As we’ve been working more and more with Windows Server 2012 R2, we’ve discovered issues stemming from IPv6 in the network stack. Two specific issues we’ve discovered:
- During DNS lookups, Windows Server 2012 R2 first issues a DNS lookup request over IPv6. Typically the lookup will fail as IPv6 is not widely deployed yet. In some scenarios, rather than also performing a request over IPv4, the DNS lookup just fails. This impacts everything that depends on DNS, from AD to System Center to Exchange.
- In some scenarios, PowerShell cmdlets, specifically RDS-related cmdlets, will fail. Disabling IPv6 enables those cmdlets to successfully execute.
The following PowerShell snippet can be used to disable IPv6 on a remote system. It can easily be wrapped inside a function for batch operation.
$adminUser = "DOMAIN\USERNAME"
$adminPwd = "PASSWORD"
$compName = "REMOTECOMPUTERNAME"
$secPwd = ConvertTo-SecureString $adminPwd -AsPlainText -Force
$remoteCreds = New-Object System.Management.Automation.PSCredential ($adminUser, $secPwd)
$ServerSession = New-PSSession -ComputerName $compName -Authentication CredSSP -Credential $remoteCreds
Invoke-Command -Session $ServerSession -ScriptBlock
# Disable IPv6
$regPath = "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters"
New-ItemProperty -Path $regPath -Name "DisabledComponents" -Value "0xFFFFFFFF" -PropertyType "DWORD" | Out-Null
Restart-Computer -ComputerName $env:computername -Force
Caveats: WinRM must be enabled, and the code restarts the remote computer to finish applying the operation.
UPDATE: this was also posted to my personal blog.