This is an example configuration for connecting to the Comcast 6RD trial tunnels from a typical residential NAT/DHCP home router.

NOTE:  Comcast has listed an end date of 6/30/2011 for their 6RD trial.  The 6RD gateway may not be accessible after that date.  See the Comcast link below for more information.

Router and IOS Notes:

This configuration was developed on a Cisco 881 router.  It should work on any similar IOS router, adjusting for relevant intefaces.

6RD tunnels are a new feature in IOS 15.1(3)T.  You must be running at least this version to implement 6RD

References:

The following Cisco links were useful in developing this configuration:

http://docwiki.cisco.com/wiki/6rd_Configuration_Example
http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-tunnel.html

The configuration was created with the help of several contributors on the Cisco Support forum, on this thread:

https://supportforums.cisco.com/thread/2070429?tstart=0

Information on the Comcast 6RD Trials can be found here:

http://www.comcast6.net/6rd-config.php

Implementation Notes:

This drawing lays out the components and relevant addresses:

There are several places in the configuration where both an IPv4 address, and it's IPv6 embedded equivalent are used.  I've used the convention

a.b.c.d = aabb:ccdd

to show equivalent addresses in the drawing and configurations, where 'a' is the IPv4 numeric, and 'aa' is the IPv6 hex.

For example:   69.252.80.66  =>  45FC:5042

Outside Interface:

The outside interface receives it's IPv4 address via Comcast DHCP.  There is no IPv6 address on the outside interface.

Tunnel Interface:

There is no IPv4 address on the Tunnel interface.  The Tunnel interface only has a link-local IPv6 address, self-generated by the 'ipv6 enable' command.  The interface number, Tunnel 6, was chosen for alliteration.  Any number could be used.

Inside Interface:

The inside interface is the VLAN 1 interface on the router.  It has a static RFC1918 IPv4 address serving all internal hosts.  It has a link-local IPv6 address.  The Internet referenced IPv6 address is dynamic, and is derived from the 'general-prefix' config, the outside DHCP address, and the 6RD tunnel configuration.  The specific local address is generated from the general-prefix and the EUI-64 process.

The internal IPv6 address prefix is derived from the general prefix (2001:55c) and the hex version of the local outside IPv4 DHCP address.  This combination is what makes the IPv6 address unique to you, and how the packets are routed back to across the v6 Internet.

General Prefix:

Since parts of the IPv6 configuration are dynamic, a 'general prefix' configuration is used in several places.  This configuration uses the label 'Comcast6RD'.  This is only a label, and has no special meaning beyond making the configuration more readable.

IPv4 Configuration:

The IPv4 configuration is typical of a residential home gateway, with a NAT/PAT configuration to the dynamic public IP on the outside interface.

Comcast Variables:

The Comcast configuration information can be found at the above 6RD link.  There are no specific IOS details, just these generic values:

    1. 6rd Prefix = 2001:55c
    2. 6rd prefix length = 32
    3. 6rd BR FQDN = 6rd.comcast.net
    4. IPv4 mask length = 0

The IOS 6RD commands do not support DNS names, only IP addresses.  6rd.comcast.net resolved to 69.252.80.66 (45FC:5042 hex) when this was written, but should be tested for your location.  For this reason the configurations were changed to generic v.x.y.z variables in the configuration details.  These were the actual tested values:

tunnel 6rd br 69.252.80.66
ipv6 route ::/0 Tunnel6 2001:55C:45FC:5042::

Since the IPv4 mask is zero, this configuration does not need the 'tunnel 6rd ipv4 prefix-len' command referenced in the generic 6RD example at the docwiki link above.

Host Configuration:

The test bed used several Windows hosts, running 7, Vista, and 2008.  They had no special configuration beyond the default enablement of IPv6.  They received their public IPv6 address prefixes via Router Advertisements from the router, and the normal EUI-64 process.

The hosts will need access to DNS servers that can provide AAAA IPv6 addresses, but this can still occur over IPv4 links.

