[c-nsp] 6rd on ASR1k
Ruslan Pustovoytov
rus-p at inbox.ru
Tue Nov 1 09:22:37 EDT 2011
I use 178.140.5.250 IPv4 address on workstation.
It is not changed.
What is the reason to change it?
> Ruslan,
>
> I meant the IPv4 address you use on the workstation. Could you please let
> us know what it is.
>
> Regards
>
>
> Le 11-11-01 02:53, « Ruslan Pustovoytov » <rus-p at inbox.ru> a écrit :
>
>
>> Did you mean IPv4 6RD relay address ?
>> Yes, I changed it from 192.88.99.127 to 192.88.98.127
>>
>>
>>> Did you also change the IPv4 prefix you use on the workstation?
>>>
>>>
>>>
>>> Le 11-10-31 09:19, « Ruslan Pustovoytov » <rus-p at inbox.ru> a écrit :
>>>
>>>
>>>
>>>> I change 6rd relay IPv4 address 192.88.99.127 to 192.88.98.127 in BR
>>>> config (loopback10) and windiws 6to4 relay.
>>>> The picture is the same, ICMPv6 packet successfully going through the
>>>> network and egressing from the last iface directly connected to ASR.
>>>> But
>>>> I don't see this packets in debug output.
>>>>
>>>>
>>>>
>>>> Harold Ritter (hritter) пишет:
>>>>
>>>>
>>>>> Could you try using a prefix other than 192.88.99.0/24 and see if it
>>>>> makes a diffrence.
>>>>>
>>>>> Envoyé de mon iPhone
>>>>>
>>>>> Le 2011-10-31 à 02:15, "Ruslan Pustovoytov" <rus-p at inbox.ru> a écrit :
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>> 1. Ok.
>>>>>> 2. Exactly.
>>>>>>
>>>>>>
>>>>>>
>>>>>> Harold Ritter пишет:
>>>>>>
>>>>>>
>>>>>>
>>>>>>> Hi Ruslan,
>>>>>>>
>>>>>>> Two things:
>>>>>>>
>>>>>>>
>>>>>>> 1. It would be safer not to use the 192.88.99/24 prefix for this
>>>>>>> purpose, as this prefix has been reserved for the 6to4 relay
>>>>>>> anycast address (RFC3068).
>>>>>>> 2. According to the information below, the BR will try to forward
>>>>>>> the return traffic to 192.88.5.250 (prefix 192.88 + suffix =
>>>>>>> 0x5fa = 5.250). Is this the address assigned to the Windows7
>>>>>>> Ethernet interface?
>>>>>>>
>>>>>>>
>>>>>>> Regards
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> *Ruslan Pustovoytov <rus-p at inbox.ru <mailto:rus-p at inbox.ru>>*
>>>>>>> Envoyé par : cisco-nsp-bounces at puck.nether.net
>>>>>>> <mailto:cisco-nsp-bounces at puck.nether.net>
>>>>>>>
>>>>>>> 27/10/2011 09:42 AM
>>>>>>>
>>>>>>>
>>>>>>> A
>>>>>>> Harold Ritter <hritter at cisco.com <mailto:hritter at cisco.com>>
>>>>>>> cc
>>>>>>> cisco-nsp at puck.nether.net <mailto:cisco-nsp at puck.nether.net>
>>>>>>> Objet
>>>>>>> Re: [c-nsp] 6rd on ASR1k
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Excuse me for a long delay.
>>>>>>>
>>>>>>> I check all of my configuration on client and BR.
>>>>>>> In my lab I have no native 6RD client so I use Windows machine with
>>>>>>> some
>>>>>>> hack.
>>>>>>>
>>>>>>> My client is Windows7 and I use it's 6to4 adapter to emulate 6RD
>>>>>>> functionality.
>>>>>>> When I assign "real" IPv4 address to Local Area network adapter,
>>>>>>> 6to4
>>>>>>> adapter became functional.
>>>>>>> Then delete automatic 6to4 IPv6 address (2002:....) and add new IPv6
>>>>>>> address accordingly to 6RD rules.
