" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" />" /> ZENworks 2020 Update 2 IPv6 Reference

ZENworks 2020 Update 2 IPv6 Reference

August 2021

This document guides you through some basic information about IPv6, and ZENworks support for IPv6, configuring ZENworks to use IPv6 as the preferred protocol for communication and it also provides information on the limitations of using IPv6.

1.0 Overview

Internet Protocol is the method by which data is transferred between devices over the Internet. IPv4 (Internet Protocol version 4) has been the industrial standard version for communication between devices and IPv6 (Internet Protocol version 6) is the next version of the Internet Protocol to overcome the scarcity of IPv4 addresses. ZENworks supports both IPv4 and IPv6.

ZENworks enables you to configure ZENworks to use IPv6 as the protocol for communication across the zone, along with IPv4, without impacting any existing ZENworks features. By default, the ZENworks zone functions using IPv4 addresses, if IPv6 is not configured. ZENworks recommends that you go through Limitations and Known Issues before enabling IPv6 in the zone.

In ZENworks Control Center you can specify IPv6 address in all the IP address fields.

2.0 Supported IPv6 Formats

ZENworks supports different formats of IPv6. Following are some of the supported formats:

IPv6

The 128 bits of an IPv6 address are represented in 8 groups of 16 bits each. Each group is written as four hexadecimal digits and the groups are separated by colons (:)..

URL

http://[2001:0000:3238:DFE1:63:0000:0000:FEFB]

When the URL contains a port number, the notation is as follows:

http://[2001:0000:3238:DFE1:63:0000:0000:FEFB]:443/

The Colon (:) character has traditionally been used to terminate the host path before a port number in the IPv4 format. Hence, to address this conflict, literal IPv6 addresses are enclosed in square brackets.

Literal

2001-0000-3238-DFE1-63-0000-0000-FEFB.ipv6-literal.net

NOTE:This can only be used while specifying a UNC path.

UNC (Uniform Naming Conventions)

\\[2001:0000:3238:DFE1:63:0000:0000:FEFB]\

Expanded

2001:0000:3238:DFE1:0063:0000:0000:FEFB

Compressed

2001:0:3238:DFE1:63::FEFB

ZENworks supports expanded and compressed IPv6 address formats. By default, IPv6 address is displayed in the compressed format.

CIDR Notation

The IPv6 block 2001:db8::/48 represents range of IPv6 addresses from 2001:db8:0:0:0:0:0:0 to 2001:db8:0:ffff:ffff:ffff:ffff:ffff.

NOTE:ZENworks does not support the IPv4-mapped IPv6 address format.

Example: [::ffff:192.168.1.1] or ::192.168.1.1.

3.0 Configuring ZENworks

This section provides detailed information on how to configure ZENworks to use IPv6.

3.1 Enabling Usage of IPv6 Addresses

You can add IPv6 addresses to be include in the closest servers by enabling IPv6 in the IPv6 Usage Settings page.

To enable IPv6:

  1. Log into ZENworks Control Center, and then click Configuration.

  2. In the Management Zone Settings panel, click Infrastructure Management, and then click the IPv6 Usage Settings link.

  3. In the IPv6 Usage Settings panel, select the Include servers IPv6 addresses in the Closest Server Rules check-box.

    NOTE:

    • At the device level, this setting is applicable only for Primary Servers and Satellite Servers.

    • Primary Server or Satellite Server IPv6 addresses will be added during the next Closest Server Rules computation.

    • If the setting is enabled at zone level, then IPv6 addresses of all Primary Servers and Satellite Servers will be included in the Closest Servers.

    • If the setting is enabled at the folder level, then IPv6 addresses will be included for all servers available in that folder.

    • By modifying this setting, deployment packages will not be built automatically, you have to rebuild them manually. Rebuilding the packages enables the new agents to register using the IPv6 address of the Primary Server. For more information, see Rebuilding Packages in the ZENworks Discovery, Deployment, and Retirement Reference guide.

  4. In the Preferred Protocol for Communication drop-down list, select the protocol for communication, and then click OK.

    By default, IPv4 addresses will be used as preferred address type. If required you can select IPv6 as preferred address type for Closest Server Rules.

    NOTE:

    • If you select IPv6, the agents will first try using IPv6 addresses available in the Closest Server Rules to communicate with servers, before trying IPv4 addresses.

    • The Preferred Protocol for Communication setting can be overridden at the Locations level and at the Network Environments level.

3.2 Configuring IPv6 HTTP Proxy

A device can connect to a ZENworks Server using a Proxy Server. ZENworks enables you to specify a HTTP proxy with IPv6 address.

