Microsoft Forum

What is the difference between the old IPv4 and new IPv6?

"IPv6 increases the IP address size from 32 bits to 128 bits, to support more levels of addressing hierarchy, a much greater number of addressable nodes and simpler auto-configuration of addresses. Scalability of multicast addresses is introduced. A new type of address called an anycast address is also defined, to send a packet to any one of a group of nodes." Read more here...

From Microsoft: "IPv6 is a new networking protocol designed to eventually replace Internet Protocol version 4 (IPv4). IPv4 has been in existence since 1981 and is the standard for computer networking. IPv4 has proven to be robust, easily implemented, and interoperable, and has stood the test of scaling an inter-network to a global utility the size of today's Internet. This is a tribute to its initial design. However, due to the rapid expansion of the Internet, IPv4 addresses have become relatively scarce..." more...  

XP users can download the Advanced Networking ipv6 Software from Windows Update; already included with SP1 and SP2. After download and install, find IPv6 under Start  > Run  > type services.msc  Find two new Services: IPv6 Internet Connection Firewall and IPv6 Helper Service. Download Advanced Networking.

The IPv6 Firewall will not start as a Service until the "TCP/IP Version 6" Protocol is added in the Properties of the Local Area Connection: Start  > Connect To (or Control Panel, Network and Internet Connections, Network Connections) > Local Area Connection  > Properties  > Install  > Select Protocol  > Select TCP/IP Version 6  > click Add, then click OK and restart when prompted. Do not uncheck the already installed Internet Protocol (TCP/IP).

Continue to Install the new Firewall in Control Panel  (if necessary) under  Add/Remove Programs  and Add/Remove Windows Components  > Networking Services  > Details which should show the IPv6 Internet Connection Firewall using 0.0MB, with a check-mark in the IPv6 Firewall box, click OK, then Next to finish. (Windows Server 2003 and Windows XP with SP2 does not show the ipv6 firewall option in networking services.)

Verify the IPv6 Internet Connection Firewall and IPv6 Helper Service are started: Start > Run > services.msc. Click Start if necessary and set the IPv6 Internet Connection Firewall (ICF) to Automatic.

What does the IPv6 ICF do without any configuration?

• Computers using Windows Peer-to-Peer Networking must be protected from malicious users that are using IPv6 traffic in the same way that ICF in Windows XP protects computers from malicious users that are using IPv4 traffic.

• IPv6 ICF automatically runs and filters on all network connections.

• The firewall drops unsolicited inbound traffic and statefully monitors all outbound traffic. This is also called stateful filtering. (My IIS Server continues to work on Port 80 without any command line configuration)

• Windows XP only shows the IPv4 ICF configuration in the Network Connections folder. This includes the network connection icons and the Connections Properties dialog box. IPv6 ICF may appear disabled, but it is actually enabled, and is filtering IPv6 traffic. Microsoft Knowledge Base Article 817778

Configure IPv6 ICF Configure Ports, Adapters, logging...

Basic Configuration

Open the command prompt to use the 'show' and 'set' commands for the ICF. Click Start  > Run  > type "cmd" without the quotes, at the command prompt type netsh, then firewall and the command prompt looks like this:
netsh firewall>
netsh firewall>show ? displays options for the "show" command (Windows Server 2003: first install with this command: netsh interface ipv6 install, then: netsh interface ipv6 show)

Example:

netsh firewall>show mode result below: (Windows Server 2003: netsh interface ipv6 show state)
online

The set command:
netsh firewall>set ? displays options for the "set" command

Enable successful connections logging:

netsh firewall>set logging filesize=9068 successfulconnections=enable

netsh firewall>show logging to verify logging is enabled, result below:

Logging Configuration for IPv6 Internet Connection Firewall
Successful Connections: Enabled
Dropped Packets: Disabled

File location: C:\WINDOWS\pfirewall-v6.log
File size: 9068 Kb

netsh firewall>show adapter displays the information below:

AdapterFriendlyName                              IPV6FilteringEnabled
------------------------------------------------------------
Teredo Tunneling Pseudo-Interface                       Yes
Local Area Connection                                        Yes
6to4 Pseudo-Interface                                         Yes
Automatic Tunneling Pseudo-Interface                  Yes
------------------------------------------------------------

With SP2 installed, "show adapter" is not available. Try these commands instead:
netsh firewall>show mode and show state for more information.

To use the show adapter command, switch from the netsh firewall> prompt to netsh diag> and type "show adapter". Use a question mark after most netsh commands for a list of options:
netsh diag>?

netsh diag>show adapter /v is Verbose

netsh firewall>quit

c:\>exit

For Windows Server 2003 options after installation: netsh interface ipv6 install

Try this command: netsh interface ipv6 set privacy /? and netsh interface ipv6 set global /?

Example: netsh interface ipv6 set privacy maxvalidlifetime=1d (The default is 7d) The Command line response when complete is...Ok. Read more about Ipv6 for Windows Server 2003 here.

Find a conversion table for upgrade from XP ipv6 commands to Windows Server 2003 commands here.

Try the pathping command for IPv6, see my Cheat Sheet.

Veterans Here