The (Unofficial) CCNP-SP Study Guide
  • About
    • About the Author
    • About This Study Guide
  • MPLS
    • LDP
      • LDP Transport Address
      • LDP Conditional Advertisement
      • LDP Authentication
      • LDP/IGP Sync
      • LDP Session Protection
    • MPLS-TE
      • MPLS-TE Basics, Pt. 1 (TED)
      • MPLS-TE Basics, Pt.2 (RSVP)
      • MPLS-TE Basics, Pt.3 (CSPF)
      • MPLS-TE Basics, Pt.4 (Routing)
      • MPLS-TE Fast Reroute (FRR)
      • MPLS-TE with OSPF
    • Unified MPLS
    • Segment Routing
      • Introduction, Theory Pt.1
      • Introduction, Lab (OSPF) Pt.2
      • Introduction, Lab (ISIS) Pt. 3
      • Multi-Area/Level Segment Routing
      • Segment Routing using BGP
      • Migrating LDP to SR
      • LDP/SR Interworking
      • TI-LFA Pt. 1 (Theory)
      • TI-LFA Pt. 2 (Implementation)
      • TI-LFA Pt. 3 (Node and SRLG Protection)
      • SR-TE Pt. 1 (Overview)
      • SR-TE Pt. 2 (Creating an SR-TE Policy)
      • SR-TE Pt. 3 (Using a PCE)
      • SR-TE Pt. 4 (Automated Steering)
      • SR-TE Pt. 5 (On-Demand Nexthop)
      • SR-TE Pt. 6 (Flex Algo)
    • MPLS OAM
      • Classic Traceroute Behavior in MPLS Networks
      • LSP Ping
      • LSP Traceroute
  • Routing
    • BGP
      • BGP Synchronization
      • BGP Load Sharing (Multipath)
      • An Intuitive Look at Path Attributes
      • AS Path Prepending on XE and XR
      • RPL
    • BGP Security
      • BGP TTL Security, Pt. 1
      • BGP TTL Security, Pt. 2 (IOS-XE)
      • BGP TTL Security, Pt. 3 (IOS-XR)
      • BGP MD5 Authentication
      • BGP Maximum Prefixes
      • BGP RFD (Route Flap Dampening)
      • RTBH
      • Flowspec
      • BGPsec
    • L3VPN
      • An In-Depth Look at RD and RT, Pt. 1
      • An In-Depth Look at RD and RT, Pt. 2
      • An In-Depth Look at RD and RT, Pt. 3
      • An In-Depth Look at RD and RT, Pt. 4
      • Inter-AS L3VPN Pt. 1, Overview
      • Inter-AS L3VPN Pt. 2, Option A
      • Inter-AS L3VPN Pt. 3, Option B
      • Inter-AS L3VPN Pt. 4, Option C
      • CSC (Carrier Supporting Carrier)
      • PE NAT
    • OSPF
      • Type 7 to Type 5 Translation
      • OSPF Authentication
      • Troubleshooting OSPF Adjacencies
      • OSPFv3 LSA Types
      • OSPFv3 LSAs Example (Single Area)
    • ISIS
      • The Potential for Asymmetric Routing with Multi-Area ISIS
      • Interarea Routing is Distance-Vector
      • Basic ISIS - LSPDB
      • Multitopology
      • What is the role of CLNS and CLNP in ISIS?
      • Troubleshooting ISIS Adjacencies
    • IPv6 Transition
      • Overview
      • NAT64
      • 6to4
      • 6RD (IPv6 Rapid Deployment)
      • DS Lite (Dual Stack Lite)
      • MAP (Mapping of Address and Port)
      • Tunneling IPv6 Dynamic Routing Protocols over IPv4
    • Multicast
      • Introduction
      • IP and MAC Addressing
      • Tree Formation and Packet Forwarding
      • IGMP
      • PIM-DM (Dense Mode)
      • PIM-SM (Sparse Mode)
      • PIM-SM SPT Switchover
      • PIM-SM Tunnel Interfaces
      • PIM DR and the Assert Message
      • PIM-SM RP Discovery
      • PIM-BiDir
      • PIM-SSM (Source-Specific Multicast)
      • Interdomain Multicast (PIM-SM)
      • IPv6 Multicast
      • mVPN Introduction
      • mVPN Profile 0
      • mVPN Profile 1
      • Multicast Routing on IOS-XR
  • L2VPN & Ethernet
    • IOS-XE Ethernet Services
      • Service Instances
      • E-Line
      • E-LAN (VPLS)
      • E-Tree
      • E-Access
      • VPLS with BGP Autodiscovery
      • Martini/Kompella Circuits
    • EVPN
      • Introduction to EVPN
      • Learning EVPN VXLAN First
      • E-Line (EVPN VPWS)
      • E-Line (EVPN VPWS) on IOS-XR
      • E-Line (EVPN VPWS) Multi-Homed
      • E-LAN (EVPN Single-Homed)
    • Carrier Ethernet
      • 802.1ah (MAC-in-MAC)
      • 802.3ah (Ethernet OAM)
      • 802.1ag (CFM)
      • Cisco REP (Resilient Ethernet Protocol)
      • ITU G.8032 ERPS (Ethernet Ring Protection Switching)
  • Security
    • CoPP (Control Plane Policing)
    • LPTS (Local Packet Transport Services)
  • Misc
    • QoS
      • QoS Introduction (Part 1)
      • QoS Tools Overview and QoS Models (Part 2)
      • QoS Classification and Marking (Part 3)
      • QoS Queuing/Congestion Management (Part 4)
      • QoS Shaping and Policing (Part 5)
      • QoS for IPv6
      • MPLS QoS Basics
      • MPLS QoS Modes
      • MPLS TE QoS (DS-TE)
      • MPLS TE CBTS/PBTS
    • Automation and Assurance
      • NSO
      • NSO Command Cheat Sheet
      • Intro to YANG/NETCONF
      • YANG In-Depth
      • NETCONF In-Depth
      • RESTCONF
      • Model-Driven Telemetry
      • Automation Tool Comparison
      • Netflow
      • SNMP
    • Virtualization
      • NFV (Network Function Virtualization)
      • OpenStack
    • Transport
      • xPON
      • SONET/SDH
      • WDM
      • 4G and 5G RAN
    • High Availability (HA)
      • NSF/GR
      • NSR
      • NSF/NSR Whitepapers
      • BFD
      • Link Aggregation on IOS-XE
      • Link Aggregation on IOS-XR
    • IOS Software Overview
  • Labs
    • Lab Challenges
      • How to Use These Labs
      • Basic LDP
      • Advanced LDP
      • BGP Security
      • Unified MPLS
      • BGP Fundamentals
      • Ethernet Services
      • L3VPN Extranet
      • Multicast
      • Inter-area OSPF
      • ISIS
      • MPLS-TE
      • Control Plane Policing
      • QoS
Powered by GitBook
On this page
  • Testing
  • Tunneling OSPFv3 over IPv4
  • Tunneling ISIS over IPv4
  • Tunneling BGP IPv6 Unicast over IPv4
  • Summary
  1. Routing
  2. IPv6 Transition

