6in4, sometimes referred to as SIT, is an

IPv6 transition mechanism An IPv6 transition mechanism is a technology that facilitates the transitioning of the Internet from the Internet Protocol version 4 (IPv4) infrastructure in use since 1983 to the successor addressing and routing system of Internet Protocol Ver ...

for migrating from

Internet Protocol version 4 Internet Protocol version 4 (IPv4) is the first version of the Internet Protocol (IP) as a standalone specification. It is one of the core protocols of standards-based internetworking methods in the Internet and other packet-switched networks ...

(IPv4) to

IPv6 Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communication protocol, communications protocol that provides an identification and location system for computers on networks and routes traffic ...

. It is a

tunneling protocol In computer networks, a tunneling protocol is a communication protocol which allows for the movement of data from one network to another. They can, for example, allow private network communications to be sent across a public network (such as the ...

that encapsulates IPv6 packets on specially configured IPv4 links according to the specifications of . The IP protocol number for 6in4 is ''41'', per IANA reservation. The 6in4 packet format consists of the IPv6 packet preceded by an IPv4 packet header. Thus, the encapsulation overhead is the size of the IPv4 header of 20 bytes. On Ethernet with a

maximum transmission unit In computer networking, the maximum transmission unit (MTU) is the size of the largest protocol data unit (PDU) that can be communicated in a single network layer transaction. The MTU relates to, but is not identical to the maximum frame size tha ...

(MTU) of 1500 bytes, IPv6 packets of 1480 bytes may therefore be transmitted without fragmentation. 6in4 tunneling is also referred to as ''proto-41 static'' because the endpoints are configured statically. Although 6in4 tunnels are generally manually configured, the utility

AICCU AICCU (Automatic IPv6 Connectivity Client Utility) was a popularSixXS Usage
showing the number of tunnels of the ...

can configure tunnel parameters automatically after retrieving information from a Tunnel Information and Control Protocol (TIC) server. The similarly named methods

6to4 6to4 is an Internet transition mechanism for migrating from Internet Protocol version 4 (IPv4) to version 6 (IPv6) and a system that allows IPv6 packets to be transmitted over an IPv4 network (generally the IPv4 Internet) without the need to co ...

6over4 6over4 is an IPv6 transition mechanism meant to transmit IPv6 packets between dual-stack nodes on top of a multicast-enabled IPv4 network. IPv4 is used as a virtual data link layer (''virtual Ethernet'') on which IPv6 can be run. How 6over4 ...

describe a different mechanism. The

method also makes use of proto-41, but the endpoint IPv4 address information is derived from the IPv6 addresses within the IPv6 packet header, instead of from static configuration of the endpoints.

Network address translators

When an endpoint of a 6in4 tunnel is inside a network that uses

network address translation Network address translation (NAT) is a method of mapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic Router (computing), routing device. The te ...

(NAT) to external networks, the

DMZ A demilitarized zone (DMZ or DZ) is an area in which treaties or agreements between states, military powers or contending groups forbid military installations, activities, or personnel. A DZ often lies along an established frontier or boundary ...

feature of a NAT router may be used to enable the service. Some NAT devices automatically permit transparent operation of 6in4.

Dynamic 6in4 tunnels and heartbeat

Even though 6in4 tunnels are static in nature, with the help of for example the heartbeat protocolHeartbeat Protocol
J. Massar and P. van Pelt one can still have dynamic tunnel endpoints. The heartbeat protocol signals the other side of the tunnel with its current endpoint location. A tool such as

AICCU AICCU (Automatic IPv6 Connectivity Client Utility) was a popularSixXS Usage
showing the number of tunnels of the ...

can then update the endpoints, in effect making the endpoint dynamic while still using the 6in4 protocol. Tunnels of this kind are generally called 'proto-41 heartbeat' tunnels.

Security issues

The 6in4 protocol has no security features, thus one can inject IPv6 packets by spoofing the source IPv4 address of a tunnel endpoint and sending it to the other endpoint. This problem can partially be solved by implementing

network ingress filtering In computer networking, ingress filtering is a technique used to ensure that incoming Packet (information technology), packets are actually from the networks from which they claim to originate. This can be used as a countermeasure against variou ...

(not near the exit point but close to the true source) or with IPsec. The mentioned packet injection loophole of 6in4 was exploited for a research benefit in a method called ''IPv6 Tunnel Discovery'' IPv6 Tunnel Discovery
L. Colitti, G. Di Battista, and M. Patrignani which allowed the researchers to discover operating IPv6 tunnels around the world.

Specifications

* , Transition Mechanisms for IPv6 Hosts and Routers, R. Gilligan and E. Nordmark, 1996 * , Transition Mechanisms for IPv6 Hosts and Routers, R. Gilligan and E. Nordmark, 2000 * , Basic Transition Mechanisms for IPv6 Hosts and Routers, R. Gilligan and E. Nordmark, 2005

Notes

References

{{reflist

External links

How do I configure my machine to set up an IPv6 in IPv4 tunnel6in4 and other tunnel setups on Debian6in4 setup on Plan9 OS
Tunneling protocols IPv6 transition technologies