• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Sunetting IPV6

Started by shaunebop, October 21, 2009, 04:36:01 PM

Previous topic - Next topic

shaunebop

Hi guy's, fairly new to IPV6 and in need of a little help  ;D . I have a home lab of several Cisco routers and switches, one of which is hooked up to a tunnel. I have no problem in setting up a lab which is all on the same subnet but when i create a 2nd subnet simulating a remote office trying to access the ipv6 internet through the office with a tunnel i cant get out. With ipv4 i would just use nat to translate my private address to my global address, does anybody now how i can do the same thing using ipv6? Should also mention that i can ping all interfaces from the remote office including my side of the tunnel, which is set as the default gateway, i just cant get out onto the ipv6 internet from the remote office  :'(

Any help would be fantastic guys  :)

cholzhauer

sitting at your remote offuce, can you ping the interface where the tunnel is?  can you ping past that?  how are you assigning addresses?

shaunebop

#2
Hi,

I can ping the interface of the tunnel from the remote office but cant ping past it, The ip address of the tunnel that was provided is  2001:***:1F08:537::2/64 and they gave me a  2001:***:1F09:537::1/64 to route which i have tried to subnet by giving the lan a subnet of  2001:***:1F08:537:1::/80 and the remote office subnet  2001:***:1F08:537:2::/80.

Is it possible to get out onto the ipv6 internet from a different subnet?

Hope this helps and thankyou for your help so far  :D

jimb

#3
So, to simulate the remote office, are you simply using TWO HE tunnels, one to each router?  Or are you establishing a 6in4 tunnel between the routers directly?

Are you establishing static routes to your subnets on each router?

Also, the problem might be the fact that you're using /80s.  The convention for IPv6 is that /64 is the longest prefix used, because automatic address configuration requires a /64.  Technically, there's no reason that you shouldn't be able to use a /80,  but I've never been clear on whether it's "legal" longer prefixes than /64, or if doing so creates interoperability problems with various equipment, etc.  So it's best to stick with /64s.

If you are using two tunnels, HE should be able to route your traffic between the separate /64s via the tunnel servers no problem.  But in a scenario like that, I'd just establish my own 6in4 between the two "offices" for direct connectivity, and use the HE tunnels for internet.

If you're using a single tunnel to one router, and establishing a tunnel to a second router via your own 6in4 tunnel, I suggest allocating a /48 from HE, and using /64 subnets of that and see if it works.  Use another /64 for the tunnel end points if you want them to be reachable from the internet (you'll have 64K /64s, so no problem).

shaunebop

Thanks for all your help guys, Changed my addressing, had a 64/ on one interface where it should have been an /80. It's all routing Ipv6 as sweet as a nut now  :D It's amazing what a little bit of help from you guys and a nights sleep can do  :)

Thanks to all