Tunneling IPv6 Dynamic Routing Protocols over IPv4

PreviousMAP (Mapping of Address and Port)NextMulticast

Last updated 2 years ago

In this short article, we will explore the options we have for running dynamic routing protocols in IPv6-over-IPv4 tunnels. If you’d like to skip to the results, just scroll to the very bottom of the page.

We will use the following topology, with one tunnel interface per tunneling method:

Tunnel #

Mode

100

GRE

200

Manual 6in4

300

6to4

400

6RD

R1 tunnel configuration:

ipv6 unicast-routing
!
int tun100
 description GRE
 ipv6 add 2001:db8:100::1/64
 tunnel source lo0
 tunnel destination 3.3.3.3
 tunnel mode gre ip               ! This is the default
!
int tun200
 description 6in4
 ipv6 address 2001:db8:200::1/64
 tunnel source Lo0
 tunnel destination 3.3.3.3
 tunnel mode ipv6ip
!
int tun300
 description 6to4
 ipv6 address 2002:0101:0101::1/48   ! 1.1.1.1 in Hex is 0x01010101
 tunnel source lo0
 tunnel mode ipv6ip 6to4
!
ipv6 route 2002::/16 tun300
!
int tun400
 description 6rd
 ipv6 address 2001:db8:400:0101:0101::1/80   ! /48 prefix plus 32 bit IP in hex = /80
 tunnel source lo0
 tunnel mode ipv6ip 6rd
 tunnel 6rd prefix 2001:db8:400::/48         ! 6RD allows you to use any prefix
!
ipv6 route 2001:db8:400::/48 tun400

R3 tunnel configuration:

ipv6 unicast-routing
!
int tun100
 description GRE
 ipv6 add 2001:db8:100::3/64
 tunnel source lo0
 tunnel destination 1.1.1.1
 tunnel mode gre ip               ! This is the default
!
int tun200
 description 6in4
 ipv6 address 2001:db8:200::3/64
 tunnel source Lo0
 tunnel destination 1.1.1.1
 tunnel mode ipv6ip
!
int tun300
 description 6to4
 ipv6 address 2002:0303:0303::3/48   ! 3.3.3.3 in Hex is 0x03030303
 tunnel source lo0
 tunnel mode ipv6ip 6to4
!
ipv6 route 2002::/16 tun300
!
int tun400
 description 6rd
 ipv6 address 2001:db8:400:0303:0303::3/80   ! /48 prefix plus 32 bit IP in hex = /80
 tunnel source lo0
 tunnel mode ipv6ip 6rd
 tunnel 6rd prefix 2001:db8:400::/48         ! 6RD allows you to use any prefix
!
ipv6 route 2001:db8:400::/48 tun400 

Ping verifcation to make sure all tunnels are reachable:

R1#ping 2001:db8:100::3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8:100::3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/2/3 ms.

