Got it
Huawei Enterprise Support Community
Community Forums Routing & Switching
PPPoE IPV4 IPV6 Prefix De...

PPPoE IPV4 IPV6 Prefix Delegation

Created: Aug 1, 2019 11:50:36Latest reply: Aug 13, 2019 19:50:17 2938 10 7 0 1
  Rewarded HiCoins: 0 (problem resolved)
View the author 1#

Hello Everyone.


I want to delivery ipv6 prefix delegation to my users.


On Huawei NE20 PPPoE Server i want to use a /40 Ipv6 and distribute /56 for each pppoe-client Lan .


For example:


Users will use CPE to connect with ISP (Huawei NE20), using pppoe client they will receive a ipv4 and ipv6 to configure on its Wan and they will receive a /56 to distribute on LAN interface.


Is it possible?


Anyone can show a example with this configuration?


Ps I use Radius to autentication, authorization and accounting.

pppoeipv6prefix delegation

Like (7) Dislike (0) Favorite(1) Share Report
Previous: FIREWALL DOES NOT START IN THE ENSP
Next: Test dpc
Featured Answers

Best answer

Recommended answer

(3) (0)
LuizPuppin
HCIE Author Created Aug 1, 2019 18:26:04

See one example:

ipv6 prefix prefixo-lan delegation
prefix 2804:xxxx:4000::/40 delegating-prefix-length 56
#
ipv6 pool lan-pppoe bas delegation
dns-server 2804:xxxx:d000:1::172:30
prefix prefixo-lan
#

ipv6 prefix prefixo-wan local
prefix 2804:xxxx:d004::/48
#
ipv6 pool wan-pppoe bas local
dhcpv6 rapid-commit
dns-server 2804:xxxx:d000:1::172:30
prefix prefixo-wan


aaa
#
domain xxxx.com.br
authentication-scheme default
accounting-scheme acct1
radius-server group rd1
ip-pool pool_CGNAT
ipv6-pool lan-pppoe
ipv6-pool wan-pppoe
dns primary-ip x.x.172.30
dns second-ip x.x.174.30
dns primary-ipv6 2804:xxx:d000:1::172:30
dns second-ipv6 2804:xxx:d000:6::174:30
nas logic-sysname PPPOE-01
View more
  • x
  • convention:
All Answers
(1) (0)
2#
jason_hu
jason_hu Admin Created Aug 1, 2019 13:27:08

Hello
IPV4 can assign IP address in LAN, but now the application and management of IPv6 is not very mature. Under ipv6, "Every grain of sand can have an address", that is to say, every machine in your LAN can have an address without your assignment.
View more
  • x
  • convention:
(0) (0)
3#
gilberto_milhomem
gilberto_milhomem Created Aug 1, 2019 16:20:28

Hi @jason_hu

I have used this setup with Mikrotik RouterOS
When an client (using a CPE router) connect its pppoe client, it receives from pppoe-server a ipv6 /56 prefix then the CPEallocated this prefix on Lan /64, each user behind CPE receives a IPV6 /64.

I want use the same case on Huawei, is it possible?





View more
  • x
  • convention:
(0) (0)
4#
gilberto_milhomem
gilberto_milhomem Created Aug 1, 2019 16:21:01

Hi @jason_hu

I have used this setup with Mikrotik RouterOS
When an client (using a CPE router) connect its pppoe client, it receives from pppoe-server a ipv6 /56 prefix then the CPEallocated this prefix on Lan /64, each user behind CPE receives a IPV6 /64.

I want use the same case on Huawei, is it possible?





View more
  • x
  • convention:
(3) (0)
5#
LuizPuppin
LuizPuppin HCIE Author Created Aug 1, 2019 18:26:04

See one example:

ipv6 prefix prefixo-lan delegation
prefix 2804:xxxx:4000::/40 delegating-prefix-length 56
#
ipv6 pool lan-pppoe bas delegation
dns-server 2804:xxxx:d000:1::172:30
prefix prefixo-lan
#

ipv6 prefix prefixo-wan local
prefix 2804:xxxx:d004::/48
#
ipv6 pool wan-pppoe bas local
dhcpv6 rapid-commit
dns-server 2804:xxxx:d000:1::172:30
prefix prefixo-wan


aaa
#
domain xxxx.com.br
authentication-scheme default
accounting-scheme acct1
radius-server group rd1
ip-pool pool_CGNAT
ipv6-pool lan-pppoe
ipv6-pool wan-pppoe
dns primary-ip x.x.172.30
dns second-ip x.x.174.30
dns primary-ipv6 2804:xxx:d000:1::172:30
dns second-ipv6 2804:xxx:d000:6::174:30
nas logic-sysname PPPOE-01
View more
  • x
  • convention:
(0) (0)
6#
gilberto_milhomem
gilberto_milhomem Created Aug 2, 2019 00:39:27

@LuizPuppin Thanks for your help!

