目录
- 实验条件
- 网络拓朴
- 环境配置
- 开始Troubleshooting
- 问题1. R25和R22邻居关系没有建立
- 问题2. 去往R25网络的下一跳地址不存在、不可用
- 问题3. 去往目标网络的下一跳地址不存在、不可用
实验条件
网络拓朴
环境配置
在我的资源里可以下载(就在这篇文章的开头也可以下载)
开始Troubleshooting
检查所有接口的配置
Phone#show ipv int br
Ethernet0/0 [up/up]
FE80::A8BB:CCFF:FE02:3000
2001:CC1E:BEEF:25::100
Ethernet0/1 [administratively down/down]
unassigned
Ethernet0/2 [administratively down/down]
unassigned
Ethernet0/3 [administratively down/down]
unassigned
R25#show ipv int br
Ethernet0/0 [up/up]
FE80::A8BB:CCFF:FE02:2000
2001:CC1E:BEEF:25::1
Ethernet0/1 [up/up]
FE80::A8BB:CCFF:FE02:2010
2001:CC1E:BEEF:2225::18
Loopback0 [up/up]
FE80::A8BB:CCFF:FE02:2000
2001:CC1E:BEEF::2225
R25#
R22#show ipv int br
Ethernet0/0 [up/up]
unassigned
Ethernet0/1 [up/up]
FE80::A8BB:CCFF:FE01:F010
2001:CC1E:BEEF:2225::17
Ethernet1/0 [up/up]
FE80::A8BB:CCFF:FE01:F001
2001:CC1E:ABCD:2622::13
其它的两台路由器没有密码,应该是不需要调整的,
直接ping Server4的IPv6地址
Phone#ping 2001:BEEF:CAFE::26
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:BEEF:CAFE::26, timeout is 2 seconds:
UUUUU
Success rate is 0 percent (0/5)
Phone#traceroute 2001:BEEF:CAFE::26
Type escape sequence to abort.
Tracing the route to 2001:BEEF:CAFE::26
1 2001:CC1E:BEEF:25::1 !U !U !U
Phone#
ping包出现U表示目标不可达的意思, 就是路由器在查询路由表的时候没有目标网络的路由表,而且也没有默认路由,这时就回给源路由器一个目标不可达,源路由器就显示一个U的标记;
数据包到达了网关R25之后就没有下一跳的路由了,查询R25的路由相关配置
R25#show ipv route
IPv6 Routing Table - default - 6 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP
H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
IS - ISIS summary, D - EIGRP, EX - EIGRP external, NM - NEMO
ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr - Redirect
RL - RPL, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
la - LISP alt, lr - LISP site-registrations, ld - LISP dyn-eid
lA - LISP away, a - Application
LC 2001:CC1E:BEEF::2225/128 [0/0]
via Loopback0, receive
C 2001:CC1E:BEEF:25::/64 [0/0]
via Ethernet0/0, directly connected
L 2001:CC1E:BEEF:25::1/128 [0/0]
via Ethernet0/0, receive
C 2001:CC1E:BEEF:2225::/64 [0/0]
via Ethernet0/1, directly connected
L 2001:CC1E:BEEF:2225::18/128 [0/0]
via Ethernet0/1, receive
L FF00::/8 [0/0]
via Null0, receive
R25#show run | s router
router bgp 65101
bgp log-neighbor-changes
neighbor 123.1.2.17 remote-as 12345
!
address-family ipv4
neighbor 123.1.2.17 activate
exit-address-family
!
