# HAS GENERADO 960 CLASES DIFERENTES. ?>
6to4 is an IPv4 tunnel-based transition mechanism defined in RFC-3056. It was designed to allow different IPv6 domains communicate with other IPv6 domains through IPv4 clouds without explicit IPv4 tunnels.
6to4 encapsulates IPv6 packets into IPv4 ones, similar to the 6in4 tunnels, but the main difference between both methods is that in 6in4 it is necessary to establish an explicit tunnel on both ends of the tunnel: at the host and at the server sides. Usually this configuration is done by means of external tools like the Tunnel Broker defined in RFC-3053 who is in charge of configuring the tunnel on the server side (router) and sending a configuration script in order to let the user configure the tunnel on the host side.
With 6to4 there is no need to establish the tunnel on the server side, so the only configuration is done on the host side. The 6to4 router (server side) will accept all the 6to4-encapsultated packets coming from any host. A 6in4 router (server side) only accepts 6in4-encapsulated packets of active tunnels.
As consequence, with 6in4 tunnels all the outgoing traffic and incoming traffic follow always the same path between the host and the server side (both ends of the tunnel). However, as illustrated in the figure, with 6to4 the outgoing traffic (from the host point of view) is sent always to the same 6to4 router, but the incoming traffic might be received from different 6to4 router/relays depending on which 6to4 relay is the nearest one to the IPv6 network that the 6to4 host is willing to contact.
Another important difference with other transition mechanisms is that the 6to4 IPv6 prefix is derived from the IPv4 address, so the routers/hosts using this mechanism have a /48 IPv6 prefix to built an IPv6 network. For this reason, one essential requirement is that the 6to4 host/router needs to have a globally addressable IPv4 address to 6to4 works, so it cannot be located behind a NAT box, unless the NAT box (which will have the globally addressable IPv4 address) supports protocol 41 packets being forwarded to a host behind it.
This mechanism, known as "Forwarding Protocol 41 in NAT Boxes" lets you configure IPv6 tunnels to your host/router using a private IPv4 address. According to the proto-41 forwarding mechanism the NAT box forwards outgoing IPv6 packets (protocol 41) encapsulated into IPv4 ones and it puts an entry for them in the NAT table in order to forward the incoming IPv6 encapsulated packets towards the proper host located in the private IPv4 LAN. A more complete document is available here.
There are many 6to4 server/relay located in the Internet, most of them have their own unicast IPv4 address. However many of them can be reached by using the anycast IPv4 address 192.88.99.1 which has been standardized in RFC3068 to be used as universal 6to4 relay router locator. The anycast address has the property that provides you the nearest server in terms of network proximity.
Public 6to4 relays
Some operating systems use automatically a preconfigured 6to4 relay, which might not be the best in terms of network proximity depending on the location of the user. For this reason, find below a list of public 6to4 relays located all around the world is:
6to4.ipv6.aarnet.net.au (Australia)
6to4.ipv6.uni-leipzig.de (Germany)
6to4.ipv6.fh-regensburg.de (Germany)
kddilab.6to4.jp (Japan)
6to4.ipng.nl (Netherlands)
skbys-00-00.6to4.xs26.net (Slovakia)
6to4.ipng.unix.za.net (South Africa)
6to4.autotrans.consulintel.com (Spain)
6to4.ipv6.ascc.net (Taiwan)
6to4.ipv6.bt.com (United Kindom)
6to4.ipv6.microsoft.com (USA, Redmon)
ipv6-lab-gw.cisco.com (USA, San Jose)
6to4.ipv6.org (Microsoft)
192.88.99.1 (Anycast address)
6to4 host configuration guides
Below you can find different ways to get IPv6 connectivity by using 6to4 tunnels for the commonest operating systems. Some of them could be already configured by default, but may be not in the optimal way. The configuration examples are shown with the anycast IPv4 address for 6to4 relays. Such address is always valid and it will provide the nearest 6to4 relay in terms of network proximity. However you can change such address by one of the servers shown in the above list if you notice any trouble with the anycast routes/connection.