>>>>>>> Also change default 6to4 relay to my 6RD relay IPv4 address
>>>>>>> (192.88.99.127)
>>>>>>>
>>>>>>> Tunnel 6TO4 Adapter:
>>>>>>>
>>>>>>> IPv6-address. . . . . . . . . . . . : 2XXX:YYYY:206:5fa::abca
>>>>>>> Default gateway. . . . . . . . . : 2002:c058:637f::1
>>>>>>>
>>>>>>> My prefix-length for 6RD config in BR is 16 bit.
>>>>>>> So, only left two octets of IPv4 address coded into 6RD IPv6
>>>>>>> address.
>>>>>>>
>>>>>>> I add default route for IPv6 family via command:
>>>>>>> netsh interface ipv6>add route ::/0 6to4 2002:0c58:637f::1
>>>>>>> Route table looks like this:
>>>>>>>
>>>>>>> IPv6 таблица маршрута
>>>>>>>
>>>>>>>
>>>>>>> =====================================================================
>>>>>>> ==
>>>>>>> ====
>>>>>>> Ðктивные маршруты:
>>>>>>> Метрика Сетевой Ð°Ð´Ñ€ÐµÑ Ð¨Ð»ÑŽÐ·
>>>>>>> 13 281 ::/0 2002:c058:637f::1
>>>>>>> 1 306 ::1/128 On-link
>>>>>>> 12 58 2001::/32 On-link
>>>>>>> 12 306 2001:0:5ef5:79fd:8f5:2c30:4d73:fa05/128
>>>>>>> On-link
>>>>>>> 13 1025 2002::/16 On-link
>>>>>>> 13 281 2a02:2168:206:5fa::/64 On-link
>>>>>>> 13 281 2a02:2168:206:5fa::abca/128
>>>>>>> On-link
>>>>>>> 12 306 fe80::/64 On-link
>>>>>>> 12 306 fe80::8f5:2c30:4d73:fa05/128
>>>>>>> On-link
>>>>>>> 1 306 ff00::/8 On-link
>>>>>>> 12 306 ff00::/8 On-link
>>>>>>>
>>>>>>>
>>>>>>> =====================================================================
>>>>>>> ==
>>>>>>> ====
>>>>>>> ПоÑтоÑнные маршруты:
>>>>>>> Метрика Сетевой Ð°Ð´Ñ€ÐµÑ Ð¨Ð»ÑŽÐ·
>>>>>>> 0 4294967295 ::/0 2002:c058:637f::1
>>>>>>>
>>>>>>>
>>>>>>> =====================================================================
>>>>>>> ==
>>>>>>> ====
>>>>>>>
>>>>>>> Then I ping 2XXX:YYYY:200:800::2 address.
>>>>>>> When I did command "deb ipv6 icmp" on ASR I see some ICMP but its
>>>>>>> did
>>>>>>> not relevant for me.
>>>>>>> Wireshark on Windows 6RD client show me that all ICMP packet envelop
>>>>>>> with right IPv4 header and successfully leaving the host.
>>>>>>> Also last interface in my network directly attached to ASR show
>>>>>>> increments on egress direction in packet filter with protocol 41 in
>>>>>>> payload as mask value when I pinging.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Harold Ritter пишет:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>> Ruslan,
>>>>>>>>
>>>>>>>> Just to make sure, do you have a default route on the 6rd client
>>>>>>>> pointing
>>>>>>>> at the 6rd BR? Since you are pinging the ASR1k itself, could you
>>>>>>>> please
>>>>>>>> run a "deb ipv6 icmp" on the ASR to see if the ICMP packets are
>>>>>>>> received.
>>>>>>>>
>>>>>>>> Regards
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Le 11-10-14 01:57, « Ruslan Pustovoitov » <rus-p at mostelekom.net
>>>>>>>> <mailto:rus-p at mostelekom.net>> a écrit :
>>>>>>>>
>>>>>>>> >> Hi Harold !
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>> This is my config relevant to 6rd.
>>>>>>>>> Also, I don't know how to debug packets with protocol 41 in IP
>>>>>>>>> payload
>>>>>>>>> in ASR.
>>>>>>>>> Debug in form "debug ip packet #access-list" do not working for
>>>>>>>>> non
>>>>>>>>> software routers.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> interface Loopback10
>>>>>>>>> description 6RD_Relay
>>>>>>>>> ip address 192.88.99.127 255.255.255.255
>>>>>>>>> !
