Guest

IP Version 6 (IPv6)

6bone Connection Using 6to4 Tunnels for IPv6

Cisco - 6bone Connection Using 6to4 Tunnels for IPv6

Document ID: 45741

Updated: Aug 10, 2005

   Print

Introduction

This document describes how an enterprise campus customer (for example, an educational institution, a small software firm, or a small manufacturing company) can connect to the 6bone by using 6to4 tunnels. The 6bone is an IP version 6 (IPv6) test network that was set up to assist in the evolution and deployment of IPv6 in the Internet.

This document is one of a set of documents that support and complement the IPv6 Deployment Strategies publication, which is available at IPv6 Design Guides.

You should read this document in conjunction with IPv6 Deployment Strategies to better understand IPv6 predeployment activities.

Prerequisites

Requirements

Before you implement a 6to4 tunnel to the 6bone, you must perform the following tasks:

  • Identify the border router at your site that you will configure to run dual-stack. This border router must have a static, globally routable IPv4 address.

  • A data license is required to enable all IPv6 features. In order to verify which license is enabled on the router, use the show license command.

  • From the 6bone ISP, obtain the IPv4 address of the 6to4 relay router that you will use for 6bone access.

    Note: When you configure tunnels for your enterprise border routers, you must use globally routable IPv4 addresses. The IPv4 addresses used in the example configurations in this document are not globally routable and are provided for illustrative purposes only.

  • Ensure that your DNS is running (or has the equivalent capabilities of) Berkeley Internet Name Domain (BIND) version 9, which provides an implementation of the major components of the DNS for IPv6. DNS configuration is beyond the scope of this document.

  • Recognize that the current dual-stack implementation in Cisco IOS software permits an interim network management solution, which allows applications such as TFTP, ping, Telnet, and traceroute to be run over either an IPv4 or an IPv6 transport.

  • Select an IPv6 interior routing protocol, such as RIPng, that is appropriate to your network configuration. For simplicity, the solution presented in this document uses a static route. The relevant IPv4 exterior routing protocol handles exterior routing.

  • Configure all your dual-stack routers to use RIP.

Refer to Cisco IOS IPv6 Configuration Library for more information on configuring your network for IPv6.

Components Used

The information in this document is based on Cisco IOS images with IPv6 support.

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

The following figure shows the initial IPv4 network topology for the enterprise campus customer. This network uses several routers to provide IP connectivity among local users. A permanent IPv4 connection to an Internet service provider (ISP) provides external connectivity

6bone_tc_1-01.gif

The following table describes the devices used in this solution.

Device Enterprise Border Router 6bone ISP Router
Host Name 6bone-gw ipv6-router
Chassis Type Cisco 3660 router Cisco 7206 router
Physical Interfaces 2 Ethernet 2 Fast Ethernet 4 Serial 4 Ethernet 2 Fast Ethernet 4 Serial
Software Loaded Cisco IOS Release 12.2(4)T Cisco IOS Release 12.2(4)T
Memory 64MV RAM; 16 MB Flash 128 MB RAM; 20 MB Flash
IP Addresses Ethernet0: IPv4 192.168.99.1 Tunnel2002: IPv6 2002:C0A8::1/128 Ethernet0/0: IPv4 192.168.33.1 Tunnel2002: IPv6 2002:C0A8:2102::1/128

Conventions

Refer to Cisco Technical Tips Conventions for more information on document conventions.

How 6to4 Tunnels Work

A 6to4 tunnel is configured on an enterprise dual-stack border router. All the enterprise IPv6 traffic destined for the 6bone is routed over IPv4 through the tunnel to the 6bone ISP 6to4 relay router. Traffic from the 6bone to an enterprise host is routed over IPv4 through the tunnel to the enterprise dual-stack border router, and then to the IPv6 destination host.

The benefits to the enterprise of using 6to4 tunnels are as follows:

  • Cisco IOS software supports 6to4 tunnels.

  • The end-user host configuration is simple—it requires minimal management overhead.

  • The tunnel is automatic; no enterprise-specific configuration is required at the 6to4 relay site. 6to4 tunnels scale well.

  • This solution accommodates dynamic IP addresses at the enterprise.

  • The tunnel exists only for the duration of the session.

  • A 6to4 tunnel requires only a one-time configuration at the ISP, which makes the 6to4 relay service available simultaneously to many enterprises.

Limitations of 6to4 Tunnels

6to4 tunnel usage has the following limitations:

  • Independently managed NAT is not allowed along the path of the tunnel.

  • You cannot easily implement multihoming.

  • The 6to4 tunnel mechanism provides a /48 address block; no more addresses are available.

  • Because 6to4 tunnels are configured many-to-one and tunnel traffic can originate from multiple endpoints, 6to4 tunnels can provide only overall traffic information to the ISP.

  • The underlying IPv4 address determines the enterprise 6to4 IPv6 address prefix, so the migration to native IPv6 requires renumbering the network.

  • This solution is limited to static or BGP4+ routing.

