Genie's Tech Blog

Where knowledge has no dimensions

IPv6 Rapid Deployment (6rd)

Hello Friends,

Today we will be discussing about 6rd - IPv6 Rapid Deployment feature. Defined in RFC 5969, 6rd is a tunneling technique that allows IPv6 traffic to be transported over an IPv4 infrastructure. Its an extension of automatic 6to4 tunneling mechanism (defined in RFC 3056) and its goal is to overcome the shortcoming of automatic 6to4 tunneling which uses fixed prefix of 2002::/16.

6rd is composed of two main components:

  • Customer Edge Router (CE)
  • Border Delay Router (BR)

6rd is referred as stateless transition mechanism. It means that an algorithm is used to automatically map between addresses. The scope of mechanism is limited to a local domain in which devices - BR and CE, share  common elements of the configuration.

On the CE, if the packet IPv6 destination address matches the locally configured 6rd prefix, the packet is considered to be part of the local 6rd domain and is forwarded to another CE. In such a case, the IPv4 address embedded in the IPv6 destination address is used as the IPv4 destination address and the local WAN interface IPv4 address is used as the source address as the IPv6 packets gets encapsulated in IPv4.

If the IPv6 destination address does not match the locally configured prefix, the packet does not belong to the local 6rd domain and thus needs to be forwarded to the BR. In this case, the locally configured BR IPv4 address is used as the destination address while encapsulating the packet.

6RD Addressing

6rd uses a prefix allocated from the address block assigned to the Service Provider or the Enterprise. This ensures that IPv6 traffic coming from the internet will be forwarded through the SP's own infrastructure.


The 6rd prefix is of variable length. The SP would usually receive a /32 or lower bit address by a Regional Internet Registry, so the length of this field is usually 32 bit or less. The IPv4 address is normally /32 bit address but can be compressed (IPv4 address compression) if some parts of it are always the same. Thus the IPV4 address field is also a variable length field. 

IPv4 Prefix Compression

Generally the IPv4 address is of /32 bit but we can choose to compress the IPv4 address by omitting the part that is same in the SP network. If the SP uses the subnet of 10.x.y.z, we can omit the 10 from the address and just use the 24 bit in the IPv4 bit to fit x.y.z. For example, if all the hosts are using address from 10.0.0.0/8 address block, we can avoid using the first common octet which is 10 in this case. By doing this we can get 8 additional bits. So we have the flexibility of allocating /56 or longer prefixes in this case.

Maximum Transmission Unit (MTU)

If the IPv4 mtu is set to the default of 1500 bytes and that the tunnel overhead is 20 bytes, the mtu is set to 1480 bytes by default. We might have to change the mtu if the there are further encapsulations in the IPv4 routing domain like MPLS, GRE, L2TP etc.

Lets now understanding the working of 6rd with the help of an example.

Consider the below topology:


In the above topology, BR, CE1 and CE2 routers constitute the SP network. We are having two Customer sites: Site A and Site B. The IPv6 internet is connected to the BR router. 

Configuration Steps

CE Configuration

  1. Configure a Tunnel interface and set the tunnel mode to "ipv6ip 6rd"
  2. Specify the 6RD delegated prefix under tunnel interface
  3. Specify the IPv4 prefix length
  4. Specify the 6RD BR address under tunnel interface using “tunnel 6rd br ”
  5. Configure a static route for 6RD prefix (not 6RD delegated prefix) pointing tunnel interface as outgoing interface using “ipv6 route <6rd-prefix>::/ tunnel<>”
  6. Configure a default static route and point towards 6RD BR using “ipv6 route ::/0 tunnel<> <6rd-br-address>

BR Configuration

  1. Create tunnel interface and enable the mode as 6RD using “tunnel mode ipv6ip 6rd”
  2. Specify the 6RD delegated prefix under tunnel interface using “tunnel 6rd prefix <6rd-delegated-prefix>”
  3. Specify the IPv4 field length under tunnel interface
  4. Configure a static route for 6RD prefix (not 6RD delegated prefix) pointing tunnel interface as outgoing interface using "ipv6 route <6rd-prefix>::/ tunnel<>”
Please note that the BR is connected to the external domain (Internet), so it doesn’t require address assigned from 6RD delegated prefix except on tunnel interface

Lets now have a look at the configuration:

