none
how to configure this? RRS feed

  • Question

  • Hi all...

    I've learned, that we cannot use DHCP anymore ... also not DHCPv6. We have to let the router assign the prefixes for IPv6. Here are some questions now.

    1) DNS and DCs... I guess they should still have static ips, even for IPv6. And, I didn't read something else... is that correct?

    2) if I want that my clients can access those servers, they need an ip with the same prefix and a route (/64 route)... now, assigning this route is only possible via router, even if this router is routing nothing... sure, I could use DHCPv6 to distribute the addresses, but then I've no way of configuring this "route" to the local network segment... therefor I think I need to configure a router that does nothing but distributing the prefix (or the addresses? what does it distribute?) and this /64 route (which is a "on the interface" route and not really a route)... is that correct?

    3) if 1 is correct and 2 also... then, how can I prevent a collision of those two ips (the static and the dynamic) ... let's say I have a DC... this DC has a static ip and makes an update (from time to time... not very often... at least not for more than an hour per day, those servers make updates)... during this time this server is offline... now, if in this time a client starts and requests an ip from the router... and get's the ip of the DC... and does all it's "collision detection magic"... and finds out "hey, nobody there with this address"... then the DC comes back online and... collision... so, what can we do against this?

    4) is there something wrong in general with what I want to do?

    ... I hope you can help me here a little bit

    Rudolf

    Tuesday, September 3, 2019 10:56 AM

All replies

  • Hi RudoIf,

    >>1) DNS and DCs... I guess they should still have static ips, even for IPv6. And, I didn't read something else... is that correct?

    Yes.For certain types of servers, you must assign a static IP address and subnet mask during or after Setup. 

    These servers include DHCP servers, DNS servers, WINS servers, and any server providing access to users on the Internet. It is also recommended that you assign a static IP address and subnet mask for each domain controller.

    >>get's the ip of the DC... and does all it's "collision detection magic"... and finds out "hey, nobody there with this address"... then the DC comes back online and... collision... so, what can we do against this?

    You can exclude the static IP address from the DHCP scope on the DHCP server. 

    To configure an exclusion, follow these steps:

    -In the DHCP console, expand the applicable scope.

    -Right-click Address Pool and select New Exclusion Range.

    -Specify the beginning and end of the range of addresses you wish to exclude. To exclude a single address, you may leave the End IP Address field blank.

    -Click Add to add the exclusion.

    Since you use router to assign IP address, I would suggest you contact the router vendor to confirm if they could support IP exclusion.

    Here is an article talking about how to configure Cisco router as DHCP server, you could have a look:

    Configure Cisco router as DHCP server

    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    Best Regards,

    Candy



    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com   



    Wednesday, September 4, 2019 5:53 AM
  • I found out, that with SLAAC you cannot define exclusions. That's impossible because of the protocol.

    What I also found out is, that "the router vendor" (which is Microsoft, because I use RRAS) does not implement all the possibilities that SLAAC provides. But, since they are in the DHCPv6 group and not at the SLAAC supporters, I somehow understand this.

    Long story short... IPv6 is a mess and not working at all. I'm writing my own "pseudo router" to distribute the correct configuration to my computers and turn of the router advertisement of RRAS/Windows. And I'm using DHCPv6 for address configuration and dns configuration distribution.

    And... I will use static IPv6 addresses. I will do everything I did in IPv4 now with IPv6, because that's the correct way. Period!

    The only thing you need to change is the handling of the security internally, because of the no longer existing NAT. But I'll find out what to do...

    Rudolf

    Sunday, September 8, 2019 12:48 PM