Professional Documents
Culture Documents
IOS XR configurations
int g0/1
ip add 209.165.201.130 255.255.255.252
no shut
!
ip route 0.0.0.0 0.0.0.0 g0/1
!
router ospf 1
default -information oiginate
!
end
PE directly connected to CE
conf t
interface g0/0/0/1
ipv4 add 209.168.201.129/30
no shut
!
route-policy INTO_BGP
if destination in (209.165.201.128/25 eq 30) then
set community (no-export)
endif
end-policy
!
router bgp 123
address ipv4 unicast
redistribute connected route-policy INTO_BGP
!
commit
end
conf t
router bgp 123
addr ipv4 uni
aggregate-address 209.165.201.0/24 summary-only
!
commit
end
interface g0/1
ip add 209.165.201.129 255.255.255.252
no shut
!
ip prefix-list CUSTOMER_ROUTES permit 209.165.201.128/30 ge 30 le 30
!
route-map INTO_BGP permit 10
match ip add prefix CUSTOMER_ROUTES
set community no-export
!
router bgp 123
redistribute connected route-map INTO_BGP
nei 209.165.201.10 send-community
!
end
__________________________________
int g0/1
ip add 209.165.201.2 255.255.255.252
no shut
!
ip add 0.0.0.0 0.0.0.0 gi0/1
!
router ospf 1
default-information originate
!
end
PE facing CE IOS XR
int g0/0/0/41
ipv4 add 209.165.201.1/30
no shut
!
router static
address ipv4 uni
209.165.201.128/28 209.165.201.2 tag 1000
!
route-policy INTO_BGP
if tag eq 1000 then
set community (no-export)
endif
end-policy
!
router bgp 123
addr ipv4 uni
redistribute connected route-policy INTO_BGP
!
commit
end
int g0/1
ip add 209.165.201.1 255.255.255.252
no shut
!
ip route 209.165.201.1285 255.255.255.240 209.165.201.2 tag 1000
!
route-map INTO_BGP permit 10
match tag 1000
set community no-export
!
router bgp 123
redistribute static route-map INTO_BGP
!
end
___________________________________________
int g0/1
ip add 209.165.201.2 255.255.255.252
no shut
!
ip route 0.0.0.0 0.0.0.0 gi0/1
!
router ospf 1
default-information originate
!
end
int g0/1
ip add 209.165.201.6 255.255.255.252
no shut
!
ip route 0.0.0.0 0.0.0.0 gi0/1 250
!
router ospf 1
default-information originate
!
end
Config of CE1 facing PE1 IOS XR
int g0/0/0/1
ipv4 add 209.165.201.1 255.255.255.252
no shut
!
router static
add ipv4 uni
209.165.201.128/28 209.165.201.2 tag 1000
!
route-policy INTO_BGP
if tag eq 1000 then
set community (no-export)
endif
end-policy
!
router bgp 123
add ipv4 uni
redistribute static route-policy INTO_BGP
!
commit
end
int g0/0/0/1
ipv4 add 209.165.201.5 255.255.255.252
no shut
!
router static
add ipv4 uni
209.165.201.128/28 209.165.201.6 tag 1001 250
!
route-policy INTO_BGP
if tag eq 1001 then
set community (no-export)
set local-preference 50
set weight 0
endif
end-policy
!
router bgp 123
add ipv4 uni
redistribute static route-policy INTO_BGP
!
commit
end
int g0/1
ip add 209.165.201.5 255.255.255.252
no shut
!
ip route 209.165.201.128/28 209.165.201.6 tag 1001 250
!
route-map INTO_BGP permit 10
match tag 1001
set community no-export
set local-preference 50
set weight 0
!
router bgp 123
redistribute static route-map INTO_BGP
neigh 209.165.201.10 send-community
!
end
_________________________________________________
int g0/1
ip add 209.165.201.2 255.255.255.252
no shut
!
ip route 0.0.0.0 0.0.0.0 gi0/1
!
router ospf 1
default-information originate
!
