[afripv6-discuss] Configuring a 6to4 Relay in Cisco

JORDI PALET MARTINEZ jordi.palet at consulintel.es
Sat Jun 9 16:30:25 SAST 2007 

Hi Herve,

That's easy. Let's try first to understand how big is your network.

What kind of customers you connect and number of each (residential,
enterprises, cellular phones, etc.). Which that we can make an estimation of
the size of the prefix you need and then we can start with the form.

Regards,
Jordi




> De: hervé TYPAMM <typamm at yahoo.fr>
> Responder a: <typamm at yahoo.fr>
> Fecha: Sat, 9 Jun 2007 15:52:04 +0200 (CEST)
> Para: <jordi.palet at consulintel.es>, "IPv6 in Africa
> <afripv6-discuss at afrinic.net>" <afripv6-discuss at afrinic.net>
> Asunto: RE : [afripv6-discuss] Configuring a 6to4 Relay in Cisco
> 
> Thank you Jordi for this initiative. I need help in
> order to acquire my IPv6 prefix from AfriNIC
> 
> Hervé
> 
> 
> 
> 
> --- JORDI PALET MARTINEZ <jordi.palet at consulintel.es>
> a écrit :
> 
>> This info provides the steps requires in order to
>> configure your Cisco box
>> as a 6to4 Relay.
>> 
>> In order to proceed, you need to have a public IPv4
>> address on that router,
>> your own IPv6 prefix (provided by AfriNIC in this
>> case) and IPv6 transit.
>> 
>> And of course, the router need to have an IOS
>> supporting IPv6 (including
>> 6to4 support).
>> 
>> If you need help in order to acquire your IPv6
>> prefix from AfriNIC, let us
>> know and we can help even with the request form.
>> 
>> Similarly, we are able to help in making sure you
>> have the right IOS version
>> (and to configure it) and you can get IPv6 transit
>> (native or tunneling)
>> either from your upstream, or alternatively, if
>> that's not possible, we will
>> be able to provide free IPv6 transit to third party
>> networks.
>> 
>> Regards,
>> Jordi
>> 
>> 
>> Details of the example configuration
>> =====================================
>> 
>> The examples below is assuming that the public IPv4
>> address in the WAN
>> interface of the router is 192.1.2.3. You should
>> replace that with the right
>> information for your own case, same with other data
>> used in the examples.
>> 
>> Also, you need to understand how to calculate the
>> 6to4 IPv6 address for your
>> router. This is done using the IPv4 address and the
>> IPv6 6to4 prefix.
>> 
>> The 6to4 prefix 2002::/16 is taking the first 16
>> bits. Then the bits 17 to
>> 48 are the nibble notation for your IPv4 address. So
>> in our example it will
>> be:
>> 
>> 192 = c0
>> 1 = 01
>> 2 = 02
>> 3 = 03
>> 
>> So consequently:
>> 2002:c001:0203::/48
>> 
>> We will use the first address of the prefix for the
>> WAN interface, so
>> 2002:c001:0203::1/128
>> 
>> Also, the anycast address for 6to4 is: 192.88.99.1
>> Following the same example as above, in IPv6 will
>> be:
>> 2002:c058:6301::/128
>> 
>> For our example using a Loopback, we use 192.3.2.3,
>> which in IPv6 will be
>> 2002:0c03:0203::/128
>> 
>> We show below two options for the 6to4 Relay. One
>> basic configuration and
>> another using the anycast address for 6to4. You just
>> need to configure one
>> of them (A or B).
>> 
>> 
>> A) Example configuration of a basic 6to4 Relay
>> =================================================
>> 
>> This relay will only be reachable for hosts or
>> routers with a manual
>> configuration pointing to it.
>> 
>> A1) Enable IPv6 in the router
>> 
>> ipv6 unicast-routing
>> 
>> A2) Ethernet0/0 interface configuration (obviously
>> you can use another
>> interface)
>> 
>>  interface Ethernet0/0
>>   description 6to4 Relay Service
