IPv6 Bootcamp: Getting Up to Speed Quickly 4/7/2017 5:23 PM WCL324 IPv6 Bootcamp: Getting Up to Speed Quickly Edward Horley Principal Solutions Architect Groupware Technology @ehorley © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Depletion of IPv4 What is Driving IPv6?
What is Driving IPv6? Adoption of DirectAccess by Microsoft Enterprises Audit and security compliance due to IPv6 being enabled by default since Windows Vista and Server 2008 Ability to provide effectively unlimited number of IP addresses for large business divisions The rapid growth of cloud services requiring elastic compute resources and flexible addressing
What is IPv6 and how do I get started? IPv6 is the next generation Internet networking protocol Much larger than IPv4 which uses 32 bits or 232 or 4,294,967,296 IPv6 is 128 bits or 2128 or 340 undecillion addresses 340,282,366,920,938,463,463,374,607,431,768,211,456 IPv6 is enabled by default in Windows You have likely already deployed IPv6 You just didn’t know it - oops
What does an IPv6 address look like? 2001:0470:82a9:0007:f2de:f1ff:fe5b:b324 Or 2001:470:82A9:7::1/64 fe80::f2de:f1ff:fe5b:b324%13
4-bits is called a nibble 2001:470:1f05:d37:202c:7674:c4c2:4fa8 Each : divides the address along 16-bit boundaries And the address is represented in HEX
IPv6 address types Unicast Multicast Anycast Identifies a single interface and is used for host to host communication Multicast Identifies zero or more interfaces on one or more hosts Multicast are group addresses used for one to many hosts or many to many hosts Anycast Identifies multiple interfaces on one or more hosts Anycast are special purpose unicast addresses
Most common IPv6 addresses you will see are Global and Link-local Unicast IPv6 Addresses Unicast types Global unicast addresses (2000::/3 – RFC 4291 & RFC 3587) Link-local addresses (FE80::/64 – RFC 4007) Unique local addresses or ULA (FC00::/7 – RFC 4193) Special addresses (unspecified is :: & loopback is ::1 – RFC 5156) Transition addresses (6to4, ISATAP, Teredo) Unicast types that have been deprecated Site-local addresses (see RFC 3879) IPv4-compatible addresses (see RFC 4291)
Multicast IPv6 Addresses Multicast addresses have the first 8 bits set to 1 So multicast addresses start with FF (FF00::/8) Multicast also has a 4 bit flag field and 4 bit scope field Solicited-node address (FF02::1:FF00:0/104) Some example multicast addresses FF01::1 – interface-local scope all-nodes FF02::1 – link-local all-nodes FF01::2 – interface-local scope all-routers FF02::2 – link-local add-routers FF05::2 – site-local scope all routers
You can’t tell it is an Anycast address by looking at it Anycast IPv6 Addresses Anycast addresses are assigned out of the unicast space Anycast addresses are destination only The address is advertised by a local router The address can be redistributed by routers Multiple routing paths to the same address are possible You can’t tell it is an Anycast address by looking at it
“IPv6 Addresses” are unicast and global Link-local will have a Zone ID (also called Scope ID) represented by the %<ID> after the IPv6 Address “IPv6 Addresses” are unicast and global “Temporary IPv6 Addresses” are unicast and global “Link-local IPv6 Address” is unicast and local
IPv6 Interface ID Last 64 bits of a unicast address Interface ID is fixed length (host portion of the IPv6 address) Interface ID options EUI-64 (RFC 4291) – stateless autoconfiguration Temporary Address (RFC 4941) – stateless autoconfiguration Stateful autoconfiguration (DHCPv6) Manual (statically assigned) Permanent (randomly generated)
