IPv4 to IPv6 RDP Access

Hi;
In our ınfrastructure we use dual-stack. We configured our cluster firewall and router (BGPv6).
Now we have an application server whichs 's run only over IPv6 address. We want to connect this server over RDP service from our edge sites which's run on IPv4 public address. Is it possible ? If possible what we're supposed to do ?
Best regards
Umut

If your firewall has NAT46 capability it is possible, but of all the possible NAT things you can try, that direction is the ugliest. The "right" answer is to dual-stack the edge networks, but that is presumably a long-run solution for you, not a short run one. I don't think RDP embeds IPv4 addresses in the content, so it can probably work. In general, doing protocol translation between IPv4 and IPv6 in either direction on things that aren't simple 1:1 TCP connections is a bad idea.
-- Jim Leinweber, WI State Lab of Hygiene

Similar Messages

ZBF in a mixed ipv4 and ipv6 environment, don't touch ipv4

I have a dual stacked router for both ipv4 and ipv6. Ipv4 traffic should pass the zbf untouched due to the fact that there is another rock solid ipv4 firewall egress of the inside Interface. Is there a way that a class map like this could function on ipv6 traffic only?:
class-map type inspect match-any fullproto
description Permitted Traffic to internet
match protocol http
match protocol https
match protocol dns
match protocol imaps
match protocol icmp
match protocol ftp
match protocol ntp
match protocol rtsp
match protocol realmedia
match protocol netshow
match protocol appleqtc
match protocol streamworks
match protocol vdolive
match protocol ssh
match protocol user-rdp
So far there is only a CBAC solution in place for ipv6.
I'm showing my Interfaces:
interface FastEthernet0/0
description *** Inside IPV6 ***
no ip address
speed auto
full-duplex
ipv6 address FE80::1 link-local
ipv6 address ????:????:????:10::1/64
ipv6 nd other-config-flag
ipv6 dhcp relay destination ?:?:?:10::12
ipv6 traffic-filter inne6-inn in
no cdp enable
no mop enabled
interface FastEthernet0/0.4
description *** Inside IPV4 ***
encapsulation dot1Q 4
ip address 82.?.?.129 255.255.255.248
no cdp enable
interface FastEthernet0/1
description *** Outside ***
ip address 82.?.?.42 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
speed auto
full-duplex
ipv6 address FE80::2 link-local
ipv6 address ?:599::2/126
ipv6 enable
ipv6 nd prefix default no-advertise
ipv6 nd prefix ?:599::/126 no-advertise
ipv6 nd managed-config-flag
ipv6 nd other-config-flag
ipv6 nd router-preference High
ipv6 inspect ipv6-cbac out
ipv6 traffic-filter ut-inn6 in
no cdp enable
no mop enabled
Please advise.
Regards,
Henning

I didn't test it, but what about the following:
Configure a new class-map where you match on an ipv6 access-list "any to any"
Configure a third class map of type ""match all" where you match on your "fullproto" class-map and also the above ipv6 class-map. For this class map you configure your inspections.
For ipv4-traffic you configure a class with a "pass" action in both directions.

Prefer IPv4 over IPv6

Hi. I want use ipv4 before ipv6. For 2008 R2 i used fix "Microsoft Fix it 50410"
But this not support server 2012.
How i can correct change prefer on 2012?
Thank you!

Please, tell me, WHY man, who create IPv6 began use this fe80::6c02:573b:178c:dd8f naming.
Blame that on the Internet Engineering Task Force (IETF) standards committee that came up with this naming convention back in 1998 (http://tools.ietf.org/html/rfc2460). <grin>
Not sure what you mean by "reliable source with describe 'native IPv6 for 8\12'". Microsoft has lots of documentation on IPv6 - I think the majority of it came out with Windows Server 2008 because that was the first release with the dual-stack as a
default. IpV6 was available for Windows Server 2003, but it was an add-on. Go to Barnesandnoble.com or amazon.com to find a good reference book on IPv6 if you want to learn more - they are not small books. It is the way the industry is moving
because it offers many advantages over IPv4 (which, by the way, has officially run out of addresses which can be handed out). Microsoft is simply helping customers move into future by providing a dual-stack that can automatically switch back and forth
between IPv4 applications and IPv6 applications without the end-user even knowing it goes on. Some things, like Direct Access, would be almost impossible to implement on IPv4, but becomes (relatively) easy when using IPv6.
tim

