Domain Controller 2012 R2 DNS ::1

  • 104 Views
  • Last Post 31 January 2019
Alix posted this 30 January 2019

Hi Everyone,(please notice that I am french speaker : my english is sometimes uncorrect, sorry about that).I am in the process of upgrading a domain : 3 DC 2008 R2 to 3 DC 2012 R2.We have two remote distinct sites (containing at least one domain controller) and IPv6 is not enabled on our networks.
The  Domain controllers 2008 R2 don't use IPv6 : uncheck the box for Internet Protocol Version (TCP/IPv6)
I have depromote 2 Domain Controller 2008 R2 and correctly introduce 3 Domain Controllers 2012 R2 with a special configuration IPv6 :check the box for Internet Protocol Version (TCP/IPv6).HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\DisabledComponents = 0x21 (decimal 33)
which prefer IPv4 to IPv6 and disable all tunneling protocol.
All the FSMO is still on the 2008 R2 and everything seems in control.The DNS Server on the DC 2012 is not listening on the interface fe80
I have a question regarding the client DNS on the DC 2012. When I check with ipconfig /all, I notice that the first DNS Server is ::1 and when I test nslookup, I receive response of ::1. 
Is there a way to privilege the DNS IPv4 for the client ?
Thanks for your information,
Alix

Order By: Standard | Newest | Votes
jeremyts posted this 31 January 2019

Hi Alix,

 

I’ve used Prefer IPV4 over IPV6 extensively and never had an issue. Have you tried using the correct values for this using the DisabledComponents,

which is 20 hex or 32 decimal? I’ve never tested the values you’re using to also disable all tunnelling protocols, and unsure if the combination you’re setting is causing conflict here.

 

Cheers,

Jeremy

 

show

Alix posted this 31 January 2019

Hi,
Thank you Jeremy1. I had checked the reference for value 0x21, it seems correct.
(for example Mich Tulloch IPv6 for Windows Admins :" 0x21 ... Assigning this value to the DisabledComponents registry value will do two things. First, it will cause IPv4 to be preferred over IPv6 when the computer attempts to establish network communications. Second, it will disable all IPv6 tunnel interfaces on the computer.")
2. On a lab, I have checked a server 2012 R2 : domain controller + DNS Server.With DisabledComponents = 33 or DisabledComponents= 32, The first DNS Server is ::1 in each case.
I don't find a way to change it for a DNS IPv4 first.
Alix
Le jeu. 31 janv. 2019 à 06:02, Jeremy Saunders <jeremy@xxxxxxxxxxxxxxxx> a écrit :
















Hi Alix,

 

I’ve used Prefer IPV4 over IPV6 extensively and never had an issue. Have you tried using the correct values for this using the DisabledComponents,

which is 20 hex or 32 decimal? I’ve never tested the values you’re using to also disable all tunnelling protocols, and unsure if the combination you’re setting is causing conflict here.

 

Cheers,

Jeremy

 

show

jeremyts posted this 31 January 2019

Hi Alix,

 

I understand what you are referring to, but as I have never experienced the issue you speak of, and I have only ever used 20 hex successfully

over hundreds of projects and thousands of computers, why don’t you try that? There may be a known issue when you combine the two.

 

Use ping as the tool for initial testing. “ping localhost” will return 127.0.0.1 if IPV4 is preferred, or ::1 if IPV6 is preferred.

Very basic I know, but makes sure you’re getting the results you want from the DisabledComponents setting.

 

Cheers,

Jeremy

 

show

Alix posted this 31 January 2019


Hi, 
I have checked and it seems that IPv4 is the favourite for ping but not for nslookup : 
“ping localhost” is returning  127.0.0.1   nslookup "prefers" ::1
About DNS Client :Checking Get-DnsClientAddresses is returning : 
InterfaceAlias               Interface     Address ServerAddresses                                                                           Index                     Family                                                               --------------               --------- -------         ---------------                                              Ethernet 2                           15 IPv4    {Public IPv4 of the other DC, 127.0.0.1}                                            Ethernet 2                           15 IPv6    {::1}                                                           
This is strange and I really hope that ::1 will do the job correctly.
Alix
Le jeu. 31 janv. 2019 à 13:32, Jeremy Saunders <jeremy@xxxxxxxxxxxxxxxx> a écrit :
















Hi Alix,

 

I understand what you are referring to, but as I have never experienced the issue you speak of, and I have only ever used 20 hex successfully

over hundreds of projects and thousands of computers, why don’t you try that? There may be a known issue when you combine the two.

 

Use ping as the tool for initial testing. “ping localhost” will return 127.0.0.1 if IPV4 is preferred, or ::1 if IPV6 is preferred.

Very basic I know, but makes sure you’re getting the results you want from the DisabledComponents setting.

 

Cheers,

Jeremy

 

show

jeremyts posted this 31 January 2019

Hi Alix,

 

It looks like the DisabledComponents setting is working as expected. I’d suggest there’s a different issue here. Maybe this:



https://myousufali.wordpress.com/2012/06/26/nslookup-response-default-server-unknown-address-1/

 

Cheers,

Jeremy

 

show

Alix posted this 31 January 2019

Hi Jeremy,
Thanks for the link. I think this is my situation and I guess this could be a safe solution.
Thanks ;-)
Alix
Le jeu. 31 janv. 2019 à 14:52, Jeremy Saunders <jeremy@xxxxxxxxxxxxxxxx> a écrit :
















Hi Alix,

 

It looks like the DisabledComponents setting is working as expected. I’d suggest there’s a different issue here. Maybe this:



https://myousufali.wordpress.com/2012/06/26/nslookup-response-default-server-unknown-address-1/

 

Cheers,

Jeremy

 

show

Close