The IPv6 Portal

03/07/12 The IPv6 Portal

1/6www.ipv6tf.org/print_url.php

6to4 is an IPv 4 tunnel-based transition mechanism defined in RFC -3056. It was designed to allow different IPv 6 domainscommunicate w ith other IPv 6 domains through IPv 4 clouds w ithout explicit IPv 4 tunnels.

6to4 encapsulates IPv 6 packets into IPv 4 ones, similar to the 6in4 tunnels, but the main difference between both methodsis that in 6in4 it is necessary to establish an explicit tunnel on both ends of the tunnel: at the host and at the serv er sides.Usually this configuration is done by means of external tools like the Tunnel Broker defined in RFC -3053 who is in chargeof configuring the tunnel on the serv er side (router) and sending a configuration script in order to let the user configure thetunnel on the host side.

With 6to4 there is no need to establish the tunnel on the serv er side, so the only configuration is done on the host side.The 6to4 router (serv er side) w ill accept all the 6to4-encapsultated packets coming from any host. A 6in4 router (serv erside) only accepts 6in4-encapsulated packets of activ e tunnels.

A s consequence, w ith 6in4 tunnels all the outgoing traffic and incoming traffic follow alway s the same path between thehost and the serv er side (both ends of the tunnel). Howev er, as illustrated in the figure, w ith 6to4 the outgoing traffic(from the host point of v iew ) is sent alway s to the same 6to4 router, but the incoming traffic might be receiv ed fromdifferent 6to4 router/relay s depending on which 6to4 relay is the nearest one to the IPv 6 network that the 6to4 host isw illing to contact.

A nother important difference w ith other transition mechanisms is that the 6to4 IPv 6 prefix is deriv ed from the IPv 4address, so the routers/hosts using this mechanism hav e a /48 IPv 6 prefix to built an IPv 6 network. For this reason, oneessential requirement is that the 6to4 host/router needs to hav e a globally addressable IPv 4 address to 6to4 works, so itcannot be located behind a NA T box, unless the NA T box (which w ill hav e the globally addressable IPv 4 address)supports protocol 41 packets being forwarded to a host behind it.

This mechanism, known as "Forwarding Protocol 41 in NA T Boxes" lets y ou configure IPv 6 tunnels to y our host/routerusing a priv ate IPv 4 address. A ccording to the proto-41 forwarding mechanism the NA T box forwards outgoing IPv 6packets (protocol 41) encapsulated into IPv 4 ones and it puts an entry for them in the NA T table in order to forward theincoming IPv 6 encapsulated packets towards the proper host located in the priv ate IPv 4 LA N. A more completedocument is av ailable here.

There are many 6to4 serv er/relay located in the Internet, most of them hav e their own unicast IPv 4 address. Howev ermany of them can be reached by using the any cast IPv 4 address 192.88.99.1 which has been standardized in RFC 3068to be used as univ ersal 6to4 relay router locator. The any cast address has the property that prov ides y ou the nearestserv er in terms of network proximity .

Public 6to4 relays

Some operating sy stems use automatically a preconfigured 6to4 relay , which might not be the best in terms of networkproximity depending on the location of the user. For this reason, find below a list of public 6to4 relay s located all aroundthe world is:

6to4.ipv 6.aarnet.net.au (A ustralia)6to4.ipv 6.uni-leipzig.de (Germany )6to4.ipv 6.fh-regensburg.de (Germany )kddilab.6to4.jp (Japan)6to4.ipng.nl (Netherlands)skby s-00-00.6to4.xs26.net (S lov akia)6to4.ipng.unix.za.net (South A frica)6to4.autotrans.consulintel.com (Spain)6to4.ipv 6.ascc.net (Taiwan)6to4.ipv 6.bt.com (United Kindom)6to4.ipv 6.microsoft.com (USA , Redmon)ipv 6-lab-gw .cisco.com (USA , San Jose)6to4.ipv 6.org (Microsoft)

192.88.99.1 (A ny cast address)

6to4 host configuration guides

Below y ou can find different way s to get IPv 6 connectiv ity by using 6to4 tunnels for the commonest operating sy stems.Some of them could be already configured by default, but may be not in the optimal way . The configuration examples areshown w ith the any cast IPv 4 address for 6to4 relay s. Such address is alway s v alid and it w ill prov ide the nearest 6to4relay in terms of network proximity . Howev er y ou can change such address by one of the serv ers shown in the abov e listif y ou notice any trouble w ith the any cast routes/connection.

