目  录

1 DHCPv6服务器和DHCPv6 PD客户端典型配置举例

1.1 简介

2 配置前提

2.1 组网需求

2.2 配置注意事项

2.3 适用产品及版本

2.4 配置步骤

2.4.1 配置DHCPv6服务器

2.4.2 配置DHCPv6 PD客户端

2.4.3 配置DHCPv6客户端

2.5 验证配置

2.5.1 验证DHCPv6服务器配置

2.5.2 验证DHCPv6 PD客户端配置

2.5.3 验证DHCPv6客户端配置

2.6 配置文件

 

1 DHCPv6服务器和DHCPv6 PD客户端典型配置举例

1.1  简介

为了简化主机配置，避免进行大量的手工操作，IPv6支持无状态地址配置和有状态地址配置：

·     无状态地址配置是指主机根据自己的链路层地址及路由器发布的前缀信息自动配置IPv6地址及相关信息。

·     有状态地址配置是指从服务器（如DHCPv6服务器）获取IPv6地址及相关信息。

本文档将介绍无状态地址和有状态地址的典型配置举例。

2 配置前提

本文档中的配置均是在实验室环境下进行的配置和验证，配置前设备的所有参数均采用出厂时的缺省配置。如果您已经对设备进行了配置，为了保证配置效果，请确认现有配置和以下举例中的配置不冲突。

本文假设您已了解DHCPv6相关特性。

2.1  组网需求

如图1所示，Host A和Device C从DHCPv6 PD客户端获取IPv6地址前缀并通过无状态配置自动生成IPv6全球单播地址，Host B和Device D通过有状态地址配置从DHCPv6 PD客户端上的IPv6地址池中分配到IPv6全球单播地址。其中：

·     Device A作为DHCPv6服务器，接口Twenty-FiveGigE1/0/1的IPv6地址为1::1/64。创建IPv6地址池并引用包含前缀2001:0410::/32的前缀池，通过IPv6地址池为DHCPv6 PD客户端分配前缀。

·     Device B作为DHCPv6 PD客户端，从DHCPv6服务器上获得编号为11的固定前缀2001:410::/48，引用前缀生成接口Twenty-FiveGigE1/0/2的IPv6地址，并将此前缀通告给终端设备。

·     Device C通过IPv6邻居发现协议（RA通告）从DHCPv6 PD客户端获得IPv6地址前缀并通过无状态自动配置生成接口Twenty-FiveGigE1/0/1的IPv6地址。

·     Host A通过IPv6邻居发现协议（RA通告）从DHCPv6 PD客户端获取IPv6地址前缀信息并自动生成IPv6地址。

·     Device B利用从Device A获得的前缀11创建IPv6地址池，通过IPv6地址池为Host B和Device D的接口Twenty-FiveGigE1/0/1分配IPv6地址。

图2-1 DHCPv6服务器和DHCPv6 PD客户端配置组网图

 

2.2  配置注意事项

·     为接口配置IPv6全球单播地址后，如果没有为接口配置链路本地地址，则接口会自动生成一个链路本地地址。

·     DHCPv6 PD客户端引用前缀生成接口上的IPv6地址时，子前缀的前缀长度必须为64，否则发送给终端设备的前缀无法用于终端IPv6地址的无状态自动配置。

2.3  适用产品及版本

表2-1 适用产品及版本

产品	软件版本
S6550X-HI系列	Release 1116及以上版本、Release 1213P01及以上版本
S6880系列	Release 1116及以上版本、Release 1213P01及以上版本
S9820-8M	Release 1116及以上版本、Release 1213P01及以上版本
S5580X-HI系列	Release 1213P01及以上版本
S5580X-EI系列	Release 1213P01及以上版本
S5580S-EI系列	Release 1213P01及以上版本

 

