locked
Bad dynamic IPv6 DNS server entries for Wireless interface cannot be removed RRS feed

  • Question

  • I have a Windows 7 laptop that always shows (and initially attempts to use) a pair of IPv6 addresses for DNS servers that, according to "netsh interface ipv6 show dns" are configured through DHCP:

    Configuration for interface "Wireless Network Connection"
        DNS servers configured through DHCP:  2001:558:feed::2
                                              2001:558:feed::1
        Register with which suffix:           Primary only

    The problem is that these addresses are NOT being provided on my local network and are invalid because my router has IPv6 disabled. I ran a packet trace at the time the interface is enabled to confirm that nothing is responding to the IPv6 DHCP request, only to the IPv4 request.

    If I try to delete these servers using netsh I'm told that I cannot do so because they are not static.

    If I plug in my Ethernet interface to the same local area network, I do not get these rogue addresses, only the expected IPv4 address.

    If you look up these addresses they are owned by Comcast. Comcast is not my ISP, so I suspect they were picked up at some time in the past when I was connected to a Comcast provided network.

    Because these address are first used to attempt to resolve DNS requests, initial DNS requests sometimes take a while to timeout before moving on to the valid IPv4 DNS server that IPv4 DHCP provides to the client.

    How do I get rid of these rogue, "dynamic" DNS server addresses?



    • Edited by narnian1 Friday, November 7, 2014 12:44 AM clarification "DNS Server entries"
    Friday, November 7, 2014 12:35 AM

Answers

  • Tina,

    I tried manually configuring the IPv6 DNS servers with different, fake addresses. The fake addresses showed up as the only IPv6 DNS addresses. I then removed the manual, fake addresses. The bad IPv6 addresses showed up again. I then disabled IPv6. As expected, no IPv6 DNS addresses appeared. I then re-enabled IPv6 and no IPv6 DNS addresses appeared! I then rebooted and it continued to work properly (no IPv6 DNS addresses).

    Strange thing is that I had previously tried only disabling IPv6 and re-enabling and it did not fix the problem. So it appears that it was the combination of manual configuration, manual clearing, disabling IPv6 and re-enabling IPv6 that cleared the problem. Strange.

    • Marked as answer by narnian1 Friday, November 14, 2014 2:38 PM
    Friday, November 14, 2014 2:37 PM

All replies

  • Hi,

    Based on your description, the IPv6 DNS server entries occurred when the Windows 7 laptop has a wireless connection. And you configured the router as the DHCP server.

    Have you tried to use other Windows 7 laptops to connect to the wireless connection and have they received the same DNS server entries?

    Due to these DNS server entries were assigned by DHCP. To troubleshooting this issue. Please use ipconfig /all command to print out the TCP/IP configuration at first. Then find which DHCP server are servicing the wireless DHCP client.

    And please use ipconfig /release command to release the IP lease and use ipconfig /renew command to obtain a IP lease again. Before performing these two commands, please use a capture tools to capture the DHCP packets, thus you could find the IP address of the DHCP server who assigned these configurations.

    If these configurations was assigned by your DHCP server, maybe some previous configurations have an effect on this.

    Best Regards,

    Tina
    Friday, November 7, 2014 1:37 PM
  • Yes, the router on my home network is configured as the only DHCP server and it has IPv6 disabled. Other windows 7 computers on the same network do not get or have the bogus DNS IPv6 servers listed.

    Only the wireless adapter on this particular laptop has the problem.

    The only DHCP server listed in ipconfig /all is the router.

    I've tried ipconfig /release followed by ipconfig /renew and the same bogus IPv7 DNS server entries appear. If I use Wireshark and watch the traffic after a release and renew (or after a disable and enable) I see the machine make IPv6 DHCP requests (but there is no response) and I see the IPv4 request and the router's response with only itself listed as the sole IPv4 DNS server.

    I agree that it appears that for some reason this interface is remembering some prior IPv6 configuration, but have no idea how to make it "forget". As further evidence of this theory, the two IPv6 servers that are listed appear to be Comcast servers. My home ISP is not Comcast, so it appears to be from some prior wireless connections.


    • Edited by narnian1 Friday, November 7, 2014 2:31 PM clarification
    Friday, November 7, 2014 2:30 PM
  • Hi,

    I'm sorry for the late reply.

    Maybe you could try to configure these IPv6 DNS servers manually in the TCP/IPv6 Properties of the wireless network adapter.

    Then run netsh interface ipv6 delete dns “Wireless Network Connection” 2001:558:feed::2 command again to delete the DNS server IPv6 address. To see if these IPv6 address will back again.

