‹ Back
Deploy360 15 February 2017

Microsoft moves to IPv6 only internally

Kevin Meynell
By Kevin MeynellSenior Manager, Technical and Operational Engagement

There’s an interesting post on the RIPE Labs discussing how Microsoft is moving to IPv6 only on its internal network. Marcus Keane presented their experiences during RIPE 73, and we also gave that some coverage on Deploy360, but this expands a bit more on their motivations for doing so.

The primary reason is of course the exhaustion of public IPv4 space, but with a large corporate network spread over more than 100 countries, they’re also running out of private IPv4 address space. Whilst operating multiple NATs might temporarily relieve the situation, this is becoming more difficult to manage and the problem has been exacerbated by the acquisition of other companies with their own NATs, plus the expansion of the Azure cloud computing service.

Dual-stack also only partially addresses the problem as not only are IPv4 addresses still required, but this doubles the complexity of designing their network and dealing with issues when they arise. As a result, Microsoft have been experimenting with IPv6-only networks for the past couple of years, and have now started to deploy this on their production networks.

By focusing initially on the guest network, this minimises the risk to existing and possibly more critical systems, and provides more flexibility for changing things if necessary. It’s interesting that some of the deployment issues encountered were due to DHCPv6 bug in Windows 10, plus the need to support Android devices which doesn’t support DHCPv6. Another interesting issue is that whilst Azure Active Directory can be used to authenticate users, the ACLs on the wireless controllers do not currently support IPv6, although this is in the process of being added.

Nevertheless, the article provides an interesting case study on how a large enterprise clearly understands the necessity of deploying IPv6, and is actively taking steps to implement IPv6 in a production environment.

More Information:

Deploy360 also aims to help this process, so please take a look at our Start Here page to understand how you can get started with IPv6.


‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Fruitful discussions at APRICOT
Deploy36029 February 2016

Fruitful discussions at APRICOT

The Internet Society including Deploy360 was in attendance at APRICOT 2016 which was held from 15-26 February 2016 at the...

RIPE 73 - Highlights from Days 4 & 5
Deploy3601 November 2016

RIPE 73 – Highlights from Days 4 & 5

The RIPE 73 meeting was happening last week in Madrid, Spain, and we've been highlighting the presentations and activities related to...

The Network Forensics problem of IPv4
Deploy36010 March 2017

The Network Forensics problem of IPv4

Although not directly on the subject IPv6, we absolutely need to draw your attention to a great presentation from Geoff Huston (APNIC)...

Join the conversation with Internet Society members around the world