网络工程 - 当静态路由配置有出口接口时，IPv6 无法 ping 主机 - 吾爱随笔录

当静态路由配置有出口接口时，IPv6 无法 ping 主机

网络工程思科路由 ip ipv6 数据包追踪器

2021-07-29 08:23:19

我有以下拓扑（使用 IPv6）接口：

我在其上配置了以下静态路由：

R1#sh ipv6 route static
IPv6 Routing Table - default - 9 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
       B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP
       H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
       IS - ISIS summary, D - EIGRP, EX - EIGRP external, NM - NEMO
       ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr - Redirect
       RL - RPL, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
       OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
       la - LISP alt, lr - LISP site-registrations, ld - LISP dyn-eid
       lA - LISP away, a - Application
S   2004::/64 [1/0]
     via GigabitEthernet0/2, directly connected
S   2005::/64 [1/0]
     via 2003::2

我可以ping2005::2得很好！traceroute 也给出了预期的结果：

R1#traceroute 2005::1  
Type escape sequence to abort.
Tracing the route to 2005::1

  1 2003::2 12 msec 5 msec 4 msec

但是当我尝试2004::2使用命令配置ping 时ipv6 route 2004::/64 Gi0/2，我超时了：

R1#ping 2004::1      
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2004::1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

我知道我们不应该将以太网接口配置为出口接口以防止 ARP 表溢出和/或防止性能问题，但我只是想获得概念证明/学习，我没有串行接口在我的 VIRL 图像上。

奇怪的是，我可以从R2 ( ) ping 2001::1( R1 )：2004::1

R2#ping 2001::1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 3/4/7 ms
R2#traceroute 2001::1
Type escape sequence to abort.
Tracing the route to 2001::1

  1 2002::1 9 msec 8 msec 8 msec

那么，我做错了什么？

配置转储

R1上的接口和路由：

R1#sh ipv6 int br
GigabitEthernet0/0     [up/up]
    FE80::EC1:8FFF:FE5A:C100
    2001::1
GigabitEthernet0/1     [up/up]
    FE80::EC1:8FFF:FE5A:C101
    2003::1
GigabitEthernet0/2     [up/up]
    FE80::EC1:8FFF:FE5A:C102
    2002::1
GigabitEthernet0/3     [administratively down/down]
    unassigned
R1#sh ipv6 route 
IPv6 Routing Table - default - 9 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
       B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP
       H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
       IS - ISIS summary, D - EIGRP, EX - EIGRP external, NM - NEMO
       ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr - Redirect
       RL - RPL, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
       OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
       la - LISP alt, lr - LISP site-registrations, ld - LISP dyn-eid
       lA - LISP away, a - Application
C   2001::/64 [0/0]
     via GigabitEthernet0/0, directly connected
L   2001::1/128 [0/0]
     via GigabitEthernet0/0, receive
C   2002::/64 [0/0]
     via GigabitEthernet0/2, directly connected
L   2002::1/128 [0/0]
     via GigabitEthernet0/2, receive
C   2003::/64 [0/0]
     via GigabitEthernet0/1, directly connected
L   2003::1/128 [0/0]
     via GigabitEthernet0/1, receive
S   2004::/64 [1/0]
     via GigabitEthernet0/2, directly connected
S   2005::/64 [1/0]
     via 2003::2
L   FF00::/8 [0/0]
     via Null0, receive

R1#sh run
Building configuration...