Windows XP/Windows 2003

You should ty pe the follow ing command from the sy stem sy mbol w indow:

netsh int ipv 6 6to4 set relay 192.88.99.1 enabled 1440

A lternativ ely , y ou can use another 6to4 relay by replacing the IPv 4 address, by using any of the existing relay s, as in theexample below :

netsh int ipv 6 6to4 set relay 6to4.autotrans.consulintel.com enabled 1440

Windows 2000

The 6to4cfg.exe command automates 6to4 configuration. It automatically discov ers y our globally routable IPv 4 addressand creates a 6to4 prefix. Will either perform the configuration directly , or it can w rite out a configuration script that y oucan inspect and run later.

You should ty pe the follow ing command from the sy stem sy mbol w indow:

6to4cfg -R 192.88.99.1

A lternativ ely , y ou can use another 6to4 relay by replacing the IPv 4 address as in the follow ing example:

6to4cfg -R 6to4.autotrans.consulintel.com

More details can be shown here.

Linux/Solar is

You should ty pe the follow ing commands from the shell:

ip tunnel add tun6to4 mode sit ttl 80 remote any local DIR_PUBLIC _IPv 4ip link set dev tun6to4 upip -6 addr add 2002:XXYY:ZZUU::1/16 dev tun6to4ip -6 route add 2000::/3 v ia ::192.88.99.1 dev tun6to4 metric 1

Note that XXYY:ZZUU is the hexadecimal notation for DIR_PUBLIC _IPv 4 (the public IPv 4 address) as follows:

DIR_PUBLIC _IPv 4 = 60.172.21.22 -> 60 -> 3C172 -> A C21 -> 1522 -> DE

$ipv6tf_res = '1024'

$PHPSESSID = '28a10af79516c032c7ef438992c64595'

$ipv6tf_res = '1024'

$PHPSESSID = '28a10af79516c032c7ef438992c64595'

$HOSTNAME = 'ns1.euro6ix.com'

$SHELL = '/bin/bash'

$TERM = 'xterm'

$HISTSIZE = '1000'

$SSH_CLIENT = '::ffff:10.0.0.5 2719 22'

$QTDIR = '/usr/lib/qt-3.1'

$SSH_TTY = '/dev/pts/1'

$USER = 'root'

$LS_COLORS = 'no=00:fi=00:di=00;34:ln=00;36:pi=40;33:so=00;35:bd=40;33;01:cd=40;33;01:or=01;05;37;41:mi=01;05;37;41:ex=00;32:*.cmd=00;32:*.exe=00;32:*.com=00;32:*.btm=00;32:*.bat=00;32:*.sh=00;32:*.csh=00;32:*.tar=00;31:*.tgz=00;31:*.arj=00;31:*.taz=00;31:*.lzh=00;31:*.zip=00;31:*.z=00;31:*.Z=00;31:*.gz=00;31:*.bz2=00;31:*.bz=00;31:*.tz=00;31:*.rpm=00;31:*.cpio=00;31:*.jpg=00;35:*.gif=00;35:*.bmp=00;35:*.xbm=00;35:*.xpm=00;35:*.png=00;35:*.tif=00;35:'

$USERNAME = 'root'

$PATH = '/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin'

$MAIL = '/var/spool/mail/root'

$PWD = '/home/www/ipv6tf_v3/logs'

$INPUTRC = '/etc/inputrc'

$LANG = 'es_ES.UTF-8'

$HOME = '/root'

$SHLVL = '2'

