6to4
|
6to4 (sometimes written 6 to 4) is a system that allows IPv6 packets to be transmitted over an IPv4 network. 6to4 is useful when two hosts wish to exchange IPv6 traffic but some portion of the network between those hosts only supports IPv4.
6to4 may be used by an individual host, or by a local IPv6 network. When used by an individual host, that host must have IPv4 connectivity and a global IPv4 address, and the host is responsible for encapsulation of outgoing IPv6 packets and decapsulation of incoming 6to4 packets. When 6to4 is used by a local network, the entire local network needs only a single IPv4 address. Within that network, hosts learn their IPv6 addresses and routing using ordinary router discovery protocols, just as on a native IPv6 network.
6to4 does not facilitate interoperation between IPv4-only hosts and IPv6-only hosts.
Contents |
How 6to4 works
6to4 performs three functions:
- Assigns a block of IPv6 address space to any host or network that has a global IPv4 address.
- Encapsulates IPv6 packets inside IPv4 packets for transmission over an IPv4 network.
- Routes traffic between 6to4 and "native" IPv6 networks.
Address Block Allocation
For any 32-bit global IPv4 address that is assigned to a host or network, a 48-bit 6to4 IPv6 prefix can be constructed for use by that host or network by prepending 2002 (hex) to the IPv4 address. Thus for the global IPv4 address 207.142.131.202, the corresponding 6to4 prefix would be 2002:CF8E:83CA::/48. (IPv4 addresses use decimal notation while IPv6 addresses use hexadecimal notation). Since the IPv6 address is 128 bits long and 6to4 provides a 48-bit prefix, 6to4 allows up to 280 IPv6 hosts on a network to communicate with other IPv6 hosts, even if the only external connectivity is using IPv4 and there is only a single IPv4 address.
Any IPv6 address that begins with the 2002::/16 prefix is known of as a 6to4 address, as opposed to a native IPv6 address which do not use that prefix.
Encapsulation and Transmission
6to4 embeds an IPv6 packet in the payload portion of an IPv4 packet with protocol type 41. To send an IPv6 packet over an IPv4 network to a 6to4 destination address, an IPv4 header with protocol type 41 is prepended to the IPv6 packet. The IPv4 destination address for the prepended packet header is derived from the IPv6 destination address of the inner packet, by extracting the 32 bits immediately following the IPv6 destination address's 2002:: prefix. The IPv4 source address in the prepended packet header is the IPv4 address of the host or router which is sending the packet over IPv4. The resulting IPv4 packet is then routed to its IPv4 destination address just like any other IPv4 packet.
Routing Between 6to4 and Native IPv6
To allow hosts and networks using 6to4 addresses to exchange traffic with hosts using "native" IPv6 addresses, "relay routers" have been established. A relay router connects to an IPv4 network and an IPv6 network. 6to4 packets arriving on an IPv4 interface will have their IPv6 payloads routed to the IPv6 network, while packets arriving on the IPv6 interface with a destination address prefix of 2002::/16 will be encapsulated and forwarded over the IPv4 network.
To allow a 6to4 router to communicate with the native ipv6 internet it must have its default gateway set to a 6to4 address which contains the ipv4 address of a 6to4 relay router. To avoid the need for users to set this up manually the anycast address of 192.88.99.1 (which when wrapped in 6to4 with the subnet and hosts fields zero becomes 2002:c058:6301::) has been allocated for the perpose of sending packets to a relay router. For routing reasons the whole of 192.88.99.0/24 has been allocated for routes pointed at 6to4 relay routers that use the anycast ip. Providers willing to provide service to thier clients or peers on the 6to4 anycast ip can advertise the anycast prefix like any other ip prefix.
Packets from the ipv6 internet to 6to4 systems must be sent to a 6to4 relay router by normal ipv6 routing methods. The specification states that such relay routers must only advertise 2002::/16 and not subdivisions of it to prevent ipv4 routes polluting the routing tables of ipv6 routers. From here they can then be sent off the IPv4 Internet to the destination.
References
- B. Carpenter & K. Moore. Connection of IPv6 Domains via IPv4 Clouds. RFC 3056 (http://www.rfc-editor.org/in-notes/rfc3065.txt), February 2001.
- R. Gilligan & E. Nordmark. Transition Mechanisms for IPv6 Hosts and Routers. RFC 2893 (http://www.rfc-editor.org/in-notes/rfc2893.txt), August 2000.
- C. Huitema. An Anycast Prefix for 6to4 Relay Routers. RFC 3068 (http://www.rfc-editor.org/in-notes/rfc3068.txt), June 2001.
- P. Savola & C. Patel. Security Considerations for 6to4. RFC 3964 (http://www.ietf.org/rfc/rfc3964.txt), December 2004.