Convert IPv4 address to IPv6 subnet on AD Sites
Hi,
We currently run IPv4 on our network. However, it looks like it's recommended to enable IPv6 on DFS servers according to this:
http://blogs.technet.com/askds/archive/2009/10/28/dfs-referrals-and-ipv6-outta-site.aspx
I'm having trouble creating an IPv6 subnet in AD Site and Services for my DFS servers since I'm note very familiar with IPv6. I think the IPv6 I see on the servers is the "converted" to IPv6 (see warning message below)??
DC and DFS servers are Win 2008 R2 Datacenter. It looks like the IPv6 address of the DFS servers are not "matching" the subnets I have created and therefore DFS is not associated with the correct sites causing clients to go over the WAN
to other DFS servers.
For example:
The IPv4 for my DFS servers are:
156.124.92.202/23
156.124.78.202/23
I created these IPv4 subnets:
156.124.92.0./23 --> SA-Site
156.124.78.0/23 --> AU-Site
IPv6 DHCP service is not enabled. No Static IPv6 set for the network connection. The "converted" IP seems to be
2002:9c7c:5cca::9c7c:5cca
2002:9c7c:4eca::9c7c:4eca
I created these IPv6 subnets
2002::9c7c:5c00/119
2002::9c7c:4e00/119
This is what I see on the DFS servers:
Validating the site associations on every domain controller of the following: SA-DFS-01
Warning: The server has IP addresses with conflicting site associations
Host name: SA-DFS-01
Site: SA-Site
Domain Controller: SA-AD-01
Host IP address
fe80::2c27:42f8:1294:ef4c%10
2002:9c7c:5cca::9c7c:5cca
Subnet-Site Mapping in AD
No mapping exists
No mapping exists
Host name: SA-DFS-01
Site: SA-Site
Domain Controller: AU-AD-01
Host IP address
fe80::2c27:42f8:1294:ef4c%10
2002:9c7c:5cca::9c7c:5cca
Subnet-Site Mapping in AD
No mapping exists
No mapping exists
Validating the site associations on every domain controller of the following: AU-DFS-01
Warning: The server has IP addresses with conflicting site associations
Host name: AU-DFS-01
Site: AU-Site
Domain Controller: SA-AD-01
Host IP address
2002:9c7c:4eca::9c7c:4eca
Subnet-Site Mapping in AD
No mapping exists
Warning: The server has IP addresses with conflicting site associations
Host name: AU-DFS-01
Site: AU-Site
Domain Controller: AU-AD-01
Host IP address
2002:9c7c:4eca::9c7c:4eca
Subnet-Site Mapping in AD
No mapping exists
Hi,
We currently run IPv4 on our network. However, it looks like it's recommended to enable IPv6 on DFS servers according to this:
http://blogs.technet.com/askds/archive/2009/10/28/dfs-referrals-and-ipv6-outta-site.aspx
I'm having trouble creating an IPv6 subnet in AD Site and Services for my DFS servers since I'm note very familiar with IPv6. I think the IPv6 I see on the servers is the "converted" to IPv6 (see warning message below)??
DC and DFS servers are Win 2008 R2 Datacenter. It looks like the IPv6 address of the DFS servers are not "matching" the subnets I have created and therefore DFS is not associated with the correct sites causing clients to go over the WAN
to other DFS servers.
For example:
The IPv4 for my DFS servers are:
156.124.92.202/23
156.124.78.202/23
I created these IPv4 subnets:
156.124.92.0./23 --> SA-Site
156.124.78.0/23 --> AU-Site
IPv6 DHCP service is not enabled. No Static IPv6 set for the network connection. The "converted" IP seems to be
2002:9c7c:5cca::9c7c:5cca
2002:9c7c:4eca::9c7c:4eca
I created these IPv6 subnets
2002::9c7c:5c00/119
2002::9c7c:4e00/119
This is what I see on the DFS servers:
Validating the site associations on every domain controller of the following: SA-DFS-01
Warning: The server has IP addresses with conflicting site associations
Host name: SA-DFS-01
Site: SA-Site
Domain Controller: SA-AD-01
Host IP address
fe80::2c27:42f8:1294:ef4c%10
2002:9c7c:5cca::9c7c:5cca
Subnet-Site Mapping in AD
No mapping exists
No mapping exists
Host name: SA-DFS-01
Site: SA-Site
Domain Controller: AU-AD-01
Host IP address
fe80::2c27:42f8:1294:ef4c%10
2002:9c7c:5cca::9c7c:5cca
Subnet-Site Mapping in AD
No mapping exists
No mapping exists
Validating the site associations on every domain controller of the following: AU-DFS-01
Warning: The server has IP addresses with conflicting site associations
Host name: AU-DFS-01
Site: AU-Site
Domain Controller: SA-AD-01
Host IP address
2002:9c7c:4eca::9c7c:4eca
Subnet-Site Mapping in AD
No mapping exists
Warning: The server has IP addresses with conflicting site associations
Host name: AU-DFS-01
Site: AU-Site
Domain Controller: AU-AD-01
Host IP address
2002:9c7c:4eca::9c7c:4eca
Subnet-Site Mapping in AD
No mapping exists
Hi,
The format seems to be incorrect. Please change them as following and check the result:
2002:9c7c:5cca::/48
2002:9c7c:4eca::/48
For more information about 6to4 address, please see:
http://technet.microsoft.com/en-us/library/cc756770(WS.10).aspx
http://technet.microsoft.com/en-us/library/cc757359(WS.10).aspx
Hope it helps.
This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question.
This can be beneficial to other community members reading the thread.
Similar Messages
-
Can ANYONE please give me the source for converting IPV4 packets to IPV6
I had a file which contains IPV4 packets, I need to convert these packets into IPV6 . Can anyone please give the source..
java.venkat wrote:
one of my friend downloaded that file
my project is to evaluate intrusion detection systems with ipv6 dataGo back to the person who gave you this project and ask for help because you've got alot of problems going on here. Mainly there are two problems.
1) Whatever it might be that you want to do doesn't seem like a very good fit for Java at all.
2) You are just continually spouting rubbish that either are obvious statements of fact or make no sense, as in this last post here.
