Konfiguracja PPPoE Dual Stack (IPv4 + IPv6) w routerach Cisco IOS
Poniżej przykładowa konfiguracja routera CPE (klienckiego) Cisco z systemem IOS do obsługi połączeń PPPoE Dual Stack (IPv4 + IPv6). Dla uproszczenia skonfigurowano obsługę DNS tylko w IPv4.
Interfejs WAN: FastEthernet0/0, interfejs LAN: FastEthernet0/1.
Uwaga! Konfiguracja jest minimalna i nie zawiera potrzebnych zabezpieczeń. Powinna być taktowana wyłącznie jako materiał referencyjny do włączenia obsługi PPPoE na routerze klienta.
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname pppoe_cpe_ds_demo
!
boot-start-marker
boot-end-marker
!
!
no logging console
enable secret xxxxxxx
!
aaa new-model
!
!
aaa session-id common
!
clock timezone CET 1 0
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 2:00
!
dot11 syslog
ip source-route
!
!
ip cef
ip dhcp excluded-address 192.168.0.1 192.168.0.100
!
ip dhcp pool POOL-DHCP1
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
dns-server 193.151.52.34 193.151.52.38
!
!
no ip domain lookup
ip domain name euron.pl
ip name-server 193.151.52.34
ip name-server 193.151.52.38
ipv6 unicast-routing
ipv6 cef
!
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
!
username jan_kowalski secret xxxxxxxxx
!
redundancy
!
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface FastEthernet0/1
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
ipv6 address PFX6_DELEGATED ::1/64
ipv6 nd other-config-flag
ipv6 nd ra interval 4 3
!
interface Dialer1
mtu 1480
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
ipv6 address autoconfig
ipv6 enable
ipv6 nd autoconfig default-route
ipv6 dhcp client pd PFX6_DELEGATED
ppp chap hostname xxxxxxx
ppp chap password xxxxxxx
no cdp enable
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list ACL_NAT interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
!
ip access-list standard ACL_MGMT
permit 192.168.0.0 0.0.255.255
ip access-list standard ACL_NAT
permit 192.168.0.0 0.0.255.255
!
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipv6 permit
!
!
ipv6 access-list ACL6_MGMT
deny ipv6 any any
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
access-class ACL_MGMT in
ipv6 access-class ACL6_MGMT in
transport input all
line vty 5 15
access-class ACL_MGMT in
ipv6 access-class ACL6_MGMT in
transport input all
!