This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!
Cisco IPv6 Tunnel Config
Jump to navigation Jump to search
ipv6 unicast-routing ipv6 cef ! enable IPv6 routing ! interface Tunnel6 no ip address ipv6 address 2001:8B0:XXXX:YYYY::/64 eui-64 ! XXXX is 2001:8B0:XXXX::/48 is your AAISP allocated IPv6 block ! YYYY is your chosen subnet for the yournet<->AAISP connection ! This will allocate an IP based on your MAC address. You could also ! explicitly define the IPv6 address with something like ! ipv6 address 2001:8B0:XXXX:YYYY::1/64 ipv6 enable ipv6 traffic-filter internet_ipv6_in in ipv6 traffic-filter internet_ipv6_out out ipv6 mtu 1280 tunnel source FastEthernet0/0 ! Use your external facing interface tunnel destination 220.127.116.11 tunnel mode ipv6ip ! ipv6 route ::/0 Tunnel6 ! make the tunnel our IPv6 default route ! ipv6 access-list internet_ipv6_in permit icmp any any echo-reply permit icmp any any echo-request permit icmp any any unreachable permit icmp any any time-exceeded deny icmp any any log evaluate internet-ipv6-reflect permit tcp any host 2001:8B0:XXXX:ZZZZ::AAAA eq www permit udp any host 2001:8B0:XXXX:ZZZZ::BBBB eq domain permit tcp any host 2001:8B0:XXXX:ZZZZ::CCCC eq smtp ! replace XXXX, ZZZZ, AAAA, BBBB, CCCC to suit your network deny ipv6 any any log ! ipv6 access-list internet_ipv6_out permit ipv6 any any reflect internet-ipv6-reflect timeout 300 deny ipv6 any any log !
Notes on the above:
- Replace placeholders with the appropriate address portions for your allocated /48 and internal network
- I've included a very basic firewall configuration. I've used the "reflect" technology which may not be available in all IOS versions