Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2883
Views
0
Helpful
4
Replies

How to deal with the automatic 6to4 addresses in the network

zhenningx
Level 4
Level 4

‎05-29-2012 10:49 AM - edited ‎03-01-2019 05:35 PM

As we use public IPv4 address in our network, each computer automatically gets an 6to4 address. I understand after the World IPv6 Lauch, these computers may use the 6to4 address to talk to IPv6 enabled websites through the free and unmanaged 6to4 gateways on internet. This may cause unmanaged connectiviy issues. How to prevent this? How would you deal with this? Is there a way to stop these computers to get the automatic 6to4 addresses?

Thanks.

Labels:
0 Helpful
4 Replies 4

Service Spring
Level 1
Level 1

‎05-29-2012 10:57 AM

On windows you can do a

netsh int ipv6 6to4 set state disabled

0 Helpful

zhenningx
Level 4
Level 4
In response to Service Spring

‎05-29-2012 11:04 AM

Thanks. But how to deal with thousands of "unmanaged" client computers?

0 Helpful

Jonatan Jonasson
Level 4
Level 4
In response to zhenningx

‎06-01-2012 02:04 PM

I know this may not be the answer you're looking for...

But what about considering implementing IPv6 within your network? (dual-stack)

When the computers have native IPv6 connectivity, they should always prefer using the native IPv6 connection rather than any of the tunneling mechanisms such as 6to4.

Instead of looking at this as a "unmanaged" problem, look at this as "managed" connectivity service.

So by enabling IPv6 within your network, you get two things done.

1) Your network steps into the future.

2) Your clients (managed and unmanaged) will have native connectivity to both IPv4 and IPv6 resources, just like you do with IPv4-only resources today, and then you don't have to worry too much about 6to4.

0 Helpful

zhenningx
Level 4
Level 4
In response to Jonatan Jonasson

‎06-04-2012 07:12 PM

Thanks. Enable native ipv6 is the best option. But we can not enable native ipv6 in a few days.

By consulting with our dns vendor (infoblox), I think we find the best resolution for now. We can setup the dns appliance to filter aaaa records. So when a client query a name with both AAAA and A records, our dns servers will only return A record to the clients. In this way, we can have everything under control before we built our native ipv6 network.

Sent from Cisco Technical Support iPad App

0 Helpful
Customers Also Viewed These Support Documents