address-family ipv6
network 2001:CC1E:BEEF::2225/128
network 2001:CC1E:BEEF:25::/64
neighbor 123.1.2.17 activate
exit-address-family
没有目标的路由信息,路由协议采用的是BGP协议, 查看一下BGP邻居状态情况
R25#show ip bgp summary
BGP router identifier 202.65.1.5, local AS number 65101
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
123.1.2.17 4 12345 0 0 1 0 0 never Idle
发现R25和R22的邻居关系没有起来、查询R22的路由表信息,发现在R22上有和R26的邻居关系且有目标网络的路由信息且能ping通到目标网络。
R22#show ipv route
IPv6 Routing Table - default - 6 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP
H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
IS - ISIS summary, D - EIGRP, EX - EIGRP external, NM - NEMO
ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr - Redirect
RL - RPL, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
la - LISP alt, lr - LISP site-registrations, ld - LISP dyn-eid
lA - LISP away, a - Application
B 2001:BEEF:CAFE::/64 [20/0]
via FE80::A8BB:CCFF:FE02:10, Ethernet1/0
C 2001:CC1E:ABCD:2622::/64 [0/0]
via Ethernet1/0, directly connected
L 2001:CC1E:ABCD:2622::13/128 [0/0]
via Ethernet1/0, receive
C 2001:CC1E:BEEF:2225::/64 [0/0]
via Ethernet0/1, directly connected
L 2001:CC1E:BEEF:2225::17/128 [0/0]
via Ethernet0/1, receive
L FF00::/8 [0/0]
via Null0, receive
R22#show ip bgp summary
BGP router identifier 134.22.22.22, local AS number 12345
BGP table version is 6, main routing table version 6
5 network entries using 720 bytes of memory
5 path entries using 420 bytes of memory
2/2 BGP path/bestpath attribute entries using 320 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1484 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
123.1.2.18 4 65101 0 0 1 0 0 never Idle (Admin)
123.3.3.3 4 12345 0 0 1 0 0 never Idle
123.5.5.5 4 12345 0 0 1 0 0 never Idle
134.21.21.21 4 12345 0 0 1 0 0 never Idle
134.56.78.14 4 10001 22 19 6 0 0 00:15:40 5
R22#ping 2001:BEEF:CAFE::26
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:BEEF:CAFE::26, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R22#
那么只需要解决R22和R25的邻居关系且把目标的网络让R25接收就可以达到我们的目标。
问题1. R25和R22邻居关系没有建立
之前看了R25的BGP配置没有发现异常、继续检查R22的BGP配置
R22#show run | s router bgp
router bgp 12345
bgp router-id 134.22.22.22
bgp log-neighbor-changes
neighbor PEER peer-group
neighbor PEER remote-as 12345
neighbor 2001:CC1E:ABCD:2622::12 remote-as 10001
neighbor 123.1.2.18 remote-as 65101
neighbor 123.1.2.18 shutdown
neighbor 123.3.3.3 peer-group PEER
neighbor 123.5.5.5 peer-group PEER
neighbor 134.21.21.21 peer-group PEER
neighbor 134.56.78.14 remote-as 10001
!
address-family ipv4
neighbor PEER next-hop-self
no neighbor 2001:CC1E:ABCD:2622::12 activate
neighbor 123.1.2.18 activate
neighbor 123.3.3.3 activate
neighbor 123.5.5.5 activate
neighbor 134.21.21.21 activate
neighbor 134.56.78.14 activate
neighbor 134.56.78.14 route-map MED out
exit-address-family
!
