从PV4到|PV6的过渡技术 华宁 nhuaabiigroup. com cTO. BIl Group
1 从IPv4到IPv6的过渡技术 华宁 nhua@biigroup.com CTO, BII Group
过渡技术的分类 双协议栈( Dual stack) 隧道( Tunnel) 协议翻译( Protocol translation) BIl Group, China IPv6 Summit 2003 Hua ning B Bll Group
BII Group, China IPv6 Summit 2003 Hua Ning 2 过渡技术的分类 • 双协议栈(Dual Stack) • 隧道(Tunnel) • 协议翻译(Protocol Translation)
双协议栈 Application TCP/UDP IPv4IPv6 Driver BIl Group, China IPv6 Summit 2003 Hua ning B Bll Group
BII Group, China IPv6 Summit 2003 Hua Ning 3 双协议栈 Driver IPv4 IPv6 Application TCP/UDP
双协议栈(举例 interface Ethernet/1 ip address202.204.12226255.255255240 half-duplex ipv6 address 3FFE: 81B3: 1: 1: 1/64 Cisco lOS 12.2 (15T ipV6 enable ipv6 nd ra- interval 30 C: Documents and Settingslhnpipconfig Windows IP Configuration Ethernet adapter local connection Connection-specific DNS Suffix IP Address 202.204.12.230 Subnet mask:255.255255.240 WindowXP+sP1 IP Address ,,:3ffe:81b3:1:1:40fb:a58:41e6:cf0d P Address.,,,,,:3ffe:81b3:1:1:209:6bf;fee0:3240 IP Address......: fe80 209: 6bff: fee0: 3240%4 Default Gateway 202.204.12.226 fe80:230:94f:fee0:4ba2%4 B Bll Group
BII Group, China IPv6 Summit 2003 Hua Ning 4 双协议栈(举例) interface Ethernet0/1 ip address 202.204.12.226 255.255.255.240 half-duplex ipv6 address 3FFE:81B3:1:1::1/64 ipv6 enable ipv6 nd ra-interval 30 ! Cisco IOS 12.2(15)T C:\Documents and Settings\hn>ipconfig Windows IP Configuration Ethernet adapter local connection: Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 202.204.12.230 Subnet Mask . . . . . . . . . . : 255.255.255.240 IP Address. . . . . . . . . . . . : 3ffe:81b3:1:1:40fb:a58:41e6:cf0d IP Address. . . . . . . . . . . . : 3ffe:81b3:1:1:209:6bff:fee0:3240 IP Address. . . . . . . . . . . . : fe80::209:6bff:fee0:3240%4 Default Gateway . . . . . . . : 202.204.12.226 fe80::230:94ff:fee0:4ba2%4 WindowXP+SP1
隧道(Tune) 手动配置隧道 Configured tunnel) v6 over v4. v4 over v6. v4 over v4. v6 over v6 GRE tunnel 自动隧道( Automatic tunnel) 将IPV4地址嵌入在IPv6地址中,利用这个 IP4地址来决定隧道的源地址和目的地址 6to4,6oVer4, ISATAP等 BIl Group, China IPv6 Summit 2003 Hua ning B Bll Group
BII Group, China IPv6 Summit 2003 Hua Ning 5 隧道(Tunnel) • 手动配置隧道(Configured tunnel) – v6 over v4, v4 over v6, v4 over v4, v6 over v6 – GRE tunnel • 自动隧道(Automatic Tunnel) – 将IPv4地址嵌入在IPv6地址中,利用这个 IPv4地址来决定隧道的源地址和目的地址 – 6to4, 6over4, ISATAP等
手动配置隧道 手动配置隧道后,IPV6网络将底层的IP4网络 做为一条点到点的链路 隧道的原点和终点必须支持IPV4/V6双协议 ·可以在路由器和路由器,主机和路由器,主机 和主机之间设置 隧道所在的IPV6链路MTU减少20个字节(假定 IPV4没有 option字段),15001480 Transport layer Data Header IPv6 Header Transport Layer Data Header IPv6 Header IPv4 Header BIl Group, China IPv6 Summit 2003 Hua ning B Bll Group
BII Group, China IPv6 Summit 2003 Hua Ning 6 手动配置隧道 • 手动配置隧道后, IPv6网络将底层的IPv4网络 做为一条点到点的链路 • 隧道的原点和终点必须支持IPv4/v6双协议 • 可以在路由器和路由器,主机和路由器,主机 和主机之间设置 • 隧道所在的IPv6链路MTU减少20个字节(假定 IPv4没有option字段),1500Æ1480 Data Transport Layer Header IPv6 Header Data Transport Layer Header IPv6 Header IPv4 Header
手动配置隧道(举例 interface Loopback1 ip address202204.22193255.255255255 interface Tunnel103 description to VIAGINIE ipv6@viagenie qcca no ip address ipv6 address 3FFE: 81B0: FFFF: 3:: 2/64 ipv6 enable tunnel source Loopback1 tunnel destination 206.123.31.101 tunnel mode ipv6ip Cisco IOS 12. 2 (15T BIl Group, China IPv6 Summit 2003 Hua ning B Bll Group
