Login
- Table of Contents
-
- 05-Network Connectivity Configuration Guide
- 00-Preface
- 01-About the network connectivity configuration guide
- 02-MAC address table configuration
- 03-Ethernet link aggregation configuration
- 04-VLAN configuration
- 05-Loop detection configuration
- 06-Spanning tree configuration
- 07-LLDP configuration
- 08-Layer 2 forwarding configuration
- 09-VLAN termination configuration
- 10-PPP configuration
- 11-L2TP configuration
- 12-ARP configuration
- 13-IP addressing configuration
- 14-DHCP configuration
- 15-DHCPv6 configuration
- 16-DNS configuration
- 17-NAT configuration
- 18-IP performance optimization configuration
- 19-IPv6 basics configuration
- 20-Policy-based routing configuration
- 21-IPv6 policy-based routing configuration
- 22-GRE configuration
- 23-Tunneling configuration
- 24-Basic IP routing configuration
- 25-IP forwarding basics configuration
- 26-Static routing configuration
- 27-IPv6 static routing configuration
- 28-Multicast overview
- 29-IGMP snooping configuration
- 30-MLD snooping configuration
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 23-Tunneling configuration | 135.63 KB |
Contents
Supported tunneling technologies
Restrictions and guidelines: Tunnel interface configuration
Configuring a tunnel interface
About tunnel interface configuration
Tunnel interface configuration tasks at a glance
Specifying traffic processing slots for a tunnel interface
Configuring parameters for tunneled packets
Restoring the default settings of the tunnel interface
Display and maintenance commands for tunnel interface configuration
Troubleshooting tunnel interface configuration
About IPv6 over IPv4 tunneling
IPv6 over IPv4 tunneling tasks at a glance
Configuring an IPv6 over IPv4 manual tunnel
Example: Configuring an IPv6 over IPv4 manual tunnel
Configuring tunneling
This chapter describes tunnel interface configuration. For information about tunnel modes, see the subsequent chapters.
About tunneling
Tunneling encapsulates the packets of a network protocol within the packets of a second network protocol and transfers them over a virtual point-to-point connection. The virtual connection is called a tunnel. Packets are encapsulated at the tunnel source and de-encapsulated at the tunnel destination.
Supported tunneling technologies
Tunneling supports the following technologies:
· GRE tunneling. For more information, see "Configuring GRE."
· IPv6 over IPv4 tunneling.
Restrictions and guidelines: Tunnel interface configuration
Configuring a tunnel interface
About tunnel interface configuration
Configure a tunnel interface (Layer 3 virtual interface) at both ends of a tunnel. The devices use the tunnel interface to identify, process, and send packets for the tunnel.
Tunnel interface configuration tasks at a glance
To configure a tunnel interface, perform the following tasks:
1. Creating a tunnel interface
2. (Optional.) Specifying traffic processing slots for a tunnel interface
3. (Optional.) Configuring parameters for tunneled packets
4. (Optional.) Restoring the default settings of the tunnel interface
Creating a tunnel interface
1. Enter system view.
system-view
2. Create a tunnel interface, specify the tunnel mode, and enter tunnel interface view.
interface tunnel number mode { gre [ ipv6 ] | ipv6-ipv4 [ isatap ] }
For packet tunneling to succeed, the two ends of a tunnel must use the same tunnel mode.
3. Configure a source address or source interface for the tunnel interface.
source { ipv4-address | ipv6-address | interface-type interface-number }
By default, no source address or source interface is configured for the tunnel interface.
If you specify a source address, it is used as the source address of tunneled packets.
If you specify a source interface, the primary IP address of this interface is used as the source IP address of tunneled packets.
4. Configure a destination address for the tunnel interface.
destination { ipv4-address | ipv6-address }
By default, no destination address is configured for the tunnel interface.
The tunnel destination address must be the IP address of the receiving interface on the tunnel peer. It is used as the destination IP address of tunneled packets.