If you refuse to talk to the person who gave you this project for some much needed direction (which would be foolish by the way) then you really must tell us what your end goal here is. Like specifically what you are looking to do, how you plan on capturing this information in general and why you think this is going to help you resolve your problem. Because as stated your problem isn't making much sense and even if it did I for one don't see how this puts you further along in evaluating "intrustion detection systems". -
How get IPv4 instead of IPv6 (class NetworkInterface)
Hello! I've written java code:
nets = NetworkInterface.getNetworkInterfaces();
NetworkInterface selInterface = Collections.list(nets).get(curIndex);
ips = selInterface.getInetAddresses();
InetAddress addr = Collections.list(ips).get(0);
String str = addr.getHostAddress();
And I obtain IPv6, for example: fe80::20c:29ff:fe2d:a225. How can I get IPv4 or transform IPv6?
p.s. this problem is observed only in Linux, on windows machine program works good.Note : IPV4 address and IPV6 address are unrelated (i.e. no conversion from one to another)Note: this is not correct. Some IPv6 address formats are explicitly provided to act as representations of IPv4 addresses.
-
Difference between address-family ipv6 and address-family ipv6 labeled unicast
Hello Experts,
Can someone explain me the difference between address-family ipv6 and address-family ipv6 labeled unicast. Per my understanding, i think both of them are used to send labelled IPv6 prefix advertisements through BGP..If so, are the following configs same?
address-family ipv6
neighbor 192.168.0.1 activate
neighbor 192.168.0.1 send-label
router bgp 10
neighbor 192.168.0.1
address-family ipv6 labelled unicast
Please let me know if my understanding is correct
Thanks
MukundhThanks for the reply Nagendra...
I have another related query regarding this. We have BGP neighborship flapping between 2 routers ...One is Cisco 7204 and another is Juniper M120 I think.... The Juniper logs show that BGP is flapped due to family inet6 not configured on the Juniper end and Juniper is receiving BGP advertisements with native IPv6 as next hop from Cisco when it shouldn't be receiving that.. The following are commands on Cisco and Juniper...
##### CISCO####
outer bgp 5603
neighbor 95.176.254.10 inherit peer-session LAR neighbor 95.176.254.10 description --- M320-LAB-LJ-CIGALETOVA address-family ipv4
neighbor 95.176.254.10 activate
neighbor 95.176.254.10 inherit peer-policy LAR-ipv4 address-family ipv6
neighbor 95.176.254.10 activate
neighbor 95.176.254.10 send-community both
neighbor 95.176.254.10 route-reflector-client
neighbor 95.176.254.10 send-label
template peer-session LAR
remote-as 5603
update-source Loopback0
timers 30 90
exit-peer-session
template peer-policy LAR-ipv4
route-map LAR-ipv4-out out
route-reflector-client
soft-reconfiguration inbound
send-community both
exit-peer-policy
####JUNIPER####
protocols{bgp{
group I-BGP-IPV4 {
type internal;
family inet {
unicast;
family inet6 {
labeled-unicast {
explicit-null;
export RR-Export-All;
neighbor 95.176.255.254 {
description C7201-RR-IP-CIGALETOVA;
local-address 95.176.254.10;
neighbor 95.176.255.252 {
description C7201-RR-IP-CIGALETOVA;
local-address 95.176.254.10;
By the cisco command above, shouldn't cisco be sending only labelled ipv6 prefixes or am I wrong in this. And if Cisco sends both unlabelled and labelled prefixes, is there a way to make it send only ipv6 prefixes?
Thanks
Mukundh -
Windows 7 not registering IPv4 address in DNS
We have been testing Windows 7 and noticed that the Windows 7 systems are not registering the IPv4 information in the DNS though IPv6 information is registered in the DNS. These test systems are in-place-upgrades from Windows Vista to Windows 7. The Windows 7 systems access the Internet and our internal networks just fine. We noticed the problem when we tried to RDC to the Windows 7 systems through a VPN connection and through our Citrix services. We are able to connect using RDC by entering the IP address of any of the Windows 7 systems. Once we issue the ipconfig /registerdns command we are then able to connect using the IPv4 DNS resolution.
W7 = Windows 7
WV = Windows Vista
C:\>nslookup w7-sbarnett.ciwmb.calepa.local
Server: wmbdns.ciwmb.calepa.local
Address: 156.41.165.20
Name: w7-sbarnett.ciwmb.calepa.local
Address: 2002:9c29:a620::9c29:a620
C:\>nslookup wv-jrodarte.ciwmb.calepa.local
Server: wmbdns.ciwmb.calepa.local
Address: 156.41.165.20
Name: wv-jrodarte.ciwmb.calepa.local
Addresses: 2002:9c29:a614::9c29:a614
156.41.166.20
C:\>ping -4 w7-sbarnett.ciwmb.calepa.local
Ping request could not find host w7-sbarnett.ciwmb.calepa.local. Please check the name and try again.
C:\Windows\system32>ping -4 wv-jrodarte.ciwmb.calepa.local
Pinging WV-JRODARTE.ciwmb.calepa.local [156.41.166.20] with 32 bytes of data:
Reply from 156.41.166.20: bytes=32 time<1ms TTL=128
Reply from 156.41.166.20: bytes=32 time<1ms TTL=128
Reply from 156.41.166.20: bytes=32 time<1ms TTL=128
Reply from 156.41.166.20: bytes=32 time<1ms TTL=128
Ping statistics for 156.41.166.20:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\>ping w7-sbarnett.ciwmb.calepa.local
Pinging w7-sbarnett.ciwmb.calepa.local [2002:9c29:a620::9c29:a620] from 2002:9c29:a614::9c29:a614 with 32 bytes of data:
Reply from 2002:9c29:a620::9c29:a620: time<1ms
Reply from 2002:9c29:a620::9c29:a620: time<1ms
Reply from 2002:9c29:a620::9c29:a620: time<1ms
Reply from 2002:9c29:a620::9c29:a620: time<1ms
Ping statistics for 2002:9c29:a620::9c29:a620:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\>ping wv-jrodarte.ciwmb.calepa.local
Pinging WV-JRODARTE.ciwmb.calepa.local [2002:9c29:a614::9c29:a614] from 2002:9c29:a614::9c29:a614 with 32 bytes of data:
Reply from 2002:9c29:a614::9c29:a614: time<1ms
Reply from 2002:9c29:a614::9c29:a614: time<1ms
Reply from 2002:9c29:a614::9c29:a614: time<1ms
Reply from 2002:9c29:a614::9c29:a614: time<1ms
Ping statistics for 2002:9c29:a614::9c29:a614:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
When we execute ipconfig /registerdns, we get the following:
C:\>nslookup w7-sbarnett.ciwmb.calepa.local
Server: wmbdns.ciwmb.calepa.local
Address: 156.41.165.20
Name: w7-sbarnett.ciwmb.calepa.local
Addresses: 2002:9c29:a620::9c29:a620
156.41.166.32
C:\>ping -4 w7-sbarnett.ciwmb.calepa.local
Pinging w7-sbarnett.ciwmb.calepa.local [156.41.166.32] with 32 bytes of data:
Reply from 156.41.166.32: bytes=32 time<1ms TTL=128
Reply from 156.41.166.32: bytes=32 time<1ms TTL=128
Reply from 156.41.166.32: bytes=32 time<1ms TTL=128
Reply from 156.41.166.32: bytes=32 time<1ms TTL=128
Ping statistics for 156.41.166.32:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Here is the NIC configuration for the Windows 7 system:
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\sbarnett>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : W7-SBARNETT
Primary Dns Suffix . . . . . . . : ciwmb.calepa.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ciwmb.calepa.local
calepa.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : ciwmb.calepa.local
Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
Physical Address. . . . . . . . . : 00-1B-B9-B9-A3-02
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 156.41.166.32(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, October 29, 2009 8:36:37 AM
Lease Expires . . . . . . . . . . : Thursday, November 05, 2009 8:36:31 AM
Default Gateway . . . . . . . . . : 156.41.166.1
DHCP Server . . . . . . . . . . . : 156.41.165.12
DNS Servers . . . . . . . . . . . : 156.41.165.20
156.41.165.11
Primary WINS Server . . . . . . . : 156.41.165.12
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.ciwmb.calepa.local:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : ciwmb.calepa.local
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter 6TO4 Adapter:
Connection-specific DNS Suffix . : ciwmb.calepa.local
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:9c29:a620::9c29:a620(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
DNS Servers . . . . . . . . . . . : 156.41.165.20
156.41.165.11
NetBIOS over Tcpip. . . . . . . . : Disabled
C:\Users\sbarnett>
Has anyone come across this?
