This document describes how an enterprise campus customer (for example, an educational institution, a small software firm, or a small manufacturing company) can connect to the 6bone by using 6to4 tunnels. The 6bone is an IP version 6 (IPv6) test network that was set up to assist in the evolution and deployment of IPv6 in the Internet.
This document is one of a set of documents that support and complement the IPv6 Deployment Strategies publication, which is available at IPv6 Design Guides.
You should read this document in conjunction with IPv6 Deployment Strategies to better understand IPv6 predeployment activities.
Before you implement a 6to4 tunnel to the 6bone, you must perform the following tasks:
Identify the border router at your site that you will configure to run dual-stack. This border router must have a static, globally routable IPv4 address.
A data license is required to enable all IPv6 features. In order to verify which license is enabled on the router, use the show license command.
From the 6bone ISP, obtain the IPv4 address of the 6to4 relay router that you will use for 6bone access.
Note: When you configure tunnels for your enterprise border routers, you must use globally routable IPv4 addresses. The IPv4 addresses used in the example configurations in this document are not globally routable and are provided for illustrative purposes only.
Ensure that your DNS is running (or has the equivalent capabilities of) Berkeley Internet Name Domain (BIND) version 9, which provides an implementation of the major components of the DNS for IPv6. DNS configuration is beyond the scope of this document.
Recognize that the current dual-stack implementation in Cisco IOS software permits an interim network management solution, which allows applications such as TFTP, ping, Telnet, and traceroute to be run over either an IPv4 or an IPv6 transport.
Select an IPv6 interior routing protocol, such as RIPng, that is appropriate to your network configuration. For simplicity, the solution presented in this document uses a static route. The relevant IPv4 exterior routing protocol handles exterior routing.
Configure all your dual-stack routers to use RIP.
Refer to Cisco IOS IPv6 Configuration Library for more information on configuring your network for IPv6.
The information in this document is based on Cisco IOS images with IPv6 support.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
The following figure shows the initial IPv4 network topology for the enterprise campus customer. This network uses several routers to provide IP connectivity among local users. A permanent IPv4 connection to an Internet service provider (ISP) provides external connectivity
The following table describes the devices used in this solution.
Device | Enterprise Border Router | 6bone ISP Router |
---|---|---|
Host Name | 6bone-gw | ipv6-router |
Chassis Type | Cisco 3660 router | Cisco 7206 router |
Physical Interfaces | 2 Ethernet 2 Fast Ethernet 4 Serial | 4 Ethernet 2 Fast Ethernet 4 Serial |
Software Loaded | Cisco IOS Release 12.2(4)T | Cisco IOS Release 12.2(4)T |
Memory | 64MV RAM; 16 MB Flash | 128 MB RAM; 20 MB Flash |
IP Addresses | Ethernet0: IPv4 192.168.99.1 Tunnel2002: IPv6 2002:C0A8::1/128 | Ethernet0/0: IPv4 192.168.33.1 Tunnel2002: IPv6 2002:C0A8:2102::1/128 |
Refer to Cisco Technical Tips Conventions for more information on document conventions.
A 6to4 tunnel is configured on an enterprise dual-stack border router. All the enterprise IPv6 traffic destined for the 6bone is routed over IPv4 through the tunnel to the 6bone ISP 6to4 relay router. Traffic from the 6bone to an enterprise host is routed over IPv4 through the tunnel to the enterprise dual-stack border router, and then to the IPv6 destination host.
The benefits to the enterprise of using 6to4 tunnels are as follows:
Cisco IOS software supports 6to4 tunnels.
The end-user host configuration is simple—it requires minimal management overhead.
The tunnel is automatic; no enterprise-specific configuration is required at the 6to4 relay site. 6to4 tunnels scale well.
This solution accommodates dynamic IP addresses at the enterprise.
The tunnel exists only for the duration of the session.
A 6to4 tunnel requires only a one-time configuration at the ISP, which makes the 6to4 relay service available simultaneously to many enterprises.
6to4 tunnel usage has the following limitations:
Independently managed NAT is not allowed along the path of the tunnel.
You cannot easily implement multihoming.
The 6to4 tunnel mechanism provides a /48 address block; no more addresses are available.
Because 6to4 tunnels are configured many-to-one and tunnel traffic can originate from multiple endpoints, 6to4 tunnels can provide only overall traffic information to the ISP.
The underlying IPv4 address determines the enterprise 6to4 IPv6 address prefix, so the migration to native IPv6 requires renumbering the network.
This solution is limited to static or BGP4+ routing.
