It’s time to get into the mindset of integrating IPv6 into your existing infrastructure with the longer goal of migrating to IPv6. In other words, this is not going to be an “OK, Friday the Internet is changing over” rollout. You have to bring about the change as a controlled implementation. It could easily take three to five years before a solid migration occurs and probably longer. I think the migration will take slightly less time than getting the world to migrate to the metric system on the overall timeline. The process of integration/migration consists of several mechanisms.
Dual Stack Simply running both IPv4 and IPv6 on the same network, utilizing the IPv4 address space for devices using only IPv4 addresses and utilizing the IPv6 address space for devices using IPv6 addresses
Tunneling Using an encapsulation scheme for transporting one address space inside another
Address Translation Using a higher- level application to change one address type (IPv4 or IPv6) to the other transparently so that end devices are unaware one address space is talking to another
I elaborate on these three mechanisms in the following sections.
IPv6 Dual Stack
The default implementation in Windows Server 2022 is an enabled IPv6 configuration along with IPv4; this is dual stack. The implementation can be dual IP layer or dual TCP/IP stack. Windows Server 2022 uses the dual IP layer implementation (see Figure 4.16). When an application queries a DNS server to resolve a hostname to an IP address, the DNS server may respond with an IPv4 address or an IPv6 address. If the DNS server responds with both, Windows Server 2022 will prefer the IPv6 address. Windows Server 2022 can use both IPv4 and IPv6 addresses as necessary for network communication. When looking at the output of the ipconfig command, you will see both address spaces displayed.
FIGURE 4.16 IPv6 dual IP layer diagram

IPv6 Tunneling
Windows Server 2022 includes several tunneling mechanisms for tunneling IPv6 through the IPv4 address space. They include the following:
■ Intra- Site Automatic Tunnel Addressing Protocol (ISATAP), which is used for unicast IPv6 communication across an IPv4 infrastructure. ISATAP is enabled by default in Windows Server 2022.
■ 6to4, which is used for unicast IPv6 communication across an IPv4 infrastructure.
■ Teredo, which is used for unicast IPv6 communication with an IPv4 NAT implementation across an IPv4 infrastructure.
With multiple tunneling protocols available and enabled by default, you might ask, what’s the difference, and why is one used over the others? They all allow you to tunnel IPv6 packets through the IPv4 address space (a really cool thing if you’re trying to integrate/ migrate). Here are the details of these tunneling mechanisms:
ISATAP Intra- Site Automatic Tunnel Addressing Protocol (ISATAP) is the automatic tunnel addressing protocol providing IPv6 addresses based on the IPv4 address of the end interface (node). The IPv6 address is automatically configured on the local device, and the dual stack machine can use either its IPv4 or IPv6 address to communicate on the local network (within the local network infrastructure). ISATAP can use the neighbor discovery mechanism to determine the router ID and network prefix where the device is located, thus making intrasite communication possible even in a routed infrastructure.
The format of an ISATAP address is as follows:
[64 bits of prefix] [32 bits indicating ISATAP] [32 bits IPv4 address]
The center 32 bits indicating ISATAP are actually 0000:5EFE (when using private IPv4 addresses). The ISATAP address of the example Windows Server 2022 machine using the link- local IPv6 address is FE80::5EFE:192.168.1.200. Each node participating in the ISATAP infrastructure must support ISATAP. If you’re routing through an IPv4 cloud, a border router (a router transitioning from an IPv6 to IPv4 space) must support ISATAP. Windows Server 2022 can be configured as a border router, and it will forward ISATAP packets. ISATAP is experimental and is defined in RFC 4214.
6to4 6to4 specifies a procedure for IPv6 networks to communicate with each other through an IPv4 space without the IPv6 nodes having to know what’s happening. The IPv6 nodes do not need to be dual stacked to make this happen. The border router is the device responsible for knowing about the IPv6- to- IPv4 transition. The IPv6 packets are encapsulated at the border router (and decapsulated at the other end or on the way back). There is an assigned prefix for the 6to4 implementation: 2002:: /16. 6to4 is defined in RFC 3056.
Teredo Teredo (named after a kind of shipworm that drills holes in the wood of ships) is a protocol designed to allow IPv6 addresses to be available to hosts through one or more layers of NAT. Teredo uses a process of tunneling packets through the IPv4 space using UDP. The Teredo service encapsulates the IPv6 data within a UDP segment (packet) and uses IPv4 addressing to get through the IPv4 cloud. Having layer 4 (Transport layer) available to use as translation functionality is what gives you the ability to be behind a NAT. Teredo provides host- to- host communication and dynamic addressing for IPv6 nodes
(dual stack), allowing the nodes to have access to resources in an IPv6 network and the
IPv6 devices to have access to the IPv6 devices that have only connectivity to the IPv4 space (like home users who have an IPv6- enabled operating system connecting to IPv6 resources while their home ISP has only IPv4 capabilities). Teredo is defined in RFC 4380. In Windows Server 2022, an IPv4 Teredo server is identified and configured (using the netsh command interface). The Teredo server provides connectivity resources (address) to the Teredo client (the node that has access to the IPv4 Internet and needs access to an IPv6 network/Internet). A Teredo relay is a component used by the IPv6 router to receive traffic destined for Teredo clients and forward the traffic appropriately. The defined prefix for a Teredo address is 2001:0000:: /32. Teredo does add overhead like all the other implementations discussed. It is generally accepted that you should use the simplest model available. However, in the process of integration/migration for most of us behind a NAT, Teredo will be the process to choose.
From Windows Server 2022, use the ipconfig /all command to view the default configurations including IPv4 and IPv6. You may notice a notation that I didn’t discuss, the percent sign at the end of the IPv6 address (see Figure 4.17). The number after the percent sign is the virtual interface identifier used by Windows Server 2022.
FIGURE 4.17 IPv6 interface identifier for ipconfig display

Useful IPv6 Information Commands
You can use numerous commands to view, verify, and configure the network parameters of Windows Server 2022. Specifically, you can use the netsh command set and the route command set as well as the standard ping and tracert functions.
Use the netsh command interface (as well as the provided dialog boxes, if you want) to examine and configure IPv6 functionality. The netsh command issued from the command interpreter changes into a network shell (netsh) where you can configure and view both IPv4 and IPv6 components.
Don’t forget to use the ever- popular route print command to see the Windows Server 2022 routing tables (IPv4 and IPv6). The other diagnostic commands are still available for
IPv4 as well as IPv6. In previous versions of Microsoft operating systems, ping was the
IPv4 command, and ping6 was the IPv6 command. This has changed in Windows Server 2022; ping works for both IPv4 and IPv6 to test layer 3 connectivity to remote devices. The IPv4 tracert command was tracert6 for IPv6. The command is now tracert for both IPv4 and IPv6, and it will show you every layer 3 (IP) hop from source to destination. (This assumes that all of the administrators from here to there want you to see the hops and are not blocking ICMP. It also assumes that there are no IP tunnels, which your packets are traversing; you won’t see the router hops in the tunnel either.)
Overall, the consortium of people developing the Internet and the Internet Protocol have tried to make all of the changes to communication infrastructures easy to implement. (This is a daunting task with the many vendors and various infrastructures currently in place.) The goal is not to daze and confuse administrators; it’s designed to provide maximum flexibility with the greatest functionality. IPv6 is going to provide the needed layer 3 (Network layer, global addressing layer, logical addressing layer . . . call it what you like) functionality for the foreseeable future.