BII Group, China IPv6 Summit 2003 Hua Ning 7 手动配置隧道 (举例 ) inter face Loopback1 ip address 202.204.22.193 255.255.255.255 ! interface Tunnel103 descrip tion to VIAGINIE ipv6@viagenie.qc.ca no ip address ipv6 address 3FFE:81B0:FFFF:3::2/64 ipv6 enable tunnel source Loopback1 tunnel destination 206.123.31.101 tunnel mode ipv6ip Cisco IOS 12.2(15)T
自动6to4隧道 FP(3bits) TLA(13bits)I IPv4 Address(32bits) SLA ID(16bits Interface ID (64bits) 001 0x0002 ISP assigned Auto configured aMliN 2002:cacc:ec2:48 2002:ca70:0a25:/48 IPv6 IPv4 Pv6 202.204.12.226 202.112.10.37 202.204.22.193 6to4 prefix is 2002: /16+IPv4 address 2002:a.bcd:/48 IPv6 Internet 6to4 relay 2002:cacc:16c1:1 BIl Group, China IPv6 Summit 2003 Hua ning B Bll Group
BII Group, China IPv6 Summit 2003 Hua Ning 8 自动6to4隧道 FP (3bits) TLA (13bits) IPv4 Address (32bits) SLA ID (16bits) Interface ID (64bits) 001 0x0002 ISP assigned Locally administered Auto configured IPv4 IPv6 IPv6 IPv6 Internet 6to4 relay 2002:cacc:16c1::1 202.204.12.226 202.112.10.37 202.204.22.193 2002:cacc:ec2::/48 2002:ca70:0a25::/48 6to4 prefix is 2002::/16 + IPv4 address. 2002:a.b.c.d::/48
自动6to4隧道 6to4用来连接多个孤立的IPv6域,每个域最多 是一个/48的网络,最少是一台主机 配置6to4隧道后,IPⅴ6网络将底层的IPV4网络 做为一个非广播的点到多点的链路(Non Broadcast Multi Access link NBma) IANA分配的6t04地址前缀为2002:/16 IPV4地址嵌入到IPV6地址的第16位到47位,用 来标示隧道的源和目的IPV4地址,此地址必须 为公有地址 ·6to4的最大优点在于不需要向网络运营商申请 IPv6地址,有公有v4地址和一个604 relay router就可以了 BIl Group, China IPv6 Summit 2003 Hua ning B Bll Group
BII Group, China IPv6 Summit 2003 Hua Ning 9 自动6to4隧道 • 6to4用来连接多个孤立的IPv6域,每个域最多 是一个/48的网络,最少是一台主机 • 配置6to4隧道后, IPv6网络将底层的IPv4网络 做为一个非广播的点到多点的链路(Non Broadcast Multi Access link NBMA) • IANA分配的6to4地址前缀为2002::/16 • IPv4地址嵌入到IPv6地址的第16位到47位,用 来标示隧道的源和目的IPv4地址,此地址必须 为公有地址 • 6to4的最大优点在于不需要向网络运营商申请 IPv6地址,有公有v4地址和一个6to4 relay router 就可以了
自动6to4隧道(举例) C: Documents and Settingslhn>netsh interface ipv6 6to4 set relay 6to46tnet. com.cn C: Documents and Settings\hn>ipv6 if 3 Interface 3: 6to4 Tunneling Pseudo-Interface (A995346E-9F3E-2EDB-47D1-9CC7BA01CD73 does not use Neighbor Discovery does not use Router Discovery routing preference 1 preferred global 2002: cacc: ce6: cacc: ce6, life infinite link MTU 1280 (true link MTU 65515) current hop limit 128 reachable time 21500ms ( base 30000ms retransmission interval 1000ms DAD transmits o Window xP+sP1 BIl Group, China IPv6 Summit 2003 Hua ning B Bll Group
BII Group, China IPv6 Summit 2003 Hua Ning 10 自动6to4隧道(举例) C:\Documents and Settings\hn>netsh interface ipv6 6to4 set relay 6to4.6tnet.com.cn C:\Documents and Settings\hn>ipv6 if 3 Interface 3: 6to4 Tunneling Pseudo-Interface {A995346E-9F3E-2EDB-47D1-9CC7BA01CD73} does not use Neighbor Discovery does not use Router Discovery routing preference 1 preferred global 2002:cacc:ce6::cacc:ce6, life infinite link MTU 1280 (true link MTU 65515) current hop limit 128 reachable time 21500ms (base 30000ms) retransmission interval 1000ms DAD transmits 0 Window XP +SP1