How to configure a manual 6rd Tunnel Interface
03/26/2020 3 People found this article helpful 487,807 Views
Description
IPv6 Rapid Deployment (6rd) enables IPv6 to be deployed across an IPv4 network quickly and easily. 6rd utilizes a Service Provider's existing IPv6 address prefixes, ensuring that the 6rd operational domain is limited to the Service Provider's network and is under the Service Provider's direct control.
The following information must be obtained from the service provider:
6rd Prefix (For example, 2603:200::)
6rd Prefix Length (32 bit or less)
6rd BR IPv4 Address (For example, 168.124.185.1)
IPv4 Mask Length
With the 6rd prefix and with the hex converted IPv4 public IP address configured on WAN (X1) we derive the IPv6 64 bit prefix. Using the example 6rd prefix above, if the X1 IPv4 address is 182.71.241.146, the 64 bit prefix would be: 2603:200:B647:F192::
Using the above values as example, there are two ways we can configure the tunnel.
1. Create a NAT policy to NAT all outbound IPv6 traffic to the 64 bit prefix assigned with a host bit (for example, 2603:200:B647:F192::1).
2. Assign the LAN or DMZ network behind the SonicWall with IPv6 addresses with the above 64 bit prefix.
This article describes how to configure a manual 6rd tunnel interface using both methods.
Resolution
Method- 1: NAT outbound IPv6 traffic to 6rd address.
In this method, no changes are made to the existing LAN or DMZ IPv6 network configuration. The existing hosts in the network must have a Unique Local IPv6 Address or Unique Global IPv6 Address. Hosts must not be configured only with link-local addresses.
A 6rd tunnel interface is configured in the same way as other IPv6 tunnel interfaces. A bound interface is required to configure a 6rd tunnel interface. To configure a 6rd tunnel interface:
1. Login to the SonicWall management GUI.
2. Navigate to the Network > Interfaces page.
3. Select the IPv6 radio-button at the top under View IP Version.
4. At the bottom of the Interface Settings panel, from the Add Interface menu, select Tunnel Interface. The Edit Interface for IPv6 dialog appears.
5. From the Zone menu, select WAN. The Interface Type menu would be disabled with Tunnel Interface selected.
6. From the Tunnel Type menu, select 6rd Tunnel Interface.
7. In the name box, enter a name for your tunnel interface. For example, 6rd Tunnel.
8. In the Tunnel Interface IPv6 Address box, enter the IPv6 address with 6rd prefix. For example, 2603:200:B647:F192::1
9. In the Prefix Length box, enter the length for the IPv6 prefix. For example, 64.
10. From the Configure Mode menu, select Manual.
11. In the 6rd Prefix box, enter the 6rd prefix, such as 2603:200::
12. In the 6rd Prefix Length box, enter the length for the 6rd prefix, such as 32
13. In the BR IPv4 Address box, enter the IPv4 address of the 6rd border relay router. For example, 168.124.185.1
14. In the IPv4 Mask Length box, enter the length of the IPv4 subnet mask
15. In the Comment box, enter a comment to describe the tunnel interface.(Optional)
16. Select the Add Default Route Automatically option.
17. Select the management options that you want, or select the User Login options that you want.
18. Click on OK to save.
19. Navigate to the Network > NAT Policies page.
20. Select radio-button IPv6 Only or IPv4 and IPv6
20. Click on Add to open the Add NAT Policy window.
21. In the Original Source, select Any
22. Set Translated Source as 6rd Tunnel IPv6 Primary Static Address. This address object would have been auto-created when the 6rd Tunnel Interface was created.
23. Set Original Destination as Any.
24. Set Translated Destination as Original.
25. Set Original Service as Any
26. Set Translated Service as Original
27. Set Inbound Interface as Any.
28. Set Outbound Interface as 6rd Tunnel.
29. Enter a comment under the Comment field (optional)
30. Click on Add.
This ends one method of configuring a 6rd tunnel. To test IPv6 connectivity, browse to, or ping, an IPv6 enabled website (example, ipv6.google.com) either by name or its IPv6 address. Before accessing by name, make sure the DNS server is capable of serving IPv6 addresses. If not, use the public 4.2.2.2 or 8.8.8.8 DNS server addresses.
Method- 2: Assign IPv6 address with 6rd prefix to internal networks
In this method, as in the first method, we create a 6rd Tunnel Interface with the same information as earlier. However, instead of assigning the Tunnel Interface with an IPv6 address with the 6rd prefix we assign it any or no IPv6 address. In the next step we configure the X0 interface with an IPv6 address with the 6rd prefix and enable advertisement of the 6rd prefix to internal hosts. Internal IPv6 hosts will automatically assign themselves with globally unique IPv6 address using the 6rd prefix. This address will be globally routable.
1. Navigate to the Network > Interfaces page.
2. Create a 6rd Tunnel Interface as under. Notice how the tunnel interface IP has changed. All other information remains the same.
3. Click on Configure on the X0 interface.
4. Set IP Assignment to Static.
5. In the IPv6 Address field, enter the IPv6 address with 6rd prefix. For example, 2603:200:B647:F192::1
6. Set Prefix Length to 64
7. Enable check box Enable Router Advertisement
8. Enable check box Advertise Subnet Prefix of IPv6 Primary Static Address. Enable this option only if no DHCPv6 is configured in the network.
9. Select the Management options that you want, or select the User Login options that you want.
10. Click on OK to save.
This concludes the second method of configuring a 6rd tunnel. To test IPv6 connectivity, browse to, or ping, an IPv6 enabled website (example, ipv6.google.com) either by name or its IPv6 address. Before accessing by name, make sure the DNS server is capable of serving IPv6 addresses. If not, use the public 4.2.2.2 or 8.8.8.8 DNS server addresses.
Related Articles
Categories