Internet Protocol version 6 (IPv6) is the first major revamping of IP since RFC 791 was accepted in 1981. Yes, the operation of IP has improved, and there have been a few bells and whistles added (such as NAT, for example), but the basic structure is still being used as it was originally intended. IPv6 has actually been available to use in Microsoft operating systems since NT 4.0, but it always had to be manually enabled. Windows Vista was the first Microsoft operating system to have it enabled by default. It is also enabled by default in
Windows 7, Windows 10, Windows 11, Windows Server 2008, Windows Server 2008 R2,
Windows Server 2012/2012 R2, Windows Server 2016, Windows Server 2019, and Windows Server 2022, and it probably will be in all Microsoft operating systems from this point on.
TCP and UDP— as well as the IP applications, such as HTTP, FTP, SNMP, and the rest— are still being used in IPv4. So, you might ask, why change to the new version? What does IPv6 bring to your networking infrastructure? What is the structure of an IPv6 address? How is it implemented and used within Windows Server 2022? I’ll answer all of those questions and more in this section.
IPv6 History and Need
In the late 1970s, as the IP specifications were being put together, the vision of the interconnected devices was limited compared to what we actually have today. To get an idea of the growth of the Internet, take a look at Hobbes’s Internet Timeline in RFC 2235 (www.faqs.org/rfcs/rfc2235.html). As you can see, in 1984, the number of hosts finally surpassed 1,000— two years after TCP and IP were introduced. With 32 bits of addressing available in IPv4, it handled the 1,000+ hosts just fine. And even with the number of hosts breaking the 10,000 mark in 1987 and then 100,000 in 1989, there were still plenty of IP addresses to go around. But when the number of hosts exceeded 2 million in 1992 and 3 million in 1994, concern in the industry started to build. So in 1994, a working group was formed to come up with a solution to the quickly dwindling usable address availability in the IPv4 space. Internet Protocol next generation (IPng) was started.
Have you heard of IP address depletion being a problem today? Probably not as much. When the working group realized that it could not have IPv6 standardized before the available addresses might run out, they developed and standardized Network Address Translation (NAT) as an interim solution. NAT, or more specifically an implementation of NAT called Port Address Translation (PAT), took care of a big portion of the problem.
NAT works very well, but it does have some limitations, including issues of peer- to- peer applications with their IPv4 addresses embedded in the data, issues of end-t o- end traceability, and issues of overlapping addresses when two networks merge. Because all devices in an IPv6 network will have a unique address and no network address translation will take place, the global addressing concept of IPv4 will be brought back (the address put on by the source device will stay all the way to the destination). Thus, with the new-a nd- improved functionality of IPv6, the drawbacks of NAT and the limitations of IPv4 will be eliminated.
New and Improved IPv6 Concepts
Several elements of the IPv4 protocol could use some enhancements. Fortunately, IPv6 incorporates those enhancements as well as new features directly into the protocol specification to provide better and additional functionality.
The following list includes new concepts and new implementations of old concepts in IPv6:
■ Larger address space (128- bit vs. 32- bit).
■ Autoconfiguration of Internet- accessible addresses with or without DHCP. (Without DHCP, it’s called stateless autoconfiguration.)
■ More efficient IP header (fewer fields and no checksum).
■ Fixed- length IP header (the IPv4 header is variable length) with extension headers beyond the standard fixed length to provide enhancements.
■ Built- in IP mobility and security. (Although available in IPv4, the IPv6 implementation is a much better implementation.)
■ Built- in transition schemes to allow integration of the IPv4 and IPv6 spaces.
■ ARP broadcast messages replaced with multicast request.
Here are more details about these features:
128- Bit Address Space The new 128- bit address space will provide unique addresses for the foreseeable future. Although I would like to say that we will never use up all of the addresses, history may prove me wrong. The number of unique addresses in the IPv6 space is 2128, or 3.4 × 1038, addresses. How big is that number? It’s enough for toasters and refrigerators (and maybe even cars) to all have their own addresses.
As a point of reference, the nearest black hole to Earth is 1,600 light years away. If you were to stack 4mm BB pellets from here to the nearest black hole and back, you would need 1.51 × 1022 BBs. This means you could uniquely address each BB from Earth to the black hole and back and still have quite a few addresses left over.
Another way to look at it is that the IPv6 address space is big enough to provide more than 1 million addresses per square inch of the surface area of the earth (oceans included).
