This topic is to discuss the following lesson:
2 Likes
Hi Rene
Question, should the following sentence under Within Network say IPv4 rather than IPv6?
“The destination IPv6 address network bits are derived from the BR IPv6 address that the router knows.”
Also how does 100:10::1 get mapped to .1 on the IPv4 side?
And on Outside Domain, why is the IPv4 Source the IP of CE2 (192.168.1.2), when the ping is initiated from Host 1 behind CE1? Should it be 192.168.1.1?
Thanks
Hi Chris,
Thanks, that last line shouldn’t be there so I removed it.
The IPv6 prefix has this format:
Now take a look at this address:
2001:DB8 is the ISP prefix, what comes next is the IPv4 address.
192.168.1.1 in hexadecimal is C0A8:0101, but I don’t have to embed the entire IPv4 address. I can forget about 192.168.1. (those are the common bits), and only embed .1 in the IPv6 address, which is how we end up with 2001:DB8:100:
What comes after 2001:DB8:100: is the subnet, I just picked one (:10).
On the outside domain part, it should be 192.168.1.1 (copy paste error, sorry 
) It has been fixed!
Rene
Thanks Rene, any chance you could provide the configs at the end? I guess I’m wondering how the BR knows about the “General prefix” when you didn’t configure it.
BR#show tunnel 6rd
Interface Tunnel0:
Tunnel Source: 192.168.1.3
6RD: Operational, V6 Prefix: 2001:DB8::/32
V4 Prefix, Length: 24, Value: 192.168.1.0
V4 Suffix, Length: 0, Value: 0.0.0.0
General Prefix: 2001:DB8:300::/40
Hi Chris,
Just added them. The general prefix is also configured on the BR.
Rene
Any chance you could provide an example for “within domain”, but with an IPv6 internet host generating the traffic? Does the native IPv6 host route traffic to the 6RD gateway?
Hello Chris
Let’s use this same topology for our example:
This time however, we are dealing with the connection from the Internet to H1. Let’s imagine an Internet host H3 is communicating with H1.
The ISP uses the 192.168.1.0/24 subnet and each router has an IPv4 address. The hosts that are communicating have the following IP addresses:
H1: 2001:DB8:100:10::1
H3: 2001:AF98:773:14::1
H3 sends an IPv6 packet destined for H1. Here’s what the encapsulated IPv6 packet looks like:
When BR1 receives this packet, it checks the 6RD prefix of the destination address highlighted in red. It sees that it is indeed for this domain. It also looks at the third hextet to map to the correct IPv4 destination CE router so it knows where to send it. Notice also that the source IPv4 address is that of the BR1 router once the packet enters the domain.
I hope this has been helpful!
Laz
Hello Rene,
I am a little bit confused about the subnet part. If we are taking only 8 bits from the IPv4 address shouldn’t the IPv6 part identifying the CE be 2001:0DB8:01 (without the 00 ending in the 3 block?). If so what comes after 2001:0DB8:01 would be the subnet and it could span from 2001:0DB8:0100::/64 to 2001:0DB8:01FF:FFFF::/64.
Thanks
ADP
Hello ADP,
2001:DB8:100::/40 is short for 2001:0db8:0100:0000:0000:0000:0000:0000/40. For this network address, the valid ranges are:
2001:0db8:0100:0000:0000:0000:0000:0000
up to
2001:0db8:01ff:ffff:ffff:ffff:ffff:ffff
2001:0DB8:01::/40 is short for 2001:0db8:0001:0000:0000:0000:0000:0000/40. (be aware of the leading zeroes) This is an address in the following range:
2001:0db8:0000:0000:0000:0000:0000:0000
up to
2001:0db8:00ff:ffff:ffff:ffff:ffff:ffff
See how this works? By specifying 2001:0DB8:01::/40, you get 2001:0DB8:0001::/40. An address of the 2001:0DB8:00::/40 network.
Hope this helps 
If not let me know.
