close

keyboard_arrow_left

Table of Contents Expand all

play_arrow Overview
- play_arrow Services Overview
  - Adaptive Services and Multiservices Interfaces Overview
  - Packet Flow Through the Adaptive Services or Multiservices PIC
- play_arrow Services Configuration Overview
play_arrow Network Address Translation
- play_arrow NAT Overview
- play_arrow Stateful NAT64
  - Stateful NAT64
- play_arrow Static Source NAT
  - Static Source NAT
- play_arrow Static Destination NAT
  - Static Destination NAT
- play_arrow Network Address Port Translation
  - Network Address Port Translation
- play_arrow Deterministic NAT
  - Deterministic NAT
- play_arrow NAT Protocol Translation
  - NAT Protocol Translation
  - Example: Configuring the DNS ALG Application on MX-SPC3 service card
- play_arrow IPv4 Connectivity Across IPv6-Only Network Using 464XLAT
  - IPv4 Connectivity Across IPv6-Only Network Using 464XLAT
- play_arrow Port Control Protocol
  - Port Control Protocol
- play_arrow Secured Port Block Allocation
  - Secured Port Block Allocation
  - Secured Port Block Allocation Interim Logging
- play_arrow Port Forwarding
  - Port Forwarding
- play_arrow Dynamic Address-Only Source Translation
  - Dynamic Address-Only Source Translation
- play_arrow Inline NAT
  - Inline NAT
- play_arrow Stateless Source Network Prefix Translation for IPv6
  - Stateless Source Network Prefix Translation for IPv6
- play_arrow Monitoring NAT
  - Monitoring NAT
- play_arrow Packet Translation and GRE Tunneling
  - Packet Translation and GRE Tunneling
play_arrow Transitioning to IPv6 Using MAP-E and MAP-T
- play_arrow Transitioning to IPv6 Using MAP-E and MAP-T
  - Mapping of Address and Port with Encapsulation (MAP-E)
  - Equal Cost Multiple Path (ECMP) support for Mapping of Address and Port with Encapsulation (MAP-E)
- Mapping of Address and Port with Translation (MAP-T)
play_arrow Transition to IPv6 With Softwires
- play_arrow Transition to IPv6 With 6to4 Softwires
  - Softwires Configuration Overview
  - 6to4 Softwires
- play_arrow Transition to IPv6 With DS-Lite Softwires
  - DS-Lite Softwires
- play_arrow Transition to IPv6 With 6rd Softwires
  - Configuring a 6rd Softwire
- play_arrow Transition to IPv6 With Inline Softwires
  - Inline 6rd and 6to4 Softwires
- play_arrow Monitoring and Troubleshooting Softwires
  - Monitoring and Troubleshooting Softwires
play_arrow ALGs
- play_arrow ALGs
  - ALG Overview
  - ALG Applications
play_arrow Access Security
- play_arrow Stateful Firewalls
  - Stateful Firewalls
  - Monitoring Stateful Firewalls
- play_arrow IDS on MS-DPC
  - IDS on MS-DPC
- play_arrow Network Attack Protection on MS-MPC and MS-MIC
  - Network Attack Protection on MS-MPC and MS-MIC
play_arrow IPsec Tunnels
- play_arrow IPsec Overview
  - IPsec Overview
- play_arrow Inline IPsec
  - Inline IPsec
- play_arrow IPsec Tunnels With Static Endpoints
- play_arrow IPsec Tunnels With Dynamic Endpoints
  - IPsec Tunnels With Dynamic Endpoints
- - Inline IPsec
play_arrow CoS on Services Cards
- play_arrow CoS on Services Cards
  - Class of Service on Services Interfaces
- play_arrow Class of Service on Link Services Interfaces
  - Class of Service on Link Services Interfaces
play_arrow Inter-Chassis Redundancy for NAT and Stateful Firewall Flows
- play_arrow Configuring Inter-Chassis MS-MPC and MS-MIC for NAT and Stateful Firewall (Release 16.1 and later)
  - Inter-Chassis Stateful Synchronization for Long Lived NAT and Stateful Firewall Flows (MS-MPC, MS-MIC) (Release 16.1 and later)
  - Service Redundancy Daemon
- play_arrow Configuring Inter-Chassis Stateful Synchronization for NAT and Stateful Firewall (Release 15.1 and earlier)
  - Inter-Chassis High Availability for MS-MIC and MS-MPC (Release 15.1 and earlier)
play_arrow Multilinks
- play_arrow Link Services Interface Redundancy
  - Link Services Interface Redundancy
- play_arrow Link Bundling
  - Inline Multlink Services
play_arrow Traffic Load Balancer
- play_arrow Traffic Load Balancer
  - Traffic Load Balancer
play_arrow Services Card Redundancy
- play_arrow Services Card Redundancy for MS-MPC and MS-MIC
  - Load Balancing and High Availability With Aggregated Multiservices Interfaces on MS-MPC and MS-MIC
- play_arrow Services Card Redundancy for Multiservices PIC
  - Configuring AS or Multiservices PIC Redundancy
play_arrow Voice Services
- play_arrow Voice Services
  - Voice Services
play_arrow Layer 2 PPP Tunnels
- play_arrow Layer 2 Tunneling of PPP Packets
  - Layer 2 Tunneling of PPP Packets
play_arrow URL Filtering
- play_arrow URL Filtering
  - URL Filtering
play_arrow Configuration Statements and Operational Commands
- [OBSOLETE] unidirectional-session-refreshing
- Junos CLI Reference Overview

list Table of Contents

English

keyboard_arrow_right

6to4 Softwires

date_range 13-Jan-21

arrow_backward

arrow_forward

Configuring a 6to4 Provider-Managed Tunnel

When configuring a 6to4 provider-managed tunnel (PMT), replace the Anycast destination with the address of a managed relay in the provider network.

