Avatar of PentadSupport
PentadSupport
 asked on

ipv6 ping transmit failed. general failure

Hello,

I am in the process of setting up IPv6 on my network. I have about 10 Windows server 2008R2 servers and several windows 7 clients. I have two domain controllers each assigned a static IPv6 address and a DHCP server handing out IPv6 addresses. All other servers are using DHCP. My own Windows 7 laptop works fine to ping either of the domain controllers that have their static IP addresses. The servers return a PING: transmit failed. General failure. I think this is either a router advertisement issue or a DHCP server issue because I can give the other servers static addresses and they can then ping the domain controllers. So either I am being handed the wrong DHCP information, or the router advertisement is setup incorrectly.

I have a Watchguard firewall with advertisement on.

Any ideas would be appreciated.

Thanks,
Andy
DHCPNetworkingRouters

Avatar of undefined
Last Comment
PentadSupport

8/22/2022 - Mon
motnahp00

Are the systems configured to respond back to ICMP echo requests?
PentadSupport

ASKER
I can ping them with ipv4. And turning off the firewall doesn't help.
christianschmidt

The DHCP Server will not handig out IPV6 Adresses. DHCPv6 Servers are only to give the Clients a DNS-Server or  so.  You must input the same Prefix you use on your server, then the client will take a free adress itself. The Client will make a multicast request and ask if he can use the adress. and then the client takes the adress and should be able to ping your server via IPV6.
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
PentadSupport

ASKER
I'm not sure I understand the whole thing right. Here is the setup as I know it, maybe you can point out what is wrong.

DHCP/DC Server address (Static) - fd00::92
DC2 Server address (Static) - fd00::102
DHCP prefix - fd00:: (I didn't see an option other than /64)
I added two exclusions. fd00::1 - fd00::300 and fd00::400 to fd00::ffff:ffff:ffff:ffff (The idea here is to use 300-400 for my DHCP range)

Router settings for IPv6:
IP Address - fd00::1/64
send advertisement is checked
Prefix advertisement is fd00::/64 and autonomous and onlink are checked.

Now on to what I see on the computers. the computers show 2 IPv6 IP addresses. One is a link local address and one is in the range my DHCP gives. (correction to my previous post. I just realized I had a static IP on my Windows 7 machine. My computer doesn't work either unless given a static IP.)

One possible problem is that when I setup my DHCP server, I didn't select stateless mode. I thought that just meant that I would need to add a scope later. I don't know if there is anything that the wizard would have setup that it didn't.

The general failure message that I get only happens from the servers when I try to ping a local IPv6 address. I just get a request timed out when trying to ping a computer with the dynamic IPv6 address. Also, when my Windows 7 machine has a dynamic IP address and I try to ping the domain controller I get request timed out instead of the general failure like the servers get.

I hope this information helps.
PentadSupport

ASKER
Also, I can ping the link local address of two dynamically assigned computers. Just not the Unique fd00:: address.
PentadSupport

ASKER
And it isn't just ping that doesn't work. I can't do an nslookup or remote desktop using the IPv6 address. again, it does work if I statically assign it.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER CERTIFIED SOLUTION
PentadSupport

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
christianschmidt

With the Netsh code you set up your client to ask the  next router for a IP-Adress. Then the client gets the IP Adress not from your dhcp server.

There are 2 ways to configure dhcpv6 normally you have the stateless mode. The DHCP Server will not give a adress to ipv6 clients, just additional infomations like the adress of the dns server. Thats the standart configuration.

Then there is a way to deactivate the stateless mode. In this mode the dhcp server gives ipv6 adresses to the clients. If you have configured the dhcp server to give ipv6 addresses to the clients, then you should set up your client so:

This is to get ipv6 adress from a dhcp server with deactivated stateless mode:
netsh interface ipv6 set interface "Local Area Connection" managedaddress=disabled

And this is to get the dns-configuration from the dhcpserver:
netsh interface ipv6 set interface "Local Area Connection" otherstatefull=enabled
christianschmidt

correction:
And this is to get the dns-configuration from the dhcpserver:
netsh interface ipv6 set interface "Local Area Connection" otherstateful=enabled
PentadSupport

ASKER
Thank you for the explanation, but that doesn't really answer the question. I found those commands on another forum and tried them on one of the servers and it didn't help. It wasn't until I ran the commands I mentioned above on the DCHP server that things started working. Today, I even have another IPv6 address. Here are the addresses on my Windows 7 computer

IPv6 address fd00::389
IPv6 address fd00::44ff:efd4:cc11:371c
Temporary IPv6 address: fd00::5d57:f535:d335:46ee
Link-local IPv6 address: fe80...etc.

The network seems functional, but I don't understand why I have all 4 addresses. Also I don't understand why the command that I ran on the DHCP server made things work when they weren't before.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
christianschmidt

Ok I understand.
Then you have configured the Server to get a IP-Adress without a dhcp server.
So the server will ask the next router to get a adress. man=en is for the stateless mode (without dhcp) the same like managed=enabled and other=en  is the same like otherstateful=enabled to get the dns from the dhcp server

1. IPv6 address fd00::389  This is a unique local adress

2. IPv6 address fd00::44ff:efd4:cc11:371c  This is a unique local adress

3. Temporary IPv6 address: fd00::5d57:f535:d335:46ee
This is used temporary to get a ip adress. the client asks a router with a neighbourhood request with this adress. if another client has the same address then the address is deprecated.

4. Link-local IPv6 address: fe80...etc.
The link-local that is similar to ipv4 apipa but this adress will still stay when you have another ip-adress.

You could use the network monitor to see how the client gets this adresses. Maybe you have configured a second address manually.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
PentadSupport

ASKER
Thank you. That explains it for me. I didn't realize what man, other, and en meant. On a side note, yesterday all my IP addresses said preffered. Do you know why they might not be now? other computers have temporary addresses as well.