2.4  配置步骤

2.4.1  配置DHCPv6服务器

# 配置接口Twenty-FiveGigE1/0/1的IPv6地址，并允许其发布RA消息。

<DeviceA> system-view

[DeviceA] interface Twenty-FiveGigE 1/0/1

[DeviceA-Twenty-FiveGigE1/0/1] ipv6 address 1::1/64

[DeviceA-Twenty-FiveGigE1/0/1] undo ipv6 nd ra halt

[DeviceA-Twenty-FiveGigE1/0/1] quit

# 配置前缀池1，包含的前缀为2001:0410::/32，分配的前缀长度为48。

[DeviceA] ipv6 dhcp prefix-pool 1 prefix 2001:0410::/32 assign-len 48

# 创建IPv6地址池1。

[DeviceA] ipv6 dhcp pool 1

# 配置地址池1网段为1::/64，与接口地址所属的网段相同。

[DeviceA-ipv6-pool-1] network 1::/64

# 配置地址池1引用已存在的前缀池1，并设置动态分配前缀的首选生命期为1天，有效生命期为3天。

[DeviceA-ipv6-pool-1] prefix-pool 1 preferred-lifetime 86400 valid-lifetime 259200

[DeviceA-ipv6-pool-1] quit

# 配置接口Twenty-FiveGigE1/0/1工作在DHCPv6服务器模式，并在该接口使能期望前缀分配和前缀快速分配功能，并将优先级设置为最高。

[DeviceA] interface Twenty-FiveGigE 1/0/1

[DeviceA-Twenty-FiveGigE1/0/1] ipv6 dhcp select server

[DeviceA-Twenty-FiveGigE1/0/1] ipv6 dhcp server allow-hint preference 255 rapid-commit

[DeviceA-Twenty-FiveGigE1/0/1] quit

# 配置到主机网段的IPv6静态路由。

[DeviceA] ipv6 route-static 2001:0410:0:1:: 64 1::2

[DeviceA] ipv6 route-static 2001:0410:0:2:: 64 1::2

2.4.2  配置DHCPv6 PD客户端

1. 配置DHCPv6 PD客户端从DHCPv6服务器上获取IPv6前缀

 

# 配置接口Twenty-FiveGigE1/0/1的IPv6地址。

<DeviceB> system-view

[DeviceB] interface Twenty-FiveGigE 1/0/1

[DeviceB-Twenty-FiveGigE1/0/1] ipv6 address 1::2/64

# 配置接口Twenty-FiveGigE1/0/1作为DHCPv6客户端获取IPv6前缀及网络参数，配置根据获取到的前缀自动创建编号为11的IPv6前缀，并配置DHCPv6客户端支持前缀快速分配功能。

[DeviceB-Twenty-FiveGigE1/0/1] ipv6 dhcp client pd 11 rapid-commit

[DeviceB-Twenty-FiveGigE1/0/1] quit

2. 配置DHCPv6 PD客户端引用前缀生成接口Twenty-FiveGigE1/0/2的IPv6地址，并通过RA消息将此前缀通告给终端设备Device C和Host A

# 配置接口Twenty-FiveGigE1/0/2动态获取编号11为IPv6前缀，并与0:0:0:1::10/64的子前缀和主机位生成接口的IPv6地址，同时将编号为11的IPv6前缀通告给终端设备。

[DeviceB] interface Twenty-FiveGigE 1/0/2

[DeviceB-Twenty-FiveGigE1/0/2] ipv6 address 11 0:0:0:1::10/64

# 配置接口Twenty-FiveGigE1/0/2允许发布RA消息。

[DeviceB-Twenty-FiveGigE1/0/2] undo ipv6 nd ra halt

# 开启无效授权前缀通告功能。当前缀失效时，设备会发布RA通告，则终端不会再使用引用此前缀生成的IPv6地址进行通信。

[DeviceB] interface Twenty-FiveGigE 1/0/2

[DeviceB-Twenty-FiveGigE1/0/2] ipv6 nd ra invalid-delegated-prefix advertise enable

