IPv6 over IPv4 tunneling
Implementation
IPv6 over IPv4 tunneling enables isolated IPv6 networks to communicate, as shown in Figure 76.
![[NOTE: ]](images/note.png) | NOTE: The devices at the ends of an IPv6 over IPv4 tunnel must support the IPv4/IPv6 dual stack. | |
Figure 76: IPv6 over IPv4 tunnel
The IPv6 over IPv4 tunnel processes packets by using the following steps:
A host in the IPv6 network sends an IPv6 packet to Device A at the tunnel source.
After Device A receives the IPv6 packet, it processes the packet as follows:
Searches the routing table to identify the outgoing interface for the IPv6 packet.
The outgoing interface is the tunnel interface, so Device A knows that the packet needs to be forwarded through the tunnel.
Encapsulates the IPv6 packet with an IPv4 header and forwards it through the physical interface of the tunnel.
In the IPv4 header, the source IPv4 address is the IPv4 address of the tunnel source, and the destination IPv4 address is the IPv4 address of the tunnel destination.
Upon receiving the packet, Device B de-encapsulates the packet.
If the destination address of the IPv6 packet is itself, Device B forwards it to the upper-layer protocol. If not, Device B forwards it according to the routing table.
Tunnel modes
IPv6 over IPv4 tunnels include manually configured tunnels and automatic tunnels, depending on how the IPv4 address of the tunnel destination is acquired.
Manually configured tunnel—The destination IPv4 address of the tunnel cannot be automatically acquired from the destination IPv6 address of an IPv6 packet at the tunnel source. It must be manually configured.
Automatic tunnel—The destination IPv4 address of the tunnel can be automatically acquired from the destination IPv6 address (with an IPv4 address embedded) of an IPv6 packet at the tunnel source.
According to the way an IPv6 packet is encapsulated, IPv6 over IPv4 tunnels are divided into the following modes.
Table 11: IPv6 over IPv4 tunnel modes and key parameters
Tunnel type | Tunnel mode | Tunnel source/destination address | Destination IPv6 address format |
|---|---|---|---|
Manually configured tunnel | IPv6 over IPv4 manual tunneling | The source and destination IPv4 addresses are manually configured. | Ordinary IPv6 address |
Automatic tunnel | Automatic IPv4-compatible IPv6 tunneling | The source IPv4 address is manually configured. The destination IPv4 address is automatically obtained. | IPv4-compatible IPv6 address, in the format of ::IPv4-destination-address/96, where the IPv4-destination-address is the IPv4 address of the tunnel destination. |
6to4 tunneling | The source IPv4 address is manually configured. The destination IPv4 address is automatically obtained. | 6to4 address, in the format of 2002:IPv4-destination-address::/48, where the IPv4-destination-address is the IPv4 address of the tunnel destination. | |
ISATAP tunneling | The source IPv4 address is manually configured. The destination IPv4 address is automatically obtained. | ISATAP address, in the format of Prefix:0:5EFE:IPv4-destination-address/64 where the IPv4-destination-address is the IPv4 address of the tunnel destination. |
IPv6 over IPv4 manual tunneling—A point-to-point link and its source and destination IPv4 addresses are manually configured. This type of tunneling provides the following solutions:
Connect isolated IPv6 networks over an IPv4 network.
Connect an IPv6 network to an IPv4/IPv6 dual-stack host over an IPv4 network.
Automatic IPv4-compatible IPv6 tunneling—A point-to-multipoint link. Both ends of the tunnel use IPv4-compatible IPv6 addresses. The address format is 0:0:0:0:0:0:a.b.c.d/96, where a.b.c.d is the IPv4 address of the tunnel destination. This mechanism simplifies tunnel establishment.
Automatic IPv4-compatible IPv6 tunnels have limitations because IPv4-compatible IPv6 addresses must use globally unique IPv4 addresses.
6to4 tunneling
Ordinary 6to4 tunneling—A point-to-multipoint automatic tunnel. It is used to connect multiple isolated IPv6 networks over an IPv4 network. The destination IPv4 address of a 6to4 tunnel is embedded in the destination 6to4 address of packets. This mechanism enables the device to automatically obtain the tunnel destination address, simplifying tunnel establishment.
The 6to4 address format is 2002:abcd:efgh:subnet number::interface ID/48. 2002 is the fixed IPv6 address prefix, and abcd:efgh represents a 32-bit globally unique IPv4 address in hexadecimal notation. For example, 1.1.1.1 can be represented by 0101:0101. The IPv4 address identifies a 6to4 network (an IPv6 network where all hosts use 6to4 addresses). The border router of a 6to4 network must have the IPv4 address abcd:efgh configured on the interface connected to the IPv4 network. The subnet number identifies a subnet in the 6to4 network. The subnet number::interface ID uniquely identifies a host in the 6to4 network.
6to4 tunneling uses an IPv4 address to identify a 6to4 network. This method overcomes the limitations of automatic IPv4-compatible IPv6 tunneling.
6to4 relay—Connects a 6to4 network to an IPv6 network that uses an IP prefix other than 2002::/16. A 6to4 relay router is a gateway that forwards packets from a 6to4 network to an IPv6 network.
As shown in Figure 77, 6to4 network Site 1 communicates with IPv6 network Site 3 over a 6to4 tunnel. Configure a static route on the border router (Device A) in the 6to4 network. The next-hop address must be the 6to4 address of the 6to4 relay router (Device C). Device A forwards all packets destined for the IPv6 network over the 6to4 tunnel, and Device C then forwards them to the IPv6 network.
Figure 77: Principle of 6to4 tunneling and 6to4 relay
ISATAP tunneling—An ISATAP tunnel is a point-to-multipoint automatic tunnel. It provides a solution to connect an IPv6 host to an IPv6 network over an IPv4 network.
The destination addresses of IPv6 packets are all ISATAP addresses. The ISATAP address format is prefix:0:5EFE:abcd:efgh. The 64-bit prefix is a valid IPv6 unicast address prefix. The abcd:efgh/64 segments represent a 32-bit IPv4 address, which identifies the tunnel destination but does not require global uniqueness.
ISATAP tunnels are mainly used for communication between IPv6 routers or between an IPv6 host and an IPv6 router over an IPv4 network.
Figure 78: Principle of ISATAP tunneling
