Scenario:
You are working as the network engineer for an Asian based company and responsible for the deployment of IPv6. You heard some good things about this new protocol and are interested in the new autoconfiguration feature, let’s see if you can configure this.
Goal:
- All IPv4 addresses have been preconfigured for you.
- OSPFv2 has been configured to ensure full connectivity for IPv4.
- Configure a tunnel0 interface on router ISATAPRouter and set mode to ISATAP.
- Configure IPv6 address 2001::1/64 on the tunnel0 interface and use EUI-64 for the last 64 bits.
- Make sure router advertisements are sent through the tunnel0 interface.
- Make sure source updates are sent from the Loopback0 interface on router ISATAPRouter.
- Configure a tunnel0 interface on router ISATAPClient and set the correct tunnel mode.
- Source updates should be sent from the Fastethernet0/0 interface, Destination should be Loopback0 of router ISATAPRouter.
- Ensure the IPv6 address on router ISATAPClient will be automatically configured.
It took me 1000s of hours reading books and doing labs, making mistakes over and over again until I mastered all the routing protocols for CCNP.
Would you like to be a master of routing too? In a short time without having to read 900 page books or google the answers to your questions and browsing through forums?
I collected all my knowledge and created a single ebook for you that has everything you need to know to become a master of routing.
You will learn all the secrets about IPv6, ISATAP, tunneling and more.
Does this sound interesting to you? Take a look here and let me show you how to Master CCNP ROUTE
IOS:
c3640-jk9s-mz.124-16.bin
Topology:
Video Solution:
Configuration Files
You need to register to download the GNS3 topology file. (Registration is free!)Once you are logged in you will find the configuration files right here.
The How to Master series helps you to understand complex topics like spanning-tree, VLANs, trunks, OSPF, EIGRP, BGP and more.
Written by René Molenaar - CCIE #41726
Hi, please help, i’m unable to solve this lab, because as my knowledge let’s me to know, the isatap tunnel doesn’t have a destination, and lab says ” Destination should be Loopback0 of router ISATAPRouter.”
How do I achieve this ? 🙂
Thanks.
I had issues with RS/RA getting to Router, had to turn on unicast routing, and all was good.
Sometimes this is done with a DNS server as well do anyone know much about that ?
I have read about it but never tried to implement it. If you feel lucky you could try to implement it with a Cisco router running DNS server. Not sure if its possible…
In my lab you are just specifying the address of the ISATAP router. In real life it might be easier to have a hostname for the ISATAP router. That’s how you can use DNS. Your DNS needs a record for [b]ISATAP[/b] which is what the hosts will look for. They will get the IP address in return and try to setup the connection.
I believe that’s all there is to it, if anyone else knows more please let me know
Here is how ISATAP actually works. The networks DNS server is updated with a well-known name entry of “ISATAP” that resolves to the IPv4 address used in the tunnel on the ISATAP router (RouterA). HostA initializes and notes that it has been configured with ISATAP capabilities for IPv6. HostA then sends a request to the DNS server for the address associated with “ISATAP”. DNS responds with the IPv4 address of the ISATAP router. HostA tunnels a router discovery packet (using an IPv6-in-IPv4 encapsulation approach) and sends this packet to the ISATAP router. RouterA responds with a router advertisement that includes the IPv6 prefix the host (HostA) should use. HostA takes this prefix and automatically constructs its own unique IPv6 address. It uses a reserved identifier for ISATAP (0:5efe) and its own IPv4 address to do this. Now the host is fully able to communicate beyond its local network using IPv6 and ISATAP.;D
where is the config?
If you login you can find the attachments at the bottom of the article.
Rene,
I first worked through this lab on my own and was able to get connectivity. My configs on ISATAPRouter were basically the same as yours–except for the no ipv6 nd supress-ra (which I’m not sure the function of yet). However, on the ISATAPClient I chose to basically mirror the configs of ISATAPRouter, using tunnel mode ipv6ip isatap, and ipv6 address 20001::1/64 eui-64. I was able to get all the pings going, etc.
However, when I watched your video, you chose to use ipv6 address autoconfig, tunnel mode ipv6ip, and source address f0/0. In my studies this type of configuration was not mentioned. I find it interesting, and I am wondering if you could explain the purpose of this type of configuration as far as real-world use as compared to the method that I used (which came from my readings).
Great Lab!!! Thanks!
Matt
Hello Matt,
I built this lab after reading this article:
http://docwiki.cisco.com/wiki/IPv6_ISATAP_configuration_example_with_a_Cisco_router_as_a_client
Routers running IPv6 can advertise their prefix and some other things by using [b]router advertisements[/b]. By using the [b]no ipv6 nd supress-ra[/b] command the ISATAP router will advertise these on the tunnel interface.
The idea behind ISATAP is that a client can do a DNS lookup for the address of the ISATAP router and then our client can use the [b]router advertisement[/b] and the [b]autoconfig[/b] to configure itself automatically. This way you don’t have to configure anything on the client side.
I cannot open the console on Middle Man. The other two routers work perfectly, however the Middle Man does not show the prompt. Any idea why that might happen? Thank you.
Probably because you have something else running on that port. Check which port router 2 is using and see if you can find out what application is using it. On a windows machine you can use "netstat" for this. You can also use "nmap" (port scanner) to see what is using your port.
I solved it with a system restart so probably you are right – it was a blocked port. Thank you!
Excellent! If you want you can change the ports that GNS3 uses for the consoles to other numbers. This might prevent the issue in the future.
Rene, any ideas why I receive this?
ISATAPClient(config-if)#tunnel destination 1.1.1.1
The tunnel destination can not be configured under the existing mode
Thanks!
[b]ISATAP ROUTER[/b]
interface Tunnel0
no ip address
no ip redirects
ipv6 address 2001::/64 eui-64
no ipv6 nd ra suppress
tunnel source Loopback0
tunnel mode ipv6ip isatap
[b]ISATAP client[/b]
interface Tunnel0
no ip address
ipv6 address autoconfig
ipv6 enable
tunnel source FastEthernet1/1
tunnel mode ipv6ip
tunnel destination 1.1.1.1
Because you cannot specify the destination while using[b] tunnel mode ipv6ip isatap[/b].
Above you have example of configuration.
I had the same situation, but after I’ve gained some more knowledge and there is no mystery behind that.
BTW. I am using IOS Version 15.0(1)M.
Using other version, such us 12.4T etc. is different in case of suppresing router advertisements.
-if)#no ipv6 nd suppres-ra -[b]12.X[/b]
-if)#no ipv6 nd ra suppress -[b]15.X[/b]