Windows XP/Windows 2003
You should type the following command from the system symbol window:
netsh int ipv6 6to4 set relay 192.88.99.1 enabled 1440
Alternatively, you can use another 6to4 relay by replacing the IPv4 address, by using any of the existing relays, as in the example below:
netsh int ipv6 6to4 set relay 6to4.autotrans.consulintel.com enabled 1440
Windows 2000
The 6to4cfg.exe command automates 6to4 configuration. It automatically discovers your globally routable IPv4 address and creates a 6to4 prefix. Will either perform the configuration directly, or it can write out a configuration script that you can inspect and run later.
You should type the following command from the system symbol window:
6to4cfg -R 192.88.99.1
Alternatively, you can use another 6to4 relay by replacing the IPv4 address as in the following example:
6to4cfg -R 6to4.autotrans.consulintel.com
More details can be shown here.
Linux/Solaris
You should type the following commands from the shell:
ip tunnel add tun6to4 mode sit ttl 80 remote any local DIR_PUBLIC_IPv4
ip link set dev tun6to4 up
ip -6 addr add 2002:XXYY:ZZUU::1/16 dev tun6to4
ip -6 route add 2000::/3 via ::192.88.99.1 dev tun6to4 metric 1
Note that XXYY:ZZUU is the hexadecimal notation for DIR_PUBLIC_IPv4 (the public IPv4 address) as follows:
DIR_PUBLIC_IPv4 = 60.172.21.22 -> | 60 -> 3C 172 -> AC 21 -> 15 22 -> DE |
60.172.21.22 -> XXYY:ZZUU = 3CAC:15DE
Alternatively, you can use another 6to4 relay by replacing the IPv4 address of the last command as in the following example:
ip -6 route add 2000::/3 via 6to4.autotrans.consulintel.com dev tun6to4 metric 1
*BSD
Make sure you have at least one stf(4) interface configured into your kernel:
pseudo-device stf 1 # 6to4 IPv6 over IPv4 encapsulation
By default this is not enabled. Please consult some appropriate documents on kernel configuration and compilation.
You should also type the following commands from the shell:
ifconfig stf0 inet6 2002:XXYY:ZZUU::1 prefixlen 16 alias
route add -inet6 default 2002:c058:6301::1
Note that XXYY:ZZUU is the hexadecimal notation for DIR_PUBLIC_IPv4 (the public IPv4 address) as follows:
DIR_PUBLIC_IPv4 = 60.172.21.22 -> | 60 -> 3C 172 -> AC 21 -> 15 22 -> DE |
60.172.21.22 -> XXYY:ZZUU = 3CAC:15DE
Mac OS
Mac OS has really good support for IPv6, including 6to4. Depending on the version of the operating system the procedure could be different but in all the cases it can be configured with only a few steps.
Detailed information to configure 6to4 in Mac OS can be found here.
6to4 relay configuration guides
According to RFC3056 there are two ways a router could support the 6to4 transition mechanism.
The first is called 6to4 Router and the second 6to4 Relay Router.
1) 6to4 Router: An IPv6 router supporting a 6to4 pseudo-interface. It is normally the border router between an IPv6 site and a wide-area IPv4 network.
For example, think in an isolated IPv6 cloud. This cloud could use 6to4 addresses and get connected to other IPv6 nodes through the 6to4 router.
2) 6to4 Relay Router: A 6to4 router configured to support transit routing between 6to4 addresses and native IPv6 addresses.
The main difference with the 6to4 Router is that the Relay router is connected to the native IPv6 world. Or what is the same, they announce the 2002::/16 prefix to their routing peers.
Note that an isolated host could be configured as 6to4 router just to obtain IPv6 connectivity (this is called a 6to4 router/host). This configuration is automatic in many operating systems, and in practice, in means that when a host has IPv6 enabled and a public IPv4 address, if it supports 6to4, it will gain automatic access to IPv6 even if the ISP doesn't provide the service.
The 6to4 addresses use the prefix 2002::/16
For the automatic configuration of the 6to4 hosts in order to reach a 6to4 relay, the 6to4 relays need to use an anycast address, which is 192.88.99.1. More info on this in RFC3068.
