Cisco Support Community
Community Member

Connection redundancy with dual ipv6ip tunnels

I have a 871-SEC-K9 in my IPv6 lab running 2 tunnels to 2 different brokers. The tunnels are up and working fine. I can ping anything from whatever source (tunnel0 and tunnel1). I have a vlan interface that has both global ipv6 address from the allocated subnet given by my 2 brokers. The hosts (a FreeBSD machine and a Win7 machine) are receiving both router advertisements as they have auto-configured based on both global ipv6 address from the vlan interface. Both hosts are able to ping both addresses.

Now here's my problem, I'm using:

ipv6 route ::/0 Tunnel0

and if my Tunnel1 goes down, my hosts no longer have access to IPv6-enabled internet. Now adding a second ::/0 route to that tunnel didn't help my problem (and actually caused other problems as expected).

What is the correct method for what I'm trying to do? I've looked at Cisco's IPv6 docs (especially about multihoming) but nothing has helped so far.

Community Member

Re: Connection redundancy with dual ipv6ip tunnels

Ok, so no one has any answers so far... but I kept looking. I'm almost there. And I'm at 3 tunnels for the heck of it. Here's what I have now:

interface Vlan10

description $FW_INSIDE$

ip address

ip nat inside

ip virtual-reassembly

ipv6 address 2001:470:xxxx:1::1/64

ipv6 address 2001:5C0:xxxx:B900::1/64

ipv6 address 2001:4978:xxxx:1::1/64

ipv6 enable

ipv6 policy route-map he-next-hop


ipv6 route ::/0 Tunnel2

ipv6 route ::/0 Tunnel1

ipv6 route ::/0 Tunnel0





route-map sixxs-next-hop permit 10

match ipv6 address sixxs-pool

set default interface Tunnel2


route-map go6-next-hop permit 10

match ipv6 address go6-pool

set default interface Tunnel1


route-map he-next-hop permit 10

match ipv6 address he-pool

set default interface Tunnel0



ipv6 access-list he-pool

permit ipv6 2001:470:xxxx:1::/64 any


ipv6 access-list sixxs-pool

permit ipv6 2001:4978:xxxx:1::/64 any


ipv6 access-list go6-pool

permit ipv6 2001:5C0:xxxx:B900::/64 any


and with an ipv6 traffic-filter in each tunnels.

This is almost working like I want it to, except I am unable to put all three route-map in my vlan interface. That way I could forward traffic based on the source IP to the correct tunnel. How do I get all three route-map working at the same time?

Any help getting this last part is appreciated.

CreatePlease to create content