$BASH_ENV = '/root/.bashrc'

$LOGNAME = 'root'

$SSH_CONNECTION = '::ffff:10.0.0.5 2719 ::ffff:10.0.0.3 22'

$LESSOPEN = '|/usr/bin/lesspipe.sh %s'

$G_BROKEN_FILENAMES = '1'

$_ = '/sbin/initlog'

$HTTP_HOST = 'www.ipv6tf.org'

$HTTP_CONNECTION = 'keep-alive'

$HTTP_USER_AGENT = 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11'

$HTTP_ACCEPT = 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'

$HTTP_REFERER = 'http://www.ipv6tf.org/index.php?page=using/connectivity/6to4'

$HTTP_ACCEPT_ENCODING=

'gzip,deflate,sdch'

$HTTP_ACCEPT_LANGUAGE=

'pt-BR,pt;q=0.8,en-US;q=0.6,en;q=0.4,es-419;q=0.2,es;q=0.2'

$HTTP_ACCEPT_CHARSET'ISO-8859-1,utf-8;q=0.7,*;q=0.3'



60.172.21.22 -> XXYY:ZZUU = 3C A C :15DE

A lternativ ely , y ou can use another 6to4 relay by replacing the IPv 4 address of the last command as in the follow ingexample:

ip -6 route add 2000::/3 v ia 6to4.autotrans.consulintel.com dev tun6to4 metric 1

*BSD

Make sure y ou hav e at least one stf(4) interface configured into y our kernel:

pseudo-dev ice stf 1 # 6to4 IPv 6 ov er IPv 4 encapsulation

By default this is not enabled. P lease consult some appropriate documents on kernel configuration and compilation.

You should also ty pe the follow ing commands from the shell:

ifconfig stf0 inet6 2002:XXYY:ZZUU::1 prefixlen 16 aliasroute add -inet6 default 2002:c058:6301::1

Note that XXYY:ZZUU is the hexadecimal notation for DIR_PUBLIC _IPv 4 (the public IPv 4 address) as follows:

DIR_PUBLIC _IPv 4 = 60.172.21.22 -> 60 -> 3C172 -> A C21 -> 1522 -> DE

60.172.21.22 -> XXYY:ZZUU = 3C A C :15DE

Mac OS

Mac O S has really good support for IPv 6, including 6to4. Depending on the v ersion of the operating sy stem the procedurecould be different but in all the cases it can be configured w ith only a few steps.

Detailed information to configure 6to4 in Mac O S can be found here.

6to4 relay configuration guides

A ccording to RFC 3056 there are two way s a router could support the 6to4 transition mechanism.

The first is called 6to4 Router and the second 6to4 Relay Router.

1) 6to4 Router: A n IPv 6 router supporting a 6to4 pseudo-interface. It is normally the border router between an IPv 6 siteand a w ide-area IPv 4 network.

For example, think in an isolated IPv 6 cloud. This cloud could use 6to4 addresses and get connected to other IPv 6 nodesthrough the 6to4 router.

2) 6to4 Relay Router: A 6to4 router configured to support transit routing between 6to4 addresses and nativ e IPv 6addresses.

The main difference w ith the 6to4 Router is that the Relay router is connected to the nativ e IPv 6 world. O r what is thesame, they announce the 2002::/16 prefix to their routing peers.

Note that an isolated host could be configured as 6to4 router just to obtain IPv 6 connectiv ity (this is called a 6to4router/host). This configuration is automatic in many operating sy stems, and in practice, in means that when a host hasIPv 6 enabled and a public IPv 4 address, if it supports 6to4, it w ill gain automatic access to IPv 6 ev en if the ISP doesn'tprov ide the serv ice.

The 6to4 addresses use the prefix 2002::/16

For the automatic configuration of the 6to4 hosts in order to reach a 6to4 relay , the 6to4 relay s need to use an any castaddress, which is 192.88.99.1. More info on this in RFC 3068.

