[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1979
  • Last Modified:

Windows Server 2008R2 AD Domain controller - enable or disable ipv6 protocol

We are in the process of upgrading our Active Directory from W2K3 to W2K8; we have about 25 domain controllers (all W2K3) running now and will upgrade them all to W2K8 in the coming months. We have two consultants giving us different advice on whether or not to keep the ipv6 protocol enabled on the new W2K8 domain controllers. One says "first thing to do is disable ipv6", the other one says "keep ipv6 enabled always"... Our network is not fully configured for ipv6 yet, but we can ping servers using ipv6 and we have seen that we could access ipv6 enabled servers when we were having local tail packet size problems to one of our subsidiaries.

Cqn someone share some info whether or not we should enable / disable ipv6 on domain controllers?
0
Patrick Elsen
Asked:
Patrick Elsen
2 Solutions
 
ghodderCommented:
On my WAN I have disabled IPV6 on *all* 2008 servers until we are ready to make the transition. Better safe than sorry since you have no plans to use it in the near future. Once you're ready to make the transition and have all your IPV6 routing setup and tested, you could start enabling it.
0
 
Krzysztof PytkoActive Directory EngineerCommented:
I would suggest to leave IPv6 enabled. As I also disabling it in the past, after I read this article "Why do not disable IPv6", I stopped doing that :) Actually, Win 2008 R2 has many services which relies on IPv6 in the background, so leave it (DirectAccess, Exchange 2010 etc.).

Read this article, please and check if it convinced you :)
http://technet.microsoft.com/en-us/magazine/2009.07.cableguy.aspx

Regards,
Krzysztof
0
 
Sikhumbuzo NtsadaCommented:
Here is why I would motivate for IPv6 to be enabled:

- We are inevitable running out of IP addresses in IPv4 (Outside internet I know not a problem if there is no WANs in your Forest)

•      IPv6 has better security (IPSec)
•      Plug n’ Play capabilities have been improved
•      QoS improved – has an additional flow label header
•      IP mobility has been simplified because, unline IPv4, one can rely on a communication partner’s address to be visible throughout the internet.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now