Rene
Hello Rene,
Thank you for the reply. Yes I’ll undestand this but I was mainly referring to your example above(the one with pictures). If we wanted to embed only 8 bits from our IPv4 Router address(192.168.1.1) the IPv6 prefix identifying the router will be 2001:0db8(32bits) :01(8bits) 00:0000(24bits) : abcd:abcd:abcd:abcd(64bits)
In your picture the purple section is referring to 100: (0100:) as 8 bits, but those are actually 16 bits.
So the possible subnets ranges for router 192.168.1.1 should stay inside the following range: from 2001:0db8:0100::/40 to 2001:0db8:01ff:ffff::/40
Let me know if I am missing something,
ADP
Hello ADP,
The IPv4 address we try to embed is .1 so in binary we have these 8 bits:
0000 0001
In IPv6 binary, it looks like this:
0000 1000 0000 0000
In IPv6 hexadecimal it looks like:
0100
The prefix becomes:
2001:0db8:0100::/40 where we claim that the first 8 bits (0000 1000) are the embedded IPv4 address.
If you write this prefix:
2001:0db8:01::/40
Then what you really write is:
2001:0db8:0001::/40
The hexadecimal 0001 in binary is:
0000 0000 0000 0001
So that doesn’t match our IPv4 binary address.
Does this help? I show 16 bits but with the /40 we define that the first 8 bits are the embedded address.
Rene
Hi Rene and Laz,
The lesson says the next phrase:
"6RD builds upon the 6to4 tunneling mechanism and gets rid of its biggest weakness, the use of the 2002::/16 prefix. Instead, each ISP will use a unique IPv6 prefix that belongs to the ISP. This has the following advantages:
All 6RD hosts are reachable from all native IPv6 hosts that can reach the ISP IPv6 network."
Could you explain what do you mean by saying 6RD hosts? and who is a native IPv6 host?
And I also can’t understand what is so stateless about it?
Thanks in advance
Hello Nitay
A 6RD host is any host that has an IPv4 address that is translated to an IPv6 address on the network/Internet using IPv6 6RD.
A native IPv6 host is a host on the network/Internet that has an IPv6 address. It is considered to be natively IPv6 because it doesn’t need any kind of translation or tunneling services to function on IPv6.
6RD is considered stateless because packets don’t have to go through the same border or relay router for the feature to function. In other words, there is no single location where the state of the translation for a particular host is saved. Translation can take place over multiple border relay routers.
I hope this diagram also clarifies the above further.
I hope this has been helpful!
Laz
1 Like
Hi Rene and staff,
my question is about IPV4 common suffix
First, i think common prefix cannot be used without common prefix: is it right or wrong ?
Second, let’s try another example (from a cisco white paper but i dont understand too much)
CE1: 10.1.1.1
CE2:10.1.2.1
BR: 10.1.3.1
For interface tunnel, the configuration should be:
CE1,CE2,BR(config-if)#tunnel 6rd ipv4 prefix-len 16
CE1,CE2,BR(config-if)#tunnel 6rd ipv4 suffix-len 8
So IPV4 embedded is only 8 bits: the third byte of the IPV4 address. So, this give the same result as in the lesson for the third part of the IPV6 address, 0100, 0200, 0300
The IPV4 subnet is 10.1.0.0/16 for the Gi interfaces: OK
With the embedded part, 6rd can deduce that IPV4 address for CE1 is 10.1.1.*
But:
- where 6rd could find the last byte of IPV4 address of CE1 ?
- why in this example common suffix would be 0.0.0.1/8 (value given in the cisco white paper). It seems this not a wilcard neither a mask ?
- in the lesson example, you say that 0.0.0.0/8 which means that the IPv4 address of a router always ends with .1. I dont understand
Regards
Hello Dominique
I’m not sure I understand your question completely, but I can say that in order for the common prefix feature to function, the IP addresses of the routers in the IPv4 address pace must have some bits of the IPv4 address in common. For example, if one router has an IP address of 10.10.10.2 and the other has 172.16.5.5, then there is no common prefix bits between the two addresses:
00001010.00001010.00001010.00000010
10101100.00010000.00000101.00000101
They start off with different bits, so there is no common prefix.
Concerning your other questions:
From the Cisco white paper that you are referencing, you can see the following:
You can see here that the whole IPv4 address can be resolved simply because the prefix and suffix are already known, and the intermediate byte is obtained from the IPv6 destination address.
