunnel path-mtu-discovery
tunnel bandwidth transmit 380000
tunnel bandwidth receive 380000
!
interface FortyGigabitEthernet0/0/0
no ip address
no ipv6 pim
!
interface FortyGigabitEthernet0/0/0.100
encapsulation dot1Q 100
vrf forwarding DATA
ipv6 address 2001:db8:C1:3800::2:201/127
ipv6 enable
ipv6 multicast boundary scope 4
ospfv3 100 network point-to-point
ospfv3 100 ipv6 area 0
ospfv3 100 ipv6 cost 2000
ospfv3 100 ipv6 bfd
bfd interval 350 min_rx 350 multiplier 3
!
interface FortyGigabitEthernet0/0/0.200
encapsulation dot1Q 200
ipv6 address 2001:db8:C2:3800::2:201/127
ipv6 enable
no ipv6 pim
ospfv3 200 network point-to-point
ospfv3 200 ipv6 area 0
ospfv3 200 ipv6 cost 2000
ospfv3 200 ipv6 bfd
bfd interval 350 min_rx 350 multiplier 3
!
interface FortyGigabitEthernet0/0/1
no ip address
no ipv6 pim
!
interface FortyGigabitEthernet0/0/1.100
encapsulation dot1Q 100
vrf forwarding DATA
ipv6 address 2001:db8:B1:3836::2:200/127
ipv6 enable
ipv6 multicast boundary scope 4
ospfv3 100 network point-to-point
ospfv3 100 ipv6 area 0
ospfv3 100 ipv6 bfd
bfd interval 350 min_rx 350 multiplier 3
!
interface FortyGigabitEthernet0/0/1.200
encapsulation dot1Q 200
ipv6 address 2001:db8:B2:3836::2:200/127
ipv6 enable
no ipv6 pim
ospfv3 200 network point-to-point
ospfv3 200 ipv6 area 0
ospfv3 200 ipv6 bfd
bfd interval 350 min_rx 350 multiplier 3
!
interface TenGigabitEthernet1/0/0
no ip address
no ipv6 pim
!
interface TenGigabitEthernet1/0/0.100
encapsulation dot1Q 100
vrf forwarding DATA
ipv6 address 2001:db8:B1:3813::2:200/64
ipv6 enable
ipv6 verify unicast source reachable-via rx RPF_FAIL_DATA
ipv6 multicast boundary scope 4
ospfv3 100 ipv6 area 0
!
interface TenGigabitEthernet1/0/0.200
encapsulation dot1Q 200
ipv6 address 2001:db8:B2:3813::2:200/64
ipv6 enable
ipv6 verify unicast source reachable-via rx RPF_FAIL_MGMT
no ipv6 pim
ospfv3 200 ipv6 area 0
!
interface TenGigabitEthernet1/0/1
no ip address
ipv6 enable
no ipv6 pim
!
interface TenGigabitEthernet1/0/1.100
encapsulation dot1Q 100
vrf forwarding DATA
ipv6 address 2001:db8:B1:38B2::2:200/127
ipv6 enable
ipv6 multicast boundary scope 4
!
interface TenGigabitEthernet1/0/1.200
encapsulation dot1Q 200
ipv6 address 2001:db8:B2:38B2::2:200/127
ipv6 enable
no ipv6 pim
!
interface TenGigabitEthernet1/0/2
no ip address
no ipv6 pim
!
interface TenGigabitEthernet1/0/2.100
encapsulation dot1Q 100
vrf forwarding DATA
ipv6 address 2001:db8:B1:3811::2:200/64
ipv6 enable
ipv6 verify unicast source reachable-via rx RPF_FAIL_DATA
ipv6 multicast boundary scope 4
ospfv3 100 ipv6 area 0
!
interface TenGigabitEthernet1/0/2.200
encapsulation dot1Q 200
ipv6 address 2001:db8:B2:3811::2:200/64
ipv6 enable
ipv6 verify unicast source reachable-via rx RPF_FAIL_MGMT
no ipv6 pim
ospfv3 200 ipv6 area 0
!
interface TenGigabitEthernet1/0/3
no ip address
no ipv6 pim
!
