kenjidnb
join:2009-08-07
San Mateo, CA
| tunneling to the ipv6 cloud
Hi,
We have native IPv6 deployed on our entire internal network and now I would like to connect our network to the ipv6 cloud.
We are using several global ipv6 interfaces (subnets) and everything is routed internally. Problem is our internet providers who don't seem to be interconnecting IPv6 networks anytime soon. So we are on an island. I am trying to figure out the different tunneling options and I feel like we have to move toward a 6to4 tunnel. But here, I have hard time understanding the technical details of it.
We don't have any remote site that we could test ipv6 connectivity with but we would definitely like to connect to the rest of the ipv6 cloud. Meaning that there is only one endpoint that I can configure, ours.
Please correct me if I'm wrong but it looks like I have to configure my router to default route to a "public" ipv6 relay router that would be the boundary between the ipv4 and the ipv6 cloud. Assuming that the clients would not be using their global ipv6 address but instead use a 6t4 address. then I'm all set, right? |
|
AVonGauss
Premium,MVM
join:2007-11-01
Boynton Beach, FL
1 edit | If I'm understanding right, you have a public ASN allocation (i.e. 2001::/48) but your ISP does not yet provide direct IPv6 transit? I'm not sure that a 6to4 connection would work, but I'm not a 100% sure about that. If you haven't already, what I would consider doing is setting up a BGP tunnel with a tunnel broker such as Hurricane Electric. That would allow you to use your ASN publicly via the tunnel normally until your ISP provides direct IPv6 transit.
Hurricane Electric's Tunnel Broker:
»www.tunnelbroker.net |
|
kenjidnb
join:2009-08-07
San Mateo, CA
| said by AVonGauss  :If I'm understanding right, you have a public ASN allocation (i.e. 2001::/48) but your ISP does not yet provide direct IPv6 transit? Yes you understand it right.
But I am still wondering how a tunnel broker works. I am guessing that when we sign up with hurricane electric or other, we give them the list of IPv6 interface that we use and then they interconnect our network to the IPv6 cloud? What is the necessary configuration on our side, just the IPv6 default gateway and a tunnel interface? |
|
AVonGauss
Premium,MVM
join:2007-11-01
Boynton Beach, FL
1 edit | Essentially, yes, what you are doing is creating an IPv6 tunnel to Hurricane Electric who has many different IPv6 backbone connections. Some routers can directly create the tunnel or you can always use an existing server to perform this functionality. The advantage and difference of a HE BGP tunnel is you can use BGP to announce your own prefix availability thus allowing them to be globally accessible.
With a BGP tunnel, after the tunnel is activated I believe the first step is to set up a transit tunnel session to Hurricane Electric for IPv6. I believe you could use any regular HE tunnel HOWTO or instructions geared towards your target device. Once the transit tunnel is established, then you would need to configure BGP to properly announce the prefixes you wish. |
|
