Page 1
BELAJAR MENSETTING TUNNELING 6TO4 DI ROUTER CISCO
BY:DAYWALKER@DATAKOM-C223
http://www.ittelkom.ac.id/pinguin
http://iwing.wordpress.com
Penggantian infrastruktur secara langsung pada seluruh jaringan IPv4 menuju ke
IPv6 tidak dapat dilakukan serta merta karena beberapa hal, sehingga dibutuhkan
mekanisme transisi. Mekanisme yang sering digunakan adalah model tunneling. Pada
implementasinya ada banyak mekanisme transisi tunneling yang digunakan, mekanisme tadi
diantaranya 6to4, Configured Tunneling, dan ISATAP. Pada kesempatan kita akan belajar
bagaimana mensetting tunneling 6to4 di router cisco.
Topology Diagram yang akan disimulasikan seperti gambar dibawah ini
Page 2
Peralatan yang digunakan adalah :
3 buah router (bebas series berapa saja, asal support ipv6)
2 buah komputer yang support ipv6 (pada simulasi ini komputer harry menggunakan
ubuntu 9.04 dan komputer herry menggunakan ubuntu 8.04)
Kabel utp secukupnya
NB: jika kita tidak mempunyai akses ke peralatan cisco, jangan kuatir pakai saja
network simulator seperti GNS3 yang dapat diperoleh di www.gns3.net dan disisi
kliennya bisa diintegrasikan dengan vmware ^_^
Langkah-langkahnya yaitu:
1. Configure loopback dan physical interfaces
cnc1(config)# interface loopback0
cnc1(config-if)# ip address 10.1.1.1 255.255.255.0
cnc1(config-if)# interface f0/1
cnc1(config-if)# ipv6 address FEC0::1:1/112
cnc1(config-if)# interface f0/0
cnc1(config-if)# ip address 172.16.12.1 255.255.255.0
cnc1(config-if)# no shutdown
cnc2(config)# interface loopback0
cnc2(config-if)# ip address 10.1.2.1 255.255.255.0
cnc2(config-if)# interface f0/0
cnc2(config-if)# ip address 172.16.12.2 255.255.255.0
cnc2(config-if)# no shutdown
cnc2(config-if)# interface f0/1
cnc2(config-if)# ip address 172.16.23.2 255.255.255.0
cnc2(config-if)# no shutdown
cnc3(config)# interface loopback0
cnc3(config-if)# ip address 10.1.3.1 255.255.255.0
cnc1(config-if)# interface f0/1
cnc3(config-if)# ipv6 address FEC0::3:1/112
cnc3(config-if)# interface f0/0
cnc3(config-if)# ip address 172.16.23.3
Page 3
2. Konfigure Routing protocol, pada simulasi ini kita akan menggunakan protocol eigrp
dengan AS number 1
cnc1(config)# router eigrp 1
cnc1(config-router)# no auto-summary
cnc1(config-router)# network 10.0.0.0
cnc1(config-router)# network 172.16.0.0
cnc2(config)# router eigrp 1
cnc2(config-router)# no auto-summary
cnc2(config-router)# network 10.0.0.0
cnc2(config-router)# network 172.16.0.0
cnc3(config)# router eigrp 1
cnc3(config-router)# no auto-summary
cnc3(config-router)# network 10.0.0.0
cnc3(config-router)# network 172.16.0.0
3. konfigure manual tunnel ipv6
cnc1(config)# interface tunnel 0
cnc1(config-if)# tunnel mode ipv6ip 6to4
cnc1(config-if)# ipv6 address 2002:AC10:0C01:1::1/64
cnc1(config-if)# tunnel source f0/0
cnc1(config-if)# exit
cnc1(config)# ipv6 route 2002::/16 tunnel0
Penjelasan mengenai ipv6 address 2002:AC10:0C01:1::1/64 adalah sebagai berikut :
Page 4
cnc3(config)# interface tunnel 0
cnc3(config-if)# tunnel mode ipv6ip 6to4
cnc3(config-if)# ipv6 address 2002:AC10:1703:1::3/64
cnc3(config-if)# tunnel source f0/0
cnc3(config-if)# exit
cnc3(config)# ipv6 route 2002::/16 tunnel0
Penjelasan mengenai ipv6 address 2002:AC10:1703:1::3/64 adalah sebagai berikut:
Lalu kita test menggunakan ping utility
Page 5
4. konfigure static ipv6 routes
cnc1(config)# ipv6 unicast-routing
cnc1(config)# ipv6 route FEC0::3:0/112 2002:AC10:1703:1::3
cnc3(config)# ipv6 unicast-routing
cnc3(config)# ipv6 route FEC0::1:0/112 2002:AC10:C01:1::1
5. verifikasi hasilnya
Page 6
6. Dari router cnc1 ping ke FEC0::3:1 dan FEC0::3:2 lalu dari router cnc3 ping ke
FEC0::1:1 dan FEC0::1:2
Page 8
7. Kita coba test dengan perintah treceroute
8. Terakhir kita uji di klien dengan ping utility ditambah dengan aplikasi SSH dari
komputer harry ke computer herry
Page 9
Konfigurasi lengkapnya
cnc1#sh run
Building configuration...
