Labs: Configuring 6to4 Tunnels Topology Diagram Scenario For this lab, you will configure EIGRP for full connectivity between all IPv4 subnets. Then you will create a 6to4 tunnel and create static routes to go over it. Finally, you will observe traffic. Step 1: Lab Preparation Erase your configurations and reload your routers and switch. Once your routers and switch are reloaded, set up the appropriate hostnames. Step 2: Configure Loopbacks and Physical Interfaces Configure the loopback interfaces with IPv4 addresses and IPv6 addresses where appropriate. Also configure the serial interfaces with the IPv4 addresses shown in the diagram. Set the clockrates on the appropriate interfaces and issue no shutdown on all serial connections. Verify that you have local subnet connectivity with ping. R1(config)# interface loopback0 R1(config-if)# ip address 10.1.1.1 255.255.255.0 R1(config-if)# ipv6 address FEC0::1:1/112 R1(config-if)# interface Fastethernet0/0 R1(config-if)# ip address 172.16.12.1 255.255.255.0 R1(config-if)# clockrate 64000 R1(config-if)# no shutdown R2(config)# interface loopback0 R2(config-if)# ip address 10.1.2.1 255.255.255.0 R2(config-if)# interface Fastethernet0/0 R2(config-if)# ip address 172.16.12.2 255.255.255.0 R2(config-if)# no shutdown R2(config-if)# interface serial0/0/1 R2(config-if)# ip address 172.16.23.2 255.255.255.0 R2(config-if)# clockrate 64000 R2(config-if)# no shutdown R3(config)# interface loopback0 R3(config-if)# ip address 10.1.3.1 255.255.255.0 R3(config-if)# ipv6 address FEC0::3:1/112 R3(config-if)# interface serial0/0/1 R3(config-if)# ip address 172.16.23.3 255.255.255.0 R3(config-if)# no shutdown Step 3: Configure EIGRP Configure EIGRP for AS 1 for the major networks 172.16.0.0 and 10.0.0.0 on all three routers. Make sure you disable auto-summarization. You should have full IPv4 connectivity after this. R1(config)# router eigrp 1 R1(config-router)# no auto-summary R1(config-router)# network 10.0.0.0 R1(config-router)# network 172.16.0.0 R2(config)# router eigrp 1 R2(config-router)# no auto-summary R2(config-router)# network 10.0.0.0 R2(config-router)# network 172.16.0.0 R3(config)# router eigrp 1 R3(config-router)# no auto-summary R3(config-router)# network 10.0.0.0 R3(config-router)# network 172.16.0.0 Step 4: Configure a Manual IPv6 Tunnel A tunnel is a logical interface that acts as a logical connection between two endpoints. It is similar to a loopback interface in that there is no corresponding physical interface, but it is different in that there is more than one router involved. A 6to4 tunnel uses special IPv6 addresses in the 2002::/16 address space. The first 16 bits are the hexadecimal number 2002, and the next 32 bits are the original source IPv4 address in hexadecimal form. A 6to4 tunnel does not require a destination address because it is not a point-to-point link. In this lab, you will configure routers R1 and R3 for a 6to4 tunnel to provide IPv6 connectivity between their loopback interfaces. To configure a 6to4 tunnel, get the tunnel interface configuration prompt using the interface tunnel number command. For simplicity, use interface number 0. Next, set the tunnel mode with the tunnel mode ipv6ip 6to4 command. Then set up the IPv6 address with the ipv6 address address/mask command. The address for R1 is 2002:AC10:0C01:1::1/64, because AC10:0C01 corresponds to 172.16.12.1, with 172 being AC, 16 being 10, 12 being C, and 1 being 1. The 1 after this address is just a more specific subnet, and the 1 at the end is the host address. R3’s address is 2002:AC10:1703:1::3/64. Notice that the two addresses are not in the same /64 subnet. After setting the IPv6 addresses, set the source interface for the tunnel with the tunnel source type/number command. Now that all the tunnel settings are set, set up an IPv6 static route for the whole 2002::/16 with the global command ipv6 route address/mask interface, with the interface being the tunnel you just created. Verify that you can ping the other side of the tunnel once all the commands have been entered. R1(config)# interface tunnel 0 R1(config-if)# tunnel mode ipv6ip 6to4 R1(config-if)# ipv6 address 2002:AC10:0C01:1::1/64 R1(config-if)# tunnel source serial0/0/0 R1(config-if)# exit R1(config)# ipv6 route 2002::/16 tunnel0 R3(config)# interface tunnel 0 R3(config-if)# tunnel mode ipv6ip 6to4 R3(config-if)# ipv6 address 2002:AC10:1703:1::3/64 R3(config-if)# tunnel source serial0/0/1 R3(config-if)# exit R3(config)# ipv6 route 2002::/16 tunnel0 R1#ping 2002:AC10:1703:1::3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2002:AC10:1703:1::3, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 64/67/68 ms R3#ping 2002:AC10:C01:1::1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2002:AC10:C01:1::1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 64/66/68 ms Step 5: Configure Static IPv6 Routes Just like IPv4, IPv6 can have static routes entered into its routing table. You already created one for the 2002::/16 network in Step 4. For this section of the lab, you will put a static route on R1 telling it how to get to R3’s loopback address. On R3, you will put a static default route pointing to R1. Just like in IPv4, static routes with a next-hop IPv6 address are created with the ipv6 route address/mask next-hop command. The next hop for both routers is the IPv6 address of the other end of the tunnel. Before entering these commands, enable IPv6 routing with the ipv6 unicast-routing command. You can verify by using the show ipv6 route command or by pinging the remote loopback address from each router. R1(config)# ipv6 unicast-routing R1(config)# ipv6 route FEC0::3:0/112 2002:AC10:1703:1::3 R3(config)# ipv6 unicast-routing R3(config)# ipv6 route FEC0::1:0/112 2002:AC10:C01:1::1 R1#show ipv6 route IPv6 Routing Table - 8 entries Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP U - Per-user Static route I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 D - EIGRP, EX - EIGRP external S 2002::/16 [1/0] via ::, Tunnel0 C 2002:AC10:C01:1::/64 [0/0] via ::, Tunnel0 L 2002:AC10:C01:1::1/128 [0/0] via ::, Tunnel0 L FE80::/10 [0/0] via ::, Null0 C FEC0::1:0/112 [0/0] via ::, Loopback0 L FEC0::1:1/128 [0/0] via ::, Loopback0 S FEC0::3:0/112 [1/0] via 2002:AC10:1703:1::3 L FF00::/8 [0/0] via ::, Null0 R3#show ipv6 route IPv6 Routing Table - 8 entries Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP U - Per-user Static route I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 S 2002::/16 [1/0] via ::, Tunnel0 C 2002:AC10:1703:1::/64 [0/0] via ::, Tunnel0 L 2002:AC10:1703:1::3/128 [0/0] via ::, Tunnel0 L FE80::/10 [0/0] via ::, Null0 S FEC0::1:0/112 [1/0] via 2002:AC10:C01:1::1 C FEC0::3:0/112 [0/0] via ::, Loopback0 L FEC0::3:1/128 [0/0] via ::, Loopback0 L FF00::/8 [0/0] via ::, Null0 Step 6: Analyze traffic Configure SPAN on switch monitored and monitoring interfaces by appropriate manner. Start Wireshark on PC connected to the monitoring port. Then initiate traffic and observe results. R1#ping FEC0::3:1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to FEC0::3:1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 64/67/68 ms R3#ping FEC0::1:1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to FEC0::1:1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 64/66/68 ms