A Tunneling Scenario

A small software company (considered to be a typical enterprise campus environment) with an IPv4 network is discussing a merger with another company that runs IPv6 on its network. To assess the connectivity impact that the merger would have on the merged companies, the customer wants to expand its knowledge of IPv6 by connecting to the 6bone. The business objectives of the enterprise campus customer discussed in this document are as follows:

  • Gain IPv6 experience on an established IPv6 backbone using its existing IPv4 topology, with a minimal investment.

  • Test transitional and operational procedures in a real-world IPv6 environment before deploying IPv6.

    Transitional procedures are those procedures that are necessary to migrate from IPv4 to IPv6. These procedures include setting up dual-stack routers and end systems, tunneling mechanisms, Domain Name System (DNS) servers, and, in the future, the testing of Network Address Translation-Protocol Translation (NAT-PT).

    Operational procedures are related to network management, element management of dual-stack hosts and end systems, and other similar functions.

  • Test IPv6 applications and implementations on local workstations.

  • Minimize the management overhead associated with a 6bone connection.

    Note: Although the 6bone comprises many types of organizations (for example, academic and government organizations, hardware and software vendors, and service providers), this document uses the term 6bone ISP when referring to the organization that is at the 6bone end of the tunnel.

Configure

The IPv4 address of your border router is 192.168.99.1. Derive your 6to4 prefix from your IPv4 address by converting the decimal components of the IPv4 address to hexadecimal and then prefixing “2002” to the resulting hexadecimal numbers. So the 6to4 prefix for the IPv6 nodes in your network is 2002:C0A8:6301::/128.

The C0A8:6301 part of the preceding IPv6 address is formed from the IPv4 address by converting each octet of the dotted decimal notation to its hexadecimal equivalent, as shown in Table 6.

Decimal Hexadecimal
192 C0
168 A8
99 63
1 01

This section presents the information to configure the features described in this document.

Note: Use the Command Lookup Tool (registered customers only) to find more information on the commands used in this document.

Network Diagram

This document uses the network setup shown in the diagram below.

This figure shows the topology of a typical 6to4 tunnel to the 6bone.

6bone_tc_1-02.gif

Configurations

Your 6bone ISP has provided you with the IPv4 address its 6bone border router: 192.168.33.1. Use the preceding address information to configure a 6to4 tunnel on your identified dual-stack border router by entering the following commands:

Enterprise Router
ipv6 unicast-routing

interface Ethernet0
 description connection to 6bone ISP
 ip address 192.168.99.1 255.255.255.0

interface Tunnel2002
 description 6to4 tunnel to 6bone ISP
 no ip address
 no ip redirects
 ipv6 address 2002:C0A8:6301::1/128
 tunnel source ethernet0
 tunnel mode ipv6ip 6to4


!--- In some cases, a user will require a data license 
!-- in order to issue the tunnel mode ipv6ip command.

 ipv6 route 2002::/16 Tunnel2002
 ipv6 route ::/0 2002:C0A8:2101::1

The 2002:C0A8:2101::1 in the second ipv6 route command is the IPv6 address of the ISP 6to4 relay router that provides access to the 6bone. The C0A8:2101 part of the address is derived from the IPv4 address (192.168.33.1) of the 6to4 relay router in a manner similar to Table 6.

At the other end of the tunnel, the border router at your 6bone ISP would have a configuration like the following IPv6 unicast routing example:

ISP 6to4 Relay Router
ipv6 unicast-routing

interface ethernet0/0
 description connection to enterprise
 ip address 192.168.33.1 255.255.255.0

interface Tunnel2002
 description 6to4 relay service
 no ip address
 no ip redirects
 ipv6 address 2002:C0A8:2101::1/128
 tunnel source ethernet0/0
 tunnel mode ipv6ip 6to4

ipv6 route 2002::/16 tunnel2002

Enterprise Router 6bon2-gw
maui-soho-01# show running-config 
 Building configuration...
 .
 .
 .
 username maui-nas-05 password cisco