[DeviceB-Twenty-FiveGigE1/0/2] quit

3. 配置DHCPv6 PD客户端利用编号为11的前缀创建IPv6地址池，并作为DHCPv6服务器为Device D和Host B分配IPv6地址

# 配置接口Twenty-FiveGigE1/0/3动态获取编号11为IPv6前缀，并与0:0:0:2::10/64的子前缀和主机位生成接口的IPv6地址。

[DeviceB-Twenty-FiveGigE1/0/3] ipv6 address 11 0:0:0:2::10/64

[DeviceB-Twenty-FiveGigE1/0/3]quit

# 创建IPv6地址池2。

[DeviceB] ipv6 dhcp pool 2

# 引用编号为11的前缀配置地址池2可动态分配的IPv6地址网段。

[DeviceB-ipv6-pool-1] network prefix 11

[DeviceB-ipv6-pool-1] quit

# 配置接口Twenty-FiveGigE1/0/3工作在DHCPv6服务器模式，并在该接口使能期望地址分配和地址快速分配功能，并将优先级设置为最高。

[DeviceB] interface Twenty-FiveGigE 1/0/3

[DeviceB-Twenty-FiveGigE1/0/3] ipv6 dhcp select server

[DeviceB-Twenty-FiveGigE1/0/3] ipv6 dhcp server allow-hint preference 255 rapid-commit

[DeviceB-Twenty-FiveGigE1/0/3] quit

2.4.3  配置DHCPv6客户端

1. 无状态地址配置

# 配置Device C和Host A

# 手工配置接口Twenty-FiveGigE1/0/1通过无状态自动配置方式生成IPv6全球单播地址。

<DeviceC> system-view

[DeviceC] interface Twenty-FiveGigE 1/0/1

[DeviceC-Twenty-FiveGigE1/0/1] ipv6 address auto

# 配置Host A主机自动获取IPv6地址（以操作系统Windows 10为例）

a.点击桌面网络，打开“网络和Internet设置”。

b.点击并进入“网络和共享中心”窗口，选择主机所在网络“以太网xxx”。

c.单击“属性”，进入“以太网xxx 属性”窗口。

d.选择“Internet协议版本6（TCP/IPv6）”，点击“属性”，进入“Internet协议版本6（TCP/IPv6）属性”窗口，选择“自动获得IPv6地址”，单击“确定”。

2. 有状态地址配置

# 配置Device D和Host B

# 配置接口Twenty-FiveGigE1/0/1作为DHCPv6客户端获取IPv6地址及网络参数，配置DHCPv6客户端支持地址快速分配功能。

<DeviceD> system-view

[DeviceD] interface Twenty-FiveGigE 1/0/1

[DeviceD-Twenty-FiveGigE1/0/1] ipv6 address dhcp-alloc rapid-commit

[DeviceD-Twenty-FiveGigE1/0/1] quit

# 配置Host B主机自动获取IPv6地址

同Host A配置。

2.5  验证配置

2.5.1  验证DHCPv6服务器配置

# 查看地址池1的信息。

<DeviceA> display ipv6 dhcp pool 1

DHCPv6 pool: 1

  Network: 1::/64

    Preferred lifetime 604800 seconds, valid lifetime 2592000 seconds

  Prefix pool: 1

    Preferred lifetime 86400 seconds, valid lifetime 259200 seconds

# 查看前缀池1的信息。

<DeviceA> display ipv6 dhcp prefix-pool 1

Prefix: 2001:410::/32

Assigned length: 48

Total prefix number: 65536

Available: 65535

In-use: 1

Static: 0

# 查看DHCPv6前缀绑定信息。

<DeviceA> display ipv6 dhcp server pd-in-use

Pool: 1

 IPv6 prefix             Hardware address     Type      Lease expiration

 2001:410::/48           2455-d9ca-0207       Auto(C)   Jul 25 09:44:02 2022

Auto(C)表示支持前缀快速分配功能的服务器收到客户端发送的包含Rapid Commit选项的Solicit消息后，产生的动态正式绑定（Committed）。

2.5.2  验证DHCPv6 PD客户端配置

1. 查看无状态地址配置信息

# 查看Device B上接口Twenty-FiveGigE1/0/1配置的IPv6全球单播地址。

<DeviceB> display ipv6 interface Twenty-FiveGigE 1/0/1

Twenty-FiveGigE1/0/1 current state: UP

Line protocol current state: UP

IPv6 is enabled, link-local address is FE80::2655:D9FF:FECA:206

  Global unicast address(es):

