The subnet calculator will assist
you in managing IP addresses.
To let you into a secret, this utilities is fun to use, even if you
don't have a pressing need to calculate your IP address space.
Get your free advanced
Subnet calculator
Guy's Ezine 137 - IPv6 Follow-up
Switching from IPv4 to IPv6 lends itself to learning by hands-on
experimentation. It's hard to see what damage anyone could do - even
my old enemy 'Psycho' cannot break a TCP/IP stack. Just leave the
IPv4 protocol in place and enjoy learning by playing with IPv6 addresses,
configurations and commands.
Topics for IPv6 - Follow-up
Here are four keywords that will aid your understanding should you read IPv6 RFC
(Request for comments) articles: Stateful and Stateless; Link-Local and
Site-Local addresses.
A stateful IP address is one given by a DHCP server. Usually DHCP gives more information than just the IP address, for example
the IP address of the DNS server and also the default gateway.
A stateless IP address is one that is automatically configured by router
discovery. The host assigns itself an IPv6 address automatically rather like the
IPv4 APIPA.
Link-Local IPv6 addresses only allow connections with neighbors on that
subnet (link), these address are not forwarded by routers. End of story.
Site-Local address are routable, but not to the internet, thus hosts with
Site-Local IPv6 addresses can use private (not ICANN) IP addresses, AND can connect to
any other Site-Local address within the organization.
To have a working knowledge of IPv6 you need to make sense of the first four numbers of
the address. As with IPv4, it's the
first section of the address that has the most meaning, 192.x.y.z, 10.x.y.z, or even 169. I would like to focus in IPv6 addresses beginning with FE, for example, FE80,
FECO. Again, as with IPv4, studying the binary numbers helps to explain why
we get particular decimal or hexadecimal number.
Link-local address FE80 = 1111 1110 10
Site-local address FEC0 = 1111 1110 11
Other IPv6 addresses you may see on your travels
Multicast address beginning with FF = 1111 1111 for example:
FF01:0:0:0:0:0:0:37 Compressed to FF01::37
0:0:0:0:0:0:0:1 The loopback address. Compressed format ::1
0:0:0:0:0:0:10.0.0.20 An IPv4 address. Note triple colon in the compressed form
:::10.0.0.20
Consequently, if you see a number beginning with 2001 or 3001 then it's a number
that ICANN/IANA have allocated, probably to an ISP.
Let us decipher the last part of the following Link-local IP address, fe80::211:5bff:fec2:82dc%4.
The %4 caused me some head-scratching until I made a few vital
deductions. Embarrassingly, until I understood the significance of the % number, I could not
get ping to work. This percentage number has the following names: the Zone ID (most common), %
Scope ID, NIC adapter number, Interface ID, or if you 'ask'
Netsh, the Idx number.
Thank goodness that this command still works: Ipconfig /all. Moreover, it
helps us by displaying the elusive
number after the % sign. Here are the results for two machines where I
wanted to ping.
Machine A: IPv6 address fe80::211:5bff:fec2:82dc%4
Machine B: IPv6 address fe80::ec84:1634:d659:2aba%10
Preliminary step, get the IPv6 addresses of two machines. Then
substitute your hex numbers for mine.
Experiment 1: At Machine A, launch a cmd prompt and type
Machine B's IPv6 number and YOUR (Machine A) % number:
Ping fe80::ec84:1634:d659:2aba%4
- Correct you should get a reply
Experiment 2: At Machine A type Machine B's IPv6 number
omitting the % number
Ping fe80::ec84:1634:d659:2aba
- Wrong no Zone ID number. Also, we assume that interface number we
need (%4) is not the default Zone ID.
Experiment 3: At Machine A type Machine B's IPv6 number with
the wrong % number
Ping fe80::ec84:1634:d659:2aba%10
- Wrong we need the Zone ID number of the sending machine = %4; the Zone ID
of the target machine %10, is irrelevant. My rational is that we always
learn more when things go wrong, it's just that most text books leave out the
mistakes! If you get stuck, do remember the following Netsh commands.
Guy Recommends: A Free Trial of the Orion Network Configuration Monitor
(NCM) v6
Config management of routers, switches and firewalls is fun with
NCM (Network Configuration Manager.
Furthermore, it can help to
achieve your compliance policy, for example, pinpoint devices not backed
up and discover access infringements or even weak passwords. This Solarwinds NCM suite can not only detect violations, but also upload
scripts to correct the problem.
Most computer problems arise from configuration changes. Thus it makes
sense to get a proper monitoring system so that you can double-check that that
all the settings confirm to your security policy.
Download your free trial of Orion's Network Configuration Monitor. Troubleshooting - Netsh is your friend
I assume that you are at the cmd prompt, now type these five words:
netsh interface ipv6 show interface
Note: Be careful, the command really does need two words called 'interface'.
