Config Router

You are here: Home / Cisco / CCNP Route Lab 8-3, Configuring 6to4 Tunnels

CCNP Route Lab 8-3, Configuring 6to4 Tunnels

by

CCNP Route Lab 8-3, Configuring 6to4 Tunnels

Topology

ccnp-route-lab-configuring-6to4-tunnels

Objectives

  • Configure EIGRP for IPv4.
  • Create a 6to4 tunnel.
  • Configure static IPv6 routes.

Background
In this lab, you configure EIGRP for full connectivity between all IPv4 subnets. You then create a 6to4 tunnel and create static routes over it.

Note: This lab uses Cisco 1841 routers with Cisco IOS Release 12.4(24)T1 and the Advanced IP Services image c1841 -advipservicesk9-mz.124-24.T1 .bin. You can use other routers (such as a 2801 or 2811) and Cisco IOS Software versions if they have comparable capabilities and features. Depending on the router model and Cisco IOS Software version, the commands available and output produced might vary from what is shown in this lab.

Required Resources

  • 3 routers (Cisco 1841 with Cisco IOS Release 12.4(24)T1 Advanced IP Services or comparable)
  • Serial and console cables

Step 1: Prepare the routers for the lab.
Clear previous configurations by erasing the startup configuration and reloading the routers. After the routers are reloaded, set up the appropriate hostnames.

Step 2: Configure loopbacks and physical interfaces.
a. Configure the loopback interfaces with IPv4 addresses and IPv6 addresses, where appropriate. Also configure the serial interfaces with the IPv4 addresses shown in the diagram. Set the clock rates on the appropriate interfaces and the bandwidth on all serial connections.

R1(config)# interface loopback0
R1(config-if)# ip address 10.1.1.1 255.255.255.0
R1(config-if)# ipv6 address FEC0::1:1/112
R1(config-if)# interface serial0/0/0
R1(config-if)# ip address 172.16.12.1 255.255.255.0
R1(config-if)# clockrate 64000
R1(config-if)# bandwidth 64
R1(config-if)# no shutdown
R2(config)# interface loopback0
R2(config-if)# ip address 10.1. 2.1 255.255.255.0
R2(config-if)# interface serial0/0/0
R2(config-if)# ip address 172.16.12.2 255.255.255.0
R2(config-if)# bandwidth 64
R2(config-if)# no shutdown
R2(config-if)# interface serial0/0/1
R2(config-if)# ip address 172.16.23.2 255.255.255.0
R2(config-if)# clockrate 64000
R2(config-if)# bandwidth 64
R2(config-if)# no shutdown
R3(config)# interface loopback0
R3(config-if)# ip address 10.1.3.1 255.255.255.0
R3(config-if)# ipv6 address FEC0::3:1/112
R3(config-if)# interface serial0/0/1
R3(config-if)# ip address 172.16.23.3 255.255.255.0
R3(config-if)# bandwidth 64
R3(config-if)# no shutdown

b. Verify that you have local subnet connectivity with ping.

Step 3: Configure EIGRP.
Configure EIGRP for AS 1 for the major networks 172.16.0.0 and 10.0.0.0 on all three routers. You should have full IPv4 connectivity.

R1(config)# router eigrp 1
R1(config-router)# no auto-summary
R1(config-router)# network 10.0.0.0
R1(config-router)# network 172.16.0.0
R2(config)# router eigrp 1
R2(config-router)# no auto-summary
R2(config-router)# network 10.0.0.0
R2(config-router)# network 172.16.0.0
R3(config)# router eigrp 1
R3(config-router)# no auto-summary
R3(config-router)# network 10.0.0.0
R3(config-router)# network 172.16.0.0

Step 4: Configure a manual IPv6 6to4 tunnel.
A tunnel is a logical interface that acts as a logical connection between two endpoints. It is similar to a loopback interface in that there is no corresponding physical interface, but it is different in that there is more than one router involved. A 6to4 tunnel uses special IPv6 addresses in the 2002::/16 address space. The first 16 bits are the hexadecimal number 2002, and the next 32 bits are the original source IPv4 address in hexadecimal form. The remaining bits can be specified as shown in Step 4c. A 6to4 tunnel does not require a destination address because it is not a point-to-point link.

In this step, you configure additional 6to4 IPv6 loopback interfaces to represent LANs on R1 and R3, and then configure a 6to4 tunnel to provide IPv6 connectivity between the loopback interfaces.

a. Add the following loopbacks to R1 and R3.

