NAT of ip proto-41 to establish IPv6 6in4 tunnel

Hi,

short intro:

------------ we have got a Cisco 836. Unfortunately, we cant use the ADSL feature, because our ISP 'only' provides ADSL2+ and the C836 is not capable of ADSL2+. Nevertheless, with IOS 12.4 there comes an Ethernet 2 interface which can be used for PPPoE with dynamic IPv4 address. This works perfectly ;-)

challenge:

---------- Our current challenge is to establish our IPv6 6in4 tunnel to SixXS.net via aiccu which should be located on an openwrt router one hop 'behind' the Cisco router.

cf.

formatting link
(6in4-heartbeat)

cf. footnote 1: "Unless the machine performing the NAT function is configured to forward protocol 41 to the actual endpoint or when the NAT supports proto-41 because it keeps state for outbound proto-41 packets and relies on that information."

The 6in4-heartbeat tunnel uses IP protocol-41 and therefore has a very short tunnel overhead. (compared to AYIYA)

question:

--------- how to direct the proto-41 traffic to my openwrt router via NAT?

I have read many docs on cisco.com but didn't find any hint for "NATing" a specific protocol only.

Any help, comments etc is highly appreciated,

Thanks in advance,

Valentin

keywords: Cisco, IOS, IPv6, OpenWRT, aiccu, sixXS.net, proto-41, AYIYA

Reply to
Valentin
Loading thread data ...

I would imagine that a static nat with route-map should work.

Something like -

ip nat inside source static 1.2.3.4 2.3.4.5 route-map RM.v6tunnel

route map RM.v6tunnel match ip address ACL.RM.v6tunnel

ip access-list extended ACL.RM.v6tunnel permit 41 host 1.2.3.4 host 2.3.4.5

I believe that this will NAT only the protocol 41 traffic.

Reply to
bod43

Thanks!!

Indeed, the three commands: ip nat inside source static 192.168.201.2 route-map RM.v6tunnel route map RM.v6tunnel match ip address ACL.RM.v6tunnel ip access-list extended ACL.RM.v6tunnel permit 41 host 192.168.201.2 host

do the job for a static PUBLIC IP. Unfortunately, we have got a dynamic PUBLIC IP by our ADSL-ISP.

Therefore, I have tried ip nat inside source static 192.168.201.2 interface Dialer1 (Dialer1 is the interface which performs PPPoE) But with this command *any* traffic is directed to our interior router. There is no possiblity to bound this rule by a route-map ;-(

Perhaps, ip nat inside source route-map does the job? I tried it, but it didn't work :-|

Any help/hints are welcome, thanks, Valentin

Reply to
Valentin

I have the idea that I have seen a fix for the fancy nat with dynamic IP problem on this group but I could be mistaken. I might have a look:)

I would think you could resolve it with the new event manager stuff but it might be a bit tough to figure out how to do it.

The idea would be that you run an event when the dialer comes up which changes the config to match the address. No idea if it is even possible.

An example:- event manager applet CLIaccounting event cli pattern ".*" sync no skip no action 1.0 syslog priority informational msg "$_cli_msg" set 2.0 _exit_status 1

This logs all commands used to the log.

Maybe you can watch the log for specific messages to detect the dialer coming up.

There was a large event manager example posted here the other day.

Random links.

formatting link

l Embedded Event Manager EEM Tool Command Language (TCL)

formatting link

6a008041231a.html Writing Embedded Event Manager Policies

formatting link
Writing EEM Policies Using TCL

formatting link

############ Another example

event manager environment mybackuploc tftp://192.168.200.11/ event manager environment myfilename cr-u1-cfgbkp event manager environment myfilenameext .txt event manager environment dash - event manager applet bkp_when_changed trap event cli pattern "wr" sync no skip no action 1.0 cli command "enable" action 2.0 cli command "config t" action 3.0 cli command "file prompt quiet" action 4.0 cli command "end" action 5.0 cli command "copy running $mybackuploc$myfilename$myfilenameext" action 6.0 cli command "config t" action 7.0 cli command "no file prompt quiet" action 8.0 cli command "end"

Reply to
bod43

formatting link

formatting link
? Writing EEM Policies Using TCL

The event manager stuff reads very interesting. I think it would be very challenging to solve that kind of question with this technique. Unfortunately, I have Cisco IOS Software, C836 Software (C836-K9O3S8Y6-M), Version 12.4(25b), RELEASE SOFTWARE (fc1). In that IOS the event manager stuff in not included ;-( I have looked with the cisco feature navigator for an IOS for my C836 with the event manager stuff included, but without success.

The second research for the "fix for the fancy nat with dynamic IP". in this group wasn't successfull, either.

I was wondering that some of the deep links to cisco.com you posted are not working?

Reply to
Valentin

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.