Dynamic DNS for ipv4 AND ipv6?

tl;dr: do you know any dynamic dns service and updater daemon that supports both ipv4 and ipv6?
Hi,
ever since my provider supplied me with a proper dual stack account (real ipv4, real ipv6) for internet access I got some kind of little problem regarding the services I host at home. So this is mainly about email. I have a server sitting behind my router that has an open submission and IMAPS port. For ipv4 I've been using the NAT and dyndns features of my router (fritzbox) without any problem. For ipv6 there is no NAT (at least as far as my router is concerned). What I can do though is to open the firewall for incoming ports dynamically based on the interface identifier. So if someone wants to connect to an ipv6 address that would map to my server the router knows to not block the traffic. For this to work though I need update a dynamic DNS record with the public ipv6 address that my server gets to use (something out of the prefix my provider assignes me). This server is an arch linux box. I tried to use inadyn-mt with some systemd unit file I found through google but this does not seem to work right. When I'm in ipv4-only networks (on a mobile connection for example) I often can't resolve the right ip address of my server through dyndns. The thing is that my server doesn't know about a changed ipv4 address because this is handled by the router. It does only know about when his own ipv6 address changes/expires. Based on when this happens inadyn-mt might fire an update to dyndns and with that also pick up the new ipv4 address, but this is not guaranteed.
Any suggenstions, tool and/or service proposals? Is there a way dns-wise to add a CNAME alias just for A records and not for AAAA?

I currently use cloudflare as the DNS servers for my domain as it's free and allows to update certain records with their API. I only use it for IPv4, but since they support AAAA records, I assume it will work for IPv6 just as well. It should be quite simple for you to update the script to get the ip of a given interface instead of fetching it from the net.
#!/bin/sh
# modified by jfro from http://www.cnysupport.com/index.php/linode-dynamic-dns-ddns-update-script
# Uses curl to be compatible with machines that don't have wget by default
# modified by Ross Hosman for use with cloudflare.
cfkey=<your api key>
cfuser=<your username>
cfhost=<hostname you want to update>
WAN_IP=`curl -s http://icanhazip.com/`
if [ -f $HOME/.wan_ip-cf.txt ]; then
OLD_WAN_IP=`cat $HOME/.wan_ip-cf.txt`
else
OLD_WAN_IP=""
fi
perl -i -pe 'chomp if eof' /var/log/cfclient.log
if [ "$WAN_IP" = "$OLD_WAN_IP" ]; then
echo -ne "." >> /var/log/cfclient.log
else
echo $WAN_IP > $HOME/.wan_ip-cf.txt
echo -ne "\nUpdating IP to $WAN_IP\n" >> /var/log/cfclient.log
curl -s https://www.cloudflare.com/api.html?a=DIUP\&hosts="$cfhost"\&u="$cfuser"\&tkn="$cfkey"\&ip="$WAN_IP" >> /var/log/cfclient.log
fi
echo -ne "\n" >> /var/log/cfclient.log

I need helping!!! configuring RDP access to my local server from a remote location on my Cisco ASA 5505 Firewall.

