For the Windows .NET Server 2003 family, the IPv6 protocol stack is a separate protocol that contains its own implementation of TCP and UDP. When used alongside the IPv4 implementation, this is known as a dual stack implementation. Figure 2-1 shows the architecture of the TCP/IP protocols for the Windows .NET Server 2003 family.
Figure 2-1. The dual stack architecture of the TCP/IP protocolsfor the Windows .NET Server 2003 family
The Microsoft TCP/IP version 6 protocol, as it is named in the list of protocols from the properties of a LAN connection in the Network Connections folder, is contained in the file named Tcpip6.sys. The IPv4 protocol, named Internet Protocol (TCP/IP) in the Network Connections folder, is contained in the file Tcpip.sys. The Tcpip6.sys protocol driver, like all other protocols in Windows, is added to the system between the Transport Driver Interface (TDI) and the Network Device Interface Specification (NDIS) layers in the Windows network architecture. Tcpip6.sys is available to TDI clients, such as the Windows Sockets components, as a TDI provider that interfaces with network adapters through NDIS. The IPv6 protocol for the Windows .NET Server 2003 family works only over network adapters whose NDIS driver represents itself as an Ethernet or FDDI interface. The IPv6 protocol for the Windows .NET Server 2003 family does not support Token Ring or PPP-based interfaces.
Tcpip6.sys contains separate implementations of TCP and UDP that are functionally equivalent to the TCP and UDP provided with Windows NT 4.0 and contain all the latest security updates. TCP performance enhancements that were added to the Windows platform in Windows 2000 are not present in the TCP implementation for the Microsoft TCP/IP version 6 protocol. These performance enhancements include selective acknowledgements, TCP timestamps, better roundtrip time estimation, large TCP windows, and fast retransmit and recovery. However, the TCP implementation in the IPv6 protocol for the Windows .NET Server 2003 family does include partial synchronize (SYN) attack protection.
The ideal configuration to support both IPv4 and IPv6 is known as a dual IP layer, where only a single implementation of TCP and UDP operates over both IPv4 and IPv6. Microsoft is planning to provide a dual IP layer implementation in a future version of the Windows operating system.