Below you can find instructions for configuring a 6to4 Relay in several types of routers.
Cisco
This info provides the steps required in order to configure your Cisco box as a 6to4 Relay. In order to proceed, you need to have a public IPv4 address on that router, your own IPv6 prefix (provided by your RIR) and IPv6 transit. And of course, the router need to have an IOS supporting IPv6 (including 6to4 support).
Details of the example configuration
The examples below assume that the public IPv4 address in the WAN interface of the router is 192.1.2.3. You should replace that with the right information for your own case, same with other data used in the examples.
Also, you need to understand how to calculate the 6to4 IPv6 address for your router. This is done using the IPv4 address and the IPv6 6to4 prefix.
The 6to4 prefix 2002::/16 is taking the first 16 bits. Then the bits 17 to 48 are the nibble notation for your IPv4 address. So in our example it will be:
192 = c0
1 = 01
2 = 02
3 = 03
So consequently:
2002:c001:0203::/48
We will use the first address of the prefix for the WAN interface, so 2002:c001:0203::1/128
Also, the anycast address for 6to4 is: 192.88.99.1
Following the same example as above, in IPv6 will be: 2002:c058:6301::/128
For our example using a Loopback, we use 192.3.2.3, which in IPv6 will be 2002:0c03:0203::/128
We show below two options for the 6to4 Relay. One for the basic configuration and the other one for using the anycast address for 6to4. You just need to configure one of them (A or B).
A) Example configuration of a basic 6to4 Relay
This relay will only be reachable for hosts or routers with a manual configuration pointing to it.
A1) Enable IPv6 in the router
ipv6 unicast-routing
A2) Ethernet0/0 interface configuration (obviously you can use another interface)
interface Ethernet0/0
description 6to4 Relay Service
ip address 192.1.2.3 255.255.255.0
A3) tunnel 6to4 virtual interface
interface Tunnel2002
description 6to4 Relay Interface
no ip address
no ip redirects
ipv6 address 2002:c001:0203::1/128
tunnel source Ethernet0/0
tunnel mode ipv6ip 6to4
A4) 6to4 prefix route
ipv6 route 2002::/16 Tunnel2002
B) Example configuration of a 6to4 Relay with anycast support
B1) Enable IPv6 in the router
ipv6 unicast-routing
B2) We use the loopback (recommended), but you could use an Ethernet Interface or any other one
interface Loopback0
description 6to4 Anycast Relay Service
ip address 192.88.99.1 255.255.255.0 secondary
ip address 192.3.2.3 255.255.255.255
ipv6 address 2002:c003:0203::1/128
ipv6 mtu 1480
no ipv6 mfib fast
Note: When using IPv4 anycast addresses is recommended to configure explicitly the BGP/OSPF ID with a unicast address, otherwise, the router may take by default the anycast address as the ID.
B3) tunel 6to4 virtual interface
interface Tunnel2002
description anycast 6to4 Relay Interface
no ip address
no ip redirects
ipv6 address 2002:C058:6301::/128 anycast
ipv6 unnumbered Loopback0
no ipv6 mfib fast
tunnel source Loopback0
tunnel mode ipv6ip 6to4
tunnel path-mtu-discovery
C) Configuration for a public Relay
If you choose the anycast option (B), then you can also make the relay public via the following steps.
C1) You need to announce the 2002::/16 prefix usually via BGP. The example below will help you. You should add this to the normal unicast IPv6 configuration and replace the right information for your own case.
router bgp myASN
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor remotepeer_IPv6_address remote-as remoteASN
neighbor remotepeer_IPv6_address description Peer to remoteISP
address-family ipv6
neighbor remotepeer_IPv6_address activate
neighbor remotepeer_IPv6_address route-map remoteISP_in in
neighbor remotepeer_IPv6_address route-map remoteISP_out out
network my_IPv6_prefix
network 2002::/16
exit-address-family
ipv6 route 2002::/16 Null0
ipv6 prefix-list 6to4_prefix seq 5 permit 2002::/16
route-map remoteISP_out permit 10 match ipv6 address prefix-list 6to4_prefix
Note: Of course, you need to replace some of the parameters with your specific data, such as myASN, remotepeer_IPv6, my_IPv6_prefix, remoteASN, remoteISP, remoteISP_in and remoteISP_out.
