• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

IPv6, IPv4 address priority question

Started by tjj70302, January 10, 2010, 06:53:17 AM

Previous topic - Next topic


From http://msdn.microsoft.com/en-us/library/bb756941.aspx

The Windows Vista and Windows Server 2008 stack will always prefer using IPv6 when it can find an IPv6 address for the remote system it needs to talk to. Network communication will take place for any IPv6 compatible application or service if both systems in a session have IPv6 addresses (e.g. sharing files on a LAN will usually be done over IPv6).


I've experienced the same problem where IPv4 would be prioritized over IPv6 on both Windows 7 as well as on Windows 2008R2. The host would have both an IPv4 address and an IPv6 address (either native or tunnelled). Only when I would explicitly specify ping -6 or tracert -6, it would use IPv6, otherwise it would always use IPv4 as the default. This means that no application using the default stack would be able to reach an IPv6 host (i.e. webbrowsing to http://ip6.me).

I've been messing with the netsh interface ipv6 show prefixpolicies in order to get it to work. With no avail. After a couple of hours of frustration I found out where the problem lies. Perhaps it may help others as well. The problem was caused by the fact that I was using a DNS server on my internal network on my internally bound NIC with an IPv4 address without a gateway. Even though this DNS server returned the IPv6 addresses first (or would only return an IPv6 address i.e. with ipv6.google.com), it would try to reach it over the IPv4 stack using the IPv6 bound NIC. This would obviously not work. Now I have removed the reference to the internal IPv4 DNS servers and have entered the IPv6 addresses of the DNS server of my ISP, it works without any problems. Strange, but true.
Koen Zomers
Microsoft .NET Technology Specialist


I have another finding to add to my post above. It does work using the IPv4 DNS server on my internal network when I also enable IPv6 on the internal NIC. So now I have:

The internet facing NIC equipped with: a native IPv6 address and IPv6 gateway without any DNS server.
The internal NIC equipped with: an IPv4 address, an IPv6 address, the two IPv4 addresses of the internal DNS servers and the IPv4 address of the internal gateway.

The priority order of the two NICs as set in Windows under Advanced Settings is: first LAN followed by Internet.

I can now successfully reach both IPv6 hosts on the internet as well as IPv4 and IPv6 hosts on my internal network. When disabling IPv6 on the internal NIC, the problem returns. So make sure you have enabled IPv6 on all your NICs, even though you're not using it through all NICs. Another case of strange, but true.
Koen Zomers
Microsoft .NET Technology Specialist


That sounds like a side affect "The Teredo Behavior".  I think that's a bug, because the behavior is supposed to only prefer IPv4 if you have only a Teredo address.  But it appears to require that a non-teredo IPv6 address appear on the interface that your DNS server lives on, even if you have a native IPv6 interface on a different interface.

I wonder what would happen if you put a connection specific DNS server entry pointing to your internal or external DNS server on the NIC which has the IPv6 address?  I bet it'd work then too, even if you didn't have an IPv6 on the LAN interface (I don't think windows has any idea what interface is LAN and which isn't).

Reminds me of the hoops one has to jump through to get Teredo to actually do IPv6 on Vista and Win7 with any application.  You basically have to put a fake IPv6 address which isn't in the Teredo range on the NIC your DNS server is set on, then add back in the IPv6 default route through teredo.  After you do that then suddenly it'll start using IPv6 addresses, otherwise only ping, and visiting IPv6 sites by address works.

This is 'cause the default behavior with Teredo requires that the application request to use Teredo, otherwise the DNS API only returns IPv4 addresses.  I also recently read something which leads me to believe that there may be a windows firewall setting (NAT Traversal) which if turned on might have the same effect.  But not sure about this.


Script on PowerShell
1) If available IPv4 & IPv6, priority IPv4;
2) If available IPv4 , priority IPv4 ;);
3) If available IPv6, priority IPv6 ;);

After the script may need to restart OS
Script testing: OS Windows 7
Download script http://oleg-faleev.ru

Testing priority: on my homepage: http://oleg-faleev.ru