No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - IP Service

CloudEngine 8800, 7800, 6800, and 5800 V200R003C00

This document describes the configurations of IP Service, including IP address, ARP, DHCP, DNS, IP performance optimization, IPv6, DHCPv6, and IPv6 DNS.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
IPv6 over IPv4 Tunneling

IPv6 over IPv4 Tunneling

Tunneling is a technology that encapsulates packets of a network protocol into packets of another network protocol for transmission. The tunneling process includes data encapsulation, transmission, and decapsulation. Tunneling technology is an important method to implement IPv4-to-IPv6 transition.

IPv4-to-IPv6 transition is a necessary trend due to IPv4 address exhaustion and IPv6 advantages. IPv6, however, is incompatible with IPv4. Existing IPv4 devices need to be replaced, which is infeasible because it requires huge cost and will interrupt existing services. Therefore, IPv4 needs to gradually transition to IPv6. During early transition, IPv4 networks are widely deployed, while IPv6 networks are isolated islands. IPv6 over IPv4 tunneling allows IPv6 packets to be transmitted on an IPv4 network, interconnecting all IPv6 islands.

Figure 10-3 shows the working mechanism of IPv6 over IPv4 tunneling technology.

Figure 10-3 IPv6 over IPv4 tunneling

In Figure 10-3,

  1. IPv4/IPv6 dual stack is enabled and an IPv6 over IPv4 tunnel is deployed on border switches (Switch_1 and Switch_2).

  2. After Switch_1 receives a packet from the connected IPv6 network, Switch_1 appends an IPv4 header to the IPv6 packet to encapsulate the IPv6 packet as an IPv4 packet if the destination address of the packet is not Switch_1 and the outbound interface of the packet is a tunnel interface.

  3. On the IPv4 network, the encapsulated packet is transmitted to Switch_2.

  4. Switch_2 decapsulates the packet, removes the IPv4 header, and then sends the decapsulated IPv6 packet to the connected IPv6 network.

A tunnel has a source end and a destination end. After the source end and destination end are determined, the tunnel is set up. The IPv4 address of the source end of an IPv6 over IPv4 tunnel must be configured, but the IPv4 address of the destination end can be configured or automatically obtained. An IPv6 over IPv4 tunnel can be a manual or an automatic tunnel depending on how the destination end of the tunnel obtains its IPv4 address.
  • Manual tunnel: requires you to configure an IPv4 address for the destination end.
  • Automatic tunnel: does not require you to manually configure an IPv4 address for the destination end. In most cases, two interfaces on both ends of an automatic tunnel use IPv6 addresses that contain embedded IPv4 addresses so that the destination IPv4 address can be extracted from the destination IPv6 address of IPv6 packets.

Manual tunnel

Manual tunnels are classified into IPv6 over IPv4 manual tunnels and IPv6 over IPv4 GRE tunnels based on the IPv6 packet encapsulation mode.

NOTE:

CE6870EI and CE6875EI do not support manual tunnel.

IPv6 over IPv4 Manual Tunnel

In a manual tunnel, an IPv6 packet is directly encapsulated into an IPv4 packet, and the source and destination addresses of the tunnel are configured to provide a point-to-point connection. Border devices on the tunnel must support IPv4/IPv6 dual stack, while other devices only need to support a single stack. The source and destination addresses of a manual tunnel must be configured. If a border device needs to set up a manual tunnel with multiple devices, multiple tunnels must be configured on the border device. Such configuration is complex. To simplify the configuration, a manual tunnel is often set up between two border devices to connect two IPv6 islands.

Figure 10-4 shows the IPv6 over IPv4 manual tunnel encapsulation format.

