How to Configure a 6to4 Tunnel

Language:

When configuring 6to4 tunnels, a 6to4 router must act as the IPv6 router to the nodes that are in the network's 6to4 sites. Thus, when configuring a 6to4 router, you must also configure the router as an IPv6 router on its physical interfaces. For more information about configuring an Oracle Solaris host as a router, see Configuring an IPv6 Router in Configuring an Oracle Solaris 11.4 System as a Router or a Load Balancer.

Before You Begin

Ensure that your role has the appropriate rights profile to perform this procedure. See Using Rights Profiles to Perform Network Configuration.

Create a 6to4 tunnel.
```
$ dladm create-iptun -T 6to4 -a local=address tunnel-link
```
–a local=address

Specifies the tunnel local address, which must already be existing in the system to be a valid address.

tunnel-link

Specifies the IP tunnel link. With support for meaningful names in a network-link administration, tunnel names are no longer restricted to the type of tunnel that you are creating. Instead, you can assign a tunnel any administratively-chosen name. Tunnel names consist of a string and the PPA number, for example, mytunnel0. For more information, see Rules for Valid Link Names in Configuring and Managing Network Components in Oracle Solaris 11.4.
Create the tunnel IP interface.
```
$ ipadm create-ip tunnel-interface
```
where tunnel-interface uses the same name as the tunnel link.
(Optional) Add alternative IPv6 addresses for the tunnel's use.
To advertise 6to4 routing, add the following two lines to the /etc/inet/ndpd.conf file.
```
if subnet-interface AdvSendAdvertisements 1
IPv6-address subnet-interface
```
where the first line specifies the subnet that receives the advertisement and the subnet-interface refers to the link to which the subnet is connected. The IPv6 address on the second line must have the 6to4 prefix 2000 that is used for IPv6 addresses in 6to4 tunnels.

See the ndpd.conf(5) man page.
Enable IPv6 forwarding.
```
$ ipadm set-prop -p forwarding=on ipv6
```
Choose from one of the following options:
- Reboot the router.
- Issue a sighup to the /etc/inet/in.ndpd daemon to begin sending router advertisements.
  The IPv6 nodes on each subnet to receive the 6to4 prefix autoconfigured with the new 6to4-derived addresses.
Add the new 6to4-derived addresses of the nodes to the name service that is used at the 6to4 site.
For instructions, see Chapter 4, Administering Naming and Directory Services on an Oracle Solaris System in Configuring and Managing Network Components in Oracle Solaris 11.4.

Example 28 Creating a 6to4 Tunnel

The following example shows how to create a 6to4 tunnel. Note that only IPv6 interfaces can be configured over 6to4 tunnels. In this example, the subnet interface is net0 to which the /etc/inet/ndpd.conf refers.

$ dladm create-iptun -T 6to4 -a local=192.0.2.23 tun0
$ ipadm create-ip tun0
$ ipadm show-addr
ADDROBJ           TYPE     STATE        ADDR
lo0/v4            static   ok           127.0.0.1/8
net0/v4           dhcp     ok           192.0.2.23/24
lo0/v6            static   ok           ::1/128
tun0/v6           static   ok           2002:c000:217::1/16

$ ipadm create-addr -T addrconf net0
net0/v6
$ ipadm create-addr -a 2002:c000:217:cafe::1 net0
net0/v6a
$ ipadm show-addr
ADDROBJ           TYPE     STATE        ADDR
lo0/v4            static   ok           127.0.0.1/8
net0/v4           dhcp     ok           192.0.2.23/24
lo0/v6            static   ok           ::1/128
net0/v6           addrconf ok           fe80::214:4fff:fef9:b1a9/10
net0/v6a          static   ok           2002:c000:217:cafe::1/64
tun0/v6           static   ok           2002:c000:217::1/16

$ vi /etc/inet/ndpd.conf
if net0 AdvSendAdvertisements on
prefix 2002:c000:217:cafe::0/64 net0

$ ipadm set-prop -p forwarding=on ipv6

Note that for 6to4 tunnels, the prefix for the IPv6 address is 2002.