F1060 IPV6 BGP4+与静态路由重分布典型组网配置案例_静态路由重分布到bpg

[FW1]zone-pair security source local destination untrust

[FW1-zone-pair-security-Local-Untrust]packet-filter ipv6 2001

[FW1-zone-pair-security-Local-Untrust]quit

[FW1]

[FW1]zone-pair security source trust destination trust

[FW1-zone-pair-security-Trust-Trust]packet-filter ipv6 2001

[FW1-zone-pair-security-Trust-Trust]quit

[FW1]

[FW1]zone-pair security source untrust destination untrust

[FW1-zone-pair-security-Untrust-Untrust]packet-filter ipv6 2001

[FW1-zone-pair-security-Untrust-Untrust]quit

[FW1]int gi 1/0/2

[FW1-GigabitEthernet1/0/2]ipv6 address 1::1 64

[FW1-GigabitEthernet1/0/2]quit

[FW1]int gi 1/0/3

[FW1-GigabitEthernet1/0/3]des

[FW1-GigabitEthernet1/0/3]ipv6 address 2::1 64

[FW1-GigabitEthernet1/0/3]quit

[FW1]int loopback 0

[FW1-LoopBack0]ip address 1.1.1.1 32

[FW1-LoopBack0]quit

[FW1]int loopback 1

[FW1-LoopBack1]ipv6 address 4::1 64

[FW1-LoopBack1]quit

[FW1]security-zone name Trust

[FW1-security-zone-Trust]import interface GigabitEthernet 1/0/2

[FW1-security-zone-Trust]quit

[FW1]security-zone name Untrust

[FW1-security-zone-Untrust]import interface GigabitEthernet 1/0/3

[FW1-security-zone-Untrust]import interface LoopBack 0

[FW1-security-zone-Untrust]import interface LoopBack 1

[FW1-security-zone-Untrust]quit

**FW1 BGP4+配置关键点：**

[FW1]bgp 100

[FW1-bgp-default]router-id 1.1.1.1

[FW1-bgp-default]peer 2::2 as-number 200

[FW1-bgp-default]address-family ipv6 unicast

[FW1-bgp-default-ipv6]peer 2::2 enable

[FW1-bgp-default-ipv6]import-route direct

[FW1-bgp-default-ipv6]network 1:: 64

[FW1-bgp-default-ipv6]quit

[FW1-bgp-default]quit

FW2：

sys

System View: return to User View with Ctrl+Z.

[H3C]sysname FW2

[FW2]acl ipv6 basic 2001

[FW2-acl-ipv6-basic-2001]rule 0 permit so