How IIS 6.0 Supports IPv6

Applies To: Windows Server 2003, Windows Server 2003 with SP1

Except for the differences in functionality outlined in this section, IIS 6.0 provides the same Web services to clients that connect by using IPv6 as it does for clients that connect by using IPv4.

Differences in IIS Functionality Between IPv4 and IPv6

IIS 6.0 provides the same core functionality for users of IPv6 as it does for users of IPv4. However, only a subset of IIS 6.0 functionality is available for users of IPv6. The following are the most significant differences:

• The IIS Manager user interface does not support IPv6 addresses. IIS Manager does not display IPv6 addresses as it does IPv4 addresses; that is, the IIS user interface does not provide a way to work with or manipulate IPv6 addresses. However, manipulating literal hexadecimal IPv6 addresses is usually not recommended, so lack of this functionality is unlikely to prevent you from installing and using IPv6.

• The IP Address Restrictions feature is not supported. The IP Address Restrictions feature in IIS 6.0 does not support IPv6 addresses or IPv6 prefixes.

• Bandwidth throttling is not supported for responses sent over IPv6 addresses. If you change the MaxBandwidth and MaxGlobalBandwidth metabase properties, you do not affect IPv6 network traffic. However, connection limits and connection time-outs, which are related IIS 6.0 features, are supported.

• The ServerBindings and SecureBindings metabase properties do not support IPv6 addresses. Both properties specify strings that IIS 6.0 uses to determine which network endpoints are used by the server instance. The string format for the ServerBindings property is IPAddress:Port:HostName. Both the IPAddress and HostName parameters of the string are optional; however, the IPAddress component of the string is limited to storing an IPv4 address. Any unspecified parameters default to an all-inclusive wildcard.

  Because of the limitations in IPv6 functionality for these metabase properties, IIS 6.0 functionality for IPv6 is affected as follows:

  • Site routing is limited to host headers only. You cannot configure sites to route on an IPv6 address or on a combination of an IPv6 address and host header. This limitation also affects sites that are configured to route based on an IPv4 address. When you install IPv6, sites that are already specifically configured for IPv4 site-based routing do not respond to requests that come in over IPv6.

  • The number of Secure Sockets Layer (SSL) sites is limited to one. Due to the IP routing restriction for IPv6, IIS deployments designed for IPv6 addresses are limited to one SSL site per computer.

• File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), and Network News Transfer Protocol (NNTP) services are not supported. IPv6 is supported only for the WWW service. The FTP, SMTP, and NNTP services do not have IPv6 support in IIS 6.0.

• If you install IPv6 on a computer that is running IIS 6.0, all sites on the computer respond to IPv6 clients. You cannot configure individual sites or virtual directories to respond to IPv6 traffic while others on the same server respond to IPv4 traffic.

• Logging tools must support IPv6 address formats in order to function correctly. IIS writes IPv6 addresses to the log file when IPv6 is enabled and client computers connect to the server by using IPv6 addresses. Log parsing tools that are to be used with log files for IPv6 sites must support IPv6 address formats.

• The EnableReverseDnsLookup property is not supported. For IPv4, a value of true for the EnableReverseDnsLookup metabase property allows reverse DNS lookup to determine the DNS name of the client computer. For IPv6, however, this functionality is not enabled.

  Note

  Setting the EnableReverseDnsLookup metabase property to true does not cause the REMOTE_HOST server variable to return the DNS name of the client, as it does for IPv4. REMOTE_HOST always contains the IPv6 address, regardless of the EnableReverseDNSLookup property setting.

Using the IPv6-Aware ISAPI Server Variables

When you install IPv6 on a server running IIS 6.0, Internet Server API (ISAPI) server variables provide support for IPv6. The ISAPI framework provides the appropriate local-host and remote-host server variables for IPv6 network addresses: LOCAL_ADDR and REMOTE_ADDR. When clients connect over IPv6, these variables store the IPv6 address.

It is important to note that IPv6 addresses can be longer than IPv4 addresses, so you need to take steps to prevent buffer overruns when you install IPv6.

To prevent buffer overruns, you must allocate more space to hold the string representation of IPv6 addresses. For example, the longest possible IPv4 string looks something like 123.123.123.123 (16 characters, including the trailing zero required to express the string in some programming languages), whereas the longest IPv6 string looks like 1111:2222:3333:4444:5555:6666:123.123.123.123%1234567890, which is 57-characters long, including the trailing zero. Therefore, when you allocate buffers, use 16 characters for IPv4 addresses and 57 characters for IPv6 addresses.

Both ISAPI server variables (LOCAL_ADDR and REMOTE_ADDR) use the typical IP address format for the applicable IP version (IPv4 or IPv6). For example, for an IPv6 request, both server variables use an IPv6 IP address in the colon-hexadecimal format; for an IPv4 request, both server variables use an IPv4 IP address in the dotted-decimal format. Note that the IPv6 address is simply a string variable, which can contain the % character. For example, fe80::1:1:1:1%4 is an acceptable IPv6 address.

How Installing IPv6 Affects Web Browser Use and Client Connectivity

When you install IPv6 on a computer in your network, two limitations of Internet Explorer 6 (the version provided with Windows Server 2003) can affect the computers ability to use the Internet Explorer Web browser:

• Internet Explorer 6 does not connect when literal IPv6 addresses are used in the URL. Internet Explorer 6 does not support the format for literal IPv6 addresses in URLs that is described in RFC 2732, Format for Literal IPv6 Addresses in URLs. However, Internet Explorer does support IPv6 by means of DNS name resolution. Therefore, you should create DNS AAAA resource records that resolve Web server names to an IPv6 address and then use Web server names in the URL.

• Internet Explorer 6 cannot browse IPv6 Web sites by using a proxy server if the proxy server is not IPv6-enabled. When Internet Explorer is configured to use a proxy server, all name resolution requests for Web sites are forwarded to the proxy server. If the proxy server is not IPv6-enabled, proxy-based requests for local or remote IPv6 Web pages are unsuccessful. For information about how to configure Internet Explorer to operate without the use of a proxy server, see Internet Explorer Help.

Table G.4 shows the network protocol that clients use to connect to different IP configurations.

Table G.4 Client Connectivity Matrix for IPv6

1 IPv6 aware means that the client can also communicate over IPv4.

2 When the DNS AAAA server returns the IPv6 and IPv4 addresses to the client, the client uses the connection protocol that applies to the address that is listed first.