IN THIS CHAPTER
If you’ve been an IT professional long enough, you’ll remember IPX/SPX and the transition to TCP/IP. Despite significant advantages in performance, flexibility, and security, some IT pros stuck their heads in the sand and didn’t move their networks off of IPX/SPX until the operating system left them no other choice. It took years for the final holdouts to give in. The same thing is happening with the move from IPv4 to IPv6. This time around, it will be the ISPs that deliver the news that you have to change your network protocol.
In the old days, there were plenty of IPv4 addresses to go around, and desktops were issued public IP addresses; your router was responsible for making sure that internal traffic remained inside. The private ranges of 192.168.x.x, 10.x.x.x, and 172.16.x.x were largely ignored until an IP address shortage occurred. When that happened, ISPs started rationing public IP addresses, and NAT was invented. When private ranges became the new standard, most networks had to be renumbered, which helped make DHCP a networking standard. Rationing and the move to private IP addressing postponed the implementation of IPv6, but rationing can only take us so far, and the switch to IPv6 is inevitable. It’s now likely that during the lifetime of your SBS 2008 server, you will make the switch to IPv6.
The transition from IPv4 to IPv6 will be led by China and India. In the initial distribution of IP addressing blocks, those countries were issued fewer of the total available. However, today they are using IP addresses at a rate far beyond capacity; as of this writing, they have already started issuing IPv6 addresses. The worldwide adoption of mobility, VOIP, peer-to-peer applications, and need for QoS make the transition inevitable.
The transition to IPv6 has a steep learning curve and will take a number of years for everyone to fully convert. Experts expect that IPv4 will be out of use in 5–7 years. But more importantly, the supply of new IPv4 addresses is expected to run out in 2010. At that time, your ISP will hand you an IPv6 address. Because you are reading this book, you already have IPv6 on your network—now is the time to begin to transition so you won’t be one of those in 2010, staring at the IPv6 address given to you by your ISP and wondering what to do.
There are several reasons that IT pros are unprepared for IPv6: apathy, belief that improvement in technology negates the need to change, general dislike of change, and IPv6 addresses being hexadecimal. The latter is probably the biggest impediment to change. There’s just no getting around the fact that hexadecimal numbers are difficult to read.
Difficult to read or not, IPv6 is the preferred protocol of Vista and Windows 2008. They are designed for their most efficient operation using IPv6. This chapter will not be a full primer on learning IPv6; rather, we discuss basic addressing considerations and an example of how IPv6 can be used to add productivity and remote collaboration opportunities. Microsoft also provides excellent resources for learning on http://www.technet.com.
Besides the obvious difference of the hexadecimal address, there are a number of other changes and additions from IPv4 to IPv6. This section helps you get to know IPv6 in more detail.
IPv6 is packed with new features. Some of the more interesting ones revolve around the efficiency of the new protocol and the benefits that it holds for new technologies like VOIP and peer-to-peer applications, as follows:
More efficient header—Six fields have been removed and one added. The overall header size is much smaller, resulting in faster processing of packets.
Large address space—By allowing jumbograms up to 32GBs in size, IPv6 takes better advantage of broadband availability.
Smaller routing tables—Routers don’t have to store as much routing information in their tables; more information about routes is contained in the address scheme itself.
QoS and IPSec included in header—In demand by VOIP and government, these features are included in the header.
Neighbor Discovery protocol—Enables the automatic configuration of networks based on proximity, vastly simplifying mobile use and ad-hoc networking.
The need for IPv6 most likely won’t be driven by the need of the IT staff or the business owner; rather, this is a change to the way the Internet communicates. On your local network, the benefits of IPv6 will be felt in faster download and file access times, fewer dropped or garbled VOIP communications, and improved ease of mobile networking. Once IPv6 takes hold, we’ll see an immediate rise in demand for IP addresses from equipment not yet connected to the Internet.
But by far the biggest benefit of IPv6 is going to be felt in the user experience of effortlessly joining the network as they move from place to place. From an IT perspective, we’ll know the magic behind the scenes is ad-hoc networking and the self-discovery features of IPv6. From an end-user perspective, suddenly things just got a lot easier for them. They will no longer have to stop and think about how to set up their computer to join a hotspot, conference room network, home network, or customer network, or how to get back into the office network.
Each IP address is made up of eight 16-bit chunks, and then converted to hex. If a section is all zeros, it can be replaced with :: as a shorthand. Any number of consecutive zeros is contained in the :: shorthand. Although the shorthand makes it easier to read, the reality of using IPv6 is that unlike IPv4, with complex subnetting and DHCP in practice, the need for reading an IPv6 address will not be as common. Most of the time, you simply release and renew your IP address in order to join the network that you’ve entered.
Table 19.1 lists the IPv6 addresses for the DNS root servers. Notice that rather than a subnet mask, only the prefix length is given. In IPv6, there are no subnet masks.