TIA
JoseFWIW, I found another solution to this particular issue.
My environment happens to be using a Linux-based DHCP server (ISC DHCP) which isn't configured to dynamically update the DNS, based on our 2008 r2 domain controller. As such, I want the Win7 clients themselves to be able to update the DNS records on
the 2008 r2 server. The only way I could actually make this work for update the v4 address (since we do want to retain v6 capability) was to allow nonsecure updates for the zone containing the Win7 clients. Once I had changed that setting, one
affected Win7 machine was able to register its new IPv4 address successfully by ipconfig /registerdns. There were absolutely no errors in any event logs, so I had a hell of a time figuring out why the updates were failing.
My next task is to find out if it's possible for the Win7 systems to do this update securely. If anyone has info on that, I'd appreciate it!
Toggling the DNS settings from secure to nonsecure has resolved the issue for me. As this is not a desirable change I am also researching a way to make the Windows 7 machines "secure". I noticed this is an old topic but this is a new problem for
me so if you did find a solution to this please let me know. Thank you for the helpful information! -
Hello,
So far, as i understood from different web searches and resource materials, the Internet Registry (ARIN, for example) provides a /32 address block to Top ISP. The Top ISP provides a /48 to customers or to normal ISPs (Lower ISPs). Finally, the customer breaks the /48 into subnet using the 16 bits available. (2^16=65535 /64 subnets). Here my question comes in, How is subnetting performed by this way? ... if 65535 subnets to be used, how can we categorize them into Class A, B and C like in IPv4? .... About hosts, i understand that the low-order 64 bits in the ipv6 address is used for hosts but also how do i know which hosts to assign to which subnets? ... and because VLSM is not necessary in IPv6, does it mean that the Classless Routing Protocols concept is gone and IPv6 will be Classful?
Someone kindly shed some lights on how IPv6 subnetting is performed step-by-step.
Your response is highly appreciated.
Regards,
AMThe first thing with IPv6 is to forget everything you learnt about IPv4 conservation. To put it crudely be wasteful and do not be concerned that you have 1.8x10^18 useable host addresses in a /64 and are only going to use it to address a point to point link or use it for a VLAN allocation for 15 servers.
(I am being overly simplistic here to illustrate a point, there are some subtleties, though in essence go with this)
There are also no classes, no network addresses, no broadcast addresses, no wild bit masks. Everything is CIDR, all addresses are useable.
So in the example of getting a /48, you get 65536 x /64 prefixes (2^16bits of subnetting)
Then just start assigning /64s everywhere you would assign any sized subnet in IPv4 (with the exception of loopbacks)
So from the 1st /64 sequentially number all loopbacks for devices using /128 (e.g. prefix::1, ::2, ::3, ::4 etc)
then your first point to point link gets the next /64, and the next point to point link gets the next /64 and so on, then your first VLAN gets the next /64 and so on.
So if you have 20 devices, 34 point to point links and 12 VLANs in your network you would ultimately be using 47 x /64 prefixes from your /48 and keep the rest (65489 x /64s) for later use.
That's the subnets taken care of. Hosts are in general addressed in the last 64 bits if the prefix. This can be done in one of three ways:
Manually configured (e.g. prefix::3/64, prefix::7/64, prefix::AB/64, prefix::cafe:f00d/64),
Using DHCPv6, or
Using SLAAAC (Stateless Address Auto Configuration) where the host generates its own IPv6 address using its MAC address and padding it out to 64 bits. (Do searches in these terms for more info)
String it all together using the IGP of your choice, and that is pretty much it.
I hope this helps -
I'm sure this is an obvious one but can't figure it out.
I have a Winserver 2008 Sp2 (x86) DC with a static IP address allocated to its only NIC. It seems to have acquired a second 169.254.x.x address automatically which I can't get rid of and which intermittently causes DNS problems (and possibly other)
problems.
ipconfig results are shown below:
C:\Users\Administrator.STRATIS2>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : STRATIS-SVR02
Primary Dns Suffix . . . . . . . : stratis2.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : stratis2.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 XT Network Connection
Physical Address. . . . . . . . . : 00-0F-1F-67-B8-CE
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.11.128.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
IPv4 Address. . . . . . . . . . . : 169.254.140.227(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 10.11.128.99
DNS Servers . . . . . . . . . . . : 10.11.128.1
10.10.128.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Local Area Connection* 8:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D60B08E6-D119-4CB8-BD18-380B7ED48
771}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 9:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Any ideas as to how this might have happened and how I get rid of it (a simple re-boot doesn't do the job).OK, I followed Syed's instructions. I noticed that under the registry entry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\ there were two AdaptorGUIDs, but only one of them had any parameters.
I created the IPAutoConfigurationEnabled parameter for both these AdaptorGUIDs with a value of 0 as instructed and re-booted.
