Sep 25, 2011 5:15 AM
So I'm updating my notes for automatic 6to4 tunnels. I understand everything bar 1 thing which is highlighted in red below. I don't understand the point/purose of ever creating a subnet on a tunnel interface.
ip address 192.168.1.1 255.255.255.0
!so this is the ipv4 ip i am using to send info between networks for my tunnel.
!when the tunnel is created it embeds this ip in the 2nd and 3rd quartet (ipv6).
!When the tunnel sends the message, it uses IPV4 to reach destinations. so here
!to reach R11 it will use 192.168.2.1. Which when embeded in IPV6 looks like:
!remember that this ipv4 network needs to be advertised through the internet
!as this is the public ipv4 we will be using for our tunnel. For the purpose
!of our network, we just need to route this network as well as the one on the
!physical interface. The physical interface IP would be equivalent to our frame IP.
!the one on this loopback would be equivalent to a public subnet that our ISP can
no ip address
ipv6 address 2002:C0A8:101:5::1/64
!this is a network on the router (i.e. another network a group of users are on)
!this must match the first 2002:ip-v4:address::/48 of the lo0 ip that were using
!for talking between tunnels. i.e.:2002:C0A8:101::/48 (this is the ipv4 address
!embeded into ipv6). The last 16 bits can be used for the subnets were making
!on the router. Here we are using 5.
no ip address
no ip redirects
ipv6 address 2002:C0A8:101:20::1/64
!so here we have made a subnet of 20 for this particular router. Just random,
!and i can't even see a reason for doing this, but thats what you gotta do
tunnel source Loopback0
tunnel mode ipv6ip 6to4
ip address 10.10.10.1 255.255.255.0
ip address 10.10.20.1 255.255.255.0
no ip http server
no ip http secure-server
ip forward-protocol nd
ip route 192.168.2.0 255.255.255.0 FastEthernet0/0
ip route 192.168.3.0 255.255.255.0 FastEthernet0/1
!paramount that we route this, as we are routing our tunnels via this ipv4
!address and need to access other routers on ipv4.
ipv6 route 2002::/16 Tunnel0
I can't possibly see any benefits that are derived from using subnet(s) on a tunnel interface. It's simply just 1 unique IP that remote devices will use to connect to when they need to use the tunnel. Any elaboration on this is greatly appreciated.