An IPv6 address is made up of three parts: Global Prefix, Subnet, and InterfaceID. When your ISP issues you an IPv6 address, they provide the Global Prefix; the rest is up to you to define.
Using our SBS 2008 server as an example, we notice that the IPv6 address is a link local address of fe80::7732:2308:83EA:229F/10. The Global Prefix is fe80:0:0:0. The Subnet is 0, and the InterfaceID is 7732:2308:83ea:229f. /10 is the prefix length.
IPv6 addresses come in four single (or unicast) address types and two multicast types: IPv6 unicast addresses can be global unicast (single address making the device unique in all the world), link local (small private networks), unique local (single address making the device unique on your WAN), and special (loop-back addresses).
IPv6 multicast addresses can be either routable multicast or anycast. Multicast is broadcast to members of the same group, and it is routable; however, your router will not forward the multicast unless it knows that there are members outside of the router to forward to. This prevents broadcast storms. Anycast addresses are single IPv6 addresses that have been assigned to multiple nodes. This allows for load balancing and failover of devices.
As in IPv4, certain address groups are reserved for specific purposes. Table 19.2 lists the network prefix and its allocation.
The difficulty of reading an IPv6 address becomes largely irrelevant when you realize that a DHCP server is not necessary on an IPv6 network. Probably one of the most difficult transitions for the current generation of IT administrators is saying goodbye to the DHCP server. How do network devices get IP addressing? In a pure IPv6 environment, a device queries a router to determine the prefix of the local network it has entered. It then assigns itself an IP address based on the information it has obtained from the router. Both static IP addresses and DHCP become a thing of the past.
In this manner, when a new PC enters the network, it is automatically configured for the local network, even if it is a visitor. As computer users become more mobile, the problem of configuring your computer for the local network on which they are present at the moment goes away, and the user can start to work immediately.
Although you don’t need to configure DHCP for IPv6, you do need to create DNS entries. Fortunately for IT administrators, creating an IPv6 DNS entry isn’t very different from creating an IPv4 DNS entry—only the names have changed; the procedure itself has not.
In an IPv4 DNS environment, a host record is called an A record. In an IPv6 DNS environment, a host record is called an AAAA record. The only difference between the two record types is the IP address itself.
To create a new host AAAA record, do the following from within DNS Manager:
1. Right-click on the forwarding zone, smallbizco.net, and choose New Host (A or AAAA...).
2. The New Host configuration box appears. In the Name box, type mysalesapp. In the IP Address box, type the IP address of the web site. Press Add Host.
3. Click OK on the confirmation message. Click Done.
4. Test the name resolution by opening a browser window and typing the web site address.
Simply talking about how IPv6 is going to work is not enough to develop an understanding of the impact that IPv6 will have. The following sections provide a practical example of using IPv6 that is available right now.
In case you haven’t heard, there is an application in Vista that requires IPv6; it’s called Windows Meeting Space. Windows Meeting Space enables you to set up ad-hoc networks with up to 10 computers for the purpose of holding a meeting or collaborating on a document. It has powerful tools for sharing documents, desktop, or even making a presentation. Using IPv6, the computers in your ad-hoc network can be near or far. If you want to see IPv6 in action, look no further than your desktop.
Besides being able to provide several IP addresses for every powered-on device on the planet, one of the major purposes of IPv6 is to enable networking to automatically take place from anywhere. Windows Meeting Space showcases this feature of IPv6.
By default, your Vista PC has IPv6 enabled. For the purpose of this exercise, leave the default settings in place. Follow these steps to create a new Windows Meeting Space:
1. From the Start menu, select All Programs; then select Windows Meeting Space.
2. Click Yes; continue setting up Windows Meeting Space in the dialog box that opens.
You are now presented with the set-up wizard for People Near Me. People Near Me is the friendly name that Microsoft has chosen for ad-hoc networking. Using IPv6, people near you are not those physically near you (although they may be), but rather near you on your subnet. If your subnet can cross the boundary of your router, and your router knows that some members of your subnet are currently outside the local LAN, people near you might actually be physically located in other offices. This is the power of globally routable IP addresses in IPv6. The setup of People Near Me is done once. After you have People Near Me configured on your computer, this step is not necessary for future meetings or ad-hoc networking.
Before People Near Me configuration begins, you are asked to Allow People Near Me to configure Vista’s host firewall. Click Yes and continue configuring Windows Meeting Space. People Near Me will open.
On the People Near Me window, you are presented with some very important choices in the Allow Invitations From drop-down menu box. Figure 19.1 shows this dialog box and its options of Anyone, Trusted Contact, and No One. On this screen, you are also asked whether you want to be automatically signed into People Near Me or not. If not, uncheck the box.
Before you can make the appropriate invitation selection, you need to know what People Near Me is and what Trusted Contacts are, as follows:
People Near Me is a service that enables ad-hoc networking by identifying people nearby who are allowing ad-hoc connections. It enables those people to send you invitations to Windows Meeting Space and other IPv6-enabled applications. You can only be invited to use applications that are installed on your computer, and you have to be signed into the People Near Me service in order to receive the invitation.
