Describes the principle of IPv6 Tunneling

The network is called a network because of its large system and there are no isolated islands. With the use of IPv6, there is a small island in the network. In order to connect networks of the two protocol versions, we need to use the IPv4/IPv6 Tunneling mechanism to accomplish this arduous task. How can we achieve this? Next we will explain in detail the tunneling technology.

Tunneling Technology

Before an IPv6 network completely replaces an IPv4 network, some access network technologies first have an IPv6 protocol stack. In general, in the early stage of transition, we often compare these networks to IPv6 islands in the IPv4 ocean. The problem of transition can be divided into two categories: the first is to solve the problem of communication between these IPv6 islands; the second is to solve the problem of communication between the IPv6 islands and the IPv4 oceans.

The purpose of IPv6/IPv4 tunneling technology is to use existing IPv4 facilities to serve IPv6 hosts, so that scattered IPv6 "isolated islands" can communicate with each other across IPv4 networks. When an IPv6 packet passes through an IPv4 network, no matter which tunnel mechanism is to use a "packet-Unpacking" process, that is, the tunnel endpoint at the sending end encapsulates the IPv6 packet in an IPv4 packet, the IPv6 packet is regarded as IPv4 load data, and the protocol field of the IPv4 packet header is set to 41, which indicates that the load of the IPv4 packet is an IPv6 encapsulation package, the package is then transmitted on the IPv4 network. When an IPv4 packet whose protocol field is 41 reaches the Tunnel endpoint at the receiving end, the IPv4 packet header of the package is removed from the endpoint and the IPv6 packet is taken out for further processing. How to determine the source and destination addresses of an IPv6 package during IPv4 encapsulation is a key issue of encapsulation, the main difference between the existing IPv4/IPv6 Tunneling mechanism is how to determine the IPv4 packet address.

Configure tunnel manually

Manual configuration of Tunnel Configured Tunnel) is an end-to-end mechanism that requires the administrators at both ends of the Tunnel to work together to establish the Tunnel. When the administrator configures both ends of the tunnel, the IPv4 address at both ends of the tunnel interface should be specified first. When IPv4 encapsulation is performed on all IPv6 packets transmitted in this tunnel, both the Source and Destination IPv4 addresses are extracted from the configuration information. The administrator needs to set the required route information to determine which IPv6 packets need to be transmitted through tunnel.

As Manual Tunnel Configuration is the first transition mechanism supported by IPv6, it is widely supported at present. This mechanism does not require that the IPv6 address of the host using the tunnel contain some fixed information, and the address usage is flexible. However, the disadvantage of this method is that both the IPv6 address and IPv4 address at both ends of the manually configured tunnel must be negotiated and set in advance to complete the tunnel configuration at both ends, this puts a great burden on access network technical management personnel. Manual manual configuration requires tens of thousands of tunnels to be processed every day, resulting in low efficiency and prone to errors.

The tunnel proxy model is proposed to simplify the tunnel establishment workload, especially the workload at the tunnel server end. The tunnel proxy system provides a mechanism to simplify Tunnel Configuration and reduce heavy tunnel configuration work. The idea of tunnel proxy is to provide a dedicated server as the tunnel proxy to automatically manage the tunnel requests sent by users. You can easily establish a tunnel connection with the IPv6 network through the tunnel proxy to access externally available IPv6 resources. The tunnel proxy transition mechanism attracts more IPv6 users in the early stages of IPv6, and enables them to conveniently and quickly implement IPv6 connections through the IPv4/IPv6 Tunneling mechanism, it also provides a simple and quick access method for early IPv6 providers.

Automatic Tunnel Configuration

Automatically configure Tunnel) A two-way Tunnel needs to be established statically, and the party configuring the Tunnel does not need to work with other parties. The system creates a tunnel interface or contains IPv4 address information in the IPv6 address. In this way, the IPv4 address can be extracted from the IPv6 address when the tunnel encapsulates the IPv6 package and an IPv4 header can be entered; alternatively, an IPv4 addressing method is provided to obtain the IPv4 address of the Peer end using the addressing technology. Currently, the following five automatic tunneling technologies are commonly used.

◆ Automatic tunnel technology using IPv4-compatible addresses: Automatic tunnel can achieve point-to-point connections, which is characteristic of this technology. Manual tunneling is only a point-to-point connection. IPv4 is compatible with the IPv6 automatic tunnel technology, which can automatically generate tunnels. We know that a tunnel must have a start point and an end point. After the start point and the end point are determined, the tunnel can be determined. In the IPv4-compatible IPv6 automatic tunnel, we only need to tell the device tunnel start point that the tunnel end point is automatically generated by the device. To enable devices to automatically generate endpoints, an IPv4-compatible IPv6 tunnel must use a special address: IPv4-compatible IPv6 address.

◆ 6over4 technology: the IPv4 multicast mechanism is used to implement virtual links and automatically establish a tunnel mechanism. The interfaces using this mechanism use the NDNeighbor disbor protocol proposed in RFC2461 for addressing. When an IPv6 packet needs to be encapsulated, the IPv6 layer sends the ND request packet to address the destination IPv6 address, the 6over4 interface encapsulates an IGMP header in the ND request packet and sends it to the IPv4 multicast domain. In this multicast domain, if another 6over4 interface has the requested IPv6 address, then, the interface sends the ND response packet containing its IPv4 address in the same way. After the query interface receives the ND response, it can obtain the IPv4 address of the Target Interface.

◆ 6to4 technology: the 6to4 address is required for interfaces using this mechanism. The prefix format is 2002: IPv4 Addr:/48. This mechanism requires two types of routers. The two types of routers are: (1) 6to4 Router 6to4 Router), as an IPv6 domain egress Router, the outgoing interface is the 6to4 interface; (2) 6to4 Relay Router), which serves as the 6to4 Router for multiple 6to4 Router Relay routers, generally, you can set the default route of the 6to4 Router as a 6to4 relay route, and set the corresponding route information in this relay Router to connect to multiple IPv6 domains.

◆ ISATAP (Intra-Site automation IC Tunnel Addressing Protocol) technology: it is an in-Site Automatic Tunnel Protocol. Use the ISATAP server to assign the ISATAP prefix. The domain host obtains the prefix by using the ISATAP interface to form the ISATAP address Prefix: 5EFE: IPv4 addr/64.

◆ Teredo technology: Teredo is an Address Allocation and an automatic IPv4/IPv6 tunnel mechanism that enables IPv6 unicast connections across the IPv4 Internet. It encapsulates IPv6 data packets in UDP/IPv4 data packets for transmission. In special address format, in addition to the fixed Teredo prefix, the IPv4 address of the Teredo server, the public IPv4 address of the client, and the UDP port are also inserted into the IPv6 address.