Avalanche IPv6测试配置和使用
合集下载
相关主题
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
Avalanche IPv6
ClientSubnets: IPv6 Prefix and MAC Addresses
Prefix is 3FFE::/64, Interface ID is 200:FF:FE00:101-200:FF:FE00:1FF
So the first address in the above range is 3FFE::200:FF:FE00:101
Resolving a Host… NDP
Neighbor Solicitation
Host A sends to query the Layer 2 address of destination Host B
Contains Layer 2 address of Host A, so that Host B can resolve the address upon receiving solicitation
Resolving a Host
When a host needs to send data to a certain destination, it must first resolve the host. IPv6 has a Neighbor cache and Destination cache, similar to IPv4’s ARP cache. Neighbor cache
Which prefix to use?
A host can have multiple prefixes in its Prefix List… which one should it use as its Source Address when sending a packet?
•
• •
Rule 1 - If the destination is Link Local (FE80::), use Link Local
Neighbor Discovery Protocol
Used by hosts to determine which MAC address to send a packet to for a given destination Router Solicitation, Router Advertisement, Neighbor Solicitation, Neighbor Advertisement. Let’s take a look at each message
Host A sends a packet to Host C: Rule 1 fails, Rule 2 says that Host A should use 3000:: as its source address.
Rule 1: Link Local
Host A 2000:: 3000::
S w i t c
GW
3000::1 00:00:00:00:00:1
Host B
Site-to-Site
Emulated IPSec GW’s IPv6 prefix is taken from the one advertised by router. End host’s prefix is taken from GUI configuration.
Remote Access
Neighbor and Destination caches are updated via Neighbor and Router discovery (Neighbor Solicitations, Router Advertisements, etc).
Resolving a Host… NDP
Which Prefix to Use… Example!
Host A has GUI configured prefix of 2000::/64, GW gives it a prefix of 3000::/64
Rule 1: Link Local
Host A 2000:: 3000::
S w i t c
Resolving a Host… NDP
Router Solicitation
Message a host sends out to find neighboring routers Upon receiving a solicitation, routers should reply with a Router Advertisement.
Rule 2: Matching Pห้องสมุดไป่ตู้efix
Rule 3: GUI Setting
Host C 3000::
GW 3000:: Host D 4000::
Host B FE80::
h
Which Prefix to Use… Example! (cont.)
Host A sends a packet to Host D: Rule 1 fails, Rule 2 fails, Rule 3 says that Host A should use 2000:: as its source address.
Emulated IPSec GWs IPv6 prefix is taken from the GUI. End host’s address is given via mode-cfg.
Remember, the GUI configured prefix will only be used if the dst address does not match any other prefix in the host’s Prefix List.
Router Advertisement
Router sends to host to tell it:
Prefix information
Layer 2 address of router Other things (such as MTU) Router Advertisement is needed in order for a host to know that router is present in its network and to get its Layer 2 address.
Rule 2 - If the destination’s prefix matches an entry in the prefix list, use that prefix. Rule 3 - If the above fail, use the first entry in the prefix list (i.e. Use the GUI configured prefix)
Rule 1: Link Local
Host A 2000:: 3000::
S w i t c
Rule 2: Matching Prefix
Rule 3: GUI Setting
Host C 3000::
GW 3000:: Host D 4000::
Host B FE80::
h
IPv6 over IPv6 in IPSec
Prefix is put as the first entry in the host’s Prefix List.
Each host has a link local address based on the MAC address (FE80::), or it uses the statically configured address as its link local
Resolving a Host… Example!
Lets look at an example of what Host A’s Neighbor and Destination caches should look like if it resolved every host in this network.
Rule 1: Link Local
Host A 2000:: 3000::
S w i t c
Rule 2: Matching Prefix
Rule 3: GUI Setting
Host C 3000::
GW 3000:: Host D 4000::
Host B FE80::
h
Which Prefix to Use… Example! (cont.)
Contains a map between addresses of local neighbors and corresponding MAC addresses
Destination cache
Contains a map between destination addresses and MAC addresses of neighbor to be used to reach that destination
Rule 2: Matching Prefix
Rule 3: GUI Setting
Host C 3000::
GW 3000:: Host D 4000::
Host B FE80::
h
Which Prefix to Use… Example! (cont.)
Host A sends a packet to Host B: Rule 1 says that Host A should use its link local address as its source
Host A
Nbr Cache
3000::1 00:00:00:00:00:01
FE80::B 00:00:00:00:00:0B
Host C
S w i t c
2000::C 00:00:00:00:00:0C
Dst Cache
3000::1 00:00:00:00:00:01 FE80::B 00:00:00:00:00:0B 2000::C 00:00:00:00:00:01 4000::D 00:00:00:00:00:01
Host A
Nbr Cache
Host C
S w
2000::C 00:00:00:00:00:0C
Dst Cache
i t c
GW
3000::1 00:00:00:00:00:1
Host B
FE80::B 00:00:00:00:00:0B
h
Host D
4000::D 00:00:00:00:00:0D
ClientSubnets: IPv6 Static Addressing
Prefix is 3FFE:1:2::/64, Interface ID is ::A:1-::A:FF
Some Stuff To Note…
In either mode, users can configure both a Prefix and an Interface ID for the host.
Also used for Duplicate Address Detection
Neighbor Advertisement
Host B responds to Host A’s Neighbor Solicitation with Neighbor Advertisement
Contains Layer 2 address of Host B, which Host A can then resolve
Resolving a Host… Example!
After NDP, Host A has Neighbor cache entries for its neighbors (Host B and GW), and Destination cache entries for all hosts. Note that Host C and D are reachable through the GW’s MAC.
