[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Disabling IPV6

Posted on 2014-03-20
3
Medium Priority
?
519 Views
Last Modified: 2014-03-28
We have over 4k machines on our network using Windows 7. What is the best way to disable IPV6 across our domain? Do you guys see an issue with this being on the machines if we are only using IPV4? We been having some DNS issues ever since we upgraded from XP. Thanks
0
Comment
Question by:Thomas N
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 10

Expert Comment

by:0xSaPx0
ID: 39943189
Best bet is to disable via group policy.

http://social.technet.microsoft.com/wiki/contents/articles/5927.how-to-disable-ipv6-through-group-policy.aspx

Its no big deal to have it enabled however. DNS issues likely are not related to IPV6 being enabled UNLESS you have it enabled on your servers as well.
0
 
LVL 41

Expert Comment

by:Kyle Abrahams
ID: 39943192
You can use the attached files and deploy it via active directory.

Note to remove the .txt from the files as EE won't allow the admx / adml.

Credit:
http://www.expta.com/2009/02/how-to-configure-ipv6-using-group.html
IPv6Configuration.zip
0
 
LVL 59

Accepted Solution

by:
Cliff Galiher earned 2000 total points
ID: 39944019
I would strongly discourage you from disabling IPv6. ESPECIALLY since it is only conjecture that this is the problem. Microsoft has increasingly been building functionality on IPv6, and there are a few cases where services talk to each other via the IPv6 loopback. Since IPv6 supports IPSec natively, this is a more secure channel than IPv4. So even if your *network* doesn't use IPv6, windows does. And while it will "fall back" to IPv4, it is less secure, and there is a greater risk that something won't work as tested and as expected.

As previously mentioned, chances are your DNS issues are not IPv6 related. And by that, I'll reiterate and say it in stronger terms. The chances that your issues are because of IPv6 are *extremely* slim.

It is more likely that you always had DNS issues, but upgrading from XP to Win7 is just bringing them to the surface. Disabling IPv6 would not solve your issue if this speculation is accurate. This is not that uncommon actually. XP was more lenient in both following DNS specifications (hence many of the DNS security patches since XP was released) and more readily used NetBIOS as a fallback...just as Win7 will fall back to IPv4 when IPv6 fails internally. With Vista, Microsoft started reallly stripping out NetBIOS support from some services meaning DNS *had* to work. And Win7 continued that trend with deprecating NetBIOS in even more services than Vista had.

Many of the "Vista woes" that were so popular in the media were bad networks that upgrading to Vista just "uncovered." And then the networks got fixed, so by the time Win7 shipped it *seemed* like a great OS compared to Vista. But if you skipped Vista and jumped to Win7 and still had those network issues, it could be just as painful.

...but I digress...

The point of all of the above is to illustrate just how these issues come about. Yes, you are seeing it in Win7. And yes, win7 does run IPv6. But it also relies on DNS more heavily than XP ever did. Correlation does not always mean causation. And in this case, disabling IPv6 could very well be a red herring and would still leave you annoyed *and* weaken your network in the process.
0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This Micro Tutorial will teach you how to change your appearance and customize your Windows 7 interface to your unique preference. This will be demonstrated using Windows 7 operating system.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question