实战:Google Fiber IPv6 on Cisco 1100 ISR
imbushuo
Please mind the gap
环境
- 亚特兰大 Google Fiber
- Cisco 1100 ISR (C1111-4P), IOS XE Fuji 16.8.1
- GigabitEthernet0/0/0.2 为到 ONT 的接口
- 其他接口均配置为二层接口,Access 模式,连接到一个 Vlan100
细节
- 据这位实际配置者说,Google 的 Fiber Box 十分奇怪,你不 tag dot1Q VLAN2 就根本上不了网
- Google 现在只给一个 /64 了,十分抠门(Comcast 都有 /56)
配置
Current configuration : 2597 bytes
!
! Last configuration change at 13:49:17 UTC Sat Oct 27 2018
!
version 16.8
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname ISR-1100
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
clock timezone UTC -4 0
!
no ip domain lookup
!
ip dhcp pool HOME
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
dns-server 1.1.1.1
!
!
!
ipv6 source-route
ipv6 unicast-routing
ipv6 dhcp pool SLAAC
dns-server 2001:4860:4860::8888
domain-name ATL-HOME.LOCAL
!
!
!
!
!
!
!
!
subscriber templating
!
!
multilink bundle-name authenticated
!
!
!
!
!
license udi pid C1111-4P sn *********
no license smart enable
!
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
!
username *******
!
redundancy
mode none
!
!
vlan internal allocation policy ascending
!
!
class-map match-all cmap-match-dhcp
match protocol dhcp
!
policy-map tag-out-gfiber
class cmap-match-dhcp
set cos 2
class class-default
set cos 3
!
!
!
!
!
!
interface GigabitEthernet0/0/0
no ip address
load-interval 30
negotiation auto
no cdp enable
ipv6 enable
ipv6 nd ra suppress all
!
interface GigabitEthernet0/0/0.2
encapsulation dot1Q 2
no ip dhcp client request dns-nameserver
ip address dhcp
ip nat outside
ip nbar protocol-discovery
no cdp enable
ipv6 address autoconfig default
ipv6 enable
ipv6 nd ra suppress all
ipv6 dhcp client pd google
ipv6 dhcp client request vendor
ipv6 virtual-reassembly in
service-policy output tag-out-gfiber
ip virtual-reassembly
!
interface GigabitEthernet0/0/1
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/1/0
switchport access vlan 100
!
interface GigabitEthernet0/1/1
switchport access vlan 100
!
interface GigabitEthernet0/1/2
switchport access vlan 100
!
interface GigabitEthernet0/1/3
switchport access vlan 100
!
interface Vlan1
no ip address
shut
!
interface Vlan100
ip address 192.168.0.1 255.255.255.0
ip nat inside
ipv6 enable
ipv6 address google ::2:0:0:0:1/64
ipv6 nd other-config-flag
ipv6 nd ra interval 180
ipv6 dhcp server SLAAC rapid-commit
ip virtual-reassembly
!
ip nat inside source list 1 interface GigabitEthernet0/0/0.2 overload
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
access-list 1 permit any
!
!
!
!
control-plane
!
!
line con 0
transport input none
stopbits 1
line vty 0 4
login
!
ntp server 0.us.pool.ntp.org prefer
wsma agent exec
!
wsma agent config
!
wsma agent filesys
!
wsma agent notify
!
!
end