Below y ou can find instructions for configuring a 6to4 Relay in sev eral ty pes of routers.

Cisco

This info prov ides the steps required in order to configure y our C isco box as a 6to4 Relay . In order to proceed, y ou needto hav e a public IPv 4 address on that router, y our own IPv 6 prefix (prov ided by y our RIR) and IPv 6 transit. A nd ofcourse, the router need to hav e an IO S supporting IPv 6 (including 6to4 support).

Details of the example configuration

The examples below assume that the public IPv 4 address in the WA N interface of the router is 192.1.2.3. You shouldreplace that w ith the right information for y our own case, same w ith other data used in the examples.

A lso, y ou need to understand how to calculate the 6to4 IPv 6 address for y our router. This is done using the IPv 4 addressand the IPv 6 6to4 prefix.

The 6to4 prefix 2002::/16 is taking the first 16 bits. Then the bits 17 to 48 are the nibble notation for y our IPv 4 address.So in our example it w ill be:

192 = c01 = 012 = 023 = 03

So consequently :2002:c001:0203::/48

We w ill use the first address of the prefix for the WA N interface, so 2002:c001:0203::1/128

A lso, the any cast address for 6to4 is: 192.88.99.1Follow ing the same example as abov e, in IPv 6 w ill be: 2002:c058:6301::/128

For our example using a Loopback, we use 192.3.2.3, which in IPv 6 w ill be 2002:0c03:0203::/128

We show below two options for the 6to4 Relay . O ne for the basic configuration and the other one for using the any castaddress for 6to4. You just need to configure one of them (A or B).

A ) Example configuration of a basic 6to4 Relay

This relay w ill only be reachable for hosts or routers w ith a manual configuration pointing to it.

A 1) Enable IPv 6 in the router

ipv 6 unicast-routing

A 2) Ethernet0/0 interface configuration (obv iously y ou can use another interface)

interface Ethernet0/0description 6to4 Relay Serv iceip address 192.1.2.3 255.255.255.0

A 3) tunnel 6to4 v irtual interface

interface Tunnel2002description 6to4 Relay Interfaceno ip addressno ip redirectsipv 6 address 2002:c001:0203::1/128tunnel source Ethernet0/0tunnel mode ipv 6ip 6to4

A 4) 6to4 prefix route

ipv 6 route 2002::/16 Tunnel2002

B) Example configuration of a 6to4 Relay w ith any cast support

B1) Enable IPv 6 in the router

ipv 6 unicast-routing

B2) We use the loopback (recommended), but y ou could use an Ethernet Interface or any other one

interface Loopback0description 6to4 A ny cast Relay Serv iceip address 192.88.99.1 255.255.255.0 secondaryip address 192.3.2.3 255.255.255.255ipv 6 address 2002:c003:0203::1/128ipv 6 mtu 1480no ipv 6 mfib fast

Note: When using IPv 4 any cast addresses is recommended to configure explicitly the BGP/O SPF ID w ith a unicastaddress, otherw ise, the router may take by default the any cast address as the ID.

B3) tunel 6to4 v irtual interface

='ISO-8859-1,utf-8;q=0.7,*;q=0.3'

$HTTP_COOKIE = 'ipv6tf_res=1024; PHPSESSID=28a10af79516c032c7ef438992c64595'

$PATH = '/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin'

$SERVER_SIGNATURE = ''

$SERVER_SOFTWARE = 'Apache'

$SERVER_NAME = 'www.ipv6tf.org'

$SERVER_ADDR = '213.172.48.141'

$SERVER_PORT = '80'

$REMOTE_ADDR = '189.22.21.206'

$DOCUMENT_ROOT = '/home/www/ipv6tf_v3'

$SERVER_ADMIN = '[email protected]'

$SCRIPT_FILENAME = '/home/www/ipv6tf_v3/print_url.php'

$REMOTE_PORT = '53294'

$GATEWAY_INTERFACE = 'CGI/1.1'

$SERVER_PROTOCOL = 'HTTP/1.1'