A small software company (considered to be a typical enterprise campus environment) with an IPv4 network is discussing a merger with another company that runs IPv6 on its network. To assess the connectivity impact that the merger would have on the merged companies, the customer wants to expand its knowledge of IPv6 by connecting to the 6bone. The business objectives of the enterprise campus customer discussed in this document are as follows:
Gain IPv6 experience on an established IPv6 backbone using its existing IPv4 topology, with a minimal investment.
Test transitional and operational procedures in a real-world IPv6 environment before deploying IPv6.
Transitional procedures are those procedures that are necessary to migrate from IPv4 to IPv6. These procedures include setting up dual-stack routers and end systems, tunneling mechanisms, Domain Name System (DNS) servers, and, in the future, the testing of Network Address Translation-Protocol Translation (NAT-PT).
Operational procedures are related to network management, element management of dual-stack hosts and end systems, and other similar functions.
Test IPv6 applications and implementations on local workstations.
Minimize the management overhead associated with a 6bone connection.
Note: Although the 6bone comprises many types of organizations (for example, academic and government organizations, hardware and software vendors, and service providers), this document uses the term 6bone ISP when referring to the organization that is at the 6bone end of the tunnel.
The IPv4 address of your border router is 192.168.99.1. Derive your 6to4 prefix from your IPv4 address by converting the decimal components of the IPv4 address to hexadecimal and then prefixing “2002” to the resulting hexadecimal numbers. So the 6to4 prefix for the IPv6 nodes in your network is 2002:C0A8:6301::/128.
The C0A8:6301 part of the preceding IPv6 address is formed from the IPv4 address by converting each octet of the dotted decimal notation to its hexadecimal equivalent, as shown in Table 6.
Decimal | Hexadecimal |
---|---|
192 | C0 |
168 | A8 |
99 | 63 |
1 | 01 |
This section presents the information to configure the features described in this document.
Note: Use the Command Lookup Tool (registered customers only) to find more information on the commands used in this document.
This document uses the network setup shown in the diagram below.
This figure shows the topology of a typical 6to4 tunnel to the 6bone.
Your 6bone ISP has provided you with the IPv4 address its 6bone border router: 192.168.33.1. Use the preceding address information to configure a 6to4 tunnel on your identified dual-stack border router by entering the following commands:
Enterprise Router |
---|
ipv6 unicast-routing interface Ethernet0 description connection to 6bone ISP ip address 192.168.99.1 255.255.255.0 interface Tunnel2002 description 6to4 tunnel to 6bone ISP no ip address no ip redirects ipv6 address 2002:C0A8:6301::1/128 tunnel source ethernet0 tunnel mode ipv6ip 6to4 !--- In some cases, a user will require a data license !-- in order to issue the tunnel mode ipv6ip command. ipv6 route 2002::/16 Tunnel2002 ipv6 route ::/0 2002:C0A8:2101::1 |
The 2002:C0A8:2101::1 in the second ipv6 route command is the IPv6 address of the ISP 6to4 relay router that provides access to the 6bone. The C0A8:2101 part of the address is derived from the IPv4 address (192.168.33.1) of the 6to4 relay router in a manner similar to Table 6.
At the other end of the tunnel, the border router at your 6bone ISP would have a configuration like the following IPv6 unicast routing example:
ISP 6to4 Relay Router |
---|
ipv6 unicast-routing interface ethernet0/0 description connection to enterprise ip address 192.168.33.1 255.255.255.0 interface Tunnel2002 description 6to4 relay service no ip address no ip redirects ipv6 address 2002:C0A8:2101::1/128 tunnel source ethernet0/0 tunnel mode ipv6ip 6to4 ipv6 route 2002::/16 tunnel2002 |
Enterprise Router 6bon2-gw |
---|
maui-soho-01# show running-config Building configuration... . . . username maui-nas-05 password cisco ! Identify the version of Cisco IOS software running on the router ! version 12.2 ! ! Include timestamps on log and debug entries that are useful for ! troubleshooting and optimizing the network. ! service timestamps debug datetime localtime show-timezone service timestamps log datetime localtime show-timezone ! ! Specify that passwords will be encrypted in configuration output. ! service password-encryption ! ! Configure the router name ! hostname 6bone-gw ! ! Configure boot options ! boot system flash slot0: boot system flash bootflash: ! ! Configure logging !logging buffered 10000 debugging ! ! Configure secret