>>>>>>>>> interface Tunnel0
>>>>>>>>> no ip address
>>>>>>>>> no ip redirects
>>>>>>>>> ipv6 address 2XXX:YYYY:206::/128 anycast
>>>>>>>>> tunnel source Loopback10
>>>>>>>>> tunnel mode ipv6ip 6rd
>>>>>>>>> tunnel 6rd ipv4 prefix-len 16
>>>>>>>>> tunnel 6rd prefix 2XXX:YYYY:206::/48
>>>>>>>>> !
>>>>>>>>> ! Incoming interface for IPv6 encapsulated in IPv4 packets
>>>>>>>>> interface GigabitEthernet0/0/1.531
>>>>>>>>> encapsulation dot1Q 531
>>>>>>>>> ip address ZZZ.ZZZ.255.210 255.255.255.252
>>>>>>>>> no ip redirects
>>>>>>>>> no ip unreachables
>>>>>>>>> no ip proxy-arp
>>>>>>>>> !
>>>>>>>>> interface GigabitEthernet0/0/0.550
>>>>>>>>> encapsulation dot1Q 550
>>>>>>>>> ipv6 address 2XXX:YYYY:200:800::2/126
>>>>>>>>> ipv6 nd ra suppress
>>>>>>>>> !
>>>>>>>>> ipv6 route 2XXX:YYYY:206::/48 Tunnel0
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> I try to ping 2XXX:YYYY:200:800::2
>>>>>>>>> This is the local IPv6 address for ASR.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Harold Ritter пишет:
>>>>>>>>> >>> Ruslan,
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>> Can you provide the BR config and the address you are trying to
>>>>>>>>>> ping.
>>>>>>>>>>
>>>>>>>>>> Regards
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Le 11-10-07 04:40, « Ruslan Pustovoitov » <rus-p at mostelekom.net
>>>>>>>>>> <mailto:rus-p at mostelekom.net>> a
>>>>>>>>>> écrit :
>>>>>>>>>>
>>>>>>>>>> >>> >>>> Hi all
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>> I try to setup 6rd on asr1k accordingly to
>>>>>>>>>>> http://docwiki.cisco.com/wiki/6rd_Configuration_Example
>>>>>>>>>>> Then I ping6 IPv6 host from client and see that IPv6 packet
>>>>>>>>>>> envelops in
>>>>>>>>>>> IPv4 with right IPv4 destination (6rd relay IPv4 address).
>>>>>>>>>>> This IPv4 packet seccessfully reach asr1k and nothing else.
>>>>>>>>>>> Packets
>>>>>>>>>>> silently disappear.
>>>>>>>>>>>
>>>>>>>>>>> The output of "show tunnel 6rd tunnel 0Interface Tunnel0" dont
>>>>>>>>>>> show
>>>>>>>>>>> any
>>>>>>>>>>> counters info:
>>>>>>>>>>> Tunnel Source: 192.88.99.127
>>>>>>>>>>> 6RD: Operational, V6 Prefix: 2YYY:ZZZZ:206::/48
>>>>>>>>>>> V4 Prefix, Length: 16, Value: 192.88.0.0
>>>>>>>>>>> V4 Suffix, Length: 0, Value: 0.0.0.0
>>>>>>>>>>> General Prefix: 2YYY:ZZZZ:206:637F::/64
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Also, I don't see any IPv6 packet going from asr1k to IPv6
>>>>>>>>>>> directly
>>>>>>>>>>> connected host where I run tcpdump.
>>>>>>>>>>> Client seccessfully pinging 6rd relay 192.88.99.127
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>>>>>>>>>>> <mailto:cisco-nsp at puck.nether.net>
>>>>>>>>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>>>>>>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>>>>>>>>> >>>> >>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>> >>> >
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>>>>>>>> <mailto:cisco-nsp at puck.nether.net>
>>>>>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>>>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>>>>>>> <mailto:cisco-nsp at puck.nether.net>
>>>>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>
>>>
>>>
>>>
>
>
>
>
>
More information about the cisco-nsp
mailing list