[6bone] tunnel to 6bone?

Pelle Johansson morth@morth.org
Tue, 8 Oct 2002 02:27:11 +0200
Previous message: [6bone] tunnel to 6bone?
Next message: [6bone] tunnel to 6bone?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
--Apple-Mail-2--104943400
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=ISO-8859-1;
	format=flowed


m=E5ndagen den 7 oktober 2002 kl 20.24 skrev Ravikanth Samprathi:

> To accomplish this goal, I have configured a dual-stack-relay-router.
> =46rom each of the dual-stack-gateways, i have configured 6to4
> tunnels to the dual-stack-relay-router.=A0 =46rom the =
dual-stack-relay-
> router, i intend to connect to 6Bone.
> If the IPv4 address of dual-stack-gateway is 1.2.3.4, the IPv6
> address of the gateway is 2002:0102:0304::1/64, and the prefix=20
> delegated
> to the IPv6-hosts within that home would be 2002:0102:0304:0001 (64=20
> bits).
> If the IPv4 address of dual-stack-relay-router is 5.6.7.8, the IPv6
> address of the relay-router is 2002:0506:0708::1/64.

If you want all ipv6 traffic to pass through the router both in and=20
out, this is not the right approach. You then need to allocate all your=20=

ipv6 addresses under 2002:0506:0708::/48. Typically you'd give each=20
gateway one or more /64 prefixes (2002:0506:0708:1:: 2002:0506:0708:2::=20=

etc) and use gif tunnels (or similar) to move the traffic between the=20
gateways and the router. If, however, it's fine if the incoming packets=20=

go direct to the gateways you can do it like this (depends on how much=20=

you're firewalling). The best approach would of course to use native=20
IPv6 between the router and the gateways, but I assumed this was not=20
possible? (ie there's some network not under your control between them)

>
> My questions to you:
> -------------------------------
> On this front, can you please let me know if my approach is right?
> With this kind of configuration to the IPv6 hosts, will I
> be able to provide global connectivity to the ipv6-hosts?
>
> Is 6to4 tunnels the right approach to use to connect the gateways to
> relay-router?=A0 And if so, how should i configure the ipv6-routing-
> tables in the gateways to forward all the ipv6 traffic to the
> relay-router?
As I mentioned, typically you'd use gif tunnels or similar instead.=20
Ofc, 6to4 is basically implicit gif tunnels, but they have some=20
security issues (spoofing).

> How should i configure the relay-router to connect to 6bone?=A0 Do we
> use native-ipv6 or 6to4-tunnel?
If your upstream ISP does IPv6 that's the best choice. Otherwise you=20
can either use 6to4 or a tunnel broker (freenet6 seems to be the most=20
popular). I'm not sure what the status of getting reverse dns is when=20
using 6to4, and you have to find some 6to4 router who'll accept your=20
packets.
--=20
Pelle Johansson
<morth@morth.org>

--Apple-Mail-2--104943400
Content-Transfer-Encoding: quoted-printable
Content-Type: text/enriched;
	charset=ISO-8859-1



m=E5ndagen den 7 oktober 2002 kl 20.24 skrev Ravikanth Samprathi:


<excerpt>To accomplish this goal, I have configured a
dual-stack-relay-router.

=46rom each of the dual-stack-gateways, i have configured 6to4

tunnels to the dual-stack-relay-router.=A0 =46rom the dual-stack-relay-

router, i intend to connect to 6Bone.

If the IPv4 address of dual-stack-gateway is 1.2.3.4, the IPv6

address of the gateway is 2002:0102:0304::1/64, and the prefix
delegated

to the IPv6-hosts within that home would be 2002:0102:0304:0001 (64
bits).

If the IPv4 address of dual-stack-relay-router is 5.6.7.8, the IPv6

address of the relay-router is 2002:0506:0708::1/64.

</excerpt>

If you want all ipv6 traffic to pass through the router both in and
out, this is not the right approach. You then need to allocate all
your ipv6 addresses under 2002:0506:0708::/48. Typically you'd give
each gateway one or more /64 prefixes (2002:0506:0708:1::
2002:0506:0708:2:: etc) and use gif tunnels (or similar) to move the
traffic between the gateways and the router. If, however, it's fine if
the incoming packets go direct to the gateways you can do it like this
(depends on how much you're firewalling). The best approach would of
course to use native IPv6 between the router and the gateways, but I
assumed this was not possible? (ie there's some network not under your
control between them)


<excerpt>

My questions to you:

-------------------------------

On this front, can you please let me know if my approach is right?

With this kind of configuration to the IPv6 hosts, will I

be able to provide global connectivity to the ipv6-hosts?


Is 6to4 tunnels the right approach to use to connect the gateways to

relay-router?=A0 And if so, how should i configure the ipv6-routing-

tables in the gateways to forward all the ipv6 traffic to the

relay-router?

</excerpt>As I mentioned, typically you'd use gif tunnels or similar
instead. Ofc, 6to4 is basically implicit gif tunnels, but they have
some security issues (spoofing).


<excerpt>How should i configure the relay-router to connect to 6bone?=A0
Do we

use native-ipv6 or 6to4-tunnel?

</excerpt>If your upstream ISP does IPv6 that's the best choice.
Otherwise you can either use 6to4 or a tunnel broker (freenet6 seems
to be the most popular). I'm not sure what the status of getting
reverse dns is when using 6to4, and you have to find some 6to4 router
who'll accept your packets.

--=20

Pelle Johansson

<<morth@morth.org>


--Apple-Mail-2--104943400--
Previous message: [6bone] tunnel to 6bone?
Next message: [6bone] tunnel to 6bone?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]