Understanding IPv6 Support in Exchange 2010

 

Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2

Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP). IPv6 is intended to correct many of the shortcomings of IPv4, which was the previous version of the IP. In Microsoft Exchange Server 2010, IPv6 is supported only when IPv4 is also used; a pure IPv6 environment isn't supported. Using IPv6 addresses and IP address ranges is supported only when both IPv6 and IPv4 are enabled on the computer running Exchange 2010, and the network supports both IP address versions. If Exchange 2010 is deployed in this configuration, all server roles can send data to and receive data from devices, servers, and clients that use IPv6 addresses.

This topic discusses IPv6 addressing in Exchange 2010. For additional background information about IPv6, see IPv6 and IPv6 Support in Exchange 2007 SP1 and SP2.

Contents

IPv6 Addresses

IPv6 Support in Exchange 2010 Components

Disable or Enable IPv6

Looking for management tasks related to deploying Exchange 2010? See Managing Deployment of Exchange 2010.

IPv6 Addresses

An IPv6 address is 128-bits long. The address is described by using colon-hexadecimal notation. Colon-hexadecimal notation describes the 128-bit address by using eight 16-bit, 4-digit hexadecimal numbers separated by the colon character (:). An example of an IPv6 address in colon-hexadecimal notation is 2001:0DB8:0000:0000:02AA:00FF:C0A8:640A.

You can express an IPv6 address by using the following methods:

  • Suppress leading zeros   You can omit the leading zeros in any of the eight 4-digit hexadecimal numbers in an IPv6 address.

  • Double-colon compression   You can use two colons (::) to represent contiguous 16-bit hexadecimal digits that contain all zeros. These all-zero digits may exist at the beginning, middle, or end of the IPv6 address. You can only use double-colon compression one time in an IPv6 address.

  • Trailing dotted-decimal notation   You may express the last 32 bits at the end of an IPv6 address in dotted-decimal notation by separating the 8-bit digits with a period (.). Trailing dotted-decimal notation is frequently used with IPv4-compatible addresses.

The following table provides examples of the IPv6 address notation and the equivalent IPv6 address syntax.

IPv6 address notation and syntax

IPv6 address notation IPv6 address syntax

Full IPv6 address

2001:0DB8:0000:0000:02AA:00FF:C0A8:640A

IPv6 address that uses suppressed leading zeros

2001:DB8:0:0:2AA:FF:C0A8:640A

IPv6 address that uses double-colon compression

2001:DB8::2AA:FF:C0A8:640A

IPv6 address that uses trailing dotted-decimal notation

2001:DB8::2AA:FF:192.168.100.10

IPv6 addresses are categorized into the following types:

  • Unicast address   A packet is delivered to one interface.

  • Multicast address   A packet is delivered to multiple interfaces.

  • Anycast address   A packet is delivered to the nearest of multiple interfaces. The distance between interfaces is defined by the routing cost.

IPv6 unicast addresses have the following possible scopes:

  • Link local   The scope of the IPv6 address is the local subnet. IPv6 link local addresses are comparable to IPv4 link local addresses used in Automatic Private IP Addressing (APIPA).

  • Site local   The scope of the IPv6 address is the local organization. Site local addresses were deprecated by RFC 3879 and replaced by unique local addresses as defined in RFC 4193. IPv6 site local addresses and IPv6 unique local addresses are comparable to IPv4 private IP addresses.

  • Global   The scope of the IPv6 address is the whole world. IPv6 global addresses are comparable to IPv4 public IP addresses.

The following table provides a comparison of IPv4 elements and IPv6 elements.

IPv4 vs. IPv6 elements

Item IPv4 IPv6

Private IP address

10.0.0.0/8

172.16.0.0/12

192.168.0.0/16

FD00::/8

Link local address

169.254.0.0/16

FE80::/64

Loopback address

127.0.0.1

::1

Unspecified address

0.0.0.0

::

Address resolution

Address Resolution Protocol (ARP)

Neighbor Discovery (ND)

Domain Name System (DNS) host name resolution

Address record (A record)

AAAA record or A6 record

For more information about IPv6 addressing, see IPv6 Address Types.

Supported IPv6 Address Input Formats

The following types of IPv6 address input formats are supported in Exchange 2010:

  • A single IPv6 address

  • An IPv6 address range

  • An IPv6 address together with a subnet mask

  • An IPv6 address together with a subnet mask that uses Classless Interdomain Routing (CIDR) notation

The following table provides examples of the acceptable IPv6 address input formats in Exchange 2010 on Windows Server 2008.

