Sunday, December 6, 2009

IPv6 Tunnel Broker Setup on IOS router

My environment: Cisco 2801 router

IOS version: 12.4(24)T1 Advanced Enterprise

I have registered an account on Hurricane Electric, it is free and you will get an tunnel IPv6 address and a routed /64 block IPv6 address. Follow the below steps to get your tunnel working:

1. Enable IPv6 unicast routing

 ipv6 unicast routing

2. Configure your tunnel to HE

interface Tunnel0
description IPv6 tunnel to HE Tunnel Broker
no ip address
ipv6 address <Your Tunnel IPv6 Address>
ipv6 enable
tunnel source <Your Internet facing interface>
tunnel destination <HE tunnel destination IPv4 address>
tunnel mode ipv6ip

3. Configure your LAN-facing interface

interface FastEthernet0/0
ip address <LAN IP address>
ipv6 address <The routed /64 address provided by HE>
ipv6 enable
ipv6 nd prefix
<The prefix of the routed /64 address>

4. Create a IPv6 default route

ipv6 route ::/0 Tunnel0

5. If you doesn’t have a fixed Internet IP address, you can use the DDNS service to update the tunnel IP address

ip ddns update method v6tunnelbroker
HTTP
  add
&pass=this_is_your_password_md5&user_id=this_is_your_userid_md5&tunnel_id=your_tunnel_id">https://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=<a>&pass=this_is_your_password_md5&user_id=this_is_your_userid_md5&tunnel_id=your_tunnel_id
interval maximum 1 0 0 0
interval minimum 1 0 0 0

interface FastEthernet0/1
ip ddns update v6tunnelbroker host ipv4.tunnelbroker.net

 

You should be able to access the IPv6 Internet now!  Try to access http://ipv6.google.com from a PC behind the router!

1 comment:

george said...

Thank you for your post I was looking for that.
I have a tunnel active with a tunnel broker, and i was struggling to route my LAN to the ipv6 net. Problem is for now i have only 1 /64 address assigned from the provider, on the tunnel. Later (it works with point system) I will get also a 2nd subnet, but apparently - and here please I need your opinion - I cannot route or NAT my LAN to the tunnel, without having assigned a 2nd /64 address. Is that correct?

Thanks!