end
int g0/1
ip add 209.165.201.6 255.255.255.252
no shut
!
ip route 0.0.0.0 0.0.0.0 gi0/1 250
!
router ospf 1
default-information originate
!
end
router static
addr ipv4 uni
209.165.201.128/28 209.165.201.2 tag 1000
209.165.201.128/29 209.165.201.2 tag 1000
!
route-policy INTO_BGP
if tag eq 1000 then
set community (no-export)
endif
end-policy
!
router bgp 123
add ipv4 uni
redistribute static route-policy INTO_BGP
!
commit
end
router sttatic
addr ipv4 uni
209.165.201.128/28 201.165.201.6 tag 1001
209.165.201.136/29 201.165.201.6 tag 1001
!
route-policy INTO_BGP
if tag eq 1001 then
set community (no-export)
endif
end-policy
!
router bgp 123
add ipv4 uni
redistribute static route-policy INTO_BGP
!
commit
end
_________________________________________________________
CE router IOS
route-pplicy DEFAULT
if destination in (0.0.0.0/0) then
pass
endif
end-policy
!
route-policy CUSTOMER
if destination in (209.165.201.128/28) and
as-path in (ios-regex '^65001(_65001)*$')
then
set community (no-export)
endif
end-policy
!
router bgp 123
addr ipv4 uni
neigh 209.165.201.6
remote 65001
add ipv4 uni
default-originate
route-policy DEFAULT
route-policy CUSTOMER
remove-private-as
!
commit
!
end
PE
conf t
no router bgp 123
!
router bgp 234
nei 209.165.201.6
remote 65001
local-as 123 no-prepend replace-as
!
commit
!
end
____________________________________________
IOS CE primary
IOS CE Backup
_________________________
IOS XR
IOS
IOS CE
int lo0
ip add 209.165.201.2 255.255.255.255
!
router bgp 65001
nei 209.165.201.1 remote 12
nei 209.165.201.1 update lo0
nei 209.165.201.1 ebgp-multihop 2
!
end
IOS XR
_________________________
IOS CE1
CE2
___________________________
SP aided BGP routing policy in a primary and backup scenario
Using signaling
O=======O========O
O=======O========O
.6 .5
!
route-policy CUST_NET_LP
if community matches_any (50) then
set local-preference 50
!
endif
endpolicy
!
router bgp 234
nei 209.165.201.6
remote 345
addr ipv4 uni
route-policy CUST_NET_LP in
!
!
route-policy CUST_NET_PREPEND
if community matches-any (3) then
prepend as-path 234 3
!
endif
end-policy
!
router bgp 234
nei 209.165.201.12
remote 456
add ipv4 uni
route-policy CUST_NET_PREPEND out
!
end
ip community-list 1 permit 50
!
route-map CUST_NET_LP permit 10
match community 1
set local-preference
!
router bgp 234
nei 209.165.201.6 remote 345
nei 209.165.204.6 route-map CUST_NET_LP in
!
end
_________________________________________________________________
IOS XR PE facing CE
on PE
conf t
route-policy BGP_ACCOUNTING
if as-path originates-from '234' then
set traffic-index 11
endif
end-policy
!
router bgp 123
add ipv4 uni
table-policy BGP_ACCOUNTING
!
int g0/0/0/1
ipv4 bgp policy accounting input source-accounting
!
end
IOS
BGP RR
IOS XR
conf t
router bgp 123
bgp cluster-id 17
neigh 10.0.0.3
remote 123
add ipv4 uni
route-reflector-client
!
nei 10.0.0.1
remote 123
add ipv4 uni
!
commit
end
_____________________
BGP Route limit
IOS
IOS XR
conf t
router bgp 123
nei 209.165.201.134
remote 345
add ipv4 uni
maximum=prefix 100000 80 restart 5
!
nei 2001:db8:132::134
remote 345
add ipv6 uni
maximum-prefix 10000 80 restart 5
!
commit
end
_______________________
IOS
conf t
router bgp 123
nei 209.165.201.129 pass Cisc()
nei 209.165.201.129 ttl-security hops 1
!
