locked
IPv6 versus IPv4 in AD DS RRS feed

  • Question

  • When configuring subnets in sites and services, AD DS associates a workstation with a site by comparing the workstation's IP address with the subnets that are associated with each site. As you add domain controllers to a domain, AD DS also examines their IP addresses and places them in the most appropriate site. In addition to IP version 4 (IPv4) addresses, Windows Server also supports IP version 6 (IPv6) subnet prefixes.

    Does anyone know what network would be preferred by AD DS if the workstation is running dual stack ipv4 and ipv6? Example would be that I have 2 workstations in different sites with the same IPv4 address but each have unique IPv6 addresses. Can I use the IPv6 Addresses and ignore the IPv4 addresses to assign them to the proper site? 

    Friday, September 27, 2019 4:57 PM

All replies

  • Hi,

    As I know, IPv6 is the protocol that Windows uses preferred and all other clients will try to contact the AD via IPv6.

    With IPv6 enabled, it will always prefer to IPv6, rather than IPv4.

    You could refer to the following official article as your reference:

    https://docs.microsoft.com/en-us/dotnet/framework/network-programming/ipv6-addressing

    Hope this can help you, if you have anything unclear, please let me know.

    Best regards,

    Ellen


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, September 30, 2019 8:39 AM
  • Hi,

    Just checking in to see if the information provided was helpful.

    Please let us know if you would like further assistance.

    Best Regards,

    Ellen


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, October 4, 2019 1:41 AM
  • I really did not understand your example. Sites are logical overlay and representation of your physical network. How can 2 workstations have same IPv4 address, but belong to different sites?

    This is how it should be.
    Lets begin from IPv4. You have couple of offices and networks. In order to let clients communicate with nearest Domain Controllers, you are configuring subnets and assign them to sites, for instance:

    HQ - has large number of users and consists of networks 192.168.30.0/24, 192.168.31.0/24, 192.168.32.0/24. They all assigned to the site object HQ_Site.
    Branch1 - remote location with just 1 network 192.168.101.0/24. Assigned to the Branch1_Site site object in AD.
    etc...
    You already know how clients are assigned to the site while logged on based on client ip-address.

    Now you decide to add IPv6. For the sake of example you begin with Branch1. You decide that IPv6 network in Branch1 should be fd86:c8ba:76a9:0570::/64. You create such subnet in the AD and assign to the existing Branch1_Site site object. Now, client get booted and communicates with DC. By default it attempts to use IPv6. By examining client's IPv6 address and comparing it with Subnets/Sites configuration, DC assigns it to the Branch1_Site. Just like in IPv4. If for whatever reason the client can't use IPv6, it falls back to IPv4 and same rules apply.

    Now you move on to HQ. Because IPv6 address range is much bigger, you decide that 1 network will cover all you needs. You create network fdd5:a279:7398:5586::/64 and assign it to the existing HQ_Site site object.

    You see? Amount of networks might have reduced, but amount of sites remains the same. By adopting IPv6 you don't create networks which span across multiple geographic locations. Regardless of IP version being used, the client should end up being assigned to the same Site. This way you configuration is not contradictory.

    • Proposed as answer by Vodalus Tuesday, October 8, 2019 8:56 AM
    Friday, October 4, 2019 11:40 AM
  • Hi,

    You could mark the useful reply as answer if you want to end this thread up.

    If there is anything else we can do for you, please feel free to post in the forum.

    Best Regards,

    Ellen



    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, October 8, 2019 1:40 AM