$REQUEST_METHOD = 'GET'

$QUERY_STRING = ''

$REQUEST_URI = '/print_url.php'

$SCRIPT_NAME = '/print_url.php'

$PHP_SELF = '/print_url.php'

$PATH_TRANSLATED = '/home/www/ipv6tf_v3/print_url.php'

$argv = 'Array'

$argc = '0'



interface Tunnel2002description any cast 6to4 Relay Interfaceno ip addressno ip redirectsipv 6 address 2002:C 058:6301::/128 any castipv 6 unnumbered Loopback0no ipv 6 mfib fasttunnel source Loopback0tunnel mode ipv 6ip 6to4tunnel path-mtu-discov ery

C ) C onfiguration for a public Relay

If y ou choose the any cast option (B), then y ou can also make the relay public v ia the follow ing steps.

C 1) You need to announce the 2002::/16 prefix usually v ia BGP. The example below w ill help y ou. You should add this tothe normal unicast IPv 6 configuration and replace the right information for y our own case.

router bgp my A SNno bgp default ipv 4-unicastbgp log-neighbor-changesneighbor remotepeer_IPv 6_address remote-as remoteA SNneighbor remotepeer_IPv 6_address description Peer to remoteISP

address-family ipv 6neighbor remotepeer_IPv 6_address activ ateneighbor remotepeer_IPv 6_address route-map remoteISP_in inneighbor remotepeer_IPv 6_address route-map remoteISP_out outnetwork my _IPv 6_prefixnetwork 2002::/16exit-address-family

ipv 6 route 2002::/16 Null0

ipv 6 prefix-list 6to4_prefix seq 5 permit 2002::/16

route-map remoteISP_out permit 10 match ipv 6 address prefix-list 6to4_prefix

Note: O f course, y ou need to replace some of the parameters w ith y our specific data, such as my A SN,remotepeer_IPv 6, my _IPv 6_prefix, remoteA SN, remoteISP, remoteISP_in and remoteISP_out.

C 2) A dditionally y ou need to configure the announce of the 6to4 any cast prefix, 192.88.99.0/24, to y our neighbor ISPs.

D) C onfiguration for a Priv ate Relay

A lternativ ely , if y ou only want to offer the relay to y our own customers, y ou need to announce the 192.88.99.0/24 prefixonly to them. Then y ou w ill need to use example A ) and use something adapted to y our own network/routing protocol.

For example, if y ou are using O SPF as y our IGP, y ou w ill add something such as:

router ospf 1log-adjacency -changesauto-cost reference-bandw idth 10000network 192.88.99.0 0.0.0.255 area 0

Linux

This info prov ides the steps required in order to configure y our Linux box as a 6to4 Relay . In order to proceed, y ou need tohav e a public IPv 4 address on that box, y our own IPv 6 prefix (prov ided by y our RIR) and IPv 6 transit. The Linux box(recommended 2.6.x or higher v ersion) need to hav e IPv 6 support and IPv 6 routing enabled.


The examples below assume that the public IPv 4 address in the WA N interface of the Linux is 192.1.2.3. You shouldreplace that w ith the right information for y our own case, same w ith other data used in the example.


The 6to4 prefix 2002::/16 is taking the first (high order) 16 bits. Then the bits 17 to 48 are the nibble notation of y our IPv 4address. So in our example it w ill be:

192 = c01 = 012 = 023 = 03



A lso, the any cast address for 6to4 is: 192.88.99.1

In the text below , both, the generic commands and example data is used.

A ) C onfigure 6to4 tunneling using "ip" and a dedicated tunnel dev ice

C reate a new tunnel dev ice (a TTL must be specified because the default v alue is 0):

# /sbin/ip tunnel add tun6to4 mode sit ttl <ttldefault> remote any local <localipv 4address>

# /sbin/ip tunnel add tun6to4 mode sit ttl 80 remote any local 192.1.2.3

Bring the interface up

# /sbin/ip link set dev tun6to4 up

A dd local 6to4 address to interface (note: prefix length 16 is v ery important!)