A Trusted Contact is someone, listed in Windows contacts, who has sent you his or her contact information in an e-mail message or given you the information on a disk or another type of removable media. A trusted contact’s information always includes a certificate. To see your list of Trusted Contacts, open Windows Contacts.
Notice that in Windows Contacts, there is a contact entry for the currently logged-on user. To send this contact information to someone, right-click your personal contact (the contact with your name on it), and then click Copy. Open a new e-mail message and paste or drop the contact into it. If you see a message asking whether to convert the contact attachment to vCard, click No. The contact can also be sent as an attachment. The contact will have a file extension of .contact.
For the purposes of this example, choose Anyone in the People Near Me configuration window and press OK. A new icon appears in the System Tray to indicate that you are signed into People Near Me, and the Windows Meeting Space application opens.
At this point, ad-hoc networking has begun, and IPv6 is attempting to locate other devices in its subnet. The three peer networking services have also been started. Figure 19.2 shows that these services are now started.
Figure 19.3 is the Windows Meeting Space configuration screen. You need to enter a name and password for your meeting; then press the green button to start a new meeting. Once a meeting has been started, anyone running People Near Me will be allowed to join the meeting and will see that a meeting is available to join when they open Windows Meeting Space.
Running Windows Meeting Space gives you a glimpse into the future with IPv6. Now that you have People Near Me configured, anytime you are logged into the service and near other computers, you will be automatically networked with them. Ultimately, as ad-hoc networking becomes the norm, your ability to move within and between networks will happen smoothly and effortlessly.
Troubleshooting IPv6 is much like troubleshooting IPv4. The cast of characters is basically the same, as is the knowledge to interpret the results. In most cases, only the command has changed. There are also network resources available that can help you learn to troubleshoot IPv6.
The following utilities should be familiar, but they do have some changes to make them work as expected on an IPv6 network.
Ping is a utility that has never gone out of style. In SBS 2008, the ping command works in the same way it always has; however, it is now capable of pinging IPv6 addresses as well. To ping an IPv6 address, use the -6 switch:
C:Userssbsadmin>ping -6 fe80::5efe:157.59.138.63%2
Pinging fe80::5efe:157.59.138.63%2 with 32 bytes of data:
Reply from fe80::5efe:157.59.138.63%2: time<1ms
Reply from fe80::5efe:157.59.138.63%2: time<1ms
Reply from fe80::5efe:157.59.138.63%2: time<1ms
Reply from fe80::5efe:157.59.138.63%2: time<1ms
Ping statistics for fe80::5efe:157.59.138.63%2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Ipconfig continues to be a useful troubleshooting tool. Just like ping, the command is the same, only there are new switches to apply, as follows:
Ipconfig /all lists all IP configuring present on the system, including IPv6 addresses.
Ipconfig /release6 releases your IPv6 address.
Ipconfig /renew6 renews your IPv6 address.
Because we will not be using DHCP for IPv6, release and renew take on slightly different meanings. If you find that you have moved into a new network, but your workstation or mobile device is configured with the IPv6 addresses from another network, you use the /release and /renew commands to tell the system to query the router for the local addresses on the LAN.
The following resources help you get more information about IPv6 and how to troubleshoot IPv6 networks:
Microsoft IPv6 TechNet page containing resources of all sorts from webcast to whitepapers: http://technet.microsoft.com/en-us/network/bb530961.aspx.
Network World eight-minute audio primer: http://www.networkworld.com/primers/ipv6main.html.
Cisco IPv6 Primer for Physical Security professionals: http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/
ps9145/ps9152/prod_white_paper0900aecd8073c232.pdf.
IPv6 is coming. In the lifetime of your SBS 2008 server, the change to IPv6 will happen. This chapter introduced the concept of IPv6, provided an example of how IPv6 can be used in your network today, and suggested a learning path. IPv6 will enable much easier mobile networking, eliminate the shortage of IP addresses, and enable clearer VOIP communication, but first administrators need to get comfortable with the coming change.
Although many IT administrators are reluctant to change and perhaps are intimidated by hexadecimal addressing, the reality is that the need to read IPv6 addresses is much less necessary than in IPv4. The fact that devices are self-addressing, and we no longer need DHCP, further reduces the complexity.
The future is coming, and IPv6 will soon become dominant.
IPv6 is the default protocol for Vista and Windows 2008. The transition of the Internet from IPv4 to IPv6 has begun. Experience the networking efficiency improvements by allowing your Vista and Windows 2008 computers to use IPv6.
Try using Windows Meeting Space. Going through the exercise of configuring and using People Near Me will give you the feel for IPv6 in practice.
When troubleshooting IPv4, take a moment to look at your favorite commands to see if there are any switches that have been added for IPv6 compatibility.
Start learning IPv6 now. There are many excellent resources available.