Autoconfiguration and Stateless Autoconfiguration Autoconfiguration is another added/improved feature of IPv6. We’ve used DHCP for a while to assign IP addresses to client machines. You should even remember that APIPA can be used to assign addresses automatically to Microsoft DHCP client machines in the absence of a DHCP server. The problem with APIPA is that it confines communication between machines to a local LAN (no default gateway). What if a client machine could ask whether there was a router on the LAN and what network it was on? If the client machine knew that, it could not only assign itself an address, it could also choose the appropriate network and default gateway. The stateless autoconfiguration functionality of IPv6 allows the clients to do this.
Improved IPv6 Header The IPv6 header is more efficient than the IPv4 header because it is fixed length (with extensions possible) and has only a few fields. The IPv6 header consists of a total of 40 bytes:
32 bytes Source and destination IPv6 addresses
8 bytes Version field, traffic class field, flow label field, payload length field, next header field, and hop limit field
You don’t have to waste your time with a checksum validation anymore, and you don’t have to include the length of the IP header (it’s fixed in IPv6; the IP header is variable length in IPv4, so the length must be included as a field).
IPv6 Mobility IPv6 is only a replacement of the OSI layer 3 component, so you’ll continue to use the TCP (and UDP) components as they currently exist. IPv6 addresses a TCP issue, though. Specifically, TCP is connection oriented, meaning that you establish an end- to- end communication path with sequencing and acknowledgments before you ever send any data, and then you have to acknowledge all of the pieces of data sent. You do this through a combination of an IP address, port number, and port type (socket).
If the source IP address changes, the TCP connection may be disrupted. But then how often does this happen? Well, it happens more and more often because more people are walking around with a wireless laptop or a wireless voice over IP (VoIP) telephone. IPv6 mobility establishes a TCP connection with a home address and, when changing networks, it continues to communicate with the original endpoint from a care- of address as it changes LANs, which sends all traffic back through the home address. The handing off of network addresses does not disrupt the TCP connection state (the original TCP port number and address remain intact).
Improved Security Unlike IPv4, IPv6 has security built in. Internet Protocol Security (IPsec) is a component used today to authenticate and encrypt secure tunnels from a source to a destination. This can be from the client to the server or between gateways. IPv4 lets you do this by enhancing IP header functionality (basically adding a second IP header while encrypting everything behind it). In IPv6, you add this as standard functionality by using extension headers. Extension headers are inserted into the packet only if they are needed. Each header has a “next header” field, which identifies the next piece of information. The extension headers currently identified for IPv6 are Hop-B y- Hop Options, Routing, Fragment, Destination Options, Authentication, and Encapsulating Security Payload. The Authentication header and the Encapsulating Security Payload header are the IPsec- specific control headers.
IPv4 to IPv6 Interoperability Several mechanisms in IPv6 make the IPv4- to- IPv6 transition easy:
A simple dual- stack implementation where both IPv4 and IPv6 are installed and used is certainly an option. In most situations (so far), this doesn’t work so well because most of us aren’t connected to an IPv6 network and our Internet connection is not IPv6 even if we’re using IPv6 internally. Therefore, Microsoft includes other mechanisms that can be used in several different circumstances.
Intra-S ite Automatic Tunnel Addressing Protocol (ISATAP) is an automatic tunneling mechanism used to connect an IPv6 network to an IPv4 address space (not using NAT). ISATAP treats the IPv4 space as one big logical link connection space.
6to4 is a mechanism used to transition to IPv4. This method, like ISATAP, treats the
IPv4 address space as a logical link layer with each IPv6 space in transition using a
6to4 router to create endpoints using the IPv4 space as a point- to- point connection
(kind of like a WAN, eh?). 6to4 implementations still do not work well through a NAT, although a 6to4 implementation using an Application layer gateway (ALG) is certainly doable.
Teredo is a mechanism that allows users behind a NAT to access the IPv6 space by tunneling IPv6 packets in UDP.
Pseudo- interfaces are used in these mechanisms to create a usable interface for the operating system. Another interesting feature of IPv6 is that addresses are assigned to interfaces (or pseudo- interfaces), not simply to the end node. Your Windows Server 2022 will have several unique IPv6 addresses assigned.
New Broadcast Methods IPv6 has moved away from using broadcasting. The three types of packets used in IPv6 are unicast, multicast, and anycast. IPv6 clients then must use one of these types to get the MAC address of the next Ethernet hop (default gateway). IPv6 makes use of multicasting for this along with the new functionality called neighbor discovery. Not only does ARP use new functionality, but ICMP (also a layer 3 protocol) has been redone and is now known as ICMP6. ICMP6 is used for messaging (packet too large, time exceeded, and so on) as it was in IPv4, but now it’s also used for the messaging of IPv6 mobility. ICMP6 echo request and ICMP6 echo reply are still used for ping.