Migrating to IPv6 with Windows Server 2008

As we discussed before (Windows Server 2008 IPv6 — the Future of Internet Protocol) the new IPv6 protocol is coming and there is no stopping it.

However, no one expects this to be a quick transition. IPv4 support will likely be necessary for years or decades to come.

Luckily, Windows Server 2008 comes equipped with standard features to help with the move to a new network protocol.

Allowing for interoperability between IPv4 and IPv6 networks is not a trivial process. Fortunately, the designers of IPv6 have already come up with most of the framework to handle the interplay.

At the top of the list is Intra-Site Automatic Tunnel Addressing Protocol or ISATAP (ah, more acronyms).

With ISATAP, when a network in your site that is running IPv6 needs to talk to a network running IPv4, a properly enabled router will encapsulate the IPv6 packets inside of IPv4 packets and in the reverse, add IPv6 headers to incoming IPv4 packets.

The best part is that there is nothing for the workstations or servers to do. For all they know, they are talking to the same kind of network.

What if your organization is all about IPv6, but they have to communicate over a non-IPv6 network like the Internet?

Another technology known as 6to4 automatically creates tunneling between the networks by temporarily packaging the IPv6 packets inside IPv4 packets and then returning them to their original state when they arrive at their destination.

What about an application that uses IPv6?

For that, Microsoft utilizes Teredo. In Windows Server 2003, Teredo wouldn’t work with domain member computers. Not any more. Now, Teredo is supported on domain member computers and domain controllers so there will be no seams in the IPv4 and IPv6 networks from an application standpoint.

What Do I Have to Do?

So far, there isn’t any work for the average systems administrator here. "Hey, what are we waiting for?"

Well, besides the network guys freaking out (this will be tougher on their end), there are a some Windows Server functions you’ll have to get right first.

One of them is DHCP. Right now, all of your DHCP servers are configured with IPv4 scopes and happily doling out those addresses to all comers. Windows Server 2008 supports DHCPv6 which is, of course, DHCP using IPv6 addresses.

Although a Server 2008 DHCP server can send out both kinds of addresses, there is still no way to “translate” how an IP address is assigned, so you’ll have to re-create your scopes to get the right IPv6 addresses out there to the right systems.

The tough part will be making sure that systems you want getting IPv6 addresses get IPv6 addresses and the others get the IPv4 addresses.

DNS is another tricky spot. IPv6 addresses will be AAAA (quad-A) records in your tables. Obviously, your IPv4 DNS servers won’t have any idea what those are.

Also, since there is no way the average non-photographic memory systems administrator will be able to memorize IPv6 addresses of more than a couple of severs (if any), name resolution is going to have to be more robust than ever.

To this end, all domain controllers will host DNS which will complicate your efforts to define who contacts which DNS process.

The good news is that configuring these services will be pretty much the same as it is now, only the input field will take IPv6 addresses instead of the four blanks separated by periods (and since IPv6 address can be abbreviated, there will be no more automatic cursor movement to the next field, so the backspace key will actually work if you fat finger part of the address instead of stubbornly refusing to move back to the previous dotted section).

For example, manually configuring an IP address takes place in the same way, on the same screen. You’ll put in the default address and default gateway in the same fields. The only difference is that you will be typing a lot more.

Benefits of IPv6

There is more in the move to IPv6 for you than just saving the Internet (a noble goal in and of itself).

The IPv6 standard allows for TCP to be offloaded down one level. So, your new network cards will handle TCP at the hardware level, and your old ones will still benefit from processing occurring in the miniport.

This means less work for your servers and more power for your users.

Another huge benefit is that you will finally be able to get rid of WINS!

A newer more robust service that works tightly with DNS called GlobalNames Zone will handle all the simple name (non-fully qualified) resolution for your network. In fact, this may be where you want to get started with your migration.

The biggest time saver will be the ability to make network configuration changes on the fly without a reboot.

IPv6’s stack allows for the ability to retain configuration settings so those late workdays where you have to stay just to make sure a reboot goes through are over (at least for IP configuration changes).

Thanks to the translation protocols provided at the router level and the fact that all Windows Server 2008 systems will have fully integrated IPv4 and IPv6 stacks means that the migration to IPv6 will be as painless as possible.

Of course, there is no way it will be pain free. Then again, if it was easy, everyone would do it, and you would get paid a lot less.

Comments