none
How to stop Direct Access Server to advertise the Default Route, since this slows down IE Connections

    Question

  • Hi,

    we have the following problem.

    In our network we deployed IPv6 with Unicat Local Addresses. We deployed Server 2008 R2 with Direct Access. Connections all work fine.

    After Reboot the DA Server advertises the Default Route. And this slows down all IE Website Connections !

    PS C:\Windows\system32> netsh
    netsh>int ipv6
    netsh interface ipv6>sh route

    Veröff.  Typ       Met   Präfix                    Idx  Gateway/Schnittstelle
    -------  --------  ----  ------------------------  ---  ---------------------
    Ja       Manuell   1100  ::/0                       16  2002:c058:6301::c058:6301
    Nein     Manuell   256  ::1/128                     1  Loopback Pseudo-Interface 1
    Nein     Manuell   8    2001::/32                  14  Teredo Tunneling Pseudo-Interface
    Ja       Manuell   1000  2002::/16                  16  6TO4 Adapter
    Nein     Manuell   256  2002:c279:cb51::c279:cb51/128   16  6TO4 Adapter
    Ja       Manuell   256  2002:c279:cb51:2::/64      15  IPHTTPSInterface
    Nein     Manuell   256  2002:c279:cb51:2::/128     15  IPHTTPSInterface
    Nein     Manuell   256  2002:c279:cb51:2:f227:5217:dd63:dc27/128   15  IPHTTPSInterface
    .............

    I then stop this with:
    set route prefix="::/0" 16 publish=no store=pers

    with the result:

    Veröff.  Typ       Met   Präfix                    Idx  Gateway/Schnittstelle
    -------  --------  ----  ------------------------  ---  ---------------------
    Nein     Manuell   1100  ::/0                       16  2002:c058:6301::c058:6301

    BUT, after Reboot the route will still be advertised.

    I have in addition tried to delete the route. After Reboot still the same.

    How we can solve this problem ?

    What is the technical background?

    Thanks

    Ewald

    Monday, December 10, 2012 3:28 PM

Answers

  • Hi,

    I'm not familiar with direct access. But in VPN, there is an option "Use default gateway on remote network" which could be enabled or disabled on the client side. It could be set in the properties of the VPN connection on the client. If the option is enabled, there will be a default route which points to the VPN server created. If the option isn't disabled, there will not be such default route created. I suggest you can also check if there is also the option in the properties of the direct access connection.

    Best Regards

    Scott Xie


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Thursday, December 20, 2012 9:48 AM

All replies

  • Hi,

    Thank you for your question.
    I am trying to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience.

    Thank you for your understanding and supports.


    Best Regards,
    Aiden


    Aiden Cao
    TechNet Community Support


    Friday, December 14, 2012 3:18 AM
    Moderator
  • Hi,

    I'm not familiar with direct access. But in VPN, there is an option "Use default gateway on remote network" which could be enabled or disabled on the client side. It could be set in the properties of the VPN connection on the client. If the option is enabled, there will be a default route which points to the VPN server created. If the option isn't disabled, there will not be such default route created. I suggest you can also check if there is also the option in the properties of the direct access connection.

    Best Regards

    Scott Xie


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Thursday, December 20, 2012 9:48 AM