Config on CE1:
==============
ip cef
ipv6 general-prefix 6rd_prefix 6rd Tunnel0
ipv6 unicast-routing
ipv6 cef
!
interface Loopback0
 ip address 10.1.1.1 255.255.255.255
!
interface Tunnel0
 no ip address
 no ip redirects
 ipv6 enable
 tunnel source Loopback0
 tunnel mode ipv6ip 6rd
 tunnel 6rd ipv4 prefix-len 16
 tunnel 6rd prefix 2001:1100::/32
 tunnel 6rd br 10.1.3.3
!         
interface FastEthernet0/0
 ip address 10.1.13.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 10.1.12.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet1/0
 no ip address
 duplex half
 ipv6 address 2001:1100:101:14::1/96
 ipv6 enable
 ipv6 ospf 104 area 0
!
router ospf 100
 router-id 10.1.1.1
 network 10.1.0.0 0.0.255.255 area 0
!
ipv6 route 2001:1100::/32 Tunnel0
ipv6 route ::/0 Tunnel0 2001:1100:303::
!
ipv6 router ospf 104
 default-information originate
 redistribute static
!

Config on CE2:
==============
ip cef
ipv6 general-prefix PREFIX 6rd Tunnel0
ipv6 unicast-routing
ipv6 cef
!
interface Loopback0
 ip address 10.1.2.2 255.255.255.255
!
interface Tunnel0
 no ip address
 no ip redirects
 ipv6 enable
 tunnel source Loopback0
 tunnel mode ipv6ip 6rd
 tunnel 6rd ipv4 prefix-len 16
 tunnel 6rd prefix 2001:1100::/32
 tunnel 6rd br 10.1.3.3
!         
interface FastEthernet0/0
 ip address 10.1.23.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 10.1.12.2 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet1/0
 no ip address
 duplex half
 ipv6 address 2001:1100:202:25::1/96
 ipv6 enable
 ipv6 ospf 205 area 0
!
router ospf 100
 router-id 10.1.2.2
 network 10.1.0.0 0.0.255.255 area 0
!
ipv6 route 2001:1100::/32 Tunnel0
ipv6 route ::/0 Tunnel0 2001:1100:303::
!
ipv6 router ospf 205
 default-information originate
 redistribute static
!

Config on BR:
=============
ip cef
ipv6 general-prefix PREFIX 6rd Tunnel0
ipv6 unicast-routing
ipv6 cef
!
interface Loopback0
 ip address 10.1.3.3 255.255.255.255
!
interface Tunnel0
 no ip address
 no ip redirects
 ipv6 enable
 tunnel source Loopback0
 tunnel mode ipv6ip 6rd
 tunnel 6rd ipv4 prefix-len 16
 tunnel 6rd prefix 2001:1100::/32
!
interface FastEthernet0/0
 ip address 10.1.13.2 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 10.1.23.2 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet1/0
 no ip address
 duplex half
 ipv6 address 2003:3611:306:36::1/96
 ipv6 enable
!
router ospf 100
 router-id 10.1.3.3
 network 10.1.0.0 0.0.255.255 area 0
!
router bgp 65000
 bgp log-neighbor-changes
 no bgp default ipv4-unicast
 neighbor 2003:3611:306:36::2 remote-as 65501
 !
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
  redistribute static
  network 2001:1100::/32
  neighbor 2003:3611:306:36::2 activate
 exit-address-family
!
ipv6 route 2001:1100::/32 Tunnel0
!

The above configuration of the 3 nodes CE1, CE2 and BR router forms the SP network. All the 6rd related configuration will be done on these nodes. Please note that the customer devices will be running basic ipv6 configuration. Lets have a look at the customer device and Internet device configuration:

Config on 6_ce1:
================
ipv6 unicast-routing
ipv6 cef
!
interface Loopback0
 ip address 10.1.4.4 255.255.255.255
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 ipv6 address 2001:1100:101:14::2/96
 ipv6 enable
 ipv6 ospf 104 area 0
!
ipv6 router ospf 104
 log-adjacency-changes
!

Config on 6_ce2:
================
ipv6 unicast-routing
ipv6 cef
!
interface Loopback0
 ip address 10.1.5.5 255.255.255.255
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 ipv6 address 2001:1100:202:25::2/96
 ipv6 enable
 ipv6 ospf 205 area 0
!
ipv6 router ospf 205
 log-adjacency-changes
!

