Embedded Files
Automatic 6to4 Tunnel
Automatic 6to4 tunnel is a method to connect IPv6 domain through IPv4 cloud. It assigns a unique IPv6 prefix to any site that currently has atleast one globally unique IPv6 address. It provides mechanism for transmitting IPv6 packets using such a prefix over global IPv4 network.
The IANA has assigned one 13-bit Top Level Aggregator (TLA) under IPv6 Format Prefix (FP) 001 for 6to4 scheme. Its numeric value is 0x0002 i.e. it is 2002::/16 when expressed as an IPv6 address prefix.
The subscriber site which has atleast one globally unique IPv4 address, is deemed to have following IPv6 address prefix information-
Prefix Length: 48
Format Prefix: 001
TLA Value: 0002
NLA Value: IPv4 address
This prefix can be abbreviated as 2002:V4ADDR::/48.
Encapsulation in IPv4:
The IPv6 packets are encapsulated in IPv4 packets with an IPv4 Protocol Type 41 (0x29). The IPv4 header contains the Source and Destination IPv4 addresses. The IPv4 packet body contains the IPv6 header and payload.
Consider the following-
SiteA router-
ipv6 unicast-routing
ipv6 cef
!
interface fastethernet 0/0
ipv6 address 2001:1:1:1::2/124
ipv6 rip TEST enable
no shutdown
!
ipv6 router rip TEST
!
SiteA_6to4 router-
ipv6 unicast-routing
ipv6 cef
!
interface Loopback 0
ip address 1.1.1.1 255.255.255.255
ipv6 address 2002:0101:0101::1/64
!
interface Tunnel 0
ipv6 address 2002:0101:0101:FFFF::1/64
tunnel source Loopback 0
tunnel mode ipv6ip 6to4
!
interface serial 0/0
ip address 192.16.1.1 255.255.255.252
no shutdown
!
interface fastethernet 0/0
ipv6 address 2001:1:1:1::1/124
ipv6 rip TEST enable
no shutdown
!
router ospf 1
network 192.16.1.0 0.0.0.3 area 0
network 1.1.1.1 0.0.0.0 area 0
!
ipv6 router rip TEST
redistribute static metric 5
!
ipv6 route 2002::/16 Tunnel 0
ipv6 route 2001:2:2:2::/64 2002:0303:0303::1
!
SiteB router-
ipv6 unicast-routing
ipv6 cef
!
interface fastethernet 0/0
ipv6 address 2001:2:2:2::2/124
ipv6 rip TEST enable
no shutdown
!
ipv6 router rip TEST
!
SiteB_6to4 router-
ipv6 unicast-routing
ipv6 cef
!
interface Loopback 0
ip address 3.3.3.3 255.255.255.255
ipv6 address 2002:0303:0303::1/64
!
interface Tunnel 0
ipv6 address 2002:0303:0303:FFFF::1/64
tunnel source Loopback 0
tunnel mode ipv6ip 6to4
!
interface serial 0/0
ip address 10.1.1.2 255.255.255.252
no shutdown
!
interface fastethernet 0/0
ipv6 address 2001:2:2:2::1/124
ipv6 rip TEST enable
no shutdown
!
router ospf 1
network 10.1.1.0 0.0.0.3 area 0
network 3.3.3.3 0.0.0.0 area 0
!
ipv6 router rip TEST
redistribute static metric 5
!
ipv6 route 2002::/16 Tunnel 0
ipv6 route 2001:1:1:1::/64 2002:0101:0101::1
!
The Loopback0 IPv4 addresses on SiteA_6to4 and SiteB_6to4 routers are converted to hexadecimal numbers and made IPv6 addresses of the form 2002:V4ADDR::/64.
A 6to4 tunnel is a point-to-multipoint tunnel. The tunnel interface just need a source address and destination address is derived from the destination of the packet.