Current configuration : 3268 bytes
!
! Last configuration change at 05:38:27 UTC Sun Dec 9 2018
!
version 15.6
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
ethernet lmi ce
!
!
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
no ip icmp rate-limit unreachable
!
!
!
!
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!         
!
redundancy
!
no cdp log mismatch duplex
!
ip tcp synwait-time 5
! 
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
 no ip address
 duplex auto
 speed auto
 media-type rj45
 ipv6 address 2001::1/64
 ipv6 enable
!
interface GigabitEthernet0/1
 no ip address
 duplex auto
 speed auto
 media-type rj45
 ipv6 address 2003::1/64
!
interface GigabitEthernet0/2
 no ip address
 duplex auto
 speed auto
 media-type rj45
 ipv6 address 2002::1/64
!
interface GigabitEthernet0/3
 no ip address
 shutdown
 duplex auto
 speed auto
 media-type rj45
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
ipv6 route 2004::/64 GigabitEthernet0/2
ipv6 route 2005::/64 2003::2
!
!
!
control-plane
!
banner exec ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS  *
* education. IOSv is provided as-is and is not supported by Cisco's      *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any       *
* purposes is expressly prohibited except as otherwise authorized by     *
* Cisco in writing.                                                      *
**************************************************************************^C
banner incoming ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS  *
* education. IOSv is provided as-is and is not supported by Cisco's      *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any       *
* purposes is expressly prohibited except as otherwise authorized by     *
* Cisco in writing.                                                      *
**************************************************************************^C
banner login ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS  *
* education. IOSv is provided as-is and is not supported by Cisco's      *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any       *
* purposes is expressly prohibited except as otherwise authorized by     *
* Cisco in writing.                                                      *
**************************************************************************^C
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login
 transport input none
!
no scheduler allocate
!
end

R2 上的接口和路由：

R2#sh ipv6 int br
GigabitEthernet0/0     [up/up]
    FE80::EC1:8FFF:FEC5:C700
    2004::1
GigabitEthernet0/1     [up/up]
    FE80::EC1:8FFF:FEC5:C701
    2002::2
GigabitEthernet0/2     [administratively down/down]
    unassigned
GigabitEthernet0/3     [administratively down/down]
    unassigned
R2#sh ipv6 route 
IPv6 Routing Table - default - 6 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
       B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP
       H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
       IS - ISIS summary, D - EIGRP, EX - EIGRP external, NM - NEMO
       ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr - Redirect
       RL - RPL, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
       OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
       la - LISP alt, lr - LISP site-registrations, ld - LISP dyn-eid
       lA - LISP away, a - Application
S   2001::/64 [1/0]
     via 2002::1
C   2002::/64 [0/0]
     via GigabitEthernet0/1, directly connected
L   2002::2/128 [0/0]
     via GigabitEthernet0/1, receive
C   2004::/64 [0/0]
     via GigabitEthernet0/0, directly connected
L   2004::1/128 [0/0]
     via GigabitEthernet0/0, receive
L   FF00::/8 [0/0]
     via Null0, receive

R2#sh run            
Building configuration...

Current configuration : 3200 bytes
!
! Last configuration change at 04:25:49 UTC Sun Dec 9 2018
!
version 15.6
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
ethernet lmi ce
!
!
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
no ip icmp rate-limit unreachable
!
!
!
!
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!         
!
redundancy
!
no cdp log mismatch duplex
!
ip tcp synwait-time 5
! 
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
 no ip address
 duplex auto
 speed auto
 media-type rj45
 ipv6 address 2004::1/64
!
interface GigabitEthernet0/1
 no ip address
 duplex auto
 speed auto
 media-type rj45
 ipv6 address 2002::2/64
!
interface GigabitEthernet0/2
 no ip address
 shutdown
 duplex auto
 speed auto
 media-type rj45
!
interface GigabitEthernet0/3
 no ip address
 shutdown
 duplex auto
 speed auto
 media-type rj45
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
ipv6 route 2001::/64 2002::1
!
!
!
control-plane
!
banner exec ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS  *
* education. IOSv is provided as-is and is not supported by Cisco's      *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any       *
* purposes is expressly prohibited except as otherwise authorized by     *
* Cisco in writing.                                                      *
**************************************************************************^C
banner incoming ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS  *
* education. IOSv is provided as-is and is not supported by Cisco's      *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any       *
* purposes is expressly prohibited except as otherwise authorized by     *
* Cisco in writing.                                                      *
**************************************************************************^C
banner login ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS  *
* education. IOSv is provided as-is and is not supported by Cisco's      *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any       *
* purposes is expressly prohibited except as otherwise authorized by     *
* Cisco in writing.                                                      *
**************************************************************************^C
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login
 transport input none
!
no scheduler allocate
!
end

路由器 3

R3#sh run
Building configuration...