R1#ping 2001:db8:200::3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8:200::3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 3/3/4 ms

R1#ping 2002:0303:0303::3    
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2002:303:303::3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/2/3 ms

R1#ping 2001:db8:400:0303:0303::3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8:400:303:303::3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/3/4 ms

Testing

Tunneling OSPFv3 over IPv4

First we’ll try to establish an OSPF adjacency on all tunnels:

#R1 and R2

int tun100
 ipv6 ospf 1 area 0
int tun200
 ipv6 ospf 1 area 0
int tun300
 ipv6 ospf 1 area 0
int tun400
 ipv6 ospf 1 area 0

! By default, OSPFv3 will pick the loopback for the RID, so this is the minimum configuration needed

OSPF is only established on tun100 and tun200. These are our two point-to-point tunnels, for which a tunnel destination is explicitly specified. Therefore broadcast/multicast traffic is tunneled directly to the destination. 6to4 and 6rd have no destination specified - the IPv4 tunnel endpoint destinatinon is dynamically generated based on the IPv6 destination.

R1#show ipv6 ospf nei

            OSPFv3 Router with ID (1.1.1.1) (Process ID 1)

Neighbor ID     Pri   State           Dead Time   Interface ID    Interface
3.3.3.3           0   FULL/  -        00:00:39    18              Tunnel200
3.3.3.3           0   FULL/  -        00:00:34    17              Tunnel100

Tunneling ISIS over IPv4

Next we’ll try to run ISIS over the tunnel interfaces.

#R1
router isis
 net 49.0001.0000.0000.0001.00

#R2
router isis
 net 49.0001.0000.0000.0003.00

#R1 and R2
int tun100
 ipv6 router isis
int tun200
 ipv6 router isis
int tun300
 ipv6 router isis
int tun400
 ipv6 router isis

An ISIS adjacency only forms on tun100, which is our GRE tunnel. Why is that?

R1#show isis neighbors 

System Id       Type Interface     IP Address      State Holdtime Circuit Id
R3              L1L2 Tu100                         UP    27       09

This is because ISIS discovery frames do not use IPv6. GRE is able to encapsulate any protocol, but 6in4 can only encapsulation IPv6 in IPv4. In the pcap below, you can see the protocol type is OSI in the GRE header:

The manual 6in4 tunnel cannot encapsulate non-IPv6 traffic.

Tunneling BGP IPv6 Unicast over IPv4

Finally we’ll run BGP for IPv6 over the tunnels, creating one peer per tunnel:

#R1
router bgp 65001
 neighbor 2001:db8:100::3 remote-as 65003
 neighbor 2001:db8:200::3 remote-as 65003
 neighbor 2002:0303:0303::3 remote-as 65003
 neighbor 2001:db8:400:0303:0303::3 remote-as 65003
 !
 address-family ipv6 unicast
   neighbor 2001:db8:100::3 activate
   neighbor 2001:db8:200::3 activate
   neighbor 2002:0303:0303::3 activate
   neighbor 2001:db8:400:0303:0303::3 activate

#R3
router bgp 65003
 neighbor 2001:db8:100::1 remote-as 65001
 neighbor 2001:db8:200::1 remote-as 65001
 neighbor 2002:0101:0101::1 remote-as 65001
 neighbor 2001:db8:400:0101:0101::1 remote-as 65001
 !
 address-family ipv6 unicast
   neighbor 2001:db8:100::1 activate
   neighbor 2001:db8:200::1 activate
   neighbor 2002:0101:0101::1 activate
   neighbor 2001:db8:400:0101:0101::1 activate

All four BGP sessions come up, because the BGP session uses a unicast TCP connection, not multicast discovery.

R1#show bgp ipv6 uni sum
BGP router identifier 1.1.1.1, local AS number 65001
BGP table version is 1, main routing table version 1

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
2001:DB8:100::3 4        65003       4       4        1    0    0 00:00:57        0
2001:DB8:200::3 4        65003       4       4        1    0    0 00:01:01        0
2001:DB8:400:303:303::3
                4        65003       4       4        1    0    0 00:01:00        0
2002:303:303::3 4        65003       4       4        1    0    0 00:00:58        0

Summary

GRE

6in4 (Manual)

6to4

6rd

OSPF/EIGRP/RIP (Any dynamic routing protocol that uses IP)

✔️

✔️

✖️

✖️

ISIS

✔️

✖️

✖️

✖️

BGP

✔️

✔️

✔️

✔️