In this example above

prefix 2804:xxxx:4000::/40 delegating-prefix-length 56
Will pppoe server send a /56 to each Lan's CPE?

ipv6 prefix prefixo-wan local
prefix 2804:xxxx:d004::/48
Will pppoe server send a /48 to each Wan's CPEs or it will delegate one /64 from 2804:xxxx:d004::/48 to each Wan's CPE?

View more
  • x
  • convention:
(0) (0)
7#
LuizPuppin
LuizPuppin HCIE Author Created Aug 2, 2019 00:53:56

Posted by gilberto_milhomem at 2019-08-01 13:39 @LuizPuppin Thanks for your help!In this example aboveprefix 2804:xxxx:4000::/40 delegating-prefix-l ...
ipv6 prefix prefixo-wan local
prefix 2804:xxxx:d004::/48

This will delegate one /64 to each CPE client on WAN interface.
View more
  • x
  • convention:
(1) (0)
8#
jason_hu
jason_hu Admin Created Aug 2, 2019 07:21:16

@gilberto_milhomem
Example:<HUAWEI> system-view
[~HUAWEI] interface virtual-template 5
[*HUAWEI-Virtual-Template5] ppp authentication-mode chap
[*HUAWEI-Virtual-Template5] quit
[*HUAWEI] commit
[~HUAWEI] aaa
[~HUAWEI-aaa] authentication-scheme auth5
[*HUAWEI-aaa-authen-auth5] authentication-mode radius
[*HUAWEI-aaa-authen-auth5] quit
[*HUAWEI] commit
[~HUAWEI-aaa] accounting-scheme acct5
[*HUAWEI-aaa-accounting-acct5] accounting-mode radius
[*HUAWEI-aaa-accounting-acct5] quit
[*HUAWEI-aaa] quit
[*HUAWEI] commit
[~HUAWEI] radius-server group rd5
[*HUAWEI-radius-rd1] radius-server authentication 10.6.55.55 1645
[*HUAWEI-radius-rd1] radius-server accounting 10.6.55.55 1646
[*HUAWEI-radius-rd1] radius-server type standard
[*HUAWEI-radius-rd1] radius-server shared-key-cipher hello
[*HUAWEI-radius-rd1] quit
[*HUAWEI] commit
[~HUAWEI] ip pool pool2 bas local
[*HUAWEI-ip-pool-pool2] gateway 10.10.10.2 255.255.255.0
[*HUAWEI-ip-pool-pool2] section 0 10.10.10.3 10.10.10.100
[*HUAWEI-ip-pool-pool2] dns-server 10.10.10.1
[*HUAWEI-ip-pool-pool2] quit
[*HUAWEI] commit
[~HUAWEI] ipv6 prefix pre1 local
[*HUAWEI-ipv6-prefix-pre1] prefix 2001:2421::/64
[*HUAWEI-ipv6-prefix-pre1] quit
[*HUAWEI] commit
[~HUAWEI] ipv6 pool pool1 bas local
[*HUAWEI-ipv6-pool-pool1] prefix pre1
[*HUAWEI-ipv6-pool-pool1] dns-server 3001:0410::1:2
[*HUAWEI-ipv6-pool-pool1] quit
[*HUAWEI] commit
[~HUAWEI] aaa
[~HUAWEI-aaa] domain isp5
[*HUAWEI-aaa-domain-isp5] authentication-scheme auth5
[*HUAWEI-aaa-domain-isp5] accounting-scheme acct5
[*HUAWEI-aaa-domain-isp5] radius-server group rd5
[*HUAWEI-aaa-domain-isp5] ipv6-pool pool1
[*HUAWEI-aaa-domain-isp5] ip-pool pool2
[*HUAWEI-aaa-domain-isp5] quit
[*HUAWEI-aaa] quit
[*HUAWEI] commit
[~HUAWEI] interface gigabitethernet 1/0/2.1
[*HUAWEI-GigabitEthernet1/0/2.1] pppoe-server bind virtual-template 5
[*HUAWEI] commit
[~HUAWEI-GigabitEthernet1/0/2] bas
[*HUAWEI-GigabitEthernet1/0/2-bas] access-type layer2-subscriber default-domain authentication isp5
[*HUAWEI-GigabitEthernet1/0/2-bas] quit
[*HUAWEI] commit
[~HUAWEI-GigabitEthernet1/0/2] ipv6 enable
[*HUAWEI-GigabitEthernet1/0/2] ipv6 address auto link-local
[*HUAWEI-GigabitEthernet1/0/2] quit
[*HUAWEI] commit
[~HUAWEI] interface GigabitEthernet 1/0/1
[~HUAWEI-GigabitEthernet1/0/1] ipv6 enable
[*HUAWEI-GigabitEthernet1/0/1] ipv6 address auto link-local
[*HUAWEI-GigabitEthernet1/0/1] ipv6 address 2011::1/64 eui-64
[*HUAWEI] commit
Finally, you can run the display ipv6 prefix pre1 command to query the prefix address pool.
View more
  • x
  • convention:
(0) (0)
9#
gilberto_milhomem
gilberto_milhomem Created Aug 3, 2019 23:12:46

