Windows Server 2012 makes IP management easy — even IPv6

This week I’m at the TechMentor conference in Orlando, Fla., where I’m delivering several Exchange sessions. While at the show, I’ve also been able to drop in on a few sessions and pick up new tips for Windows Server 2012.

Don Jones, cofounder of the consultancy Concentrated Technologies, gave an interesting session on a new feature in Windows Server 2012 called IP Address Management (IPAM), an agentless, multiserver, multiservice management tool that allows for IP management. Currently available in version 1.0, IPAM has room for growth, but it’s worth considering if you use Microsoft DNS and DHCP.

[ Windows Server 2012 makes storage cool again | IPv6 is here — catch up on all the vital info on this major networking shift with Matt Prigge’s handy IPv6 checklist. | Stay atop key Microsoft technologies in our Technology: Microsoft newsletter. ]

IPAM must go on a member server running Windows Server 2012 with a GUI — no Server Core here. It’s installed as a feature, not a role, through Server Manager, although you could use PowerShell to add it (Install-WindowsFeature IPAM -IncludeManagementTools). Upon configuration, it’s essential to read the wizard’s instructions carefully so that you can provision the server properly.

You can configure provisioning manually or through a group policy object. The manual method gives you more control, but Jones mentioned he’s never been able to get IPAM to work that way; again, it’s a 1.0 feature, so it has some quirks. Alternatively, GPO is the easier method. For a complete set of instructions, check out the TechNet article “Step by step: Configure IPAM to manage your IP address space.”

IPAM goes through a discovery process and finds your DNS, DHCP, and domain controllers. It compiles all the data it gathers into one GUI. It’s primarily focused on IPv4 — a pain point for many admins — and allows you to view, monitor, and manage IPv4 addresses. It can even track which user is using which IP address, and it provides reporting and sorting back to the admin. In addition, it can detect overlapping ranges, find free addresses, and create reservations and DHCP records.

The auditing and tracking features are interesting because IPAM will audit pretty much everything. In addition, it tracks your leases and user logins. On the negative side, there is no router/switch address consistency. Also, IPAM doesn’t address IPv6; the tool was built to address an immediate need with IPv4 management.

Perhaps you hadn’t heard about IPAM until now, but it’s worth checking out. I’m looking forward to the 2.0 version to see how it evolves.

Don’t disable IPv6!

On a related topic, there were quite a number of sessions on IPv6, primarily given by Ed Horley, a Microsoft Windows Expert-IT Pro MVP. It’s important to understand that the next-generation protocol is built into Windows Server 2012 and Windows 8, enabled by default and preferred. Hopefully, this is not the first time you’ve seen this. In fact, you should have noticed that IPv6 was on by default in Windows Vista and Windows Server 2008. TechNet has more info on IPv6 support in various products and services.

We all know that the number of IPv4 addresses have been depleted. IPv4 was able to provide about 4.3 billion addresses, and we live in a world with as many as 8 billion people owning one or more devices. IPv6 takes the 32-bit address and boosts it to 128 bits, for a total of 340 undecillion (look it up) possible addresses.

You might think it’s best to leave IPv6 alone — ignore it and forget it. However, this address is available on your systems, and it might be worth figuring out what it does and how it works.

Many companies have deployed IPv6 with their systems, but don’t understand its impact on their environment. In addition, they may not fully understand what the OS does with a dual-stack (IPv4/IPv6) situation. Some admins think it’s best to disable it or, rather, unbind it from an adapter by going through the TCP/IP settings on that adapter. This is a tried and trusted paradigm for IT admins: If you’re not using it, uninstall it or disable it. I normally agree with this concept, but in the case of IPv6, it’s a mistake.

Microsoft does all its testing with both IPv6 and IPv4 enabled, so when admins think they’re going to disable IPv6, they sometimes end up breaking something and causing all sorts of problems. Learn from their mistakes: Don’t disable IPv6 unless you have a very specific application issue — a highly unlikely scenario.

John Losey, a premier field engineer at Microsoft, says it’s not a problem to leave it enabled because “if IPv6 is not utilized within the network infrastructure, leaving IPv6 enabled on the systems will not have an impact on Internet communications, Web browsing, etc. as the NIC would only be configured with a link local address, which is a nonroutable address and can only communicate with systems on its same subnet, bounded by a router. IPv6 is an integral part of the operating system and several Windows components rely on it.”

Obviously there’s still much to learn about Windows Server 2012 features and IP management, especially in regard to IPv6. I encourage you to tap into all your favorite resources — books, videos, conferences, and so on — to get a handle on it as an IT admin.

This story, “Windows Server 2012 makes IP management easy — even IPv6,” was originally published at InfoWorld.com. Read more of J. Peter Bruzzese’s Enterprise Windows blogand follow the latest developments in Windows at InfoWorld.com. For the latest business technology news, follow InfoWorld.com on Twitter.