When people are busy discussing when IPv4 addresses are exhausted and when to migrate to the IPv6 protocol architecture, many people are already using IPv6 without knowing it.
Although Windows 7 does not seem to have integrated the IPv6 protocol, in fact, in two network applications of Win7: direct access (DirectAccess) and home group (HomeGroup), IPv6 is used.
Direct Access
For this network application, you need to describe the following points. First, DirectAccess is intended for enterprise users. Compared with the VPN implemented by the IPv6 and IPSec combinations of Win server 2008 R2, the DirectAccess built-in VPN in Win7 enterprise and flagship versions can better prevent hackers from stealing network data through firesheep.
In addition, DirectAccess can be combined with network access protection (NAP. The NAP system automatically checks whether the software installed on the remote access terminal is the latest version, and whether a consistent security policy is applied. If necessary, the system administrator can set the NAP to automatically update the software version of the remote terminal and apply new security policies. That is to say, when both DirectAccess and NAP are applied, you can not only prevent remote terminals that do not have security compatibility from accessing the local network, but also automatically patch the local network, install the anti-virus software client program recognized by the local enterprise network, modify the security policy settings, and then allow the terminal to access the local system.
The combination of the two can be said to be the great love of the system administrator. It allows administrators to easily manage remote access terminals and maintain system security by setting them on the local system.
Through DirectAccess, administrators can also improve the network performance of clients and data centers. This function is implemented by separating Intranet and Internet data of an enterprise. In the DirectAccess environment, only enterprise network data is transmitted on the Enterprise Server. When employees access the Internet and watch videos or other non-business activities, their data streams are still transmitted through the enterprise gateway.
The obvious change is that the data flow rate between the Win7 client and the enterprise data center increases significantly. Remote Win7 users will not wait for a while as before to see the results returned by the data center. The switch in the data center will no longer waste bandwidth processing other data. In the traditional VPN mode, all data streams must pass through the enterprise gateway.
When using DirectAccess, you do not have to consider whether IPv6 is already running. Because Win7 and Server 2008 R2 support IP-HTTPS. This is a tunneling protocol that can hide IPv6 packets in IPv4-based HTTPS threads. If you know that your network environment is IPv4, such as in a hotel, cafe, or public network environment of the conference center, you can log on to the system as an administrator and follow these steps, make sure that the Force Tunneling option is selected by default when all remote Win7 users use the IP-HTTPS. Log on as an administrator and follow these steps:
1. Open the Group Policy Management Console, click Start on Domain Controller, click Control Panel, click Administrative Tools, and then click Group Policy Management. Create a Group Policy Object (GPO) for the DirectAccess client computer)
2. In the newly created DirectAccess client GPO, find Computer ConfigurationPoliciesAdministrative TemplatesNetworkNetwork ConnectionsRoute all traffic through the internal network. Then click Edit policy setting, click Enabled, and then click OK.
3. To allow DirectAccess customers to access IPv4-based network resources through IP-HTTPS, we also need to use web proxy servers. If the Web Proxy server does not support IPv6, we can use Microsoft's Forefront UAG DirectAccess server NAT64 function. It can convert IPv6-based access requests on the Internet to IPv4 requests.
Home Group
HomeGroup is an application for extremely small network environments. Many small enterprises do not need Active Directory (AD) services or management functions. In this case, family groups become another option to replace the old domain and Working Group models.
Before converting a small network to a HomeGroup, we need to pay attention to some potential problems. First, the home group is a unique Win7 technology. If you do not set it manually, each Win7 system is a mini server with its own independent permissions, rather than Windows 7 system will not be able to access the PC resources in the home group.
Of course, we can also share resources on the home group PC to Windows XP, vista, mac OS x, and linux Through settings, but I do not recommend this. This will cause a lot of trouble for your small network. If you really need to share files across operating systems, you can set up a real server, such as Windows 2003 and Windows server2008, to run Samba on Linux, or use the simplest method, buy a network storage device (NAS) and connect it to your network.
It should also be noted that, although we can join any family group of Win7 versions, we can only create one family group for both the Home Edition, Professional Edition, Enterprise Edition, and flagship edition of Win7. In short, you cannot simply use a home group to replace the existing Windowsxp point-to-point workgroup network, so that computers can share resources with each other.
Users who have already used IPv4 may encounter some problems when enabling IPv6 in the home group. Specifically, they open the network connection items of the control panel, right-click the network adapter, select properties, and try to enable IPv6 protocol. Under "Local Area Connection Status", they will see:
IPv4 Connectivity: Internet
IPv6 Connectivity: No network access
Even if IPv6 is enabled, it does not work. If you have encountered the same problem, follow these steps to manually configure IPv6:
1. Click Start and enter regedit in the search box. Then, click regedit.exe in the program. In the User Account Control dialog box, click Next.
2. Locate the following key in the registry editor: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpip6Parameters
3. Double-click DisabledComponents to modify the DisabledComponents item.
4. Type 0 (number 0) to enable all IPv6 components and click OK.
5. Restart your computer
After that, you can use the IPv6 protocol in the home group. Enjoy the Win7 system with IPv6