>>   ip address 192.1.2.3 255.255.255.0
>> 
>> A3) ³tunnel 6to4² virtual interface
>> 
>>   interface Tunnel2002
>>   description 6to4 Relay Interface
>>   no ip address
>>   no ip redirects
>>   ipv6 address 2002:c001:0203::1/128
>>   tunnel source Ethernet0/0
>>   tunnel mode ipv6ip 6to4
>> 
>> A4) 6to4 prefix route
>> 
>>   ipv6 route 2002::/16 Tunnel2002
>> 
>> 
>> B) Example configuration of a 6to4 Relay with
>> anycast support
>> 
> ===============================================================
>> 
>> B1) Enable IPv6 in the router
>> 
>> ipv6 unicast-routing
>> 
>> B2) We use the loopback (recommended), but you could
>> use an Ethernet
>> Interface or any other one
>> 
>>   interface Loopback0
>>    description 6to4 Anycast Relay Service
>>    ip address 192.88.99.1 255.255.255.0 secondary
>>    ip address 192.3.2.3 255.255.255.255
>>    ipv6 address 2002:c003:0203::1/128
>>    ipv6 mtu 1480
>>    no ipv6 mfib fast
>> 
>> Note: When using IPv4 anycast addresses is
>> recommended to configure
>> explicitly the BGP/OSPF ID with a unicast address,
>> otherwise, the router may
>> take by default the anycast address as the ID.
>> 
>> B3) ³tunel 6to4² virtual interface
>> 
>>   interface Tunnel2002
>>    description anycast 6to4 Relay Interface
>>    no ip address
>>    no ip redirects
>>    ipv6 address 2002:C058:6301::/128 anycast
>>    ipv6 unnumbered Loopback0
>>    no ipv6 mfib fast
>>    tunnel source Loopback0
>>    tunnel mode ipv6ip 6to4
>>    tunnel path-mtu-discovery
>> 
>> 
>> C) Configuration for a public Relay
>> =====================================
>> 
>> If you choose the anycast option (B), then you can
>> also make the relay
>> public via the following steps.
>> 
>> C1) You need to announce the 2002::/16 prefix
>> usually via BGP. The example
>> below will help you. You should add this to the
>> normal unicast IPv6
>> configuration and replace the right information for
>> your own case.
>> 
>>   router bgp myASN
>>    no bgp default ipv4-unicast
>>    bgp log-neighbor-changes
>>    neighbor remotepeer_IPv6_address remote-as
>> remoteASN
>>    neighbor remotepeer_IPv6_address description Peer
>> to remoteISP
>> 
>>    address-family ipv6
>>    neighbor remotepeer_IPv6_address activate
>>    neighbor remotepeer_IPv6_address route-map
>> remoteISP_in in
>>    neighbor remotepeer_IPv6_address route-map
>> remoteISP_out out
>>    network my_IPv6_prefix
>>    network 2002::/16
>>    exit-address-family
>> 
>>   ipv6 route 2002::/16 Null0
>> 
>>   ipv6 prefix-list 6to4_prefix seq 5 permit
>> 2002::/16
>> 
>>   route-map remoteISP_out permit 10
>>    match ipv6 address prefix-list 6to4_prefix
>> 
>> Note: Of course, you need to replace some of the
>> parameters with your
>> specific data, such as myASN, remotepeer_IPv6,
>> my_IPv6_prefix, remoteASN,
>> remoteISP, remoteISP_in and remoteISP_out.
>> 
>> C2) Additionally you need to configure the announce
>> of the 6to4 anycast
>> 
> === message truncated ===
> 
> 
> 
>       
> _____________________________________________________________________________
> Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo! Mail 




**********************************************
The IPv6 Portal: http://www.ipv6tf.org

Bye 6Bone. Hi, IPv6 !
http://www.ipv6day.org

This electronic message contains information which may be privileged or confidential. The information is intended to be for the use of the individual(s) named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, including attached files, is prohibited.

More information about the afripv6-discuss mailing list