{"id":609,"date":"2010-03-31T15:32:00","date_gmt":"2010-03-31T14:32:00","guid":{"rendered":"http:\/\/mccltd.net\/blog\/?p=609"},"modified":"2010-04-27T14:18:26","modified_gmt":"2010-04-27T13:18:26","slug":"ipv6-using-6to4-tunnelling","status":"publish","type":"post","link":"http:\/\/darenmatthews.com\/blog\/?p=609","title":{"rendered":"Ipv6 using &#8220;6to4 Tunnelling&#8221;"},"content":{"rendered":"<p>This article discusses configuration of the 6to4 tunnel on an IOS-based access router, however this concept applies to any router or end host which supports 6to4 tunneling and has a global IPv4 address.<!--more--><br \/>\nStep 1: Find a 6to4 Relay Near You<\/p>\n<p>Like any tunnel, our 6to4 tunnel must have two endpoints. One end will obviously be our local site, but the other must be some point with both IPv4 and IPv6 Internet access. A number of carriers and service providers operate public 6to4 relays for this purpose. In the past, one would have to search for a relay manually. Fortunately, RFC 3068 introduced a well-known anycast address by which to automatically reach the nearest (as determined by BGP) public 6to4 relay.<\/p>\n<p><strong>UPDATE<\/strong>: bgpmon maintain a list of 6to4 tunnel endpoints: <a href=\"http:\/\/www.bgpmon.net\/6to4.php\">http:\/\/www.bgpmon.net\/6to4.php<\/a><\/p>\n<p>The 6to4 relay anycast addresses are:<\/p>\n<p>* IPv4: 192.88.99.1<br \/>\n* IPv6: 2002:c058:6301:: (2002::\/16 + the IPv4 address in hex)<\/p>\n<p>A simple traceroute will determine the nearest 6to4 relay:<\/p>\n<p>$ traceroute 192.88.99.1<br \/>\ntraceroute to 192.88.99.1 (192.88.99.1), 30 hops max, 40 byte packets<br \/>\n1\u00a0 192.168.10.1 (192.168.10.1)\u00a0 0.373 ms\u00a0 2.951 ms\u00a0 2.794 ms<br \/>\n2\u00a0 10.4.16.1 (10.4.16.1)\u00a0 7.020 ms\u00a0 12.463 ms\u00a0 12.596 ms<br \/>\n3\u00a0 ip72-219-223-217.dc.dc.cox.net (72.219.223.217)\u00a0 12.097 ms\u00a0 13.054 ms\u00a0 13.248 ms<br \/>\n4\u00a0 mrfddsrj02-ge110.rd.dc.cox.net (68.100.0.149)\u00a0 12.657 ms\u00a0 12.770 ms\u00a0 12.878 ms<br \/>\n5\u00a0 ashbbrj02-as0.0.r2.as.cox.net (68.1.1.232)\u00a0 29.782 ms\u00a0 13.392 ms\u00a0 29.871 ms<br \/>\n6\u00a0 192.88.99.1 (192.88.99.1)\u00a0 13.611 ms\u00a0 9.034 ms\u00a0 10.151 ms<\/p>\n<p>I&#8217;m lucky enough to have access to a relay just ~11 msec away (round-trip)!<br \/>\nStep 2: Ensure IPv6 Routing is Enabled<\/p>\n<p>Your IPv6 packets won&#8217;t go far without this:<\/p>\n<p>Router(config)# ipv6 unicast-routing<\/p>\n<p>Step 3: Configure the Tunnel Interface on the Router<\/p>\n<p>Before we can configure the tunnel, we must know the public IPv4 address we&#8217;ll be using to access the IPv4 Internet. Note that for reliable persistent operation, this must be a static address (versus one assigned via DHCP). In this example we&#8217;ll be using the IPv4 address 70.174.182.38.<\/p>\n<p>To calculate the 6to4 prefix for the tunnel interface, we convert the 32-bit IPv4 address into hexadecimal and append it to the 2002::\/16 IPv6 prefix to get 2002:46AE:B626::\/48. The actual address we use for our tunnel interface can be any address within this prefix; for our example, we&#8217;ll use 2002:46AE:B626::\/128.<\/p>\n<p>Now we can configure our tunnel interface:<\/p>\n<p>interface Tunnel0<br \/>\ndescription 6to4<br \/>\nipv6 address 2002:46AE:B626::\/128<br \/>\ntunnel source 70.174.182.38<br \/>\ntunnel mode ipv6ip 6to4<\/p>\n<p>Step 4: Set Up IPv6 Routes<\/p>\n<p>Two IPv6 routes are needed to make this work. First, we need a route for 2002::\/16 pointing out our 6to4 tunnel. Second, we need a default route pointing to the 6to4 relay IPv6 anycast address (2002:C058:6301::):<\/p>\n<p>ipv6 route 2002::\/16 Tunnel0<br \/>\nipv6 route ::\/0 2002:C058:6301::<\/p>\n<p>Step 5: Number the Inside IPv6 Network(s)<\/p>\n<p>The entire 2002:46AE:B626::\/48 prefix (minus the subnet used for the tunnel interface) is available to number the internal IPv6 networks. For example, if we have a collection of internal hosts on VLAN 10, we can assign our VLAN 10 interface the address 2002:46AE:B626:1::1\/64. IPv6-enabled hosts on this VLAN should automatically detect the presence of an IPv6 router and assign themselves an IPv6 address from this subnet using address autoconfiguration.<\/p>\n<p>$ ip -6 address list eth0<br \/>\n5: eth0:\u00a0 mtu 1500 qlen 1000<br \/>\ninet6 2002:46ae:b626:1:21d:60ff:feb3:184\/64 scope global dynamic<br \/>\nvalid_lft 2591870sec preferred_lft 604670sec<br \/>\ninet6 fe80::21d:60ff:feb3:184\/64 scope link<br \/>\nvalid_lft forever preferred_lft forever<\/p>\n<p>If desired, one also has the option to manually assign IPv6 addresses to internal hosts, or using DHCPv6.<\/p>\n<p>You may also configure one or two public IPv6 DNS servers on your hosts, but IPv6 DNS information (e.g. AAAA records) can be carried over IPv4 DNS just as well.<br \/>\nTest<\/p>\n<p>At this point you should have IPv6 connectivity to the world. Some sites to test include:<\/p>\n<p>* http:\/\/www.sixxs.net\/tools\/gateway\/<br \/>\n* http:\/\/ipv6.google.com\/ or http:\/\/[2001:4860:800e::68]\/<br \/>\n* http:\/\/www.kame.net\/ or http:\/\/[2001:200:0:8002:203:47ff:fea5:3085]\/<\/p>\n<p>Source: Jeremy Stretch:\u00a0 <a href=\"http:\/\/packetlife.net\/blog\/2010\/mar\/17\/using-6to4-ipv6-home\/\" target=\"_blank\">http:\/\/packetlife.net\/blog\/2010\/mar\/17\/using-6to4-ipv6-home\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This article discusses configuration of the 6to4 tunnel on an IOS-based access router, however this concept applies to any router or end host which supports 6to4 tunneling and has a global IPv4 address.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[27],"tags":[22],"_links":{"self":[{"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/609"}],"collection":[{"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=609"}],"version-history":[{"count":3,"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/609\/revisions"}],"predecessor-version":[{"id":880,"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/609\/revisions\/880"}],"wp:attachment":[{"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=609"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=609"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/darenmatthews.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=609"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}