在PPPoE拨号宽带上使用IPv6（Cisco路由器）

本地联通运营商已经开通了家用宽带的IPv6，通过单独电脑PPPoE拨号证实可用。

但是，显然现在几乎没有人用电脑直接拨号了。那么，如何能在不改变现有网络拓扑的情况下，让内网的客户机也用上IPv6呢？

答案很简单，就是在路由器上设置PD（Prefix Delegation，前缀委派）。

研究了一下，配置方法如下：

ipv6 unicast-routing
ipv6 cef
ipv6 dhcp pool STATELESS  //仅用于为内网“无状态自动配置”的IPv6客户端指派DNS，所以没有地址信息。
 dns-server 2408:8000:6001:7000::8888  //DNS改成你所在运营商的

interface Vlan1  //内网（LAN）接口配置
 ip address 172.16.0.1 255.255.255.0  //原有IPv4配置
 ip nat inside  //原有IPv4配置
 ipv6 address isp ::1/64  //此处的“isp”是自定义的前缀名称。此处使用/64长度的前缀
 ipv6 enable
 ipv6 nd other-config-flag  //使用DHCPv6分配DNS
 ipv6 dhcp server STATELESS  //指定DHCPv6地址池

interface Dialer0  //外网（PPPoE）接口配置
 ip address negotiated  //原有IPv4配置
 ip mtu 1492  //原有IPv4配置
 ip nat outside  //原有IPv4配置
 encapsulation ppp
 ip tcp adjust-mss 1452  //原有IPv4配置
 dialer pool 1
 ipv6 address autoconfig default  //目前本地联通的IPv6地址为无状态自动配置
 ipv6 enable
 ipv6 mtu 1280  //最小为1280，依实际情况调整
 ipv6 dhcp client pd isp  //启用PD功能，“isp”是自定义的前缀名称
 ppp authentication pap callin
 ppp pap sent-username usr password 0 pwd

interface FastEthernet0  //拨号用物理接口配置
 no ip address
 pppoe enable group global
 pppoe-client dial-pool-number 1

ipv6 route ::/0 Dialer0  //IPv6的默认路由

验证配置：

CORE01#show ipv6 interface brief 
Dialer0                    [up/up]
    FE80::21B:AAAA:BBBB:CCCE
    2408:3333:6666:9999:21B:AAAA:BBBB:CCCE  //出于隐私考虑，地址已做修改……

Vlan1                      [up/up]
    FE80::21B:AAAA:BBBB:CCCC  //请注意：此处的link-local地址与Dialer0的不同
    2408:3333:6688:7777::1

目前看来，2408开头是联通的IPv6，2409开头是移动LTE的IPv6。

CORE01#show ipv6 dhcp interface dialer 0
Dialer0 is in client mode  //表示此接口当前工作在客户端模式
  Prefix State is OPEN (0)  //当前接口的DHCPv6客户端状态。OPEN表示已收到配置信息
  Information refresh timer expires in 22:35:58
  Renew will be sent in 22:35:58
  Address State is IDLE
  List of known servers:  //列出了此接口上的服务器
    Reachable via address: FE80::A6DC:BEFF:FEF7:CD8C  //DHCP服务器的地址
    DUID: 0001000600AB8758A4DCBEF7CD8C  //DHCP服务器的DUID（DHCP Unique Identifier）
    Preference: 255
    Configuration parameters:
      IA PD: IA ID 0x00140001, T1 86400, T2 138240
        Prefix: 2408:3333:6688:7777::/60  //联通给分配的前缀为/60
                preferred lifetime 172800, valid lifetime 259200
                expires at Jan 12 2019 02:45 PM (254159 seconds)
      DNS server: 2408:8000:6001:7000::8888  //联通给分配的DNS服务器
      DNS server: 2408:8000:6001:7000::9999
      Information refresh time: 0
  Prefix name: isp  //前缀池的名称
  Prefix Rapid-Commit: disabled
  Address Rapid-Commit: disabled

CORE01#show ipv6 dhcp interface vlan 1  
Vlan1 is in server mode  //该接口工作于DHCPv6服务器模式
  Using pool: STATELESS  //使用的DHCPv6池
  Preference value: 0
  Hint from client: ignored
  Rapid-Commit: disabled

CORE01#show ipv int dialer 0
Dialer0 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::21B:AAAA:BBBB:CCCE 
  No Virtual link-local address(es):
  Stateless address autoconfig enabled
  Global unicast address(es):
    2408:3333:6666:9999:21B:AAAA:BBBB:CCCE, subnet is 2408:3333:6666:9999::/64 [EUI/CAL/PRE]
      valid lifetime 258820 preferred lifetime 172420
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:BCBB:CCCE
  MTU is 1280 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ICMP unreachables are sent
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds (using 30000)
  ND RAs are suppressed (periodic)
  Hosts use stateless autoconfig for addresses.  //表示当前接口使用“无状态自动配置”分配IPv6地址

CORE01#show ipv int vlan 1  
Vlan1 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::21B:AAAA:BBBB:CCCC 
  No Virtual link-local address(es):
  General-prefix in use for addressing
  Global unicast address(es):
    2408:3333:6688:7777::1, subnet is 2408:3333:6688:7777::/64 [CAL/PRE]
      valid lifetime 252857 preferred lifetime 166457
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:2
    FF02::1:FF00:1
    FF02::1:BCBB:CCCC
    FF05::1:3
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ICMP unreachables are sent
  Input features: QoS classify QoS actions
  Service-policy input: PRE-CLASSIFY
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds (using 30000)
  ND advertised reachable time is 0 (unspecified)
  ND advertised retransmit interval is 0 (unspecified)
  ND router advertisements are sent every 200 seconds
  ND router advertisements live for 1800 seconds
  ND advertised default router preference is Medium
  Hosts use stateless autoconfig for addresses.  //此接口上（的内网电脑）使用无状态自动配置获取IPv6地址
  Hosts use DHCP to obtain other configuration.  //此接口上（的内网电脑）使用DHCPv6获取其他配置（如DNS服务器）

最后在电脑上用ipconfig /all看一下，是否正确获取了IPv6地址和DNS？

访问http://test-ipv6.com/，测试是否正常。

====================sp1==================

尽管IPv6有MTU自动发现的能力，但在公网环境中并不是那么好用，经常会出现因MTU过大导致的丢包，最终引起页面加载慢、打不开等等问题。

笔者做测试的Cisco路由器因为平台太老（1800平台），不支持ipv6 tcp adjust-mss命令。

从ISR G2（1900/2900/3900）平台开始，最新版的IOS都可以支持ipv6 tcp adjust-mss命令，使用原则如ipv4下的类似命令。