address-family ipv6
neighbor 2001:CC1E:ABCD:2622::12 activate
neighbor 123.1.2.18 activate
neighbor 123.1.2.18 route-map NEXT-HOP out
exit-address-family
R22#
发现邻居关系被 Shutdown了,no shutdown就可以了
R22#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R22(config)#router bgp 12345
R22(config-router)#no neighbor 123.1.2.18 shutdown
R22(config-router)#
%BGP-5-ADJCHANGE: neighbor 123.1.2.18 Up
R22(config-router)#do show ip bgp summary
BGP router identifier 134.22.22.22, local AS number 12345
BGP table version is 6, main routing table version 6
5 network entries using 720 bytes of memory
5 path entries using 420 bytes of memory
2/2 BGP path/bestpath attribute entries using 320 bytes of memory
2 BGP AS-PATH entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1508 total bytes of memory
BGP activity 8/0 prefixes, 8/0 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
123.1.2.18 4 65101 6 8 6 0 0 00:00:10 0
123.3.3.3 4 12345 0 0 1 0 0 never Idle
123.5.5.5 4 12345 0 0 1 0 0 never Idle
134.21.21.21 4 12345 0 0 1 0 0 never Idle
134.56.78.14 4 10001 27 25 6 0 0 00:20:47 5
R22(config-router)#
发现R22和R25的邻居关系已经正常,查看BGP路由信息
R22(config-router)#do show bgp ipv6 unicast
BGP table version is 2, local router ID is 134.22.22.22
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 2001:BEEF:CAFE::/64
2001:CC1E:ABCD:2622::12
0 10001 i
* 2001:CC1E:BEEF::2225/128
::FFFF:123.1.2.18
0 0 65101 i
* 2001:CC1E:BEEF:25::/64
::FFFF:123.1.2.18
0 0 65101 i
R25#show bgp ipv6 unicast
BGP table version is 3, local router ID is 202.65.1.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 2001:BEEF:CAFE::/64
::FFFF:123.1.2.17
0 12345 10001 i
*> 2001:CC1E:BEEF::2225/128
:: 0 32768 i
*> 2001:CC1E:BEEF:25::/64
:: 0 32768 i
R25#
问题2. 去往R25网络的下一跳地址不存在、不可用
修改去往R25网络的下一跳地址,查询到R25上有配置了一个route-map 下一跳地址是R25的E0/1
R25#show run | s router
router bgp 65101
bgp log-neighbor-changes
neighbor 123.1.2.17 remote-as 12345
!
address-family ipv4
neighbor 123.1.2.17 activate
exit-address-family
!
address-family ipv6
network 2001:CC1E:BEEF::2225/128
network 2001:CC1E:BEEF:25::/64
neighbor 123.1.2.17 activate
exit-address-family
R25#show route-map
route-map NEXT-HOP, permit, sequence 10
Match clauses:
Set clauses:
ipv6 next-hop 2001:CC1E:BEEF:2225::18
Policy routing matches: 0 packets, 0 bytes
R25#
next-hop 2001:CC1E:BEEF:2225::18 这个IP地址是R25的 e0/1口,那说明这个route-map是为了修改BGP邻居访问network 2001:CC1E:BEEF::2225/128,network 2001:CC1E:BEEF:25::/64时指定下一跳为自己的e0/1口,那说明这个route-map应该配置在out的方向上
R25#conf t
R25(config)#router bgp 65101
R25(config-router-af)#address-family ipv6
R25(config-router-af)#neighbor 123.1.2.17 route-map NEXT-HOP out
R25(config-router-af)#do show run | s router bgp
router bgp 65101
bgp log-neighbor-changes
neighbor 123.1.2.17 remote-as 12345
!
address-family ipv4
neighbor 123.1.2.17 activate
exit-address-family
!
address-family ipv6
network 2001:CC1E:BEEF::2225/128
network 2001:CC1E:BEEF:25::/64
neighbor 123.1.2.17 activate
neighbor 123.1.2.17 route-map NEXT-HOP out
exit-address-family
R25(config-router-af)#
在R22的路由器上,查询BGP表
R22#show bgp ipv6 unicast
BGP table version is 4, local router ID is 134.22.22.22
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 2001:BEEF:CAFE::/64
2001:CC1E:ABCD:2622::12
0 10001 i
*> 2001:CC1E:BEEF::2225/128
2001:CC1E:BEEF:2225::18
0 0 65101 i
*> 2001:CC1E:BEEF:25::/64
2001:CC1E:BEEF:2225::18
0 0 65101 i
R22#show ipv route
IPv6 Routing Table - default - 8 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP
H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
IS - ISIS summary, D - EIGRP, EX - EIGRP external, NM - NEMO
ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr - Redirect
RL - RPL, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
la - LISP alt, lr - LISP site-registrations, ld - LISP dyn-eid
lA - LISP away, a - Application
B 2001:BEEF:CAFE::/64 [20/0]
via FE80::A8BB:CCFF:FE02:10, Ethernet1/0
C 2001:CC1E:ABCD:2622::/64 [0/0]
via Ethernet1/0, directly connected
L 2001:CC1E:ABCD:2622::13/128 [0/0]
via Ethernet1/0, receive
B 2001:CC1E:BEEF::2225/128 [20/0]
via FE80::A8BB:CCFF:FE02:2010, Ethernet0/1
B 2001:CC1E:BEEF:25::/64 [20/0]
via FE80::A8BB:CCFF:FE02:2010, Ethernet0/1
C 2001:CC1E:BEEF:2225::/64 [0/0]
via Ethernet0/1, directly connected
L 2001:CC1E:BEEF:2225::17/128 [0/0]
via Ethernet0/1, receive
L FF00::/8 [0/0]
via Null0, receive
下一跳已经正常,且已经加进路由表中
问题3. 去往目标网络的下一跳地址不存在、不可用
修改去往目标网络的下一跳地址,查询到R22上的BGP有配置了一个route-map NEXT-HOP
R22#show run | s router bgp
router bgp 12345
bgp router-id 134.22.22.22
bgp log-neighbor-changes
......