I need helping configuring RDP access to my local server from a remote location on my Cisco ASA 5505 Firewall.
I have attempted to configure rdp access but it does not seem to be working for me Could I please ask someone to help me modify my current configuration to allow this? Please do step by step as I could use all the help I could get.
I need to allow the following IP addresses to have RDP access to my server:
66.237.238.193-66.237.238.222
69.195.249.177-69.195.249.190
69.65.80.240-69.65.80.249
My external WAN server info is - 99.89.69.333
The internal IP address of my server is - 192.168.6.2
The other server shows up as 99.89.69.334 but is working fine.
I already added one server for Static route and RDP but when I try to put in same commands it doesnt allow me to for this new one. Please take a look at my configuration file and give me the commands i need in order to put this through. Also please tell me if there are any bad/conflicting entries.
THE FOLLOWING IS MY CONFIGURATION FILE
Also I have modified IP information so that its not the ACTUAL ip info for my server/network etc... lol for security reasons of course
Also the bolded lines are the modifications I made but that arent working.
ASA Version 7.2(4)
hostname ciscoasa
domain-name default.domain.invalid
enable password DowJbZ7jrm5Nkm5B encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
interface Vlan1
nameif inside
security-level 100
ip address 192.168.6.254 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 99.89.69.233 255.255.255.248
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
ftp mode passive
dns server-group DefaultDNS
domain-name default.domain.invalid
object-group network EMRMC
network-object 10.1.2.0 255.255.255.0
network-object 192.168.10.0 255.255.255.0
network-object 192.168.11.0 255.255.255.0
network-object 172.16.0.0 255.255.0.0
network-object 192.168.9.0 255.255.255.0
object-group service RDP tcp
description RDP
port-object eq 3389
object-group service GMED tcp
description GMED
port-object eq 3390
object-group service MarsAccess tcp
description MarsAccess
port-object range pcanywhere-data 5632
object-group service MarsFTP tcp
description MarsFTP
port-object range ftp-data ftp
object-group service MarsSupportAppls tcp
description MarsSupportAppls
port-object eq 1972
object-group service MarsUpdatePort tcp
description MarsUpdatePort
port-object eq 7835
object-group service NM1503 tcp
description NM1503
port-object eq 1503
object-group service NM1720 tcp
description NM1720
port-object eq h323
object-group service NM1731 tcp
description NM1731
port-object eq 1731
object-group service NM389 tcp
description NM389
port-object eq ldap
object-group service NM522 tcp
description NM522
port-object eq 522
object-group service SSL tcp
description SSL
port-object eq https
object-group service rdp tcp
port-object eq 3389
access-list outside_1_cryptomap extended permit ip 192.168.6.0 255.255.255.0 object-group EMRMC
access-list inside_nat0_outbound extended permit ip 192.168.6.0 255.255.255.0 192.168.0.0 255.255.0.0
access-list inside_nat0_outbound extended permit ip 192.168.6.0 255.255.255.0 object-group EMRMC
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 host 99.89.69.334 eq pcanywhere-data
access-list outside_access_in extended permit udp 69.16.158.128 255.255.255.128 host 99.89.69.334 eq pcanywhere-status
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 host 99.89.69.334 object-group RDP
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq ftp
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq ldap
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq h323
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq telnet
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 eq www
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 host 99.89.69.334 object-group SSL
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 object-group NM522
access-list outside_access_in extended permit tcp 69.16.158.128 255.255.255.128 192.168.6.0 255.255.255.0 object-group NM1731
access-list outside_access_in extended permit tcp 173.197.144.48 255.255.255.248 host 99.89.69.334 object-group RDP
access-list outside_access_in extended permit tcp any interface outside eq 3389
access-list outside_access_in extended permit tcp host 66.237.238.194 host 99.89.69.333
access-list outside_access_in extended permit tcp host 66.237.238.194 host 99.89.69.333 object-group rdp
access-list outside_access_in extended permit tcp any host 99.89.69.333 object-group rdp
access-list out_in extended permit tcp any host 192.168.6.2 eq 3389
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-524.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) tcp 99.89.69.334 3389 192.168.6.1 3389 netmask 255.255.255.255
static (inside,outside) tcp interface 3389 192.168.6.2 3389 netmask 255.255.255.255
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 99.89.69.338 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
http server enable
http 192.168.6.0 255.255.255.0 inside
http 0.0.0.0 0.0.0.0 outside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto map outside_map 1 match address outside_1_cryptomap
crypto map outside_map 1 set peer 68.156.148.5
crypto map outside_map 1 set transform-set ESP-3DES-MD5
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash md5
group 1
lifetime 86400
crypto isakmp policy 30
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd auto_config outside
tunnel-group 68.156.148.5 type ipsec-l2l
tunnel-group 68.156.148.5 ipsec-attributes
pre-shared-key *
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
service-policy global_policy global
prompt hostname context
Cryptochecksum:f47dfb2cf91833f0366ff572eafefb1d
: end
ciscoasa(config-network)#

Unclear what did not work. In your original post you include said some commands were added but don't work:
static (inside,outside) tcp interface 3389 192.168.6.2 3389 netmask 255.255.255.255
and later you state you add another command that gets an error:
static (inside,outside) tcp 99.89.69.333 3389 192.168.6.2 3389 netmask 255.255.255.255
You also stated that 99.89.69.333 (actually 99.89.69.233, guessing from the rest of your config and other posts) is your WAN IP address.
The first static statement matches Cisco's documentation, which states that a static statement must use the 'interface' directive when you are trying to do static PAT utilizing the IP address of the interface. Since 99.89.69.333 is the assigned IP address of your WAN interface, that may explain why the second statement fails.
Any reason why you are using static PAT (including the port number 3389) instead of just skipping that directive? Static PAT usually makes sense when you need to change the TCP port number. In your example, you are not changing the TCP port 3389.

