Ipv6 Over Ipv4 Gre Tunnels; Auto 6To4 Tunneling; Standards Compliance - Nortel Secure 4134 Configuration

Security — configuration and management

Hide thumbs Also See for Secure 4134:

Installation manual (132 pages)

Installation — hardware components (124 pages)

Quick start manual (70 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

Table of Contents

The host or router at each end of a conﬁgured tunnel must support both

the IPv4 and IPv6 protocol stacks. Manually conﬁgured tunnels can be

conﬁgured between border routers or between a border router and a host.

The entry tunnel end point (the encapsulating node) encapsulates the

IPv6 packet with an IPv4 header with the conﬁgured IPv4 tunnel source

and tunnel destination IP addresses. The exit tunnel end point (the

de-capsulating node) removes the outer IPv4 header and forward or

consume the received IPv6 packet.

IPv6 over IPv4 GRE tunnels

IPv6 trafﬁc can be carried over IPv4 Generic Route Encapsulation

(GRE) tunnels using the standard GRE tunneling technique. As in IPv6

manually-conﬁgured tunnels, GRE tunnels are links between two points, with

a separate tunnel for each link. The tunnels carry IPv6 as the passenger

protocol with GRE as the carrier protocol and IPv4 as the transport protocol.

GRE has a protocol ﬁeld that identiﬁes the passenger protocol.

The entry tunnel end point (the encapsulating node) encapsulates the IPv6

packet with a GRE-IPv4 header using the conﬁgured IPv4 tunnel source and

tunnel destination IP addresses. The exit tunnel end point removes the outer

GRE-IPv4 header and processes or forwards the received IPv6 packet.

Auto 6to4 tunneling

Auto 6to4 tunneling is a dynamic way to deploy tunnels between sites made

up of IPv6 nodes. Tunneling of IPv6 packets is done dynamically, using the

destination IPv6 address of a packet originating from the IPv6 node. Auto

6to4 encapsulates the IPv6 packet in IPv4 and uses the IPv4 routing domain.

The destination IP address of the tunnel does not need to be manually

preset. The IPv4 address embedded in the 2002:: /16 preﬁxed destination

IPv6 address is used to ﬁnd the other end of the automatic tunnel.

The key difference between automatic 6to4 tunnels and manually-conﬁgured

tunnels is that the tunnel is not point-to-point; rather, it is point-to-multipoint.

6to4 preﬁxes use the 2002:: /16 address space assigned by IANA. A globally

unicast IPv4 assigned to the 6to4 router is converted to hexadecimal and

appended to the 2002:: /16 preﬁx.

Routing protocols are not supported on auto 6to4 tunnels.

Standards compliance

The SR4134 implementation of GRE and IPIP tunneling complies with the

following RFCs:

•

RFC 1853, IP in IP Tunneling

Nortel Secure Router 4134

Security — Conﬁguration and Management

NN47263-600 01.02 Standard

10.0 3 August 2007

Standards compliance 67

Table of Contents

Ipv6 Over Ipv4 Gre Tunnels; Auto 6To4 Tunneling; Standards Compliance - Nortel Secure 4134 Configuration

IPv6 over IPv4 GRE tunnels

Auto 6to4 tunneling

Standards compliance

Related Manuals for Nortel Secure 4134

Related Content for Nortel Secure 4134

Table of Contents