password ! enable secret 5 [removed] ! ! Configure clock timezone and summertime rule ! clock timezone PST -8 clock summer-time PDT recurring ! ! ip subnet-zero no ip source-route no ip rcmd domain-lookup ! ! Configure router domain name ! ip domain-name EnterpriseDomain.com ! ! Configure DNS name servers ! ip name-server 192.168.1.10 ip name-server 192.168.2.21 ip name-server 2002:C0A8:6301:1::21 ! ! Enable IPv6 routing ! ipv6 unicast-routing ! ! Configure Tunnel interface ! interface Tunnel2002 description 6to4 tunnel to 6bone ISP no ip address no ip redirects ipv6 address 2002:C0A8:6301::1/128 tunnel source ethernet0 tunnel mode ipv6ip 6to4 ! ! Configure physical interface ! interface Ethernet0 description connection to 6bone ISP ip address 192.168.99.1 255.255.255.0 ! interface Ethernet1 description connection to Lab interface router ip address 192.168.99.40 255.255.255.0 ipv6 address 3FFE:FFFF:8023:100::1/64 ipv6 rip v6rip enable ! interface FastEthernet2/0 description connection to core router ip address 192.168.99.41 255.255.255.0 ipv6 address 3FFE:FFFF:8023:200::1/64 ipv6 rip v6rip enable ! interface FastEthernet3/0 description connection to IPv4-only core router ip address 192.168.99.42 255.255.255.0 ! ! Other interfaces are all unused ! interface Serial4/0 no ip address shutdown ! interface Serial4/1 no ip address shutdown ! interface Serial4/2 no ip address shutdown ! interface Serial4/3 no ip address shutdown ! ! Configure basic IP routing ! ip default-gateway 192.168.33.1 ip classless ip route 0.0.0.0 0.0.0.0 192.168.33.1 ! ! Configure IPv6 static route ! ipv6 route 2002::/16 tunnel2002 ipv6 route ::/0 2002:C0A8:2101::1 ipv6 router rip v6rip ! end end |
6bone IPv6 ISP Router |
---|
maui-soho-01# show running-config Building configuration... . . . username maui-nas-05 password cisco ! Identify the version of Cisco IOS software running on the router ! version 12.2 ! ! Include timestamps on log and debug entries that are useful for ! troubleshooting and optimizing the network. ! service timestamps debug datetime localtime show-timezone service timestamps log datetime localtime show-timezone ! ! Specify that passwords will be encrypted in configuration output. ! service password-encryption ! ! Configure the router name ! hostname ipv6-router ! ! Configure boot options ! boot system flash slot0: boot system flash bootflash: ! ! Configure logging ! logging buffered 10000 debugging ! ! Configure secret password ! enable secret 5 [removed] ! ! Configure clock timezone and summertime rule ! clock timezone PST -8 clock summer-time PDT recurring ! ! ip subnet-zero no ip source-route no ip rcmd domain-lookup ! ! Configure router's domain name ! ip domain-name 6boneISP.com ! ! Configure DNS name servers ! ip name-server 192.168.33.4 ip name-server 192.168.33.5 ip name-server 3FFE:FFFF:8001::4 ! ! Enable IPv6 routing ! ipv6 unicast-routing ! ! Configure Tunnel interface ! interface Tunnel2002 description 6to4 relay service no ip address no ip redirects ipv6 address 2002:C0A8:2101::1/128 tunnel source ethernet0/0 tunnel mode ipv6ip 6to4 ! ! Configure physical interface ! interface Ethernet0/0 description connection to enterprise ip address 192.168.33.1 255.255.255.0 ! interface Ethernet0/1 no ip address shutdown ! interface Ethernet0/2 no ip address shutdown ! interface Ethernet0/3 no ip address shutdown ! interface FastEthernet1/0 description connection to ISP-core-A ip address 192.168.34.10 255.255.255.0 ipv6 address 3FFE:FFFF:8023:2::6/64 duplex auto speed auto ! interface FastEthernet2/0 description connection to ISP-core-B ip address 192.168.35.22 255.255.255.0 ipv6 address 3FFE:FFFF:8023:2::8/64 duplex auto speed auto ! ! Other interfaces are all unused ! interface Serial4/0 no ip address shutdown ! interface Serial4/1 no ip address shutdown ! interface Serial4/2 no ip address shutdown ! interface Serial4/3 no ip address shutdown ! ! Configure basic IP routing ! ip default-gateway 192.168.30.1 ip classless ip route 0.0.0.0 0.0.0.0 192.168.30.1 ! ! Configure IPv6 static route ! ipv6 route 2002::/16 tunnel2002 ! end |
This optional task explains how to confirm that your tunnel is configured and working properly. The commands contained in the task steps can be used in any sequence and may need to be repeated
The Output Interpreter Tool (registered customers only) (OIT) supports certain show commands. Use the OIT to view an analysis of show command output.
enable
show interfaces tunnel number [accounting]
ping [protocol] destination
show ip route [address [mask]]
There is currently no specific troubleshooting information available for this configuration.
Revision | Publish Date | Comments |
---|---|---|
1.0 |
06-Oct-2003 |
Initial Release |