To configure a HTTP Proxy, perform the following:

  1. Log into ZENworks Control Center, click Configuration.

  2. In the Configuration page, click Infrastructure Management, and then click HTTP Proxy Settings.

  3. In the HTTP Proxy Settings page, click Add in the HTTP Proxy Settings for Agents panel.

  4. In the Add Proxy Settings window, specify the following information and then click OK.

    • Proxy Address: IP address of the Proxy Server

      Use the supported IP address notation. For example: 2001:db8::ff00:42:8329

    • Port: Port number on which the Proxy Server is listening.

    • Network Segment (in CIDR notation): Specify the network segment in CIDR notation.

      For example: 2001:db8::0/48 represents range of IPv6 addresses from 2001:db8:0:0:0:0:0:0 to 2001:db8:0:ffff:ffff:ffff:ffff:ffff.

3.3 Configuring Location Settings

Configuring Location settings remains the same in ZENworks 2020. However, while defining the details of the location, the Preferred Protocol for Communication setting is introduced to configure the protocol that should be used first by the agent while contacting the server.

Preferred Protocol for Communication: Click the Override Setting link to override the configured setting. By default, the value is inherited from the zone settings.

  • Specify IPv4 if you want the devices in the location to first try communicating with the servers using IPv4 URLs, before attempting IPv6 URLs.

  • Specify IPv6 if you want the devices in the location to first try communicating with the servers using IPv6 URLs, before attempting IPv4 URLs.

For more information on locations, see the Creating and Managing Locations section in the ZENworks Location Awareness Reference guide.

3.4 Configuring the Network Environment

For more information on Network Environment, see the Defining Network Environments section in the ZENworks Location Awareness Reference guide.

DNS Resolution

DNS Resolution network service enables you to define the network environment based on the DNS resolution, which is useful in determining the location of managed devices.

This network service is matched, if a given host name/domain name resolves to any of the specified IP addresses or resolves to any IP address. Based on your need, you can configure the setting like other network services to match the network.

To enable DNS Resolution, specify the following:

  • Operator: Determines how the DNS Resolution that you configure must be evaluated with the DNS settings of the managed device to identify the network environment. The possible operators are equal (=) and not equal (<>).

    Select = to match the network service if the DNS Resolution that you configure matches with the DNS Resolution of the managed device.

    Select <> to identify the network environment if the DNS Resolution that you configure does not match with the DNS Resolution of the managed device.

  • Domain Name: The domain name that the devices should attempt resolving.

  • IP Address Resolution: Select specific IP addresses or Any IP address that resolves with the domain name.

    • Specify IP Addresses: This Network Service will be matched if the given domain name resolves to any of the IP addresses in specified addresses. Specify the IP addresses and then click Add. Repeat the step to add multiple IP addresses

      To remove any IP address, select the IP address, and then click Remove.

    • Any IP Address: This Network service will be matched if the given domain name or host name resolves to any IP address.

  • Match Required: Select this option if you require a match with this DNS Resolution for the ZENworks Agent to select this network environment. All the required matches must be met for the network environment to be selected.

3.5 L4 Switch Configuration

The Layer 4 switching is primarily responsible for the analysis and control of network traffic at the transport layer of the OSI model. It inspects each packet and makes forward and routing decision based on other layers. In ZENworks Control Center, You can define L4 switch in any of the following ways:

Defining an Empty L4 Switch

  1. In ZENworks Control Center, click configuration.

  2. In the Configuration page, click the Infrastructure Management panel.

  3. In the Infrastructure Management panel, click the Closest Server Default Rule link.

  4. Based on your requirements, you can define L4 switch in the collection, content, Configuration or Authentication server.

  5. Click the L4 Switch button, and then select Create Empty L4 Switch Definition.

  6. In the Create Empty L4 Switch Definition panel, specify the following information and click OK.

    • Name: Name of the L4 switch.

    • DNS Name/IPv4 Address: In this field, you can either specify an IPv4 address or a DNS name that resolves to an IPv4 address of the L4 switch.

    • DNS Name/IPv6 Address: In this field, you can either specify an IPv6 address or a DNS name that resolves to an IPv6 address of the L4 switch.

When you define an empty L4 Switch Definition, none of the primary servers will be included in the L4 switch, you must add it manually.

Defining an L4 Switch from Selection

  1. In ZENworks Control Center, click configuration.

  2. In the Configuration page, click the Infrastructure Management panel.

  3. In the Infrastructure Management panel, click the Closest Server Default Rule link.

  4. Based on your requirements, you can define L4 switch in the collection, content, Configuration or Authentication server.

  5. Select servers that you want to include in this L4 Switch Definition, click the L4 Switch button, and then select L4 switch Definition from Selection.

  6. In the Create L4 Switch Definition from Selection panel, specify the following information and click OK.

    • Name: Name of the L4 switch.

    • DNS Name/IPv4 Address: In this field, you can either specify an IPv4 address or a DNS name that resolves to an IPv4 address of the L4 switch.

    • DNS Name/IPv6 Address: In this field, you can either specify an IPv6 address or a DNS name that resolves to an IPv6 address of the L4 switch.