EUI-64 – How it is Built 48 bit MAC Address Organizational Unique Identifier Factory Assigned xxxxxx00 xxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxxx Standard EUI-64 0xFF 0xFE xxxxxx00 xxxxxxxx xxxxxxxx 11111111 11111110 xxxxxxxx xxxxxxxx xxxxxxxxx Flip this Bit Modified EUI-64 – flip the universal/local bit xxxxxx10 xxxxxxxx xxxxxxxx 11111111 11111110 xxxxxxxx xxxxxxxx xxxxxxxxx
Look for the FF:FE in the address, then it is likely EUI-64 2001:470:82a9:7:f2de:f1ff:fe5b:b324 MAC address: F0-DE-F1-5B-B3-24 Take MAC and split it, stuff in FF:FE and flip the 7th bit
IPv6 Prefix A network prefix such as 2001:db8::/64 Is saying the following : 2001:0db8:0000:0000:0000:0000:0000:0000/64 | network portion | host portion | | provider assigned | locally assigned | A different network prefix example 2001:db8::/48 2001:0db8:0000:0000:0000:0000:0000:0000/48 | Network Prefix |subnet| host | | 48 bits |16 bits | 64 bits | Indicates the number of bits that define the network
IPv6 Subnetting An example network prefix of 2001:db8:cafe::/48: | Network |subnet| host | | 48 bits |16 bits | 64 bits | When subnetting use natural nibble boundaries (count in increments of 4 when selecting subnets, i.e. /60 /56 /52) /48 = 65,536 networks of /64 /52 = 4,096 networks of /64 and 16 subnets /56 = 256 networks of /64 and 256 subnets /60 = 16 networks of /64 and 4,096 subnets
IPv6 Subnetting Guidelines An example network prefix of 2001:0db8:cafe::/48: 2001:0db8:cafe:0000:0000:0000:0000:0000/48 | Prefix |subnet| host | | 48 bits |16 bits | 64 bits | An example of subnetting 2001:0db8:cafe::/48 into /60’s: 2001:0db8:cafe:0000:0000:0000:0000:0000/60 | 48 bits |12| 0 | do not use | | 60 bits | 0 | do not use | Therefore a /48 has 4,096 subnets of /60 networks 260 – 248 = 212 = 4,096
IPv6 Subnetting Math 2001:0db8:cafe:cab0:0000:0000:0000:0000/60 An example of subnetting 2001:db8:cafe:cab::/60 into /64’s : 2001:0db8:cafe:cab0:0000:0000:0000:0000/60 | 60 bits | | 64 bits | A /60 has 16 /64 subnets 264-260 = 24 = 16 The /60 value ranges in HEX would be: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, F
IPv6 Subnetting Math – non-nibble horror An example of subnetting 2001:db8:cafe:cab::/60 into /62’s : 2001:0db8:cafe:cab0:0000:0000:0000:0000/60 | 60 bits | | 64 bits | A /62 has 4 /64 subnets 264-262 = 22 = 4 The /62 value ranges in HEX would be: 0, 1, 2, 3 4, 5, 6, 7 8, 9, A, B C, D, E, F
IPv6 Subnetting Math – non-nibble horror So subnetting 2001:db8:cafe:cab::/60 into /62’s ranges : 2001:0db8:cafe:cab< 0 - 3 >:0000:0000:0000:0000/62 | 60 bits |range| 64 bits | 2001:0db8:cafe:cab< 4 - 7 >:0000:0000:0000:0000/62 2001:0db8:cafe:cab< 8 - B >:0000:0000:0000:0000/62 2001:0db8:cafe:cab< B - F >:0000:0000:0000:0000/62
IPv6 Subnetting Best Practices Count by 4!!! IPv6 Subnetting Best Practices Stick to increments of 4!
Have you noticed anything odd yet? Why is it always /64?
Stateless Address Autoconfiguration (SLAAC) IPv6 hosts have the ability to self provision an IPv6 address A host uses router discovery to: Router Solicitation messages Router Advertisement messages (RA’s are sent via ICMPv6) Get information like on-link prefixes and other routers SLAAC requires the prefix be a /64 If the prefix is smaller the host cannot do EUI-64 This breaks the ability of the host to do SLAAC
SLAAC Only 2001:470:82a9:7::/64 is the prefix This typically indicates SLAAC – the host lacks DNS server info 2001:470:82a9:7::/64 is the prefix Notice there are no global DNS Servers Also indicates poorly implemented IPv6 Notice there is no FQDN information
IPv6 Autoconfiguration There are multiple ways to do autoconfiguration Stateless (SLAAC) Stateful (DHCPv6 stateful) Both (DHCPv6 stateless) Router Advertisements include flags Autonomous flag (A flag) Managed Address Configuration flag (M flag) Other Stateful Configuration flag (O flag)
