Linux ISATAP Setup

ISATAP is an IPv6 transition mechanism that allows IPv6-in-IPv4 tunnels to be created automatically within a site. Each host queries an ISATAP router within the site to obtain address and routing information. Packets sent to the IPv6 Internet are routed via the ISATAP router, and packets destined for other hosts within the same site are tunneled directly to the destination. ISATAP clients will usually perform stateless IPv6 address autoconfiguration via automatic ISATAP router discovery, but they may optionally use statically assigned addresses if required by special circumstances.

For more information about ISATAP, please read the current NGtrans Working Group Internet Draft, draft-ietf-ngtrans-isatap-04.

Installing Linux ISATAP support

What you will need:

Installing the kernel

The current Linux ISATAP implementation, written by Fred Templin, is available as part of the USAGI project as of the 2001-11-12 snapshot. It is only available for the Linux 2.4 kernel tree.

When compiling the USAGI kernel, be sure to enable the "ISATAP interface support" in the IPv6 section.

Installing iproute

The iproute package can be obtained as source from USAGI, or RPMs can be downloaded here:

The modified version of iproute includes support for creating tunnels with a mode of "isatap", which is necessary to enable the ISATAP-specific functionality for each tunnel.

Installing radvd (router only)

As of radvd 0.7.0, radvd supports non-broadcast networks, such as ISATAP. If radvd 0.7.0 or higher is not installed on your router, either obtain an updated package from your distribution vendor, or download the latest version from here.

Configuring the ISATAP router

The router is responsible for routing IPv6 packets to and from the ISATAP clients, so it must have IPv6 connectivity, including routing for at least one /64 subnet that will be dedicated to the ISATAP network. This /64 subnet prefix will be referred to as PREFIX in this discussion.

ISATAP functionality is enabled by creating a tunnel of mode isatap using the ip tunnel command. A specific IPv4 address must be chosen as the ISATAP router address, and this address generally must not be used to any other IP tunnels. If V4ADDR is the chosen address, the command syntax to create a new ISATAP interface on the router would be:

    # ip tunnel add is0 mode isatap local V4ADDR ttl 64

Although the tunnel interface can have any name allowed by the kernel, using "isN" where N counts from 0 is suggested.

Once the is0 interface has been created, it needs to be enabled and an ISATAP-compliant IPv6 address needs to be assigned to it.

    # ip link set is0 up
    # ip addr add PREFIX::5efe:V4ADDR/64 dev is0

As an example, consider a router which will use 192.0.2.1 as its ISATAP router address with the prefix 3ffe:ffff:1234:5678::/64 assigned to its clients. The commands needed to create and enable the ISATAP interface would be:

    # ip tunnel add is0 mode isatap local 192.0.2.1 ttl 64
    # ip link set is0 up
    # ip addr add 3ffe:ffff:1234:5678::5efe:192.0.2.1/64 dev is0

Once the ISATAP has been created and configured, radvd needs to be set to advertise the appropriate prefix to ISATAP clients. The radvd configuration for an ISATAP interface is identical to configuration of an Ethernet interface, except that the UnicastOnly directive must appear in the interface definition. Here is an interface definition for the sample configuration above:

interface is0
{
    AdvSendAdvert on;
    UnicastOnly on;
    AdvHomeAgentFlag off;

    prefix 3ffe:ffff:1234:5678::/64
    {
        AdvOnLink on;
	AdvAutonomous on;
	AdvRouterAddr off;
    };
};

Configuring the ISATAP clients

The configuration for the clients is much easier than for the router, of course. The only configuration necessary is to create and enable the ISATAP interface. With clients, however, the address of the ISATAP router must be specified when creating the tunnel so that the clients know where to send router solicitations. This is done by specifying the v4any option to the ip command.

    # ip tunnel add is0 mode isatap local V4ADDR_NODE v4any V4ADDR_RTR ttl 64
    # ip link set is0 up

The clients will solicit address and route information from the ISATAP router and automatically configure themselves for IPv6 network access. Here is an example of client configuration for the example router above:

    # ip tunnel add is0 mode isatap local 192.0.40.25 v4any 192.0.2.1 ttl 64
    # ip link set is0 up

Static configuration

ISATAP may also be used in situations where automatic configuration is not desirable. In this case, there will be no node designated as an ISATAP router, and each node will need to configure its own address and routing information. All nodes in a static configuration such as this will configure their interfaces in the same manner as the router described above, omitting the v4any option from the ip tunnel create command and configuring the global addresses manually. However, radvd will not be used at all since it is only necessary for autoconfiguration.



Last modified 2002-6-1 by lutchann.