Current configuration : 1355 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname cnc1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$yLY/$/Jt3HE119KG1Hcj9.hK1k.
!
no network-clock-participate slot 1
no network-clock-participate wic 0
no aaa new-model
ip subnet-zero
ip cef
!
!
no ip domain lookup
!
Page 10
ip audit po max-events 100
ipv6 unicast-routing
!
username iwing privilege 15 password 7 130116060A070B27
!
interface Loopback0
ip address 10.1.1.1 255.255.255.0
!
interface Tunnel0
no ip address
no ip redirects
ipv6 address 2002:AC10:C01:1::1/64
tunnel source FastEthernet0/0
tunnel mode ipv6ip 6to4
!
interface FastEthernet0/0
ip address 172.16.12.1 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
no ip address
shutdown
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address FEC0::1:1/112
!
router eigrp 1
network 10.0.0.0
network 172.16.0.0
no auto-summary
!
ip http server
ip http authentication local
ip http secure-server
ip classless
!
!
ipv6 route 2002::/16 Tunnel0
ipv6 route FEC0::3:0/112 2002:AC10:1703:1::3
!
line con 0
Page 11
password 7 104A080D041C1D06
login local
line aux 0
line vty 0 4
privilege level 15
password 7 000012120550040B
login local
transport input telnet ssh
!
end
cnc1#
cnc2#sh run
Building configuration...
Current configuration : 1122 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname cnc2
!
enable secret 5 $1$.pz0$NuY9WduKODkuogiDYMpxi0
!
username iwing privilege 15 password 7 09484F1D180E181F
ip subnet-zero
!
!
no ip domain lookup
!
ip cef
!
!
interface Loopback0
ip address 10.1.2.1 255.255.255.0
!
interface FastEthernet0/0
ip address 172.16.23.2 255.255.255.0
duplex auto
speed auto
!
Page 12
interface FastEthernet0/1
ip address 172.16.12.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet2/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet2/1
no ip address
shutdown
duplex auto
speed auto
!
router eigrp 1
network 10.0.0.0
network 172.16.0.0
no auto-summary
!
ip classless
ip http server
ip http authentication local
!
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
gatekeeper
shutdown
!
!
line con 0
password 7 000012120550040B
login local
line aux 0
line vty 0 4
privilege level 15
password 7 070B20584F021608
login local
Page 13
transport input telnet
!
!
end
cnc2#
cnc3#sh run
Building configuration...
Current configuration : 1308 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname cnc3
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$.3Yw$Y7w3tYX0F3Fmad/XOqWe50
!
no network-clock-participate slot 1
no network-clock-participate wic 0
no aaa new-model
ip subnet-zero
ip cef
!
!
no ip domain lookup
!
ip audit po max-events 100
ipv6 unicast-routing
!
!
username iwing privilege 15 password 7 110D181116190401
!
!
interface Loopback0
ip address 10.1.3.1 255.255.255.0
!
interface Tunnel0
Page 14
no ip address
no ip redirects
ipv6 address 2002:AC10:1703:1::3/64
tunnel source FastEthernet0/0
tunnel mode ipv6ip 6to4
!
interface FastEthernet0/0
ip address 172.16.23.3 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address FEC0::3:1/112
!
router eigrp 1
network 10.0.0.0
network 172.16.0.0
no auto-summary
!
ip http server
ip http authentication local
ip http secure-server
ip classless
!
!
ipv6 route 2002::/16 Tunnel0
ipv6 route FEC0::1:0/112 2002:AC10:C01:1::1
!
!
line con 0
password 7 15160A1805212429
login local
line aux 0
line vty 0 4
privilege level 15
password 7 03005A1F07042E41
login local
transport input telnet ssh
!
!
end
cnc3#
######################Semoga bermanfaat######################