IPv6 for Windows Admins (Part 4)

If you would like to read the other parts in this article series please go to:


In the first article of this series we began by painting the big picture concerning IPv6 and explained how nodes can be identified on an IPv6 network. In the second article we examined the different types of IPv6 addresses and what they can be used for since IPv6 uses several different kinds of addresses with each of which being used for a different purpose. Then in the third article we examined some different ways how IP addresses can be manually assigned to nodes on your network. In this fourth and final article we’re going to examine how IP addresses can be automatically assigned to nodes on your network. As mentioned in the previous articles, the explanation and procedures included below are largely adapted from my book Training Guide: Installing and Configuring Windows Server 2012 R2 (Microsoft Press, 2014) which is available from http://www.amazon.com/exec/obidos/ASIN/0735684332/. Also included at the end of this short series are some additional tips and gotchas on this subject that I’ve gleaned from the larger IT pro community including the almost 100,000 followers of our WServerNews weekly newsletter which you can subscribe to at http://www.wservernews.com/subscribe.htm

Stateless address autoconfiguration

Stateless address autoconfiguration is one of the most valuable aspects of IPv6 because it enables IPv6 nodes to communicate on a network without the need to manually assign addresses to them or deploy a DHCP server. The automatic assignment of link-local addresses to interfaces on an IPv6 host is one example of stateless address autoconfiguration at work, and it enables hosts on the same link to communicate with one another. This type of address autoconfiguration is called stateless because it does not make use of an address configuration protocol such as DHCP.

Another example of stateless address configuration at work is when an IPv6 host uses router discovery to automatically configure additional addresses, such as global or unicast local addresses, a default gateway address, and other IPv6 configuration parameters. What typically happens is this:

  1. The host (which here is a computer running Windows Server 2012 or Windows Server 2012 R2) sends out a Router Solicitation message to request a Router Advertisement message from any router listening on the host’s link.
  2. A router (either an IPv6 router or an ISATAP router) on the host’s link responds to the host’s message by sending a Router Advertisement message to the host.
  3. The host uses the information in the Router Advertisement message to assign a tentative address to the host along with any additional settings specified. IPv6 addresses that have been autoconfigured can be in any of the following states:
    • Tentative – The address still needs to be verified as unique by performing duplicate address detection. Tentative addresses cannot receive unicast traffic until they have been verified as valid.
    • Valid – The address is unique. A valid address is also either preferred or deprecated.
    • Preferred – The address is valid and therefore can be used for sending or receiving unicast traffic.
    • Deprecated – The address is valid and therefore can be used for sending or receiving unicast traffic, but it should not be used to initiate any new communication.
    • Invalid – The address can no longer be used for sending or receiving unicast traffic.
  4. The time during which an address is in a particular state is determined by information provided by the router.

Address autoconfiguration is not for routers! Apart from configuring link-local addresses, address autoconfiguration is used only to assign addresses to hosts. Addresses for routers must be configured using a different method, such as manual address assignment.

Stateful address autoconfiguration

Stateful address autoconfiguration is based on the use of an address-resolution protocol. On IPv4 networks, DHCP is such a protocol and it can be used for dynamically assigning IP addresses and other configuration settings to interfaces on hosts. The infrastructure for DHCP consists of DHCP servers, DHCP clients, and DHCP relay agents that can relay DHCP messages between clients and servers on different subnets.

The IPv6 version of this protocol is called DHCPv6, and it uses a similar infrastructure of DHCPv6 servers, DHCPv6 clients, and DHCPv6 relay agents. However, DHCPv6 can provide IPv6 hosts with both stateful address configuration and stateless address configuration settings. This can be a problem because it can result in additional addresses being assigned to hosts, but you can prevent this by configuring your IPv6 routers appropriately so that hosts are assigned only stateful addresses by DHCPv6 servers.

One reason for deploying a DHCPv6 server on an IPv6 network is because Windows does not support stateless address autoconfiguration of DNS server settings using Router Advertisement messages. This means that a DHCPv6 server is required if your Windows computers need to be able to perform DNS name resolution using IPv6.