!
ip access-list ext BGP
permit tcp host 209.165.201.129 host 209.165.201.130 eq bgp
permit tcp host 209.165.201.129 eq bgp host 209.165.201.130
deny ip any any
!
class-map BGP_CLASS
match access-group name BGP
!
policy-map COPP_POL
match BGP_CLASS
police rate 200 pps conform-action transmit exceed-action drop
!
!
control-plane
service-policy input COPP_POL
!
end
conf t
router bgp 123
nei 209.165.201.130
pass Cisc()
ttl-security
!
!
lpts pifib hardware police
flow bgp configured rate 200
flow bgp default rate 200
flow bgp known rate 200
!
!
commit
end
__________________________________
Destination_based RTBH
O P1
PE | PE2
O------------O----------O-----------O-----------O
Customer P2 Attacker
209.165.201.128/28 209.165.201.144/28
P1,PE IOS XR
conf t
router static
add ipv4 uni
192.0.2.0/24 null0
!
end
conf t
router static
add ipv4 uni
192.0.2.0/24 null0
!
!
route-policy RTBH
if tag is 666 then
set next-hop 192.0.2.1
set community (no-export)
set local-preference 1000
endif
end-policy
!
router bgp 123
add ipv4 uni
redistribute static route-policy RTBH
!
commit
end
conf t
router static
add ipv4 uni
209.165.201.128/28 null0 tag 666
!
!
commit
end
sh bgp
LP = 1000 next hop = 192.0.2.1
ping 209.165.201.129
uuuuu
___________________
Source RTBH
Source_based RTBH
O P1
PE | PE2
O------------O----------O-----------O-----------O
Customer P2 Attacker
209.165.201.128/28 209.165.201.144/28
IOS XR PE2
conf t
router static
addr ipv4 uni
192.0.2.0/24 null0
!
int g0/0/0/0 (facing attacker)
ipv4 verify unicast source
reachable-via rx
!
!
end
P2 Signaling IOS XR
conf t
router static
add ipv4 uni
192.0.2.0/24 null0
!
!
route-policy RTBH
if tag is 666 then
set next-hop 192.0.2.1
set community (no-export)
endif
end-policy
!
router bgp 123
add ipv4 uni
redis static route-policy RTBH
!
end
P2 Signaling IOS XR
When attack has been detected!!!
router static
add ipv4 uni
209.165.201.144/28 null0 tag 666
!
commit
!
end
_________________________
IOS XR
conf t
router bgp 123
nsr
!
bgp graceful-restart (NSF)
!
IOS
conf t
router bgp 123
bgp graceful-restart
IOS NSR
conf t
router bgp 123
bgp graceful-restart
nei 209.165.201.130 ha=mode sso
!
!
end
sh processes bgp
_____________
IOS
IOS XR
conf t
route-policy BGP_DAMP
if destination in (209.165.201.144/28) then
set dampening halflife 10 suppress 3000 reuse 1000 max-suppress 40
endif
end-policy
!
router bgp 123
add ipv4 uni
bgp dampening route-policy BGP_DAMP
!
end
IOS XR
sh bgp 209.165.201.144/28
sh bgp dampened-paths
_________________________
BGP CPU process utilization
IOS
IOS XR
sh processes bgp
____________________________
IOS
conf t
ip tcp path-mtu-discovery (enables PMTU discovery)
!
int g0/0
hold-queue 1000 in (increase in out queue)
!
sh int g0/0/0
input queue: 0/1000/0/0 (size/max/drops/flushes):Total output drops: 0
IOS XR
conf t
tcp path-mtu-discovery
IOS XR
conf t
router bgp 123
distributed speaker 1 (enables distributed speaker)
distributed speaker 2 process
nei 10.0.101.1
speaker-id 1
nei 10.0.102.1 allocates a speaker process to
speaker-id 2 a neigh
!
end
sh bgp process
____________________________
IOS
router bgp 234
add ipv4 uni
bgp additional-paths install
!
