search

edge-cloud / www.edge-cloud.net

On the edge of cloud computing
https://www.edge-cloud.net
0 stars 0 forks source link

2020/09/11/aws-ipsec-vpn-ipv6/ #35

Open utterances-bot opened 3 years ago

utterances-bot commented 3 years ago

AWS Site-to-Site VPN (IPSec) with IPv6 - Edge Cloud

How to setup the AWS Site-to-Site VPN (IPSec) with IPv6

https://www.edge-cloud.net/2020/09/11/aws-ipsec-vpn-ipv6/

gianafrancisco commented 3 years ago

What is the IOS version you are using for this example? I'm using IOS 12.4(15)T14 and I get and error when try to use v6-overlay on tunnel mode configuration. is there any constraint with the IOS version to support Dual Stack on cisco?

chriselsen commented 3 years ago

For this example I was using a Cisco CSR 1000V, which was running Cisco IOS XE Software, Version 16.12.01a.

gianafrancisco commented 3 years ago

Thanks for you reply! Do you know if there is any requirement regarding to the IOS version? I'm trying to establish a ipsec tunnel using a cisco c3745 IOS 12.4, on IPv4 works but on ipv6 does not work. when I tried to configure v6-overlay parameter it does not exists. Thanks!

kino505 commented 1 year ago

Cisco ASR1000 has the same problem. IPv4 works but IPv6 does not work. Do You have any work example config for this Cisco?

chriselsen commented 1 year ago

Cisco ASR1000 has the same problem. IPv4 works but IPv6 does not work. Do You have any work example config for this Cisco?

When you say "does not work", do you mean that the CLI commands don't exist or that the routing doesn't work?

liyihuang commented 1 year ago

It looks like I can only distribute the IPV6 routes through IPV6 neighbors. and IPv4 routes will not be exchanged if I choose the IPV6 for the tunnel. Is it correct?

chriselsen commented 1 year ago

It looks like I can only distribute the IPV6 routes through IPV6 neighbors. and IPv4 routes will not be exchanged if I choose the IPV6 for the tunnel. Is it correct?

Have a look at the constraints section: "A Site-to-Site VPN connection can only support IPv4, or IPv6." Therefore if you setup an IPv6 tunnel you can only exchange IPv6 routes via BGP over this tunnel.

liyihuang commented 1 year ago

thanks. I thought it only supports the ipv4 or ipv6 meaning that tunnel IP can only be v4 or v6 but can still distribute the different address familiy on BGP. Is there a plan to support the dual stack in the future?