IPv6 PowerShell Cheat-Sheet (Windows): Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
 
Zeile 101: Zeile 101:
 
=== Hinweis (Admin-Konsole) ===
 
=== Hinweis (Admin-Konsole) ===
 
*Start-Process PowerShell -Verb RunAs # Konsole als Administrator öffnen
 
*Start-Process PowerShell -Verb RunAs # Konsole als Administrator öffnen
 +
=== Dhcp Abschalten ===
 +
*Stop-Service Dhcp
 +
*Set-Service Dhcp -StartupType Disabled

Aktuelle Version vom 23. Oktober 2025, 14:26 Uhr

Interfaces & Status

  • Get-NetIPInterface -AddressFamily IPv6
  • Get-NetIPInterface -AddressFamily IPv6 | Format-Table ifIndex,InterfaceAlias,ConnectionState,InterfaceMetric,RouterDiscovery
  • Enable-NetAdapterBinding -Name "Ethernet" -ComponentID ms_tcpip6
  • Disable-NetAdapterBinding -Name "Ethernet" -ComponentID ms_tcpip6
  • Get-NetIPConfiguration -Detailed

Adressen anzeigen & verwalten

  • Get-NetIPAddress -AddressFamily IPv6
  • Get-NetIPAddress -InterfaceAlias "Ethernet" -AddressFamily IPv6
  • New-NetIPAddress -InterfaceAlias "Ethernet" -IPAddress 2001:db8:1::10 -PrefixLength 64 -DefaultGateway 2001:db8:1::1
  • Remove-NetIPAddress -InterfaceAlias "Ethernet" -IPAddress 2001:db8:1::10 -Confirm:$false
  • New-NetIPAddress -InterfaceAlias "Ethernet" -IPAddress fe80::10 -PrefixLength 64 -AddressFamily IPv6 -Type Unicast # Link-Local manuell
  • Set-NetIPv6Protocol -UseTemporaryAddresses Enabled # Privacy Extensions
  • Set-NetIPv6Protocol -UseTemporaryAddresses Disabled
  • Set-NetIPv6Protocol -RandomizeIdentifiers Enabled
  • Set-NetIPv6Protocol -RandomizeIdentifiers Disabled

DNS (AAAA/Resolver)

  • Resolve-DnsName example.com -Type AAAA
  • Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses 2001:4860:4860::8888,2001:4860:4860::8844
  • Get-DnsClientServerAddress -AddressFamily IPv6
  • Clear-DnsClientCache

Routing

  • Get-NetRoute -AddressFamily IPv6
  • Get-NetRoute -AddressFamily IPv6 | Sort-Object RouteMetric | Format-Table DestinationPrefix,NextHop,InterfaceAlias,RouteMetric
  • New-NetRoute -DestinationPrefix 2001:db8:2::/64 -InterfaceAlias "Ethernet" -NextHop 2001:db8:1::1 -RouteMetric 20
  • Remove-NetRoute -DestinationPrefix 2001:db8:2::/64 -InterfaceAlias "Ethernet" -NextHop 2001:db8:1::1 -Confirm:$false
  • Test-NetConnection -ComputerName 2001:db8:1::1 -DiagnoseRouting

Neighbor Discovery (NDP)

  • Get-NetNeighbor -AddressFamily IPv6
  • Get-NetNeighbor -InterfaceAlias "Ethernet" -State Stale
  • Remove-NetNeighbor -InterfaceAlias "Ethernet" -IPAddress fe80::aabb:ccff:fedd:ee11 -Confirm:$false

Router Advertisements / SLAAC Schalter (Interface)

  • Get-NetIPInterface -AddressFamily IPv6 | Format-Table InterfaceAlias,RouterDiscovery,Advertising
  • Set-NetIPInterface -InterfaceAlias "Ethernet" -RouterDiscovery Enabled
  • Set-NetIPInterface -InterfaceAlias "Ethernet" -RouterDiscovery Disabled
  • Set-NetIPInterface -InterfaceAlias "Ethernet" -Advertising Disabled # Nur relevant, wenn Windows als Router agiert

Tests & Troubleshooting

  • Test-Connection -TargetName ipv6.google.com -Count 4 # ICMPv6 Ping
  • Test-Connection -TargetName 2001:4860:4860::8888 -Count 4
  • Test-NetConnection -ComputerName example.com -Port 443 -InformationLevel Detailed
  • Test-NetConnection -ComputerName example.com -TraceRoute
  • Test-NetConnection -ComputerName example.com -CommonTCPPort HTTP
  • Get-NetTCPConnection -AppliedSetting Internet -State Established
  • ipconfig /all
  • ipconfig /flushdns
  • ping -6 example.com
  • tracert -6 example.com
  • pathping -6 example.com