R1(config-if)# interface loopback11
 R1(config-if)# ipv6 address 2002:AC10:0C01:11::1/64
 R1(config-if)# interface loopback12
 R1(config-if)# ipv6 address 2002:AC10:0C01:12::1/64
 R3(config-if)# interface loopback31
 R3(config-if)# ipv6 address 2002:AC10:1703:31::1/64
 R3(config-if)# interface loopback32
 R3(config-if)# ipv6 address 2002:AC10:1703:32::1/64

b. Configure a 6to4 tunnel using the interface tunnel number command to get to the tunnel interface configuration prompt. For simplicity, use interface number 0.

R1(config)# interface tunnel 0

c. Set the tunnel mode with the tunnel mode ipv6ip 6to4 command. Then set up the IPv6 address with the ipv6 address address/mask command. The R1 address is 2002:AC10:0C01:1::1/64, because AC10:0C01 corresponds to 172.16.12.1, with 172 being AC, 16 being 10, 12 being C, and 1 being 1. The 1 after this address is just a more specific subnet, and the 1 at the end is the host address. The R3 address is 2002:AC10:1703:1::3/64. The two addresses are not in the same /64 subnet. After setting the IPv6 addresses, set the source interface for the tunnel with the tunnel source type/number command.

R1(config-if)# tunnel mode ipv6ip 6to4
 R1(config-if)# ipv6 address 2002:AC10:0C01:1::1/64
 R1(config-if)# tunnel source serial0/0/0

d. Now that all the tunnel settings are set, enable IPv6 routing with the ipv6 unicast-routing command, and set up an IPv6 static route for the whole 2002::/16 network with the global command ipv6 route address/mask interface, with the interface being the tunnel you just created.

R1(config-if)# exit
 R1(config)# ipv6 unicast-routing
 R1(config)# ipv6 route 2002::/16 tunnel0

e. Enter the following commands on R3.

R3(config)# interface tunnel 0
 R3(config-if)# tunnel mode ipv6ip 6to4
 R3(config-if)# ipv6 address 2002:AC10:1703:1::3/64
 R3(config-if)# tunnel source serial0/0/1
 R3(config-if)# exit
 R3(config)# ipv6 unicast-routing
 R3(config)# ipv6 route 2002::/16 tunnel0

f. Verify that you can ping the other side of the tunnel from R1 to R3, and ping the newly created loopback interfaces from each router .

R1# ping 2002:AC10:1703:1::3
 Type escape sequence to abort.
 Sending 5, 100-byte ICMP Echos to 2002:AC10:1703:1::3, timeout is 2 seconds:
 !!!!!
 Success rate is 100 percent (5/5), round-trip min/avg/max = 64/67/68 ms
 R1# ping 2002:AC10:1703:31::1
 Type escape sequence to abort.
 Sending 5, 100-byte ICMP Echos to 2002:AC10:1703:31::1, timeout is 2 seconds:
 !!!!!
 Success rate is 100 percent (5/5), round-trip min/avg/max = 64/65/68 ms
 R1# ping 2002:AC10:1703:32::1
 Type escape sequence to abort.
 Sending 5, 100-byte ICMP Echos to 2002:AC10:1703:32::1, timeout is 2 seconds:
 !!!!!
 Success rate is 100 percent (5/5), round-trip min/avg/max = 64/65/68 ms
 R3# ping 2002:AC10:C01:1::1
 Type escape sequence to abort.
 Sending 5, 100-byte ICMP Echos to 2002:AC10:C01:1::1, timeout is 2 seconds:
 !!!!!
 Success rate is 100 percent (5/5), round-trip min/avg/max = 64/66/68 ms
 R3# ping 2002:AC10:0C01:11::1
 Type escape sequence to abort.
 Sending 5, 100-byte ICMP Echos to 2002:AC10:C01:11::1, timeout is 2 seconds:
 !!!!!
 Success rate is 100 percent (5/5), round-trip min/avg/max = 64/67/68 ms
 R3# ping 2002:AC10:0C01:12::1
 Type escape sequence to abort.
 Sending 5, 100-byte ICMP Echos to 2002:AC10:C01:12::1, timeout is 2 seconds:
 !!!!!
 Success rate is 100 percent (5/5), round-trip min/avg/max = 64/65/68 ms

Step 5: Configure static IPv6 routes.
Just like IPv4, IPv6 can have static routes entered into its routing table. You already created one for the 2002::/16 network in Step 4. Now you will configure a static route on R1 telling it how to get to the R3 loopback 0 address. On R3, you will configure a static route pointing to R1.

a. Static routes with a next-hop IPv6 address are created with the ipv6 route address/mask next-hop command. The next hop for both routers is the IPv6 address of the other end of the tunnel.

