华为AR路由使用PPPoE获取IPv6地址上网

公司搬家,从原有的思科设备换成华为AR路由器,有空研究了下华为AR路由器通过PPPoE拨号获取v6地址,且通过DHCPv6-PD给内网客户端分配地址。

全局开启IPv6

ipv6

基本PPPoE配置

interface Dialer1
 link-protocol ppp
 ppp chap user 011111063930
 ppp chap password cipher %^%#owP[R9/aFQA\~=4_*D+&N-ZU~$x&J$YIpz8<]3'G%^%#
 mtu 1492
 ipv6 enable
 tcp adjust-mss 1452
 ip address ppp-negotiate
 dialer user 011111063930
 dialer bundle 1
 ipv6 address auto link-local          #自动配置链路本地地址
 ipv6 address auto global default          #自动获取IPV6地址并添加默认路由
 nat outbound 3000 
 dhcpv6 client pd IPV6          #通过dhcpv6获取运营商前缀,前缀名称叫IPV6

interface GigabitEthernet0/0/2
 pppoe-client dial-bundle-number 1 
 description To:ISP
 undo lldp enable

acl number 3000  
 rule 5 permit ip source 192.168.0.0 0.0.255.255 

配置IPV6的DHCP服务器给客户端下发DNS服务器地址

dhcpv6 pool IPV6
 dns-server 240E:5A::6666
 dns-server 240E:5B::6666
 dns-domain-name iteachs.com

配置路由器接口

interface GigabitEthernet0/0/1
 description To:Inside-IPV6
#
interface GigabitEthernet0/0/1.186          #这边配置采用子接口的方式和客户端互联
 dot1q termination vid 186
 ipv6 enable
 ipv6 address IPv6 ::1:0:0:0:1/64          #前缀拿到的地址可能是/60的,这里分配/64的网段从1开始
 ipv6 address auto link-local
 undo ipv6 nd ra halt          #开启RA功能,使客户端可以无状态获取地址
 ipv6 nd autoconfig managed-address-flag          #如果使用无状态获取地址可以不配置
 ipv6 nd autoconfig other-flag          #配置允许下发DNS地址
 ipv6 nd ns multicast-enable          #开启允许NS的组播功能,此功能不开启,无法解析下挂路由器的邻居,导致直连不通
 dhcpv6 server IPV6          #绑定dhcpv6的服务
#
interface GigabitEthernet0/0/1.188
 dot1q termination vid 188
 ipv6 enable
 ip address 192.168.188.252 255.255.255.0
 ipv6 address IPv6 ::3:0:0:0:1/64
 ipv6 address auto link-local
 undo ipv6 nd ra halt
 ipv6 nd autoconfig managed-address-flag
 ipv6 nd autoconfig other-flag
 ipv6 nd ns multicast-enable
 dhcpv6 server IPV6
#
interface GigabitEthernet0/0/1.189
 dot1q termination vid 189
 ipv6 enable
 ipv6 address IPv6 ::4:0:0:0:1/64
 ipv6 address auto link-local
 undo ipv6 nd ra halt
 ipv6 nd autoconfig managed-address-flag
 ipv6 nd autoconfig other-flag
 ipv6 nd ns multicast-enable              
 dhcpv6 server IPV6
#

至此配置完成。

查看IPv6地址

<XXX-IPV6-R1>dis ipv inter brief
*down: administratively down
(l): loopback
(s): spoofing
Interface                    Physical              Protocol   
Dialer1                      up                    up(s)      
[IPv6 Address] 240E:3A0:611:A77:5EE7:47D5:74DB:3F99
GigabitEthernet0/0/1.186     up                    up         
[IPv6 Address] 240E:3A2:610:4291::1
GigabitEthernet0/0/1.188     up                    up         
[IPv6 Address] 240E:3A2:610:4293::1
GigabitEthernet0/0/1.189     up                    up         
[IPv6 Address] 240E:3A2:610:4294::1

