[c-nsp] 6rd on ASR1k

Ruslan Pustovoytov rus-p at inbox.ru
Mon Oct 31 02:15:06 EDT 2011 

1. Ok.
2. Exactly.



Harold Ritter пишет:
> Hi Ruslan,
>
> Two things:
>
>
>    1. It would be safer not to use the 192.88.99/24 prefix for this
>       purpose, as this prefix has been reserved for the 6to4 relay
>       anycast address (RFC3068).
>    2. According to the information below, the BR will try to forward
>       the return traffic to 192.88.5.250 (prefix 192.88 + suffix =
>       0x5fa = 5.250). Is this the address assigned to the Windows7
>       Ethernet interface?
>
>
> Regards
>
>
>
>
> *Ruslan Pustovoytov <rus-p at inbox.ru <mailto:rus-p at inbox.ru>>*
> Envoyé par : cisco-nsp-bounces at puck.nether.net 
> <mailto:cisco-nsp-bounces at puck.nether.net>
>
> 27/10/2011 09:42 AM
>
> 	
> A
> 	Harold Ritter <hritter at cisco.com <mailto:hritter at cisco.com>>
> cc
> 	cisco-nsp at puck.nether.net <mailto:cisco-nsp at puck.nether.net>
> Objet
> 	Re: [c-nsp] 6rd on ASR1k
>
>
>
> 	
>
>
>
>
>
> Excuse me for a long delay.
>
> I check all of my configuration on client and BR.
> In my lab I have no native 6RD client so I use Windows machine with some
> hack.
>
> My client is Windows7 and I use it's 6to4 adapter to emulate 6RD
> functionality.
> When I assign "real" IPv4 address to Local Area network adapter, 6to4
> adapter became functional.
> Then delete automatic 6to4 IPv6 address (2002:....) and add new IPv6
> address accordingly to 6RD rules.
> Also change default 6to4 relay to my 6RD relay IPv4 address 
> (192.88.99.127)
>
> Tunnel 6TO4 Adapter:
>
>   IPv6-address. . . . . . . . . . . . : 2XXX:YYYY:206:5fa::abca
>   Default gateway. . . . . . . . . : 2002:c058:637f::1
>
> My prefix-length for 6RD config in BR is 16 bit.
> So, only left two octets of IPv4 address coded into 6RD IPv6 address.
>
> I add default route for IPv6 family  via command:
> netsh interface ipv6>add route ::/0 6to4 2002:0c58:637f::1
> Route table looks like this:
>
> IPv6 таблица маршрута
> ===========================================================================
> Активные маршруты:
> Метрика   Сетевой адрес            Шлюз
> 13    281 ::/0                     2002:c058:637f::1
>  1    306 ::1/128                 On-link
> 12     58 2001::/32                On-link
> 12    306 2001:0:5ef5:79fd:8f5:2c30:4d73:fa05/128
>                                    On-link
> 13   1025 2002::/16                On-link
> 13    281 2a02:2168:206:5fa::/64   On-link
> 13    281 2a02:2168:206:5fa::abca/128
>                                    On-link
> 12    306 fe80::/64                On-link
> 12    306 fe80::8f5:2c30:4d73:fa05/128
>                                    On-link
>  1    306 ff00::/8                 On-link
> 12    306 ff00::/8                 On-link
> ===========================================================================
> Постоянные маршруты:
> Метрика   Сетевой адрес            Шлюз
>  0 4294967295 ::/0                     2002:c058:637f::1
> ===========================================================================
>
> Then I ping 2XXX:YYYY:200:800::2 address.
> When I did command "deb ipv6 icmp" on ASR I see some ICMP but its did
> not relevant for me.
> Wireshark on Windows 6RD client show me that all ICMP packet envelop
> with right IPv4 header and successfully leaving the host.
> Also last interface in my network directly attached to ASR show
> increments on egress direction in packet filter with protocol 41 in
> payload as mask value when I pinging.