DHCPv6 client software is built into the following versions of Windows:

  • Windows 8.1
  • Windows 8
  • Windows 7
  • Windows Vista
  • Windows Server 2012 R2
  • Windows Server 2012
  • Windows Server 2008 R2
  • Windows Server 2008

Configuring a DHCPv6 server

The DHCP Server service in the following versions of Windows Server supports both stateful and stateless address autoconfiguration through DHCPv6:

  • Windows Server 2012 R2
  • Windows Server 2012
  • Windows Server 2008 R2
  • Windows Server 2008

You can configure a computer running Windows Server 2012 or Windows Server 2012 R2 as either a DHCPv6 stateless server or a DHCPv6 stateful server by performing the following steps:

  1. Begin by installing the DHCP Server role on your server.
  2. Assign static IPv6 addresses to the DHCPv6 server interfaces that will be listening for incoming DHCPv6 request messages.
  3. Open the DHCP snap-in and expand the IPv6 node beneath the server node.
  4. To configure DHCPv6 options for stateless address autoconfiguration, right-click the Server Options node beneath the IPv6 node and select Configure Options as shown in Figure 1:

Figure 1: A screen shot showing the DHCP snap-in with the context menu displayed when you right-click on the Server Options node beneath the IPv6 node.

Then configure the DHCPv6 server options as desired. For example, you could configure option 23 DNS Recursive Name Server IPv6 Address List as shown in Figure 2:

Figure 2: A screen shot showing the General tab of the Server Options dialog box for DHCPv6 with option 23 DNS Recursive Name Server IPv6 Address List selected and assigned an address.

  1. To configure DHCPv6 options for stateful address autoconfiguration, right-click the IPv6 node and select New Scope as shown in Figure 3:

Figure 3: A screen shot showing the context menu displayed when you right-click on the IPv6 node in the DHCP snap-in. The New Scope menu option is selected to create a new DHCPv6 scope.

Then use the New Scope Wizard to specify a name and description for the scope, an IPv6 subnet prefix, and the other information required.

Additional tips

While the ultimate goal of IPv6 is for IPv4 to eventually be retired and all nodes on all TCP/IP networks to use only IPv6, such a goal might take years, or even decades, to achieve. In the meantime, IPv4 and IPv6 nodes must be able to interoperate on the same network so that communications will not be disrupted, and IPv6 transition technologies make this possible. Windows platforms can be used to implement the following IPv6 transition technologies, and if you’d like to learn more about these transition technologies you can see Chapter 7 of my book Training Guide: Installing and Configuring Windows Server 2012 R2 (Microsoft Press, 2014).

If you want to learn more about multicast traffic in IPv6 you can refer to Jeremy Barth’s excellent series of articles on this topic here on WindowsNetworking.com. His seven-part series on the subject begins here.

If you need to disable IPv6 only a single interface of a Windows-based computer, you can use the steps outlined in this tip in the Admin Tips section of WindowsNetworking.com.

Next, here are a few additional miscellaneous tips concerning IPv6 that I’ve picked up from my discussion with colleagues and readers of our newsletter WServerNews:

  • The nice thing about DirectAccess, Microsoft’s technology built into Windows that allows remote users to securely access internal network resources without connecting to a VPN, is that while it makes use of IPv6 you only need to enable IPv6 on the DA client and DA server. In other words, none of the network infrastructure between these two endpoints needs to support IPv6 traffic. Unfortunately for reasons that remain mysterious DirectAccess sometimes doesn’t always work, and if you’re using DirectAccess on a Windows 8.x PC to remote into your corpnet but you can’t connect and running the DAClientTroubleshooter doesn’t help, you can try unbinding IPv6 from the adapter you’re using for the connection and see if that helps any.
  • If you use System Center Operations Manager in your environment then you should be aware that while Operations Manager can identify connected devices that use an IPv6 address when it performs a recursive discovery, the initial device that is discovered must use an IPv4 address.
  • If you’re booting machines into WinPE to perform deployments and some of them are picking up IPv6 addresses but not IPv4 ones, causing them to reference the IPv6 gateway instead of the IPv4 one, you might think that disabling IPv6 in WinPE could solve your problem, but unfortunately doing this isn’t possible. Instead, check your network and make sure you haven’t been exhausting the available IPv4 addresses.

Finally, if you’re an administrator of a Windows-based network and you’re still thinking that you really don’t need to care about IPv6, you might want to check out this article by Mark Morowczynski on the Ask Premier Field Engineering (PFE) Platforms on TechNet.

If you would like to read the other parts in this article series please go to:

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top