查看运营商获取的前缀

<XXXX-IPV6-R1>dis dhcpv6 client prefix 
Prefix name       : IPV6
  Prefix          : 240E:3A2:610:4290::/60
    Life time(sec): valid 7200 preferred 3600

查看NDP邻居

<XXXX-IPV6-R1>dis ipv6 neighbors GigabitEthernet 0/0/1.188
-----------------------------------------------------------------------------
IPv6 Address : 240E:3A2:610:4293:20C:29FF:FE98:DCDA              
Link-layer   : 000c-2998-dcda                     State : STALE        
Interface    : GE0/0/1.188                        Age   : 00h08m10s           
VLAN         : 188                                CEVLAN: -                   
VPN name     :                                    Is Router: FALSE            
Secure FLAG  : UN-SECURE                          

IPv6 Address : 240E:3A2:610:4293:250:56FF:FE93:7BD9              
Link-layer   : 0050-5693-7bd9                     State : STALE        
Interface    : GE0/0/1.188                        Age   : 00h19m03s           
VLAN         : 188                                CEVLAN: -                   
VPN name     :                                    Is Router: TRUE             
Secure FLAG  : UN-SECURE                          

IPv6 Address : 240E:3A2:610:4293:250:56FF:FE93:A987              
Link-layer   : 0050-5693-a987                     State : STALE        
Interface    : GE0/0/1.188                        Age   : 00h17m47s           
VLAN         : 188                                CEVLAN: -                   
VPN name     :                                    Is Router: FALSE            
Secure FLAG  : UN-SECURE                          

IPv6 Address : 240E:3A2:610:4293:812:E449:C386:B09D              
Link-layer   : 0050-5693-a002                     State : STALE        
Interface    : GE0/0/1.188                        Age   : 00h02m09s           
VLAN         : 188                                CEVLAN: -                   
VPN name     :                                    Is Router: FALSE            
Secure FLAG  : UN-SECURE                          

IPv6 Address : 240E:3A2:610:4293:1018:3A44:747:460               
Link-layer   : 0050-5693-a002                     State : STALE        
Interface    : GE0/0/1.188                        Age   : 00h02m19s           
VLAN         : 188                                CEVLAN: -                   
VPN name     :                                    Is Router: FALSE            
Secure FLAG  : UN-SECURE                          

IPv6 Address : 240E:3A2:610:4293:498A:4483:85C7:931              
Link-layer   : 0050-5693-a002                     State : STALE        
Interface    : GE0/0/1.188                        Age   : 00h02m19s           
VLAN         : 188                                CEVLAN: -                   
VPN name     :                                    Is Router: FALSE            
Secure FLAG  : UN-SECURE                          

使用了一段时间没发现问题,从IPv6的流量上看,目前V6的流量是高于V4的。

相关推荐
ClkLog-开源埋点用户分析5 小时前
ClkLog企业版(CDP)预售开启,更有鸿蒙SDK前来助力
华为·开源·开源软件·harmonyos
mg6685 小时前
鸿蒙系统的优势 开发 环境搭建 开发小示例
华为·harmonyos
模拟IC攻城狮6 小时前
华为海思招聘-芯片与器件设计工程师-模拟芯片方向- 机试题-真题套题题目——共8套(每套四十题)
嵌入式硬件·华为·硬件架构·芯片
lqj_本人6 小时前
鸿蒙next选择 Flutter 开发跨平台应用的原因
flutter·华为·harmonyos
TangKenny6 小时前
计算网络信号
java·算法·华为
23zhgjx-NanKon7 小时前
华为eNSP:QinQ
网络·安全·华为
23zhgjx-NanKon7 小时前
华为eNSP:mux-vlan
网络·安全·华为
Leo.yuan8 小时前
39页PDF | 华为数据架构建设交流材料(限免下载)
数据结构·华为
lqj_本人9 小时前
Flutter&鸿蒙next 状态管理框架对比分析
flutter·华为·harmonyos
青瓷看世界10 小时前
华为HarmonyOS打造开放、合规的广告生态 - 插屏广告
华为·harmonyos·广告投放