Posted by LuizPuppin at 2019-08-01 18:26 See one example:ipv6 prefix prefixo-lan delegation prefix 2804:xxxx:4000::/40 delegating-prefix-leng ...
Thanks @LuizPuppin

I will test these configurations.
View more
  • x
  • convention:
(0) (0)
10#
gilberto_milhomem
gilberto_milhomem Created Aug 13, 2019 13:47:40

Hello Everyone.

@LuizPuppin
Only today i could test these configurations, but didn't work.
When a user-pppoe connects it isn't receiving wan prefix and lan prefix.


[~BRAS-JABO]display ipv6 prefix prefixo-wan
----------------------------------------------------------------------------------
Prefix Name        : prefixo-wan
Prefix Index       : 2
Prefix constant index: -
Prefix Type        : LOCAL
Prefix Address     : 2804:XXXX:3F03::
Prefix Length      : 48
Reserved Type      : NONE
Valid Lifetime     : 3 Days 0 Hours 0 Minutes
Preferred Lifetime : 2 Days 0 Hours 0 Minutes
IfLocked           : Unlocked
Vpn instance       : -
Free Prefix Count  : 262143
Used Prefix Count  : 0
Reserved Prefix Count: 0
Excluded Prefix Count: 0
Radius Used Total  : 0
Radius Used Online : 0



[~BRAS-JABO]display ipv6 prefix prefixo-lan
----------------------------------------------------------------------------------
Prefix Name        : prefixo-lan
Prefix Index       : 1
Prefix constant index: -
Prefix Type        : DELEGATION
Prefix Address     : 2804:XXXX:300::
Prefix Length      : 40
Link-Address       : -
Reserved Type      : NONE
Valid Lifetime     : 3 Days 0 Hours 0 Minutes
Preferred Lifetime : 2 Days 0 Hours 0 Minutes
IfLocked           : Unlocked
Vpn instance       : -
PD Prefix Len      : 56
PD Prefix/C-DUID   : -
slaac-unshare-only : FALSE
pd-unshare-only    : FALSE
dhcpv6-unshare-only: FALSE
Free Prefix Count  : 65536
Used Prefix Count  : 0
Bound Prefix Count (Free): 0
Bound Prefix Count (Used): 0
Flexibly-Allocted Prefix Count: 0


Is it necessary add IPV6 address on Interface (Vlans) that the users pppoe connects?
I enable pppoe on this interface, bellow configurations GigabitEthernet0/3/1.1  (Interface GigabitEthernet0/3/1 with vlans 1001 and 1002)

[~BRAS-JABO-GigabitEthernet0/3/1.1]display this
#
interface GigabitEthernet0/3/1.1
ipv6 enable
ipv6 address auto link-local
user-vlan 1001 1002
pppoe-server bind Virtual-Template 1
bas
#
  access-type layer2-subscriber default-domain authentication jabo
#
#
return


[~BRAS-JABO-aaa-domain-jabo]display this
 #
 domain jabo
  authentication-scheme auth1
  accounting-scheme acct1
  radius-server group rd1
  ip-pool pool2
  ipv6-pool lan-pppoe
  ipv6-pool wan-pppoe
  dns primary-ip 177.XX.XX.4
  dns second-ip 177.XX.XX.5
  dns primary-ipv6 2804:XXXX:FAFE:1::4
  dns second-ipv6 2804:XXXX:FAFE:1::5
View more
  • x
  • convention:
12
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.