Monday, 18 May 2015

ISATAP intrasite automatic tunnel addressing protocol

ISATAP Tunnel Support for IPv6

ISATAP is an automatic overlay tunneling mechanism that uses the underlying IPv4 network as a NBMA link layer for IPv6

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Information About ISATAP Tunnel Support for IPv6



Overlay Tunnels for IPv6

Overlay tunneling encapsulates IPv6 packets in IPv4 packets for delivery across an IPv4 infrastructure (a core network or the figure below). By using overlay tunnels, you can communicate with isolated IPv6 networks without upgrading the IPv4 infrastructure between them. Overlay tunnels can be configured between border devices or between a border device and a host; however, both tunnel endpoints must support both the IPv4 and IPv6 protocol stacks. IPv6 supports the following types of overlay tunneling mechanisms:

  • Manual
  • Generic routing encapsulation (GRE)
  • IPv4-compatible
  • 6to4
  • Intrasite Automatic Tunnel Addressing Protocol (ISATAP)
Figure 1. Overlay Tunnels



Note
Overlay tunnels reduce the maximum transmission unit (MTU) of an interface by 20 octets (assuming that the basic IPv4 packet header does not contain optional fields). A network that uses overlay tunnels is difficult to troubleshoot. Therefore, overlay tunnels that connect isolated IPv6 networks should not be considered a final IPv6 network architecture. The use of overlay tunnels should be considered as a transition technique toward a network that supports both the IPv4 and IPv6 protocol stacks or just the IPv6 protocol stack.
Use the table below to help you determine which type of tunnel that you want to configure to carry IPv6 packets over an IPv4 network.

Table 1 Suggested Usage of Tunnel Types to Carry IPv6 Packets over an IPv4 Network
Tunneling Type Suggested Usage Usage Notes
Manual Simple point-to-point tunnels that can be used within a site or between sites. Can carry IPv6 packets only.
GRE- and IPv4- compatible Simple point-to-point tunnels that can be used within a site or between sites. Can carry IPv6, Connectionless Network Service (CLNS), and many other types of packets.
IPv4- compatible Point-to-multipoint tunnels. Uses the ::/96 prefix. We do not recommend using this tunnel type.
6to4 Point-to-multipoint tunnels that can be used to connect isolated IPv6 sites. Sites use addresses from the 2002::/16 prefix.
6RD IPv6 service is provided to customers over an IPv4 network by using encapsulation of IPv6 in IPv4. Prefixes can be from the SP’s own address block.
ISATAP Point-to-multipoint tunnels that can be used to connect systems within a site. Sites can use any IPv6 unicast addresses.
Individual tunnel types are discussed in detail in this document. We recommend that you review and understand the information about the specific tunnel type that you want to implement. When you are familiar with the type of tunnel you need, see the table below for a summary of the tunnel configuration parameters that you may find useful.

Table 2 Tunnel Configuration Parameters by Tunneling Type
Tunneling Type Tunnel Configuration Parameter
Tunnel Mode Tunnel Source Tunnel Destination Interface Prefix or Address
Manual ipv6ip An IPv4 address, or a reference to an interface on which IPv4 is configured. An IPv4 address. An IPv6 address.
GRE/IPv4 gre ip An IPv4 address. An IPv6 address.
IPv4- compatible ipv6ip auto-tunnel Not required. These are all point-to-multipoint tunneling types. The IPv4 destination address is calculated, on a per-packet basis, from the IPv6 destination. Not required. The interface address is generated as ::tunnel-source/96.
6to4 ipv6ip 6to4 An IPv6 address. The prefix must embed the tunnel source IPv4 address.
6RD ipv6ip 6rd An IPv6 address.
ISATAP ipv6ip isatap An IPv6 prefix in modified eui-64 format. The IPv6 address is generated from the prefix and the tunnel source IPv4 address.

ISATAP Tunnels

ISATAP is an automatic overlay tunneling mechanism that uses the underlying IPv4 network as a NBMA link layer for IPv6. ISATAP is designed for transporting IPv6 packets within a site where a native IPv6 infrastructure is not yet available; for example, when sparse IPv6 hosts are deployed for testing. ISATAP tunnels allow individual IPv4 or IPv6 dual-stack hosts within a site to communicate with other such hosts on the same virtual link, basically creating an IPv6 network using the IPv4 infrastructure.
The ISATAP router provides standard router advertisement network configuration support for the ISATAP site. This feature allows clients to automatically configure themselves as they would do if they were connected to a GigabitEthernet or FastEthernet. It can also be configured to provide connectivity out of the site. ISATAP uses a well-defined IPv6 address format composed of any unicast IPv6 prefix (/64), which can be link local, or global (including 6to4 prefixes), enabling IPv6 routing locally or on the Internet. The IPv4 address is encoded in the last 32 bits of the IPv6 address, enabling automatic IPv6-in-IPv4 tunneling.
Although the ISATAP tunneling mechanism is similar to other automatic tunneling mechanisms, such as IPv6 6to4 tunneling, ISATAP is designed for transporting IPv6 packets within a site, not between sites.
ISATAP uses unicast addresses that include a 64-bit IPv6 prefix and a 64-bit interface identifier. The interface identifier is created in modified EUI-64 format in which the first 32 bits contain the value 000:5EFE to indicate that the address is an IPv6 ISATAP address. The table below describes an ISATAP address format.

