-What is a IPv6 Tunnel?
A tunnel is a virtual device used to encapsulate any type of packet into a network aware packet type. That is, i can send any ipv4 type of packets over an ipv6 network. For more information click here.
-Types of IPv6 Tunnels:
-ipv6 - ipv6 Tunnel (ipv6 over ipv6 tunnel)
-ipv4 - ipv6 Tunnel (ipv4 over ipv6 tunnel)
-Requirements:
- Any distro with kernel version 2.6.22 or above.
Note : The ipv4 over ipv6 feature was introduced only in 2.6.22 kernel. Older kernels wont work.
- iproute2 package. Most distro's package the "ip" command. It is to be noted that at the time of writing this blog, most distro's with ip command didnt support ipv4 over ipv6. If thats is the case please download the latest packages from here. For the developers, download from the git repo here.
-Steps to create a ipv6-ipv6 tunnel:
1) Configure Host A of Private Network A :
The configurations:
eth0: ipv6 address : 3001:470:1f00:fff::189
The node "Host A" must be having an ipv6 address. Even an linklocal address is ok.
Add the ip address to the interface if it is not configured already.
#ip -6 route add 3001::/4 dev eth0
Add the default route to reach the router.
2) Configure Host B of Private Network B :
The configurations:
eth0: ipv6 address : 5001:470:1f00:fff::189
The node "Host A" must be having an ipv6 address. Even an linklocal address is ok.
Add the ip address to the interface if it is not configured already.
#ip -6 route add 5001::/4 dev eth0
Add the default route to reach the router.
3) Configure Router A : (I Assume that your router is a linux box with 2 interfaces)
The configurations:
eth1 : ipv6: 2001:470:1f00:ffff::190
mytun : ipv6 : 4001:470:1f00:ffff::190
The router "Router A" must be having two physical interfaces with a ipv6 address each as shown above .
Add the ip address to the interface eth0 if it is not configured already.
Add the ip address to the interface eth1 if it is not configured already.
Add the route for each interface.
#ip -6 route add 2001::/4 dev eth1
Now to setup the tunnel, we need to make sure we have the right module installed.
A simple modprobe will get you going.
#modprobe ip6_tunnel
Incase the above command results in error then check if it is statically compiled. If it is, then your output for "ifconfig -a" must be as shown below.
If you can see 'ip6tnl0' as one of the interfaces then you are good to go. Else you need to enable that module and compile the kernel.
Now, its time to create the tunnel. We assume that eth0 of this router is connected to private network A and eth1 is connected to "IPv6 network". So we create a tunnel associated with eth1.
Bring up the link of the interface
Assign an address to our virtual tunnel device.
The most important step is to redirect all the traffic to our tunnel.
Since we are using a normal linux system as router we have to enable forwarding.
4) Configure Router B : (I Assume that your router is a linux box with 2 interfaces)
The configurations:
eth1 : ipv6: 2001:470:1f00:ffff::189
mytun : ipv6 : 6001:470:1f00:ffff::190
The router "Router B" must be having two physical interfaces with a ipv6 address each as
shown above .
Add the ip address to the interface eth0 if it is not configured already.
Add the ip address to the interface eth1 if it is not configured already.
Add the route for each interface.
#ip -6 route add 2001::/4 dev eth1
Now to setup the tunnel, we need to make sure we have the right module installed.
A simple modprobe will get you going.
#modprobe ip6_tunnel
Incase the above command results in error then check if it is statically compiled. If it is, then your output for "ifconfig -a" must be as shown in
figure 2.
Now, its time to create the tunnel. We assume that eth0 of this router is connected to private network B and eth1 is connected to "IPv6 network". So we create a tunnel associated with eth1.
Bring up the link of the interface
Assign an address to our virtual tunnel device.
The most important step is to redirect all the traffic to our tunnel.
Since we are using a normal linux system as router we have to enable forwarding.
5) Make sure the Firewalls are appropriately configured on the routers and hosts to allow tunneling. If you are in doubt, disable firewall and try.
6)Now you can ping6 across Node A and Node B via the tunnel.
