Basic IPv6 Tunneling Technology knowledge

With the depletion of IPv4 addresses, IPv6 is necessary for application. However, most networks around the world are still using IPv4, so the transition from IPv6 to IPv4 must be gradual, which is a relatively slow process, in this case, we need to use the IPv6 Tunneling Technology to connect the IPv4 network with the IPv6 network.

There are three types of IPv4 and IPv6 Tunneling technologies:

DualStack) tunnel encapsulation Tunneling) protocol conversion technology NAT)

How IPv6 packet tunnel transmission works in IPv4:

When an IPv6 packet is transmitted in an IPv4 Tunnel, the original packet header and payload are not modified. Only insert an IPv4 packet header before the IPv6 packet. In this way, the packet header contains the Source and Destination IPv6 addresses of the end-to-end IPv6 session, and the outer packet header contains the Source and Destination IPv4 addresses of the tunnel endpoint. Both ends of the tunnel need to encapsulate and deencapsulate IPv6 data packets, so the devices at both ends must support both IPv4 and IPv6.

IPv6 packet IPv4 Encapsulation has some problems:

1. maximum Transmission unit and segment of the tunnel: The minimum MTU value of IPv6 is 1280 bytes, after tunnel, an IPv4 packet header is added to reduce the MTU of the data packet from 1500 to 1480 bytes, resulting in an increase in the number of data packets.

2. An error occurred while handling ICMPv4 messages in IPv4: Earlier vrouters only send ICMPv4 messages when an error occurs. IPv6 error messages are not supported.

3. Filter Protocol 41: Protocol 41 indicates the Protocol number used to represent 6TO4tunnel in the protocol field of the IPv4 header. 1 ICMP, 2 IGMP, 6TCP, 17UDP, 45 IRDP, 46 RSVP, 47GRE, 88 IGRP, 89 OSPF.

4. Network Address Translation NAT: The IPv6inIPv4 tunnel cannot pass through a NAT (for example, N2) that enables dynamic port translation (pool) and Port redirection mode ).

IPv6 Tunneling Technology

1. Configure the tunnel

2. Tunneling proxy technology

3. tunnel server

4. Use 6TO4

5. GRE Tunnel

6. Automatic addressing of ISATAP inter-site tunnels

7. Automatic IPv4 compatibility Tunnel

1. Configure the tunnel

The configuration tunnel is statically configured on the dual-stack node. The IPv4 and IPv6 addresses of the tunnel must be manually configured at each end of the tunnel.

Local IPv4 address: the local dual-stack node can be reached on the IPv4 network. The local IPv4 address is the source IPv4 address used to output traffic.

Remote IPv4 address: the local dual-stack node can be reached on the IPv4 network. The remote IPv4 address is used as the destination IPv4 address for output traffic.

Local IPv6: the IPv6 address allocated to the tunnel interface locally.

Ii. Tunnel proxy

CiscoIOS does not support tunnel proxy

A tunnel proxy is an external system server. It acts as a server in an IPv4 network and accepts requests for creating tunnels on Dual-stack nodes.

Iii. tunnel server

CiscoIOS does not support tunnel proxy

The tunnel server is a simplified model of the tunnel proxy. The tunnel server combines the proxy with the dual-Stack Router instead of using two separate systems. The tunnel proxy and tunnel server are considered to be IPv4 routing domain dual-stack nodes that do not require manual operation to deploy the tunnel automatic operation mechanism.

4. Use 6TO4

IETF (Inter Internet Engineering Task Group) introduces 6to4 technology to simplify IPv6 Tunneling configuration on IPv4 networks

The IPv6 network is connected through an IPv4 network. The 6to4 mechanism has the following features;

1. Automatic tunnel: Tunnel is used dynamically between sites composed of IPv6 nodes. You do not need to manually adjust the Source and Destination IPv4 addresses of the tunnel.

2. Enable at the edge of the site: 6to4 should be enabled on the border router at the edge of the site. You must use IPv4 to route the infrastructure to other 6to4 sites and 6to4 routers.

3. automatic prefix allocation: provides each 6to4 site with a reliable global unicast IPv6 prefix (2002:/16) at least one global unicast IPv4 address of the 6to4 router must be allocated for the 6to4 site. The IPv4 address and IPv6 global unicast address are used to form a brand new IPv6 global unicast address (2002: ipv4 address:/48 ).

4. There is no IPv6 route propagation in the IPv4 domain

5. deploying IPv6 tunnel technology through GRE

CiscoIOS software technology supports GRE tunneling encapsulation of IPv6 packets. The GRE tunnel must be statically configured between routers that allow the transmission of IPv6 packets through the existing IPv4 infrastructure. By default, there are only the first two fields. Flag is used to indicate that the GRE header starts. In the protocol type, 0X800 is used to indicate that the subsequent IP addresses are

6. ISATAPIntrasiteAutomaticTunnelAddressProtocol) tunnel automatic addressing

The automatic inter-site tunnel addressing technology is a tunneling mechanism for transmitting IPv6 packets based on IPv4 addresses in a broadcast domain. It can create a virtual IPv6 network on an IPv4 network. You do not need to specify the destination address in this tunnel. In fact, IPv6 addresses are automatically generated based on local IPv4 addresses. The IPv6 address prefix 64-bit uses an aggregated global unicast IPv6 Address 2001:/16, 2002:/16, 3ffe:/16) the last 64 bits use 0000: 5efe plus 32-bit IPv4 addresses

VII. Automatic IPv4 compatibility Tunnel

Cisco supports the automatic IPv4 compatibility tunnel mechanism, but the router is regarded as a host. However, compared with other mechanisms, the automatic IPv4 compatibility tunnel mechanism has been abolished.

The IPv6 address of the automatic IPv4-compatible tunnel uses a specific IPv6 address:/96. For example, IPv4206.123.31.200, IPv6: 206.123.31.200