!
address-family ipv6
......
neighbor 123.1.2.18 route-map NEXT-HOP out
exit-address-family
R22#show route-map NEXT-HOP
route-map NEXT-HOP, permit, sequence 10
Match clauses:
Set clauses:
Policy routing matches: 0 packets, 0 bytes
R22#
却是什么都没有配置、这导致R25去往目标网络时的下跳变成了::FFFF:123.1.2.17这个无效地址,因此配置一下set next-hop解决这个问题(ipv4建邻居,传ipv6路由和ipv6建邻居,传ipv4路由的下一跳都会出现问题需要手动修改)
R22#conf t
R22(config)#route-map NEXT-HOP permit 10
R22(config-route-map)#set ipv next-hop 2001:CC1E:BEEF:2225::17
R22(config-route-map)#do show route-map NEXT-HOP
route-map NEXT-HOP, permit, sequence 10
Match clauses:
Set clauses:
ipv6 next-hop 2001:CC1E:BEEF:2225::17
Policy routing matches: 0 packets, 0 bytes
R22(config-route-map)#
在R25上查看BGP路由表
R25#show bgp ipv6 unicast
BGP table version is 4, local router ID is 202.65.1.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 2001:BEEF:CAFE::/64
2001:CC1E:BEEF:2225::17
0 12345 10001 i
*> 2001:CC1E:BEEF::2225/128
:: 0 32768 i
*> 2001:CC1E:BEEF:25::/64
:: 0 32768 i
R25#show ipv route
IPv6 Routing Table - default - 7 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP
H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
IS - ISIS summary, D - EIGRP, EX - EIGRP external, NM - NEMO
ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr - Redirect
RL - RPL, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
la - LISP alt, lr - LISP site-registrations, ld - LISP dyn-eid
lA - LISP away, a - Application
B 2001:BEEF:CAFE::/64 [20/0]
via FE80::A8BB:CCFF:FE01:F010, Ethernet0/1
LC 2001:CC1E:BEEF::2225/128 [0/0]
via Loopback0, receive
C 2001:CC1E:BEEF:25::/64 [0/0]
via Ethernet0/0, directly connected
L 2001:CC1E:BEEF:25::1/128 [0/0]
via Ethernet0/0, receive
C 2001:CC1E:BEEF:2225::/64 [0/0]
via Ethernet0/1, directly connected
L 2001:CC1E:BEEF:2225::18/128 [0/0]
via Ethernet0/1, receive
L FF00::/8 [0/0]
via Null0, receive
R25#
去往目标网络的下一跳已经正常,现在测试一下网络是否连通
Phone#ping 2001:BEEF:CAFE::26
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:BEEF:CAFE::26, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Phone#traceroute 2001:BEEF:CAFE::26
Type escape sequence to abort.
Tracing the route to 2001:BEEF:CAFE::26
1 2001:CC1E:BEEF:25::1 0 msec 0 msec 1 msec
2 2001:CC1E:BEEF:2225::17 0 msec 0 msec 1 msec
3 2001:CC1E:ABCD:2622::12 0 msec 1 msec 0 msec
4 2001:BEEF:CAFE::26 1 msec 1 msec 0 msec
Phone#
网络通了,目标达成。
