我刚刚安装了第一个域控制器;它的域名是ad.businessname.com(其中businessname.com由外部DNS服务器处理;域名也有公共网站,电子邮件等,此时这些域名不会加入域名).它是安装了AD DS和DNS角色的服务器核心.一切似乎都很好,我准备建立第二个DC并开始加入计算机,但……
现在我的网络上有额外的IPv6路由器广告,广告Unique Local Addresses.它还宣传实际路由器正在宣传的本机IPv6前缀.起初我认为这些RA来自域控制器,因为当我关闭它时它们就消失了,但是在运行Wireshark后我看到它们来自我的实际IPv6路由器. Wireshark显示,这个版本的RA很快就跟随了来自DC的fd4a:e7ab:34a5 :: 1的邻居请求.
奇怪的是,当域控制器不在网络上时,路由器也发送它通常发送的原始路由通告.这个版本的RA匹配/etc/radvd.conf(下面是一个副本).与Wireshark的快速会话证实,两个版本的路由器广告都来自运行radvd的linux路由器的MAC地址.
到目前为止,这些似乎无害,因为我的IPv6连接并未因额外RA的存在而中断.但由于我已经拥有全球IPv6连接,因此ulA似乎是不必要且不需要的.
我昨晚花了很多钱,今天在互联网上搜索,试图弄清楚发生了什么,但除了暗示它是might have something to do with the IP Helper Service(以及模糊警告不要关闭它)之外,几乎找不到任何解释.但据我所知,当本机IPv6可用时禁用此服务应该是安全的.
所以我的问题是:
>为什么windows为ulA网络发送邻居请求?
>为什么要发送这些RA,显然是作为回应?
>为什么他们除了我的本地地址之外还宣传ulA?
>这不会导致以后的IPv6路由出现问题吗?
>我是否必须忍受这个,或者我如何使windows和radvd行为?
各种配置信息如下:
这是一个被发送的捕获RA(如radvdump所示,IMO比wireshark的输出更容易阅读).你可以看到它正在宣传ulA和公共前缀(这里隐藏).当我关闭域控制器时,此版本的RA停止出现在网络上.
## radvd configuration generated by radvdump 1.9.1# based on Router Advertisement from fe80::20c:29ff:fef4:66f1# received by interface eth0#interface eth0{ AdvSendAdvert on; # Note: {Min,Max}RTradvInterval cannot be obtained with radvdump AdvManagedFlag off; AdvOtherConfigFlag on; AdvReachableTime 0; AdvRetransTimer 0; AdvCurHoplimit 0; AdvDefaultlifetime 1800; AdvHomeAgentFlag off; AdvDefaultPreference medium; AdvSourceLLAddress on; AdvlinkMTU 1500; prefix fd4a:e7ab:34a5::/64 { AdvValIDlifetime 86400; AdvPreferredlifetime 86400; AdvOnlink on; Advautonomous on; AdvRouteraddr off; }; # End of prefix deFinition prefix 2001:db8:16:bf::/64 { AdvValIDlifetime 86400; AdvPreferredlifetime 86400; AdvOnlink on; Advautonomous on; AdvRouteraddr off; }; # End of prefix deFinition RDNSS fd4a:e7ab:34a5::1 { AdvRDNSSlifetime 86400; }; # End of RDNSS deFinition DNSSL businessname.com { AdvDNSsllifetime 1800; }; # End of DNSSL deFinition}; # End of interface deFinition 这是原始路由器广告,它与路由器的/etc/radvd.conf匹配,并且仍然被发送到网络上,与上面的路由器交替:
## radvd configuration generated by radvdump 1.9.1# based on Router Advertisement from fe80::20c:29ff:fef4:66f1# received by interface eth0#interface eth0{ AdvSendAdvert on; # Note: {Min,Max}RTradvInterval cannot be obtained with radvdump AdvManagedFlag off; AdvOtherConfigFlag off; AdvReachableTime 0; AdvRetransTimer 0; AdvCurHoplimit 64; AdvDefaultlifetime 1800; AdvHomeAgentFlag off; AdvDefaultPreference medium; AdvSourceLLAddress on; prefix 2001:db8:16:bf::/64 { AdvValIDlifetime 86400; AdvPreferredlifetime 14400; AdvOnlink on; Advautonomous on; AdvRouteraddr off; }; # End of prefix deFinition RDNSS 2001:4860:4860::8888 2001:4860:4860::8844 { AdvRDNSSlifetime 600; }; # End of RDNSS deFinition}; # End of interface deFinition 域控制器上已安装的角色/功能列表:
[dc1]: PS C:\Users\administrator\documents> Get-windowsFeature | where {$_.InstallState -eq "Installed"}display name name Install State------------ ---- -------------[X] Active Directory Domain Services AD-Domain-Services Installed[X] DNS Server DNS Installed[X] file And Storage Services fileAndStorage-Services Installed [X] file and iSCSI Services file-Services Installed [X] file Server FS-fileServer Installed [X] Storage Services Storage-Services Installed[X] .NET Framework 4.5 Features NET-Framework-45-Fea... Installed [X] .NET Framework 4.5 NET-Framework-45-Core Installed [X] WCF Services NET-WCF-Services45 Installed [X] TCP Port Sharing NET-WCF-TCP-PortShar... Installed[X] Group Policy Management GPMC Installed[X] Remote Server administration Tools RSAT Installed [X] Role administration Tools RSAT-Role-Tools Installed [X] AD DS and AD LDS Tools RSAT-AD-Tools Installed [X] Active Directory module for windows ... RSAT-AD-PowerShell Installed[X] windows PowerShell PowerShellRoot Installed [X] windows PowerShell 3.0 PowerShell Installed[X] WoW64 Support WoW64-Support Installed 以太网接口的IPv6配置,如聊天中所要求的:
