Export (0) Print
Expand All

Application Compatibility: Networking: IPv6

Feature Impact

High (frequency: medium)

Brief Description

The TCP/IP stack in Windows Vista® and Windows Server® 2008 has IPv6 enabled by default. IPv6 connectivity is preferred, if available. This preference has the following implications for applications that hook into the TCP/IP stack:

  • Applications and services that are IPv6-compatible can have a much-improved peer-to-peer connection success rate on IPv4 networks due to the built-in NAT traversal capabilities of Teredo (which encapsulates IPv6 inside IPv4 across NATs).

  • IPv6 traffic will be created by the Windows Vista and Windows Server 2008 stack regardless of whether the network supports IPv6 or not. Therefore, for example, all Windows Vista and Windows Server 2008 systems will have at least one IPv6 address (for link-local) and will attempt DNS lookups for both IPv4 and IPv6.

  • The Windows Vista and Windows Server 2008 stack will always prefer using IPv6 when it can find an IPv6 address for the remote system it needs to talk to. Network communication will take place for any IPv6 compatible application or service if both systems in a session have IPv6 addresses (e.g. sharing files on a LAN will usually be done over IPv6).

  • IPv6 addresses will be present and on by default. There may be multiple IPv6 addresses associated with link-local, global, temporary, and transition technologies such as 6to4, 6over4, ISATAP, and Teredo.

    NoteNote:

    Teredo will be enabled by default, but will remain dormant unless an application or service tries to use it. The Teredo service becomes active if: 1. The Windows Firewall exception for a listening application or service has Edge Traversal option enabled (an advanced setting in the MMC snap-in of the Windows Firewall or invoked via an option in the Windows Firewall APIs). 2. An application or service attempts to communicate with a Teredo address (the regular stateful inspection features of the Windows Firewall will ensure that only IPv6 responses matching the outbound requests will be allowed in).

  • Windows Vista and Windows Server 2008 will allow a system to be configured in an IPv6-only mode. In this case, no IPv4 support will be available.

The TCP/IP stack in Windows Vista and Windows Server 2008 supports a strong host-routing model, which means that packets are routed from a multi-homed machine based not only on the destination address but also on the source address of a packet. This change is needed because in IPv6, each machine gets multiple IP addresses and, with transition technologies, essentially appears as a multi-homed machine as far as routing is concerned. To ensure proper connectivity happens in these scenarios, the networking stack has to implement a strong host-routing model.

Manifestation

Applications that use the Windows XP® TCP/IP stack, are unaware of the IPv6 protocol, or both will not function properly and might crash or create an unstable system.

The implications of the strong host-routing model for the applications are as follows:

  • Connection from a non-loopback address to a loopback address and vice versa will fail.

  • Packets with a source address of 127.0.0.0/8 will not be allowed to be sent by a Windows Vista or Windows Server 2008 computer on a network.

Applications that do not use protocol-agnostic APIs and are not IPv6 compatible will not be able to take advantage of Teredo IPv4 NAT traversal, and connections might fail when one or more parties is behind an NAT.

Remedies

Applications will need to be re-authored as follows:

  • Any application that hooks into the stack must be capable of handling IPv6 traffic. Minimally, it should not crash on receiving IPv6 traffic.

  • Any application that relies on there being a single IPv4 address will need to be modified to handle multiple IPv6 addresses. Further, any application that picked the first address might have to more carefully identify the IPv6 address to use because an IPv6 link-local address is not routable and therefore, the application might not work. Instead, the application should use functions that allow connection by name and choose the most appropriate address automatically.

  • Applications must handle and support IPv6-only scenarios.

  • Applications must support and implement the strong host routing model.

  • IPv6 compatible applications that set the Edge Traversal flag in the Windows Firewall exceptions (using Windows Firewall APIs) will automatically take advantage of Teredo for traversing IPv4 NATs.

Links to Other Resources

Community Additions

Show:
© 2014 Microsoft