Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: Recommendation for two networks  (Read 2215 times)

microfoundry

  • Newbie
  • *
  • Posts: 1
Recommendation for two networks
« on: October 12, 2010, 09:30:58 PM »

Greetings - I currently have 2 network segments, each attached to the internet with a IPv4 VPN tunnel between sites utilizing Juniper's SSG-5. In addition, I've built an IPv6 tunnel to HE from the PDC and all is well.

From a design standpoint, what's the recomended config for IPv6 to each site? And between sites?

TIA,

Terry
Logged

jimb

  • Hero Member
  • *****
  • Posts: 805
  • ^^^ Warped picture
Re: Recommendation for two networks
« Reply #1 on: October 12, 2010, 10:09:05 PM »

If it was my choice and I needed to use HE tunnels, I'd have a separate IPv6 tunnel w/ routed 48s for each site utilizing each site's internet connection.  I'd then connect the two sites directly with a VPN so that site-to-site comms would use that.  You could do this with something like IPSEC encrypted 6in4 or GRE tunnels provided your device(s) support something like this.

Be careful not to simply let HE route your IPv6 traffic between sites unless you don't care whether the inter-site traffic crosses the internet in "plaintext" format.

EDIT: Of course, if your two sites are in one of the data centers where HE is present, you could purchase your IPv4 and IPv6 internet connectivity from HE directly and do native IPv6 w/o the need for tunnels, and connect your two sites with IPv4 and IPv6 native VPNs.  :p
« Last Edit: October 12, 2010, 10:14:18 PM by jimb »
Logged