Windows Firewall (ICMPv6 & Ports)

  • Get-NetFirewallRule -DisplayGroup "File and Printer Sharing" | Where-Object {$.Name -like "ICMP6"} | Format-Table Name,Enabled
  • New-NetFirewallRule -DisplayName "Allow ICMPv6 Echo In" -Protocol ICMPv6 -IcmpType 128 -Direction Inbound -Action Allow
  • New-NetFirewallRule -DisplayName "Allow ICMPv6 Echo Out" -Protocol ICMPv6 -IcmpType 128 -Direction Outbound -Action Allow
  • New-NetFirewallRule -DisplayName "Allow TCP 8443 IPv6" -Direction Inbound -Protocol TCP -LocalPort 8443 -Action Allow -LocalAddress ::/0
  • Get-NetFirewallRule | Where-Object {$.DisplayName -like "IPv6"} | Format-Table DisplayName,Enabled

Präfix-Richtlinien (Bevorzugung)

  • netsh interface ipv6 show prefixpolicies
  • netsh interface ipv6 add prefixpolicy ::1/128 50 0
  • netsh interface ipv6 set prefixpolicy ::ffff:0:0/96 35 4 # IPv4-mapped Präferenz anpassen (nur falls nötig)

Übergangstechniken deaktivieren (Legacy)

  • netsh interface teredo show state
  • netsh interface teredo set state disabled
  • netsh interface 6to4 set state disabled
  • netsh interface isatap set state disabled

Bevorzugung IPv4/IPv6 (Registry Toggle)

  • New-Item -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters" -Force | Out-Null
  • New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters" -Name DisabledComponents -PropertyType DWord -Value 0x00 -Force # IPv6 voll aktiv
  • Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters" -Name DisabledComponents -Value 0x20 # IPv4 bevorzugt
  • Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters" -Name DisabledComponents -Value 0xFF # IPv6 aus (nicht für Produktivbetrieb)
  • Restart-Computer # Erforderlich nach Änderung

DHCPv6 / Autokonfiguration Hinweise

  • Get-NetIPInterface -AddressFamily IPv6 | Select-Object InterfaceAlias,AddressFamily,RouterDiscovery,Dhcp
  • Set-NetIPInterface -InterfaceAlias "Ethernet" -RouterDiscovery Enabled # SLAAC aktiv
  • Set-DnsClient -InterfaceAlias "Ethernet" -RegisterThisConnectionsAddress $true

Quick-Snippets (ersetzen: IF="Ethernet")

  • $if="Ethernet"; Get-NetIPAddress -InterfaceAlias $if -AddressFamily IPv6
  • $if="Ethernet"; New-NetIPAddress -InterfaceAlias $if -IPAddress 2001:db8:1::10 -PrefixLength 64 -DefaultGateway 2001:db8:1::1
  • $if="Ethernet"; Set-DnsClientServerAddress -InterfaceAlias $if -ServerAddresses 2001:4860:4860::8888,2001:4860:4860::8844
  • $if="Ethernet"; New-NetRoute -DestinationPrefix 2001:db8:2::/64 -InterfaceAlias $if -NextHop 2001:db8:1::1 -RouteMetric 20
  • $if="Ethernet"; Test-NetConnection -ComputerName example.com -TraceRoute -InformationLevel Detailed

Nützliche Aufräumer

Get-NetIPAddress -AddressFamily IPv6 | Where-Object {$_.IPAddress -like "2001:db8"} | Remove-NetIPAddress -Confirm:$false Get-NetRoute -AddressFamily IPv6 | Where-Object {$_.DestinationPrefix -like "2001:db8:"} | Remove-NetRoute -Confirm:$false

Versionsinfo / Modul

  • $PSVersionTable
  • Get-Command -Module NetTCPIP | Where-Object Name -like "IPv6" | Sort-Object Name | Format-Table Name

Hinweis (Admin-Konsole)

  • Start-Process PowerShell -Verb RunAs # Konsole als Administrator öffnen

Dhcp Abschalten

  • Stop-Service Dhcp
  • Set-Service Dhcp -StartupType Disabled
Abgerufen von „http://wiki.ixheim.de/index.php?title=IPv6_PowerShell_Cheat-Sheet_(Windows)&oldid=65240