Information About ISATAP Tunnel Support for IPv6
Overlay Tunnels for IPv6
Overlay tunneling encapsulates IPv6 packets in IPv4 packets for delivery across an IPv4 infrastructure (a core network or the figure below). By using overlay tunnels, you can communicate with isolated IPv6 networks without upgrading the IPv4 infrastructure between them. Overlay tunnels can be configured between border devices or between a border device and a host; however, both tunnel endpoints must support both the IPv4 and IPv6 protocol stacks. IPv6 supports the following types of overlay tunneling mechanisms:
-
Manual
-
Generic routing encapsulation (GRE)
-
IPv4-compatible
-
6to4
-
Intrasite Automatic Tunnel Addressing Protocol (ISATAP)
 Note |
Overlay tunnels reduce the maximum transmission unit (MTU) of an interface by 20 octets (assuming that the basic IPv4 packet header does not contain optional fields). A network that uses overlay tunnels is difficult to troubleshoot. Therefore, overlay tunnels that connect isolated IPv6 networks should not be considered a final IPv6 network architecture. The use of overlay tunnels should be considered as a transition technique toward a network that supports both the IPv4 and IPv6 protocol stacks or just the IPv6 protocol stack. |
Use the table below to help you determine which type of tunnel that you want to configure to carry IPv6 packets over an IPv4 network.
|
Tunneling Type |
Suggested Usage |
Usage Notes |
|---|---|---|
|
Manual |
Simple point-to-point tunnels that can be used within a site or between sites. |
Can carry IPv6 packets only. |
|
GRE- and IPv4- compatible |
Simple point-to-point tunnels that can be used within a site or between sites. |
Can carry IPv6, Connectionless Network Service (CLNS), and many other types of packets. |
|
IPv4- compatible |
Point-to-multipoint tunnels. |
Uses the ::/96 prefix. We do not recommend using this tunnel type. |
|
6to4 |
Point-to-multipoint tunnels that can be used to connect isolated IPv6 sites. |
Sites use addresses from the 2002::/16 prefix. |
|
6RD |
IPv6 service is provided to customers over an IPv4 network by using encapsulation of IPv6 in IPv4. |
Prefixes can be from the SP’s own address block. |
|
ISATAP |
Point-to-multipoint tunnels that can be used to connect systems within a site. |
Sites can use any IPv6 unicast addresses. |
Individual tunnel types are discussed in detail in this document. We recommend that you review and understand the information about the specific tunnel type that you want to implement. When you are familiar with the type of tunnel you need, see the table below for a summary of the tunnel configuration parameters that you may find useful.
|
Tunneling Type |
Tunnel Configuration Parameter |
|||
|---|---|---|---|---|
|
Tunnel Mode |
Tunnel Source |
Tunnel Destination |
Interface Prefix or Address |
|
|
Manual |
ipv6ip |
An IPv4 address, or a reference to an interface on which IPv4 is configured. |
An IPv4 address. |
An IPv6 address. |
|
GRE/IPv4 |
gre ip |
An IPv4 address. |
An IPv6 address. |
|
|
IPv4- compatible |
ipv6ip auto-tunnel |
Not required. These are all point-to-multipoint tunneling types. The IPv4 destination address is calculated, on a per-packet basis, from the IPv6 destination. |
Not required. The interface address is generated as ::tunnel-source /96. |
|
|
6to4 |
ipv6ip 6to4 |
An IPv6 address. The prefix must embed the tunnel source IPv4 address. |
||
|
6RD |
ipv6ip 6rd |
An IPv6 address. |
||
|
ISATAP |
ipv6ip isatap |
An IPv6 prefix in modified eui-64 format. The IPv6 address is generated from the prefix and the tunnel source IPv4 address. |
||
ISATAP Tunnels
ISATAP is an automatic overlay tunneling mechanism that uses the underlying IPv4 network as a NBMA link layer for IPv6. ISATAP is designed for transporting IPv6 packets within a site where a native IPv6 infrastructure is not yet available; for example, when sparse IPv6 hosts are deployed for testing. ISATAP tunnels allow individual IPv4 or IPv6 dual-stack hosts within a site to communicate with other such hosts on the same virtual link, basically creating an IPv6 network using the IPv4 infrastructure.
The ISATAP router provides standard router advertisement network configuration support for the ISATAP site. This feature allows clients to automatically configure themselves as they would do if they were connected to a GigabitEthernet or FastEthernet. It can also be configured to provide connectivity out of the site. ISATAP uses a well-defined IPv6 address format composed of any unicast IPv6 prefix (/64), which can be link local, or global (including 6to4 prefixes), enabling IPv6 routing locally or on the Internet. The IPv4 address is encoded in the last 32 bits of the IPv6 address, enabling automatic IPv6-in-IPv4 tunneling.
Although the ISATAP tunneling mechanism is similar to other automatic tunneling mechanisms, such as IPv6 6to4 tunneling, ISATAP is designed for transporting IPv6 packets within a site, not between sites.
ISATAP uses unicast addresses that include a 64-bit IPv6 prefix and a 64-bit interface identifier. The interface identifier is created in modified EUI-64 format in which the first 32 bits contain the value 000:5EFE to indicate that the address is an IPv6 ISATAP address. The table below describes an ISATAP address format.
|
64 Bits |
32 Bits |
32 Bits |
|---|---|---|
|
link local or global IPv6 unicast prefix |
0000:5EFE |
IPv4 address of the ISATAP link |
As shown in the table above, an ISATAP address consists of an IPv6 prefix and the ISATAP interface identifier. This interface identifier includes the IPv4 address of the underlying IPv4 link. The following example shows what an actual ISATAP address would look like if the prefix is 2001:DB8:1234:5678::/64 and the embedded IPv4 address is 10.173.129.8. In the ISATAP address, the IPv4 address is expressed in hexadecimal as 0AAD:8108:
2001:DB8:1234:5678:0000:5EFE:0AAD:8108
Feedback