    Best Regards,

    Tina

    Friday, November 14, 2014 6:05 AM
  • Tina,

    I tried manually configuring the IPv6 DNS servers with different, fake addresses. The fake addresses showed up as the only IPv6 DNS addresses. I then removed the manual, fake addresses. The bad IPv6 addresses showed up again. I then disabled IPv6. As expected, no IPv6 DNS addresses appeared. I then re-enabled IPv6 and no IPv6 DNS addresses appeared! I then rebooted and it continued to work properly (no IPv6 DNS addresses).

    Strange thing is that I had previously tried only disabling IPv6 and re-enabling and it did not fix the problem. So it appears that it was the combination of manual configuration, manual clearing, disabling IPv6 and re-enabling IPv6 that cleared the problem. Strange.

    • Marked as answer by narnian1 Friday, November 14, 2014 2:38 PM
    Friday, November 14, 2014 2:37 PM
  • Hi,

    I'm glad to hear that your problem was solved. Thank you for sharing the solution.

    Best Regards,

    Tina

    Monday, November 17, 2014 6:01 AM
  • I have this exact problem but the steps do not resolve it. 
    Monday, April 27, 2015 9:20 PM
  • Hi,I had the same issue. It happens anywhere, where native IPv6 connectivity is available and you have IPv6 enabled and automatically configured, which is default setting (afaik). The solution is to manually remove offending key in the registry. (the other more agressive solution is complete removal and reinstallation of NIC drivers)

    The key: HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\Interfaces\<some_nic_id>\

    The NIC ID of the adapter with "rogue" ipv6 DNS server could be identfified by looking at the similar key for IPv4 stack:

    HKLM\SYSTEM\CurrentControlSet\services\TCPIP\Parameters\Interfaces\<some_nic_id>\

    List through them until you find the right IP4 address currently asigned by DHCP (the "DhcpIPAddress" key). Other familiar network configuration values are also easily readable. Now open the same key in TCPIP6 subkey and simply delete "Dhcpv6InterfaceOptions" value. Reboot. The value wil be re-created when needed. For repeated use, I recommend creating batch file. I hope this helps.

    Sunday, December 25, 2016 12:25 PM
  • It seems that it is a bug. These steps somehow forced your system to update the configuration key. Strangely it did not work for me. Again, vis a vis, a bug.
    Sunday, December 25, 2016 12:36 PM
  • Hi,

    We have the same issue.

    Is MS aware about this issue? Have they released a patch for this issue?

    We fixed it by doing the following:

    Disabled IPV6 with a script:

    reg add HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters /v DisabledComponents /t REG_DWORD /d 0xff

    Kr,

    Joeri

    Tuesday, March 14, 2017 12:47 PM
  • We are having the same issue. Anyone else seeing this now.
    Monday, August 7, 2017 2:52 PM
  • This is a feature and it's also by design; Comcast's design.  That's their DNS server addresses for IPv6.  

    Comcast uses DHCPv6-PD to delegate a /64 prefix to their customers for IPv6.  Part of that process hands off all of the necessary settings to establish a successful IPv6 session, complete with DNS servers in the offer, just like what you'd have with DHCP over IPv4.

    What you have to understand is IPv6 and IPv4 are two completely different protocols that are "dual-stacked" for Comcast.  There's no "6to4" tunneling with them.  Each protocol stack works independently of each other from Comcast's perspective.  But from your perspective as an end user is your computer uses whichever protocol it deems more preferable to make a successful connection session to whatever you're doing on the net.  

    What you're looking for is to override the DNS servers issued in the prefix delegation.  This must be done in your router/modem/firewall, based on its feature set.  

    In my setup, I have a Technicolor DOCSIS 3.1 modem from Comcast, it's hooked into a Ubiquiti EdgeRouter X.  The Edgerouter is properly set up for IPv4 and IPv6.  The router hands out the IPv6 delegation to the internal subnets - and the "PD" can be overridden to use an internal DNS server (the router itself) with an upstream DNS servers of my choice.  

    Yes, IPv6 is different than IPv4.   There is more than one way for an ISP to set up their IPv6 services for their customers.  I'd argue Comcast made it pretty easy once you understand the concepts at play.  

    However, the symptoms you describe with IPv6 is not a bug at all, it's how it's supposed to work.  If you have a properly setup IPv4 environment, then IPv6 in this fashion is purely "for internet access only" and ultimately provides you no real value for your internal network and its services.  They can coexist peacefully and independently.  

    What I'd ultimately do, though, is override Comcast's DNSv6 servers and use OpenDNS's IPv6 servers instead.     

    Thursday, December 28, 2017 4:20 AM