Solved

Windows 7 and Prefer IPV4 DNS

Posted on 2013-12-30
10
2,841 Views
Last Modified: 2014-01-26
I have a small network with Server 2012 Standard and a handful of Windows 7 and 8.1 devices. The server handles DHCP and DNS for IPV4. Now my ISP has started offering IPV6 as well so I've thrown that into the mix and it's not playing nice. I don't have a static IP or even an assigned range for IPV6, addresses are assigned using stateless autoconfiguration. That means I can't setup a IPV6 scope or DNS server on my local server, the IP's are assigned rather by my ISP.

My solution to this was to change the registry setting to make Windows prefer IPV4. This works fine on Windows 8.1. Unless I go to a site where IPV6 is needed IPV6 does not come into play. However Windows 7 is another story, I can ping an address and it will return the IPV4 address after making the change. BUT it uses the IPV6 DNS servers as the primary DNS servers. This is a big problem because they are my ISP's name servers which can't resolve my local domain! The IPV4 name servers are third and fourth on the list and they never seem to get checked, so logging into the domain fails.

I've tried changing the prefix priorities to no avail. There just does not seem to be any way to force Windows 7 to prefer the IPV4 DNS servers that I can find.

Any suggestions besides turning off IPV6?
0
Comment
Question by:jeffdominiak
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 22

Expert Comment

by:Nick Rhode
ID: 39746432
Microsoft pushed an update which kind of messed things up for a lot of people when they delegated IPv6 over IPv4.  To resolve the issue they put up a bunch of patches for this so you can choose 1 or the other.

Link Here:  http://support.microsoft.com/kb/929852

This way you can have which one you want.
0
 

Author Comment

by:jeffdominiak
ID: 39746625
Yes, I used the FixIt in that article which creates an entry "DisabledComponents=0x20" in the IPV6 parameters. This does in fact result in an IPV4 address being returned as expected. It does NOT result in the IPV4 DNS servers being prefered however.

If I do an ipconfig /all my DNS servers would be listed as something like...
2600::1
2600::2
192.168.1.2
192.168.1.3

If I type nslookup it would show my current nameserver as 2600::1. Which is external and not capable of resolving my domain.

So to make this more clear.
Ping www.google.com ... gets me 74.125.225.212
Ping mydomain.local ... gets me could not find host

Hope that makes sense.
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 39746775
Just because your ISP is offering it doesn't mean you have to use it.

Even if the ISP is giving IPv6 addressing to you that shouldn't have any effect whatsoever on your internal IPv4 configuration.
0
 

Author Comment

by:jeffdominiak
ID: 39749004
That's true, and this is purely an experimental setup and I don't have any practical reason that I need IPV6. It's just personal satisfaction of getting both IPV4 and IPV6 playing nice together. It seems though unless you are an enterprise with a designated block of IPV6 addresses, it's not very practical to use in a client-server environment. Because as it currently stands there is no NAT in the IPV6 world, there's no other way to allow servers to have a static IP.

Well, there's unique local addressing but that's very limiting since devices with ULA's can communicate with the public internet.

Oh, and IPV6 should not have an effect on the IPV4 network, but it DOES. I give up, this appears to be an exercise in futility. Thank you to those who tried to help.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39749328
We have been avoiding the problem by staring to implement routers that can block IPv6 traffic to/from the public side.  One concern is a device getting an IPv6 DHCP address from an unknown source such as a neighbor with malicious intent.
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 45

Expert Comment

by:Craig Beck
ID: 39750039
IPv6 doesn't interfere with IPv4.  You need to tell your devices to prefer IPv4 that's all.  The two are designed to be able to run together, and they do just that.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39750049
As ISP's are implementing IPv6, there are some issues arising such as rouge IPv6 DHCP servers, and Exchange will send e-mail using IPv6 and sites such as GMail will bounce the mail unless IPv6 PTR records are in place.  To do that you have to implement IPv6 public DNS, configure the server, and more, such that blocking it at the router in some cases is easier for now.   It's not a long term solution.

Internally they live happily together and are implemented and managed by default with Windows servers.
0
 

Accepted Solution

by:
jeffdominiak earned 0 total points
ID: 39798632
Just to close this out, the answer to my issue turned out to be changing my routers IPv6 type from SLAAC+Stateless to SLAAC+RDNSS and setting Windows to prefer IPv4 over IPv6. It was that first part that stopped my ISP's DNS servers from stomping on my local DNS.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39808209
Is not blocking at the router what I had suggested?
0
 

Author Closing Comment

by:jeffdominiak
ID: 39809847
Required resources outside of this board to find final solution. It's still kind of a kludge, but that just seems to be the state of IPv6 currently.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

This is a little timesaver I have been using for setting up Microsoft Small Business Server (SBS) in the simplest possible way. It may not be appropriate for every customer. However, when you get a situation where the person who owns the server is i…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now