PentadSupport
asked on
ipv6 ping transmit failed. general failure
Hello,
I am in the process of setting up IPv6 on my network. I have about 10 Windows server 2008R2 servers and several windows 7 clients. I have two domain controllers each assigned a static IPv6 address and a DHCP server handing out IPv6 addresses. All other servers are using DHCP. My own Windows 7 laptop works fine to ping either of the domain controllers that have their static IP addresses. The servers return a PING: transmit failed. General failure. I think this is either a router advertisement issue or a DHCP server issue because I can give the other servers static addresses and they can then ping the domain controllers. So either I am being handed the wrong DHCP information, or the router advertisement is setup incorrectly.
I have a Watchguard firewall with advertisement on.
Any ideas would be appreciated.
Thanks,
Andy
I am in the process of setting up IPv6 on my network. I have about 10 Windows server 2008R2 servers and several windows 7 clients. I have two domain controllers each assigned a static IPv6 address and a DHCP server handing out IPv6 addresses. All other servers are using DHCP. My own Windows 7 laptop works fine to ping either of the domain controllers that have their static IP addresses. The servers return a PING: transmit failed. General failure. I think this is either a router advertisement issue or a DHCP server issue because I can give the other servers static addresses and they can then ping the domain controllers. So either I am being handed the wrong DHCP information, or the router advertisement is setup incorrectly.
I have a Watchguard firewall with advertisement on.
Any ideas would be appreciated.
Thanks,
Andy
motnahp00
Are the systems configured to respond back to ICMP echo requests?
ASKER
I can ping them with ipv4. And turning off the firewall doesn't help.
The DHCP Server will not handig out IPV6 Adresses. DHCPv6 Servers are only to give the Clients a DNS-Server or so. You must input the same Prefix you use on your server, then the client will take a free adress itself. The Client will make a multicast request and ask if he can use the adress. and then the client takes the adress and should be able to ping your server via IPV6.
ASKER
I'm not sure I understand the whole thing right. Here is the setup as I know it, maybe you can point out what is wrong.
DHCP/DC Server address (Static) - fd00::92
DC2 Server address (Static) - fd00::102
DHCP prefix - fd00:: (I didn't see an option other than /64)
I added two exclusions. fd00::1 - fd00::300 and fd00::400 to fd00::ffff:ffff:ffff:ffff (The idea here is to use 300-400 for my DHCP range)
Router settings for IPv6:
IP Address - fd00::1/64
send advertisement is checked
Prefix advertisement is fd00::/64 and autonomous and onlink are checked.
Now on to what I see on the computers. the computers show 2 IPv6 IP addresses. One is a link local address and one is in the range my DHCP gives. (correction to my previous post. I just realized I had a static IP on my Windows 7 machine. My computer doesn't work either unless given a static IP.)
One possible problem is that when I setup my DHCP server, I didn't select stateless mode. I thought that just meant that I would need to add a scope later. I don't know if there is anything that the wizard would have setup that it didn't.
The general failure message that I get only happens from the servers when I try to ping a local IPv6 address. I just get a request timed out when trying to ping a computer with the dynamic IPv6 address. Also, when my Windows 7 machine has a dynamic IP address and I try to ping the domain controller I get request timed out instead of the general failure like the servers get.
I hope this information helps.
DHCP/DC Server address (Static) - fd00::92
DC2 Server address (Static) - fd00::102
DHCP prefix - fd00:: (I didn't see an option other than /64)
I added two exclusions. fd00::1 - fd00::300 and fd00::400 to fd00::ffff:ffff:ffff:ffff (The idea here is to use 300-400 for my DHCP range)
Router settings for IPv6:
IP Address - fd00::1/64
send advertisement is checked
Prefix advertisement is fd00::/64 and autonomous and onlink are checked.
Now on to what I see on the computers. the computers show 2 IPv6 IP addresses. One is a link local address and one is in the range my DHCP gives. (correction to my previous post. I just realized I had a static IP on my Windows 7 machine. My computer doesn't work either unless given a static IP.)
One possible problem is that when I setup my DHCP server, I didn't select stateless mode. I thought that just meant that I would need to add a scope later. I don't know if there is anything that the wizard would have setup that it didn't.
The general failure message that I get only happens from the servers when I try to ping a local IPv6 address. I just get a request timed out when trying to ping a computer with the dynamic IPv6 address. Also, when my Windows 7 machine has a dynamic IP address and I try to ping the domain controller I get request timed out instead of the general failure like the servers get.
I hope this information helps.
ASKER
Also, I can ping the link local address of two dynamically assigned computers. Just not the Unique fd00:: address.
