IPv6 tunneling over IPv4 using manually configured tunnels


	NOTE: All commands previously in the Summary of commands table are indexed under the entry Command syntax.

IPv6 over IPv4 tunneling is a way to establish point-to-point tunnels by encapsulating IPv6 packets within IPv4 headers so that they can be carried over the IPv4 routing infrastructure. IPv6 over IPv4 tunneling provides a mechanism for utilizing the existing IPv4 routing infrastructure to carry IPv6 traffic between IPv6 networks.

There are a number of IPv6 tunneling mechanisms. Currently only tunneling IPv6 traffic over an IPv4 network through 6in4 manually configured tunnel endpoints is supported.

Tunnels are an additional routing interface type, similar to a VLAN interface or a loopback interface. Routing into 6in4 tunnels is supported for:

A standard route table lookup
Static Routes
Policy Based Routing (PBR)
Running OFPFv3 over the point-to-point tunnel interface

See RFC 4213 Basic Transition Mechanisms for IPv6 Hosts and Routers for more information about tunneling.

Tunneling can be used for:

Router to router—IPv4 routers connected by an IPv4 infrastructure can tunnel IPv6 packets among themselves. The tunnel spans one segment of the end-to-end path.
Host to router—IPv4 and IPv6 hosts can tunnel IPv6 packets to an intermediary IPv6 or IPv4 router that is reachable through an IPv4 infrastructure. The tunnel spans the first segment of the end-to-end path.
Host to host—IPv6 or IPv4 hosts that are interconnected by an IPv4 infrastructure can tunnel IPv6 packets among themselves. The tunnel spans the entire end-to-end path.
Route to host— IPv6 or IPv4 routers can tunnel IPv6 packets to their final destination IPv6 or IPv4 host. This tunnel spans only the last segment of the end-to-end path.

Configured tunnels are in the router-to-router configuration because the tunnel endpoints need to be explicitly configured.

The tunnel endpoint includes:

The entry node of the tunnel (the encapsulator), which creates an encapsulating IPv4 header and sends the encapsulated packet. Which packets to tunnel is determined by a routing table lookup based on the IPv6 address.
The exit node of the tunnel (the decapsulator):
- receives the encapsulated packet
- reassembles the packet if needed
- removes the IPv4 encapsulating header
- processes the IPv6 packet in the usual manner

The decapsulator matches received packets to the tunnels it has configured, and only processes packets where the IPv4 source and destination addresses match the endpoint addresses of the configured tunnels. A tunnel’s IPv4 address must be the same on both the encapsulator and the decapsulator. IPv4 routing switches route the packet based on the IPv4 header.

IPv6 traffic can travel the tunnel in either direction. Each end node can be either the encapsulator or the decapsulator depending on the flow of the IPv6 traffic.

Conceptual Example of a Tunnel

Conceptual Example of a Tunnel

A tunnel is treated as a single point-to-point link; the encapsulator and decapsulator behave as IPv6 neighbors on that link. The encapsulator and decapsulator assign IPv6 link-local addresses to the interface and may also assign IPv6 global addresses. Neighbor discovery and duplicate address detection are implemented as they are on any other IPv6 interface.

Configuring a tunnel interface

An IPv6 address is configured on the tunnel interface in the same way that it would be on other IP routing interfaces, such as VLANs. IPv4 addresses are configured as the tunnel source and tunnel destination endpoint addresses.

To create a tunnel, enter this command in the global config context.

Syntax

[no] interface tunnel 1 - 128

Creates a tunnel. Tunnel interface context is entered.

The no form of the command removes the tunnel configuration.

To enable or disable the tunnel, enter this command in tunnel context.

Syntax

tunnel [ enable | disable ]

Enables or disables the tunnel. The enable command only succeeds if all mandatory parameters such as source and destination addresses for the tunnel are configured.

If disable is specified, the tunnel configuration is not removed.

Default: Enabled

To optionally configure a name for the tunnel, enter this command in tunnel context.