add ipv6 uni
bgp additional-paths install
!
end
IOS XR
conf t
route-policy ALL
pass
end-policy
!
router bgp 234
add ipv4 uni
additional-paths selection route-policy ALL
!
add ipv6 uni
additional-paths selecton route-policy ALL
!
end
______________________
BGP BFD
IOS
int g0/0
bfd interval 100 min_rx 100 multplier 3
!
router bgp 123
nei 10.1.1.6 fall-over bfd
!
end
____________________
BGP Scan time , adver interval, keep alive hold time
IOS
conf t
router bgp 123
bgp scan-time 30
nei 10.10.20.1 advertiment-interval 10
nei 10.10.20.1 timers 30 90
!
end
IOS XR
conf t
router bgp 123
bgp scan-time 30
nei 10.10.10.1
advertiment-interval 10
timers 30 90
!
end
sh bgp process
_____________________________
IOS
conf t
router bgp 123
nei CUST peer
nei CUST route-map TEST in
nei CUST route-map TEST2 out
nei CUST pass Cisc()
nei CUST maximum-prefix 10
!
nei 10.1.1.1 remote 234
nei 10.1.1.1 peer CUST
!
end
conf t
router bgp 123
af-group IPV4 add ipv4 uni
route-policy CUST_IN in
route-policy CUST_OUT out
maximum-prefix 10
!
neighbor-group EBGP (session-group can also be use here)
pass C!sc()
ttl-security
update lo0
add ipv4 uni
use af-group IPV4
!
nei 209.165.201.130
remote 234
use neighbor-group EBGP
!
end
____
IOS
conf t
router bgp 123
template peer-policy EBGP_POLICY
route-map CUST_IN in
route-map CUST_OUT out
maximum-prefix 10
!
template peer-session EBGP_SESSION
pass C!sc()
ttl-security hops 2
update lo0
!
nei 201.165.201.10 remote 111
nei 209.165.201.10 inherit peer-session EBGP_SESSION
!
add ipv4 uni
nei 209.165.201.130 inherit peer-policy EBGP_POLICY
!
_____________________________
Multicast
MCast NSF
IOS XR
conf t
multicast-routing
nsf
!
end
____________________________
IGMP configuration
topology page 86
R1 facing HOST1
conf t
ip multicast-routing
!
int g0/1 (connected to host1)
ip pim sparse-mode
ip igmp version 3
ip igmp query-interval 60
!
end
conf t
multicast-routing
add ipv4
interf all enable
!
!
router pim
int g0/0/0/0 (connected to host 2)
enable
!
router igmp
versiopn 3
query-interval 60
interface g0/0/0/0
version 3
query-interval 60
!
!
end
IOS XR
sh igmp groups
______
IOS
conf t
int g0/1
ip igmp join-group 224.1.5.10
ip igmp static-group 224.1.1.11
!
end
IOS XR
conf t
router igmp
int g0/0/0/0
join-group 224.1.5.10
static-group 224.1.5.11
!
end
____________________
configuring IGMPv3 Host stack
topology page 88
IOS XR
conf t
int g0/0/0/0
joing-group 232.2.2.2 1.1.1.1
!
IOS
conf t
int g0/0
ip igmp join-group 232.2.2.2 source 1.1.1.1
!
end
_______________
Configuring IGMP Snooping
___
IGMP fast-leave
_____________
PIM Snooping
IOS SW
_______________________
Topology page 94
IOS
conf t
ip multicast-routing
!
router bgp 123
nei 209.165.201.1 remote 234
nei 209.165.201.5 remote 234
add ipv uni
nei 209.165.201.1 activate
no neig 209.165.1.5 acitvate
!
add ipv4 multicast
neigh 209.165.201.5 activate
!
end
IOS XR
conf t
router bgp 234
add ipv4 uni
add ipv4 multicast
!
nei 209.165.201.2
remote 123
add ipv4 uni
!
nei 209.165.201.6
remote 123
add ipv4 multicast
!
