Novell Doc: NW 6.5 SP8: Novell IPv6 Administration Guide

2.2 Tunneling

Tunneling requires only edge ingress and egress router upgrades until native IPv6 networks are commercially deployed or offered end-to-end. Two tunneling mechanisms are explained here:

2.2.1 Automatic and Configured Tunneling

IPv6/IPv4 hosts and routers can tunnel IPv6 datagrams over regions of IPv4 routing topology by encapsulating them within IPv4 packets. Tunneling can be used in the following ways:

Router-to-Router: IPv6/IPv4 routers interconnected by an IPv4 infrastructure can tunnel IPv6 packets between themselves.
Host-to-Router: IPv6/IPv4 hosts can tunnel IPv6 packets to an intermediary IPv6/IPv4 router that is reachable through an IPv4 infrastructure. This type of tunnel spans the first segment of the packet’s end-to-end path.
Host-to-Host: IPv6/IPv4 hosts that are interconnected by an IPv4 infrastructure can tunnel IPv6 packets between themselves. In this case, the tunnel spans the entire end-to-end path that the packet takes.
Router-to-Host: IPv6/IPv4 routers can tunnel IPv6 packets to their final destination IPv6/IPv4 host. This tunnel spans only the last segment of the end-to-end path.

Automatic Tunneling

In the Host‑to-Host and Router‑to-Host scenarios, IPv6 packets are tunneled all the way to the destination. The tunnel end point is the node that the IPv6 packet is addressed to. Because the end point of the tunnel is the destination for the IPv6 packet, the tunnel end point can be determined from the destination IPv6 address of the packet. If the address is an IPv4‑compatible address (RFC 2373), the lower-order 32 bits hold the IPv4 address of the destination node and can be used as the tunnel end point address.

This avoids the need for explicit configuration of the tunnel end point address, which is the reason this method is known as automatic tunneling. It requires that the IPv6 address must be an IPv4‑compatible IP address.

IPv6/IPv4 nodes need to determine which IPv6 packets can be sent through automatic tunneling. One method is to use the IPv6 routing table to direct automatic tunneling. You can have a special static routing table entry for the prefix 0:0:0:0:0:0/96 (that is, a route to the all-zeros prefix with a 96-bit mask).

Packets that match this prefix are sent to a pseudo-interface driver which performs automatic tunneling. Because all IPv4‑compatible IPv6 addresses will match this prefix, all packets to those destinations can be auto-tunneled.

The following diagram shows automatic tunneling.

Figure 2-2 Automatic Tunneling

Configured Tunneling

In the Router‑to-Router and Host‑to-Router scenarios, the IPv6 packet is tunneled to a router. The tunnel end point is a router that must decapsulate the IPv6 packet and forward it to the destination. The end point of the tunnel is different from the destination, so the addresses of the IPv6 packet being tunneled do not provide the IPv4 address of the tunnel end point. The tunnel end point address must be determined from the configuration information on the node performing the tunneling, which is the reason this method is called configured tunneling.

The tunnel end point address is determined from the configuration information in the encapsulating node. For each tunnel, the encapsulating node must store the tunnel end point address. When an IPv6 packet is transmitted over a tunnel, the tunnel end point address configured for that tunnel is used as the destination address for the encapsulating IPv4 header.

The routing information on the encapsulating node determines which packets to tunnel. This is done via a routing table that directs packets based on the destination address using the prefix mask and match technique.

The following diagram shows a configured tunnel.

Figure 2-3 Configured tunneling

2.2.2 Default Configured Tunnel

Nodes that are connected to IPv4 routing infrastructures can use a configured tunnel to reach an IPv6 backbone. If the IPv4 address of the IPv6/IPv4 border router is known, a tunnel can be configured to that router.

This tunnel can be configured as the default route. All IPv6 destination addresses match the route and could potentially traverse the tunnel. The tunnel end point address of such a default tunnel could be the IPv4 address of the IPv6/IPv4 border router. Novell uses a default configured tunnel to reach the IPv6/IPv4 border router.