IPv6 tunnel

Since native IPv6 is still not widely depolyed, some ISPs offer IPv6 over tunnels. This article describes how to configure Vyatta to work with these tunnels.

Hurricane Electric / SIXXS
This ISP uses manually configured tunnels with 6in4 protocol, also known as SIT (Simple Internet Transition). It's an IP protocol with identifier 41.

To use it, you should register at Hurricane Electric tunnelbroker or SixXS IPv6 Deployment & Tunnel Broker website and obtain settings for your tunnel. After registration, enter configuration mode and type the following commands: edit interfaces tunnel tun0 set address $tunnelAddress/64 set encapsulation sit set local-ip $localIP set remote-ip $tunnelServerIP set description "Hurricane Electric IPv6 tunnel" exit commit Then set up default IPv6 route over this tunnel: set protocols static interface-route6 ::/0 next-hop-interface tun0 commit Where $tunnelAddress is an address from subnet allocated by HE for tunnel (typically 2001:470:xxxx:xxxx::2/64), $localIP is your router's IP address, $tunnelServerIP is HE's tunnel server IP.

Now on the HE site configuration snippet with right addresses for you is present, and you may just copy it and paste to your router's console.

Your tunnel is configured now. You may check connectivity by using ping6 command (e.g. ping6 he.net). Final configuration will look like this: tun0 { address 2001:470:xxxx:xxx::2/64 description "Hurricane Electric IPv6 tunnel" encapsulation sit local-ip xx.xxx.xxx.xxx remote-ip xxx.xx.xx.xx } Then you should assign an IPv6 address from your routed /64 to one of your internal interfaces. For example:
 * 1) show interfaces tunnel

set interfaces ethernet eth1 address 2001:470:xxxx:xxxx::1/64

Don't use addresses from the subnet allocated for tunnel, otherwise you will have connectivity troubles.

If you do some firewalling, you will need to permit SIT protocol in the firewall instance working on the interface tunnel is originated from (in both directions). Here is an example: edit firewall name ToRouter rule 10 set protocol 41 (or protocol sit) set source address $tunnelServer set action accept set description "Allow IPv6 tunneling" commit