end
IOS XR
________________________________
Configuring PIM-SM
IOS
conf t
access-list 1 permit host 10.1.1.1
!
ip multicast-routing
ip pim neighbor-filter 1
!
int g0/0
ip pim sparse-mode
!
end
IOS XR
conf t
ipv4 access-list PIM_FILTER
permit host 10.1.1.2
!
multicast-routing
add ipv4
int g0/0/0/0
enable
!
router pim
neighbor-filter PIM_FILTER
int g0/0/0/0
enable
!
end
____
Configuring Static RP
IOS
conf t
ip pim spt-threshold infinity
!
ip pim rp-address 10.1.1.1
!
end
IOS XR
conf t
router pim
add ipv4
spt-threshold infinity
rp-add 10.1.1.1
!
end
__________
Verification
IOS
sh ip pim int
sh ip pim nei
mrinfo 10.10.1.1 (queries which neigh mcast routers are peering with the local
router)
sh ip pim rp
sh ip rpf
sh ip mroute
IOS XR
sh pim interface
sh pim nei
mrinfo 10.1.1.1
sh pim rpf
sh mrib route
______________
Configuring SSM
IOS
sh ip igmp ssm-mapping
sh ip igmp groups
IOS XR
conf t
router pim
accept-register <acl>
!
multicast-routing
ssm (allow-override | disable | range)
!
end
__________________
IOS
ip pim bidir-enable
ip pim rp-address 1.1.1.1 bidir
!
ip pim send-rp-announce e0/0 bidir
ip pim rp-candidate e0/0 bidir
IOS XR
Enable by default
router pim
rp-address 1.1.1.1 bidir
auto-rp candidate-rp g0/0 bidir
!
____________________________
MSDP configuration
IOS
conf t
ip access-list ext MSDP_ACL
deny ip any host 224.0.1.39
deny ip any host 224.0.1.40
!
ip msdp peer 10.2.1.1 connect-source lo0
ip msdp originator-id lo0
ip msdp ttl-threshold 10.2.1.1 64
ip msdp sa-filter in 10.2.1.1 list MSDP_ACL
ip msdp sa-filter out 10.2.1.1 list MSDP_ACL
ip msdp pass peer 10.2.1.1 Cisc()
!
end
IOS XR
conf t
ipv4 access-list MSDP_ACL
deny ip any host 224.0.1.39
deny ip any host 224.0.1.40
!
router msdp
originator-id lo0
peer 10.1.1.1
connect-source lo0
ttl-threshold 64
pass Cisc()
sa-filter in list MSDP_ACL
sa-filter out list MSDP_ACL
!
end
IOS XR
sh msdp summary
sh msdp sa-cache
heed
________________________
AUTO RP Configuration
IOS
conf t
ip pim send-rp-announce lo0
!
ip pim send-rp-discovery lo0
!
ip pim rp-announce-filter rp-list ACL group-list ACL
conf t
router pim
auto-rp candidate-rp lo0
auto-rp mapping-agent lo0
!
end
IOS
sh ip pim rp mapping
______________________
Securing AUTO-RP
IOS XR
conf t
multicast-routing
add ipv4
int g0/0/0/0
boundary AUTO_RP_ACL
!
ipv4 access-list AUTO_RP_ACL
deny host 224.0.1.39
deny host 224.0.1.40
!
end
IOS
int g0/0
ip multicast boundary 1
!
access-list 1 deny 224.0.1.39
access-list 1 deny 224.0.1.40
!
end
__
Filter-autorp
int g0/0
ip multicast boundary 10 filter-autorp
!
access-list 10 permit 224.1.1.1
!
end
____
BSR Configuration
IOS
conf t
ip pim rp-candidate
!