C2) Additionally you need to configure the announce of the 6to4 anycast prefix, 192.88.99.0/24, to your neighbor ISPs.
D) Configuration for a Private Relay
Alternatively, if you only want to offer the relay to your own customers, you need to announce the 192.88.99.0/24 prefix only to them. Then you will need to use example A) and use something adapted to your own network/routing protocol.
For example, if you are using OSPF as your IGP, you will add something such as:
router ospf 1
log-adjacency-changes
auto-cost reference-bandwidth 10000
network 192.88.99.0 0.0.0.255 area 0
Linux
This info provides the steps required in order to configure your Linux box as a 6to4 Relay. In order to proceed, you need to have a public IPv4 address on that box, your own IPv6 prefix (provided by your RIR) and IPv6 transit. The Linux box (recommended 2.6.x or higher version) need to have IPv6 support and IPv6 routing enabled.
Details of the example configuration
The examples below assume that the public IPv4 address in the WAN interface of the Linux is 192.1.2.3. You should replace that with the right information for your own case, same with other data used in the example.
Also, you need to understand how to calculate the 6to4 IPv6 address for your router. This is done using the IPv4 address and the IPv6 6to4 prefix.
The 6to4 prefix 2002::/16 is taking the first (high order) 16 bits. Then the bits 17 to 48 are the nibble notation of your IPv4 address. So in our example it will be:
192 = c0
1 = 01
2 = 02
3 = 03
So consequently:
2002:c001:0203::/48
We will use the first address of the prefix for the WAN interface, so 2002:c001:0203::1/128
Also, the anycast address for 6to4 is: 192.88.99.1
In the text below, both, the generic commands and example data is used.
A) Configure 6to4 tunneling using "ip" and a dedicated tunnel device
Create a new tunnel device (a TTL must be specified because the default value is 0):
# /sbin/ip tunnel add tun6to4 mode sit ttl <ttldefault> remote any local <localipv4address>
# /sbin/ip tunnel add tun6to4 mode sit ttl 80 remote any local 192.1.2.3
Bring the interface up
# /sbin/ip link set dev tun6to4 up
Add local 6to4 address to interface (note: prefix length 16 is very important!)
# /sbin/ip -6 addr add <local6to4address>/16 dev tun6to4
# /sbin/ip -6 addr add 2002:c001:0203::1/16 dev tun6to4
B) Display existing tunnels
# /sbin/ip -6 tunnel show [<device>]
Example:
# /sbin/ip -6 tunnel show
sit0: ipv6/ip remote any local any ttl 64 nopmtudisc
sit1: ipv6/ip remote 195.226.187.50 local any ttl 64
C) Display routes to tunnels
# /sbin/route -A inet6
Example (output is filtered to display only tunnels through virtual interface sit0):
# /sbin/route -A inet6 | grep "\Wsit0\W*$"
::/96 :: U 256 2 0 sit0
2002::/16 :: UA 256 0 0 sit0
2000::/3 ::193.113.58.75 UG 1 0 0 sit0
fe80::/10 :: UA 256 0 0 sit0
ff00::/8 :: UA 256 0 0 sit0
D) Configure 6to4 prefix route
As have been seen on step C) there should be a route for the 2002::/16 prefix through the 6to4 tunnel interface.
If it this route doesn't exist, then:
# /sbin/ip -6 route add 2002::/16 dev tun6to4 metric 1
E) Configure IPv6 connectivity
Because we are configuring a 6to4 relay it should have IPv6 connectivity (either native or via a tunnel) through an IPv6 gateway (for our example we use 2001:7f9:1::1 as GW address). After having configured an IPv6 address on the corresponding interface, the default route should be configured:
If our IPv6 interface is interface eth0:
To configure the IPv6 address:
# /sbin/ip -6 addr add 2001:7f9:1::2/64 dev eth0
To add a default route:
# /sbin/ip -6 route add 2000::/3 via 2001:7f9:1::1 dev eth0 metric 1
F) Configure prefix advertisements
Somewhere on the Relay network, the device in charge of announcing prefixes (typically a BGP router) should announce 2002::/16 prefix to its IPv6 peerings.
