Summarize the interconnection methods between five types of IPv6 and IPv4

There are many communication methods between IPv6 and IPv4, but they are all based on tunnel technology. In the previous article, we have already mentioned many tunneling technologies related to IPv6 and IPv4. We will not introduce them here, but mainly summarize the communication methods of the two. Now, please refer to the following article.

Communication between IPv6 and IPv4 (1): Configuring Tunnel manually (Configured Tunnel, RFC2893)

The establishment of such a tunnel is manually configured and must be completed by the administrator of the network where the two endpoints of the tunnel are located. The endpoint address of the tunnel is determined by the configuration. You do not need to assign a special IPv6 address to the site. It is suitable for IPv6 sites that frequently communicate with each other. The encapsulation node of each tunnel must store the tunnel endpoint address. When an IPv6 package is uploaded and transmitted through the tunnel, the endpoint address is encapsulated as the destination address of the IPv4 package. Generally, the encapsulated node determines whether a packet needs to be forwarded through a Tunnel Based on the route information.

A site that uses a manually configured tunnel for communication must have an available IPv4 connection and at least one unique IPv4 address in the world. Each host in the site must support at least IPv6, And the router must support dual-stack. This mechanism is unavailable when the tunnel passes through the NAT facility.

The main disadvantage of Manual Tunnel Configuration is that the network administrator has a heavy burden, because he wants to make detailed configuration for each tunnel.

Communication between IPv6 and IPv4 (2): automatically configured Tunnel (Auto-configured Tunnel, RFC2893)

The establishment and removal of such a tunnel are dynamic, and its endpoint is determined based on the destination address of the group. It is suitable for separate hosts or sites that do not frequently communicate with each other. The automatically configured tunnel must use IPv4-Compatible IPv6 addresses (IPv4 Compatible IPv6 Address, 0: IPv4ADDR/96) for the site. There must be available IPv4 connections between these sites, each host using this mechanism requires a unique IPv4 address in the world.

Using this mechanism cannot solve the problem of IPv4 address space depletion. Using the manual configuration of tunnel sites does not require IPv4 addresses ). Another danger is that if all IPv4 route tables on the Internet are included in the IPv6 network, the expansion of the route table will be intensified. The two endpoints of this tunnel must support double-protocol stack manual configuration ). This mechanism is unavailable when the tunnel passes through the NAT facility.

Communication between IPv6 and IPv4 (3): Tunnel Broker (RFC3053-IPv6 Tunnel Broker)

Tunnel Broker is not a tunneling mechanism, but a mechanism that facilitates the construction of tunnels. It simplifies the tunnel configuration process and is suitable for obtaining IPv6 connections from a single host. Tunnel Broker can also be used between sites, but many entries may be introduced in the IPv6 routing table, resulting in the IPv6 route table being too large, violating the original intention of IPv6 design. You can obtain a persistent IPv6 address and domain name from an IPv6-supported ISP through Tunnel Broker. Tunnel Broker requires both sides of the Tunnel to support dual-stack and have available IPv4 connections. This mechanism is unavailable when the Tunnel passes through NAT facilities. Using the TB method, IPv6 ISP can easily implement access control for users and allocate network resources according to policies.

The TB conversion mechanism includes Tunnel Server (TS) and Tunnel Broker (TB ). Server and boker are on different computers, and tunnel control is usually in the web form.

Communication between IPv6 and IPv4 (4): 6 over 4 (RFC2529), IPv4 multicast Tunnel

6 over 4 is also an automatic tunnel mechanism. The IPv4 address of the tunnel endpoint is determined by Neighbor Discovery. Unlike manual tunneling, it does not require any address configuration; unlike automatic tunneling, it does not require V4-compatible V6 addresses. However, the premise of adopting this mechanism is that the IPv4 network infrastructure supports IPv4 multicast. The IPv4 multicast domain can be a globally unique IPv4 address network or a private IPv4 network. This mechanism applies to IPv6 routers that are not directly connected to an isolated IPv6 host on the physical link, so that they can use IPv4 broadcast domains as their virtual links and become fully functional IPv6 sites.

IPv6 sites connected using this method do not need IPv4 compatible addresses or manually configured tunnels. When a site over 6 4 is connected to the outside world through a router supporting over 6 4, the hosts in the site can communicate with the outside IPv6 Site. However, 6 over 4 still does not solve the problem of connecting an isolated user to the Global IPv6 Internet.

Communication between IPv6 and IPv4 (5): 6 to 4 (RFC3056)

6to4 is also an automatic tunnel construction mechanism, which requires the site to use a special IPv6 Address 2002: IPv4ADDR:/48 ), this address is automatically derived from the site's IPv4 address. Therefore, each node using the 6to4 mechanism must have at least one unique IPv4 address in the world, this allows the VBR of other domains to automatically distinguish whether the receiving endpoint of the tunnel is in the same region ). Because the IPv4 address of the tunnel endpoint can be extracted from the IPv6 address, the tunnel is automatically created. 6to4 does not introduce new entries in the IPv4 routing table, but adds only one entry to the IPv6 routing table. IPv6 ISPs using the 6to4 mechanism only need to do a small amount of management work. This mechanism is suitable for communications between sites running IPv6. 6to4 requires that at least two routers in the tunnel support dual-stack and 6to4, and the host must support at least IPv6 protocol stack.

The 6to4 mechanism allows communication between IPv6 sites using 6to4 and pure IPv6 sites through a Relay Router (6to4 Relay Router). At this time, there is no need to have an available IPv4 connection between the two endpoints, BGP4 + is recommended for relay routers.

This mechanism uses the wide-area IPv4 network as a unicast point-to-point link layer. This mechanism can be used as a conversion tool in the initial phase of V4/V6 coexistence. It can coexist with firewalls and NAT, but the NAT box must have a globally unique IPv4 address, in addition, the 6to4 mechanism and complete routing functions should be provided.

At the end of the tunnel, any 6to4 data streams from the normal IPv4 link can be accepted and unencapsulated. To prevent IPv6 spoofing, an additional source address-based packet filtering technology can be used. One way is to check whether the IPv4 address used for encapsulation is consistent with the encapsulated IPv6 Header address. This check should be set in relay router of the relay router. In any case, the V4 addresses embedded in the source and destination addresses in the 6to4 data stream must be in the globally unique Unicast address format. Otherwise, these packets will be discarded without warning.