5. (Optional.) Configure a description for the interface.
description text
By default, the description for a tunnel interface is Tunnel number Interface.
6. (Optional.) Set the MTU of the tunnel interface.
mtu size
The default settings are as follows:
¡ If the tunnel interface has never been up, the MTU is 64000 bytes.
¡ If the tunnel interface is up, its MTU is identical to the outgoing interface's MTU minus the length of the tunnel headers. The outgoing interface is automatically obtained through routing table lookup based on the tunnel destination address.
7. (Optional.) Set the expected bandwidth for the tunnel interface.
bandwidth bandwidth-value
The default expected bandwidth (in kbps) is the interface maximum rate divided by 1000.
The expected bandwidth is an informational parameter used only by higher-layer protocols for calculation. You cannot adjust the actual bandwidth of an interface by using this command.
8. Bring up the tunnel interface.
undo shutdown
By default, a tunnel interface is not administratively down.
Specifying traffic processing slots for a tunnel interface
About this task
Specify a traffic processing slot if a feature requires that all traffic on a tunnel interface be processed on the same slot.
For high availability, you can specify one primary and one backup traffic processing slot by using the service command and the service standby command, respectively.
If you specify both primary and backup slots for an interface, traffic on that interface is processed as follows:
· The backup slot takes over when the primary slot becomes unavailable. The backup slot continues to process traffic for the interface after the primary slot becomes available again. Switchover to the primary slot will not occur until the backup slot becomes unavailable.
· When no specified traffic processing slots are available, the traffic is processed on the slot at which it arrives. Then, the processing slot that first becomes available again takes over.
If you do not specify a primary or a backup traffic processing slot for an interface, traffic on that interface is processed on the slot at which the traffic arrives.
Restrictions and guidelines
To avoid unnecessary slot switchover, specify the primary slot before specifying the backup slot. If you specify the backup slot before specifying the primary slot, traffic is switched over to the primary slot immediately after you specify the primary slot.
Procedure
1. Enter system view.
system-view
2. Enter tunnel interface view.
interface tunnel number
3. Specify a primary traffic processing slot for the tunnel interface.
service slot slot-number
By default, no primary traffic processing slot is specified for a tunnel interface.
4. Specify a primary traffic processing slot for the tunnel interface.
service standby slot slot-number
By default, no backup traffic processing slot is specified for a tunnel interface.
Configuring parameters for tunneled packets
1. Enter system view.
system-view
2. Enter tunnel interface view.
interface tunnel number
3. Set the ToS for tunneled packets.
tunnel tos { copy-inner-tos | tos-value }
By default, the ToS of tunneled packets is the same as that of the original packets.
4. Set the TTL for tunneled packets.
tunnel ttl ttl-value
The default TTL for tunneled packets is 255.
Restoring the default settings of the tunnel interface
Restrictions and guidelines
|
|
CAUTION: This operation might interrupt ongoing network services. Make sure you are fully aware of the impact of this operation when you perform it on a live network. |
This operation might fail to restore the default settings for some commands for reasons such as command dependencies or system restrictions. Use the display this command in interface view to identify these commands. Use their undo forms or follow the command reference to restore their default settings. If your restoration attempt still fails, follow the error message instructions to resolve the problem.
Procedure
1. Enter system view.
system-view
2. Enter tunnel interface view.
interface tunnel number
3. Restore the default settings of the tunnel interface.
default
Display and maintenance commands for tunnel interface configuration
Execute display commands in any view and reset commands in user view.
|
Task |
Command |
Remarks |
|
Display information about tunnel interfaces. |
display interface [ tunnel [ number ] ] [ brief [ description | down ] ] |
N/A |
|
Display IPv6 information on tunnel interfaces. |
display ipv6 interface [ tunnel [ number ] ] [ brief ] |
For more information about this command, see IPv6 basics in Network Connectivity Command Reference. |
|
Clear statistics on tunnel interfaces. |
reset counters interface [ tunnel [ number ] ] |
N/A |
|
Clear IPv6 statistics on tunnel interfaces. |
reset ipv6 statistics [ slot slot-number ] |
For more information about this command, see IPv6 basics in Network Connectivity Command Reference. |
Troubleshooting tunnel interface configuration
Tunnel interface not up
Symptom
A tunnel interface configured with related parameters such as tunnel source address, tunnel destination address, and tunnel mode cannot come up.
