ipv6
IPV6 Tunneling
16/10/10 17:11
Since on both INE and IPX blogs there’re clear posts on IPv6 tunneling, there’s no need to write another one on topics already well covered there.
INE blog
IPX blog
One kind of tunnel is missing on the posts: IPV4-compatible tunnels, maybe because it’s deprecated but since it’s on the blueprint I’ll lab it.
The topology I use is the one of IPX blog since its ready on GNS3, check the blog for details.
On R2, R3, R5 create the tunnel interface:
interface Tunnel4
no ip address
no ip redirects
tunnel source Serial0/0
! S0/0 is the interface towards BB router
tunnel mode ipv6ip auto-tunnel
end
Check tunnel interface status:
R3#sh ipv6 interface tun4
Tunnel4 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::C0A8:303
Global unicast address(es):
::192.168.3.3, subnet is ::/96
Why /96? It’s 128 bits of IPv6 address minus 32 bits of IPv4 address.
R3#s int t4
! showing only interesting lines
Tunnel4 is up, line protocol is up
Hardware is Tunnel
Encapsulation TUNNEL, loopback not set
Tunnel source 192.168.3.3 (Serial0/0), destination UNKNOWN
! unknows is correct, tunnel destination is embedded in the destination IPv6 address
Tunnel protocol/transport IPv6 auto-tunnel
In this document LINK is specified that only BGP or static routing can be used between tunnel ends, let’s use BGP:
On routers R2 R3 R5:
router bgp 100
bgp log-neighbor-changes
neighbor ::192.168.2.2 remote-as 100
neighbor ::192.168.3.3 remote-as 100
neighbor ::192.168.5.5 remote-as 100
!
address-family ipv6
neighbor ::192.168.2.2 activate
neighbor ::192.168.3.3 activate
neighbor ::192.168.5.5 activate
bgp redistribute-internal
redistribute connected route-map CONN
! route-map CONN matches only Lo0 interface
redistribute ospf 1 match internal external 1 external 2
no synchronization
exit-address-family
Let’s check tunnel BGP routes:
R3#sh ip bgp ipv6 unicast
BGP table version is 11, local router ID is 3.3.3.3
Network Next Hop Metric LocPrf Weight Path
*> 2001
B7:34::/64 :: 128 32768 ?
*>i2001B8::1/128 ::192.168.2.2 64 100 0 ?
*>i2001B8::2/128 ::192.168.2.2 0 100 0 ?
*> 2001B8::3/128 :: 0 32768 ?
*> 2001B8::4/128 :: 64 32768 ?
*>i2001B8::5/128 ::192.168.5.5 0 100 0 ?
*>i2001B8::6/128 ::192.168.5.5 64 100 0 ?
*>i2001B8:1::/64 ::192.168.2.2 65 100 0 ?
*> 2001B8:4::/64 :: 65 32768 ?
*>i2001B8:6::/64 ::192.168.5.5 65 100 0 ?
Next-hops are the tunnel interfaces on R2 and R5.
Use the same TCL script on IPX post to check connectivity, it should work.
Additional informations:
Cisco DOC on configuring IPV6 compatible tunnels: LINK
INE blog
IPX blog
One kind of tunnel is missing on the posts: IPV4-compatible tunnels, maybe because it’s deprecated but since it’s on the blueprint I’ll lab it.
The topology I use is the one of IPX blog since its ready on GNS3, check the blog for details.
On R2, R3, R5 create the tunnel interface:
interface Tunnel4
no ip address
no ip redirects
tunnel source Serial0/0
! S0/0 is the interface towards BB router
tunnel mode ipv6ip auto-tunnel
end
Check tunnel interface status:
R3#sh ipv6 interface tun4
Tunnel4 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::C0A8:303
Global unicast address(es):
::192.168.3.3, subnet is ::/96
Why /96? It’s 128 bits of IPv6 address minus 32 bits of IPv4 address.
R3#s int t4
! showing only interesting lines
Tunnel4 is up, line protocol is up
Hardware is Tunnel
Encapsulation TUNNEL, loopback not set
Tunnel source 192.168.3.3 (Serial0/0), destination UNKNOWN
! unknows is correct, tunnel destination is embedded in the destination IPv6 address
Tunnel protocol/transport IPv6 auto-tunnel
In this document LINK is specified that only BGP or static routing can be used between tunnel ends, let’s use BGP:
On routers R2 R3 R5:
router bgp 100
bgp log-neighbor-changes
neighbor ::192.168.2.2 remote-as 100
neighbor ::192.168.3.3 remote-as 100
neighbor ::192.168.5.5 remote-as 100
!
address-family ipv6
neighbor ::192.168.2.2 activate
neighbor ::192.168.3.3 activate
neighbor ::192.168.5.5 activate
bgp redistribute-internal
redistribute connected route-map CONN
! route-map CONN matches only Lo0 interface
redistribute ospf 1 match internal external 1 external 2
no synchronization
exit-address-family
Let’s check tunnel BGP routes:
R3#sh ip bgp ipv6 unicast
BGP table version is 11, local router ID is 3.3.3.3
Network Next Hop Metric LocPrf Weight Path
*> 2001
B7:34::/64 :: 128 32768 ?*>i2001
B8::1/128 ::192.168.2.2 64 100 0 ?*>i2001
B8::2/128 ::192.168.2.2 0 100 0 ?*> 2001
B8::3/128 :: 0 32768 ?*> 2001
B8::4/128 :: 64 32768 ?*>i2001
B8::5/128 ::192.168.5.5 0 100 0 ?*>i2001
B8::6/128 ::192.168.5.5 64 100 0 ?*>i2001
B8:1::/64 ::192.168.2.2 65 100 0 ?*> 2001
B8:4::/64 :: 65 32768 ?*>i2001
B8:6::/64 ::192.168.5.5 65 100 0 ?Next-hops are the tunnel interfaces on R2 and R5.
Use the same TCL script on IPX post to check connectivity, it should work.
Additional informations:
Cisco DOC on configuring IPV6 compatible tunnels: LINK