McAfee Secure

Using IPv6 Tools

Exam: Microsoft 70-649 - TS: Upgrading Your MCSE on Windows Server 2003 to Windows Server 2008, Technology Specialist

In Windows Server 2008, it is possible to perform configuration of IPv6 interfaces, checking IPv6 connectivity and routing. There exist tools for implementing and checking compatability between IPv4 and IPv6. The standard tools like ping, ipconfig, pathping,tracert, netstat, and route can be used for IPv6, but tools that are specific to it are contained in the netsh (network shell) command structure. Let us look at the use of specific tools and their functions.

Verifying IPv6 Configuration and Connectivity

For troubleshooting problems related to connectivity or for simply checking configuration the tool that proves most useful is ipconfig. The tool displays configuration for both IPv4 and IPv6 configuration.

For displaying configuration of IPv6 interfaces alone the netsh interface ipv6 show address command can be used. The figure below illustrates the output when the command is run. The % character that appears after each IPv6 address is the ID of the interface.

Displaying IPv6 addresses and interface IDs

Displaying IPv6 addresses and interface IDs.

Configuring IPv6 Interfaces

The most common tools for configuring IPv6 addresses are autoconfiguration and DHCPv6. IPv6 addresses can be configured manually also. This can be done by using netsh interface ipv6 set address command. For Windows Server 2008 environment manual configuration can be done through properties of TCP/IPv6 GUI.

The benefit of using TCP/IPv6 GUI is that it allows specification of the IPv6 addresses for one or more DNS servers and specify the interface address.

The command line interface (CLI) commands, and the functions that they help perform are listed in the table below:

Command Function
netsh interface ipv6 add dnsserver To add IPv6 addresses of DNS servers
netsh interface ipv6 set interface To change the properties of IPv6 interfaces (but not their configuration

Verifying IPv6 Connectivity

For verifying connectivity on a local network, the first step is to clear the neighbor cache that contains link layer addresses that have been resolved for otherwise while checking for changes involving address resolution false results may be obtained. The netsh commands and their functions are illustrated in the table given below.

Command Function
netsh interface ipv6 show neighbors For checking the contents of the neighbor cache.
netsh interface ipv6 delete neighbors For flushing the cache
netsh interface ipv6 show destinationcache For viewing the existing contents of the destination cache.
netsh interface ipv6 delete destinationcache For flushing the destination cache

The ping command can be used for testing connectivity to a local host on the subnet and the default gateway. The IPv6 address of the default router interface can be checked by using ipconfig, netsh interface ipv6 show routes, or route print command.

Troubleshooting Connectivity

The first thing that an experienced administrator undertakes when it is established that a connection cannot be made to a remote host is to inspect the hardware connections in order to ensure that all devices are functional. In case the problem cannot be rectified using this simple technique the next step is to check for proper configuration of the Internet Protocol Security (IPsec) and the firewalls. Checking and configuration of the above can be done by using the IP Security Policies Management Microsoft Management Console (MMC).

Inability to access local or remote location could be attributed to routes that are incorrect or missing in the local IPv6 routing table. Specific commands and the functions they perform are listed in the table below:

Command Function
route print, netstat -r
netsh interface ipv6 show route
Viewing the IPv6 routing table (local) and verifying that a corresponding route to the subnet and the gateway is available.
netstat -r Displays routing tables for both - IPv4 and IPv6
netsh interface ipv6 set route Modifying an existing route
netsh interface ipv6 add route Adding a route to the IPv6 routing table
netsh interface ipv6 delete route Removing an existing route

Verifying IPv6-Based TCP Connections

By using the telnet command, it can be verified if a TCP exists to a TCP port. The telnet command is to be followed by the IPv6 destination address and the port number. If a TCP connection is created successfully, the telnet> prompt will appear where telnet commands can be typed. An error message will appear in case a connection cannot be established.