DHCPv6 – RFC 3315 DHCPv6 is stateful and stateless address configuration for IPv6 hosts What is Stateful? The DHCPv6 server is assigning the IPv6 address The RA has the M and O flag set (A flag may or may not be set) All options except default gateway come from DHCPv6 scope What is Stateless? The DHCPv6 server is used for options only (like DNS or NTP) The RA has the O flag set and the A flag
DHCPv6 – RFC 3315 The typical flag settings combination: SLAAC: A flag = 1, M flag = 0, O flag = 0 DHCPv6 Stateful: A flag = 0, M flag = 1, O flag = 1 DHCPv6 Stateless: A flag = 1, M flag = 0, O flag = 1 For all situations a host link-local address is configured automatically (exception may be routers)
DHCPv6 w/ A, O and M Flags 2001:470:82a9:7:41a6:5976:37ac:4f54 is from DHCPv6 2001:470:82a9:7:202c:7674:c4c2:4fa8 is from SLAAC 2001:470:82a9:7:3d1f:ad49:ee12:4880 is from SLAAC
Windows specific Autoconfiguration behavior By default Windows generates a random interface ID for Non-temporary autoconfiguration addresses (permanent) In other words – it doesn’t do EUI-64 Because the host randomly built an interface ID It starts using it right away It doesn’t wait for duplicate address detection (DAD) Autoconfiguration is used to build link-local and can be used for global and ULA (depending on the flags A/M/O)
Windows specific Autoconfiguration behavior If you are using a Windows Server as an IPv6 router Windows always sets the A flag This means that the RA is enabling SLAAC By default all hosts on that subnet will build out a random permanent address and random temporary address Windows Server 2008 and Window Vista do not attempt stateful DHCPv6 if no RA advertisement are received
SLAAC + DHCPv6 w/ O flag 2001:470:1f05:d37::/64 gets a permanent and temporary 2001:470:82a9:7::/64 gets a permanent and temporary The router only has 2001:470:82a9:7::/64 as an address
Cisco IPv6 SLAAC + DHCPv6 w/ O flag config interface Vlan7 description - work - ipv6 address 2001:470:82a9:7::/64 and 2001:470:1f05:d37::/64 ipv6 address 2001:470:1F05:D37:2::1/64 ipv6 enable ipv6 nd prefix 2001:470:1F05:D37::/64 300 300 ipv6 nd prefix 2001:470:82A9:7::/64 300 300 ipv6 nd other-config-flag ipv6 dhcp server HE Setting the O flag
Cisco IPv6 DHCPv6 w/ M & O flag config interface Vlan7 description - work - ipv6 address 2001:470:82A9:7::1/64 ipv6 address 2001:470:82A9:7::1/64 ipv6 enable ipv6 nd prefix 2001:470:82A9:7::/64 300 300 ipv6 nd managed-config-flag ipv6 nd other-config-flag ipv6 dhcp server HE Setting the M and O flag
By default the A flag is enabled Cisco IPv6 SLAAC config interface Vlan7 description - work - ipv6 address 2001:470:82a9:7::/64 ipv6 address 2001:470:82A9:7::1/64 ipv6 enable By default the A flag is enabled
IP Address Management (IPAM) It is normal for a single host to have 3 or more IPv6 addresses Each /64 subnet can have 18 million trillion addresses I don’t think you want to manage a spreadsheet with 18 million trillion fields for 128 bit long addresses in HEX If you don’t want to do that use an IPAM solution!
IPv4 and Equivalent IPv6 properties Multicast (224.0.0.0/4) Broadcast APIPA (169.254.0.0/16) Public Address Space Loopback (127.0.0.1) Unspecified (0.0.0.0) Dotted decimal RFC 1918 (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) Multicast (FF00::/8) Replaced with Multicast groups Link-local (FE80::/64) Global Unicast Space Loopback (::1) Unspecified (::) Colon HEX format ULA (FD00::/8)