IPv6 address examples

Type Example of an IPv6 address

Single address

2001:DB8::2AA:FF:C0A8:640A

Address range

2001:DB8::2AA:FF:C0A8:640A-2001:DB8::2AA:FF:C0A8:6414

Address together with subnet mask

2001:DB8::2AA:FF:C0A8:640A(FFFF:FFFF:FFFF:FFFF::)

Address together with subnet mask that uses CIDR notation

2001:DB8::2AA:FF:C0A8:640A/64

In Exchange 2010 on Windows Server 2008, the following input formats are supported:

  • Suppression of leading zeros

  • Double-colon compression

  • Trailing dotted-decimal notation

Return to top

IPv6 Support in Exchange 2010 Components

The following table describes the components in Exchange 2010 affected by IPv6.

Exchange 2010 components and IPv6

Server role on the source computer Feature IPv6 supported Comments

Transport

IP Allow list and IP Block list

Yes

For more information about the IP Allow list, see Enable or Disable Connection Filtering and Understanding Connection Filtering.

Transport

IP Allow List providers and IP Block List providers

No

Currently, there is no widely accepted industry standard protocol for looking up IPv6 addresses. Most IP Block List providers don't support IPv6 addresses. If you allow anonymous connections from unknown IPv6 addresses on a Receive connector, you increase the risk that spammers will bypass IP Block List providers and successfully deliver spam into your organization.

For more information about IP Block list providers, see "IP Block List Providers" in Understanding Connection Filtering.

Transport

Sender reputation

No

The Protocol Analysis agent doesn't compute the sender reputation level (SRL) for messages that originate from IPv6 senders. For more information about sender reputation, see Understanding Sender Reputation.

Transport

Sender ID

Yes

For more information, see Understanding Sender ID.

Transport

Receive connectors

Yes

IPv6 addresses are accepted for the following components:

  • Local IP address bindings

  • Remote IP addresses

  • IP address ranges

We strongly recommend against configuring Receive connectors to accept anonymous connections from unknown IPv6 addresses. If your organization must receive mail from senders who use IPv6 addresses, create a dedicated Receive connector that restricts the remote IP addresses to the specific IPv6 addresses that those senders use.

For more information, see Understanding Receive Connectors.

Transport

Send connectors

Yes

IPv6 addresses are accepted for the following components:

  • Smart host IP addresses

  • The SourceIPAddress parameter for Send connectors configured on Edge Transport servers

Note

If you want to specify an IPv6 address for the SourceIPAddress parameter, make sure that the appropriate DNS AAAA and mail exchange (MX) records are configured correctly. This helps ensure message delivery if a remote messaging server tries any kind of reverse lookup test on the specified IPv6 address.

For more information, see Understanding Send Connectors.

Transport

Incoming message rate limits

Partial

Incoming message rate limits that you can set on a Receive connector, such as the MaxInboundConnectionPercentagePerSource parameter, the MaxInboundConnectionPerSource parameter, and the TarpitInterval parameter, only apply to a global IPv6 address. Link local IPv6 addresses and site local IPv6 addresses aren't affected by any specified incoming message rate limits. For more information about incoming message rate limits, see Understanding Message Throttling.

Unified Messaging

All features

No

Unified Messaging doesn't support IPv6 in any version of Exchange 2010. For more information about Unified Messaging, see Unified Messaging.

Mailbox (Database availability group member)

IPv6 addresses

Yes

Static IPv6 addresses are supported by Windows Server 2008 and the Cluster service. However, using static IPv6 addresses goes against best practices. Exchange 2010 on Windows Server 2008 doesn't support the configuration of static IPv6 addresses during setup.

Failover clusters support Intra-site Automatic Tunnel Addressing Protocol (ISATAP). They support only IPv6 addresses that allow for dynamic registration in DNS. Link local addresses can't be used in a cluster.

For more information, see New High Availability and Site Resilience Functionality.

Return to top

Disable IPv6

Exchange servers fully support IPv6 networks. Therefore, you do not have to disable IPv6 on your Exchange servers. To learn more about IPv6 support in Microsoft Windows, see IPv6 for Microsoft Windows: Frequently Asked Questions.

Return to top

 © 2010 Microsoft Corporation. All rights reserved.