The more some things change the more they same the same. That is certainly true for the IPv6 support in Windows 7. Even though Windows 7 is the latest Microsoft desktop operating system, its IPv6 support is very similar to the features inside Vista and Server 2008.
This week I downloaded the Windows 7 Beta and installed it on a test laptop with a P4m, 1.5GB or RAM, and a 60GB hard drive. If you want to test Windows 7 you shouldn’t wait too long because Microsoft will likely limit the time that the download is available. Furthermore, the operating system Beta test will expire on August 1, 2009.
I found Windows 7 extremely easy to install and get up and going. It booted quickly and has a nice user interface. I thought it was a nice subtlety that a brightly colored Betta fish was on the default desktop background. I quickly noticed that Windows 7 uses the same User Account Control (UAC) security mechanism as Vista but with additional control granularity. Windows 7 includes PowerShell 2.0, BranchCache which provides caching and WAN Optimization-like benefits, Internet Explorer 8, and HomeGroup sharing.
One of the new features in Windows 7 is Direct Access. It is a system whereby system administrators can help maintain the remote workforce computers while they are on the go. There has always been challenges around supporting remote workers who may never be able to come to a local office to attach to the corporate network and get their updates or allow their computers to be fully supported. Direct Access will use a VPN to allow remote workers to securely gain access to corporate resources while on the road and allow their computers to be maintained by the IT department domain group policies. The cool think about Direct Access is that is uses IPv6 over IPSec.
One of the controversial IPv6 features in Windows Vista, Windows Server 2008, and Windows 7 is that it uses random interface identifiers when creating its IPv6 addresses. Typically, an IPv6-capable computer performs autoconfiguration with the Neighbor Discovery Protocol (NDP) to determine their network and interface identifier and form the computer’s 128-bit IPv6 address. The IETF’s RFC 2373 “IP Version 6 Addressing Architecture” describes in Appendix A how a computer should go about creating its EUI-64 based interface identifier using its MAC address. The IETF’s RFC 2464 “Transmission of IPv6 Packets over Ethernet Networks” describes in Section 4 how stateless address autoconfiguration should take place using a computer’s MAC address. Because of the privacy concerns about using hardware MAC addresses as interface identifiers the IETF created RFC 4941 “Privacy Extensions for Stateless Address Autoconfiguration in IPv6”. This RFC defines how an interface identifier can be created so that the privacy of the user can be preserved.
Windows 7 doesn’t use the EUI-64 technique by default when forming its interface identifier. Microsoft has blurred the lines between these two address autoconfiguration concepts with their temporary addresses and now their randomly-generated interface identifiers. However, thankfully Microsoft has given us the ability to disable or enable this feature as needed with the following commands.
netsh interface ipv6 set global randomizeidentifiers=disabled
netsh interface ipv6 set global randomizeidentifiers=enabled
There are a few things missing from Windows 7 that I was hopeful would be in this operating system by default. I was hoping to see Mobile IPv6 (MIPv6) support in Windows 7 because MIPv6 is not fully supported in Vista or Server 2008.
Microsoft claims that Windows 7 does have Correspondent Node (CN) capability and can therefore communicate with other devices that are MIPv6 capable. However, Microsoft’s implementation does not have Return Routability (Route Optimization). That means that a Windows 7 computer will communicate with a Mobile Node (MN) through its Home Address (HoA) through the Home Agent (HA). I sure wish there was more robust MIPv6 support but I can see Microsoft’s view also. It is sometimes difficult to create a business case to justify the development time to create a reliable MIPv6 implementation. However, we all know that mobility is the way of the future. That is certainly true for Windows Mobile and any laptop system that helps support our nomadic lifestyles.
Windows 7 also doesn’t have any support for SEcure Neighbor Discovery (SEND) (IETF RFC 3971). Cisco has been working on incorporating SEND functionality into their routers but Microsoft operating systems do not support SEND. SEND is a method for securing the weaknesses in the Neighbor Discovery Protocol. The weaknesses in NDP can be likened to the weaknesses of ARP on an IPv4 subnet. SEND provides a protocol and an addressing technique that helps verify which computers and routers are legitimate on a LAN segment. I hope that more vendors embrace SEND and turn it into an industry-standard mechanism for providing NAC-like functionality at the access-layer.
Windows 7 also has a look and feel similar to Vista. The migration from Vista to Windows 7 would be very easy. For me, the transition from Windows XP to Vista required a bit more time to figure out where things were and to get used to the new interface. I must admit, I don’t know what the big deal is with Vista because I have been using it for 2 year as my daily workstation and I really like it. I don’t know why so many IT folks have discriminated against Vista and haven’t seen the benefits that Vista offers that I have. I haven’t found any programs that won’t work on it and the reliability has been great.
I am looking forward to experimenting more with Windows 7 and hopefully soon it will replace my 2-year old Vista OS as my main desktop operating system.
Scott
The Leader in Network Knowledge
I forgot to show this extra information
Here is what the default ipconfig output looks like from my Windows 7 test computer.