This would allow native IPv6 nodes to reach 6to4 nodes (2002::/16 addresses).
Regarding the IPv4 reachability of the Relay there are two options:
1) Configure the 6to4 anycast IPv4 address (192.88.99.1) and announce the anycast prefix (192.88.99.0/24) to your IPv4 peerings.
2) Use another public IPv4 address.
If 1) is chosen 6to4 hosts will be able to find it automatically, with no need for any manual configuration.
In case of choosing 2) some kind of advertisement of the IPv4 address is needed (usually a FQDN-Fully Qualified Domain Name) in order to allow others to configure our relay.
This will allow 6to4 nodes (2002::/16 addresses) to reach native IPv6 nodes through our relay.
G) Making your configuration persistent
In order to make your configuration persistent a script could be used to be executed at boot time. The idea is to have an script that executes all the commands you need to configure everything as desired.
An example follows, it takes as argument the local host public IPv4 address:
#!/bin/sh
IPV4=$1
PARTS=`echo $IPV4 | tr . ' '`
PREFIX48=`printf "2002:%02x%02x:%02x%02x" $PARTS`
STF_IF="stf0"
STF_NET6="$PREFIX48":0000
STF_IP6="$STF_NET6"::1
ip tunnel add tun6to4 mode sit ttl 64 remote any local $IPV4
ip link set dev tun6to4 up
ip -6 addr add $STF_IP6/16 dev tun6to4
ip -6 addr add 2001:7f9:1::2/64 dev eth0
ip -6 route add 2000::/3 via 2001:7f9:1::1 dev eth0 metric 1
Also depending on the implementation some configuration could be done in the system's network information files.
- Red Hat Distributions:
Add IPV6TO4INIT=yes to /etc/sysconfig/network-scripts/ifcfg-if for the interface with the local IPv4 address and add IPV6_DEFAULTDEV=tun6to4 to /etc/sysconfig/network.
You also should configure the default IPv6 route if needed.
Configuration examples may vary for other Linux distributions.
Annex A: Remove a 6to4 tunnel using "ip" and a dedicated tunnel device
Remove all routes through this dedicated tunnel device
# /sbin/ip -6 route flush dev tun6to4
Shut down interface
# /sbin/ip link set dev tun6to4 down
Remove created tunnel device
# /sbin/ip tunnel del tun6to4
BSD
This info provides the steps required in order to configure your BSD box as a 6to4 Relay. In order to proceed, you need to have a public IPv4 address on that box, your own IPv6 prefix (provided by your RIR) and IPv6 transit. The BSD box need to support stf pseudo-interface, FreeBSD 5.4 or higher version is recommended, for FreeBSD 4.9 you need to recompile the kernel adding "pseudo-device stf". NetBSD 1.5 supports stf pseudo-interface compiling the kernel. Also need to have IPv6 support and IPv6 routing enabled.
Details of the example configuration
The example below is assuming that the public IPv4 address in the WAN interface of the BSD is 192.1.2.3. You should replace that with the right information for your own case, same with other data used in the example.
Also, you need to understand how to calculate the 6to4 IPv6 address for your router. This is done using the IPv4 address and the IPv6 6to4 prefix.
The 6to4 prefix 2002::/16 is taking the first (high order) 16 bits. Then the bits 17 to 48 are the nibble notation of the IPv4 address. So in our example it will be:
192 = c0
1 = 01
2 = 02
3 = 03
So consequently:
2002:c001:0203::/48
We will use the first address of the prefix for the WAN interface, so 2002:c001:0203::1/128
Also, the anycast address for 6to4 is: 192.88.99.1
In the text below, both, the generic commands and example data is used.
