6in4 Tunnel Interfaces

Important - Scalable Platforms (Maestro and Chassis) do not support this feature (Known Limitation MBS-12823).

This section shows you how to configure 6in4 Tunnel Interfaces in the Gaia PortalClosed Web interface for the Check Point Gaia operating system. and Gaia ClishClosed The name of the default command line shell in Check Point Gaia operating system. This is a restricted shell (role-based administration controls the number of commands available in the shell)..

6in4 is a transparent mechanism that transmits IPv6 traffic on existing IPv4 networks.

To do this, 6in4 does these functions:

  • Encapsulates IPv6 packets in IPv4 packets for transmission on the IPv4 network.

  • Routes traffic between 6in4 and "native" IPv6 networks.

Important - Before you can configure 6in4 Tunnel interfaces, you must enable the IPv6 Support and reboot (see System Configuration).

Note - The name of an 6in4 interface in GaiaClosed Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. is "sit_6in4_<Tunnel ID>". For example, the name of a 6in4 interface with a Tunnel ID of 5 is "sit_6in4_5".

Configuring 6in4 Tunnel Interfaces in Gaia Portal

Step

Instructions

1

In the navigation tree, click Network Management > Network Interfaces.

2

Make sure that the physical interface, on which you add a 6in4 Tunnel interface, has an IPv4 address.

3

Click Add > 6in4 Tunnel.

4

In the Add 6in4 Tunnel window, select the Enable option to set the VLAN interface to UP.

5

Optional: On the IPv6 tab, enter the IPv6 address and mask length.

You can optionally select the Obtain IPv6 address automatically option.

6

On the 6in4 Tunnel tab:

  • In the Interface field, select the applicable physical interface.

  • In the Tunnel ID field, enter or select the Tunnel ID between 2 and 999999.

    Note - The ID must be unique for every 6in4 tunnel that terminates on this Gaia.

  • In the TTL field, enter or select the Time-to-Live for the 6in4 packets between 0 and 255.

    Note - This value must be the same on the peers. Default value is 0.

  • In the Remote Address field, enter the IPv4 address at the remote end of the 6in4 tunnel.

7

Click OK.

Step

Instructions

1

In the navigation tree, click Network Management > Network Interfaces.

2

Select a VLAN interface and click Edit.

3

On the IPv6 tab, enter the IPv6 address and mask length.

You can optionally select the Obtain IPv6 address automatically option.

4

Click OK.

Note - You cannot change the settings on the 6in4 Tunnel tab. To change these parameters, delete the 6in4 Tunnel interface and then create a new 6in4 Tunnel interface.

Step

Instructions

1

In the navigation tree, click Network Management > Network Interfaces.

2

Select a 6in4 Tunnel interface and click Delete.

3

Click OK, when the confirmation message shows.

Configuring 6in4 Tunnel Interfaces in Gaia Clish

Important - Make sure that the physical interface, on which you wish to add a 6in4 Tunnel interface, have an IPv4 address.

Syntax

add interface <Name of Physical Interface> 6in4 <6in4 Tunnel ID> remote <IPv4 Address on Remote Peer> [ttl <0-255>] 

set interface sit_6in4_<6in4 Tunnel ID>
      comments "Text"
      ipv6-address <IPv6 Address> mask-length <Mask Length>
      ipv6-autoconfig {on | off}
      mtu <1280-16000>
      state {on | off}

Note - You cannot change the 6in4 settings (Name of Physical Interface, 6in4 Tunnel ID, IPv4 Address on Remote Peer, or TTL). To change these parameters, delete the 6in4 Tunnel interface and then create a new 6in4 Tunnel interface.

show interface sit_6in4_<6in4 Tunnel ID><SPACE><TAB>

delete interface sit_6in4_<6in4 Tunnel ID> 6in4 <6in4 Tunnel ID>

Important - After you add, configure, or delete features, run the "save config" command to save the settings permanently.

Parameters

Parameter

Description

<Name of Physical Interface>

Specifies a physical interface.

<6in4 Tunnel ID>

Specifies the Tunnel ID between 2 and 999999.

Note - The ID must be unique for every 6in4 tunnel that terminates on this Gaia.

<IPv4 Address on Remote Peer>

Specifies the IPv4 address at the remote end of the 6in4 tunnel.

ttl <0-255>

Specifies the Time-to-Live for the 6in4 packets between 2 and 255.

Note - This value must be the same on the peers. Default value is 0.

comments "Text"

Defines the optional comment.

  • Write the text in double quotes.

  • Text must be up to 100 characters.

  • This comment appears in the Gaia Portal and in the output of the "show configuration" command.

<IPv6 Address>

Assigns the IPv6 address.

mask-length <Mask Length>

Configures the IPv6 subnet mask length using CIDR notation (/xx) - integer between 1 and 128.

ipv6-autoconfig {on | off}

Configures if this interface gets an IPv6 address from a DHCPv6 Server:

  • on - Gets an IPv6 address from a DHCPv6 Server

  • off - Does not get an IPv6 address from a DHCPv6 Server (you must assign it manually)

mtu <1280-16000>

Configures the Maximum Transmission Unit size for an interface.

  • Range: 1280 - 16000 bytes

  • Default: 1500 bytes

state {on | off}

Configures interface's state:

  • on - Enabled

  • off - Disabled

 
gaia> add interface eth0 6in4 55 remote 192.168.20.30 ttl 200
gaia> set interface comments "6in4 ID 55 with peer 192.168.20.30"
gaia> delete interface sit_6in4_55 6in4 55