Tunnel interface
SiteA_6to4# show interfaces tunnel 0Tunnel0 is up, line protocol is up Hardware is Tunnel MTU 1514 bytes, BW 9 Kbit/sec, DLY 500000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation TUNNEL, loopback not set Keepalive not set Tunnel source 1.1.1.1 (Loopback0), destination UNKNOWN Tunnel protocol/transport IPv6 6to4 Tunnel TTL 255 Fast tunneling enabled Tunnel transmit bandwidth 8000 (kbps) Tunnel receive bandwidth 8000 (kbps) Last input 00:02:03, output 00:02:03, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/0 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 36 packets input, 4064 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 42 packets output, 4680 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 unknown protocol drops 0 output buffer failures, 0 output buffers swapped outThe SiteA_6to4 and SiteB_6to4 routers are dual-stack routers. As below, the SiteA_6to4 router is configured with following IPv6 addresses-
show ipv6 interface brief
SiteA_6to4# show ipv6 interface briefFastEthernet0/0 [up/up] FE80::CE08:13FF:FEEC:0 2001:1:1:1::1FastEthernet0/1 [administratively down/down]Serial1/0 [up/up]Serial1/1 [administratively down/down]Serial1/2 [administratively down/down]Serial1/3 [administratively down/down]Loopback0 [up/up] FE80::CE08:13FF:FEEC:0 2002:101:101::1Tunnel0 [up/up] FE80::101:101 2002:101:101:FFFF::1The routing table on SiteA router is as follows-
IPv6 routes
SiteA# show ipv6 routeIPv6 Routing Table - 6 entriesCodes: C - Connected, L - Local, S - Static, R - RIP, B - BGP U - Per-user Static route, M - MIPv6 I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 D - EIGRP, EX - EIGRP externalLC 2001::1/128 [0/0] via ::, Loopback0C 2001:1:1:1::/124 [0/0] via ::, FastEthernet0/0L 2001:1:1:1::2/128 [0/0] via ::, FastEthernet0/0R 2001:2:2:2::/64 [120/6] via FE80::CE08:13FF:FEEC:0, FastEthernet0/0R 2002::/16 [120/6] via FE80::CE08:13FF:FEEC:0, FastEthernet0/0L FF00::/8 [0/0] via ::, Null0When a PING is issued from SiteA router to SiteB router (Fa 0/0 interface 2001:2:2:2::2 ), it looks up its routing table and matches the RIPng default route advertised by SiteA_6to4 router. When the packet arrives at SiteA_6to4 router, it looks up its routing table for the destination prefix.
IPv6 routes
SiteA_6to4# show ipv6 routeIPv6 Routing Table - 9 entriesCodes: C - Connected, L - Local, S - Static, R - RIP, B - BGP U - Per-user Static route, M - MIPv6 I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 D - EIGRP, EX - EIGRP externalC 2001:1:1:1::/124 [0/0] via ::, FastEthernet0/0L 2001:1:1:1::1/128 [0/0] via ::, FastEthernet0/0S 2001:2:2:2::/64 [1/0] via 2002:303:303::1S 2002::/16 [1/0] via ::, Tunnel0C 2002:101:101::/64 [0/0] via ::, Loopback0L 2002:101:101::1/128 [0/0] via ::, Loopback0C 2002:101:101:FFFF::/64 [0/0] via ::, Tunnel0L 2002:101:101:FFFF::1/128 [0/0] via ::, Tunnel0L FF00::/8 [0/0] via ::, Null0The destination prefix matches the static route with SiteB_6to4 router's Tunnel IP address as the next-hop. After a recursive lookup, the SiteA_6to4 router figures out that the outgoing interface is Tunnel 0. The SiteA_6to4 router encapsulates the IPv6 packet into an IPv4 packet with source address as SiteA_6to4 router's Loopback0 IPv4 address (1.1.1.1) and destination address as SiteB_6to4 router's Loopback0 IPv4 address (3.3.3.3). The Protocol field in IPv4 header is set to 0x29 (decimal value 41) indicating IPv6. The following packet capture is taken on the link between SiteA_6to4 and Router2.
When SiteB_6to4 router receives the packet, it decapsulates the IPv4 packet and retains the IPv6 packet from within the IPv4 packet. Then it checks its IPv6 routing table to find out if it can reach the destination of the packet. It figures out the outgoing interface and forwards the packet to the destination.
IPv6 routes
SiteB_6to4# show ipv6 routeIPv6 Routing Table - 9 entriesCodes: C - Connected, L - Local, S - Static, R - RIP, B - BGP U - Per-user Static route, M - MIPv6 I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 D - EIGRP, EX - EIGRP externalS 2001:1:1:1::/64 [1/0] via 2002:101:101::1C 2001:2:2:2::/124 [0/0] via ::, FastEthernet0/0L 2001:2:2:2::1/128 [0/0] via ::, FastEthernet0/0S 2002::/16 [1/0] via ::, Tunnel0C 2002:303:303::/64 [0/0] via ::, Loopback0L 2002:303:303::1/128 [0/0] via ::, Loopback0C 2002:303:303:FFFF::/64 [0/0] via ::, Tunnel0L 2002:303:303:FFFF::1/128 [0/0] via ::, Tunnel0L FF00::/8 [0/0] via ::, Null0Further reading:
- RFC 3056: Connection of IPv6 Domains via IPv4 Clouds http://www.faqs.org/ftp/rfc/pdf/rfc3056.txt.pdf
- http://ardenpackeer.com
Page updated
Google Sites
Report abuse