ClientSubnets: IPv6 Prefix and MAC Addresses
Prefix is 3FFE::/64, Interface ID is 200:FF:FE00:101-200:FF:FE00:1FF
So the first address in the above range is 3FFE::200:FF:FE00:101
Resolving a Host… NDP
Neighbor Solicitation
Host A sends to query the Layer 2 address of destination Host B
Contains Layer 2 address of Host A, so that Host B can resolve the address upon receiving solicitation
Resolving a Host
When a host needs to send data to a certain destination, it must first resolve the host. IPv6 has a Neighbor cache and Destination cache, similar to IPv4’s ARP cache. Neighbor cache
Which prefix to use?
A host can have multiple prefixes in its Prefix List… which one should it use as its Source Address when sending a packet?
•
• •
Rule 1 - If the destination is Link Local (FE80::), use Link Local
Neighbor Discovery Protocol
Used by hosts to determine which MAC address to send a packet to for a given destination Router Solicitation, Router Advertisement, Neighbor Solicitation, Neighbor Advertisement. Let’s take a look at each message
Host A sends a packet to Host C: Rule 1 fails, Rule 2 says that Host A should use 3000:: as its source address.
Rule 1: Link Local
Host A 2000:: 3000::
S w i t c
GW
3000::1 00:00:00:00:00:1
Host B
Site-to-Site
Emulated IPSec GW’s IPv6 prefix is taken from the one advertised by router. End host’s prefix is taken from GUI configuration.
Remote Access
Neighbor and Destination caches are updated via Neighbor and Router discovery (Neighbor Solicitations, Router Advertisements, etc).
Resolving a Host… NDP
Which Prefix to Use… Example!
Host A has GUI configured prefix of 2000::/64, GW gives it a prefix of 3000::/64
Rule 1: Link Local
Host A 2000:: 3000::
S w i t c
Resolving a Host… NDP
Router Solicitation
Message a host sends out to find neighboring routers Upon receiving a solicitation, routers should reply with a Router Advertisement.
Rule 2: Matching Pห้องสมุดไป่ตู้efix
Rule 3: GUI Setting
Host C 3000::
GW 3000:: Host D 4000::
Host B FE80::
h
Which Prefix to Use… Example! (cont.)
Host A sends a packet to Host D: Rule 1 fails, Rule 2 fails, Rule 3 says that Host A should use 2000:: as its source address.
Emulated IPSec GWs IPv6 prefix is taken from the GUI. End host’s address is given via mode-cfg.
Remember, the GUI configured prefix will only be used if the dst address does not match any other prefix in the host’s Prefix List.
Router Advertisement
Router sends to host to tell it:
Prefix information
Layer 2 address of router Other things (such as MTU) Router Advertisement is needed in order for a host to know that router is present in its network and to get its Layer 2 address.
Rule 2 - If the destination’s prefix matches an entry in the prefix list, use that prefix. Rule 3 - If the above fail, use the first entry in the prefix list (i.e. Use the GUI configured prefix)
Rule 1: Link Local
Host A 2000:: 3000::
S w i t c
Rule 2: Matching Prefix
Rule 3: GUI Setting
Host C 3000::
GW 3000:: Host D 4000::
Host B FE80::
h
IPv6 over IPv6 in IPSec
Prefix is put as the first entry in the host’s Prefix List.
Each host has a link local address based on the MAC address (FE80::), or it uses the statically configured address as its link local
Resolving a Host… Example!
Lets look at an example of what Host A’s Neighbor and Destination caches should look like if it resolved every host in this network.
Rule 1: Link Local
Host A 2000:: 3000::
S w i t c
Rule 2: Matching Prefix
Rule 3: GUI Setting
Host C 3000::
GW 3000:: Host D 4000::
Host B FE80::
h
Which Prefix to Use… Example! (cont.)
Contains a map between addresses of local neighbors and corresponding MAC addresses
Destination cache
Contains a map between destination addresses and MAC addresses of neighbor to be used to reach that destination
Rule 2: Matching Prefix
Rule 3: GUI Setting
Host C 3000::
GW 3000:: Host D 4000::
Host B FE80::
h
Which Prefix to Use… Example! (cont.)
Host A sends a packet to Host B: Rule 1 says that Host A should use its link local address as its source
Host A
Nbr Cache
3000::1 00:00:00:00:00:01
FE80::B 00:00:00:00:00:0B
Host C
S w i t c
2000::C 00:00:00:00:00:0C
Dst Cache
3000::1 00:00:00:00:00:01 FE80::B 00:00:00:00:00:0B 2000::C 00:00:00:00:00:01 4000::D 00:00:00:00:00:01
Host A
Nbr Cache
Host C
S w
2000::C 00:00:00:00:00:0C
Dst Cache
i t c
GW
3000::1 00:00:00:00:00:1
Host B
FE80::B 00:00:00:00:00:0B
h
Host D
4000::D 00:00:00:00:00:0D
ClientSubnets: IPv6 Static Addressing
Prefix is 3FFE:1:2::/64, Interface ID is ::A:1-::A:FF
Some Stuff To Note…
In either mode, users can configure both a Prefix and an Interface ID for the host.
Also used for Duplicate Address Detection
Neighbor Advertisement
Host B responds to Host A’s Neighbor Solicitation with Neighbor Advertisement
Contains Layer 2 address of Host B, which Host A can then resolve
Resolving a Host… Example!
After NDP, Host A has Neighbor cache entries for its neighbors (Host B and GW), and Destination cache entries for all hosts. Note that Host C and D are reachable through the GW’s MAC.