EA4500 loses IPv4 and IPv6 information

No changes made but router will lose all information for IPv connectivity. I have paid twice to support to fix this issue and it still occurs every few months.
I tried rebooting router, and doing an IP Release/ Renew and router does not get IP address. I'd prefer not to have to pay again to fix this router. Any ideas?

Sorry - thought I had info:
I don't see anything on the router indicating a model other than EA4500. There is a serial number. Its plugged directly into a
Toshiba PCX2500 modem. If I connect my PC directly to the modem I have internet.
The router maintains all settings that Cisco helped me set up before except there are not IPv4 or IPv6 settings. I have screen shots from the setup. The Cisco rep had to clone the MAC of the modem to get the router to work. (Admin tab).
I unplugged modem and router and rebooted each. Everything appears to come up normally except for no IPv4/6 settings. I tried a release/renew but those settings stay blank.
I have internal network connectivity with the router, just no internet. I use Road Runner. I have a second network also on Road Runner but on a different modum and domain that is working fine. Unfortunately I have hard wired connections and kids games that rely on the EA4500

Convention for embedding IPv4 into IPv6?

All,
I read in rfc 4038 that representing IPv4 address in an IPv6 address should be like 2001::FFFF:192.168.1.1, which would be 2001::FFFF:c0a8:101, or 2001.2.3.4::FFFF:192.168.1.1 (2001:2:3:4:0:ffff:c0a8:101). However, setting up NAT-PT any 96 bit prefix will work. So I'm wondering if the standard set forth in rfc4038 (its informational) really applies to NAT-PT, or just for IPv4 applications not being natted (which doesn't make sense unless some other 4to6 mechanism is involved).
Any thoughts?
John

John,
it is not very clear what are you trying to achieve by "embedding" ipv4 (address|traffic) into ipv6.
By what you are discussing apperaars you are talking about the rappresentation of an IPv4 address into an IPv6 address field. Fact is that all bit being born equal they mean differently based on contest.
Each 4 hex digit are 16 bit and two groups of 4 hex digits (any) can contain and IPv4 address.
So an IPv4 compatible IPv6 address would be 0:0:0:0:0:0:192.168.1.1 which can also be rapresented as ::c0a8:101.
What that means and how edge routers/devices and gateway would handle such address depends on context/configuration. 6to4 6rd autotunnels ipv4 compatible ipv6 and ISATAP tunnels carry within their address field tunnel end point/ipv4 destination addresses that are extracted and used to route traffic.
I know I did not clear the issue up but it really depends on what you are doing/trying to achieve how you embed an ipv4 address (of what) in an IPv6 address field and what that meas.
I would definitely recommand:
http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-addrg_bsc_con_ps10890_TSD_Products_Configuration_Guide_Chapter.html#wp1038821
and
http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-tunnel_ps10890_TSD_Products_Configuration_Guide_Chapter.html#wp1055999
Actually the whole book is a good read.
Hope this helps
Cheers
Fabio

Best way to pass IPv4 and IPv6 traffic over a GRE Tunnel

Hello,
We have two 3825 routers with Advanced Enterprise IOS 12.4.9(T). Each of them serves many IPv4 (private and public) and IPv6 networks on their respective site.
We have created a wireless link between the two, using 4 wireless devices, with IP Addresses 10.10.2.2, 3, 4, 5 respectively (1 and 6 are the two end Ethernet interfaces on the routers).
Then we created a GRE tunnel over this link using addresses 172.16.1.1 and 2 (for the two ends) to route traffic over this link.
Now we want to route IPv6 traffic over the same link. However, we found that simply routing the IPv6 traffic over the above GRE / IP tunnel did not work.
Questions:
Is there a way we can use the same (GRE / IP) tunnel to transport both IPv4 and IPv6 traffic?
If not, can we setup two GRE tunnels over the same wireless link, that is, one GRE / IP for IPv4 traffic and a second one GRE / IPv6 for IPv6 traffic?
In brief, what is the suggested way to transport IPv4 and IPv6 traffic over the aforementioned (wireless) link?
I have read http://www.cisco.com/c/en/us/td/docs/ios/12_4/interface/configuration/guide/inb_tun.html#wp1061361 and other Internet material, however I am still confused.
Please help.
Thanks in advance,
Nick

