Ask the Experts: How Windows Vista Delivers IPv6
Preparing for the next generation in networking
The networking world has been buzzing on and off about Internet Protocol version 6 (IPv6) since the mid-1990s. In Asia, massive IPv6 deployments are underway in several countries, such as Japan, Korea and China. Not only will this alleviate the severe IPv4 address shortage, but it will also serve to leverage the end-to-end capabilities of the new protocol in delivering direct computer-to-computer communications without interruption from intermediary network address translations during these massive broadband and wireless deployments.
On This Page
A Brief History of IPv6
The Internet has revolutionized the way the world shares information and has radically impacted the way we do business and live our lives. Unfortunately, the original designers of the Internet never envisioned the extent to which the Internet would be used. The current protocol that forms the basis of the Internet (IPv4) was not designed to support the massive number of people and devices connected today, nor the increased functionality being demanded from it to enable advanced applications such as video, voice, mobility, and other new requirements that are likely to emerge in the next five to ten years.
In the early 1990s, the Internet Engineering Task Force (IETF), which sets the standards for the Internet, understood the problems associated with the limited address space in IPv4 and began work to develop a newer version of IP. During this process, the IETF decided not to stop at fixing the issue with the address space, but also expanded the functionality of IP. The solution that was agreed upon was IPv6 and the core protocols were adopted as the new Internet protocol in 1995.
Adoption of IPv6 has been slow over the past decade but has recently accelerated, particularly in Europe and Asia. Reports1 based on information from the Number Resource Organization (NRO) indicate that IPv4 address space available from the Regional Internet Registries (RIRs) could be depleted within 2 years; furthermore, many developing nations can not obtain the massive numbers of IP addresses necessary to support their user community. The US Department of Defense and Federal Government have implemented major programs for adopting IPv6 and plan to begin using it in their operational networks by 2008. With several carriers and Internet Service Providers (ISPs) implementing IPv6 in their networks and companies such as Microsoft including operating system and application support for IPv6, the IPv6 adoption rate will greatly accelerate in the U.S. over the next 24 months.
New Features/Functionality of IPv6
Expanding the available IP address space was critical, but was not the only driver in developing IPv6. Many new requirements were taken into account, based on the limitations of IPv4 and how the future of packet networking was perceived to be progressing. IPv6 was created with the goal of supporting convergence, which will provide ubiquitous support for voice, video and data services over a single IP infrastructure. In order to achieve this goal, many new or advanced features and functions were incorporated into IPv6, including:
Significant work and diligence has extended the IPv4 address life through various policies and the use of NATs; however, recent reports show that IPv4 address exhaustion is imminent. A report prepared by the NRO2 in conjunction with the regional Internet registries including African Network Information Center (AFRINIC), Asia Pacific Network Information Centre (APNIC), American Registry for Internet Numbers (ARIN), Latin American and Caribbean Internet Address Registry (LACNIC) and RIPE Network Coordination Centre (RIPE NCC) shows approximately 25% of IPv4 addresses remain for allocation. Although many organizations and carriers within the US and Europe may not have a short-term concern based on their current IPv4 address allocation pool, the exponential growth of IP-enabled devices coupled with the lack of available IPv4 address space will drive the migration to IPv6.
The way that IP addresses are represented has also changed. Under IPv4, IP addresses were represented by four octets or 8 bit fields (0–255 for each field written in standard decimal notation) separated by decimal points. Examples of IPv4 addresses include:
With IPv6, IP addresses are typically represented by 16-bit fields (0–FFFF for each field written in hexadecimal notation) separated by colons. Examples of IPv6 addresses include:
In cases where multiple 0 blocks are part of the IPv6 address, "::" can be used once in an IPv6 address to shorten the notation. For example, fe80:0:0:0:0:70:77:26 is shortened as fe80::70:77:26.
The primary driver behind IP address allocation policies in IPv6 is not conservation of IP addresses, but more hierarchical and efficient routing. Internet routing tables are exceedingly large today under IPv4 and they could become excessively large if not tightly managed under IPv6. Using the concept of aggregation, the IPv6 address is thought of as two separate pieces brought together. The first 64 bits of the IPv6 address typically identifies your network or "where you are" and the second 64 bits identifies the device or "who you are." This not only supports the concept of hierarchical routing, but also plays a very large role in the ability for IPv6 devices to use autoconfiguration. But the implications of this type of allocation are enormous. This means that every LAN segment could potentially have 264 devices saying "who they are." Remember, the current Internet has a total of 232 addresses, so each subnet on the "New Internet of IPv6" would have several orders of magnitude more IP addresses available than the current Internet has today.