[dc1]: PS C:\Users\administrator\documents> netsh interface ipv6 show interface interface=EthernetInterface Ethernet Parameters----------------------------------------------IfLuID : ethernet_7IfIndex : 12State : connectedMetric : 10link MTU : 1500 bytesReachable Time : 33500 msBase Reachable Time : 30000 msRetransmission Interval : 1000 msDAD Transmits : 1Site Prefix Length : 64Site ID : 1Forwarding : DisabledAdvertising : DisabledNeighbor discovery : enabledNeighbor Unreachability Detection : enabledRouter discovery : enabledManaged Address Configuration : DisabledOther Stateful Configuration : enabledWeak Host Sends : DisabledWeak Host Receives : DisabledUse automatic Metric : enabledIgnore Default Routes : DisabledAdvertised Router lifetime : 1800 secondsAdvertise Default Route : DisabledCurrent Hop limit : 64Force ArpnD Wake up patterns : DisabledDirected MAC Wake up patterns : DisabledECN capability : application解决方法 虽然我仍然不知道为什么会发生这种情况(并且欢迎解释!)现在似乎已经修复了.
我用精细的牙齿梳理了网络配置,发现我的懊恼是默认网关中有错字!
[dc1]: PS C:\Users\administrator\documents> Get-NetRoute -PolicyStore PersistentStore -AddressFamily IPv6ifIndex DestinationPrefix NextHop RouteMetric PolicyStore------- ----------------- ------- ----------- -----------12 ::/0 2001:db8:116:bf::1 256 Persiste...
嗯,哎呀! 116:bf应为16:bf.
所以我修正了拼写错误,并且很好地从以太网接口删除了ulA地址,瞧,没有额外的RA,我的网络再次开心.
[dc1]: PS C:\Users\administrator\documents> Remove-NetRoute -NextHop 2001:db8:116:bf::1ConfirmAre you sure you want to perform this action?Performing operation "Remove" on Target "NetRoute -DestinationPrefix ::/0 -InterfaceIndex 12 -NextHop 2001:db8:116:bf::1 -Store Active"[Y] Yes [A] Yes to All [N] No [L] No to All [?] Help (default is "Y"): yConfirmAre you sure you want to perform this action?Performing operation "Remove" on Target "NetRoute -DestinationPrefix ::/0 -InterfaceIndex 12 -NextHop 2001:db8:116:bf::1 -Store Persistent"[Y] Yes [A] Yes to All [N] No [L] No to All [?] Help (default is "Y"): y[dc1]: PS C:\Users\administrator\documents> New-NetRoute -NextHop 2001:db8:16:bf::1 -DestinationPrefix ::/0 -InterfaceIndex 12ifIndex DestinationPrefix NextHop RouteMetric PolicyStore------- ----------------- ------- ----------- -----------12 ::/0 2001:db8:16:bf::1 256 ActiveStore12 ::/0 2001:db8:16:bf::1 256 Persiste...[dc1]: PS C:\Users\administrator\documents> Remove-NetIPAddress -AddressFamily IPv6 -IPAddress fd4a:e7ab:34a5:0:807e:e44a:7ffc:ea90 -PrefixLength 64ConfirmAre you sure you want to perform this action?Performing operation "Remove" on Target "NetIPAddress -IPv6Address fd4a:e7ab:34a5:0:807e:e44a:7ffc:ea90 -InterfaceIndex 12 -Store Active"[Y] Yes [A] Yes to All [N] No [L] No to All [?] Help (default is "Y"): y
Wireshark说,在邻居请求,路由器广告或其他任何地方都没有ulA的进一步信号.
总结以上是内存溢出为你收集整理的domain-name-system – 为什么我的域控制器导致我的路由器发送唯一本地地址的广告?全部内容,希望文章能够帮你解决domain-name-system – 为什么我的域控制器导致我的路由器发送唯一本地地址的广告?所遇到的程序开发问题。
如果觉得内存溢出网站内容还不错,欢迎将内存溢出网站推荐给程序员好友。
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)