Here are the registry entries for the two AdaptorGUIDs:
After re-booting I did another ipconfig /all, and the APIPA address is still there! Here's the ipconfig output:
C:\Users\Administrator.STRATIS2>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : STRATIS-SVR02
Primary Dns Suffix . . . . . . . : stratis2.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : stratis2.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 XT Network Connection
Physical Address. . . . . . . . . : 00-0F-1F-67-B8-CE
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.11.128.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
IPv4 Address. . . . . . . . . . . : 169.254.62.149(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 10.11.128.99
DNS Servers . . . . . . . . . . . : 10.11.128.1
10.10.128.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Local Area Connection* 8:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D60B08E6-D119-4CB8-BD18-380B7ED48
771}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 9:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
[it's a different APIPA address this time, but I guess it is randomly allocated].
Any further ideas for me?
Thanks
Nigel -
IPhones not taking ipv4 addresses on Unified Wireless (WLC 5508 and AP 3602)
This is a really odd one...
Earlier this week we started having issues with our BYOD wireless network (802.1x, WPA2+AES) but only with Apple devices (iphone and ipad). Employees with Android or Windows phones are not having any problems at all.
A brief summary of what's observable for the issue:
Radius authentication succeeds (PASS observable in ACS logs)
IPhone status viewed on both controllers (foreign anchor in DMZ as well as corporate WLC) shows phone associated.
Debug client output shows an IPv4 address is actually being assigned to the phone however it appears to ignore it and restart the DHCP request process so debug output shows what looks to be a loop of DHCP request and offer stages.
Infrastructure notes
Cisco WLC 5508s are all running 7.4.121.0 (tried rolling back to 7.2.110.0 .....didn't help)
APs are all 3602I-N-K9
DHCP for the BYOD network is running on the anchor in the DMZ however this was temporarily moved to a switch (had no effect).
Any ideas?
DHCP Loop:
*mmListen: Apr 30 11:44:50.476: a4:c3:61:7a:1a:4f 0.0.0.0 RUN (20) Fast Path rule (contd...) 802.1P = 0, DSCP = 0, TokenID = 15206 Local Bridging Vlan = 93, Local Bridging intf id = 12
*mmListen: Apr 30 11:44:50.476: a4:c3:61:7a:1a:4f 0.0.0.0 RUN (20) Successfully plumbed mobile rule (IPv4 ACL ID 255, IPv6 ACL ID 255)
*pemReceiveTask: Apr 30 11:44:50.476: a4:c3:61:7a:1a:4f Set bi-dir guest tunnel for a4:c3:61:7a:1a:4f as in Export Anchor role
*pemReceiveTask: Apr 30 11:44:50.476: a4:c3:61:7a:1a:4f 0.0.0.0 Added NPU entry of type 1, dtlFlags 0x4
*pemReceiveTask: Apr 30 11:44:50.476: a4:c3:61:7a:1a:4f Pushing IPv6: fe80:0000:0000:0000: 0c00:0c94:459e:a9db , and MAC: A4:C3:61:7A:1A:4F , Binding to Data Plane. SUCCESS !!
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP received op BOOTREQUEST (1) (len 308,vlan 92, port 13, encap 0xec05)
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP selecting relay 1 - control block settings:
dhcpServer: 172.24.13.251, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 172.24.16.251 VLAN: 93
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP selected relay 1 - 172.24.13.251 (local address 172.24.16.251, gateway 172.24.16.254, VLAN 93, port 13)
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP transmitting DHCP DISCOVER (1)
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 1
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP xid: 0x7e549f4a (2119475018), secs: 0, flags: 0
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP chaddr: a4:c3:61:7a:1a:4f
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP ciaddr: 0.0.0.0, yiaddr: 0.0.0.0
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP siaddr: 0.0.0.0, giaddr: 172.24.16.251
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP selecting relay 2 - control block settings:
dhcpServer: 172.24.13.251, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 172.24.16.251 VLAN: 93
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP selected relay 2 - NONE
*DHCP Proxy Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP received op BOOTREPLY (2) (len 572,vlan 0, port 0, encap 0x0)
*DHCP Proxy Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP sending packet in EoIP tunnel to foreign 10.65.31.8 (len 346)
*DHCP Proxy Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP transmitting DHCP OFFER (2)
*DHCP Proxy Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP op: BOOTREPLY, htype: Ethernet, hlen: 6, hops: 0
*DHCP Proxy Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP xid: 0x7e549f4a (2119475018), secs: 0, flags: 0
*DHCP Proxy Task: Apr 30 11:44:50.480: a4:c3:61:7a:1a:4f DHCP chaddr: a4:c3:61:7a:1a:4f
*DHCP Proxy Task: Apr 30 11:44:50.480: a4:c3:61:7a:1a:4f DHCP ciaddr: 0.0.0.0, yiaddr: 172.24.16.102
*DHCP Proxy Task: Apr 30 11:44:50.480: a4:c3:61:7a:1a:4f DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*DHCP Proxy Task: Apr 30 11:44:50.480: a4:c3:61:7a:1a:4f DHCP server id: 0.0.0.0 rcvd server id: 172.24.13.251
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP received op BOOTREQUEST (1) (len 308,vlan 92, port 13, encap 0xec05)
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP selecting relay 1 - control block settings:
dhcpServer: 172.24.13.251, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 172.24.16.251 VLAN: 93
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP selected relay 1 - 172.24.13.251 (local address 172.24.16.251, gateway 172.24.16.254, VLAN 93, port 13)
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP transmitting DHCP DISCOVER (1)
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 1
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP xid: 0x7e549f4a (2119475018), secs: 1, flags: 0
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP chaddr: a4:c3:61:7a:1a:4f
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP ciaddr: 0.0.0.0, yiaddr: 0.0.0.0
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP siaddr: 0.0.0.0, giaddr: 172.24.16.251