 ! Identify the version of Cisco IOS software running on the router
!
version 12.2
!
! Include timestamps on log and debug entries that are useful for
! troubleshooting and optimizing the network.
!
service timestamps debug datetime localtime show-timezone
service timestamps log datetime localtime show-timezone
!
! Specify that passwords will be encrypted in configuration output.
!
service password-encryption
!
! Configure the router name
!
hostname 6bone-gw
!
! Configure boot options
!
boot system flash slot0:
boot system flash bootflash:
!
! Configure logging
!logging buffered 10000 debugging
!
! Configure secret password
!
enable secret 5 [removed]
!
! Configure clock timezone and summertime rule
!
clock timezone PST -8
clock summer-time PDT recurring
!
!
ip subnet-zero
no ip source-route
no ip rcmd domain-lookup
!
! Configure router domain name
!
ip domain-name EnterpriseDomain.com
!
! Configure DNS name servers
!
ip name-server 192.168.1.10
ip name-server 192.168.2.21
ip name-server 2002:C0A8:6301:1::21
!
! Enable IPv6 routing
!
ipv6 unicast-routing
!
! Configure Tunnel interface
!
interface Tunnel2002
 description 6to4 tunnel to 6bone ISP
 no ip address
 no ip redirects
 ipv6 address 2002:C0A8:6301::1/128
 tunnel source ethernet0
 tunnel mode ipv6ip 6to4
!
! Configure physical interface
!
interface Ethernet0
 description connection to 6bone ISP
 ip address 192.168.99.1 255.255.255.0
!
interface Ethernet1
 description connection to Lab interface router
 ip address 192.168.99.40 255.255.255.0
 ipv6 address 3FFE:FFFF:8023:100::1/64
 ipv6 rip v6rip enable
!
interface FastEthernet2/0
 description connection to core router
 ip address 192.168.99.41 255.255.255.0
 ipv6 address 3FFE:FFFF:8023:200::1/64
 ipv6 rip v6rip enable
!
interface FastEthernet3/0
 description connection to IPv4-only core router
 ip address 192.168.99.42 255.255.255.0
!
! Other interfaces are all unused
!

interface Serial4/0
 no ip address
 shutdown
!
interface Serial4/1
 no ip address
 shutdown
!
interface Serial4/2
 no ip address
 shutdown
!
interface Serial4/3
 no ip address
 shutdown
!
! Configure basic IP routing
!
ip default-gateway 192.168.33.1
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.33.1
!
! Configure IPv6 static route
!
ipv6 route 2002::/16 tunnel2002
ipv6 route ::/0 2002:C0A8:2101::1
ipv6 router rip v6rip
!
end
 end

6bone IPv6 ISP Router
maui-soho-01# show running-config 
 Building configuration...
 .
 .
 .
 username maui-nas-05 password cisco

 ! Identify the version of Cisco IOS software running on the router
!
version 12.2
!
! Include timestamps on log and debug entries that are useful for
! troubleshooting and optimizing the network.
!
service timestamps debug datetime localtime show-timezone
service timestamps log datetime localtime show-timezone
!
! Specify that passwords will be encrypted in configuration output.
!
service password-encryption
!
! Configure the router name
!
hostname ipv6-router
!
! Configure boot options
!
boot system flash slot0:
boot system flash bootflash:
!
! Configure logging
!
logging buffered 10000 debugging
!
! Configure secret password
!
enable secret 5 [removed]
!
! Configure clock timezone and summertime rule
!
clock timezone PST -8
clock summer-time PDT recurring
!
!
ip subnet-zero
no ip source-route
no ip rcmd domain-lookup
!
! Configure router's domain name
!
ip domain-name 6boneISP.com
!
! Configure DNS name servers
!
ip name-server 192.168.33.4
ip name-server 192.168.33.5
ip name-server 3FFE:FFFF:8001::4
!
! Enable IPv6 routing
!
ipv6 unicast-routing
!
! Configure Tunnel interface
!
interface Tunnel2002
 description 6to4 relay service
 no ip address
 no ip redirects
 ipv6 address 2002:C0A8:2101::1/128
 tunnel source ethernet0/0
 tunnel mode ipv6ip 6to4
!
! Configure physical interface
!
interface Ethernet0/0
 description connection to enterprise
 ip address 192.168.33.1 255.255.255.0
!
interface Ethernet0/1
 no ip address
 shutdown
!
interface Ethernet0/2
 no ip address
 shutdown
!
interface Ethernet0/3
 no ip address
 shutdown
!
interface FastEthernet1/0
 description connection to ISP-core-A
 ip address 192.168.34.10 255.255.255.0
 ipv6 address 3FFE:FFFF:8023:2::6/64
 duplex auto
 speed auto
!
interface FastEthernet2/0
 description connection to ISP-core-B
 ip address 192.168.35.22 255.255.255.0
 ipv6 address 3FFE:FFFF:8023:2::8/64
 duplex auto
 speed auto
!
! Other interfaces are all unused
!

interface Serial4/0
 no ip address
 shutdown
!
interface Serial4/1
 no ip address
 shutdown
!
interface Serial4/2
 no ip address
 shutdown
!
interface Serial4/3
 no ip address
 shutdown
!
! Configure basic IP routing
!
ip default-gateway 192.168.30.1
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.30.1
!
! Configure IPv6 static route
!
ipv6 route 2002::/16 tunnel2002
!
end

Verify

This optional task explains how to confirm that your tunnel is configured and working properly. The commands contained in the task steps can be used in any sequence and may need to be repeated

The Output Interpreter Tool (registered customers only) (OIT) supports certain show commands. Use the OIT to view an analysis of show command output.

  • enable

  • show interfaces tunnel number [accounting]

  • ping [protocol] destination

  • show ip route [address [mask]]

Troubleshoot

There is currently no specific troubleshooting information available for this configuration.

Related Information

Updated: Aug 10, 2005
Document ID: 45741