ASKER
And it isn't just ping that doesn't work. I can't do an nslookup or remote desktop using the IPv6 address. again, it does work if I statically assign it.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
With the Netsh code you set up your client to ask the next router for a IP-Adress. Then the client gets the IP Adress not from your dhcp server.
There are 2 ways to configure dhcpv6 normally you have the stateless mode. The DHCP Server will not give a adress to ipv6 clients, just additional infomations like the adress of the dns server. Thats the standart configuration.
Then there is a way to deactivate the stateless mode. In this mode the dhcp server gives ipv6 adresses to the clients. If you have configured the dhcp server to give ipv6 addresses to the clients, then you should set up your client so:
This is to get ipv6 adress from a dhcp server with deactivated stateless mode:
netsh interface ipv6 set interface "Local Area Connection" managedaddress=disabled
And this is to get the dns-configuration from the dhcpserver:
netsh interface ipv6 set interface "Local Area Connection" otherstatefull=enabled
There are 2 ways to configure dhcpv6 normally you have the stateless mode. The DHCP Server will not give a adress to ipv6 clients, just additional infomations like the adress of the dns server. Thats the standart configuration.
Then there is a way to deactivate the stateless mode. In this mode the dhcp server gives ipv6 adresses to the clients. If you have configured the dhcp server to give ipv6 addresses to the clients, then you should set up your client so:
This is to get ipv6 adress from a dhcp server with deactivated stateless mode:
netsh interface ipv6 set interface "Local Area Connection" managedaddress=disabled
And this is to get the dns-configuration from the dhcpserver:
netsh interface ipv6 set interface "Local Area Connection" otherstatefull=enabled
correction:
And this is to get the dns-configuration from the dhcpserver:
netsh interface ipv6 set interface "Local Area Connection" otherstateful=enabled
And this is to get the dns-configuration from the dhcpserver:
netsh interface ipv6 set interface "Local Area Connection" otherstateful=enabled
ASKER
Thank you for the explanation, but that doesn't really answer the question. I found those commands on another forum and tried them on one of the servers and it didn't help. It wasn't until I ran the commands I mentioned above on the DCHP server that things started working. Today, I even have another IPv6 address. Here are the addresses on my Windows 7 computer
IPv6 address fd00::389
IPv6 address fd00::44ff:efd4:cc11:371c
Temporary IPv6 address: fd00::5d57:f535:d335:46ee
Link-local IPv6 address: fe80...etc.
The network seems functional, but I don't understand why I have all 4 addresses. Also I don't understand why the command that I ran on the DHCP server made things work when they weren't before.
IPv6 address fd00::389
IPv6 address fd00::44ff:efd4:cc11:371c
Temporary IPv6 address: fd00::5d57:f535:d335:46ee
Link-local IPv6 address: fe80...etc.
The network seems functional, but I don't understand why I have all 4 addresses. Also I don't understand why the command that I ran on the DHCP server made things work when they weren't before.
Ok I understand.
Then you have configured the Server to get a IP-Adress without a dhcp server.
So the server will ask the next router to get a adress. man=en is for the stateless mode (without dhcp) the same like managed=enabled and other=en is the same like otherstateful=enabled to get the dns from the dhcp server
1. IPv6 address fd00::389 This is a unique local adress
2. IPv6 address fd00::44ff:efd4:cc11:371c This is a unique local adress
3. Temporary IPv6 address: fd00::5d57:f535:d335:46ee
This is used temporary to get a ip adress. the client asks a router with a neighbourhood request with this adress. if another client has the same address then the address is deprecated.
4. Link-local IPv6 address: fe80...etc.
The link-local that is similar to ipv4 apipa but this adress will still stay when you have another ip-adress.
You could use the network monitor to see how the client gets this adresses. Maybe you have configured a second address manually.
Then you have configured the Server to get a IP-Adress without a dhcp server.
So the server will ask the next router to get a adress. man=en is for the stateless mode (without dhcp) the same like managed=enabled and other=en is the same like otherstateful=enabled to get the dns from the dhcp server
1. IPv6 address fd00::389 This is a unique local adress
2. IPv6 address fd00::44ff:efd4:cc11:371c This is a unique local adress
3. Temporary IPv6 address: fd00::5d57:f535:d335:46ee
This is used temporary to get a ip adress. the client asks a router with a neighbourhood request with this adress. if another client has the same address then the address is deprecated.
4. Link-local IPv6 address: fe80...etc.
The link-local that is similar to ipv4 apipa but this adress will still stay when you have another ip-adress.
You could use the network monitor to see how the client gets this adresses. Maybe you have configured a second address manually.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you. That explains it for me. I didn't realize what man, other, and en meant. On a side note, yesterday all my IP addresses said preffered. Do you know why they might not be now? other computers have temporary addresses as well.