Syntax

[no] tunnel name string

Optional; Provides a name for the tunnel. The name must be unique for all existing tunnels. The no form of the command removes the name for the tunnel.

Creating, Enabling, and Naming a Tunnel

HP Switch(config)# interface tunnel 3
HP Switch(tunnel-3)# tunnel enable
HP Switch(tunnel-3)# tunnel name Redtunnel

Configuring the Tunnel Mode

The tunnel mode configures the tunnel encapsulation type. The only mode currently supported is 6in4 mode.

Syntax

[no] tunnel mode [ 6in4 | unspecified ]

Configures the type of tunnel.

6in4

IPv6 packets encapsulated and transported over an IPv4 network.

unspecified

Set the tunnel to be unspecified.

Configuring tunnel mode

HP Switch(tunnel-3)# tunnel mode 6in4

Configuring the tunnel source

When encapsulating a packet, the source IP address is used in the encapsulating IPv4 header. When decapsulating a packet, this address is matched against the destination IP address in the encapsulating IPv4 header to determine if the packet was received on a valid, configured tunnel. The command is executed in tunnel context.

Syntax

[no] tunnel source [ ipv4-addr | ipv6-addr ]

Configures the IPv4 or IPv6 address of the source (local) end of the tunnel. Must not be the same address as the tunnel destination.

Tunnel mode must be configured before tunnel source.

You cannot configure the same source and destination address pair on more than one tunnel interface.

Configuring the tunnel destination

When an encapsulating packet is sent into a tunnel, the tunnel destination address is used in the encapsulating IPv4 header. When decapsulating a packet, this address is matched against the source IP address in the encapsulating IPv4 header to determine if the packet was received on a valid, configured tunnel. The command is executed in tunnel context.

Syntax

[no] tunnel destination [ ipv4-addr | ipv6-addr ]

Configures the IPv4 or IPv6 address of the remote end of the tunnel. Must not be the same address as the tunnel source. Tunnel mode must be configured before tunnel destination.

Configuring Destination and Source Addresses

HP Switch(tunnel-3)# tunnel source 20.30.30.3
HP Switch(tunnel-3)# tunnel destination 10.20.20.2

Configuring the static MTU

Only the static tunnel MTU option is supported. Enter this command in tunnel context.


	NOTE: The MTU value should be the same for the source and the destination switch.

Syntax

[no] tunnel mtu [1280 - 9198 ]

Configures the static MTU for the tunnel.

Default: 1280

Configuring a Static MTU

HP Switch(tunnel-3)# tunnel mtu 1500

Configuring a value for TOS

To configure a value to use for the TOS byte in the encapsulating IPv4 header when encapsulating a packet to send over the tunnel interface, enter this command in tunnel context. If no value is specified, the value of the TOS byte is determined from the traffic class field of the IPv6 header.

Syntax

[no] tunnel tos [ 0 - 63 | copy | use-qos ]

Configures a value to use for the TOS byte.

0 - 63

Range of static values.

copy

The TOS bits are copied from the IPv6 header. This is the default.

use-qos

Use the value returned by the QoS classifier.

Configuring a TTL for the Packet

HP Switch(tunnel-3)# tunnel tos use-qos

Configuring a value for time-to-live (TTL)

Use this command to configure the TTL in the encapsulating IPv4 header when encapsulating a packet to send over the tunnel. Enter this command in tunnel context.

Syntax

[no] tunnel ttl [ 0 - 255 | copy ]

Configures the time-to-live.

copy

When specified, the value of the TTL field from the IPv6 header is used in the IPv4 header.

Default : 64 seconds

Configuring a TTL for the Packet

HP Switch(tunnel-3)# tunnel ttl 100

prev		next
OSPFv3 passive	home	Manual 6in4 tunneling

`6in4`	IPv6 packets encapsulated and transported over an IPv4 network.
`unspecified`	Set the tunnel to be unspecified.

`0 - 63`	Range of static values.
`copy`	The TOS bits are copied from the IPv6 header. This is the default.
`use-qos`	Use the value returned by the QoS classifier.