IPv6 Tunnel Brokers Explained
ipv6 route ::/0 Tunnel5 end
That simple line of text translates to 128 zeroes /0 for the prefix length, and instructs the router to watch for any traffic that matches it. And when it finds that traffic, it will use Tunnel 5 for that route. We can write this route in that way because a tunnel interface is a point-to-point network. Whatever we send out this interface is going to end up at the far side of the tunnel.
How to Test an IPv6 Tunnel
The best way to test any new configuration is with baby steps. First we'll verify from a basic IPv4 perspective that we can ping the far side of the tunnel. To ping our tunnel, type:
Hopefully this gave you the same success we got. After that, we'll want to see if we can ping the IPv6 address of the far side of the tunnel. In addition to checking for simple connectivity, we'll also source it from our gig2/0 interface. Remember, that's our inbound interface to the router we've configured as the close side of the tunnel. To do that IPv6 ping, we type:
ping 2001:470:c:892::1 source g2/0
Again, hopefully your ping comes back successfully. In addition to verifying connectivity, this should theoretically imply that the tunnel broker also knows how to route back to the subnet block that they've assigned our organization, which is doubly good.
To verify the end-to-end connectivity, we have to bring up a client. In our case, a Windows 8 client behind the router inside our Company Address Block. That client is going to do a stateless address automatic configuration. It'll also get DNS information through stateless DHCP that we happen to already have running on the R1 server. Once it has all that, the client should be able to go out to Google or anybody else who has IPv6 services available.
Before we head to that client, though, while still in R1, we'll do a debug of IPv6 neighbor discovery on R1. That'll help us confirm that this client really is going through R1. To do that, in R1's console, type:
debug ipv6 nd
Next, we go to the client in our virtualized environment. Its ethernet connection is shut down but bringing it up is as simple as going to Network Connections and right-clicking the ethernet connection and enabling it.
What we should see on R1's console is a flurry of router solicitations and neighbor solicitations and respective advertisements. Our ultimate goal is to get our Windows 8 client onto the network, so we can see what's happening by typing into the client's Command Prompt:
This command is probably familiar to many people reading this, but this will output quite a large table of information. In our case, as we look through it, we see a few very heartening things: first, the client has learned a DNS server. Second, he also has an address on the 2001:470:f1a0:1 subnet. Technically, he has two addresses: an anonymous one for the privacy extensions and then the permanent one as well.
This all means that the client should be able to go out to the internet on an IPv6 connection. It's got DNS, and as long as routing is okay on R1, we should be good to go. Still in that client, we can test it by bringing up a browser and going to a site like Google. If your configuration has worked out like ours, you should see the familiar sight of the familiar site.
We could even do a google search for "ipv6 test" and go ahead and test one. On our client, we went to ipv6-test.com, and once there, it confirmed the IPv6 IP address we expect as well as confirming that our browser and connection is using IPV6.
As you can probably now see, IPv6 tunnel brokers are pretty important, and – even better – easy to work with. If you're trying to find a way to get your IPv6 network to go across an intermediate IPv4 network to reach the rest of the internet, IPv6 tunnels are a great way to go.
But that's probably not the extent of your IT needs, and it's only the beginning of what CBT Nuggets has to offer. Consider our TCP/IP IPv6 online training. It consists of 54 videos covering 24 hours of training about the fundamentals of IPv6 networking and addressing. And IPv6 tunnels are covered in this course.
delivered to your inbox.