ICMPv4 vs. ICMPv6 properties Destination Unreachable – Network Unreachable (Type 3, Code 0) Destination Unreachable – Host Unreachable (Type 3, Code 1) Destination Unreachable – Protocol Unreachable (Type 3, Code 2) Destination Unreachable – Port Unreachable (Type 3, Code 3) Destination Unreachable – Fragmentation Needed and DF Set (Type 3, Code 4) Destination Unreachable – No Route to Destination (Type 1, Code 0) Destination Unreachable – Address Unreachable (Type 1, Code 3) Parameter Problem – Unrecognized Next Header Type Encountered (Type 4, Code 1) Destination Unreachable – Port Unreachable (Type 1, Code 4) Packet Too Big (Type 2, Code 0) Table 5-3 Chapter 5 – ICMPv6 from Understanding IPv6, 3rd Ed. By Joseph Davies, Microsoft Press
ICMPv4 vs. ICMPv6 properties cont. Destination Unreachable – Communication with Destination Host Administratively Prohibited (Type 3, Code 10) Source Quench (Type 4, Code 0) Redirect (Type 5, Code 0) Time Exceeded – TTL Exceeded in Transit (Type 11, Code 0) Time Exceeded – Fragment Reassembly Time Exceeded (Type 11, Code 1) Parameter Problem (Type 12, Code 0) Destination Unreachable – Communication with Destination Administratively Prohibited (Type 1, Code 1) This message is not present in IPv6. Neighbor Discovery Redirect message (Type 137, Code 0) Time Exceeded – Hope Limit Exceeded in Transit (Type 3, Code 0) Time Exceeded – Fragment Reassembly Time Exceeded (Type 3, Code 1) Parameter Problem (Type 4, Code 0 or Code 2) Table 5-3 Chapter 5 – ICMPv6 from Understanding IPv6, 3rd Ed. By Joseph Davies, Microsoft Press
Why is Path MTU so important in IPv6? Set your MTU to 1400 MTU = 1400 MTU = 1500 MTU = 1500 MTU = 1400
Important ICMPv6 Things to Know Path MTU must be allowed or IPv6 will break & This means you need to allow ICMPv6 traffic through your network
IPv6 DNS An IPv6 address record in DNS is AAAA The PTR zone is IP6.ARPA. Why is it AAAA? An A record in IPv4 represents 32 bits IPv6 has 128 bits so 4 A’s make 128
IPv6 Reverse DNS Examples: The reverse entry in IP6.ARPA. looks like: 2001:470:1f05:d37:202c:7674:c4c2:4fa8 2001:470:1f05:d37::1 The reverse entry in IP6.ARPA. looks like: 8.a.f.4.2.c.4.c.4.7.6.7.c.2.0.2.7.3.d.0.5.0.f.1.0.7.4.0.1.0.0.2.IP6.ARPA. 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.3.d.0.5.0.f.1.0.7.4.0.1.0.0.2.IP6.ARPA. Every nibble must be included so: Zero compression has to be expanded back out Leading zeros must be added back in
How Does a Windows Client get DNS Servers? DNS Servers are obtained via DHCPv6 w/ O or M flag If there is no DHCPv6 then: the DNS is manually configured
Native IPv6 Dual Stack Tunneling Translation
Native IPv6 Dual Stack Transition Technology Tunneling Translation
Native IPv6 Dual Stack Tunneling Translation
Dual Stack You run IPv6 and IPv4 side by side You let the host decide which protocol to use For routing the two protocols operate like ships in the night You will consume more resources to run dual stack You have to understand how your applications behave
Dual Stack Windows 8 and Windows Server 2012 have RFC 6555 implemented (Happy Eyeballs) All applications benefit from Windows 8 and Windows Server 2012 having RFC 6555 enabled You have to use RFC 3484 and RFC 6555 and the Internet draft update for RFC 3484 to determine app behavior Dual stack is a transition technology – the eventual goal is only IPv6
Native IPv6 Dual Stack Tunneling Translation
Tunneling In Windows there are three main tunneling transition technologies 6to4 ISATAP Teredo All of these enable IPv6 to IPv6 communication they just use IPv4 as a transport I recommend turning off all the transition tunneling technologies to avoid problems troubleshooting IPv6
Turning off 6to4 PowerShell for Windows Server 2012 and Windows 8 Set-Net6to4Configuration-State Disabled Netsh for Windows Server 2008 R2, Windows Server 2008, Windows 7, Windows Vista Netsh interface 6to4 set state disabled Set the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tcpip6\Parameters\DisabledComponents registry value to 0x2 (DWORD) (and then restart the computer)
