Aug 302011
 

Here i am again, my server was down for some days because i moved to another location and now its back up and running.

On this move to the new location i realized that they dont have IPv6 in their network, at first i was thinking to implement Dual Stack IPv6 on their Cisco router but unfortunately the router there doesnt support IPv6, it needs IOS upgrade and i cant disrupt the traffic to reboot for such reason, so eventually i forgot this idea and thought that a GRE tunnel over IPv4 would be a good solution to my problem for some time until the upgrade of the Cisco router.

Topology Information:

Cisco WAN IP: 192.168.0.1
OpenBSD WAN IP: 172.16.0.1

Cisco Router Configuration

interface tun0
description IPv6_Over_IPv4_GRE
ipv6 address 2001:1::1/126
tunnel source 192.168.0.1
tunnel destination 172.16.0.1

OpenBSD Host Configuration

Enable GRE tunnel.

basilisk:~# sysctl net.inet.gre.allow=1
basilisk:~# sysctl net.inet.gre.wccp=1

Create the interface.

basilisk:~# ifconfig gre0 create

Assign IPv6 address to the new interface

basilisk:~# ifconfig gre0 inet6 2001:1::2/126

Tell the GRE tunnel where to connect

basilisk:~# ifconfig gre0 tunnel 172.16.0.1 192.168.0.1

Activate the tunnel

basilisk:~# ifconfig gre0 link1 up

Add default gateway for the IPv6 traffic

basilisk:~# route -n add -inet6 default 2001:1::1

And at last verify IPv6 connectivity

basilisk:~# ping6 -c 4 ipv6.google.com
PING6(56=40+8+8 bytes) 2001:1::1 --> 2a00:1450:8007::63
16 bytes from 2a00:1450:8007::63, icmp_seq=0 hlim=54 time=70.275 ms
16 bytes from 2a00:1450:8007::63, icmp_seq=1 hlim=54 time=66.095 ms
16 bytes from 2a00:1450:8007::63, icmp_seq=2 hlim=54 time=66.804 ms
16 bytes from 2a00:1450:8007::63, icmp_seq=3 hlim=54 time=66.031 ms

--- ipv6.l.google.com ping6 statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 66.031/67.301/70.275/1.743 ms

Now that all worked as expected you can make this configuration persistent.

Enable GRE at boot.

basilisk:~# echo "net.inet.gre.allow=1" >> /etc/sysctl.conf
basilisk:~# echo "net.inet.gre.wccp=1" >> /etc/sysctl.conf

My interface’s configuration file looks like this:

basilisk:~# more /etc/hostname.gre0
inet6 2001:1::2/126
tunnel 172.16.0.1 192.168.0.1
link1 up
!route -n add -inet6 default 2001:1::1

You may now reboot and verify that you can ping IPv6 addresses

  One Response to “OpenBSD: IPv6 Over IPv4 GRE Tunnel to Cisco Router”

  1. Hi & thanks for your post. I used some of the information for setting up an IPv6 over GRE/IPSec tunnel for IPv6 clients isolated in an IPv4 network. See http://markus.wernig.net/en/it/ip6tunnel.phtml. Of course I’ve linked back to your site.
    krgds /markus

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)