Hurricane Electric's IPv6 Tunnel Broker Forums

General IPv6 Topics => IPv6 Basics & Questions & General Chatter => Topic started by: evantkh on January 27, 2015, 06:54:41 AM

Title: 6in4 vs 4in6
Post by: evantkh on January 27, 2015, 06:54:41 AM
Are the two protocols the same? Just reversing the uses?

In fact, can sit tunnels be used to make virtual dual stack lines which are layer 3 transparent over either IPv4 and IPv6 network?
Title: Re: 6in4 vs 4in6
Post by: cholzhauer on January 27, 2015, 06:56:59 AM
https://forums.he.net/index.php?topic=1961.0
Title: Re: 6in4 vs 4in6
Post by: broquea on January 27, 2015, 09:00:30 AM
Not the same protocol, but definitely similar and inverse usage. http://en.wikipedia.org/wiki/4in6

I'd be wary of making a tunnel turducken though (native ipv4 + 6in4 over that + 4in6 over 6in4 tunnel). The overhead might make the throughput a Bad Experience.
Title: Re: 6in4 vs 4in6
Post by: evantkh on January 27, 2015, 03:46:55 PM
Quote from: broquea on January 27, 2015, 09:00:30 AM
Not the same protocol, but definitely similar and inverse usage. http://en.wikipedia.org/wiki/4in6

I'd be wary of making a tunnel turducken though (native ipv4 + 6in4 over that + 4in6 over 6in4 tunnel). The overhead might make the throughput a Bad Experience.

Do you mean I cannot use either protocol to transmit duak stack packets inside? I mean transmitting both IPv6 and IPv4 through a single tunnel without building another tunnel over it.
Title: Re: 6in4 vs 4in6
Post by: broquea on January 27, 2015, 04:03:11 PM
You can, I simply recommended against it, since the overhead of each tunnel has overhead. 6in4 has 20 bytes, taking 1500 down to 1480. if that goes over pppoe, thats another 8 bytes, taking that 6in4 down to 1472. then if you try and run a 4in6 over that 1472 sized 6in4 tunnel, you have to subtract the overhead for that tunnel, to get your new largest size that can transition that 4in6-6in4 tunnel.

If you've got native ipv4, and are using a 6in4 tunnel to access ipv6, why would you tunnel ipv4 over a ipv6 tunnel when you have native? At that point why not run an IPv4 GRE tunnel from your same machine to that far side, and skip making a tunnel-in-tunnel headache with lowered mtu sizes? Or openVPN between sites, and dualstack the ovpn tunnel?
Title: Re: 6in4 vs 4in6
Post by: evantkh on January 27, 2015, 08:42:08 PM
Quote from: broquea on January 27, 2015, 04:03:11 PM
You can, I simply recommended against it, since the overhead of each tunnel has overhead. 6in4 has 20 bytes, taking 1500 down to 1480. if that goes over pppoe, thats another 8 bytes, taking that 6in4 down to 1472. then if you try and run a 4in6 over that 1472 sized 6in4 tunnel, you have to subtract the overhead for that tunnel, to get your new largest size that can transition that 4in6-6in4 tunnel.

If you've got native ipv4, and are using a 6in4 tunnel to access ipv6, why would you tunnel ipv4 over a ipv6 tunnel when you have native? At that point why not run an IPv4 GRE tunnel from your same machine to that far side, and skip making a tunnel-in-tunnel headache with lowered mtu sizes? Or openVPN between sites, and dualstack the ovpn tunnel?

Maybe you misunderstand my meaning.
I mean can I do something like 6in4 and 4in4 over the same tunnel? Getting a dual stack and layer 3 transparent line with protocol 41.
Title: Re: 6in4 vs 4in6
Post by: broquea on January 27, 2015, 09:26:09 PM
uh, no. now think about why.

Your IPv6 tunnel is over IPv4. That is a Protocol 41 tunnel.

Now you want to tunnel IPv4 over IPV6. That is a whatever-protocol tunnel. it isn't a protocol 41 tunnel.

If your IPv6 is over a tunnel, how would you propose to NOT run a 4in6 tunnel over your tunneled IPv6 connection.

A sane solution, is terminate the 6in4 tunnel on some VPS somewhere, then set up OpenVPN on that server, to give OpenVPN clients both IPv4/IPv6, and forget you ever thought or considered 4in6.
Title: Re: 6in4 vs 4in6
Post by: evantkh on January 28, 2015, 12:16:09 AM
Quote from: broquea on January 27, 2015, 09:26:09 PM
uh, no. now think about why.

Your IPv6 tunnel is over IPv4. That is a Protocol 41 tunnel.

Now you want to tunnel IPv4 over IPV6. That is a whatever-protocol tunnel. it isn't a protocol 41 tunnel.

If your IPv6 is over a tunnel, how would you propose to NOT run a 4in6 tunnel over your tunneled IPv6 connection.

A sane solution, is terminate the 6in4 tunnel on some VPS somewhere, then set up OpenVPN on that server, to give OpenVPN clients both IPv4/IPv6, and forget you ever thought or considered 4in6.

Encryption takes CPU resources, but MPLS/EVPLS is too expensive.

Finally, I tried adding IPv4 to the tunnel.

Take ip6tunnel as the 6in4 tunnel.
I tried the following command.
ifconfig ip6tunnel 192.168.10.0 pointopoint 192.168.10.1 netmask 255.255.255.254
Doing similar thing on the other endpoint.
Finally, the two IPv4 cannot connect to each other.
It seems that sit tunnel is only transparent to IPv6.

Actually, is there anyway to make the tunnel work for IPv4 also?
Title: Re: 6in4 vs 4in6
Post by: broquea on January 28, 2015, 12:39:30 AM
QuoteActually, is there anyway to make the tunnel work for IPv4 also?

the HE tunnel? no, not at all.
Title: Re: 6in4 vs 4in6
Post by: evantkh on January 28, 2015, 12:45:27 AM
Quote from: broquea on January 28, 2015, 12:39:30 AM
QuoteActually, is there anyway to make the tunnel work for IPv4 also?

the HE tunnel? no, not at all.

Not HE tunnel. It is a home-made tunnel.
Title: Re: 6in4 vs 4in6
Post by: broquea on January 28, 2015, 12:47:12 AM
then sure, use something like openvpn as the tunnel mechanism, and run that as dual-stack.
Title: Re: 6in4 vs 4in6
Post by: evantkh on January 28, 2015, 01:13:12 AM
Quote from: broquea on January 28, 2015, 12:47:12 AM
then sure, use something like openvpn as the tunnel mechanism, and run that as dual-stack.

Is there any protocol that can transmit packets as simple as 6in4/simply putting a smaller packet into a bigger packet but allow dual stack packets to pass through it?
Title: Re: 6in4 vs 4in6
Post by: broquea on January 28, 2015, 04:23:30 AM
nope. 2 stacks, single tunnel source/method? dual-stacked VPN solution. get crackin!
Title: Re: 6in4 vs 4in6
Post by: evantkh on January 28, 2015, 06:32:20 AM
Quote from: broquea on January 28, 2015, 04:23:30 AM
nope. 2 stacks, single tunnel source/method? dual-stacked VPN solution. get crackin!

Maybe openvpn is the only solution.
Title: Re: 6in4 vs 4in6
Post by: broquea on January 28, 2015, 07:34:29 AM
it certainly isn't a bad one!