We have set up two tunnels over the same link, one GRE / IP for the IPv4 traffic and one IPv6 / IP ("manual") for the IPv6 traffic. This setup seems to be working OK.
If there are other suggestions, please advise.
Thanks,
Nick

IPv4 vs IPv6 comparison

hello everyone, i was wondering if it is possible that ipv6 dropping more packets than ipv4. i run a test using D-ITG, to test data and voice, but on IPv6 lost more packets than ipv4, special when i sent voice and data together, i was wodering why could that be?, another question, in order to have a dual stack router, i would put ipv4 and ipv6 address on the interfaces, do i need enable something else, because i tried with packets tracer, and i could not ping from an ipv4 host to a ipv6 host, dual stack should allow that right? thank you in advance
thank you in advance

Duplicate post.
Go HERE.

Migrate UAG internal adapter from IPv4 to IPv6

I have DirectAccess running successfully for a couple of years now.
However, we now need to migrate our servers from IPv4 to IPv6 (will run side by side). The IPv6 range is a /48 range we received from our ISP
The internal interface of our DA UAG server will also get a IPv6 address. After that DA needs to be reconfigured with the new internal IPv6 interface and a client range for IP-HTTPS and NAT64/DNS64 needs to be specified.
The question is, what will happen with the laptops that are outside of the LAN and don't come inside for new domain policies? Will they reconnect with the new settings or will they loose connectivity? Do they get the new IPv6 routes for the tunnel
adapters?

I have DirectAccess running successfully for a couple of years now.
However, we now need to migrate our servers from IPv4 to IPv6 (will run side by side). The IPv6 range is a /48 range we received from our ISP
The internal interface of our DA UAG server will also get a IPv6 address. After that DA needs to be reconfigured with the new internal IPv6 interface and a client range for IP-HTTPS and NAT64/DNS64 needs to be specified.
The question is, what will happen with the laptops that are outside of the LAN and don't come inside for new domain policies? Will they reconnect with the new settings or will they loose connectivity? Do they get the new IPv6 routes for the tunnel
adapters?

Uprading deployed Cluster from Ipv4 to Ipv6

Hi Friends,
i have already running and deployed a windows cluster for my SQL 2008 and Exchange 2010 Dag in different servers with ipv4 however the company management decided that we have to upgrade all servers connection from ipv4 to ipv6.
as you know that when we create a cluster it also create a virtual connection for connecting users in my case its created with ipv4.
now how am i suppose to change that virtual connection from ipv4 to ipv6 in windows 2008 R2 clustering i mean overall how to achieve my target without destroying anything.
please advise.
thanks greenman

Hi GreeMann,
Start with Windows Server 2008 IPv6 using in the Cluster service will support this functionality as well. This includes being able to support IPv6 IP address resources
and IPv4 IP address resources either alone or in combination in a failover cluster.
Failover clustering also supports 6-4 and Intra-site Automatic Tunneling Addressing Protocol (ISATAP). Additionally, failover clustering supports only IPv6 addresses that
allow for dynamic registration in Domain Name System (DNS) (AAAA host records and the IP6.ARPA reverse look-up zone). Currently, there are three types of IPv6 address types: global, site local, and link local. Dynamic DNS registrations will not occur for link
local addresses and therefore cannot be used in a failover cluster.
But there have some
application has the limited IPv6 support or full IPv6 support, the Exchange Server 2010 has the limited IPv6 support and general speaking, IPV6 is supported for SQL server 2005,2008,2008r2 and SQL 2012, the detail supported
service you can refer the following KB:
IPv6 Support in Microsoft Products and Services
http://technet.microsoft.com/en-us/network/hh994905.aspx
More information:
IPv6 Security Considerations and Recommendations
http://technet.microsoft.com/en-us/library/bb726956.aspx
I’m glad to be of help to you!
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

Getaddrinfo function returns IPv4-mapped IPv6 addresses in canonical name

When I use the getaddrinfo function with flag AI_CANONNAME, then in ai_canonname IPv4-mapped IPv6 addresses is returned even for IPV6 disabled machine.
So my question is that from where this canonical name is returned, I didn't found in /etc/nodename /etc/hosts or in /etc/inet/hosts or in /etc/interfacefile files.