Analysis
The physical interface of the tunnel does not come up, or the tunnel destination is unreachable.
Solution
1. To resolve the problem:
¡ Use the display interface or display ipv6 interface command to verify that the physical interface of the tunnel is up. If the physical interface is down, check the network connection.
¡ Use the display ipv6 routing-table or display ip routing-table command to verify that the tunnel destination is reachable. If the route is not available, configure a route to reach the tunnel destination.
2. If the problem persists, contact H3C Support.
IPv6 over IPv4 tunneling
About IPv6 over IPv4 tunneling
Implementation
IPv6 over IPv4 tunneling enables isolated IPv6 networks to communicate, as shown in Figure 1.
|
|
NOTE: The devices at both ends of an IPv6 over IPv4 tunnel must support the IPv4/IPv6 dual stack. |
Figure 1 IPv6 over IPv4 tunnel
The IPv6 over IPv4 tunnel processes packets by using the following steps:
1. A host in the IPv6 network sends an IPv6 packet to Device A at the tunnel source.
2. After Device A receives the IPv6 packet, it processes the packet as follows:
a. Searches the routing table to identify the outgoing interface for the IPv6 packet.
The outgoing interface is the tunnel interface, so Device A knows that the packet needs to be forwarded through the tunnel.
b. Adds an IPv4 header to the IPv6 packet and forwards the packet through the physical interface of the tunnel.
In the IPv4 header, the source IPv4 address is the IPv4 address of the tunnel source, and the destination IPv4 address is the IPv4 address of the tunnel destination.
3. Upon receiving the packet, Device B de-encapsulates the packet.
4. If the destination address of the IPv6 packet is itself, Device B forwards it to the upper-layer protocol. If it is not, Device B forwards it according to the routing table.
Tunnel modes
IPv6 over IPv4 tunnels include manually configured tunnels and automatic tunnels, depending on how the IPv4 address of the tunnel destination is obtained.
· Manually configured tunnel—The destination IPv4 address of the tunnel cannot be automatically obtained from the destination IPv6 address of an IPv6 packet at the tunnel source. It must be manually configured.
· Automatic tunnel—The destination IPv4 address of the tunnel can be automatically obtained from the destination IPv6 address (with an IPv4 address embedded) of an IPv6 packet at the tunnel source.
The source IPv4 addresses for all IPv6 over IPv4 tunnels are manually configured.
According to the way an IPv6 packet is encapsulated, IPv6 over IPv4 tunnels are divided into the modes shown in the following sections.
IPv6 over IPv4 manual tunneling
An IPv6 over IPv4 manual tunnel is a point-to-point link. To establish a manual tunnel, you must manually configure the source and destination addresses of the tunnel at both ends of the tunnel.
Manual tunneling provides the following solutions:
· Connects isolated IPv6 networks over an IPv4 network.
· Connects an IPv6 network and an IPv4/IPv6 dual-stack host over an IPv4 network.
ISATAP tunneling
An ISATAP tunnel is a point-to-multipoint automatic tunnel. It provides a solution to connect an IPv6 host and an IPv6 network over an IPv4 network.
The destination address of an ISATAP tunnel is an ISATAP address. The address format is prefix:0:5EFE:abcd:efgh/64.
· The 64-bit prefix is a valid IPv6 unicast address prefix.
· The abcd:efgh/64 segments represent a 32-bit IPv4 address in hexadecimal notation, which identifies the tunnel destination but does not require global uniqueness.
ISATAP tunnels are mainly used for communication between IPv6 routers or between an IPv6 host and an IPv6 router over an IPv4 network.
