F5 Logo MyF5
Search
  1. MyF5 Home
  2. Knowledge Centers
  3. BIG-IP LTM
  4. BIG-IP CGNAT: Implementations
  5. Deploying an IPv6 Network using 6rd
Manual Chapter : Deploying an IPv6 Network using 6rd

Applies To:

Show Versions Show Versions

BIG-IP LTM

  • 11.5.10, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1
Manual Chapter
Table of Contents | << Previous Chapter | Next Chapter >>

Deploying an IPv6 Network using 6rd

Overview: 6rd configuration on BIG-IP systems

The 6rd (rapid deployment) feature is a solution to the IPv6 address transition. It provides a stateless protocol mechanism for tunneling IPv6 traffic from the IPv6 Internet over a service provider's (SP's) IPv4 network to the customer's IPv6 networks. As specified in RFC5969, 6rd uses an SP's own IPv6 address prefix rather than the well-known IPV6 in IPv4 prefix (2002::/16), which means that the operational domain of 6rd is limited to the SP network, and is under the SP's control.

Fully compliant with RFC5969, the BIG-IP® system supports the border relay (BR) functionality by automatically mapping the tunnel's IPv4 address at the customer premises to IPv6 address spaces using the 6rd domain configuration information. Using a BIG-IP system, an SP can deploy a single 6rd domain or multiple 6rd domains. When supporting multiple 6rd domains, a separate tunnel is required to accommodate each 6rd domain, which is specified in the associated 6rd tunnel profile.

When you deploy 6rd using a BIG-IP system as the BR device, you need to create 6rd tunnels using wildcard remote addresses. This implementation documents the configuration of a BIG-IP device as a BR device.

Example of a 6rd configuration

Example of a 6rd configuration

This table shows examples of 6rd parameter values, based on the illustration. You set these values in the v6rd profile you create.

Setting Value
IPv4 Prefix 10
IPv4 Prefix Length 8
IPv6 Prefix 2001:8:4:1
IPv6 Prefix Length 64

Task summary

Before you configure a 6rd network, ensure that you have licensed and provisioned CGNAT on the BIG-IP® system. Also, the BIG-IP system must have an IPv6 address and an IPv6 default gateway.

Using a profile to define a 6rd domain

You must create a new v6rd profile to specify the parameters for a 6rd tunnel. The system-supplied v6rd profile, v6rd provides the defaults, but does not suffice as a 6rd profile, as configured. For example, the required 6rd prefix is not specified.
  1. On the Main tab, click Network > Tunnels > Profiles > v6rd > Create .
    The New 6RD Profile screen opens.
  2. In the Name field, type a unique name for the profile.
  3. Select the Custom check box.
  4. For the IPv4 Prefix setting, type the IPv4 prefix that is assumed to be the customer edge (CE) device's IPv4 address, which is not included in the customer's IPv6 6rd prefix. A value of 0.0.0.0 indicates that all 32 bits of the CE's IPv4 address are to be extracted from its 6rd IPv6 prefix.
    Note: If you do not provide an IPv4 prefix, the system derives it from the tunnel local address you specify when creating the tunnel.
  5. For the IPv4 Prefix Length setting, type the number of identical high-order bits shared by all CE and BR IPv4 addresses in the 6rd domain you are configuring.
  6. For the 6rd Prefix setting, type the IPv6 prefix for the 6rd domain you are configuring.
  7. For the 6rd Prefix Length setting, type the length of the IPv6 prefix for the 6rd domain you are configuring.
  8. Click Finished.
To apply this profile to traffic, you must associate it with a tunnel.

Configuring a BIG-IP system as a border relay (BR) device

Before creating a 6rd tunnel on a BIG-IP® system, you must have configured a v6rd tunnel profile.
You can create a 6rd tunnel on a BIG-IP® system to carry IPv6 traffic over an IPv4 network, allowing your users to seamlessly access the IPv6 Internet.
  1. On the Main tab, click Network > Tunnels > Tunnel List > Create .
    The New Tunnel screen opens.
  2. In the Name field, type a unique name for the tunnel.
  3. From the Encapsulation Type list, select v6rd.
  4. In the Local Address field, type the IPv4 address of the BIG-IP device you are configuring.
  5. For the Remote Address list, retain the default selection, Any.
  6. Click Finished.
After you create the 6rd tunnel at the BR, you must configure your network routing to send remote traffic through the tunnel.

Creating a forwarding virtual server for a tunnel

You can create a forwarding virtual server to intercept IP traffic and direct it to a tunnel.
  1. On the Main tab, click Local Traffic > Virtual Servers .
    The Virtual Server List screen opens.
  2. Click the Create button.
    The New Virtual Server screen opens.
  3. In the Name field, type a unique name for the virtual server.
  4. From the Type list, select Forwarding (IP).
  5. For the Destination setting, select Network, and type :: in the Address field, and :: in the Mask field.
  6. In the Service Port field, type * or select * All Ports from the list.
  7. From the Protocol list, select * All Protocols.
  8. Click Finished.
Now that you have created a virtual server to intercept the IP traffic, you need to create a route to direct this traffic to the tunnel interface.

Assigning a self IP address to an IP tunnel endpoint

Ensure that you have created an IP tunnel before starting this task.
Self IP addresses can enable the BIG-IP® system, and other devices on the network, to route application traffic through the associated tunnel, similar to routing through VLANs and VLAN groups.
Note: If the other side of the tunnel needs to be reachable, make sure the self IP addresses that you assign to both sides of the tunnel are in the same subnet.
  1. On the Main tab, click Network > Self IPs .
    The Self IPs screen opens.
  2. Click Create.
    The New Self IP screen opens.
  3. In the Name field, type a unique name for the self IP.
  4. In the IP Address field, type the IP address of the tunnel.
    The system accepts IPv4 and IPv6 addresses.
    Note: This is not the same as the IP address of the tunnel local endpoint.
  5. In the Netmask field, type the network mask for the specified IP address.
  6. From the VLAN/Tunnel list, select the tunnel with which to associate this self IP address.
  7. Click Finished.
    The screen refreshes, and displays the new self IP address.
Assigning a self IP to a tunnel ensures that the tunnel appears as a resource for routing traffic.
To direct traffic through the tunnel, add a route for which you specify the tunnel as the resource.

Routing traffic through a 6rd tunnel interface

Before starting this task, ensure that you have created a 6rd tunnel, and have assigned a self IP address to the tunnel.
You can route traffic through a tunnel interface, much like you use a VLAN or VLAN group.
  1. On the Main tab, click Network > Routes .
  2. Click Add.
    The New Route screen opens.
  3. In the Name field, type a unique user name.
    This name can be any combination of alphanumeric characters, including an IP address.
  4. In the Destination field, type the 6rd IPv6 network address.
  5. In the Netmask field, type the network mask for the destination IP address.
  6. From the Resource list, select Use VLAN/Tunnel.
  7. From the VLAN/Tunnel list, select the name of the v6rd tunnel you created.
  8. At the bottom of the screen, click Finished.
The system now routes traffic destined for the IP address you specified through the tunnel you selected.
Table of Contents | << Previous Chapter | Next Chapter >>
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5 Networks, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information