<

Go Premium for a chance to win a PS4. Enter to Win

x

Avoid This Windows IPv6 Problem on Your Network

Published on
10,682 Points
4,582 Views
1 Endorsement
Last Modified:
Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native VLAN" and "voice VLAN" assignments. This is a really convenient configuration, but may be problematic when you deploy IPv6.

If both your native and voice VLANs are configured on an IPv6 network and you are using IPv6 stateless address autoconfiguration (SLAAC), a Windows client plugged into on of these ports will probably self-configure addresses on BOTH VLANs. The address on the voice VLAN is will probably be unusable for anything but VoIP and may cause problems if your Windows client advertises this address through dynamic DNS registration or LLMNR. You don't want your Windows computers doing this!

The reason this happens is that many Windows network adapter drivers in their default VLAN-unaware configuration simply take the voice VLAN traffic, remove the VLAN tags, and pass it off to Windows just like it was sent on the native VLAN. Windows' IPv6 auto-configures itself on the voice VLAN because it is receiving the IPv6 router advertisements (RAs) from that network. (This does not seem to be a problem in OS X.)

So, how to fix this? The solution will vary depending on your network adapter, but what you have to do is tell the driver to either leave the VLAN tags intact or tell it to only listen on the native VLAN. Broadcom NetXtreme adapters fall into the first category, Intel adapters fall into the second.

The following specifics are from a Wireshark howto that can be found at: http://wiki.wireshark.org/CaptureSetup/VLAN

For Broadcom adapters, use Regedit to search for TxCoalescingTicks in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Classes . This will locate your network adapter's settings. Now in the same key create a string value PreserveVlanInfoInRxPacket and set its value to 1. Restart your computer and you should no longer get self-configured addresses on the voice VLAN.

For Intel adapters, first make sure you have the current Intel PROset drivers. Only the PROset drivers will have the VLAN features needed. Then, in Device Manager (not the network and sharing center), open the properties for your Intel adapter and locate the VLAN tab. We want to specify the "untagged VLAN". The native VLAN is also know as an untagged VLAN and is intended for access without any VLAN-awareness. However, Intel's driver doesn't let you specify an untagged VLAN until you specify a tagged VLAN, so first add a VLAN using any number (it doesn't matter since we will disable it). Next, add another VLAN and check the "untagged VLAN" box. You will now see three adapters in Device Manager where before there was one. Now disable that first VLAN adapter we created, leaving only the original and the untagged VLAN adapters. The original adapter remains, but only as a parent to the virtual adapters, Windows won't use it. That's it, you're done. You may want to reboot, but I found it works without a reboot.

I'm sure there are other network adapter drivers with similar issues and there may be alternate solutions to the Broadcom and Intel adapters I've listed. If you know of any, please add them as replies here! I spent a LOT of time searching on this issue and found several people describing the problem but no real solutions. One Cisco document I found described the problem but only suggested a routing weight by prefix lifetime workaround or disabling PC Voice VLAN Access through the IP phone (which may not always be present). I prefer that Windows not see the voice VLAN at all, even if no IP phone is present as a filter.

I hope this saves the next person in my situation a lot of head-pounding, and maybe it will even get the attention of Microsoft and the network adapter driver authors so they can reconsider the default way Windows handles this situation.
1
Comment
0 Comments

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Join & Write a Comment

This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seveā€¦

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month