    1::2, subnet is 1::/64

  Joined group address(es):

    FF02::1

    FF02::2

    FF02::18C

    FF02::1:FF00:2

    FF02::1:FFCA:206

    FF0E::18C

  MTU is 1500 bytes

  ND DAD is enabled, number of DAD attempts: 1

  ND reachable time is 30000 milliseconds

  ND retransmit interval is 1000 milliseconds

  Hosts use stateless autoconfig for addresses

IPv6 Packet statistics:

  InReceives:                    0

  InTooShorts:                   0

  InTruncatedPkts:               0

  InHopLimitExceeds:             0

  InBadHeaders:                  0

  InBadOptions:                  0

  ReasmReqds:                    0

  ReasmOKs:                      0

  InFragDrops:                   0

  InFragTimeouts:                0

  OutFragFails:                  0

  InUnknownProtos:               0

  InDelivers:                    0

  OutRequests:                   0

  OutForwDatagrams:              0

  InNoRoutes:                    0

  InTooBigErrors:                0

  OutFragOKs:                    0

  OutFragCreates:                0

  InMcastPkts:                   0

  InMcastNotMembers:             0

  OutMcastPkts:                  0

  InAddrErrors:                  0

  InDiscards:                    0

  OutDiscards:                   0

# 查看Device B上接口Twenty-FiveGigE1/0/2根据获得的前缀生成的IPv6全球单播地址。

<DeviceB> display ipv6 interface Twenty-FiveGigE 1/0/2

Twenty-FiveGigE1/0/2 current state: UP

Line protocol current state: UP

IPv6 is enabled, link-local address is FE80::2655:D9FF:FECA:207

  Global unicast address(es):

    2001:410:0:1::10, subnet is 2001:410:0:1::/64

  Joined group address(es):

    FF02::1

    FF02::2

    FF02::18C

    FF02::1:FF00:10

    FF02::1:FFCA:207

    FF0E::18C

  MTU is 1500 bytes

  ND DAD is enabled, number of DAD attempts: 1

  ND reachable time is 30000 milliseconds

  ND retransmit interval is 1000 milliseconds

  ND advertised reachable time is 0 milliseconds

  ND advertised retransmit interval is 0 milliseconds

  ND router advertisements are sent every 600 seconds

  ND router advertisements live for 1800 seconds

  Hosts use stateless autoconfig for addresses

IPv6 Packet statistics:

  InReceives:                    0

  InTooShorts:                   0

  InTruncatedPkts:               0

  InHopLimitExceeds:             0

  InBadHeaders:                  0

  InBadOptions:                  0

  ReasmReqds:                    0

  ReasmOKs:                      0

  InFragDrops:                   0

  InFragTimeouts:                0

  OutFragFails:                  0

  InUnknownProtos:               0

  InDelivers:                    0

  OutRequests:                   0

  OutForwDatagrams:              0

  InNoRoutes:                    0

  InTooBigErrors:                0

  OutFragOKs:                    0

  OutFragCreates:                0

  InMcastPkts:                   0

  InMcastNotMembers:             0

  OutMcastPkts:                  0

  InAddrErrors:                  0

  InDiscards:                    0

  OutDiscards:                   0

# 查看Device B上接口Twenty-FiveGigE1/0/3根据获得的前缀生成的IPv6全球单播地址。

<DeviceB> display ipv6 interface Twenty-FiveGigE 1/0/3

Twenty-FiveGigE1/0/3 current state: UP

Line protocol current state: UP

IPv6 is enabled, link-local address is FE80::2655:D9FF:FECA:208

  Global unicast address(es):