A) Configure 6to4 tunneling
Create a stf interface (in case it doesn't exist):
# ifconfig stf create
By default the stf interface is not enabled.
Add local 6to4 address to interface (note: prefix length 16 is very important!)
# ifconfig stf0 inet6 6to4addr prefixlen 16
# ifconfig stf0 inet6 2002:c001:0203::1 prefixlen 16
B) Configure IPv6 connectivity
Because we are configuring a 6to4 relay it should have IPv6 connectivity (either native or via a tunnel) through an IPv6 gateway (for our example we use 2001:7f9:1::1 as GW address). After having configured an IPv6 address on the corresponding interface, the default route should be configured:
If our IPv6 interface is interface ne0:
To configure the IPv6 address:
# ifconfig ne0 inet6 alias 2001:7f9:1::2
To add a default route:
# route add -inet6 default 2001:7f9:1::1
C) Configure prefix advertisements
Somewhere on the Relay network, the device in charge of announcing prefixes (typically a BGP router) should announce 2002::/16 prefix to its IPv6 peerings.
This would allow native IPv6 nodes to reach 6to4 nodes (2002::/16 addresses).
Regarding the IPv4 reachability of the Relay there are two options:
1) Configure the 6to4 anycast IPv4 address (192.88.99.1) and announce the anycast prefix (192.88.99.0/24) to the site IPv4 peerings.
2) Use another public IPv4 address.
If 1) is chosen 6to4 hosts will be able to find it automatically, with no need for any manual configuration.
In case of choosing 2) some kind of advertisement of the IPv4 address is needed (usually a FQDN-Fully Qualified Domain Name) in order to allow others to configure our relay.
This will allow 6to4 nodes (2002::/16 addresses) to reach native IPv6 nodes through our relay.
D) Making your configuration persistent
In order to make your configuration persistent a script could be used to be executed at boot time. The idea is to have a script that executes all the commands you need to configure everything as desired.
An example follows, it takes as argument the local host public IPv4 address:
#!/bin/sh
IPV4=$1
PARTS=`echo $IPV4 | tr . ' '`
PREFIX48=`printf "2002:%02x%02x:%02x%02x" $PARTS`
STF_IF="stf0"
STF_NET6="$PREFIX48":0000
STF_IP6="$STF_NET6"::1
ifconfig $STF_IF inet6 $STF_IP6 prefixlen 16 alias
ifconfig ne0 inet6 alias 2001:7f9:1::2
route add -inet6 default 2001:7f9:1::1
For FreeBSD:
Set in /etc/rc.conf:
stf_interface_ipv4addr="public_v4addr"
ipv6_defaultrouter="2001:7f9:1::1"
Configuration examples may vary for other BSD distributions.
Annex A: Remove a 6to4 tunnel using "ip" and a dedicated tunnel device
Remove a 6to4 interface address
# ifconfig stf0 inet6 -alias 2002:c001:0203::1
Remove 6to4 prefix route
First we can see the route table with:
# netstat -rn
Now we can delete the route entry for 2002::/16 prefix via <gateway_IPv6> with:
# route delete -inet6 2002::/16 <gateway_IPv6>
Windows
This info provides the steps required in order to configure your Windows box as a 6to4 Relay. It is most probably useful also for configuring a Windows Vista and Windows Longhorn (Windows Server 2008). In order to proceed, you need to have a public IPv4 address on that box, your own IPv6 prefix (provided by your RIR) and IPv6 transit. The Windows box (all available Service Packs installed) needs to have IPv6 support and IPv6 routing enabled.
Details of the example configuration
The examples below are assuming that the public IPv4 address in the WAN interface of the Linux is 192.1.2.3. You should replace that with the right information for your own case, same with other data used in the examples.
Also, you need to understand how to calculate the 6to4 IPv6 address for your router. This is done using the IPv4 address and the IPv6 6to4 prefix.