Microsoft Windows [Version 6.1.7000]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\Scott>ipconfig
Windows IP Configuration
Wireless LAN adapter Wireless Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : hoggnet.com
IPv6 Address. . . . . . . . . . . : 2001:db8:12:0:399d:5860:8123:c733
Temporary IPv6 Address. . . . . . : 2001:db8:12:0:a55a:75db:f3d7:6454
Link-local IPv6 Address . . . . . : fe80::399d:5860:8123:c733%12
IPv4 Address. . . . . . . . . . . : 192.168.12.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::7:b4ff:fe00:600%12
192.168.12.1
Tunnel adapter Local Area Connection* 9:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Local Area Connection* 7:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e50:8be:3b85:3f57:f3fd
Link-local IPv6 Address . . . . . : fe80::8be:3b85:3f57:f3fd%15
Default Gateway . . . . . . . . . :
Tunnel adapter isatap.{A22474FC-6F66-4208-AAF2-6A119A03D46F}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Local Area Connection*:
Connection-specific DNS Suffix . : hoggnet.com
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.12.2%26
Default Gateway . . . . . . . . . :
C:\Users\Scott>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Scott-W7-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hoggnet.com
Wireless LAN adapter Wireless Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 802.11g Network Adapter
Physical Address. . . . . . . . . : 00-90-4B-BB-AA-80
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : hoggnet.com
Description . . . . . . . . . . . : Realtek RTL8169/8110 Family PCI Gigabit E
thernet NIC (NDIS 6.2)
Physical Address. . . . . . . . . : 00-C0-9F-8E-9A-FF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:db8:12:0:399d:5860:8123:c733(Preferr
ed)
Temporary IPv6 Address. . . . . . : 2001:db8:12:0:a55a:75db:f3d7:6454(Preferr
ed)
Link-local IPv6 Address . . . . . : fe80::399d:5860:8123:c733%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.12.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, January 25, 2009 8:37:09 AM
Lease Expires . . . . . . . . . . : Monday, January 26, 2009 8:37:08 AM
Default Gateway . . . . . . . . . : fe80::7:b4ff:fe00:600%12
192.168.12.1
DNS Servers . . . . . . . . . . . : 205.171.3.65
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Local Area Connection* 9:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 7:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e50:8be:3b85:3f57:f3fd(Prefe
rred)
Link-local IPv6 Address . . . . . : fe80::8be:3b85:3f57:f3fd%15(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter isatap.{A22474FC-6F66-4208-AAF2-6A119A03D46F}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection*:
Connection-specific DNS Suffix . : hoggnet.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.12.2%26(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 205.171.3.65
NetBIOS over Tcpip. . . . . . . . : Disabled
C:\Users\Scott>netsh
netsh>interface ipv6
netsh interface ipv6>show global
Querying active state...
General Global Parameters
---------------------------------------------
Default Hop Limit : 128 hops
Neighbor Cache Limit : 256 entries per interface
Route Cache Limit : 128 entries per compartment
Reassembly Limit : 12564992 bytes
ICMP Redirects : enabled
Source Routing Behavior : dontforward
Task Offload : enabled
Dhcp Media Sense : enabled
Media Sense Logging : disabled
MLD Level : all
MLD Version : version3
Multicast Forwarding : disabled
Group Forwarded Fragments : disabled
Randomize Identifiers : enabled
Address Mask Reply : disabled
Current Global Statistics
---------------------------------------------
Number of Compartments : 1
Number of NL clients : 6
Number of FL providers : 4
netsh interface ipv6>set global randomizeidentifiers=disabled
The requested operation requires elevation (Run as administrator).
netsh interface ipv6>
Then I changed the default policy to disable randomized interface identifiers. Now I can see that it is using the typical EUI-64 address for autoconfiguration.
C:\Windows\system32>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Scott-W7-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hoggnet.com
Wireless LAN adapter Wireless Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 802.11g Network Adapter
Physical Address. . . . . . . . . : 00-90-4B-BB-AA-80
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : hoggnet.com
Description . . . . . . . . . . . : Realtek RTL8169/8110 Family PCI Gigabit E
thernet NIC (NDIS 6.2)
Physical Address. . . . . . . . . : 00-C0-9F-8E-9A-FF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:db8:12:0:2c0:9fff:fe8e:9aff(Preferre
d)
Temporary IPv6 Address. . . . . . : 2001:db8:12:0:a55a:75db:f3d7:6454(Preferr
ed)
Temporary IPv6 Address. . . . . . : 2001:db8:12:0:c846:9d3d:8d0d:4071(Preferr
ed)
Link-local IPv6 Address . . . . . : fe80::2c0:9fff:fe8e:9aff%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.12.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, January 25, 2009 8:37:09 AM
Lease Expires . . . . . . . . . . : Monday, January 26, 2009 8:37:08 AM
Default Gateway . . . . . . . . . : fe80::7:b4ff:fe00:600%12
192.168.12.1
DNS Servers . . . . . . . . . . . : 205.171.3.65
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Local Area Connection* 9:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 7:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e50:10fb:1a2e:3f57:f3fd(Pref
erred)
Link-local IPv6 Address . . . . . : fe80::10fb:1a2e:3f57:f3fd%15(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter isatap.{A22474FC-6F66-4208-AAF2-6A119A03D46F}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.hoggnet.com:
Connection-specific DNS Suffix . : hoggnet.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.12.2%26(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 205.171.3.65
NetBIOS over Tcpip. . . . . . . . : Disabled
Congratulations on the Cisco Press title
Saw the 02/02/2009 NWW blurb on p.6 and drilled down. WTG!
ipv6
Thank you ! I found this a very usefull artical and by the means you have provided should solve my problem : )
Thank you ! i find this
Thank you ! i find this article very informative..
but what is the difference between IPv6 Adress and Temporary IPv6 Address?
Why do we need a temporary IPv6 address?
would really appreciate if you could clear my doubts :)
Post new comment