Feature Request - IPv4 over IPv6 bovpn tunnels
For our dual stack customers with remote sites, we build separate IPv4 and IPv6 bovpn tunnels over the primary link and a backup IPv4 tunnel over a secondary link (IPv6 Multi-WAN would be very helpful too! FBX-3998 - bump....) from the remote sites to the Core Firebox. We dual stack the IPv4 tunnel for protocol redundancy and preference IPv6 traffic over the bovpn tunnels accordingly, in the event of the remote site failing to reach the core over IPv6, traffic falls back to the primary then secondary IPv4 tunnels.
This past week we had an occurrence where the primary ISP had an outage over IPv4, the remote site IPv6 traffic continued over the primary link, however IPv4 failed over to the slower secondary link as designed, in this instance it would have been highly beneficial to have the ability to pass IPv4 traffic over the IPv6 bovpn tunnel without degrading IPv4 network performance.
Please consider implementing IPv4 over IPv6 tunnels, Thank you:)
Comments
Hi @TFM
Are you using standard (legacy) BOVPNs, or BOVPN virtual interfaces to do this?
-James Carson
WatchGuard Customer Support
Hi @james.carson , BOVPN Virtual Interfaces
Hi @TFM
The existing feature request for this is FBX-14989 -- (Support for 6in4 tunneling protocol for IPv6)
The tunnels themselves would need to be either IPv4 or 6 due to limitations of the technology, but an IPv6 tunnel should be able to traverse via an IPv4 only external and terminate if 6in4 is allowed on the distant side.
If you'd like to follow that request, please create a support case and mention FBX-14989 somewhere in your case.
-James Carson
WatchGuard Customer Support
Thanks @james.carson , we actually want the opposite feature sorry, 4in6... We are already successfully traversing IPv6 over the IPv4 tunnels, we would like to be able to send IPv4 over IPv6 tunnels.
@TFM I'll look into this, thanks for the clarification.
-James Carson
WatchGuard Customer Support