The 6to4 prefix 2002::/16 is taking the first (high order) 16 bits. Then the bits 17 to 48 are the nibble notation for your IPv4 address. So in our example it will be:
192 = c0
1 = 01
2 = 02
3 = 03
So consequently:
2002:c001:0203::/48
We will use the first address of the prefix for the WAN interface, so 2002:c001:0203::1/128
Also, the anycast address for 6to4 is: 192.88.99.1
Note that the interface number in the examples below, is only an example (3), and in your system, may have a different number, you can also use the interface names enclosed in "" instead of the interface numbers.
A) Automatic configuration
Make sure that the 6to4 relay computer has a public address assigned to its Internet interface and has not received a Router Advertisement message from either an IPv6 router on an attached subnet or an ISATAP router.
In that case, the 6to4 component automatically creates an interface (named 6to4 Pseudo-Interface), adds a 2002::/16 route to the routing table that uses the 6to4 interface, and adds a default route that points to a 6to4 relay router on the IPv4 Internet.
It configures an IPv6 address in the form 2002:xx:yy::xx:yy where xx:yy are the IPv4 public address 32 bits.
Following our example it will get: 2002:c001:0203::c001:0203
To see information about the pseudo-interface use:
c:\>netsh interface ipv6 show address
Interface 3: 6to4 Tunneling Pseudo-Interface
Addr Type | DAD State | Valid Life | Pref. Life | Address |
Other | Preferred | infinite | infinite | 2002:c001:0203::c001:0203 |
B) Enable the 6to4 service
You can do this with the following command:
C:\>netsh interface ipv6 6to4 set state enabled
C) Enable forwarding on the 6to4 interface
You can do this with the following command:
C:\>netsh interface ipv6 set interface 3 forwarding=enabled
D) Configure IPv6 routes
To see the configured routes:
c:\>netsh interface ipv6 show routes
Querying active state...
Publish | Type | Met | Prefix | Idx | Gateway/Interface Name |
yes | Manual | 1101 | ::/0 | 3 | 2002:c000:0210::c001:0203 |
yes | Manual | 1001 | 2002::/16 | 3 | 6to4 Tunneling Pseudo-Interface |
E) Configure IPv6 connectivity
As have been seen above, the 6to4 component automatically configures a 6to4 Relay as the default route for the IPv6 traffic. We have to change this default route towards an IPv6 gateway.
Because we are configuring a 6to4 relay it should have IPv6 connectivity (either native or via a tunnel) through an IPv6 gateway (for our example we use 2001:7f9:1::1 as GW address). After having configured an IPv6 address on the corresponding interface, the default route should be configured:
Assuming that our WAN IPv6 interface is interface 5.
To configure the IPv6 address:
c:\>netsh interface ipv6 add address interface=5 address=2001:7f9:1::2
To add a default route:
C:\>netsh interface ipv6 add route ::/0 5 2001:7f9:1::1 publish=yes
F) Configure prefix advertisements
Somewhere on the Relay network, the device in charge of announcing prefixes (typically a BGP router) should announce 2002::/16 prefix to its IPv6 peerings.
This would allow native IPv6 nodes to reach 6to4 nodes (2002::/16 addresses).
Regarding the IPv4 reachability of the Relay there are two options:
1) Configure the 6to4 anycast IPv4 address (192.88.99.1) and announce the anycast prefix (192.88.99.0/24) to the site IPv4 peerings.
2) Use another public IPv4 address.
If 1) is chosen 6to4 hosts will be able to find it automatically, with no need for any manual configuration.
In case of choosing 2) some kind of advertisement of the IPv4 address is needed (usually a FQDN-Fully Qualified Domain Name) in order to allow others to configure our relay.
This will allow 6to4 nodes (2002::/16 addresses) to reach native IPv6 nodes through our relay.
G) Making the configuration persistent
Typically Windows will make the configuration persistent by default, but it may vary across different compilation versions. So if you want to make sure about that, just add the following to each netsh command line:
store=persistent
Annex: Remove 6to4 configuration
Disable the 6to4 service
C:\>netsh interface ipv6 6to4 set state disabled
Disable forwarding on the 6to4 interface
C:\>netsh interface ipv6 set interface 3 forwarding=disabled