In addition to the technical changes in addressing, major IP allocation policy changes have occurred as well. Under IPv4, the RIRs, such ARIN, have many policies in place to strictly limit and conserve the IPv4 address space. Under IPv6, the story is different. While the registries will manage the IPv6 address space efficiently, current guidelines from ARIN recommend Internet Service Providers (ISP) allocate 48-bit public address prefixes (with 216 subnets) for every site (home and business users) as the standard initial allocation. This would mean that every home user would be able to establish 65,536 subnets each with the potential for 264 devices on each subnet.
Implementing and Using IPv6 in Windows Vista
One of the major issues with transitioning is that IPv6 is not backwards compatible with IPv4. Thus, a computer on the network operating with only IPv6 addresses can not directly communicate with a computer on the network operating in IPv4 mode only; however, Microsoft's implementation of Windows Vista will solve a significant problem for agencies, businesses, educational institutions, ISPs, and consumers that want to transition to IPv6. Windows will be both IPv4- and IPv6-capable out of the box. This means that every computer running Windows Vista will be able to communicate across IPv4 and IPv6 networks at the same time. Windows Vista runs a single-stack, dual-IP layer architecture for easier deployment and manageability. This dual-IP layer approach will allow organizations to save money and resources by transitioning their organization's infrastructure to IPv6 over time without worrying about interoperability issues with their workstations.
If you want to access IPv6 resources and your network infrastructure does not support IPv6, don't worry, Windows Vista also builds in support for automated tunnels such as ISATAP and Teredo. If Windows Vista does not detect IPv6 within the network it will try well known IPv6 tunneling mechanisms. This means that anyone who installs Windows Vista or turns on a new computer with Windows Vista could have automatic access to IPv6-based Web sites and resources over an existing Internet or intranet connection, if their network administrators allow it—even if the enterprise's ISP does not support IPv6.
IPv6 will be dominant in Windows Vista. What does this mean? If you have the option of using either IPv4 or IPv6 for a particular application, then Windows Vista will default to using IPv6. Again, this allows organizations to transition to IPv6 at their own pace, without costly reconfiguration of every workstation. When applications are upgraded to IPv6, users will be able to automatically access those new features with IPv6 without having to do anything, since Windows Vista will utilize IPv6 by default. Of course, this can be configured by the administrator.
Microsoft has a strong focus on security, too. Windows Vista includes IPsec and a built-in host-based firewall that works for both IPv4 and IPv6. IPsec can be used to protect traffic sent over the network as well as to authenticate connections coming into the workstation. Microsoft has introduced a concept called Domain Isolation, which will allow organizations to develop “zones of trust,” where only trusted computers can communicate with each other. All other connections attempted will be dropped and will not be visible to un-trusted users. Microsoft has also introduced the concept of Server Isolation that allows only trusted domains or subsets of domains to connect to specific servers.
Business Drivers for Using IPv6 and Windows Vista
IPv6 has already been deployed as a common approach in many countries in Asia to solve a variety of problems, but most notably the shortage of IPv4 addresses. The deployment of IPv6 is taking off in conjunction with the extensive deployment of broadband and wireless technologies in countries such as Japan and Korea. A recent report from NIST3 estimates that IPv6 could provide a US$10 billion per year benefit to the U.S. and the Japanese government estimates that IPv6 could generate a value of US$1.55 trillion. The future business drivers for moving to IPv6 are substantial, with the ability to cost-effectively support tens of billions of Internet-based devices to enable the explosion of new peer-to-peer multimedia services. Some of the short term business drivers for using IPv6 and Windows Vista include:
The need to transition to IPv6 is becoming more urgent with the depletion of the IPv4 address space, and the massive number of new Internet-enabled devices supporting voice, video and data. Major IPv6 transition efforts are underway in Asia, Europe and North America. Windows Vista provides significant advances necessary to support the transition to IPv6. The new capabilities provided under Windows Vista will allow for more advanced applications, and will support the movement forward with the tools necessary to make networks more secure during the transition to IPv6.
About the Author
Dale Geesey is VP of Consulting at v6 Transition. He has written several articles on IPv6 for the 6Sense newsletter (available at www.usipv6.com), hosted multiple Federal CIO IPv6 Transition Workshops, been a speaker at the U.S. IPv6 Summit and recently published a report entitled The IPv6 Best Practices World Report: A Guide for Federal Agencies Transitioning to IPv6. For more information about Dale or IPv6, go to www.v6transition.com or contact him at Dale@v6transition.com.