interface TenGigabitEthernet1/0/3.100
encapsulation dot1Q 100
vrf forwarding DATA
ipv6 address 2001:db8:B1:3814::2:200/64
ipv6 enable
ipv6 verify unicast source reachable-via rx RPF_FAIL_DATA
ipv6 multicast boundary scope 4
ospfv3 100 ipv6 area 0
!
interface TenGigabitEthernet1/0/3.200
encapsulation dot1Q 200
ipv6 address 2001:db8:B2:3814::2:200/64
ipv6 enable
ipv6 verify unicast source reachable-via rx RPF_FAIL_MGMT
no ipv6 pim
ospfv3 200 ipv6 area 0
!
interface TenGigabitEthernet1/0/4
no ip address
no ipv6 pim
!
interface TenGigabitEthernet1/0/4.100
encapsulation dot1Q 100
vrf forwarding DATA
ipv6 address 2001:db8:B1:38B1::2:200/127
ipv6 enable
ipv6 multicast boundary scope 4
ospfv3 100 network point-to-point
ospfv3 100 ipv6 area 0
ospfv3 100 ipv6 cost 2000
ospfv3 100 ipv6 bfd
bfd interval 350 min_rx 350 multiplier 3
!
interface TenGigabitEthernet1/0/4.200
encapsulation dot1Q 200
ipv6 address 2001:db8:B2:38B1::2:200/127
ipv6 enable
no ipv6 pim
ospfv3 200 network point-to-point
ospfv3 200 ipv6 area 0
ospfv3 200 ipv6 cost 2000
ospfv3 200 ipv6 bfd
bfd interval 350 min_rx 350 multiplier 3
!
router ospfv3 200
area 0 encryption ipsec spi 2000 esp aes-cbc 128 7 096D6F28382436332A2D250B0A0509121403322637222077787972752F22393778 sha1 7 12382436332A2D250B0A0509121403322637222077787972752F223937787976727374752A7A272679
!
address-family ipv4 unicast
exit-address-family
!
address-family ipv6 unicast
passive-interface TenGigabitEthernet1/0/0.200
passive-interface TenGigabitEthernet1/0/2.200
passive-interface TenGigabitEthernet1/0/3.200
passive-interface Loopback0
router-id 70.25.200.21
bfd all-interfaces
auto-cost reference-bandwidth 200000
exit-address-family
!
router ospfv3 100
area 0 encryption ipsec spi 1000 esp aes-cbc 128 7 0222207F2F222B05686A2D3D2133362F28200E0F000C1711063723322725727D7C sha1 7 013722207F2F222B05686A2D3D2133362F28200E0F000C1711063723322725727D7C77702A273C327D
!
address-family ipv4 unicast
exit-address-family
!
address-family ipv6 unicast
exit-address-family
!
address-family ipv6 unicast vrf DATA
passive-interface TenGigabitEthernet1/0/0.100
passive-interface TenGigabitEthernet1/0/2.100
passive-interface TenGigabitEthernet1/0/3.100
passive-interface Loopback1
router-id 70.25.100.21
bfd all-interfaces
auto-cost reference-bandwidth 200000
capability vrf-lite
exit-address-family
!
R2
hostname R2
!
vrf definition DATA
ipv6 multicast multitopology
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
address-family ipv6 multicast
exit-address-family
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
interface Loopback0
no ip address
ipv6 address 2001:DB8:B2:200::2:200/128
ipv6 enable
no ipv6 pim
ospfv3 200 ipv6 area 0
!
interface Loopback1
vrf forwarding DATA
no ip address
ipv6 address 2001:DB8:B1:200::2:200/128
ipv6 enable
ospfv3 100 ipv6 area 0
!
interface Loopback100
vrf forwarding DATA
no ip address
ipv6 address 2001:DB8:B1:200::2:2/128
ipv6 enable
!
interface Loopback200
no ip address
ipv6 address 2001:DB8:B2:200::2:2/128
ipv6 enable
no ipv6 pim
!
interface Tunnel100
bandwidth 380000
vrf forwarding DATA
no ip address
ipv6 address 2001:DB8:B1:3802::A:201/127
ipv6 enable
ipv6 multicast boundary scope 4
qos pre-classify
ospfv3 100 network point-to-point
ospfv3 100 cost 200
ospfv3 100 bfd
ospfv3 100 ipv6 area 0
bfd interval 350 min_rx 350 multiplier 3
tunnel source Loopback100
tunnel mode gre ipv6
tunnel destination 2001:DB8:B1:3800::2:2
tunnel path-mtu-discovery
tunnel vrf DATA
tunnel bandwidth transmit 380000
tunnel bandwidth receive 380000
!