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP selecting relay 2 - control block settings:
dhcpServer: 172.24.13.251, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 172.24.16.251 VLAN: 93
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP selected relay 2 - NONE
*DHCP Proxy Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP received op BOOTREPLY (2) (len 572,vlan 0, port 0, encap 0x0)
*DHCP Proxy Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP sending packet in EoIP tunnel to foreign 10.65.31.8 (len 346)
*DHCP Proxy Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP transmitting DHCP OFFER (2)
*DHCP Proxy Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP op: BOOTREPLY, htype: Ethernet, hlen: 6, hops: 0
*DHCP Proxy Task: Apr 30 11:44:51.650: a4:c3:61:7a:1a:4f DHCP xid: 0x7e549f4a (2119475018), secs: 0, flags: 0
*DHCP Proxy Task: Apr 30 11:44:51.650: a4:c3:61:7a:1a:4f DHCP chaddr: a4:c3:61:7a:1a:4f
*DHCP Proxy Task: Apr 30 11:44:51.650: a4:c3:61:7a:1a:4f DHCP ciaddr: 0.0.0.0, yiaddr: 172.24.16.102
*DHCP Proxy Task: Apr 30 11:44:51.650: a4:c3:61:7a:1a:4f DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*DHCP Proxy Task: Apr 30 11:44:51.650: a4:c3:61:7a:1a:4f DHCP server id: 0.0.0.0 rcvd server id: 172.24.13.251
*DHCP Socket Task: Apr 30 11:44:53.754: a4:c3:61:7a:1a:4f DHCP received op BOOTREQUEST (1) (len 308,vlan 92, port 13, encap 0xec05)
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP selecting relay 1 - control block settings:
dhcpServer: 172.24.13.251, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 172.24.16.251 VLAN: 93
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP selected relay 1 - 172.24.13.251 (local address 172.24.16.251, gateway 172.24.16.254, VLAN 93, port 13)
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP transmitting DHCP DISCOVER (1)
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 1
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP xid: 0x7e549f4a (2119475018), secs: 3, flags: 0
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP chaddr: a4:c3:61:7a:1a:4f
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP ciaddr: 0.0.0.0, yiaddr: 0.0.0.0
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP siaddr: 0.0.0.0, giaddr: 172.24.16.251
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP selecting relay 2 - control block settings:
dhcpServer: 172.24.13.251, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 172.24.16.251 VLAN: 93
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP selected relay 2 - NONE
*DHCP Proxy Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP received op BOOTREPLY (2) (len 572,vlan 0, port 0, encap 0x0)
*DHCP Proxy Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP sending packet in EoIP tunnel to foreign 10.65.31.8 (len 346)
*DHCP Proxy Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP transmitting DHCP OFFER (2)
*DHCP Proxy Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP op: BOOTREPLY, htype: Ethernet, hlen: 6, hops: 0
*DHCP Proxy Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP xid: 0x7e549f4a (2119475018), secs: 0, flags: 0
*DHCP Proxy Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP chaddr: a4:c3:61:7a:1a:4f
*DHCP Proxy Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP ciaddr: 0.0.0.0, yiaddr: 172.24.16.102
*DHCP Proxy Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*DHCP Proxy Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP server id: 0.0.0.0 rcvd server id: 172.24.13.251
*DHCP Socket Task: Apr 30 11:44:58.594: a4:c3:61:7a:1a:4f DHCP received op BOOTREQUEST (1) (len 308,vlan 92, port 13, encap 0xec05)
*DHCP Socket Task: Apr 30 11:44:58.594: a4:c3:61:7a:1a:4f DHCP selecting relay 1 - control block settings:
dhcpServer: 172.24.13.251, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 172.24.16.251 VLAN: 93
*DHCP Socket Task: Apr 30 11:44:58.594: a4:c3:61:7a:1a:4f DHCP selected relay 1 - 172.24.13.251 (local address 172.24.16.251, gateway 172.24.16.254, VLAN 93, port 13)
*DHCP Socket Task: Apr 30 11:44:58.594: a4:c3:61:7a:1a:4f DHCP transmitting DHCP DISCOVER (1)
*DHCP Socket Task: Apr 30 11:44:58.594: a4:c3:61:7a:1a:4f DHCP op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 1
*DHCP Socket Task: Apr 30 11:44:58.594: a4:c3:61:7a:1a:4f DHCP xid: 0x7e549f4a (2119475018), secs: 8, flags: 0
*DHCP Socket Task: Apr 30 11:44:58.594: a4:c3:61:7a:1a:4f DHCP chaddr: a4:c3:61:7a:1a:4f
*DHCP Socket Task: Apr 30 11:44:58.594: a4:c3:61:7a:1a:4f DHCP ciaddr: 0.0.0.0, yiaddr: 0.0.0.0
*DHCP Socket Task: Apr 30 11:44:58.594: a4:c3:61:7a:1a:4f DHCP siaddr: 0.0.0.0, giaddr: 172.24.16.251
*DHCP Socket Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP selecting relay 2 - control block settings:
dhcpServer: 172.24.13.251, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 172.24.16.251 VLAN: 93
*DHCP Socket Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP selected relay 2 - NONE
*DHCP Proxy Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP received op BOOTREPLY (2) (len 572,vlan 0, port 0, encap 0x0)
*DHCP Proxy Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP sending packet in EoIP tunnel to foreign 10.65.31.8 (len 346)
*DHCP Proxy Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP transmitting DHCP OFFER (2)
*DHCP Proxy Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP op: BOOTREPLY, htype: Ethernet, hlen: 6, hops: 0
*DHCP Proxy Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP xid: 0x7e549f4a (2119475018), secs: 0, flags: 0
*DHCP Proxy Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP chaddr: a4:c3:61:7a:1a:4f
*DHCP Proxy Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP ciaddr: 0.0.0.0, yiaddr: 172.24.16.102
*DHCP Proxy Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*DHCP Proxy Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP server id: 0.0.0.0 rcvd server id: 172.24.13.251
*DHCP Socket Task: Apr 30 11:45:07.059: a4:c3:61:7a:1a:4f DHCP received op BOOTREQUEST (1) (len 308,vlan 92, port 13, encap 0xec05)
*DHCP Socket Task: Apr 30 11:45:07.059: a4:c3:61:7a:1a:4f DHCP selecting relay 1 - control block settings:
dhcpServer: 172.24.13.251, dhcpNetmask: 0.0.0.0,Thanks Scott, here you go...
