IPv6 Transition Technologies
IPv6 is most likely to be
deployed in an IPv4 world today, given the prevalence of IPv4 in the
Internet today. This creates an IPv4 gap across which IPv6 devices need
to communicate. Figure 1 shows the gap between IPv6 devices.
Most organizations will need to
use IPv6 transition technologies to bridge the IPv4 gap from their
IPv6-enlightened devices to communicate. Figure 2 shows the IPv4/IPv6 protocol stacks in place of the devices shown in the previous figure.
Communications
between IPv6 devices (either hosts or routers) over IPv4 networks is
accomplished with IPv6 over IPv4 tunneling. In tunneling, the IPv6
packets are encapsulated in an IPv4 packet by the source device and
routed through the IPv4 network. When the encapsulated packet arrives at
the boundary between the IPv4 and IPv6 networks, the IPv4 encapsulation
is stripped off and the IPv6 packet continues on its way.
Older operating systems such as
Windows 2003 and Windows XP implemented a dual protocol stack to
support IPv6. This essentially duplicates the Transport layer, including
the TCP and UDP protocols. These are the workhorse protocols of the
Internet, and the dual-stack architecture is very inefficient and
introduces a lot of overhead. Windows 2008 R2, Windows 2008, Windows 7,
and Windows Vista have a modern protocol dual IP layer architecture that
is designed from the ground up to support IPv6. This architecture is
much more efficient and performs much better. Figure 3 shows the two architectures.
These transition protocols
provide tunneling of IPv6 traffic through IPv4 network by encapsulating
the IPv6 packet in an IPv4 packet, as shown in Figure 4.
The
IETF RFC2893, “Transition Mechanisms for IPv6 Hosts and Routers,”
defines the IPv4 compatibility mechanisms for tunneling IPv6 over IPv4.
The RFC defines two types of tunnels, specifically:
Configured tunnels— These are tunnels that are manually configured with the static routes through the IPv4 network.
Automatic tunnels—
These tunnels don’t require manual configuration, as they are derived
from the IPv4 addresses of the devices. Windows supports the ISATAP,
6to4, and Teredo automatic tunneling protocols.
Note
In Windows, static tunneling routes can be added with the netsh interface ipv6 add v6v4tunnel command.
Most IPv6 tunnels are
automatic tunnels, due to the ease of configuration. ISATAP and 6to4 are
enabled by default on Windows Server 2008, Windows Server 2008 R2,
Windows Vista, and Windows 7.
The ISATAP Tunneling Protocol
The Intra-Site Automatic Tunnel
Addressing Protocol (ISATAP) is an IPv6 transition protocol. It provides
for the automatic conversion of an IPv4 address to an IPv6 address, as
well as a mechanism for setting up a virtual IPv6 network that transmits
over an IPv4 network. The protocol does not require any manual
configuration.
Note
Link-local addresses are
network addresses that are only designed to communicate on a segment
and basically allow communications with neighboring devices without
needing a globally routable address. They are mandatory in IPv6 and are
automatically assigned with the FE80::/10 prefix.
The components of ISATAP are the following:
ISATAP host— The ISATAP host communicates IPv6 over IPv4 networks with other ISATAP hosts and with ISATAP routers.
ISATAP router—
The ISATAP router advertises address prefixes to the local ISATAP
subnet, forwards ISATAP traffic to IPv6 networks, and acts as the
default route for ISATAP hosts.
This is useful for
deploying IPv6 without having to explicitly define and configure a IPv6
network addressing scheme because it allows IPv6 devices to communicate
over IPv4 networks. Figure 5 illustrates the ISATAP network.
The Windows Vista RTM, Windows
Server 2003, and Windows XP all automatically enable and configure the
ISATAP tunneling adapter if the IPv6 protocol is installed. These
operating systems use the name Automatic Tunneling Pseudo-Interface
rather than ISATAP to identify the adapter.
The Windows Server 2008 R2,
Windows 2008, Windows 7, and Windows Vista SP1 operating systems do not
enable the ISATAP tunneling adapter unless they can resolve the name
“ISATAP” in to an IPv4 address. The ISATAP address is the IPv4 address
of the local ISATAP router. The name resolution can use any of the
standard methods to resolve, including DNS, WINS, NetBIOS broadcast, or
the LMHOSTS file. When these operating systems are able to resolve the
ISATAP address, they configure the ISATAP tunneling adapter and add a
default route of ::/0 to the link-local address of the ISATAP router.
ISATAP address IPv4 to
IPv6 address translation is done by concatenating a 64-bit prefix with
:0000:5EFE:w.x.y.z, where w.x.y.z is the IPv4 address in dotted decimal
format. The prefix can be a link-local prefix (that is, FE80::/64), a
global prefix (for example, FC00:1234:5678:9abc::/64), or even a global
6to4 prefix (for example, 2002:c9b:a602:1:0::/64), discussed in the next
section. Table 2 lists some example values for IP address conversions in ISATAP.
Table 2. Example ISATAP IP Address Conversions
| IPv4 Address | IPv6 ISATAP Address |
|---|
| 12.155.166.101 | 2002:c9b:a602:1:0:5EFE:12.155.166.101 |
| 192.168.2.5 | FE80::5EFE:192.168.2.5 |
| 10.12.1.1 | FC00:1234:5678:9abc:5EFE:10.12.1.1 |
Note
The format
FE80::5EFE:w.x.y.z is functionally equivalent to the format
FE80::5EFE:WWXX:YYZZ, where the dotted decimal IPv4 address format is
converted to hexadecimal format. Each decimal number (for example, w) is
converted to a two-digit hexadecimal number (for example, WW). In the
first example above, the IPv6 address FE80::5EFE:12.155.166.101 would be
expressed as FE80::5EFE:0C9B:A665. This format is known as the colon
hexadecimal format.