    2001:410:0:2::10, subnet is 2001:410:0:2::/64

  Joined group address(es):

    FF02::1

    FF02::2

    FF02::18C

    FF02::1:2

    FF02::1:FF00:10

    FF02::1:FFCA:208

    FF05::1:3

    FF0E::18C

  MTU is 1500 bytes

  ND DAD is enabled, number of DAD attempts: 1

  ND reachable time is 30000 milliseconds

  ND retransmit interval is 1000 milliseconds

  Hosts use stateless autoconfig for addresses

IPv6 Packet statistics:

  InReceives:                    0

  InTooShorts:                   0

  InTruncatedPkts:               0

  InHopLimitExceeds:             0

  InBadHeaders:                  0

  InBadOptions:                  0

  ReasmReqds:                    0

  ReasmOKs:                      0

  InFragDrops:                   0

  InFragTimeouts:                0

  OutFragFails:                  0

  InUnknownProtos:               0

  InDelivers:                    0

  OutRequests:                   0

  OutForwDatagrams:              0

  InNoRoutes:                    0

  InTooBigErrors:                0

  OutFragOKs:                    0

  OutFragCreates:                0

  InMcastPkts:                   0

  InMcastNotMembers:             0

  OutMcastPkts:                  0

  InAddrErrors:                  0

  InDiscards:                    0

  OutDiscards:                   0

# 在Device B上查看接口Twenty-FiveGigE1/0/2的邻居信息。

<DeviceB> display ipv6 neighbors interface Twenty-FiveGigE 1/0/2

Type: S-Static    D-Dynamic    O-Openflow     R-Rule    IS-Invalid static

IPv6 address              MAC address    VID  Interface           State T  Age

2001:410::2ACC:53FF:FE48:406 7e0e-0ceb-0406 --   WGE1/0/2             STALE D  584

2001:410:0:1:9086:E493:B7EF:A029 0800-2700-98d2 --   WGE1/0/2             REACH D  409

2001:410:0:1:A941:6AE0:DCC4:517E 0800-2700-98d2 --   WGE1/0/2             REACH D  419

FE80::2ACC:53FF:FE48:406  7e0e-0ceb-0406 --   WGE1/0/2             STALE D  574

FE80::A941:6AE0:DCC4:517E 0800-2700-98d2 --   WGE1/0/2             REACH D  409

通过上面的信息可以知道Device C获得的IPv6全球单播地址为2001:410::2ACC:53FF:FE48:406；Host获得的IPv6全球单播地址为2001:410:0:1:A941:6AE0:DCC4:517E、临时IPv6全球单播地址为2001:410:0:1:9086:E493:B7EF:A029。

 

2. 查看有状态地址配置信息

# 查看地址池2的信息。

<DeviceB> display ipv6 dhcp pool 2

DHCPv6 pool: 2

  Network: 2001:410::/48

    Preferred lifetime 604800 seconds, valid lifetime 2592000 seconds

# 查看DHCPv6地址的绑定信息。

<DeviceB> display ipv6 dhcp server ip-in-use

Pool: 2

 IPv6 address            Hardware address     Type      Lease expiration

 2001:410::1             28cc-5348-0306       Auto(C)   Aug 24 09:44:46 2022

 2001:410::2             0800-2700-48ec       Auto(C)   Aug 24 09:53:13 2022

2.5.3  验证DHCPv6客户端配置

1. 查看无状态地址配置信息

# 在Device C上查看接口Twenty-FiveGigE1/0/1的IPv6全球单播地址。

<DeviceC> display ipv6 interface Twenty-FiveGigE 1/0/1

Twenty-FiveGigE1/0/1 current state: UP

Line protocol current state: UP

IPv6 is enabled, link-local address is FE80::7C0E:CFF:FEEB:406

  Global unicast address(es):