Turning off 6to4 Windows Server 2012, Windows Server 2008 R2, Windows 8, or Windows 7 Set the 6to4 State Group Policy setting in Computer Configuration|Policies| Administrative Templates|Network|TCP/IP Settings|IPv6 Transition Technologies to Disabled
Turning off ISATAP PowerShell for Windows Server 2012 and Windows 8 Set-NetIsatapConfiguration-State Disabled Netsh for Windows Server 2008 R2, Windows Server 2008, Windows 7, Windows Vista Netsh interface isatap set state disabled Set the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tcpip6\Parameters\DisabledComponents registry value to 0x4 (DWORD) (and then restart the computer)
Turning off ISATAP Windows Server 2012, Windows Server 2008 R2, Windows 8, or Windows 7 Set the ISATAP State Group Policy setting in Computer Configuration|Policies| Administrative Templates|Network|TCP/IP Settings|IPv6 Transition Technologies to Disabled
Turning off Teredo PowerShell for Windows Server 2012 and Windows 8 Set-NetTeredoConfiguration-Type Disabled Netsh for Windows Server 2008 R2, Windows Server 2008, Windows 7, Windows Vista Netsh interface teredo set state type = Disabled Teredo client on managed networks (AD is present) is disabled by default
Turning off Teredo Windows Server 2012, Windows Server 2008 R2, Windows 8, or Windows 7 Set the Teredo State Group Policy setting in Computer Configuration|Policies| Administrative Templates|Network|TCP/IP Settings|IPv6 Transition Technologies
Tunneling So why do I recommend turning off all the transition tunneling technologies? Unless you have a specific design build around them they introduce unpredictable behavior Still leave IPv6 enabled, just disable the transition tunneling, that way when it is time to deploy IPv6 you don’t have to touch the hosts again
Native IPv6 Dual Stack Tunneling Translation
Translation In Windows there is one main translation technology NAT64/DNS64 Additional Enterprise translation technologies to know SLB64 & NPTv6 These do IPv6 to IPv4 translation (think of them as a proxy) NAT64/DNS64 and SLB64 NPTv6 performs limited Prefix only NAT
NAT64/DNS64 Windows Server 2008 R2 with Forefront UAG is capable of doing NAT64/DNS64 Windows Server 2012 is capable of doing NAT64/DNS64 NAT64 allows an IPv6 host to access an IPv4 host through a NAT64 devices that proxies the session DNS64 builds synthetic AAAA records for an IPv4 A record if no IPv6 AAAA record exists
Native IPv6 Dual Stack Tunneling Translation
Migration You want to move away from To Dual Stack Tunneling Translation To Dual Stack Eventually you will want to move from Dual Stack to Native Translation (as needed) for older IPv4 only hosts
Native IPv6 Dual Stack Tunneling Translation
Planning and Design Plan IPv6 like any other IT Project Do not use IPv4 design rules for IPv6 Build a lab – you will need it Test and understand your software Make sure you have the same SLA for IPv6 as IPv4
Remember – IPv6 is used FIRST so mistakes have immediate impact! Deployment Start with forgiving applications DNS and SMTP vs. Web Services You need to understand Dual Stack behavior Transition technology behavior Impact on your hardware and software Do the heavy lifting in the lab – don’t try out IPv6 in your production network! Remember – IPv6 is used FIRST so mistakes have immediate impact!
Deployment DO NOT TURN OFF IPv6!
Windows Commands with IPv6 Support Ping Pathping Tracert Nslookup Ipconfig Route print Netsh
Windows IPv6 Caveats and Notes Windows will use 6to4 if it has a public IPv4 address Make sure to add your IPv6 Prefixes to AD Sites and Services/Sites/Subnets Windows does NOT support RFC 6106 which provides DNS information in SLAAC RA’s Windows has a native DHCPv6 client
Windows IPv6 Caveats and Notes Important thing to know: Windows has IPv6 enabled by default & IPv6 is Preferred!
