The mobile ad hoc network (MANET), which is characterized by an infrastructureless architecture and multi-hop communication, has attracted a lot of attention recently. In the evolution of IP networks to version 6, adopting the same protocol would guarantee the success and portability of MANETs. In this paper, we propose a secure bootstrapping and routing protocol for MANETs. Mobile hosts can autoconfigure and even change their IP addresses based on the concept of CGA (cryptographically generated address), but they can not hide their identities easily. The protocol is modified from DSR (dynamic source routing) to support secure routing. The neighbor discovery and domain name registration in IPv6 are incorporated and enhanced with security functions. The protocol is characterized by the following features: (i) it is designed based on IPv6, (ii) relying on a DNS server, it allows bootstrapping a MANET with little pre-configuration overhead, so network formation is light-weight, and (iii) it is able to resist a variety of security attacks.