Additionally you need to specify ipv6 - as shown above. Incidentally, as an ex-biologist I was amazed to see the word 'Teredo' in the
netsh print-out. Previously I associated Teredo with the dreaded
ship-boring mollusc. This animal probably destroyed more of Drake's ships than the
entire Spanish Armada. Back to IPv6, I soon made the connection, Teredo is
tunnelling interface so that IPv4 packets can move smoothly through IPv6
networks.
Incidentally, Netsh is well worth learning, not only will it help you
troubleshoot IPv6, but also it will be handy for configuring Core (GUI-Less)
Windows Server 2008 machines.
Configuring IPv6 addresses with Netsh
Firstly an assumption, if you have XP you have installed IPv6 (Network
connection, properties, Install). The key to configuring a manual IPv6 address is preparation,
it also helps if you
tuning-in to the terminology. As XP and Windows Server 2003 don't have a
box to type the IPv6 address, you need to employ the built-in command line tool
Netsh.
With Vista and Server 2008, you can also configure IPv6, in much the same way
as you did with
IPv4, namely type numbers in a dialog box. Again you go to the Network
Connections, but this time, IPv6 has a live properties button, (greyed out in XP).
The first question is, 'What is the name of your Adapter Interface?' To
check your answer type ipconfig /all and read what comes after 'Ethernet
Adapter'. This usually begins with 'Default..' For more information,
check your Network Connections, you could even take the opportunity of renaming
the connection, e.g 'lab', and see the new name appear when you re-type ipconfig
/all.
What IPv6 address could you add? Use an existing IP address as your
starting point; it should begin with FE80. Also note the double colon
meaning
'compression'.
Suppose IPv6 reveals a Link-local address = fe80::211:5bff:fec2:82dc. You could
add a new unique number by changing the last four digits thus:
fe80::211:5bff:fec2:111a. Here is the syntax of Netsh.
The pattern is this: Add address interface = name address =hex number
Add address interface = lab address =fe80::211:5bff:fec2:111a
If you get an 'Element not found' error message, then it's because your
interface = NAME is wrong. The solution is to check the NAME in the Network Connections.
Finally, if you want get rid of your IPv6 command substitute delete for add,
hence:
DELETE address interface = lab address =fe80::211:5bff:fec2:111a
Tools4EverRob at Tools4Ever has advertised in my ezine for over 3 years. As you get to know me you realize that I would not endorse a product if I did not believe in it. To begin
with Tools4Ever offer free utilities such as a Group Policy Template editor, also a raft of command line tools, and of course, FreePing.
If you are looking for handy network utilities, try some of the free downloads at
Tools4Ever
It is going to take for ever for the world to migrate from IPv4 to IPv6.
Fortunately the IPv6 committees took this into account when they designed
IPv6. Specifically they included Teredo for tunnelling IPv4 inside IPv6. Here are the main tasks you can undertake to prepare for IPv6.
Whereas you should not attempt to upgrade an old XP machine to Vista*; upgrading
an XP client from IPv4 to IPv6 will be the proverbial piece of cake. Vista
machines don't need to be upgraded because they have the IPv6 protocol
pre-installed. Thus all the IPv6 migration falls to the servers and the
routers.
(*Only try a clean Vista install on a modern machine with designed for Vista
hardware)
- Upgrade your applications to work with both IPv6 and IPv4. In the
case of the operating systems, they have a built-in IPv6 stack.
Question: is IPv6 a killer reason to migrate to Vista. No. XP
SP2 has a perfectly good IPv6 stack. Network connection, properties,
Install. Alternatively, call for help about Install IPv6.
- Focus on DNS and make sure it supports IPv6 address and PTR records.
In truth, if you have a true DNS expert, it will be straightforward for them
to configure the AAAA records and the appropriate in-arpa reverse lookup
zone.
- Before we consider IPv6 and DHCP, a few words about other simple
auto-configuration methods. The IPv6 host can use Router Discovery to
obtain vital
information such as router IP address. What happens is that routers
send multicast Router Advertisement (RA) messages periodically. From
such RA messages a host can assign itself a Link-local address.
- As far as I can see, you will need Windows Server 2008 (Longhorn) for
IPv6 DHCP. There may be plans to add IPv6 scopes in Windows Server 2003,
but I cannot find any reference to them. What did find was this
statement from Microsoft, 'The IPv6 protocol for the Windows Server 2003
family does not currently support DHCPv6.'
Summary of Migrating to IPv6
Migration to IPv6 requires very little work on the XP client, and none at all
for Vista. On the server side, you need a DNS expert to look at the AAAA
records and the Reverse Lookup zone. As for DHCP, start by seeing if you
can manage with just the automatic Link-local address. However, if your
machines need the extra settings that DHCP offers, then consider upgrading to
Windows Server 2008.
|
