" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />
This document guides you through some basic information about IPv6, and ZENworks support for IPv6, configuring ZENworks to use IPv6 as the preferred protocol for communication and it also provides information on the limitations of using IPv6.
Internet Protocol is the method by which data is transferred between devices over the Internet. IPv4 (Internet Protocol version 4) has been the industrial standard version for communication between devices and IPv6 (Internet Protocol version 6) is the next version of the Internet Protocol to overcome the scarcity of IPv4 addresses. ZENworks supports both IPv4 and IPv6.
ZENworks 2017 Update 1 enables you to configure ZENworks to use IPv6 as the protocol for communication across the zone, along with IPv4, without impacting any existing ZENworks features. By default, the ZENworks zone functions using IPv4 addresses, if IPv6 is not configured. ZENworks recommends that you go through Limitations and Known Issues before enabling IPv6 in the zone.
In ZENworks Control Center you can specify IPv6 address in all the IP address fields.
ZENworks supports different formats of IPv6. Following are some of the supported formats:
IPv6 |
The 128 bits of an IPv6 address are represented in 8 groups of 16 bits each. Each group is written as four hexadecimal digits and the groups are separated by colons (:).. |
URL |
http://[2001:0000:3238:DFE1:63:0000:0000:FEFB] When the URL contains a port number, the notation is as follows: http://[2001:0000:3238:DFE1:63:0000:0000:FEFB]:443/ The Colon (:) character has traditionally been used to terminate the host path before a port number in the IPv4 format. Hence, to address this conflict, literal IPv6 addresses are enclosed in square brackets. |
Literal |
2001-0000-3238-DFE1-63-0000-0000-FEFB.ipv6-literal.net NOTE:This can only be used while specifying a UNC path. |
UNC (Uniform Naming Conventions) |
\\[2001:0000:3238:DFE1:63:0000:0000:FEFB]\ |
Expanded |
2001:0000:3238:DFE1:0063:0000:0000:FEFB |
Compressed |
2001:0:3238:DFE1:63::FEFB ZENworks supports expanded and compressed IPv6 address formats. By default, IPv6 address is displayed in the compressed format. |
CIDR Notation |
The IPv6 block 2001:db8::/48 represents range of IPv6 addresses from 2001:db8:0:0:0:0:0:0 to 2001:db8:0:ffff:ffff:ffff:ffff:ffff. |
NOTE:ZENworks does not support the IPv4-mapped IPv6 address format.
Example: [::ffff:192.168.1.1] or ::192.168.1.1.
This section provides detailed information on how to configure ZENworks to use IPv6.
You can add IPv6 addresses to be include in the closest servers by enabling IPv6 in the IPv6 Usage Settings page.
To enable IPv6:
Log into ZENworks Control Center, and then click Configuration.
In the Management Zone Settings panel, click Infrastructure Management, and then click the IPv6 Usage Settings link.
In the IPv6 Usage Settings panel, select the Include servers IPv6 addresses in the Closest Server Rules check-box.
NOTE:
At the device level, this setting is applicable only for Primary Servers and Satellite Servers.
Primary Server or Satellite Server IPv6 addresses will be added during the next Closest Server Rules computation.
If the setting is enabled at zone level, then IPv6 addresses of all Primary Servers and Satellite Servers will be included in the Closest Servers.
If the setting is enabled at the folder level, then IPv6 addresses will be included for all servers available in that folder.
By modifying this setting, deployment packages will not be built automatically, you have to rebuild them manually. Rebuilding the packages enables the new agents to register using the IPv6 address of the Primary Server. For more information, see Rebuilding Packages in the ZENworks Discovery, Deployment, and Retirement Reference guide.
In the Preferred Protocol for Communication drop-down list, select the protocol for communication, and then click OK.
By default, IPv4 addresses will be used as preferred address type. If required you can select IPv6 as preferred address type for Closest Server Rules.
NOTE:
If you select IPv6, the agents will first try using IPv6 addresses available in the Closest Server Rules to communicate with servers, before trying IPv4 addresses.
The Preferred Protocol for Communication setting can be overridden at the Locations level and at the Network Environments level.
A device can connect to a ZENworks Server using a Proxy Server. ZENworks 2017 Update 1 enables you to specify a HTTP proxy with IPv6 address.
To configure a HTTP Proxy, perform the following:
Log into ZENworks Control Center, click Configuration.
In the Configuration page, click Infrastructure Management, and then click HTTP Proxy Settings.
In the HTTP Proxy Settings page, click Add in the HTTP Proxy Settings for Agents panel.
In the Add Proxy Settings window, specify the following information and then click OK.
