How to Configure a 6to4 Tunnel

If your IPv6 network needs to communicate with a remote IPv6 network, consider using automatic, 6to4 tunnels. The process of configuring a 6to4 tunnel includes configuring the boundary router as a 6to4 router. The 6to4 router functions as the endpoint of a 6to4 tunnel between your network and an endpoint router at a remote IPv6 network.

Before You Begin

Before you configure 6to4 routing on an IPv6 network, you must have done the following:

• Configured IPv6 on all appropriate nodes at the prospective 6to4 site, as described in Modifying an IPv6 Interface Configuration for Hosts and Servers.

• Selected at least one router with a connection to an IPv4 network to become the 6to4 router.

• Configured a globally unique IPv4 address for the prospective 6to4 router's interface to the IPv4 network. The IPv4 address must be static.

  ---

  Note –

  Do not use a dynamically allocated IPv4 address, as described in Chapter 11, About Solaris DHCP (Overview). Global dynamically allocated addresses might change over time, which can adversely affect your IPv6 addressing plan.

  ---

1. Log in to the prospective 6to4 router as Primary Administrator or as superuser.

   The Primary Administrator role includes the Primary Administrator profile. To create the role and assign the role to a user, see Chapter 2, Working With the Solaris Management Console (Tasks), in System Administration Guide: Basic Administration.

2. Configure a 6to4 pseudo-interface on the router by creating the /etc/hostname6.ip.6to4tun0 file.

   • If you plan to use the recommended convention of subnet ID=0 and host ID=1, use the short format for /etc/hostname6.ip.6to4tun0:

     tsrc IPv4-address up

   • If you plan to use other conventions for the subnet ID and host ID, use the long format for /etc/hostname6.ip.6to4tun0:

     tsrc IPv4-address 2002:IPv4-address:subnet-ID:interface-ID:/64 up

   The required parameters for /etc/hostname6.ip.6to4tun0 follow:

   tsrc

   Indicates that this interface is used as a tunnel source.

   IPv4-address

   Specifies, in dotted-decimal format, the IPv4 address that is configured on the physical interface to become the 6to4 pseudo-interface.

   The remaining parameters are optional. However, if you specify one optional parameter, you must specify all optional parameters.

   2002

   Specifies the 6to4 prefix.

   IPv4–address

   Specifies, in hexadecimal notation, the IPv4 address of the pseudo-interface.

   subnet-ID

   Specifies, in hexadecimal notation, a subnet ID other than 0.

   interface-ID

   Specifies an interface ID other than 1.

   /64

   Indicates that the 6to4 prefix has a length of 64 bits.

   up

   Configures the 6to4 interface as “up.”

   ---

   Note –

   Two IPv6 tunnels on your network cannot have the same source address and the same destination address. Packets are dropped as a result. This type of event can happen if a 6to4 router also performs tunneling through the atun command. For information about atun, refer to the tun(7M) man page.

   ---

3. (Optional) Create additional 6to4 pseudo-interfaces on the router.

   Each prospective 6to4 pseudo-interface must have an already configured, globally unique IPv4 address.

4. Reboot the 6to4 router.

5. Verify the status of the interface.

   # ifconfig ip.6to4tun0 inet6

   If the interface is correctly configured, you receive output that is similar to the following:

   ip.6to4tun0: flags=2200041<UP,RUNNING,NONUD,IPv6>mtu 1480 index 11 inet tunnel src 111.222.33.44 tunnel hop limit 60 inet6 2002:6fde:212c:10:/64

6. Edit the /etc/inet/ndpd.conf file to advertise 6to4 routing.

   For detailed information, refer to the ndpd.conf(4) man page.

   1. Specify the subnet to receive the advertisement in the first line.

      Create an if entry with the following format:

      if subnet-interface AdvSendAdvertisements 1

      For example, to advertise 6to4 routing to the subnet that is connected to interface hme0, replace subnet-interface with hme0.

      if hme0 AdvSendAdvertisements 1

   2. Add the 6to4 prefix as the second line of the advertisement.

      Create a prefix entry with following format:

      prefix 2002:IPv4-address:subnet-ID::/64 subnet-interface

7. Reboot the router.

   Alternatively, you can issue a sighup to the /etc/inet/in.ndpd daemon to begin sending router advertisements. The IPv6 nodes on each subnet to receive the 6to4 prefix now autoconfigure with new 6to4-derived addresses.

8. Add the new 6to4-derived addresses of the nodes to the name service that is used at the 6to4 site.

   For instructions, go to Configuring Name Service Support for IPv6.

Example 6–10 6to4 Router Configuration (Short Form)

The following is an example of the short form of /etc/hostname6.ip.6to4tun0:

# cat /etc/hostname6.ip.6to4tun0
tsrc 111.222.33.44 up

Example 6–11 6to4 Router Configuration (Long Form)

Here is an example of the long form of /etc/hostname6.ip.6to4tun0:

# cat /etc/hostname6.ip.6to4tun0
tsrc 111.222.33.44 2002:6fde:212c:20:1/64 up

Example 6–12 ifconfig Output Showing 6to4 Pseudo-Interface

The following sample shows output of the ifconfig command for a 6to4 pseudo-interface:

# ifconfig ip.6to4tun0 inet6
ip.6to4tun0: flags=2200041<UP,RUNNING,NONUD,IPv6> mtu 1480 index 11
        inet tunnel src 192.168.87.188
        tunnel hop limit 60 
        inet6 2002:c0a8:57bc::1/64 

Example 6–13 6to4 Advertisements in/etc/inet/ndpd.conf

The following sample /etc/inet/ndpd.conf file advertises 6to4 routing on two subnets:

if qfe0 AdvSendAdvertisements 1
prefix  2002:c0a8:57bc:10::/64 qfe0 

if qfe1 AdvSendAdvertisements 1
prefix  2002:c0a8:57bc:2::/64 qfe1

Configuring Multiple Routers at the 6to4 Site

For a multiple router site, the routers behind the 6to4 router might require further configuration to support 6to4. If your site uses RIP, you must configure on each non-6to4 router the static routes to the 6to4 router. If you use a commercial routing protocol, you do not need to create static routes to the 6to4 router.