IOS XR
conf t
router pim
bsr candidate-rp 10.1.1.1
!
bsr candidate-bsr 10.1.1.2
!
end
IOS XR
________
Constraining BSR messages
IOS XR
conf t
int g0/0/0/0
bsr-border
!
end
IOS
conf t
int g0/0
ip pim bsr-border
!
end
_______________
Anycast RP configuration
IOS
RP1
conf t
host RP1
!
itn lo0
ip add 10.0.0.1 255.255.255.255
!
int lo1
ip add 10.1.1.1 255.255.255.255
!
ip msdp peer 10.0.0.2 connect-source lo0
ip msdp originator-id lo0
ip msdp rp-address 10.1.1.1
!
end
IOS XR
conf t
host RP2
!
int lo0
ipv4 add 10.0.0.2/32
!
int lo1
ipv4 add 10.1.1.1/32
!
router msdp
peer 10.0.0.1 connect-source lo0
originator-id lo0
!
router pim
rp-address 10.1.1.1
!
end
R1
conf t
!
host R1
!
ip pim rp-address 10.1.1.1
!
end
__________________
MLD Configuration
IOS
conf t
ipv6 multicast-routing
!
int g0/0
ipv6 mld query-interval 60
!
end
IOS XR
conf t
multicast-routing
add ipv6
interface all enable
!
router mld
int g0/0/0/0
router enable
query-interval 60
version 2
!
______________
IOS
conf t
int g0/1
ipv6 mld join-group <group-address>
ipv6 mld static-group <group-address>
!
end
IOS XR
router mld
int g0/0/0/0
join-group <group-add>
static-group <group-add>
!
end
_______________________________________
IOS
conf t
ipv6 dhcp pool POOL1
address prefix 2001:db8:a1::/64
dns-server 2001:db8:c1::53
dns-server 2001:db8:c2::53
domain-name example.org
!
int g0/1
ipv6 dhcp server POOL1
ipv6 add 2001:db8:a1::1/64
ipv6 nd managed-config-flags
ipv6 nd other-config-flags
!
end
________________________
PE IOS XR
conf t
dhcp ipv6
int g0/0/0/0 server
pd 2001:db8:1::/64
!
int g0/0/0/0
ipv6 add 2001:db8:a::1/64
!
end
PE IOS
conf t
ipv6 uni
!
ipv6 dhcp pool CUSTOMERS
prefix-delegation pool C_PREFIX
!
int g0/0
ipv6 add 2001:db8:a::1/64
ipv6 dhcp server Customers
!
ipv6 local pool C_PREFIX 2001:db8:c::/40 48
!
end
CE IOS
conf t
int g0/0
ipv6 add 2001:db8:a::2/64
ipv6 dhcp client pd PREFIX
!
int g0/1
ipv6 add PREFIX ::1/64
!
end
________________________________
IOS XR
conf t
Class-map VOIP
match dscp ipv6 ef
!
policy-map QOS
class VOIP
priority
police rate 10 mbps
conform-action transmit
exceed-action drop
!
class class-default
police rate 100 mbps
conform-action transmit
exceed-action drop
!
int g0/0/0/0
service-policy out QOS
!
end
IOS
conf t
class-map VOIP
match dscp ef
!
policy-map QOS
class VOIP
priority
police rate 10000
conform-action transmit
exceed-action drop
!
class class-default
police rate 100000
conform-actoin transmit
exceed-action drop
!
int g0/0
service-policy out QOS
!
end
________________________________________
IOS XR
conf t
telnet ipv6 server max-servers
!
domain name cisco.com
!
crypto key generate rsa general-keys modulus 1024
!
ssh server
!
end
IOS
conf t
ip domain-name cisco.com
!
crypto key generate rsa general-keys modulus 1024
!
line vty 0 4
transport input telnet ssh
!
end
IOS XR
telnet 2001:db8:1:1001:f
IOS
conf t
ipv6 cef
!
end
-----
IP SLAs are not available for IPv6 in IOS XR
IOS
conf t
ip sla 99
icmp-echo 3002:100::2 source-interface lo0
flow-label 100
frequency 30
!
ip sla schedule 99 life forever start-time now
!
ip sla 101
tcp-connect 2001:100::2 10001
traffic-class 146
flow-label 101
!
