IPv6 on Board

Autoconfiguration, Yes, but…

Autoconfiguration is enabled by default. If an IPv6 router uses a router advertisement to return a prefix or other configuration information, they are processed by Windows. The Windows host then automatically creates IPv6 addresses for itself. By default, the host automatically generates two addresses:

• Public address: Used to make the host accessible via a fixed address.
• Temporary address: Created based on the RFC 4941 Privacy Extensions and used for outbound communication from the host.

In contrast to the public address, the temporary address has a randomly generated interface ID.

Although the public address is created again after reinitialization of the interface, it always has the same interface ID. The Windows system generates this "randomized identifier" once only during the initial installation of the operating system.

In contrast to the EUI-64 method, in which the MAC address is used as a basis to form an interface ID, this method randomizes the identifier and will not allow any conclusions about the MAC address.

In some scenarios, you might want to work around the randomized identifier and instead use EUI-64 for forming the interface ID. To disable the randomized identifier, enter:

netsh interface ipv6 set global randomizeidentifiers=disable

The randomized identifier can only be deactivated globally. The output of the command:

netsh interface ipv6 show global

now shows the randomize identifier as "disabled" (Figure 6).

Figure 6: You can disable the randomization of interface IDs.

You can also suppress the creation of a temporary address via Privacy Extensions. To do so, type the following command:

netsh interface ipv6 set privacy disabled

If you display the help for this command, you will notice that this is the short form of the command:

netsh interface ipv6 set privacy state=disabled

These two forms of the same command underscore the fact that NetShell often uses abbreviations. You also can adjust the validity period for temporary addresses, which is seven days by default. The validity period is expressed in days. Use:

netsh interface ipv6 set privacy maxvalidlifetime=1d

if you want to restrict the validity period to one day.

Gateways and Routing

The following command sets the default gateway to "2001:db8:affe ::4711":

netsh interface ipv6 add route ::/0 "LAN-Connection" \
  2001:db8:affe::4711

You can also look at the routing table outside of NetShell using the route print or netstat -nr commands. The output is divided up neatly into IPv4 and IPv6. Within NetShell, you can view the IPv6 routing table with:

netsh interface ipv6 show route

You can configure additional static routes in the same way as you create the default route. Just pass in the routing destination with an appropriate prefix. For example, using

netsh interface ipv6 add route 2001:db8::/48 11 \
  fe80::20f:23ff:fef5:68eb

routes the prefix 2001:db8::/48 via the interface with an index of 11 to the link local address fe80::20f:23ff:fef5:68eb on the router.

Managing DNS

One of the pillars of the Internet is name resolution with DNS, the Domain Name System. IPv6 addresses are harder to read than IPv4 addresses, so even greater importance is attached to name resolution. You can easily add DNS servers via the input box for an interface.

To add a DNS server in NetShell, you should enter the interface, the DNS server address, and, optionally, an index number to set the DNS server's priority. An example is as follows:

netsh interface ipv6 add dnsservers= "LAN-Connection" \
  fd00:abcd::ff index=2

NetShell automatically tries to find the DNS server and outputs an error message if it fails, but it still adds the server. Using:

netsh interface ipv6 show dnsservers

outputs the DNS server configuration.