IPv6 Vyatta LAB – Part I; the LAB connections and addresses

The Lab

In this exercise we will add IPv6 into my IPv4-speaking lab network. This lab consists of four switches, eight routers and one firewall. The firewall is connected to the NIC of my host system and provides access to the real world. All the lab hosts are Virtualbox guests on my  computer.

The switches in the middle are not relevant to this article and for that reason we will not go into their configurations.

Episodes in this story will be

Part I    The LAB; connections and addresses
Part II    OSPF as IGP
Part III   BGP route reflectors and their clients
Part IV   BGP routes
Part V   New site via eBGP

Here is the network diagram for this lab.
(Click to enlarge)

 

vyatta-lab

 

Each link between the routers and switches represents a Virtualbox intnet, each of them being unique. (Exeption: link between FW and Cisco goes through my wlan)

Because Virtualbox does not speak IPv6 over wlan interface, I have made a tunnel from the firewall to my real world router. There is also a tunnel between R1 and FW just because it is fun to make tunnels.

The prefix for my lab routers is 2001:099:0013:004a::/64. Each router will get a globally valid loopback address from this area.

I will use also other prefixes when it is time to add “customer” sites to the mix.

The Firewall is an ubuntu server, all other routers and switches are Vyatta 6.3.

There will be also ip6tables rules on the Firewall. I might write some more on firewalling later but you can find an example of a very basic firewall setup from my previous posting about IPv6 for residential user with tunnel service.

Here are the configurations for the tunnels used to connect the Real World to the Firewall and the Firewall to R1.
Feel free to skip them if you are not intending to use tunnels. The main beef in this lab will be the dynamic routing between routers from R1 to R8.

Tunnel from FW to r1

Firewall  (Ubuntu)
sudo ip tu ad sit203 mode sit local 4.4.4.1 remote 4.4.4.2 ttl 64
sudo ip ad ad dev sit203 2001:099:0013:004a:ffff:ffff:ffff:fffd/126
sudo ip li se dev sit203 up
sudo ip -6 ro ad 2001:099:0013:004a::/64 via 2001:099:0013:004a:ffff:ffff:ffff:fffe

R1  (Vyatta)
set interfaces tunnel tun203 encapsulation sit
set interfaces tunnel tun203 local-ip 4.4.4.2
set interfaces tunnel tun203 remote-ip 4.4.4.1
set interfaces tunnel tun203 address 2001:099:0013:004a:ffff:ffff:ffff:fffe/126
set protocols static route6 ::/0 next-hop 2001:099:0013:004a:ffff:ffff:ffff:fffd

Tunnel from FW to REAL WORLD (Cisco)

FW  (Ubuntu)
ip tu ad sit200 mode sit local 194.x.x.5 remote 194.x.x.1 ttl 64
ip ad ad dev sit200 2001:099:0013:0049:ffff:ffff:ffff:fffe/126
ip li se dev sit200 up
ip -6 ro ad ::/0 via 2001:099:0013:0049:ffff:ffff:ffff:fffd

Cisco
interface Tunnel200
no ip address
ipv6 address 2001:99:13:49:FFFF:FFFF:FFFF:FFFD/126
ipv6 enable
tunnel source 194.x.x.1
tunnel destination 194.x.x.5
tunnel mode ipv6ip
ipv6 route 2001:99:13:4A::/64 2001:99:13:49:FFFF:FFFF:FFFF:FFFE

Procedure

This is what we are going to be doing:

 

  1. Check IPv6 forwarding
  2. Verify IPv6 connectivity between the lab routers
  3. Route the lab prefix from the Internet router to LAB FW
  4. Route the lab prefix from LAB FW to R1
  5. Set IPv6 loopback addresses with mask /128 to each router
  6. Set up OSPFv3 and verify connectivity between routers
  7. Set up BGP
  8. Redistribute default route to BGP
  9. Set up a client interface with router advertisement and advertise with BGP
  10. Set up a client computer and test connectivity

 

Let’s get it started!

Check IPv6 forwarding

Vyatta routers

Vyatta 6.3 has IPv6 forwarding on by default. You can verify it with
show ipv6 forwarding

Firewall (Ubuntu server)

sudo nano /etc/sysctl.conf

Uncomment
net.ipv6.conf.all.forwarding=1

Reboot.

Verify IPv6 connectivity between the lab routers

Go to one of them, check which interfaces are connected to other routers and give it a try:

sudo ping6 -I eth0.12 ff02::1

If and when you get replies, you can try to connect to one of those neighbors directly:
ssh fe80::a00:27ff:fe96:c448%eth0.12

Routing the LAB Prefix

I have routed the LAB prefix from the Real World (Cisco router) to my virtual lab. The routing goes in two different tunnels.  You can see the commands used in static routing (Cisco, Ubuntu, Vyatta) in the tunnel examples above.

 

Router loopbacks

The last job in this episode is to assign each Vyatta router an address from our LAB Prefix.Let’s put the to the loopback interface.

Do this by commanding

user@r1  configure
user@r1 set interfaces loopback lo address 2001:99:13:4a::1/128
user@r1 commit
user@r1 save

user@r2 configure
user@r2 set interfaces loopback lo address 2001:99:13:4a::2/128
user@r2 commit
user@r2 save

user@r3 configure
user@r3 set interfaces loopback lo address 2001:99:13:4a::3/128
user@r3 commit
user@r3 save

….  etc ….

In the next episode we will set up OSPF as an IGP for the lab network.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s