Daren Matthews

This article discusses configuration of the 6to4 tunnel on an IOS-based access router, however this concept applies to any router or end host which supports 6to4 tunneling and has a global IPv4 address.
Step 1: Find a 6to4 Relay Near You

Like any tunnel, our 6to4 tunnel must have two endpoints. One end will obviously be our local site, but the other must be some point with both IPv4 and IPv6 Internet access. A number of carriers and service providers operate public 6to4 relays for this purpose. In the past, one would have to search for a relay manually. Fortunately, RFC 3068 introduced a well-known anycast address by which to automatically reach the nearest (as determined by BGP) public 6to4 relay.

UPDATE: bgpmon maintain a list of 6to4 tunnel endpoints: http://www.bgpmon.net/6to4.php

The 6to4 relay anycast addresses are:

* IPv4: 192.88.99.1
* IPv6: 2002:c058:6301:: (2002::/16 + the IPv4 address in hex)

A simple traceroute will determine the nearest 6to4 relay:

$ traceroute 192.88.99.1
traceroute to 192.88.99.1 (192.88.99.1), 30 hops max, 40 byte packets
1  192.168.10.1 (192.168.10.1)  0.373 ms  2.951 ms  2.794 ms
2  10.4.16.1 (10.4.16.1)  7.020 ms  12.463 ms  12.596 ms
3  ip72-219-223-217.dc.dc.cox.net (72.219.223.217)  12.097 ms  13.054 ms  13.248 ms
4  mrfddsrj02-ge110.rd.dc.cox.net (68.100.0.149)  12.657 ms  12.770 ms  12.878 ms
5  ashbbrj02-as0.0.r2.as.cox.net (68.1.1.232)  29.782 ms  13.392 ms  29.871 ms
6  192.88.99.1 (192.88.99.1)  13.611 ms  9.034 ms  10.151 ms

I’m lucky enough to have access to a relay just ~11 msec away (round-trip)!
Step 2: Ensure IPv6 Routing is Enabled

Your IPv6 packets won’t go far without this:

Router(config)# ipv6 unicast-routing

Step 3: Configure the Tunnel Interface on the Router

Before we can configure the tunnel, we must know the public IPv4 address we’ll be using to access the IPv4 Internet. Note that for reliable persistent operation, this must be a static address (versus one assigned via DHCP). In this example we’ll be using the IPv4 address 70.174.182.38.

To calculate the 6to4 prefix for the tunnel interface, we convert the 32-bit IPv4 address into hexadecimal and append it to the 2002::/16 IPv6 prefix to get 2002:46AE:B626::/48. The actual address we use for our tunnel interface can be any address within this prefix; for our example, we’ll use 2002:46AE:B626::/128.

Now we can configure our tunnel interface:

interface Tunnel0
description 6to4
ipv6 address 2002:46AE:B626::/128
tunnel source 70.174.182.38
tunnel mode ipv6ip 6to4

Step 4: Set Up IPv6 Routes

Two IPv6 routes are needed to make this work. First, we need a route for 2002::/16 pointing out our 6to4 tunnel. Second, we need a default route pointing to the 6to4 relay IPv6 anycast address (2002:C058:6301::):

ipv6 route 2002::/16 Tunnel0
ipv6 route ::/0 2002:C058:6301::

Step 5: Number the Inside IPv6 Network(s)

The entire 2002:46AE:B626::/48 prefix (minus the subnet used for the tunnel interface) is available to number the internal IPv6 networks. For example, if we have a collection of internal hosts on VLAN 10, we can assign our VLAN 10 interface the address 2002:46AE:B626:1::1/64. IPv6-enabled hosts on this VLAN should automatically detect the presence of an IPv6 router and assign themselves an IPv6 address from this subnet using address autoconfiguration.

$ ip -6 address list eth0
5: eth0:  mtu 1500 qlen 1000
inet6 2002:46ae:b626:1:21d:60ff:feb3:184/64 scope global dynamic
valid_lft 2591870sec preferred_lft 604670sec
inet6 fe80::21d:60ff:feb3:184/64 scope link
valid_lft forever preferred_lft forever

If desired, one also has the option to manually assign IPv6 addresses to internal hosts, or using DHCPv6.

You may also configure one or two public IPv6 DNS servers on your hosts, but IPv6 DNS information (e.g. AAAA records) can be carried over IPv4 DNS just as well.
Test

At this point you should have IPv6 connectivity to the world. Some sites to test include:

* http://www.sixxs.net/tools/gateway/
* http://ipv6.google.com/ or http://[2001:4860:800e::68]/
* http://www.kame.net/ or http://[2001:200:0:8002:203:47ff:fea5:3085]/

Source: Jeremy Stretch:  http://packetlife.net/blog/2010/mar/17/using-6to4-ipv6-home/