Figure 2 Principle of ISATAP tunneling
IPv6 over IPv4 tunneling tasks at a glance
To configure IPv6 over IPv4 tunneling, perform the following tasks:
1. Configuring an IPv6 over IPv4 tunnel
Choose one of the following tasks:
¡ Configuring an IPv6 over IPv4
¡ Configuring an ISATAP tunnel
Configuring an IPv6 over IPv4 manual tunnel
Restrictions and guidelines
When you perform tasks in this section, follow these restrictions and guidelines:
· The tunnel destination address specified on the local device must be identical with the tunnel source address specified on the tunnel peer device.
· Do not specify the same tunnel source and destination addresses for the tunnel interfaces in the same mode on a device.
· To ensure correct packet forwarding, identify whether the destination IPv6 network and the IPv6 address of the local tunnel interface are on the same subnet. If they are not, configure a route reaching the destination IPv6 network through the tunnel interface. You can configure the route by using one of the following methods:
¡ Configure a static route, and specify the local tunnel interface as the egress interface or specify the IPv6 address of the peer tunnel interface as the next hop.
¡ Enable a dynamic routing protocol on both the local and remote tunnel interfaces.
For more information about route configuration, see Network Connectivity Configuration Guide.
Procedure
1. Enter system view.
system-view
2. Enter IPv6 over IPv4 manual tunnel interface view.
interface tunnel number [ mode ipv6-ipv4 ]
3. Specify an IPv6 address for the tunnel interface.
See "Configuring basic IPv6 settings."
4. Configure a source address or source interface for the tunnel interface.
source { ipv4-address | interface-type interface-number }
By default, no source address or source interface is configured for the tunnel interface.
If you specify a source address, it is used as the source IP address of tunneled packets.
If you specify a source interface, the primary IP address of this interface is used as the source IP address of tunneled packets.
5. Configure a destination address for the tunnel interface.
destination ipv4-address
By default, no destination address is configured for the tunnel interface.
The tunnel destination address must be the IP address of the receiving interface on the tunnel peer. It is used as the destination IP address of tunneled packets.
6. (Optional.) Set the DF bit for tunneled packets.
tunnel dfbit enable
By default, the DF bit is not set for tunneled packets.
Example: Configuring an IPv6 over IPv4 manual tunnel
Network configuration
As shown in Figure 3, configure an IPv6 over IPv4 tunnel between Device A and Device B so the two IPv6 networks can reach each other over the IPv4 network. Because the tunnel destination IPv4 address cannot be automatically obtained from the destination IPv6 addresses, configure an IPv6 over IPv4 manual tunnel.
Prerequisites
Make sure Device A and Device B can reach each other through IPv4.
