IPv6 over a IPv4-VPN-connection
Shadow Hawkins on Thursday, 10 June 2010 14:01:38
I have two networks: "HQ" and "SOHO".
HQ with several clients. All have IPv4-addresses in a private 192.168.10.0/24-range, and a /64-net of IPv6-addresses from my subnet from SixXS. The router/firewall in this HQ-net is a Mikrotik, with a tunnel from SixXS and a public static IPv4 address from my ISP.
The other network, SOHO, have some IPv4 clients in a 192.168.20.0/24-range. This network also has a Mikrotik as a firewall/router, but does have a dynamic public IPv4 adress from the ISP. Hence, I can not (and do not want) this Mikrotik to have it's own SixXS-tunnel.
The SOHO-Mikrotik connects to my HQ-Mikrotik and establish a VPN, so clients in HQ can communicate to SOHO and vice versa. This VPN transit-net uses addresses in the 192.168.11.0/24-range. So far, so good!
But I want the clients and Mikrotik in the SOHO-net to get IPv6 addresses from my existing subnet-range and make that /64-net communicate with the HQ-/64-net. How can I do this? What is the best solution?
The Mikrotiks supports IPv6, L2TP, PPTP, IPIP, IPSec and 6to4.
Best regards,
Vidar Hoel
IPv6 over a IPv4-VPN-connection
Shadow Hawkins on Sunday, 13 June 2010 01:06:07
Hah! I got it working :-)
The problem was that I overcomplicated this. But, it was really easy:
- On the SOHO router I justed created a 6to4 interface with 192.168.20.1 as local address and 192.168.10.1 as the remote address.
- I picked a new /64 subnet (from my /48 subnet from SixXS) as a transit-net and assigned a IPv6 address from that subnet to the new 6to4 interface.
- Did exactly the same on the HQ router, but used another IPv6 from the transit-net range (naturally).
- They could communicate over IPv6, and the SOHO router reached SixXS (and the rest of the Internet) via the HQ router.
- Finally, I just set up the routing tables.
Regards,
Vidar Hoel
Posting is only allowed when you are logged in. |