Tag Archives: 6to4

IPv6 Tunneling Part 3: Automatic 6to4 Tunnels

Hello Everyone,

We are now in Part 3 of this IPv6 Tunneling Series and we are about to talk the Automatic 6to4 Tunnels and how they work.

The first thing to understand here is that they are Point-To-Multipoint in nature (different to the first 2 methods of tunneling we saw on this series). This kind of tunnel will treat the IPv4 network as a NBMA network.

They work on a per packet basis in order to encapsulate the traffic to the correct destination (That’s the sole point of Point-To-Multipoint networks).

These tunnels get the right destination address by using the 2002::/16 prefix and the Router Border IPv4 address (Usually the WAN).

As you can see you will be using up to 48 bits till this point, that leaves you with 16 bits to play with in order to generate the subnets at your site.

Note: You can only have one automatic 6to4 tunnel in a Cisco IOS Box and you need to configure a static route to the 2002::/16 range pointing to the tunnel interface for routing to work.

Now it’s time to get the Lab started!!!!

 

 

 

Screen Shot 2015-07-29 at 4.32.24 PM Note: The LAN addresses were derived by the automatic 6to4 prefix. You will see how to obtain it later in this post.

 

As we see in the diagram we have 3 Routers (R1,R2 and R3)

  • R1 runs IPv6 in it’s Loopback 1 interface and IPv4 in it’s connection to R2
  • R2 only runs IPv4
  • R3 runs IPv6 in it’s Loopback 1 interface and IPv4 in it’s connection to R2
  • The idea of the Lab is to make sure the Loopback of R1 can communicate with the Loopback of R3

 

Now let’s get the configuration started:

 

The number one thing to do is to transform your IPv4 Border IP address (Decimal Notation) into Hex Notation so you can place it after the first 2002 (16 bits) in the IPv6 tunnel address.

So let’s focus on R1 first.

R1 Border IPv4 address Transformation to Hex:

R1: 12.0.0.1

 

Step 1) Transform each octet to binary

12 in binary is 00001100

0 in binary is 00000000

0 in binary is 00000000

1 in binary i is 00000001

 

Step 2) Split each of the binary results in 2 parts in order to transform it to Hex

12 in binary is 0000 1100

0 in binary is 0000 0000

0 in binary is 0000 0000

1 in binary is 0000 0001

 

Step 3) Write it down in hex format

0000 in hex is 0

1100 in hex is C (12)

0000 in hex is 0

0000 in hex is 0

0000 in hex is 0

0000 in hex is 0

0000 in hex is 0

0001 in hex is 1

 

Step 4) Put it all together in hex

12.0.0.1  then becomes 0C00:0001

 

Step 5) Finally add the 2001 at the beginning of the address

2002:0C00:0001::/48

 

There are several ways in the internet about how to transform Hex into Decimal, Decimal into Hex, Binary into Hex, etc but today my friend I will show you a Cisco IOS Tip for this.

There is an IOS command that will allow you to transform the IPv4 address into an IPv6 6to4 Tunnel IPv6 address.

Let’s actually run the command and see if it matches what our transformation result is:

R1(config)#ipv6 general-prefix WAN_Int 6to4 FastEthernet0/0 

Note: WAN_Int it’s just a name I wanted to use.

That’s it! Then if you run the show ipv6 general-prefix  you will get the right IPv6 address without having to manually determine it:

R1#sh ipv6 general-prefix

IPv6 Prefix WAN_Int, acquired via 6to4

  2002:C00:1::/48

NICEEEEE! There you have a free tip.

You can try to obtain yourself the IPv6 6to4 address of R3 based on it’s Border (Fa0/0) IPv4 address.

Now that we have the IPv6 address let’s move to the tunnel configuration:

R1

interface Tunnel1

no ip address

no ip redirects

ipv6 address 2002:0:1::1/64

tunnel source FastEthernet0/0

tunnel mode ipv6ip 6to4

ipv6 route 2002::/16 tunnel 1

R3

interface Tunnel1

no ip address

no ip redirects

ipv6 address 2002:D00:1::1/64

tunnel source FastEthernet0/0

tunnel mode ipv6ip 6to4

ipv6 route 2002::/16 tunnel 1

Verification Stage:

Let’s try to ping from R3’s loopback to R1’s loopback and see how R3 is able to find out to what IPv4 address to send it.

R3#ping 2002:0c00:0001:1::1 source loopback 1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 2002:C00:1:1::1, timeout is 2 seconds:

Packet sent with a source address of 2002:D00:1:1::1

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 20/33/44 ms

That’s exactly how Automatic 6to4 tunneling work.

Regards,

Julio Carvajal