>
>
>
>
>
> Harold Ritter пишет:
> > Ruslan,
> >
> > Just to make sure, do you have a default route on the 6rd client pointing
> > at the 6rd BR? Since you are pinging the ASR1k itself, could you please
> > run a "deb ipv6 icmp" on the ASR to see if the ICMP packets are received.
> >
> > Regards
> >
> >
> >
> > Le 11-10-14 01:57, « Ruslan Pustovoitov » <rus-p at mostelekom.net 
> <mailto:rus-p at mostelekom.net>> a écrit :
> >
> >  
> >> Hi Harold !
> >>
> >> This is my config relevant to 6rd.
> >> Also, I don't know how to debug packets with protocol 41 in IP payload
> >> in ASR.
> >> Debug in form "debug ip packet #access-list" do not working for non
> >> software routers.
> >>
> >>
> >>
> >> interface Loopback10
> >> description 6RD_Relay
> >> ip address 192.88.99.127 255.255.255.255
> >> !
> >> interface Tunnel0
> >> no ip address
> >> no ip redirects
> >> ipv6 address 2XXX:YYYY:206::/128 anycast
> >> tunnel source Loopback10
> >> tunnel mode ipv6ip 6rd
> >> tunnel 6rd ipv4 prefix-len 16
> >> tunnel 6rd prefix 2XXX:YYYY:206::/48
> >> !
> >> ! Incoming interface for IPv6 encapsulated in IPv4 packets
> >> interface GigabitEthernet0/0/1.531
> >> encapsulation dot1Q 531
> >> ip address ZZZ.ZZZ.255.210 255.255.255.252
> >> no ip redirects
> >> no ip unreachables
> >> no ip proxy-arp
> >> !
> >> interface GigabitEthernet0/0/0.550
> >> encapsulation dot1Q 550
> >> ipv6 address 2XXX:YYYY:200:800::2/126
> >> ipv6 nd ra suppress
> >> !
> >> ipv6 route 2XXX:YYYY:206::/48 Tunnel0
> >>
> >>
> >>
> >> I try to ping 2XXX:YYYY:200:800::2
> >> This is the local IPv6 address for ASR.
> >>
> >>
> >>
> >>
> >> Harold Ritter пишет:
> >>    
> >>> Ruslan,
> >>>
> >>> Can you provide the BR config and the address you are trying to ping.
> >>>
> >>> Regards
> >>>
> >>>
> >>> Le 11-10-07 04:40, « Ruslan Pustovoitov » <rus-p at mostelekom.net 
> <mailto:rus-p at mostelekom.net>> a
> >>> écrit :
> >>>
> >>>  
> >>>      
> >>>> Hi all
> >>>>
> >>>> I try to setup 6rd on asr1k accordingly to
> >>>> http://docwiki.cisco.com/wiki/6rd_Configuration_Example
> >>>> Then I ping6 IPv6 host from client and see that IPv6 packet 
> envelops in
> >>>> IPv4 with right IPv4 destination (6rd relay IPv4 address).
> >>>> This IPv4 packet seccessfully reach asr1k and nothing else. Packets
> >>>> silently disappear.
> >>>>
> >>>> The output of  "show tunnel 6rd tunnel 0Interface Tunnel0" dont show
> >>>> any
> >>>> counters info:
> >>>>  Tunnel Source: 192.88.99.127
> >>>>  6RD: Operational, V6 Prefix: 2YYY:ZZZZ:206::/48
> >>>>       V4 Prefix, Length: 16, Value: 192.88.0.0
> >>>>       V4 Suffix, Length: 0, Value: 0.0.0.0
> >>>>  General Prefix: 2YYY:ZZZZ:206:637F::/64
> >>>>
> >>>>
> >>>> Also, I don't see any IPv6 packet going from asr1k to IPv6 directly
> >>>> connected host where I run tcpdump.
> >>>> Client seccessfully pinging 6rd relay 192.88.99.127
> >>>>
> >>>>
> >>>> _______________________________________________
> >>>> cisco-nsp mailing list  cisco-nsp at puck.nether.net 
> <mailto:cisco-nsp at puck.nether.net>
> >>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
> >>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
> >>>>    
> >>>>        
> >>>
> >>>  
> >>>      
> >
> >
> >
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net 
> <mailto:cisco-nsp at puck.nether.net>
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net 
> <mailto:cisco-nsp at puck.nether.net>
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list