Config on V6_Internet:
===================
ipv6 unicast-routing
ipv6 cef
!
interface Loopback0
 ip address 10.1.6.6 255.255.255.255
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 ipv6 address 2003:3611:306:36::2/96
 ipv6 enable
!
router bgp 65501
 no bgp default ipv4-unicast
 bgp log-neighbor-changes
 neighbor 2003:3611:306:36::1 remote-as 65000
 !
 address-family ipv6
  neighbor 2003:3611:306:36::1 activate
 exit-address-family
!

Verification

We can verify the 6rd Tunnel status using the command show tunnel 6rd. We can also check the details of the tunnel interface using the command show ipv6 interface Tunnel0.

Output on CE1:
==============
CE1#sh tunnel 6rd
Interface Tunnel0:
  Tunnel Source: 10.1.1.1
  6RD: Operational, V6 Prefix: 2001:1100::/32
       V4 Prefix, Length: 16, Value: 10.1.0.0
       V4 Suffix, Length: 0, Value: 0.0.0.0
       Border Relay address: 10.1.3.3
  General Prefix: 2001:1100:101::/48
CE1#
CE1#sh ipv6 interface tunnel 0
Tunnel0 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::A01:101 
  No Virtual link-local address(es):
  No global unicast address is configured
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:FF01:101
  MTU is 1480 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ICMP unreachables are sent
  Post_Encap features: Tunnel 6RD
  ND DAD is not supported
  ND reachable time is 30000 milliseconds (using 30000)
  ND RAs are suppressed (periodic)
  Hosts use stateless autoconfig for addresses.
CE1#

Output on BR:
=============
BR#sh tunnel 6rd  
Interface Tunnel0:
  Tunnel Source: 10.1.3.3
  6RD: Operational, V6 Prefix: 2001:1100::/32
       V4 Prefix, Length: 16, Value: 10.1.0.0
       V4 Suffix, Length: 0, Value: 0.0.0.0
  General Prefix: 2001:1100:303::/48
BR#
BR#sh ipv6 interface tunnel 0
Tunnel0 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::A01:303 
  No Virtual link-local address(es):
  No global unicast address is configured
  Joined group address(es):
    FF02::1
    FF02::2
    FF02::1:FF01:303
  MTU is 1480 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ICMP unreachables are sent
  Post_Encap features: Tunnel 6RD
  ND DAD is not supported
  ND reachable time is 30000 milliseconds (using 30000)
  ND RAs are suppressed (periodic)
  Hosts use stateless autoconfig for addresses.
BR#

In the above output, we notice the General Prefix is 2001:1100:303::/48. We need to use this value in the default static route configured on the CE routers using the command "ipv6 route ::/0 tunnel0 2001:1100:303::". We can verify this from the above configuration. If we don't have this configured, the reachability will not be there from the 6_ce1 and 6_ce2 devices towards the V6_Internet router as they fall under a different domain.

Reachability

We shall now verify the reachability between the end host devices and the v6_internet router:

Output on 6_ce1:
================
6_ce1#sh ipv6 route
IPv6 Routing Table - 6 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
       U - Per-user Static route
       I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
       O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
       ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
OE2  ::/0 [110/1], tag 104
     via FE80::C801:3FF:FEDC:1C, FastEthernet0/0
OE2  2001:1100::/32 [110/20]
     via FE80::C801:3FF:FEDC:1C, FastEthernet0/0
C   2001:1100:101:14::/96 [0/0]
     via ::, FastEthernet0/0
L   2001:1100:101:14::2/128 [0/0]
     via ::, FastEthernet0/0
L   FE80::/10 [0/0]
     via ::, Null0
L   FF00::/8 [0/0]
     via ::, Null0
6_ce1#
6_ce1#ping 2001:1100:202:25::2     // Ping to 6_ce2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:1100:202:25::2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/114/288 ms
6_ce1#
6_ce1#ping 2003:3611:306:36::2     // Ping to V6_Internet

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2003:3611:306:36::2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/76/104 ms
6_ce1#
6_ce1#tr 2003:3611:306:36::2

Type escape sequence to abort.
Tracing the route to 2003:3611:306:36::2

  1 2001:1100:101:14::1 76 msec 28 msec 20 msec
  2 2003:3611:306:36::1 160 msec 132 msec 172 msec
  3 2003:3611:306:36::2 100 msec 72 msec 60 msec
6_ce1#

Thus we have end to end reachability over 6rd Tunnel.

Hope this post help understand how 6rd works and how to configure it.

Feel free to reach out to me for any queries.

Cheers...!!!

Genie
www.codergenie.com

Comments are closed