Test Setup for Dual-Stack Router Providing IPv6 Connectivity via 6to4 Tunnels Over the IPv4 WAN
Dual-stack CPE devices typically enable IPv6 connectivity via native IPv6 connections on the WAN or via tunneling protocols that transmit encapsulated IPv6 packets over the IPv4 WAN. Protocols such as DHCPv6 (with and without prefix delegation), PPPoE (running DHCPv6 or autoconf for address resolution), autoconf, or static IPv6 addressing can be used to provide native IPv6 connectivity on the WAN, whereas the most common tunneling protocols are 6to4 and 6rd. This recipe focuses on 6to4, since it requires minimal configuration and is perhaps the most common mechanism for providing IPv6 addresses to dual-stack clients on the LAN. The basic premise is the same for 6rd, which is based on and very similar in design to 6to4.
6to4, as defined in RFC 3056, is a transition mechanism that provides IPv6 connectivity to remote sites via automatic IPv4 tunnels on the WAN. In 6to4 terminology, the CPE is a 6to4 router since it acts as the gateway between the customer’s IPv6 site and the IPv4 WAN. IPv6 packets originating at the customer site that are destined for native IPv6 hosts are tunneled by the CPE over the IPv4 WAN to a 6to4 relay server located at the anycast address of 126.96.36.199. IPv6 packets destined for other 6to4 connected sites are tunneled over the IPv4 WAN directly to the associated 6to4 router. See our Application Note on 6to4 and 6rd for more information.
Testing dual-stack 6to4 enabled devices with CDRouter is straightforward. The physical setup is the same as it would be for testing an IPv4 only device - CDRouter connects via Ethernet or wireless to the LAN side of the DUT, and via Ethernet, ATM, or T1/E1 to the WAN side of the DUT. However, when testing a dual-stack 6to4 enabled device the logical test environment is quite different, as shown in the diagram below. The simulated WAN ISP is IPv4 only in this example. Access to other simulated IPv6 enabled network elements, such as the DNS server(s) and ACS, is provided by the 6to4 relay server and 6to4 routers.
The diagram and example configuration below assume DHCP for IPv4 connectivity on the WAN, and 6to4 for tunneled access to the native IPv6 WAN and other 6to4 islands. It is also assumed that the CPE is providing IPv6 addresses to all LAN clients via SLAAC (autoconf).
# -- IPv4 Configuration: # WAN configuration testvar wanInterface eth2 testvar wanMode DHCP testvar wanIspIp 188.8.131.52 testvar wanIspAssignIp 184.108.40.206 testvar wanNatIp 220.127.116.11 testvar wanIspNextIp 18.104.22.168 testvar wanIspMask 255.255.255.0 testvar wanDnsServer 22.214.171.124 testvar wanBackupDnsServer 126.96.36.199 testvar RemoteHost 188.8.131.52 # LAN configuration testvar lanInterface eth1 testvar lanIp 192.168.1.1 testvar lanMask 255.255.255.0 testvar dhcpClientStart 192.168.1.2 testvar dhcpClientEnd 192.168.1.7 # -- IPv6 Configuration: testvar supportsIPv6 yes # WAN configuration testvar ipv6WanMode 6to4 testvar ipv6RelayServer 184.108.40.206 # LAN configuration testvar ipv6LanMode autoconf testvar ipv6LanIp ::1 testvar ipv6LanSubnetId 1 testvar ipv6WanDnsServer 3001:51a:cafe::2 testvar ipv6WanBackupDnsServer 3001:51a:cafe::3 # other configuration options testvar ipv6RemoteHost 3001:51a:cafe::1 testvar ipv6FreeNetworkStart 3001:cafe:1:: testvar ipv6FreeNetworkEnd 3001:ffff:ffff:: testvar ipv6FreeNetworkPrefixLen 64
In the above example the DUT’s global IPv6 address is expected to be
<6to4 prefix> : <ipv6LanSubnetId> : <host ID portion of ipv6LanIp>. In this particular example, assuming the 16-bit Site Level Aggregator (SLA) used by the DUT is simply 1, the expected global IPv6 address prefix for this configuration is:
6to4 prefix:ipv6LanSubnetId::/64 = 2002:c0c:c02:1::/64