Current configuration : 3200 bytes
!
! Last configuration change at 04:25:55 UTC Sun Dec 9 2018
!
version 15.6
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
ethernet lmi ce
!
!
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
no ip icmp rate-limit unreachable
!
!
!
!
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!         
!
redundancy
!
no cdp log mismatch duplex
!
ip tcp synwait-time 5
! 
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
 no ip address
 duplex auto
 speed auto
 media-type rj45
 ipv6 address 2003::2/64
!
interface GigabitEthernet0/1
 no ip address
 duplex auto
 speed auto
 media-type rj45
 ipv6 address 2005::1/64
!
interface GigabitEthernet0/2
 no ip address
 shutdown
 duplex auto
 speed auto
 media-type rj45
!
interface GigabitEthernet0/3
 no ip address
 shutdown
 duplex auto
 speed auto
 media-type rj45
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
ipv6 route 2001::/64 2003::1
!
!
!
control-plane
!
banner exec ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS  *
* education. IOSv is provided as-is and is not supported by Cisco's      *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any       *
* purposes is expressly prohibited except as otherwise authorized by     *
* Cisco in writing.                                                      *
**************************************************************************^C
banner incoming ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS  *
* education. IOSv is provided as-is and is not supported by Cisco's      *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any       *
* purposes is expressly prohibited except as otherwise authorized by     *
* Cisco in writing.                                                      *
**************************************************************************^C
banner login ^C
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS  *
* education. IOSv is provided as-is and is not supported by Cisco's      *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any       *
* purposes is expressly prohibited except as otherwise authorized by     *
* Cisco in writing.                                                      *
**************************************************************************^C
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login
 transport input none
!
no scheduler allocate
!
end

运行配置转储

2个回答

请记住，IPv6 不使用 ARP。IPv6上没有广播，ARP使用广播。IPv6 使用 ND，它使用组播。

注意路由配置的不同：

ipv6 route 2004::/64 GigabitEthernet0/2
ipv6 route 2005::/64 2003::2
!

您没有为 R2 另一端的网络提供实际的下一跳地址。如果您将路由指向接口，它应该可以工作：

ipv6 route 2004::/64 2002::2

-或者-

ipv6 route 2004::/64 GigabitEthernet0/2 2002::2

以太网是多路访问网络，而不是点对点网络类型，因此您确实需要告诉 IPv6 下一跳地址是什么。

尝试在 R1 和 R2 之间的链路上使用点对点网络可能会很有趣，例如2002::/127地址为2002::和2002::1。

此外，您不应该真正使用全球 IPv6 地址进行测试。这些东西有 IPv6 范围，例如2001:2::/48或 ULA 寻址。

当从 R1 ping 2004::2 时，路由器需要执行邻居发现才能成功执行 L2 封装。为了完成这个任务，路由器向被请求节点多播地址 ff02::1:ff00:2 发送 ICMPv6 邻居请求消息（ff02::1:ff00:0/104 用作前缀，最后 24 位取自在这种情况下的真正目的地 ::2)，但是由于 2004::2 不存在于 R1--R2 之间的链接上，没有人会响应，因此封装失败并且 ping 也失败，这就是为什么您还需要指定下一跳地址。由于代理 ARP（如果在 R2 上的传入接口上启用），此方案将在 IPv4 中工作。

其它你可能感兴趣的问题

上一篇UDP 客户端和数据包嗅探器如何在同一台机器上运行？下一篇MACsec (IEEE 802.1AE) 是否支持多播/广播？