On Foreign:
WLAN Identifier.................................. 2
Profile Name..................................... BAI-Beta
Network Name (SSID).............................. BAI-Beta
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Disabled
AAA Policy Override.............................. Disabled
Network Admission Control
Client Profiling Status ....................... Disabled
DHCP ......................................... Disabled
HTTP ......................................... Disabled
Radius-NAC State............................... Disabled
SNMP-NAC State................................. Disabled
Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Maximum number of Clients per AP Radio........... 200
Number of Active Clients......................... 42
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 86400 seconds
User Idle Timeout................................ 300 seconds
--More-- or (q)uit
User Idle Threshold.............................. 0 Bytes
NAS-identifier................................... CHTWLC
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ management
Multicast Interface.............................. Not Configured
WLAN IPv4 ACL.................................... unconfigured
WLAN IPv6 ACL.................................... unconfigured
mDNS Status...................................... Enabled
mDNS Profile Name................................ default-mdns-profile
DHCP Server...................................... Default
DHCP Address Assignment Required................. Enabled
Static IP client tunneling....................... Disabled
PMIPv6 Mobility Type............................. none
Quality of Service............................... Bronze
Per-SSID Rate Limits............................. Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Per-Client Rate Limits........................... Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
--More-- or (q)uit
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Scan Defer Priority.............................. 5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Disabled
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ 172.24.13.20 1812
Accounting.................................... Disabled
Dynamic Interface............................. Disabled
Dynamic Interface Priority.................... wlan
Local EAP Authentication......................... Disabled
--More-- or (q)uit
Security
802.11 Authentication:........................ Open System
FT Support.................................... Disabled
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Enabled
WPA (SSN IE)............................... Disabled
WPA2 (RSN IE).............................. Enabled
TKIP Cipher............................. Disabled
AES Cipher.............................. Enabled
Auth Key Management
802.1x.................................. Enabled
PSK..................................... Disabled
CCKM.................................... Disabled
FT-1X(802.11r).......................... Disabled
FT-PSK(802.11r)......................... Disabled
PMF-1X(802.11w)......................... Disabled
PMF-PSK(802.11w)........................ Disabled
FT Reassociation Timeout................... 20
FT Over-The-DS mode........................ Enabled
GTK Randomization.......................... Disabled
SKC Cache Support.......................... Disabled
--More-- or (q)uit
CCKM TSF Tolerance......................... 1000
WAPI.......................................... Disabled
Wi-Fi Direct policy configured................ Disabled
EAP-Passthrough............................... Disabled
CKIP ......................................... Disabled
Web Based Authentication...................... Disabled
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Enabled
FlexConnect Local Switching................... Disabled
flexconnect Central Dhcp Flag................. Disabled
flexconnect nat-pat Flag...................... Disabled
flexconnect Dns Override Flag................. Disabled
FlexConnect Vlan based Central Switching ..... Disabled
FlexConnect Local Authentication.............. Disabled
FlexConnect Learn IP Address.................. Enabled
Client MFP.................................... Optional
PMF........................................... Disabled
PMF Association Comeback Time................. 1
PMF SA Query RetryTimeout..................... 200
Tkip MIC Countermeasure Hold-down Timer....... 60
AVC Visibilty.................................... Disabled
--More-- or (q)uit
AVC Profile Name................................. None
Flow Monitor Name................................ None
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
SIP CAC Fail Send-486-Busy Policy................ Enabled
SIP CAC Fail Send Dis-Association Policy......... Disabled
KTS based CAC Policy............................. Disabled
Assisted Roaming Prediction Optimization......... Disabled
802.11k Neighbor List............................ Disabled
802.11k Neighbor List Dual Band.................. Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled
Multicast Buffer................................. Disabled
Mobility Anchor List
WLAN ID IP Address Status
2 172.24.13.251 Up
802.11u........................................ Disabled
MSAP Services.................................. Disabled
On Anchor:
WLAN Identifier.................................. 1
Profile Name..................................... BAI-Beta
Network Name (SSID).............................. BAI-Beta
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Disabled
AAA Policy Override.............................. Disabled
Network Admission Control
Client Profiling Status ....................... Disabled
DHCP ......................................... Disabled
HTTP ......................................... Disabled
Radius-NAC State............................... Disabled
SNMP-NAC State................................. Disabled
Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Maximum number of Clients per AP Radio........... 200
Number of Active Clients......................... 48
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 86400 seconds
User Idle Timeout................................ 300 seconds
--More-- or (q)uit
User Idle Threshold.............................. 0 Bytes
NAS-identifier................................... CHADWLC01
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ bai-beta
Multicast Interface.............................. Not Configured
WLAN IPv4 ACL.................................... unconfigured
WLAN IPv6 ACL.................................... unconfigured
mDNS Status...................................... Enabled
mDNS Profile Name................................ default-mdns-profile
DHCP Server...................................... Default
DHCP Address Assignment Required................. Enabled
Static IP client tunneling....................... Disabled
PMIPv6 Mobility Type............................. none
Quality of Service............................... Bronze
Per-SSID Rate Limits............................. Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Per-Client Rate Limits........................... Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
--More-- or (q)uit
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Scan Defer Priority.............................. 5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Disabled
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ 172.24.13.20 1812
Accounting.................................... Disabled
Dynamic Interface............................. Disabled
Dynamic Interface Priority.................... wlan
Local EAP Authentication......................... Disabled
--More-- or (q)uit
Security
802.11 Authentication:........................ Open System
FT Support.................................... Disabled
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Enabled
WPA (SSN IE)............................... Disabled
WPA2 (RSN IE).............................. Enabled
TKIP Cipher............................. Disabled
AES Cipher.............................. Enabled
Auth Key Management
802.1x.................................. Enabled
PSK..................................... Disabled
CCKM.................................... Disabled
FT-1X(802.11r).......................... Disabled
FT-PSK(802.11r)......................... Disabled
PMF-1X(802.11w)......................... Disabled
PMF-PSK(802.11w)........................ Disabled
FT Reassociation Timeout................... 20
FT Over-The-DS mode........................ Enabled
GTK Randomization.......................... Disabled
SKC Cache Support.......................... Disabled
--More-- or (q)uit
CCKM TSF Tolerance......................... 1000
WAPI.......................................... Disabled
Wi-Fi Direct policy configured................ Disabled
EAP-Passthrough............................... Disabled
CKIP ......................................... Disabled
Web Based Authentication...................... Disabled
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Enabled
FlexConnect Local Switching................... Disabled
flexconnect Central Dhcp Flag................. Disabled
flexconnect nat-pat Flag...................... Disabled
flexconnect Dns Override Flag................. Disabled
FlexConnect Vlan based Central Switching ..... Disabled
FlexConnect Local Authentication.............. Disabled
FlexConnect Learn IP Address.................. Enabled
Client MFP.................................... Optional
PMF........................................... Disabled
PMF Association Comeback Time................. 1
PMF SA Query RetryTimeout..................... 200
Tkip MIC Countermeasure Hold-down Timer....... 60
AVC Visibilty.................................... Disabled
--More-- or (q)uit
AVC Profile Name................................. None
Flow Monitor Name................................ None
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
SIP CAC Fail Send-486-Busy Policy................ Enabled
SIP CAC Fail Send Dis-Association Policy......... Disabled
KTS based CAC Policy............................. Disabled
Assisted Roaming Prediction Optimization......... Disabled
802.11k Neighbor List............................ Disabled
802.11k Neighbor List Dual Band.................. Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled
Multicast Buffer................................. Disabled
Mobility Anchor List
WLAN ID IP Address Status
1 172.24.13.251 Up
802.11u........................................ Disabled
MSAP Services.................................. Disabled -
WMI Query to retrieve only active IPv4 address
My turn to ask a question. I am running BGInfo for all workstations but at this stage want to only return the Active IPv4 address. I have a custom WMI query set up in BGInfo:
SELECT IPAddress FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = 'True'
This will return both IPv4 and v6 addresses. Without disabling IPv6 on my client workstations, is there a way I can get the query to return only the IPv4 address? Or should I instead create a custom vbscript in BGInfo to get the v4 address.
