Oke, I have got a Cisco 871 wich works perfectly with ipv4. I have one IPv4 address and use NAT to connect clients on the LAN. Now I have setup a tunnel to hurican electric with the following config that was a example config on the tunnelbroker site:
!
interface Tunnel0
description Hurricane Electric IPv6 Tunnel Broker
no ip address
ipv6 address 2001:..../64
ipv6 enable
tunnel source ***** (ipv4)
tunnel destination **** (ipv4)
tunnel mode ipv6ip
!
ipv6 route ::/0 Tunnel0
This works without any problems from the router (I can ping a IPv6 address).
But what to do now? I want my clients to be able to use the router for IPv6. Must I configure a ipv6 dhcp pool on the router with my subnet?
Any comments are welcome!
Thanks
You get a routed /64 in addition to the tunnel's point to point.
1) put ::1 of that allocation on your LAN facing interface on the cisco
2) configure RA on the cisco for that interface (might not need to, i know that on foundry you have to suppress-ra to stop things from autoconfiguring.
hosts on your LAN segment should autoconfigure themselves, and be able to reach IPv6 sites on the net
wow, it works! That was easy!!
I didn't need to do step 2. Only configure the /64 on the LAN was enough.
Thanks for your service!
@chiel, what was the specific command you used on the LAN interface to enable this?
interface Vlan1
ip address 10.0.0.1 255.0.0.0
ip nat inside
ip virtual-reassembly
ipv6 address 2001:*******/64 <- (the routed /64)
ipv6 enable
only the last two I had to enter to make it work. Btw, a thing to remember is that your ipv4 access lists dont have affect on ipv6
Hmm I get an error but I'm using a different platform (3725):
#ipv6 address 2001:470:XXXX:XXX::/64
% 2001:470:XXXX:XXX::/64 should not be configured on FastEthernet0/1.2, a subnet router anycast
I think that you didn't put the ::1 at the end (see tip 1 at "broquea" post).
Let me know if that worked.
That was what was causing the command to barf :-). Though I still can't get clients on the internal network to grab an IP.
I've tried these various commands based on others recommendations.
ipv6 address 2001:470:880D::1/64
ipv6 nd prefix 2001:470:1F07:3B6::/64 infinite infinite
ipv6 address 2001:470:880D::/64 eui-64
#sh ipv6 int f0/1.2
FastEthernet0/1.2 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::20C:85FF:FE07:A701
Description: $FW_INSIDE$
Global unicast address(es):
2001:470:880D::1, subnet is 2001:470:880D::/64
2001:470:880D:0:20C:85FF:FE07:A701, subnet is 2001:470:880D::/64 [EUI]
Joined group address(es):
FF02::1
FF02::2
FF02::1:FF00:1
FF02::1:FF07:A701
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds
Found it, I didn't have:
#ipv6 unicast-routing
Thanks for your help!