Figure 10-4 IPv6 over IPv4 manual tunnel encapsulation format

Packets are transmitted in an IPv6 over IPv4 manual tunnel as follows:
  1. When a border device of the tunnel receives an IPv6 packet from the connected IPv6 network, the device searches for the IPv6 routing table according to the destination address of the IPv6 packet. If the packet is forwarded from a tunnel interface, the device encapsulates the packet according to the tunnel source and destination IPv4 addresses configured for the tunnel interface. The encapsulated packet becomes an IPv4 packet, which is then processed by the IPv4 protocol stack.
  2. The IPv4 packet is forwarded to the destination end of the tunnel over an IPv4 network.
  3. After the destination end of the tunnel receives the IPv4 packet, it decapsulates the packet and sends the decapsulated packet to the IPv6 protocol stack.
IPv6 over IPv4 GRE Tunnel

An IPv6 over IPv4 GRE tunnel uses standard GRE tunneling technology to provide a point-to-point connection and requires tunnel endpoint addresses to be configured. GRE tunnels can use any transport protocol and can encapsulate packets of any protocol supported by the GRE protocol, such as IPv4, IPv6, and Multiprotocol Label Switching (MPLS).

Figure 10-5 shows the working mechanism of an IPv6 over IPv4 GRE tunnel.

Figure 10-5 IPv6 over IPv4 GRE tunnel

Packets are transmitted in an IPv6 over IPv4 GRE tunnel as follows:
  1. When a border device of the tunnel receives an IPv6 packet from the connected IPv6 network, the device searches for the IPv6 routing table according to the destination address of the IPv6 packet. If the packet is forwarded from a tunnel interface, the device adds a GRE header to the IPv6 packet, and then adds an IPv4 header to the GRE header according to the tunnel source and destination IPv4 addresses configured for the tunnel interface. The encapsulated packet becomes an IPv4 packet, which is then processed by the IPv4 protocol stack.
  2. The IPv4 packet is forwarded to the destination end of the tunnel over an IPv4 network.
  3. After the destination end of the tunnel receives the IPv4 packet, it decapsulates the packet and sends the decapsulated packet to the IPv6 protocol stack.

Compared with an IPv6 over IPv4 manual tunnel, an IPv6 over IPv4 GRE tunnel supports the Keepalive function, which enhances data transmission reliability. For details about GRE tunnels, see GRE Configuration Guide in the CloudEngine 8800, 7800, 6800, and 5800 Series Switches Configuration - Configuration Guide - VPN.

Automatic tunnel

Only the source end of an automatic tunnel needs to be configured, and the destination end of the tunnel can be automatically resolved. A tunnel interface of a device uses an IPv6 address that contains an embedded IPv4 address so that the device can automatically resolve the destination end. The device resolves an IPv4 address from the destination IPv6 address of the IPv6 packet and regards the node specified by the IPv4 address as the destination end of the tunnel.

6to4 Tunnel

A 6to4 tunnel is set up using the IPv4 address embedded in an IPv6 address. A 6to4 address uses an IPv4 address as the network identifier. Figure 10-6 shows the 6to4 address format.

Figure 10-6 6to4 address

In Figure 10-6,
  • FP: is the format prefix of aggregatable global unicast addresses and fixed as 001.
  • TLA: is short for top level aggregator and fixed as 0x0002.
  • SLA: is short for site level aggregator.

A 6to4 address starts with the prefix 2002::/16 in the format of 2002:IPv4-address::/48. A 6to4 address has a 64-bit network prefix, in which the first 48 bits (2002:a.b.c.d) are the IPv4 address assigned to a switch interface and cannot be changed, and the last 16 bits (SLA) can be configured. Figure 10-7 shows the 6to4 tunnel encapsulation and forwarding process.

Figure 10-7 6to4 tunnel example 1 (border device connecting to one 6to4 network)

An IPv4 address can only be used as the source address of one 6to4 tunnel. If one border device connects to multiple 6to4 networks and uses the same IPv4 address as the tunnel source address, SLA IDs in 6to4 addresses are used to differentiate the 6to4 networks. These 6to4 networks, however, share the same 6to4 tunnel, as shown in Figure 10-8.

Figure 10-8 6to4 tunnel example 2 (border device connecting to multiple 6to4 networks)

Translation
Download
Updated: 2019-05-08

Document ID: EDOC1100004354

Views: 68921

Downloads: 147

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next