ip sla schedule 101 life forever start-time now
!
end
___________________________________________
conf t
int g0/0/0
ipv6 add 2001:db8::1/64
nat64 enable
no shut
!
int g0/0/1
ip add 192.0.2.1 255.255.255.0
nat64 enable
no shut
!
ipv6 access-list LIST (Acl that specifies which ipv6 hosts can translate)
permit ipv6 2001:db8::/64 any
!
nat64 prefix stateful 2001:db8::/96 (NAT64 prefix)
nat64 v4 pool POOL 192.0.2.2 192.0.2.254 (Specify ipv4 pool)
nat64 v6v4 list LIST pool POOL overload (Enable NAT64 with PAT)
!
end
________________________
ASR 1000
conf t
int g0/0/0
ipv6 add 2001:db8::1/64
nat64 enable
no shut
!
int g0/0/1
ip add 192.0.2.1 255.255.255.0
nat64
no shut
!
ipv6 access-list LIST
permit ipv6 2001:db8::/64 any
!
nat64 prefix stateful 2001:db8::/96
nat64 v4 pool POOL 192.0.2.2 192.0.2.254
nat64 v4v6 static 198.51.100.2 2001:db8::100.2 (Enable static NAT64)
nat64 v6v4 list LIST pool POOL overload
!
end
sh nat64 translation
_______________________________________
conf t
int t0
ipv6 add 2001:db8:3::1/64
tunnel source g0/0
tunnel dest 209.165.201.6
tunnel mode ipv6ip
no shut
!
ipv6 route 2001:db8:2::/64 tunnel0 2001:db8:3::2
!
end
R2
conf t
int t0
ipv6 add 2001:db8:3::2/64
tunnel source g00
tunnel destin 209.165.201.1
tunnel mode ipv6ip
no shut
!
ipv6 route 2001:db8:1::/64 tunnel0 2001:db8:3::1
!
end
int t0
ipv6 add 2001:db8:3::1/64
tunnel sourc g0/0
tunnel dest 2009.165.201.6
tunnel mode gre ip
no shut
!
end
__________________________________
R1 CE1
conf t
int g0/0
ip add 209.165.201.1 255.255.255.252
no shut
!
int g0/1
ipv add 2002:d1a5:c901::1/64
no shut
!
int t0
ipv6 enable
tunnel source g0/0
tunnel mode ipv6ip 6to4
no shut
!
ipv6 route ::/0 tunnel0
!
end
R2 CE2
conf t
int g0/1
ipv6 add 2002:d1a5:c906::1/64
no shut
!
int t0
ipv6 enable
tunnel sourc g0/0
tunnel mode ipv6ip 6to4
no shut
!
ipv6 route ::/0 tu0
!
end
R3 6to4 RELAY
conf t
int lo0
ip add 192.88.99.1 255.255.255.0
!
int t0
ipv6 enable
tuinnel source lo0
tunnel mode ipv6ip pto4
no shut
!
ipv6 route 2002:d1::/24 tunnel0
!
end
_____________________________________
6RD configuration
conf t
int g0/0
ip add 209.165.201.1 255.255.255.252
no shut
!
int g0/1
ipv add 2001:db8:d1a5:c901::1/64
!
int t0
ipv6 enable
tunnel source g0/0
tunnel mode ipv6ip 6rd
tunnel 6rd ipv4 prefix-len 16 (set the common prefix)
tunnel 6rd prefix 2001:db8::/32
tunnel 6rd br 209.165.201.10
!
ipv6 route 2001:db8::/32 tunnel0
ipv6 route ::/0 2001:db8:c90a::
!
end
6RD BR
conf t
itn g0/0
ip add 209.165.201.10 255.255.255.252
no shut
!
int t0
ipv enable
tunnel source g0/0
tunnel mode ipv6ip 6rd
tunnel 6rd ipv4 prefix-len 16
tunnel 6rd prefix 2001:db8::/32 (set the 6RD prefix)
no shut
!
ipv6 route 2001:db8::/32 tun0
!
end