Procedure
1. Configure Device A:
# Assign an IPv4 address to interface GigabitEthernet 1/1/2.
<DeviceA> system-view
[DeviceA] interface gigabitethernet 1/1/2
[DeviceA-GigabitEthernet1/1/2] ip address 192.168.100.1 255.255.255.0
[DeviceA-GigabitEthernet1/1/2] quit
# Assign an IPv6 address to interface GigabitEthernet 1/1/1.
[DeviceA] interface gigabitethernet 1/1/1
[DeviceA-GigabitEthernet1/1/1] ipv6 address 3002::1 64
[DeviceA-GigabitEthernet1/1/1] quit
# Create IPv6 over IPv4 manual tunnel interface Tunnel 0.
[DeviceA] interface tunnel 0 mode ipv6-ipv4
# Specify an IPv6 address for the tunnel interface.
[DeviceA-Tunnel0] ipv6 address 3001::1/64
# Specify GigabitEthernet 1/1/2 as the source interface of the tunnel.
[DeviceA-Tunnel0] source gigabitethernet 1/1/2
# Specify the IP address of GigabitEthernet 1/1/2 on Device B as the destination address of the tunnel.
[DeviceA-Tunnel0] destination 192.168.50.1
[DeviceA-Tunnel0] quit
# Configure a static route destined for IPv6 network 2 through Tunnel 0.
[DeviceA] ipv6 route-static 3003:: 64 tunnel 0
2. Configure Device B:
# Assign an IPv4 address to interface GigabitEthernet 1/1/2.
<DeviceB> system-view
[DeviceB] interface gigabitethernet 1/1/2
[DeviceB-GigabitEthernet1/1/2] ip address 192.168.50.1 255.255.255.0
[DeviceB-GigabitEthernet1/1/2] quit
# Assign an IPv6 address to interface GigabitEthernet 1/1/1.
[DeviceB] interface gigabitethernet 1/1/1
[DeviceB-GigabitEthernet1/1/1] ipv6 address 3003::1 64
[DeviceB-GigabitEthernet1/1/1] quit
# Create IPv6 over IPv4 manual tunnel interface Tunnel 0.
[DeviceB] interface tunnel 0 mode ipv6-ipv4
# Specify an IPv6 address for the tunnel interface.
[DeviceB-Tunnel0] ipv6 address 3001::2/64
# Specify GigabitEthernet 1/1/2 as the source interface of the tunnel.
[DeviceB-Tunnel0] source gigabitethernet 1/1/2
# Specify the IP address of GigabitEthernet 1/1/2 on Device A as the destination address of the tunnel.
[DeviceB-Tunnel0] destination 192.168.100.1
[DeviceB-Tunnel0] quit
# Configure a static route destined for IPv6 network 1 through Tunnel 0.
[DeviceB] ipv6 route-static 3002:: 64 tunnel 0
Verifying the configuration
# Use the display ipv6 interface command to display tunnel interface status on Device A and Device B. Verify that interface Tunnel 0 is up. (Details not shown.)
# Verify that Device A and Device B can ping the IPv6 address of GigabitEthernet 1/1/1 of each other. This example uses Device A.
[DeviceA] ping ipv6 3003::1
Ping6(56 data bytes) 3001::1 --> 3003::1, press CTRL_C to break
56 bytes from 3003::1, icmp_seq=0 hlim=64 time=45.000 ms
56 bytes from 3003::1, icmp_seq=1 hlim=64 time=10.000 ms
56 bytes from 3003::1, icmp_seq=2 hlim=64 time=4.000 ms
56 bytes from 3003::1, icmp_seq=3 hlim=64 time=10.000 ms
56 bytes from 3003::1, icmp_seq=4 hlim=64 time=11.000 ms
--- Ping6 statistics for 3003::1 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 4.000/16.000/45.000/14.711 ms
Configuring an ISATAP tunnel
Restrictions and guidelines
Follow these guidelines when you configure an ISATAP tunnel:
· You do not need to configure a destination address for an ISATAP tunnel, because the destination IPv4 address is embedded in the ISATAP address.
· Do not specify the same source addresses for local tunnel interfaces in the same tunnel mode.
· Because automatic tunnels do not support dynamic routing, configure a static route destined for the destination IPv6 network at each tunnel end. You can specify the local tunnel interface as the egress interface of the route or specify the IPv6 address of the peer tunnel interface as the next hop of the route. For more information about route configuration, see "Configuring IPv6 static routing."
Procedure
1. Enter system view.
system-view
2. Enter ISATAP tunnel interface view.
interface tunnel number [ mode ipv6-ipv4 isatap ]
3. Specify an IPv6 address for the tunnel interface.
See "Configuring basic IPv6 settings."
4. Configure a source address or source interface for the tunnel interface.
source { ipv4-address | interface-type interface-number }
By default, no source address or source interface is configured for the tunnel interface.
If you specify a source address, it is used as the source IP address of tunneled packets.
If you specify a source interface, the primary IP address of this interface is used as the source IP address of tunneled packets.
5. (Optional.) Set the DF bit for tunneled packets.
tunnel dfbit enable
By default, the DF bit is not set for tunneled packets.