# /sbin/ip -6 addr add <local6to4address>/16 dev tun6to4

# /sbin/ip -6 addr add 2002:c001:0203::1/16 dev tun6to4

B) Display existing tunnels

# /sbin/ip -6 tunnel show [<dev ice>]

Example:

# /sbin/ip -6 tunnel showsit0: ipv 6/ip remote any local any ttl 64 nopmtudiscsit1: ipv 6/ip remote 195.226.187.50 local any ttl 64

C ) Display routes to tunnels

# /sbin/route -A inet6

Example (output is filtered to display only tunnels through v irtual interface sit0):

# /sbin/route -A inet6 | grep "\Wsit0\W*$"::/96 :: U 256 2 0 sit02002::/16 :: UA 256 0 0 sit02000::/3 ::193.113.58.75 UG 1 0 0 sit0fe80::/10 :: UA 256 0 0 sit0ff00::/8 :: UA 256 0 0 sit0

D) C onfigure 6to4 prefix route

A s hav e been seen on step C ) there should be a route for the 2002::/16 prefix through the 6to4 tunnel interface.

If it this route doesn't exist, then:

# /sbin/ip -6 route add 2002::/16 dev tun6to4 metric 1

E) C onfigure IPv 6 connectiv ity

Because we are configuring a 6to4 relay it should hav e IPv 6 connectiv ity (either nativ e or v ia a tunnel) through an IPv 6gateway (for our example we use 2001:7f9:1::1 as GW address). A fter hav ing configured an IPv 6 address on thecorresponding interface, the default route should be configured:

If our IPv 6 interface is interface eth0:

To configure the IPv 6 address:

# /sbin/ip -6 addr add 2001:7f9:1::2/64 dev eth0

To add a default route:

# /sbin/ip -6 route add 2000::/3 v ia 2001:7f9:1::1 dev eth0 metric 1

F ) C onfigure prefix adv ertisements



Somewhere on the Relay network, the dev ice in charge of announcing prefixes (ty pically a BGP router) should announce2002::/16 prefix to its IPv 6 peerings.

This would allow nativ e IPv 6 nodes to reach 6to4 nodes (2002::/16 addresses).

Regarding the IPv 4 reachability of the Relay there are two options:

1) C onfigure the 6to4 any cast IPv 4 address (192.88.99.1) and announce the any cast prefix (192.88.99.0/24) to y our IPv 4peerings.

2) Use another public IPv 4 address.

If 1) is chosen 6to4 hosts w ill be able to find it automatically , w ith no need for any manual configuration.

In case of choosing 2) some kind of adv ertisement of the IPv 4 address is needed (usually a FQ DN-Fully Q ualifiedDomain Name) in order to allow others to configure our relay .

This w ill allow 6to4 nodes (2002::/16 addresses) to reach nativ e IPv 6 nodes through our relay .

G) Making y our configuration persistent

In order to make y our configuration persistent a script could be used to be executed at boot time. The idea is to hav e anscript that executes all the commands y ou need to configure ev ery thing as desired.

A n example follows, it takes as argument the local host public IPv 4 address:

#!/bin/sh

IPV 4=$1PA RTS=`echo $IPV 4 | tr . ' '`PREF IX48=`printf "2002:%02x%02x:%02x%02x" $PA RTS`

STF_IF="stf0"STF_NET6="$PREF IX48":0000STF_IP6="$STF_NET6"::1

ip tunnel add tun6to4 mode sit ttl 64 remote any local $IPV 4ip link set dev tun6to4 upip -6 addr add $STF_IP6/16 dev tun6to4

ip -6 addr add 2001:7f9:1::2/64 dev eth0ip -6 route add 2000::/3 v ia 2001:7f9:1::1 dev eth0 metric 1

A lso depending on the implementation some configuration could be done in the sy stem's network information files.

