Configuration procedure, 6to4 tunnel configuration example – H3C Technologies H3C SecPath F1000-E User Manual

93

•

The automatic tunnel interfaces using the same encapsulation protocol cannot share the same

source IP address.

Configuration procedure

To configure a 6to4 tunnel:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enable IPv6.

ipv6

By default, the IPv6 packet forwarding
function is disabled.

3.

Enter tunnel interface
view.

interface tunnel number N/A

4.

Configure an IPv6
address for the tunnel

interface.

•

Configure an IPv6 global unicast

address or a site-local address:

{

ipv6 address { ipv6-address

prefix-length |
ipv6-address/prefix-length }

{

ipv6 address

ipv6-address/prefix-length
eui-64

•

Configure an IPv6 link-local

address:

{

ipv6 address auto link-local

{

ipv6 address ipv6-address

link-local

IPv6 link-local address configuration is
optional.
By default,

•

No IPv6 global unicast address or

site-local address is configured for
the tunnel interface.

•

A link-local address will

automatically be generated when an
IPv6 global unicast address or

site-local address is configured.

5.

Specify the 6to4 tunnel

mode.

tunnel-protocol ipv6-ipv4 6to4

By default, the tunnel mode is GRE over
IPv4.
The same tunnel mode should be

configured at both ends of the tunnel.

Otherwise, packet delivery will fail.

6.

Configure a source
address or interface for

the tunnel.

source { ip-address | interface-type
interface-number }

By default, no source address or
interface is configured for the tunnel.

7.

Return to system view.

quit

N/A

8.

Enable dropping of
IPv6 packets using

IPv4-compatible IPv6

addresses.

tunnel discard
ipv4-compatible-packet

Optional.
Disabled by default.

6to4 tunnel configuration example

NOTE:

In this configuration example, either Router A or Router B is the SecPath firewall.