It's only showing "unknown" for the IPv6 address.
Go into your IPv6 properties, and set the IP and DNS address settings to be obtained automatically.
Then in Manage network adapters windows, change the view options to show Menu, then click on Advanced, Advanced, and make sure IPv4 is on top instead of IPv6.
Ace Fekay
MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/
This post is provided AS-IS with no warranties or guarantees and confers no rights.

IPv4 to IPv6 transition thesis

             Hi,
I'm doing Bachelor thesis, the subject is :"IPv4 to IPv6 Transition". I hope you give me titles of books you recommend.
Also,I'd be happy if you give me a few tips.
right now,i need a topology for each transition mechansim with the configuration commands .
and how to configure an IPv4/IPv6 host?
i've already finished CCNA exploration 1 and 2,and now i'm enrolled in a CCNA exploration 3 class.my instructor has not been trained yet on using IPv6 . so,the whole subject is new for me
i'm sorry if this message was badly written , because i'm not that good in english.
yours faithfully,

You might consider the RFC series.
We have been thinking about what we originally called "IP Next Generation" and then called "IPv6" and the requirements for a transition for about 20 years. When we started, we thought about requirements, and over time we have described methodologies and experience with those methodologies. There is ongoing work, primarily in the IETF's IPv6 Operations Working Group (). The current "received wisdom" is probably summarized in RFCs 4213 (
http://www.ietf.org/rfc/rfc4213.txt) and 6180 (http://www.ietf.org/rfc/rfc6180.txt).
Walking through that history means walking through the following. Note that many of these are pretty old, and have been replaced or updated by other documents.
http://www.ietf.org/rfc/rfc1671.txt
1671 IPng White Paper on Transition and Other Considerations. B.
     Carpenter. August 1994. (Format: TXT=17631 bytes) (Status:
     INFORMATIONAL)
http://www.ietf.org/rfc/rfc1933.txt
1933 Transition Mechanisms for IPv6 Hosts and Routers. R. Gilligan, E.
     Nordmark. April 1996. (Format: TXT=47005 bytes) (Obsoleted by
     RFC2893) (Status: PROPOSED STANDARD)
http://www.ietf.org/rfc/rfc2185.txt
2185 Routing Aspects of IPv6 Transition. R. Callon, D. Haskin.
     September 1997. (Format: TXT=31281 bytes) (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc2893.txt
2893 Transition Mechanisms for IPv6 Hosts and Routers. R. Gilligan, E.
     Nordmark. August 2000. (Format: TXT=62731 bytes) (Obsoletes RFC1933)
     (Obsoleted by RFC4213) (Status: PROPOSED STANDARD)
http://www.ietf.org/rfc/rfc3574.txt
3574 Transition Scenarios for 3GPP Networks. J. Soininen, Ed.. August
     2003. (Format: TXT=23359 bytes) (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc3750.txt
3750 Unmanaged Networks IPv6 Transition Scenarios. C. Huitema, R.
     Austein, S. Satapati, R. van der Pol. April 2004. (Format: TXT=48153
     bytes) (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc3904.txt
3904 Evaluation of IPv6 Transition Mechanisms for Unmanaged Networks.
     C. Huitema, R. Austein, S. Satapati, R. van der Pol. September 2004.
     (Format: TXT=46844 bytes) (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc4038.txt
4038 Application Aspects of IPv6 Transition. M-K. Shin, Ed., Y-G.
     Hong, J. Hagino, P. Savola, E. M. Castro. March 2005. (Format:
     TXT=69727 bytes) (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc4213.txt
4213 Basic Transition Mechanisms for IPv6 Hosts and Routers. E.
     Nordmark, R. Gilligan. October 2005. (Format: TXT=58575 bytes)
     (Obsoletes RFC2893) (Status: PROPOSED STANDARD)
http://www.ietf.org/rfc/rfc4215.txt
4215 Analysis on IPv6 Transition in Third Generation Partnership
     Project (3GPP) Networks. J. Wiljakka, Ed.. October 2005. (Format:
     TXT=52903 bytes) (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc4942.txt
4942 IPv6 Transition/Co-existence Security Considerations. E. Davies,
     S. Krishnan, P. Savola. September 2007. (Format: TXT=102878 bytes)
     (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc5211.txt
5211 An Internet Transition Plan. J. Curran. July 2008. (Format:
     TXT=17158 bytes) (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc6157.txt
6157 IPv6 Transition in the Session Initiation Protocol (SIP). G.
     Camarillo, K. El Malki, V. Gurbani. April 2011. (Format: TXT=32492
     bytes) (Updates RFC3264) (Status: PROPOSED STANDARD)
http://www.ietf.org/rfc/rfc6180.txt
6180 Guidelines for Using IPv6 Transition Mechanisms during IPv6
     Deployment. J. Arkko, F. Baker. May 2011. (Format: TXT=49679 bytes)
     (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc6219.txt
6219 The China Education and Research Network (CERNET) IVI Translation
     Design and Deployment for the IPv4/IPv6 Coexistence and Transition.
     X. Li, C. Bao, M. Chen, H. Zhang, J. Wu. May 2011. (Format: TXT=44774
     bytes) (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc6264.txt
6264 An Incremental Carrier-Grade NAT (CGN) for IPv6 Transition. S.
     Jiang, D. Guo, B. Carpenter. June 2011. (Format: TXT=31881 bytes)
     (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc6586.txt
6586 Experiences from an IPv6-Only Network. J. Arkko, A. Keranen.
     April 2012. (Format: TXT=52062 bytes) (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc6589.txt
6589 Considerations for Transitioning Content to IPv6. J. Livingood.
     April 2012. (Format: TXT=68822 bytes) (Status: INFORMATIONAL)