The selected servers will be added in the L4 switch.

Adding Servers to L4 Switch

  1. In ZENworks Control Center, click configuration.

  2. In the Configuration page, click the Infrastructure Management panel.

  3. In the Infrastructure Management panel, click the Closest Server Default Rule link.

  4. Based on your requirements, you can define L4 switch in the collection, content, Configuration or Authentication server.

  5. Select servers that you want to include in this L4 Switch Definition, click the L4 Switch button, and then select L4 switch Definition from Selection.

  6. In the Add to Existing/New L4 Switch Definition panel, you can either define a L4 switch or select an existing switch.

    1. Select Existing: Select this option, select an existing switch definition, and then click Ok.

    2. Create New: Select this option, specify the following information, and then click OK.

      • Name: Name of the L4 switch.

      • DNS Name/IPv4 Address: In this field, you can either specify an IPv4 address or a DNS name that resolves to an IPv4 address of the L4 switch.

      • DNS Name/IPv6 Address: In this field, you can either specify an IPv6 address or a DNS name that resolves to an IPv6 address of the L4 switch.

NOTE:In the Closest Server Default Rules page, the check mark indicates whether the server or L4 has either IPv4 or IPv6, or both.

When you add a server to a group, then both IPv4 and IPv6 URLs of the server will be part of the group. You cannot add the part of the Primary Server (IPv4 or IPv6 URLs) to the group separately.

Protocols enabled on Primary Servers

Protocols configured on L4 Switch

IPv4

IPv6

IPv4 + IPv6

IPv4

Supported

IPv4 URLs of this Primary Server will be replaced by IPv4 URLs of the L4 Switch in the Closest Server Rules.

Not Supported

Not Supported

IPv6

Not Supported

Supported

IPv6 URLs of this Primary Server will be replaced by IPv6 URLs of the L4 Switch in the Closest Server Rules

Not Supported

IPv4 + IPv6

Supported

  • IPv4 URLs of this Primary Server will be replaced by IPv4 URLs of the L4 Switch in the Closest Server Rules.

  • The Primary Server object will still be visible outside the L4 switch which indicates that the IPv6 URLs can be directly accessed by the managed devices.

  • Alternately, IPv6 URLs can also be added to another L4 switch with IPv6 address.

Supported

  • IPv6 URLs of this Primary Server will be replaced by IPv6 URLs of the L4 Switch in the Closest Server Rules.

  • The Primary Server object will still be visible outside the L4 switch which indicates that the IPv4 URLs can be directly accessed by the managed devices.

  • Alternately, IPv4 URLs can also be added to another L4 switch with IPv4 address.

Supported

IPv4 and IPv6 URLs of this Primary Server will be replaced by IPv4 and IPv6 URLs of the L4 Switch respectively in the Closest Server Rules.

For more information on L4 Switch Configuration, see the Configuring the Closest Server Default Rule section in the ZENworks Location Awareness Reference guide.

4.0 Limitations and Known Issues

This sections includes all the limitations and known issues related to using ZENworks in an IPv6 environment.

4.1 Limitations

This section lists the limitations while using ZENworks with IPv6.

ZENworks Limitations

The following features are not supported:

  • Wake-on LAN (WOL)

  • Discovery and Deployment

  • Intel Active Management Technology (iAMT)

  • Remote Management operation from a Linux managed device

  • Remote Management of a Linux managed device

  • Traditional CASA

  • Imaging

External Limitations

Following are the external limitations:

  • APNS, iTunes and VPP bundles - iOS MDM features require IPv4 stack enabled along with IPv6 stack on the ZENwoks Primary Server.

  • iPrint on IPv6 only clients – iPrint printer policy might not work as iPrint currently does not support IPv6

  • Novell Client on IPv6 only agents – you will not be able to use the Shared Secret feature. For more information on Shared Secret, see the Shared Secret section in the ZENworks User Source and Authentication Reference guide.

  • Mail clients on Android (Gmail) and iOS (iOS Mail) devices – Configuring email clients on mobile agents might fail on IPv6 only environment, if the assigned Mobile Email Policy is configured with the Do not use ZENworks Server as Proxy Server option. For more information see the Creating and Assigning a Mobile Email Policy section in the ZENworks Mobile Management Reference guide.

  • OES (Open Enterprise Servers) - Configuring an OES source hosted in an IPv6 environment as an LMS (License Management System) is not supported.

4.2 Known Issues

The following section explain the scenarios that you might encounter while using ZENworks in an IPv6 environment.

For more information, see the ZENworks Documentation.

5.0 Legal Notice

For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.novell.com/company/legal/.

© Copyright 2008 - 2021 Micro Focus or one of its affiliates.

The only warranties for products and services of Micro Focus and its affiliates and licensors (“Micro Focus”) are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Micro Focus shall not be liable for technical or editorial errors or omissions contained herein. The information contained herein is subject to change without notice.