R1(config)# ipv6 route FEC0::3:0/112 2002:AC10:1703:1::3
 R3(config)# ipv6 route FEC0::1:0/112 2002:AC10:C01:1::1

b. Verify the IPv6 static routes using the show ipv6 route command or by pinging the remote loopback address from each router.

R1# show ipv6 route
 IPv6 Routing Table - Default - 11 entries
 Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
 B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
 I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
 EX - EIGRP external
 O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
 S 2002::/16 [1/0]
 via Tunnel0, directly connected
 C 2002:AC10:C01:1::/64 [0/0]
 via Tunnel0, directly connected
 L 2002:AC10:C01:1::1/128 [0/0]
 via Tunnel0, receive
 C 2002:AC10:C01:11::/64 [0/0]
 via Loopback11, directly connected
 L 2002:AC10:C01:11::1/128 [0/0]
 via Loopback11, receive
 C 2002:AC10:C01:12::/64 [0/0]
 via Loopback12, directly connected
 L 2002:AC10:C01:12::1/128 [0/0]
 via Loopback12, receive
 C FEC0::1:0/112 [0/0]
 via Loopback0, directly connected
 L FEC0::1:1/128 [0/0]
 via Loopback0, receive
 S FEC0::3:0/112 [1/0]
 via 2002:AC10:1703:1::3
 L FF00::/8 [0/0]
 via Null0, receive
 R3# show ipv6 route
 IPv6 Routing Table - Default - 11 entries
 Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
 B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
 I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
 EX - EIGRP external
 O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
 S 2002::/16 [1/0]
 via Tunnel0, directly connected
 C 2002:AC10:1703:1::/64 [0/0]
 via Tunnel0, directly connected
 L 2002:AC10:1703:1::3/128 [0/0]
 via Tunnel0, receive
 C 2002:AC10:1703:31::/64 [0/0]
 via Loopback31, directly connected
 L 2002:AC10:1703:31::1/128 [0/0]
 via Loopback31, receive
 C 2002:AC10:1703:32::/64 [0/0]
 via Loopback32, directly connected
 L 2002:AC10:1703:32::1/128 [0/0]
 via Loopback32, receive
 S FEC0::1:0/112 [1/0]
 via 2002:AC10:C01:1::1
 C FEC0::3:0/112 [0/0]
 via Loopback0, directly connected
 L FEC0::3:1/128 [0/0]
 via Loopback0, receive
 L FF00::/8 [0/0]
 via Null0, receive

c. From R1 and R3, ping the loopback 0 IPv6 address of the opposite router.

R1# ping FEC0::3:1
 Type escape sequence to abort.
 Sending 5, 100-byte ICMP Echos to FEC0::3:1, timeout is 2 seconds:
 !!!!!
 Success rate is 100 percent (5/5), round-trip min/avg/max = 64/67/68 ms
 R3# ping FEC0::1:1
 Type escape sequence to abort.
 Sending 5, 100-byte ICMP Echos to FEC0::1:1, timeout is 2 seconds:
 !!!!!
 Success rate is 100 percent (5/5), round-trip min/avg/max = 64/66/68 ms

d. Use the following Tcl script on R1 and R3 to verify network connectivity.

R1# tclsh
 foreach address {
 10.1.1.1
 10.1.2.1
 10.1.3.1
 172.16.12.1
 172.16.12.2
 172.16.23.2
 172.16.23.3
 FEC0::1:1
 FEC0::3:1
 2002:AC10:C01:1::1
 2002:AC10:1703:1::3
 2002:AC10:1703:31::1
 2002:AC10:1703:32::1
 2002:AC10:0C01:11::1
 2002:AC10:0C01:12::1
 } {
 ping $address }

Were all pings successful?
All pings should be successful for R1 and R3.

e. Run the Tcl script on R2. Were all IP addresses reachable? Explain.
No. R2 cannot reach the R1 and R3 IPv6 loopback interface addresses or the IPv6 addresses for the tunnel. R2 simply provides a physical path for the tunnel and has no knowledge of it or the R1 and R3 IPv6 loopback addresses.