RDP access and licenses in cloud environment

friends i am trying to understand couple of things from licensing and access to virtual cloud server in a hoster environment and want to get your views if we are doing this correct or there is better way to do this.
1. we give windows based virtual cloud server to your clients. and most of the time they want to have RDP to this server with multi people sessions at a time. so do i have to configure terminal service on each VM which we provide to client or is there a
better way.. because think of this scenario if client starts with 10 CALs today and i take the license from Microsoft then in some time if they increase, it will be a problem for client to give the access to their VM to again install the extra RDP cals.
2. I am not sure if this can be answered here.. what is the right way to get the TS license from a SPLA point of view.. currently i have to call microsoft licensing team each time we get a client who wants RDP access but i knw this is not the right way i
guess..so whats the right way of doing this..
is there a way that all the VMs which we provide to our client can already have RDP access with unlimited user sessions because what i have seen with other cloud providers they dont have this issue of sessions we can have unlimited people doing RDP so definitely
i am doing some mistake somewhere. please if someone can share the right way.
Thanks
Happiness Always
Jatin

Hi Jatin,
Thank you for posting in Windows Server Forum.
To enable more than 2 simultaneous sessions you will need to purchase RDS Subscriber Access Licenses (SALs) through the Microsoft Services Provider Licensing Agreement (SPLA) for each user or device that will access your solution on Windows Azure.
Please check below article for more details.
Remote Desktop Services are now allowed on Windows Azure
Step-by-Step: Remote Desktop Services on Windows Azure
– A cost-effective alternative to Desktop as a Service ( Part 1 )
Hope it helps!
Thanks.
Dharmesh Solanki

WRT54G v6 not working with new Motorola SB6141 on Comcast (IPv4 and IPv6)

My WRT54G v6 not working with a new Motorola SB6141 Cable Modem on Comcast (IPv4 and IPv6).
Yesterday, I had my old DOCSIS 1.1 cable modem and the WRT54G had been working just fine for the past 8 years.
Last night, I swap in the DOCSIS 3.0 SB6141 cable modem, and now the WRT54G keeps losing the internet connection. When I go into the status page for the WRT54G, I often do not see DNS servers and sometimes do not even see an IP address.
If I connect a PC directly to the SB6141 cable modem, I have no problems whatsoever. But whenever I connect through the WRT54G and power cycle both devices, then I have internet connectivity for about an hour before it drops out. I have noticed my gateway IP address and DNS servers change at that time as well. I can also force the Linksys to lose connectivity by doing a DHCP release/renew on the Linksys status page.
Is this behavior because of the dual stack (IPv4 and IPv6) coming through the cable modem from Comcast now? Is there any way I can keep using my WRT54G v6 now that I have the SB6141 cable modem?

You just have to install it correctly.
http://kb.linksys.com/Linksys/ukp.aspx?pid=80&login=1&app=search&vw=1&articleid=3686

IPv4 to IPv6 RDP Access

Similar Messages

Maybe you are looking for