    2001:410:0:1:7C0E:CFF:FEEB:406, subnet is 2001:410:0:1::/64 [AUTOCFG]

      [valid lifetime 259019s/preferred lifetime 86219s]

  Joined group address(es):

    FF02::1

    FF02::2

    FF02::18C

    FF02::1:FF48:406

    FF0E::18C

  MTU is 1500 bytes

  ND DAD is enabled, number of DAD attempts: 1

  ND reachable time is 30000 milliseconds

  ND retransmit interval is 1000 milliseconds

  Hosts use stateless autoconfig for addresses

IPv6 Packet statistics:

  InReceives:                    0

  InTooShorts:                   0

  InTruncatedPkts:               0

  InHopLimitExceeds:             0

  InBadHeaders:                  0

  InBadOptions:                  0

  ReasmReqds:                    0

  ReasmOKs:                      0

  InFragDrops:                   0

  InFragTimeouts:                0

  OutFragFails:                  0

  InUnknownProtos:               0

  InDelivers:                    0

  OutRequests:                   0

  OutForwDatagrams:              0

  InNoRoutes:                    0

  InTooBigErrors:                0

  OutFragOKs:                    0

  OutFragCreates:                0

  InMcastPkts:                   0

  InMcastNotMembers:             0

  OutMcastPkts:                  0

  InAddrErrors:                  0

  InDiscards:                    0

  OutDiscards:                   0

# 在PC上查看Host A获得的IPv6全球单播地址。

C:\Users\UserAccount>ipconfig /all

 

2. 查看有状态地址配置信息

# 在Device D上查看Device B分配的IPv6全球单播地址。

<DeviceD> display ipv6 dhcp client

Twenty-FiveGigE1/0/1:

  Type: Stateful client requesting address

    State: OPEN

    Client DUID: 0003000128cc53480300

    Preferred server:

      Reachable via address: FE80::2655:D9FF:FECA:208

      Server DUID: 000300012455d9ca0200

    IA_NA: IAID 0x00000002, T1 302400 sec, T2 483840 sec

      Address: 2001:410::1

        Preferred lifetime 604800 sec, valid lifetime 2592000 sec

        Will expire on Aug 24 2022 at 09:44:35 (2589132 seconds left)

# 在PC上查看Host B获得的IPv6全球单播地址。

C:\Users\UserAccount>ipconfig /all

 

2.6  配置文件

Device A：

#

 ipv6 dhcp prefix-pool 1 prefix 2001:410::/32 assign-len 48

#

ipv6 dhcp pool 1

 network 1::/64

 prefix-pool 1 preferred-lifetime 86400 valid-lifetime 259200

#

interface Twenty-FiveGigE1/0/1

 port link-mode route

 ipv6 dhcp select server

 ipv6 dhcp server allow-hint preference 255 rapid-commit

 ipv6 address 1::1/64

 undo ipv6 nd ra halt

#

 ipv6 route-static 2001:410:0:1:: 64 1::2

 ipv6 route-static 2001:410:0:2:: 64 1::2

#

Device B：

#

ipv6 dhcp pool 2

 network prefix 11

#

interface Twenty-FiveGigE1/0/1

 port link-mode route

 ipv6 address 1::2/64

 ipv6 dhcp client pd 11 rapid-commit

#

interface Twenty-FiveGigE1/0/2

 port link-mode route

 ipv6 address 11 ::1:0:0:0:10/64

 undo ipv6 nd ra halt

 ipv6 nd ra invalid-delegated-prefix advertise enable

#

interface Twenty-FiveGigE1/0/3

 port link-mode route

 ipv6 dhcp select server

 ipv6 dhcp server allow-hint preference 255 rapid-commit

 ipv6 address 11 ::2:0:0:0:10/64

#

Device C：

#

interface Twenty-FiveGigE1/0/1

 port link-mode route

 ipv6 address auto

#

Device D：

#

interface Twenty-FiveGigE1/0/1

 port link-mode route

 ipv6 address dhcp-alloc rapid-commit

#