- Red Hat Distributions:

A dd IPV 6TO 4INIT=y es to /etc/sy sconfig/network-scripts/ifcfg-if for the interface w ith the local IPv 4 address and addIPV 6_DEFA ULTDEV =tun6to4 to /etc/sy sconfig/network.

You also should configure the default IPv 6 route if needed.

C onfiguration examples may v ary for other Linux distributions.

A nnex A : Remov e a 6to4 tunnel using "ip" and a dedicated tunnel dev ice

Remov e all routes through this dedicated tunnel dev ice

# /sbin/ip -6 route flush dev tun6to4

Shut down interface

# /sbin/ip link set dev tun6to4 down

Remov e created tunnel dev ice

# /sbin/ip tunnel del tun6to4

BSD

This info prov ides the steps required in order to configure y our BSD box as a 6to4 Relay . In order to proceed, y ou need tohav e a public IPv 4 address on that box, y our own IPv 6 prefix (prov ided by y our RIR) and IPv 6 transit. The BSD boxneed to support stf pseudo-interface, F reeBSD 5.4 or higher v ersion is recommended, for F reeBSD 4.9 y ou need torecompile the kernel adding "pseudo-dev ice stf". NetBSD 1.5 supports stf pseudo-interface compiling the kernel. A lso needto hav e IPv 6 support and IPv 6 routing enabled.


The example below is assuming that the public IPv 4 address in the WA N interface of the BSD is 192.1.2.3. You shouldreplace that w ith the right information for y our own case, same w ith other data used in the example.


The 6to4 prefix 2002::/16 is taking the first (high order) 16 bits. Then the bits 17 to 48 are the nibble notation of the IPv 4address. So in our example it w ill be:

192 = c01 = 012 = 023 = 03




In the text below , both, the generic commands and example data is used.

A ) C onfigure 6to4 tunneling

C reate a stf interface (in case it doesn't exist):

# ifconfig stf create

By default the stf interface is not enabled.

A dd local 6to4 address to interface (note: prefix length 16 is v ery important!)

# ifconfig stf0 inet6 6to4addr prefixlen 16

# ifconfig stf0 inet6 2002:c001:0203::1 prefixlen 16

B) C onfigure IPv 6 connectiv ity


If our IPv 6 interface is interface ne0:


# ifconfig ne0 inet6 alias 2001:7f9:1::2


# route add -inet6 default 2001:7f9:1::1

C ) C onfigure prefix adv ertisements




1) C onfigure the 6to4 any cast IPv 4 address (192.88.99.1) and announce the any cast prefix (192.88.99.0/24) to the siteIPv 4 peerings.





D) Making y our configuration persistent



In order to make y our configuration persistent a script could be used to be executed at boot time. The idea is to hav e ascript that executes all the commands y ou need to configure ev ery thing as desired.

A n example follows, it takes as argument the local host public IPv 4 address:

#!/bin/sh

IPV 4=$1PA RTS=`echo $IPV 4 | tr . ' '`PREF IX48=`printf "2002:%02x%02x:%02x%02x" $PA RTS`

STF_IF="stf0"STF_NET6="$PREF IX48":0000STF_IP6="$STF_NET6"::1

ifconfig $STF_IF inet6 $STF_IP6 prefixlen 16 alias

ifconfig ne0 inet6 alias 2001:7f9:1::2route add -inet6 default 2001:7f9:1::1

For F reeBSD:

Set in /etc/rc.conf:

stf_interface_ipv 4addr="public_v 4addr"

ipv 6_defaultrouter="2001:7f9:1::1"

C onfiguration examples may v ary for other BSD distributions.

