2011/02/09

Windows 7 in handling IPv4 and IPv6 connectivity

I promised myself to jot down some reference notes on Windows 7 and Windows 2008 Server in handling IPv4 and IPv6 connectivity. The following touches on different scenarios based on my past experience.

Difference between Windows XP and Windows 7

Windows XP and Windows 2003 Server do not come with IPv6. On the other hand, Windows 7 and Windows 2008 Server have IPv6 fully enabled by default. Some people are worried that automatic tunnelling in Windows 7 poses security risks and they want to uinnstall  IPv6 stack. Microsoft strongly advises not to do this since the kernel of Windows 7 and Windows 2008 Server is closely integrated with IPv6. There is no guarantee that all internal function of Windows 7 can proceed in the absence of IPv6 stack.

DNS interactions in Windows 2003 and Windows 7

When browsing a website, Windows 7 will request AAAA record first and then followed by A record in the name resolution process. In the case of Windows XP IPv4 single stack hosts, only A record is queried. To be fair, the extra query is necessary as dual-stack hosts take care of selecting IPv6 or IPv4 path to access a particular web server.

Windows 7 – native IPv4 + native IPv6

Native IPv6 has a higher routing preference than native IPv4. As a rule of thumb, to reach a dual-stack website, native IPv6 (as opposed to Teredo and 6to4) will always be selected first.

Windows 7 – IPv4 + Teredo IPv6 address

Teredo is created on a pseudo-network interface. Teredo has a lower routing preference than native IPv4. In case of accessing a dual-stack website, IPv4 will be selected.

Windows 7 – IPv4 + 6to4 IPv6 address

Same as Teredo, 6to4 is also a pseudo-network interface and therefore it has a lower routing than native IPv4. When accessing a dual-stack server, IPv4 will be selected.

Windows 7 – IPv4 + GUI-based Tunnel Broker Client

The GUI based tunnel broker client (such as gogoclient) establishes a generic network interface to the OS. Since it is not a pseudo-network interface, Windows 7 and Windows 2008 regard it as native IPv6. With GUI-based tunnel broker client, IPv6 will be selected first when accessing a dual-stack website.

Windows 7 – 6to4 and Teredo disabled by native IPv6

When any network interface (Ethernet, tunnel broker) is fired up with native IPv6, 6to4 and Teredo will be disabled completely. This makes logical sense since the transitional IPv6 access is no longer required.

Finally, I have not tested the case of IPv6 on Wifi interface as I do not have an AP capable of allocating IPv6. I think IPv6 on WiFi can disable Teredo, 6to4 and also has a higher routing preference than native IPv4 on LAN port.

1 comment:

warrenkwok said...

This is Warren Kwok. I have tested that if Wifi interface get native IPv6, Teredo and 6to4 will be disabled automatically.