Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
288
Views
0
Helpful
1
Replies

Connection redundancy with dual ipv6ip tunnels

nicblais1
Level 1
Level 1

‎06-11-2009 05:27 AM - edited ‎03-04-2019 05:04 AM

I have a 871-SEC-K9 in my IPv6 lab running 2 tunnels to 2 different brokers. The tunnels are up and working fine. I can ping anything from whatever source (tunnel0 and tunnel1). I have a vlan interface that has both global ipv6 address from the allocated subnet given by my 2 brokers. The hosts (a FreeBSD machine and a Win7 machine) are receiving both router advertisements as they have auto-configured based on both global ipv6 address from the vlan interface. Both hosts are able to ping both addresses.

Now here's my problem, I'm using:

ipv6 route ::/0 Tunnel0

and if my Tunnel1 goes down, my hosts no longer have access to IPv6-enabled internet. Now adding a second ::/0 route to that tunnel didn't help my problem (and actually caused other problems as expected).

What is the correct method for what I'm trying to do? I've looked at Cisco's IPv6 docs (especially about multihoming) but nothing has helped so far.

Labels:
0 Helpful
1 Reply 1

nicblais1
Level 1
Level 1

‎06-12-2009 02:57 PM

Ok, so no one has any answers so far... but I kept looking. I'm almost there. And I'm at 3 tunnels for the heck of it. Here's what I have now:

interface Vlan10

description $FW_INSIDE$

ip address 192.168.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly

ipv6 address 2001:470:xxxx:1::1/64

ipv6 address 2001:5C0:xxxx:B900::1/64

ipv6 address 2001:4978:xxxx:1::1/64

ipv6 enable

ipv6 policy route-map he-next-hop

!

ipv6 route ::/0 Tunnel2

ipv6 route ::/0 Tunnel1

ipv6 route ::/0 Tunnel0

!

!

!

!

route-map sixxs-next-hop permit 10

match ipv6 address sixxs-pool

set default interface Tunnel2

!

route-map go6-next-hop permit 10

match ipv6 address go6-pool

set default interface Tunnel1

!

route-map he-next-hop permit 10

match ipv6 address he-pool

set default interface Tunnel0

!

!

ipv6 access-list he-pool

permit ipv6 2001:470:xxxx:1::/64 any

!

ipv6 access-list sixxs-pool

permit ipv6 2001:4978:xxxx:1::/64 any

!

ipv6 access-list go6-pool

permit ipv6 2001:5C0:xxxx:B900::/64 any

!

and with an ipv6 traffic-filter in each tunnels.

This is almost working like I want it to, except I am unable to put all three route-map in my vlan interface. That way I could forward traffic based on the source IP to the correct tunnel. How do I get all three route-map working at the same time?

Any help getting this last part is appreciated.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card