The suffix simply indicates which ending bits of the IPv4 addresses of the routers are the same. Notice the IP addresses of the three routers involved:
- CE1: 10.1.1.1
- CE2:10.1.2.1
- BR: 10.1.3.1
In binary these are:
00001010.00000001.00000001.00000001
00001010.00000001.00000010.00000001
00001010.00000001.00000011.00000001
I have made all of the “common” bits bold. This means that
- the common prefix is defined as 10.1.0.0/16 or the first 16 bits of that address which are 00001010.0000000
- the common suffix is defined as 0.0.0.1/8 or the last 8 bits of that sequence which are 00000001
So the 0.0.0.1/8 that defines a suffix simply means the last eight bits of that sequence are the same. In other words, all of the IPv4 addresses of the routers must have the same last octet, specifically 1 in decimal and 00000001 in binary.
Here I believe this is a typo. Rene should have written 0.0.0.1/8. I will ask him to confirm this and if so, change it.
I hope this has been helpful!
Laz
Hi Rene,
I have an question. I created this lab, but the prefix is different from your, test ping is OK but there is something I confuse.
CE1 : prefix 2001:abcd::/32
lo1 : 2001:abcd:100:10::1/64 (subnet 10)
fa0/0 : 123.123.123.1
prefix-len 24 (just like you did, only take 8 bit)
CE2 : prefix 2001:abcd::/32
lo3 : 2001:abcd:300:30::3/64 (subnet 10)
fa0/0 : 123.123.123.3
prefix-len 24 (just like you did, only take 8 bit)
If I ping from CE1 to CE2 , there are 2 cases:
- ping 2001:abcd:300:30::3 source 2001:abcd:100:10::1
- ping 2001:abcd:300:30::3
The first case : specifying the source loopback of CE1, this one is fine
The second case : without specifying the source but wireshark capture the packet and the source is 2001:abcd:100:10::1. How can the CE1 know with source ipv6 it used to encapsulate the packet. Even though the tunnel interface only had link local address
Hello Nguyen
When we don’t specify the source address or interface when pinging, the source is always the IP or IPv6 address of the exit interface indicated by the routing table. Take a look at this NetworkLessons Note on troubleshooting using ping for more info.
The IPv6 routing table of CE1 is the following:
CE1#show ipv6 route static
S ::/0 [1/0]
via 2001:DB8:300::
S 2001:DB8::/32 [1/0]
via Tunnel0, directly connected
In your case your addresses are different, but in the lesson, such a ping would match the static route out of the tunnel, and the exit interface of that route is the tunnel itself. The tunnel may have a link local, but it also has a global unicast address created via the 6RD prefix.
I hope this has been helpful!
Laz
I am still unable to get passed your conversion as I am still grasping this. Below you say:
The IPv4 address we try to embed is .1 so in binary we have these 8 bits:
0000 0001
In IPv6 binary, it looks like this:
0000 1000 0000 0000
In IPv6 hexadecimal it looks like:
0100
I am not grasping how in ipv6 binary it is not 0000 0000 0000 0001 and in hextet 0001.
If 1.1 makes hextet :0101, I figured removing the first .1 (in the subnet portion) would then make the first 8 bits of the hextet now 00. Leaving you with a 0001?
I think I got it all put together now and see what I was missing.
.1 is binary 0000 0001. Those are the 8 host bits that get added to the /32 6rd prefix below to equal the 40 bit combined 6rd prefix and variable length IPv4 prefix combination. The remaining two zeroes after the 1 are added to finish the hextet resulting in 0100.
[2001 : 0db8 : 01] 00::/40
16 + 16 + 8 = 40
If added as 2001:db8:0001::, then it would be a /48. combination.
Hope that makes sense.
Hello Christopher
Yes, you’ve got it. Initially, the .1 Rene is referring to is the last octet of the IPv4 address, which in binary is 00000001.
And indeed, the remaining two zeros after the 1 are added to finish the hextet in hexadecimal resulting in 0x0010. It may have been clearer if we use the “0x” notation before the hex number to indicate it is hexadecimal. Hopefully this clears it up.
I hope this has been helpful!
Laz