A nnex A : Remov e a 6to4 tunnel using "ip" and a dedicated tunnel dev ice

Remov e a 6to4 interface address

# ifconfig stf0 inet6 -alias 2002:c001:0203::1

Remov e 6to4 prefix route

F irst we can see the route table w ith:

# netstat -rn

Now we can delete the route entry for 2002::/16 prefix v ia <gateway _IPv 6> w ith:

# route delete -inet6 2002::/16 <gateway _IPv 6>

Windows

This info prov ides the steps required in order to configure y our Windows box as a 6to4 Relay . It is most probably usefulalso for configuring a Windows V ista and Windows Longhorn (Windows Serv er 2008). In order to proceed, y ou need tohav e a public IPv 4 address on that box, y our own IPv 6 prefix (prov ided by y our RIR) and IPv 6 transit. The Windowsbox (all av ailable Serv ice Packs installed) needs to hav e IPv 6 support and IPv 6 routing enabled.


The examples below are assuming that the public IPv 4 address in the WA N interface of the Linux is 192.1.2.3. You shouldreplace that w ith the right information for y our own case, same w ith other data used in the examples.


The 6to4 prefix 2002::/16 is taking the first (high order) 16 bits. Then the bits 17 to 48 are the nibble notation for y ourIPv 4 address. So in our example it w ill be:

192 = c01 = 012 = 023 = 03




Note that the interface number in the examples below , is only an example (3), and in y our sy stem, may hav e a differentnumber, y ou can also use the interface names enclosed in "" instead of the interface numbers.

A ) A utomatic configuration

Make sure that the 6to4 relay computer has a public address assigned to its Internet interface and has not receiv ed aRouter A dv ertisement message from either an IPv 6 router on an attached subnet or an ISA TA P router.

In that case, the 6to4 component automatically creates an interface (named 6to4 Pseudo-Interface), adds a 2002::/16route to the routing table that uses the 6to4 interface, and adds a default route that points to a 6to4 relay router on theIPv 4 Internet.

It configures an IPv 6 address in the form 2002:xx:y y ::xx:y y where xx:y y are the IPv 4 public address 32 bits.

Follow ing our example it w ill get: 2002:c001:0203::c001:0203

To see information about the pseudo-interface use:

c:\>netsh interface ipv 6 show address

Interface 3: 6to4 Tunneling Pseudo-Interface

A ddr Ty pe DA D State V alid Life Pref. Life A ddress

O ther Preferred infinite infinite 2002:c001:0203::c001:0203

B) Enable the 6to4 serv ice

You can do this w ith the follow ing command:

C :\>netsh interface ipv 6 6to4 set state enabled

C ) Enable forwarding on the 6to4 interface

You can do this w ith the follow ing command:

C :\>netsh interface ipv 6 set interface 3 forwarding=enabled

D) C onfigure IPv 6 routes

To see the configured routes:

c:\>netsh interface ipv 6 show routesQ uery ing activ e state...

Publish Ty pe Met Prefix Idx Gateway /Interface Name

y es Manual 1101 ::/0 3 2002:c000:0210::c001:0203

y es Manual 1001 2002::/16 3 6to4 Tunneling Pseudo-Interface

E) C onfigure IPv 6 connectiv ity

A s hav e been seen abov e, the 6to4 component automatically configures a 6to4 Relay as the default route for the IPv 6traffic. We hav e to change this default route towards an IPv 6 gateway .


A ssuming that our WA N IPv 6 interface is interface 5.


c:\>netsh interface ipv 6 add address interface=5 address=2001:7f9:1::2


C :\>netsh interface ipv 6 add route ::/0 5 2001:7f9:1::1 publish=y es

F ) C onfigure prefix adv ertisements






1) C onfigure the 6to4 any cast IPv 4 address (192.88.99.1) and announce the any cast prefix (192.88.99.0/24) to the siteIPv 4 peerings.





G) Making the configuration persistent

Ty pically Windows w ill make the configuration persistent by default, but it may v ary across different compilation v ersions.So if y ou want to make sure about that, just add the follow ing to each netsh command line:

store=persistent

A nnex: Remov e 6to4 configuration

Disable the 6to4 serv ice

C :\>netsh interface ipv 6 6to4 set state disabled

Disable forwarding on the 6to4 interface

C :\>netsh interface ipv 6 set interface 3 forwarding=disabled

The IPv6 Portal

Documents

Transcript of The IPv6 Portal