Proxy Address: IP address of the Proxy Server
Use the supported IP address notation. For example: 2001:db8::ff00:42:8329
Port: Port number on which the Proxy Server is listening.
Network Segment (in CIDR notation): Specify the network segment in CIDR notation.
For example: 2001:db8::0/48 represents range of IPv6 addresses from 2001:db8:0:0:0:0:0:0 to 2001:db8:0:ffff:ffff:ffff:ffff:ffff.
Configuring Location settings remains the same in ZENworks 2017 Update 1. However, while defining the details of the location, the Preferred Protocol for Communication setting is introduced to configure the protocol that should be used first by the agent while contacting the server.
Preferred Protocol for Communication: Click the Override Setting link to override the configured setting. By default, the value is inherited from the zone settings.
Specify IPv4 if you want the devices in the location to first try communicating with the servers using IPv4 URLs, before attempting IPv6 URLs.
Specify IPv6 if you want the devices in the location to first try communicating with the servers using IPv6 URLs, before attempting IPv4 URLs.
For more information on locations, see the Creating and Managing Locations section in the ZENworks Location Awareness Reference guide.
The procedure to configure a network environment remains the same as that in the previous releases. However, few enhancements have been made for ZENworks 2017 Update 1. Following are some of the enhancements:
All Network Environments are enhanced to support IPv6.
While defining details of the Network Environment, a new field Preferred Protocol for Communication is introduced.
Preferred Protocol for Communication: Click the Override Setting link to override the configured setting. By default, the value is inherited from the location or zone settings.
Specify IPv4 if you want the devices in the network environment to first try communicating with the servers using IPv4 URLs, before attempting IPv6 URLs.
Specify IPv6 if you want the devices in the network environment to first try communicating with the servers using IPv6 URLs, before attempting IPv4 URLs.
HTTP Proxy details can be defined for both IPv4 and IPv6.
Agents use IPv4 Proxy to communicate through IPv4 and IPv6 proxy to communicate through IPv6.
A new network service DNS Resolution is introduced in ZENworks 2017 Update 1. For more information, see the DNS Resolution section.
For more information on Network Environment, see the Defining Network Environments section in the ZENworks Location Awareness Reference guide.
DNS Resolution is a new network service introduced as part of ZENworks Update 1. This network service enables you to define the network environment based on the DNS resolution, which is useful in determining the location of managed devices.
This network service is matched, if a given host name/domain name resolves to any of the specified IP addresses or resolves to any IP address. Based on your need, you can configure the setting like other network services to match the network.
To enable DNS Resolution, specify the following:
Operator: Determines how the DNS Resolution that you configure must be evaluated with the DNS settings of the managed device to identify the network environment. The possible operators are equal (=) and not equal (<>).
Select = to match the network service if the DNS Resolution that you configure matches with the DNS Resolution of the managed device.
Select <> to identify the network environment if the DNS Resolution that you configure does not match with the DNS Resolution of the managed device.
Domain Name: The domain name that the devices should attempt resolving.
IP Address Resolution: Select specific IP addresses or Any IP address that resolves with the domain name.
Specify IP Addresses: This Network Service will be matched if the given domain name resolves to any of the IP addresses in specified addresses. Specify the IP addresses and then click Add. Repeat the step to add multiple IP addresses
To remove any IP address, select the IP address, and then click Remove.
Any IP Address: This Network service will be matched if the given domain name or host name resolves to any IP address.
Match Required: Select this option if you require a match with this DNS Resolution for the ZENworks Agent to select this network environment. All the required matches must be met for the network environment to be selected.
The Layer 4 switching is primarily responsible for the analysis and control of network traffic at the transport layer of the OSI model. It inspects each packet and makes forward and routing decision based on other layers. In ZENworks Control Center, You can define L4 switch in any of the following ways:
In ZENworks Control Center, click configuration.
In the Configuration page, click the Infrastructure Management panel.
In the Infrastructure Management panel, click the Closest Server Default Rule link.
Based on your requirements, you can define L4 switch in the collection, content, Configuration or Authentication server.
Click the L4 Switch button, and then select Create Empty L4 Switch Definition.
In the Create Empty L4 Switch Definition panel, specify the following information and click OK.
Name: Name of the L4 switch.
DNS Name/IPv4 Address: In this field, you can either specify an IPv4 address or a DNS name that resolves to an IPv4 address of the L4 switch.
DNS Name/IPv6 Address: In this field, you can either specify an IPv6 address or a DNS name that resolves to an IPv6 address of the L4 switch.