6to4 tunnels are supported on Multiservices 100, 400, and 500 PICs on M Series routers, and on MX Series routers equipped with Multiservices DPCs. 6to4 tunnels are not supported on MX Series routers with MS-MPCs or MS-MICs.

To configure a 6to4 PMT:

Configure the ingress interface for 6to4 traffic. Include the name of the service set that identifies the rules for input and output service on this interface.

content_copy zoom_out_map
[edit interfaces ge-0/2/1]
user@host# set unit logical-unit-number family family service input service-set-name
user@host# set unit logical-unit-number family family service output service-set-name
user@host# set unit logical-unit-number family family address addres

For example:

content_copy zoom_out_map
[edit interfaces ge-0/2/1]
user@host# set unit 0 family inet service input service-set v6to4-pmt
user@host# set unit 0 family inet service output service-set v6to4-pmt
user@host# set unit 0 family inet address 130.130.130.1/24

Configure the egress interface.

content_copy zoom_out_map
[edit interfaces ge-0/2/2]
user@host# set unit logical-unit-number family family address address

For example:

content_copy zoom_out_map
[edit interfaces ge-0/2/2]
user@host# set unit 0 family inet6 address 4ABC::1/16

Configure the service interface that contains the rules for processing incoming traffic. Include a syslog option and associate a logical unit.

content_copy zoom_out_map
[edit interfaces sp-2/0/0]
user@host# edit services-options syslog host host-name services any
user@host# edit unit logical-unit-number family family
user@host# edit unit 0 family family

For example:

content_copy zoom_out_map
[edit interfaces sp-2/0/0]
user@host# set services-options syslog host local services any
user@host# set unit 0 family inet
user@host# set unit 0 family inet6

Configure the softwire concentrator and softwire rule for 6to4. In the Junos OS, 6to4 PMT configuration uses the same options as 6rd.

content_copy zoom_out_map
[edit services softwire softwire-concentrator v6rd v6to4]
user@host# set softwire-address softwire-addres
user@host# set ipv4-prefix ipv4-prefix
user@host# set v6rd-prefix v6rd-prefix
user@host# set mtu-v4 mtu-v4 

For example:

content_copy zoom_out_map
[edit services softwire softwire-concentrator v6rd v6to4]
user@host# set softwire-address 192.88.99.1
user@host# set ipv4-prefix 130.130.130.2/32
user@host# set v6rd-prefix 2002::0/16
user@host# set mtu-v4 9192 

Define the softwire rule that will process traffic on the ingress interface.

content_copy zoom_out_map
[edit services softwire rule v6to4-r1]
user@host# set match-direction input
user@host# set term term-name then v6rd softwire-concentrator

For example:

content_copy zoom_out_map
[edit services softwire rule v6to4-r1]
user@host# set match-direction input
user@host# set term t1 then v6rd v6to4

Define a stateful firewall rule that will accept all incoming traffic on the ingress interface.

content_copy zoom_out_map
[edit services stateful-firewall rule sfw-r1]
user@host# set match-direction direction
user@host# set term term-name then accept
user@host# set term term-name then syslog

For example:

content_copy zoom_out_map
[edit services stateful-firewall rule sfw-r1]
user@host# set match-direction input-output
user@host# set term t1 then accept
user@host# set term t1 then syslog

Define the NAT pool to be used for IPv6 NAT translation. This pool supports translation of the Anycast 6to4 relay addresses to addresses at the provider-managed relay.
```
[edit services nat pool v6to4-pmt]
user@host# set address address
user@host# port automatic
```
For example:
```
[edit services nat pool v6to4-pmt]
user@host# set address 3ABC::1/128
user@host# set port automatic
```

Define the NAT rule for translation.

content_copy zoom_out_map
[edit services nat rule rule-name]
user@host# set match-direction input
user@host# set term term-name then translated source-pool pool-name
user@host# set term t1 then translated translation-type translation-type

For example:

content_copy zoom_out_map
[edit services nat rule v6to4-pmt-r1]
user@host# set match-direction input
user@host# set term t1 then translated source-pool v6to4-pmt
user@host# set term t1 then translated translation-type napt-66

Define the service set that specifies the softwire rule and NAT rule.

content_copy zoom_out_map
[edit services service-set v6to4-pmt]
user@host# set softwire-rules rule-name
user@host# set stateful-firewall-rules rule-name
user@host# set nat-rules rule-name
user@host# set interface-service service-interface interface-name

For example:

content_copy zoom_out_map
[edit services service-set v6to4-pmt]
user@host# set softwire-rules v6to4-r1
user@host# set stateful-firewall-rules sfw-r1
user@host# set nat-rules v6to4-pmt-r1
user@host# set interface-service service-interface sp-2/0/0

arrow_backward PREVIOUS Softwires Configuration Overview

NEXT arrow_forward DS-Lite Softwires

Adaptive Services Interfaces User Guide for Routing Devices

6to4 Softwires

Configuring a 6to4 Provider-Managed Tunnel

Stay in touch

Helped me install or use the product
Accelerated my deployment

Discuss the product with a co-worker
Make a purchase inquiry