-Steps to create a ipv4-ipv6 tunnel:
These types of tunnels are typically used in scenarios where we have two private ipv4 network and we wish to access then as same LAN network over an ipv6 internet. Although ipv6 has not yet established its self as the preferred protocol for the internet, its only matter of time. As of now we can find use in offices that have a mixture of ipv6 and ipv4 networks. If two ipv4 networks needed to be combined via an ipv6 backbone we can use this type of tunneling.
1) Configure Host A of Private Network A :
The configurations:
eth0: ipv4 address : 172.16.15.2
The node "Host A" must be having an ipv4 address.
Add the ip address to the interface if it is not configured already.
#ip addr add 172.16.15.2 dev eth0
Add default route showing the gateway as "Router A".
#ip route add default via 172.16.15.1 dev eth0
2) Configure Host A of Private Network B :
The configurations:
eth0: ipv4 address : 192.168.1.2
The node "Host B" must be having an ipv4 address.
Add the ip address to the interface if it is not configured already.
#ip addr add 192.168.1.2 dev eth0
Add default route showing the gateway as "Router A".
#ip route add default via 192.168.1.1 dev eth0
3) Configure Router A : (I Assume that your router is a linux box with 2 interfaces)
The configurations:
eth1 : ipv6: 2001:470:1f00:ffff::189
mytun : ipv6 : 4001:470:1f00:ffff::189
The router "Router A" must be having two physical interfaces with a ipv6 address and a ipv4 as shown above .
Add the ip address to the interface eth0 if it is not configured already.
Add the ip address to the interface eth1 if it is not configured already.
Add the route for interface eth1.
Now to setup the tunnel, we need to make sure we have the right module installed.
A simple modprobe will get you going.
#modprobe ip6_tunnel
Incase the above command results in error then check if it is statically compiled. If it is, then
your output for "ifconfig -a" must be as shown in figure 2.
Now, its time to create the tunnel. We assume that eth0 of this router is connected to private network B and eth1 is connected to "IPv6 network". So we create a tunnel associated with eth1.
Bring up the link of the interface
Assign an address to our virtual tunnel device.
The most important step is to redirect all the traffic to our tunnel.
Since we are using a normal linux system as router we have to enable forwarding.
#echo "1" > /proc/sys/net/ipv4/ip_forward
4) Configure Router B : (I Assume that your router is a linux box with 2 interfaces)
The configurations:
eth1 : ipv6: 2001:470:1f00:ffff::190
mytun : ipv6 : 4001:470:1f00:ffff::190
The router "Router B" must be having two physical interfaces with a ipv6 address and a ipv4 as shown above .
Add the ip address to the interface eth0 if it is not configured already.
Add the ip address to the interface eth1 if it is not configured already.
Add the route for interface eth1.
Now to setup the tunnel, we need to make sure we have the right module installed.
A simple modprobe will get you going.
#modprobe ip6_tunnel
Incase the above command results in error then check if it is statically compiled. If it is, then your output for "ifconfig -a" must be as shown in
figure 2.
Now, its time to create the tunnel. We assume that eth0 of this router is connected to private network B and eth1 is connected to "IPv6 network". So we create a tunnel associated with eth1.
Bring up the link of the interface
Assign an address to our virtual tunnel device.
The most important step is to redirect all the traffic to our tunnel.
Since we are using a normal linux system as router we have to enable forwarding.
#echo "1" > /proc/sys/net/ipv4/ip_forward
5) Make sure the Firewalls are appropriately configured on the routers and hosts to allow tunneling. If you are in doubt, disable firewall and try.
6)Now you can ping6 across Node A and Node B via the tunnel.
With these two methods we can successfully connect ipv4 networks to ipv6.
1 comment:
I read your post carefully, but although I use a linux 2.6.22.1 kernel the modes ip6ip6 and ipip6 are not recognize by the 'ip' command (I also tested these comands on a Linux 2.6.24). The only recognize modes are 'ipip, sit and gre'.
I have the iproute2 package and the options concerning IPv6 tunnels are compiled in the kernel.
Do you have a suggestion for me ?
Post a Comment