Cheers
JeremyYou'd need to nose through the results and reject any IPv6 addresses.
This sample assumes IPv6 addresses always contain a ":" in the
string...
strMsg = ""
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer &
"\root\cimv2")
Set IPConfigSet = objWMIService.ExecQuery _
("Select IPAddress from Win32_NetworkAdapterConfiguration WHERE
IPEnabled = 'True'")
For Each IPConfig in IPConfigSet
If Not IsNull(IPConfig.IPAddress) Then
For i = LBound(IPConfig.IPAddress) to
UBound(IPConfig.IPAddress)
If Not Instr(IPConfig.IPAddress(i), ":") > 0 Then
strMsg = strMsg & IPConfig.IPAddress(i) & vbcrlf
Next
End If
Next
Wscript.Echo strMsg
HTH
Nomadtales wrote:
>
>
>My turn to ask a question. I am running BGInfo for all workstations but at this stage want to only return the Active IPv4 address. I have a custom WMI query set up in BGInfo:
>
>
>SELECT IPAddress FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = 'True'
>
>
>
>
>This will return both IPv4 and v6 addresses. Without disabling IPv6 on my client workstations, is there a way I can get the query to return only the IPv4 address? Or should I instead create a custom vbscript in BGInfo to get the v4 address.
>
>
>
>Cheers
>
>
>
>Jeremy
Ha®®y -
Unexpected case IPv4 tunnel over IPv6 ?
hi,
I wonder if there is one use case one can think of that is not possible with Cisco IOS:
Establish a IPsec tunnel over an IPv6 network tranporting both IPv4 and Ipv6 traffic. Even IPsec tunnel over an IPv6 network transporting IPv4 only does not work.
I tried several things in my lab but couldn't get it running.
I tried to search the net for my use case but I only find the other way round.
Question: is it possible to achieve connectivity of the following IPv4 addresses over an IIPsec tunnel over Ipv6 network?
Ultimately, the same tunnel should be capable transporting both. A dedicated Tunnel for IPv4 and IPv6 tunnel on the same routers would also be OK.
Svr A ( ) Svr B
+----+ , `,( .) +----+
| | +----+ ( .( ...) +----+ | |
| |---| R1 |---` .....)---| R2 |---| |
| | +----+ ( ......) +----+ | |
+----+ +----+
10.0.23.1/24 IPv6 only 10.0.42.1/24
networkSame/similar question but the case is instead of Site to Site VPN, it would be using the Cisco VPN Client. The host on the left side is connected to an IPv6-only network. They need to communicate with IPv4 devices across the Internet (behind a Cisco ASA).
Is this possible?
Cisco VPN Client ( ) Cisco ASA +----+ , `,( .) +----+ | | +----+ ( .( ...) +----+ | | | |---| R1 |---` .....)---| R2 |---| |----IPv4 network | | +----+ ( ......) +----+ | | +----+ +----+IPv6-only HOST IPv6 Network has IPv6 Interface on public side
alexander.koeppe wrote:hi,I wonder if there is one use case one can think of that is not possible with Cisco IOS:Establish a IPsec tunnel over an IPv6 network tranporting both IPv4 and Ipv6 traffic. Even IPsec tunnel over an IPv6 network transporting IPv4 only does not work.I tried several things in my lab but couldn't get it running.I tried to search the net for my use case but I only find the other way round.Question: is it possible to achieve connectivity of the following IPv4 addresses over an IIPsec tunnel over Ipv6 network?Ultimately, the same tunnel should be capable transporting both. A dedicated Tunnel for IPv4 and IPv6 tunnel on the same routers would also be OK. ,_ Svr A ( ) Svr B +----+ , `,( .) +----+ | | +----+ ( .( ...) +----+ | | | |---| R1 |---` .....)---| R2 |---| | | | +----+ ( ......) +----+ | | +----+ +----+ 10.0.23.1/24 IPv6 only 10.0.42.1/24 network -
I have a machine that I believe is running only IPv6 and here is why, when I try to compile and run this example I found on the internet:
import java.net.*;
import java.io.*;
public class ip
public static void main ( String[] args ) throws IOException
String hostname;
BufferedReader input = new BufferedReader ( new InputStreamReader(System.in) );
System.out.print("\n");
System.out.print("Host name: ");
hostname = input.readLine();
try
InetAddress ipaddress = InetAddress.getByName(hostname);
System.out.println("IP address: " + ipaddress.getHostAddress());
catch ( UnknownHostException e )
System.out.println("Could not find IP address for: " + hostname);
When I run the example and type in liveupdate.symantec.com I get this from the program:
Host name: liveupdate.symantec.com
Could not find IP address for: liveupdate.symantec.com
If I run it like this java Djava.net.preferIPv4Stack=true ip I get the following results:
Host name: liveupdate.symantec.com
IP address: 207.148.159.25
Can someone here help explain what the system property java.net.preferIPv4Stack=true means? And which way should I change the code so that it will work without having to set this system property?
Thank you very much for your timeCan someone here help explain what the system property java.net.preferIPv4Stack=true means?I answered that. It tells Java to prefer the IPv4 stack in situations like yours where both are available. See [IPv6 Support|http://java.sun.com/j2se/1.5.0/docs/guide/net/ipv6_guide/index.html] for more info on IPv6 in Java. See also [Networking Properties|http://java.sun.com/j2se/1.5.0/docs/guide/net/properties.html].
And which way should I change the code so that it will work without having to set this system property?In this case you could try InetAddress.getAllByName() and traversing the result array until you find an IPv4 address. Or you could set that property in the code rather than the command line.
I have no idea about IPv6 configuration on your machine, it's dependent on everything except Java. -
North America is finally out of new IPv4 addresses
Woo-hoo!!!!!!