DirectAccess and IPv6 IPv6 is required for DirectAccess There are two OS deployment options for DirectAccess Windows Server 2008 R2 and optionally Forefront UAG to utilize NAT64/DNS64 Window Server 2012 now has NAT64/DNS64 built in The first iteration of DirectAccess required hosts that DA client’s needed to reach must run IPv6 Because of NAT64/DNS64 this is no longer the case
DirectAccess and IPv6 DA clients still use IPv6 but then use NAT64/DNS64 to talk to IPv4 only hosts DA clients can utilize Native IPv6, and all of the tunnel transition technologies plus IP-HTTPS to connect back to the DA server IPv6 is still the main transport method but because DNS64/NAT64 is available the internal servers are not required to run IPv6
Where is IPv6 used in DirectAccess today? DA Client DA Server IPv6 IPv6 in IPv4 Tunnel Dual Stack Network IPv4
DirectAccess with Server 2012 NAT64/DNS64 IPv6 DA Client DA Server IPv6 IPv6 in IPv4 Tunnel NAT64/DNS64 Dual Stack Network IPv4
Exchange and IPv6 Exchange 2007 and 2010 will prefer IPv6 for same subnet traffic Even if you only have static IPv4 addresses configured You likely didn’t even notice unless you disable IPv6 Exchange Edge Transport role is a special IPv6 case If you have it running in a DMZ that uses Public IPv4 addresses it will attempt to use 6to4 This means if someone has a AAAA record published for their MX in DNS the Exchange server will FIRST use 6to4 to attempt delivery
Exchange and IPv6 If IPv6 is enabled and is being routed properly make sure your advanced firewall is ON! Make sure to test reachability from all networks prior to turning up IPv6 for client access networks Test all Exchange services for both IPv4 and IPv6 If you are using IPv4 Load Balancers make sure you do the same for IPv6 or you might get strange behavior in clients
IPD’s and IPv6 Microsoft currently does not call out separate IPv6 deployment configurations in the IPD’s My understanding is that there are plans to publish specific IPD guidelines to show the impact of disabling IPv6 in certain deployment scenarios In the meantime, you will have to determine the ramifications of disabling IPv6 for each IPD
So What Does Microsoft Recommend? Microsoft no longer tests their software with IPv4 ONLY networks Microsoft has standardized on dual stack support There are only three products that have been delay in broad IPv6 support Forefront TMG Lync Windows Phone 7
What impact will disabling IPv6 have on me? Recent anecdotal information about Microsoft support cases indicates customers disabling IPv6 and then having operational problems has grown dramatically Make sure you test the planned configuration with IPv6 disabled in a lab Do NOT randomly turn it off in your production environment – bad things can happen!
Windows 8 and Windows Server 2012 Continued high quality IPv6 support Improved PowerShell commands Additional performance benefits by supporting Happy Eyeballs (RFC 6555) like behavior
How does Happy Eyeballs work? IPv6 IPv4 Client sends both IPv6 and IPv4 requests at the same time IPv6 works and there isn’t significant delay then it is used DNS Lookup: www.example.com Has both A and AAAA records If IPv6 doesn’t work or has a big delay then IPv4 is used IPv6 IPv4
How is it implemented in Windows 8? It makes use of the same process that tells the OS that Internet access is available or that you might have to log in to gain Internet access Network Connectivity Status Indicator (NCSI) It modifies the cache table Sorting improvements have been made Periodic rechecks are done All applications benefit from this new behavior
?
Significant IPv6 Event June 8 2011 – World IPv6 Day Turn on IPv6 to test functionality June 6 2012– World IPv6 Launch Turn on IPv6 and leave it on
Microsoft Sites On World IPv6 Launch Day
Next Steps Obtain IPv6 Address Space Set up DHCPv6 and DNS Provider Independent – use a registrar like ARIN Provider Assigned – your ISP can give you Set up DHCPv6 and DNS Built out prefix and DHCPv6 scopes Build out AAAA records Get a firewall up and working Test a portion of your network to confirm rules and routing
Related Content WCL324 – IPv6 Bootcamp: Getting Up to Speed Quickly WSV312 – IPv6: (Hard)Core Networking Services WSV308 – Standards Support and Interoperability in Windows Server 2012 Find Me Later At… http://www.howfunky.com/
Track Resources Resources for Developers http://msdn.microsoft.com/en-us/windows/apps Windows 8 is ready for Business http://www.microsoft.com/en-us/windows/enterprise/products-and-technologies/windows-8/default.aspx Microsoft Desktop Optimization Pack: www.microsoft.com/MDOP Microsoft Desktop Virtualization: www.microsoft.com/dv
Track Resources Track Resources Springboard Series: www.microsoft.com/springboard Explore > Plan > Deliver > Operate > Support for Windows 7 and Windows 8 MDOP Desktop Virtualization Windows Intune Internet Explorer 8, 9 and 10
Download the Windows 8 Release Preview Today 4/7/2017 5:23 PM Download Download the Windows 8 Release Preview Today http://windows.microsoft.com/en-US/windows-8/release-preview © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Resources Learning TechNet http://northamerica.msteched.com Connect. Share. Discuss. http://northamerica.msteched.com Microsoft Certification & Training Resources www.microsoft.com/learning TechNet Resources for IT Professionals http://microsoft.com/technet Resources for Developers http://microsoft.com/msdn
Complete an evaluation on CommNet and enter to win! Required Slide Complete an evaluation on CommNet and enter to win!
MS Tag Scan the Tag to evaluate this session now on myTechEd Mobile
4/7/2017 5:23 PM © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
4/7/2017 5:23 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.