 Type escape sequence to abort.
 Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
 !!!!!
 Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
 Type escape sequence to abort.
 Sending 5, 100-byte ICMP Echos to 10.1.2.1, timeout is 2 seconds:
 !!!!!
 Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
 Type escape sequence to abort.
 Sending 5, 100-byte ICMP Echos to 10.1.3.1, timeout is 2 seconds:
 !!!!!
 Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
 Type escape sequence to abort.
 Sending 5, 100-byte ICMP Echos to 172.16.12.1, timeout is 2 seconds:
 !!!!!
 Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
 Type escape sequence to abort.
 Sending 5, 100-byte ICMP Echos to 172.16.12.2, timeout is 2 seconds:
 !!!!!
 Success rate is 100 percent (5/5), round-trip min/avg/max = 56/56/56 ms
 Type escape sequence to abort.
 Sending 5, 100-byte ICMP Echos to 172.16.23.2, timeout is 2 seconds:
 !!!!!
 Success rate is 100 percent (5/5), round-trip min/avg/max = 56/58/64 ms
 Type escape sequence to abort.
 Sending 5, 100-byte ICMP Echos to 172.16.23.3, timeout is 2 seconds:
 !!!!!
 Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
 % Unrecognized host or address, or protocol not running.
 % Unrecognized host or address, or protocol not running.
 % Unrecognized host or address, or protocol not running.
 % Unrecognized host or address, or protocol not running.
 % Unrecognized host or address, or protocol not running.
 % Unrecognized host or address, or protocol not running.
 % Unrecognized host or address, or protocol not running.
 % Unrecognized host or address, or protocol not running.

Router Interface Summary Table

Router Interface Summary
Router Model Ethernet Interface
#1		 Ethernet Interface
#2		 Serial Interface
#1		 Serial Interface
#2
1700 Fast Ethernet 0
(Fa0)		 Fast Ethernet 1
(Fa1)		 Serial 0 (S0) Serial 0/0/1
(S0/0/1)
1800 Fast Ethernet 0/0
(Fa0/0)		 Fast Ethernet 0/1
(Fa0/1)		 Serial 0/0/0
(S0/0/0)		 Serial 0/0/1
(S0/0/1)
2600 Fast Ethernet 0/0
(Fa0/0)		 Fast Ethernet 0/1
(Fa0/1)		 Serial 0/0 (S0/0) Serial 0/1 (S0/1)
2800 Fast Ethernet 0/0
(Fa0/0)		 Fast Ethernet 0/1
(Fa0/1)		 Serial 0/0/0
(S0/0/0)		 Serial 0/0/1
(S0/0/1)
Note: To find out how the router is configured, look at the interfaces to identify the type of router and how many interfaces the router has. Rather than list all combinations of configurations for each router class, this table includes identifiers for the possible combinations of Ethernet and serial interfaces in the device. The table does not include any other type of interface, even though a specific router might contain one. For example, for an ISDN BRI interface, the string in parenthesis is the legal abbreviation that can be used in Cisco IOS commands to represent the interface.

Device Configurations (Instructor version)

Router R1

hostname R1
!
ipv6 unicast-routing
!
interface Loopback0
ip address 10.1.1.1 255. 255.255.0
ipv6 address FEC0::1:1/112
!
interface Loopback11
no ip address
ipv6 address 2002:AC10:C01:11::1/64
!
interface Loopback12
no ip address
ipv6 address 2002:AC10:C01:12::1/64
!
interface Tunnel0
ipv6 address 2002:AC10:C01:1::1/64
tunnel source Serial0/0/0
tunnel mode ipv6ip 6to4
!
interface Serial0/0/0
ip address 172.16.12.1 255.255.255.0
clock rate 64000
bandwidth 64
no shutdown
!
router eigrp 1
network 10.0.0.0
network 172.16.0.0
no auto-summary
!
ipv6 route 2002::/16 Tunnel0
ipv6 route FEC0::3:0/112 2002:AC10:1703:1::3
end

Router R2

hostname R2
!
interface Loopback0
ip address 10.1.2.1 255.255.255.0
!
interface Serial0/0/0
ip address 172.16.12.2 255.255.255.0
bandwidth 64
no shutdown
!
interface Serial0/0/1
ip address 172.16.23.2 255.255.255.0
clock rate 64000
bandwidth 64
no shutdown
!
router eigrp 1
network 10.0.0.0
network 172.16.0.0
no auto-summary
end

Router R3

hostname R3
!
ipv6 unicast-routing
!
interface Loopback0
ip address 10.1.3.1 255.255.255.0
ipv6 address FEC0::3:1/112
!
interface Loopback31
no ip address
ipv6 address 2002:AC10:1703:31::1/64
!
interface Loopback32
no ip address
ipv6 address 2002:AC10:1703:32::1/64
!
interface Tunnel0
no ip address
ipv6 address 2002:AC10:1703:1::3/64
tunnel source Serial0/0/1
tunnel mode ipv6ip 6to4
!
interface Serial0/0/1
ip address 172.16.23.3 255.255.255.0
bandwidth 64
no shutdown
!
router eigrp 1
network 10.0.0.0
network 172.16.0.0
no auto-summary
!
ipv6 route 2002::/16 Tunnel0
ipv6 route FEC0::1:0/112 2002:AC10:C01:1::1
end

More Resources