I love IPv6, and have some great domain names and have been trying to increase the amount of IPv6 jobs I get, just need to convince the UK now......The day has finally come: North America is officially out of new IPv4 addresses.According to Ars Technica, the end of IPv4 addresses in North America wasoriginally forecast a decade ago. While "Asia,Europe, and Latin American have been parceling out scraps for a year or more, and now the ARIN[American Registry for Internet Numbers] wait list is here for the US, Canada, and numerous North Atlantic and Caribbean islands."That means that you either have to: (1) buy addresses from an organization that has extras lying around; (2) take a smaller block (Either 512 or 256); or (3) sit on the wait list until something crops up. Your other option is to set up a domain somewhere in Africa, which is the only continent to still have a surplus of IPv4 addresses.The good news: IPv6 is picking up speed and there are still plenty of these new, more...
This topic first appeared in the Spiceworks Community -
Is the computer IP address identical to IPv4 Address?
Is the IP address for my mac the same as the IPv4 address that shows up on the page : System Preferences/Network/Advanced/TCP/IP?
The computers IP address is supposed to show up on the page System Preferences/Sharing - under the Computer Name - but it doesn't.
Regards
David RobertsYes. The IPv4 that is shown under that page is the IPv4 IP address for the machine. Unless you are using IPv6, which is highly unlikely.
This doesn't seem to be a problem with the OS, it is more likely that the IP address in sharing has been accidentally removed or replaced by another IP address. That is all.
Just copy and paste and away you go. -
Why is the first address on a subnet reserved?
Based on subnetting, the "all 1s" or last address in a subnet is the broadcast address. Why is the "all 0s" or first address reserved? About all I can find on the web is that "way back in time" it was also a broadcast address of some type. Is there current programmatic reasons, or just convention to reserve the first address of a subnet? Is there something I can see with a wireshark trace? I happen to run into a situation recently where a host was in fact using the resevered first address both on net and across the router, apparently without issues. Links to documentation appreciated. Thanks.
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
I'll try again - maybe this time I'll be helpful.
Beginning with very early RFCs, all zeros was recommended to represent "this". So an IP address with an all-zeros host bits, such as this Class C, 192.168.1.0 would mean "this network", 192.168.1.
Hosts were not to be assigned all zeros as a host number so they wouldn't be confused with a (sub)network number. I.e., if you use 192.168.1.0 as either a source or destination IP it could have special meaning (just as the all ones host is used for broadcasts). As far as I can tell, little if anything used this special designation (except for some old Unix implementations that could use all zeros as the broadcast address).
However, with RFC 3021, allowing for /31s for P2P links, the all zeros and all one host bits denote hosts. This RFC does has some interesting things to say about how all zero host IPs should be treated:
(h) { , , 0 }
Subnetwork number. SHOULD NOT be used as a source address,
except when the originator is one of the endpoints of a point-
to-point link with a 31-bit mask. For other types of links, a
packet with such a destination SHOULD be silently discarded.
If these packets are not silently discarded, they MUST be treated
as IP broadcasts [RFC1812].
(f) { , , 0 }
Subnetwork number. SHOULD NOT be used as a source address,
except when the originator is one of the endpoints of a point-
to-point link with a 31-bit mask. For other types of links, a
packet with such a destination SHOULD be silently discarded.
If these packets are not silently discarded, they MUST be
treated as IP broadcasts.
(2) SHOULD silently discard on receipt (i.e., do not even deliver
to applications in the router) any packet addressed to 0.0.0.0 or
{ , 0 }. If these packets are not silently
discarded, they MUST be treated as IP broadcasts (see Section
[5.3.5]). There MAY be a configuration option to allow receipt of
these packets. This option SHOULD default to discarding them.
In a point-to-point link with a 31-bit mask, a packet addressed to
{ , 0 } corresponds to one of the endpoints of
such link, it MUST be treated as directed to the router on which
the address is applied.
(4) SHOULD NOT originate datagrams addressed to 0.0.0.0 or {
, 0 }. There MAY be a configuration option to
allow generation of these packets (instead of using the relevant
1s format broadcast). This option SHOULD default to not
generating them.
In a point-to-point link with a 31-bit mask, the configuration of
such a mask SHOULD allow for the generation of datagrams addressed
to { , 0 }.
With RFC 3021 (if I'm reading the above correctly), except for /31 P2P IPs, this shouldn't work, but the fact you've found it does, is likely due to most IP implementations not treating the all zeros host bits IP address as directed, above, but just as like another host IP. Again, if nothing really has used this special case, it simplifies the IP implementation.
In the above, technically, changing destination {, 0} as a MUST broadcast, should allow destination host to receive packet anyway.
Rule 4 is also interesting, as it assumes only /31 hosts can send to all zero hosts. This would be impossible to control if you don't know what the destination network-prefix is, and often only the destination truly knows.
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
I'll try again -
Emails to my mac account are bouncing back with an error message saying that my IP address is not a valid IPv4 address. How do I correct?
Has nobody answered your question? I have this problem as well. Only one sender, to my knowledge is bouncing. Want to know how to fix it. It's my mom, so either way - my end or her end, I have to fix it. Does anyone have any answers?
Thanks,
Susan
Maybe you are looking for
-
Apple tv patch 6.1.1 extended desktop not working
My apple tv just upgraded to patch 6.1.1(6698.99.19) from 6.1(6698.99.19) I have an Ipad Mini2 which I normally use to view movies on my tv. I will select the apple tv, (with air play) and play the movie using Moliplayer on the Ipad mini2. I was abl
-
Creation of a new record based on the value of a picklist
Hi, My requirement is whenever i select a picklist value in Opportunity record type based on the value selected a new opprtunity record should get created and get assigned to a role or A User otherwise a lead should get created and should be assigned
-
MBP not detecting video camera via FireWire 800
Hey all, I bought a MacBook Pro late 2008 mainly for video editing. Also, I purchased a 3rd-party FireWire cable because Apple doesn't distribute them here in Singapore (-_-). I've tried many times to connect my 2 video cameras to my Mac and NONE of
-
IWeb cannot see my .Mac Web Gallery
Hello All, I have some albums in my .mac Web Gallery. When trying to do an insert->.Mac Web Gallery, iWeb says "no albums or movies available", even though I do have stuff published. Any ideas why could this happen? Thanks a lot
-
NEED AN ADOBE PROGRAM WITH PDF FILE EXTENSION
I need an Adobe program that has a "PDF" file extension, and that allows me to attach a file + additional files. Thanks....