When you define an empty L4 Switch Definition, none of the primary servers will be included in the L4 switch, you must add it manually.
In ZENworks Control Center, click configuration.
In the Configuration page, click the Infrastructure Management panel.
In the Infrastructure Management panel, click the Closest Server Default Rule link.
Based on your requirements, you can define L4 switch in the collection, content, Configuration or Authentication server.
Select servers that you want to include in this L4 Switch Definition, click the L4 Switch button, and then select L4 switch Definition from Selection.
In the Create L4 Switch Definition from Selection panel, specify the following information and click OK.
Name: Name of the L4 switch.
DNS Name/IPv4 Address: In this field, you can either specify an IPv4 address or a DNS name that resolves to an IPv4 address of the L4 switch.
DNS Name/IPv6 Address: In this field, you can either specify an IPv6 address or a DNS name that resolves to an IPv6 address of the L4 switch.
The selected servers will be added in the L4 switch.
In ZENworks Control Center, click configuration.
In the Configuration page, click the Infrastructure Management panel.
In the Infrastructure Management panel, click the Closest Server Default Rule link.
Based on your requirements, you can define L4 switch in the collection, content, Configuration or Authentication server.
Select servers that you want to include in this L4 Switch Definition, click the L4 Switch button, and then select L4 switch Definition from Selection.
In the Add to Existing/New L4 Switch Definition panel, you can either define a L4 switch or select an existing switch.
Select Existing: Select this option, select an existing switch definition, and then click Ok.
Create New: Select this option, specify the following information, and then click OK.
Name: Name of the L4 switch.
DNS Name/IPv4 Address: In this field, you can either specify an IPv4 address or a DNS name that resolves to an IPv4 address of the L4 switch.
DNS Name/IPv6 Address: In this field, you can either specify an IPv6 address or a DNS name that resolves to an IPv6 address of the L4 switch.
NOTE:In the Closest Server Default Rules page, the check mark indicates whether the server or L4 has either IPv4 or IPv6, or both.
When you add a server to a group, then both IPv4 and IPv6 URLs of the server will be part of the group. You cannot add the part of the Primary Server (IPv4 or IPv6 URLs) to the group separately.
Protocols enabled on Primary Servers |
Protocols configured on L4 Switch |
||
---|---|---|---|
IPv4 |
IPv6 |
IPv4 + IPv6 |
|
IPv4 |
Supported IPv4 URLs of this Primary Server will be replaced by IPv4 URLs of the L4 Switch in the Closest Server Rules. |
Not Supported |
Not Supported |
IPv6 |
Not Supported |
Supported IPv6 URLs of this Primary Server will be replaced by IPv6 URLs of the L4 Switch in the Closest Server Rules |
Not Supported |
IPv4 + IPv6 |
Supported
|
Supported
|
Supported IPv4 and IPv6 URLs of this Primary Server will be replaced by IPv4 and IPv6 URLs of the L4 Switch respectively in the Closest Server Rules. |
For more information on L4 Switch Configuration, see the Configuring the Closest Server Default Rule section in the ZENworks Location Awareness Reference guide.
This sections includes all the limitations and known issues related to using ZENworks in an IPv6 environment.
This section lists the limitations while using ZENworks with IPv6.
The following features are not supported:
Wake-on LAN (WOL)
Discovery and Deployment
Intel Active Management Technology (iAMT)
Remote Management operation from a Linux managed device
Remote Management of a Linux managed device
Traditional CASA
Imaging
Following are the external limitations:
APNS, iTunes and VPP bundles - iOS MDM features require IPv4 stack enabled along with IPv6 stack on the ZENwoks Primary Server.
iPrint on IPv6 only clients – iPrint printer policy might not work as iPrint currently does not support IPv6
Novell Client on IPv6 only agents – you will not be able to use the Shared Secret feature. For more information on Shared Secret, see the Shared Secret section in the ZENworks User Source and Authentication Reference guide.
Mail clients on Android (Gmail) and iOS (iOS Mail) devices – Configuring email clients on mobile agents might fail on IPv6 only environment, if the assigned Mobile Email Policy is configured with the Do not use ZENworks Server as Proxy Server option. For more information see the Creating a Mobile Email Policy section in the ZENworks Mobile Management Reference guide.
OES (Open Enterprise Servers) - Configuring an OES source hosted in an IPv6 environment as an LMS (License Management System) is not supported.
The following section explain the scenarios that you might encounter while using ZENworks in an IPv6 environment.
For more information, see the ZENworks 2017 Documentation.
For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.novell.com/company/legal/.
Copyright © 2018 Micro Focus Software Inc. All Rights Reserved.