मैंने अपने रूटर पर एक HE.net IPv6 टनल को कॉन्फ़िगर किया है जिसमें दो WAN पोर्ट हैं। अजीब बात यह है कि सभी ग्राहक इंटरनेट पर IPv6 होस्ट को पिंग करने में सक्षम हैं, लेकिन मेरा राउटर किसी को भी पिंग नहीं कर सकता है।
यहाँ विन्यास है:
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname gateway
!
boot-start-marker
boot-end-marker
!
!
enable secret 4 xxxxxxxxxxxxxxxx
!
aaa new-model
!
!
!
!
!
!
!
aaa session-id common
!
ipv6 unicast-routing
ipv6 cef
ip source-route
ip cef
!
!
!
ip dhcp excluded-address 172.16.10.1 172.16.10.10
ip dhcp excluded-address 172.16.10.200 172.16.10.254
ip dhcp excluded-address 172.16.20.1 172.16.20.10
ip dhcp excluded-address 172.16.20.200 172.16.20.254
!
ip dhcp pool A-Group
network 172.16.10.0 255.255.255.0
default-router 172.16.10.254
dns-server 172.16.10.254
!
ip dhcp pool B-Group
network 172.16.20.0 255.255.255.0
default-router 172.16.20.254
dns-server 172.16.20.254
!
!
ip domain name internal.xxxxxx.net
ip name-server 2001:4860:4860::8888
ip name-server 2001:470:20::2
ip name-server 8.8.8.8
ip ddns update method TunnelBroker
HTTP
add https://xxxx:xxxxxxxxx@ipv4.tunnelbroker.net/ipv4_end.phptid=xxxxxx
interval maximum 0 1 0 0
!
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint tunnelbroker
enrollment terminal pem
revocation-check none
!
!
crypto pki certificate chain tunnelbroker
certificate ca 01
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
quit
license udi pid CISCO2901/K9 sn FGL170311S6
!
!
object-group network PRIVATE-NET
host xxx.xxx.xxx.xxx
!
username xxxxxx password 0 xxxxxxxx
!
!
ip ssh time-out 60
ip ssh authentication-retries 5
!
!
!
!
interface Tunnel0
no ip address
ipv6 address 2001:470:xxxx:xxxx::2/64
ipv6 enable
tunnel source Dialer2
tunnel mode ipv6ip
tunnel destination 72.52.104.74
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
no ip address
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 2
!
interface GigabitEthernet0/1
no ip address
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface GigabitEthernet0/1/0
mtu 1496
no ip address
ip nat inside
ip virtual-reassembly in
negotiation auto
!
interface GigabitEthernet0/1/0.10
encapsulation dot1Q 10
ip address 172.16.10.254 255.255.255.0
ip nat inside
ip virtual-reassembly in
ipv6 address 2001:xxx:xxx:10::1/64
ipv6 enable
!
interface GigabitEthernet0/1/0.20
encapsulation dot1Q 20
ip address 172.16.20.254 255.255.255.0
ip nat inside
ip virtual-reassembly in
ipv6 address 2001:xxx:xxx:20::1/64
ipv6 enable
!
interface Dialer1
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
ppp chap hostname xxxxxxxxxxx
ppp chap password 0 xxxxxxxxxxx
ppp pap sent-username xxxxxxxx password 0 xxxxxxx
ppp ipcp dns request
!
interface Dialer2
ip ddns update TunnelBroker
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 2
ppp chap hostname xxxxxx
ppp chap password 0 xxxxxxx
ppp pap sent-username xxxxxx password 0 xxxxxx
ppp ipcp dns request
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip dns server
ip nat inside source route-map dia1-nat interface Dialer1 overload
ip nat inside source route-map dia2-nat interface Dialer2 overload
ip route 0.0.0.0 0.0.0.0 Dialer2
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 72.52.104.74 255.255.255.255 Dialer2
!
ip access-list extended PRIVATE-POOL
permit ip object-group PRIVATE-NET any
ip access-list extended WAN-POOL
permit ip any any
!
ipv6 route ::/0 Tunnel0
!
route-map dia2-nat permit 10
match ip address WAN-POOL
match interface Dialer2
!
route-map dia1-nat permit 10
match ip address PRIVATE-POOL
match interface Dialer1
!
!
!
!
!
control-plane
!
!
!
----omitted----
ग्राहक पक्ष पर:
xxxx$ ping6 google.com
PING6(56=40+8+8 bytes) 2001:470:8318:10:dc24:208e:6843:8932 --> 2404:6800:4008:c00::66
16 bytes from 2404:6800:4008:c00::66, icmp_seq=0 hlim=52 time=343.733 ms
16 bytes from 2404:6800:4008:c00::66, icmp_seq=1 hlim=52 time=343.917 ms
16 bytes from 2404:6800:4008:c00::66, icmp_seq=2 hlim=52 time=345.722 ms
^C
--- google.com ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 343.733/344.457/345.722/0.897 ms
राउटर पर:
gateway#ping 2404:6800:4008:c00::66
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2404:6800:4008:C00::66, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
gateway#
संबंधित नहीं है, लेकिन जब से आपके पास एक टाइप 4 पासवर्ड है ... tools.cisco.com/security/center/content/CiscoSecurityResponse/...
—
cpt_fink