interface Tunnel200
bandwidth 380000
no ip address
ipv6 address 2001:DB8:B2:3802::A:201/127
ipv6 enable
no ipv6 pim
qos pre-classify
ospfv3 200 network point-to-point
ospfv3 200 cost 200
ospfv3 200 ipv6 area 0
ospfv3 200 ipv6 bfd
bfd interval 350 min_rx 350 multiplier 3
tunnel source Loopback200
tunnel mode gre ipv6
tunnel destination 2001:DB8:B2:3800::2:2
tunnel path-mtu-discovery
tunnel bandwidth transmit 380000
tunnel bandwidth receive 380000
!
interface TenGigabitEthernet0/1/0
no ip address
no ipv6 pim
!
interface TenGigabitEthernet0/1/0.100
encapsulation dot1Q 100
vrf forwarding DATA
ipv6 address 2001:DB8:B1:211::2:200/64
ipv6 enable
ipv6 verify unicast source reachable-via rx RPF_FAIL_DATA
ipv6 multicast boundary scope 4
ospfv3 100 ipv6 area 0
!
interface TenGigabitEthernet0/1/0.200
encapsulation dot1Q 200
ipv6 address 2001:DB8:B2:211::2:200/64
ipv6 enable
ipv6 verify unicast source reachable-via rx RPF_FAIL_MGMT
no ipv6 pim
ospfv3 200 ipv6 area 0
!
interface TenGigabitEthernet0/1/1
no ip address
ipv6 enable
no ipv6 pim
!
interface TenGigabitEthernet0/1/1.100
encapsulation dot1Q 100
vrf forwarding DATA
ipv6 address 2001:DB8:B1:2B1::2:200/127
ipv6 enable
ipv6 multicast boundary scope 4
!
interface TenGigabitEthernet0/1/1.200
encapsulation dot1Q 200
ipv6 address 2001:DB8:B2:2B1::2:200/127
ipv6 enable
no ipv6 pim
!
interface TenGigabitEthernet0/1/2
no ip address
no ipv6 pim
!
interface TenGigabitEthernet0/1/2.100
encapsulation dot1Q 100
vrf forwarding DATA
ipv6 address 2001:DB8:C1:200::2:201/127
ipv6 enable
ipv6 multicast boundary scope 4
ospfv3 100 network point-to-point
ospfv3 100 cost 2000
ospfv3 100 ipv6 area 0
ospfv3 100 ipv6 bfd
bfd interval 350 min_rx 350 multiplier 3
!
interface TenGigabitEthernet0/1/2.200
encapsulation dot1Q 200
ipv6 address 2001:DB8:C2:200::2:201/127
ipv6 enable
no ipv6 pim
ospfv3 200 network point-to-point
ospfv3 200 cost 2000
ospfv3 200 ipv6 area 0
ospfv3 200 ipv6 bfd
bfd interval 350 min_rx 350 multiplier 3
!
router ospfv3 200
area 0 encryption ipsec spi 2000 esp aes-cbc 128 7 15332A2D250B0A0509121403322637222077787972752F22393778797672737475 sha1 7 106F28382436332A2D250B0A0509121403322637222077787972752F223937787976727374752A7A27
!
address-family ipv4 unicast
exit-address-family
!
address-family ipv6 unicast
passive-interface TenGigabitEthernet0/1/0.200
passive-interface Loopback0
router-id 7.5.200.21
bfd all-interfaces
auto-cost reference-bandwidth 200000
exit-address-family
!
router ospfv3 100
area 0 encryption ipsec spi 1000 esp aes-cbc 128 7 047F2F222B05686A2D3D2133362F28200E0F000C1711063723322725727D7C7770 sha1 7 072B05686A2D3D2133362F28200E0F000C1711063723322725727D7C77702A273C327D7C7377767170
!
address-family ipv4 unicast
exit-address-family
!
address-family ipv6 unicast vrf DATA
passive-interface TenGigabitEthernet0/1/0.100
passive-interface Loopback1
router-id 7.5.100.21
bfd all-interfaces
auto-cost reference-bandwidth 200000
capability vrf-lite
exit-address-family
!
