Monday, May 17, 2010 2:05 PM
Well this issue has become a results of attempting to fix another. My DNS server seemed to always lose it's DirectAccess address (i.e. 2002:...) after a reboot or reload of DNS. Obviously this would cause issues with DA not being able to see DNS. I am not sure exactly what I may have tripped to get here but now it seems that the DA server (h-da01) and the DNS server (h-dc1) do not like each other anymore. After alot of digging and netsh int x show commands I am thinking potentially a link-local address issue...
DA is my first venture into IPv6 so my apologies ahead of time if I word some of the concepts incorrectly.
I seems that all addresses on the DA server, with the exception of 6to4, have fe80:: addresses. For this discussion I guess the first question is simple.
... Is this normal? What should I be seeing for IP addresses on the DA server?
Thursday, May 20, 2010 3:59 AM
I think it is normal.
DirectAccess is a forward-looking technology that Microsoft expects to use for many years. It does not make sense to create a forward-looking remote access strategy based on IPv4, which will eventually be deprecated.
DirectAccess is designed to provide end-to-end connectivity and security, which IPv6 includes in a deep and integrated way.
Providing end hosts with a global IPv6 address allows seamless management of remote hosts from the intranet, which is nearly impossible with IPv4-based connectivity models.
Friday, May 21, 2010 4:55 PM
The ISATAP.DOMAIN.LOCAL needed an address to hand out the prefix. For whatever reason it decided it was no longer being generated. Here is what fixed the issue in case anyone runs across this same issue: Netsh int ipv6 add route 2002:6264:d5f6:1::/64 isatap.domain.local publish=yes Adding the route also gives an IPv6 address to to isatap.domain adapter. Not sure what got hosed but this fixed it.
Thank you to Mike W at Microsoft for working through this with me!
- Marked As Answer by Ron HRC Friday, May 21, 2010 4:55 PM