Tunneling IPv6 Dynamic Routing Protocols over IPv4

In this short article, we will explore the options we have for running dynamic routing protocols in IPv6-over-IPv4 tunnels. If you’d like to skip to the results, just scroll to the very bottom of the page.

We will use the following topology, with one tunnel interface per tunneling method:

Tunnel #

Mode

100

GRE

200

Manual 6in4

300

6to4

400

6RD

R1 tunnel configuration:

ipv6 unicast-routing
!
int tun100
 description GRE
 ipv6 add 2001:db8:100::1/64
 tunnel source lo0
 tunnel destination 3.3.3.3
 tunnel mode gre ip               ! This is the default
!
int tun200
 description 6in4
 ipv6 address 2001:db8:200::1/64
 tunnel source Lo0
 tunnel destination 3.3.3.3
 tunnel mode ipv6ip
!
int tun300
 description 6to4
 ipv6 address 2002:0101:0101::1/48   ! 1.1.1.1 in Hex is 0x01010101
 tunnel source lo0
 tunnel mode ipv6ip 6to4
!
ipv6 route 2002::/16 tun300
!
int tun400
 description 6rd
 ipv6 address 2001:db8:400:0101:0101::1/80   ! /48 prefix plus 32 bit IP in hex = /80
 tunnel source lo0
 tunnel mode ipv6ip 6rd
 tunnel 6rd prefix 2001:db8:400::/48         ! 6RD allows you to use any prefix
!
ipv6 route 2001:db8:400::/48 tun400

R3 tunnel configuration:

ipv6 unicast-routing
!
int tun100
 description GRE
 ipv6 add 2001:db8:100::3/64
 tunnel source lo0
 tunnel destination 1.1.1.1
 tunnel mode gre ip               ! This is the default
!
int tun200
 description 6in4
 ipv6 address 2001:db8:200::3/64
 tunnel source Lo0
 tunnel destination 1.1.1.1
 tunnel mode ipv6ip
!
int tun300
 description 6to4
 ipv6 address 2002:0303:0303::3/48   ! 3.3.3.3 in Hex is 0x03030303
 tunnel source lo0
 tunnel mode ipv6ip 6to4
!
ipv6 route 2002::/16 tun300
!
int tun400
 description 6rd
 ipv6 address 2001:db8:400:0303:0303::3/80   ! /48 prefix plus 32 bit IP in hex = /80
 tunnel source lo0
 tunnel mode ipv6ip 6rd
 tunnel 6rd prefix 2001:db8:400::/48         ! 6RD allows you to use any prefix
!
ipv6 route 2001:db8:400::/48 tun400

Ping verifcation to make sure all tunnels are reachable:

R1#ping 2001:db8:100::3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8:100::3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/2/3 ms.

R1#ping 2001:db8:200::3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8:200::3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 3/3/4 ms

R1#ping 2002:0303:0303::3    
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2002:303:303::3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/2/3 ms

R1#ping 2001:db8:400:0303:0303::3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8:400:303:303::3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/3/4 ms

Testing

Tunneling OSPFv3 over IPv4

First we’ll try to establish an OSPF adjacency on all tunnels:

#R1 and R2

int tun100
 ipv6 ospf 1 area 0
int tun200
 ipv6 ospf 1 area 0
int tun300
 ipv6 ospf 1 area 0
int tun400
 ipv6 ospf 1 area 0

! By default, OSPFv3 will pick the loopback for the RID, so this is the minimum configuration needed

OSPF is only established on tun100 and tun200. These are our two point-to-point tunnels, for which a tunnel destination is explicitly specified. Therefore broadcast/multicast traffic is tunneled directly to the destination. 6to4 and 6rd have no destination specified - the IPv4 tunnel endpoint destinatinon is dynamically generated based on the IPv6 destination.

R1#show ipv6 ospf nei

            OSPFv3 Router with ID (1.1.1.1) (Process ID 1)

Neighbor ID     Pri   State           Dead Time   Interface ID    Interface
3.3.3.3           0   FULL/  -        00:00:39    18              Tunnel200
3.3.3.3           0   FULL/  -        00:00:34    17              Tunnel100

Tunneling ISIS over IPv4

Next we’ll try to run ISIS over the tunnel interfaces.

#R1
router isis
 net 49.0001.0000.0000.0001.00

#R2
router isis
 net 49.0001.0000.0000.0003.00

#R1 and R2
int tun100
 ipv6 router isis
int tun200
 ipv6 router isis
int tun300
 ipv6 router isis
int tun400
 ipv6 router isis

An ISIS adjacency only forms on tun100, which is our GRE tunnel. Why is that?

R1#show isis neighbors 

System Id       Type Interface     IP Address      State Holdtime Circuit Id
R3              L1L2 Tu100                         UP    27       09

This is because ISIS discovery frames do not use IPv6. GRE is able to encapsulate any protocol, but 6in4 can only encapsulation IPv6 in IPv4. In the pcap below, you can see the protocol type is OSI in the GRE header:

The manual 6in4 tunnel cannot encapsulate non-IPv6 traffic.

Tunneling BGP IPv6 Unicast over IPv4

Finally we’ll run BGP for IPv6 over the tunnels, creating one peer per tunnel:

#R1
router bgp 65001
 neighbor 2001:db8:100::3 remote-as 65003
 neighbor 2001:db8:200::3 remote-as 65003
 neighbor 2002:0303:0303::3 remote-as 65003
 neighbor 2001:db8:400:0303:0303::3 remote-as 65003
 !
 address-family ipv6 unicast
   neighbor 2001:db8:100::3 activate
   neighbor 2001:db8:200::3 activate
   neighbor 2002:0303:0303::3 activate
   neighbor 2001:db8:400:0303:0303::3 activate

#R3
router bgp 65003
 neighbor 2001:db8:100::1 remote-as 65001
 neighbor 2001:db8:200::1 remote-as 65001
 neighbor 2002:0101:0101::1 remote-as 65001
 neighbor 2001:db8:400:0101:0101::1 remote-as 65001
 !
 address-family ipv6 unicast
   neighbor 2001:db8:100::1 activate
   neighbor 2001:db8:200::1 activate
   neighbor 2002:0101:0101::1 activate
   neighbor 2001:db8:400:0101:0101::1 activate

All four BGP sessions come up, because the BGP session uses a unicast TCP connection, not multicast discovery.

R1#show bgp ipv6 uni sum
BGP router identifier 1.1.1.1, local AS number 65001
BGP table version is 1, main routing table version 1

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
2001:DB8:100::3 4        65003       4       4        1    0    0 00:00:57        0
2001:DB8:200::3 4        65003       4       4        1    0    0 00:01:01        0
2001:DB8:400:303:303::3
                4        65003       4       4        1    0    0 00:01:00        0
2002:303:303::3 4        65003       4       4        1    0    0 00:00:58        0

Summary

GRE

6in4 (Manual)

6to4

6rd

OSPF/EIGRP/RIP (Any dynamic routing protocol that uses IP)

✔️

✖️

ISIS

✔️

✖️

BGP

✔️

PreviousMAP (Mapping of Address and Port)NextMulticast

Last updated 3 years ago