Static Route:

The default route for IPv6 is one of the trickier parts of the configuration.  It must have a next hop defined for the 6RD BR at the far end of the tunnel.  This next hop address must be derived from the IPv4 address of the BR.

WARNING:  There is no NAT, screening ACL, or firewall configuration in this example.  The IPv6 addresses received on the internal network are completely routable and open to the Internet.  Please take effective precautions and add your own security configuration.  (Details on ZFW config will be provided in the future.)

Configuration Details:

Variables in the following configuration are listed in bold italic.  Other common configuration on the interfaces, such as speed/duplex, has been deleted.  The 'ip nat' statements are for the IPv4 operation, and have no bearing on the IPv6 configuration.

ipv6 general-prefix Comcast6RD 6rd Tunnel6
ipv6 unicast-routing
ipv6 cef

interface Tunnel6
description Comcast 6RD IPv6 tunnel.
no ip address
no ip redirects
ipv6 enable
tunnel source FastEthernet4
tunnel mode ipv6ip 6rd
tunnel 6rd prefix 2001:55C::/32
tunnel 6rd br v.x.y.z

interface FastEthernet4
description Outside
ip address dhcp client-id FastEthernet4
ip nat outside
!
interface Vlan1
description Inside
ip address 10.20.1.1 255.255.255.0
ip nat inside
ip tcp adjust-mss 1452
ipv6 address Comcast6RD ::/64 eui-64
ipv6 enable

ipv6 route ::/0 Tunnel6 2001:55C:vvxx:yyzz::

Useful Show Commands:

The following commands can be very useful for verifying configuration.  Personal or redundant bits in the output have been <redacted>, or replaced with their dynamic variables (a.b.c.d)

show ip interface brief

show ipv6 interface brief

show tunnel 6rd tunnel 6

show ipv6 route

RouterA#show ip interface brief
Interface                  IP-Address      OK? Method Status   Protocol
<redacted>
FastEthernet4              a.b.c.d         YES DHCP   up       up 
Tunnel6                    unassigned      YES NVRAM  up       up 
Vlan1                      10.20.1.1       YES NVRAM  up       up 

RouterA#show ipv6 interface brief
FastEthernet4              [up/up]
    unassigned
Tunnel6                    [up/up]
    FE80::1876:E7C5
Vlan1                      [up/up]
    FE80::<redacted>:FE98:E0CE
    2001:55C:aabb:ccdd:<redacted>:FE98:E0CE

RouterA#show tunnel 6rd tunnel 6
Interface Tunnel6:
  Tunnel Source: a.b.c.d
  6RD: Operational, V6 Prefix: 2001:55C::/32
       V4 Prefix, Length: 0, Value: 0.0.0.0
       V4 Suffix, Length: 0, Value: 0.0.0.0
       Border Relay address: 69.252.80.66
  General Prefix: 2001:55C:aabb:ccdd::/64

RouterA#show ipv6 route
  <redacted>
S   ::/0 [1/0]
     via 2001:55C:45FC:5042::, Tunnel6
C   2001:55C:aabb:ccdd::/64 [0/0]
     via Vlan1, directly connected
L   2001:55C:aabb:ccdd:<redacted>:FE98:E0CE/128 [0/0]
     via Vlan1, receive
L   FF00::/8 [0/0]
     via Null0, receive

The key things to look for are that your tunnel source and general prefix agree on the IPv4/IPv6 parts.  And that the static route to the BR again has the correct IPv4 referenced IPv6 sections.

Useful IPv6 Test Sites:

I found these sites to be very useful for testing my IPv6 configuration.

http://test-ipv6.com/

Great for testing your host configuration for usability.

http://ipv6-test.com

Links to several IPv6 sites, and a speed test.  (The speed test showed that the tunnel is much slower than native IPv4.)

http://whatismyv6.com/

A quick check of your host IP.

http://www.subnetonline.com/pages/ipv6-network-tools/online-ipv6-port-scanner.php

Great for probing inbound connections and working on firewall configuration.