Table 3 IPv6 ISATAP Address Format
64 Bits 32 Bits 32 Bits
link local or global IPv6 unicast prefix 0000:5EFE IPv4 address of the ISATAP link
As shown in the table above, an ISATAP address consists of an IPv6 prefix and the ISATAP interface identifier. This interface identifier includes the IPv4 address of the underlying IPv4 link. The following example shows what an actual ISATAP address would look like if the prefix is 2001:DB8:1234:5678::/64 and the embedded IPv4 address is 10.173.129.8. In the ISATAP address, the IPv4 address is expressed in hexadecimal as 0AAD:8108:
2001:DB8:1234:5678:0000:5EFE:0AAD:8108

How to Configure ISATAP Tunnel Support for IPv6



Configuring ISATAP Tunnels

Before You Begin The tunnel source command used in the configuration of an ISATAP tunnel must point to an interface with an IPv4 address configured. The ISATAP IPv6 address and prefix (or prefixes) advertised are configured as for a native IPv6 interface. The IPv6 tunnel interface must be configured with a modified EUI-64 address because the last 32 bits in the interface identifier are constructed using the IPv4 tunnel source address.
SUMMARY STEPS
    1.    enable
    2.    configure terminal
    3.    interface tunnel tunnel-number
    4.    ipv6 address {ipv6-address / prefix-length | prefix-name sub-bits/prefix-length
    5.    no ipv6 nd ra suppress
    6.    tunnel source {ip-address| interface-type interface-number}
    7.    tunnel mode ipv6ip [6rd | 6to4 | auto-tunnel | isatap

DETAILED STEPS
Command or ActionPurpose
Step 1 enable


Example:
Router> enable
  		Enables privileged EXEC mode.

  • Enter your password if prompted.
 
Step 2 configure terminal


Example:
Router# configure terminal
  		Enters global configuration mode.
 
Step 3 interface tunnel tunnel-number


Example:
Router(config)# interface tunnel 1
  		Specifies a tunnel interface and number, and enters interface configuration mode.
 
Step 4 ipv6 address {ipv6-address / prefix-length | prefix-name sub-bits/prefix-length


Example:
Router(config-if)# ipv6 address 2001:DB8:6301::/64 eui-64
  		Specifies the IPv6 address assigned to the interface and enables IPv6 processing on the interface.
 
Step 5 no ipv6 nd ra suppress


Example:
Router(config-if)# no ipv6 nd ra suppress
  		Sending of IPv6 router advertisements is disabled by default on tunnel interfaces. This command reenables the sending of IPv6 router advertisements to allow client autoconfiguration.
 
Step 6 tunnel source {ip-address| interface-type interface-number}


Example:
Router(config-if)# tunnel source gigabitethernet 1/0/1
  		Specifies the source interface type and number for the tunnel interface.

Note    The interface type and number specified in the tunnel source command must be configured with an IPv4 address.
 
Step 7 tunnel mode ipv6ip [6rd | 6to4 | auto-tunnel | isatap


Example:
Router(config-if)# tunnel mode ipv6ip isatap
  		Specifies an IPv6 overlay tunnel using a ISATAP address.

  • The auto-tunnel keyword is not supported on Cisco ASR 1000 series routers.
 

Configuration Examples for ISATAP Tunnel Support for IPv6



Example: Configuring ISATAP Tunnels

The following example shows the tunnel source defined on GigabitEthernet 0/0/0 and the tunnel mode command used to configure the ISATAP tunnel. Router advertisements are enabled to allow client autoconfiguration. 
ipv6 unicast-routing
interface tunnel 1
 tunnel source Gigabitethernet 0/0/0
 tunnel mode ipv6ip isatap
 ipv6 address 2001:DB8::/64 eui-64
 no ipv6 nd ra suppress
 exit

Additional References


Related Documents


Related Topic Document Title
IPv6 addressing and connectivity Cisco IOS IPv6 Configuration Guide
Cisco IOS commands Cisco IOS Master Commands List, All Releases
IPv6 commands Cisco IOS IPv6 Command Reference
Cisco IOS IPv6 features Cisco IOS IPv6 Feature Mapping

Standards and RFCs


Standard/RFC Title
RFCs for IPv6 IPv6 RFCs

Technical Assistance


Description Link
The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password. http:/​/​www.cisco.com/​cisco/​web/​support/​index.html

Feature Information for ISATAP Tunnel Support for IPv6

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Table 4 Feature Information for ISATAP Tunnel Support for IPv6
Feature Name Releases Feature Information
ISATAP Tunnel Support for IPv6 Cisco IOS XE Release 2.1 ISATAP is an automatic overlay tunneling mechanism that uses the underlying IPv4 network as a NBMA link layer for IPv6.
The following commands were introduced or modified: ipv6 nd ra suppress, tunnel mode ipv6ip, tunnel source.
Posted by at
Labels: