I'm having this weird problem in my network after a power loss (few seconds) but all my network equipment has UPS and it was working fine when the power was out.
Soon after the power was back I couldn't access my internet and when I tried to do the nslookup it returns something like this
C:\Users\Administrator>nslookup
Default Server: UnKnown
Address: fe80::1
> google.com
Server: UnKnown
Address: fe80::1
Name: google.com
Address: 10.9.100.100
> google
Server: UnKnown
Address: fe80::1
Name: google
Address: 1.1.1.1
Wireshark packet captured for that event. – (http://i.imgur.com/RLC6YE6.png)
I really don't know how my computer know 10.9.100.100 and 1.1.1.1 (It's nothing there)
I have multiples vlans on my core switch (SG500)
- Client – VLAN X – 10.1.1.x/24
- IP Phone – VLAN Y – 192.168.x.x/16
- Public Client – VLAN Z – 10.9.100.x/24
The port that i'm using has VLAN X and VLAN Y in the same port (Hybrid mode on 3com switch – access switch)
Current resolution is disable IPv6 from my local area connection.
This is my Local area connection (I have vmware/virtualbox installed) and IP address/Gw/DNS are static.
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::7890:2a9f:b81c:2a1f%11
IPv4 Address. . . . . . . . . . . : 10.1.1.207
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.1.1
Ethernet adapter VirtualBox Host-Only Network:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::a818:fbb5:f940:bb96%14
IPv4 Address. . . . . . . . . . . : 192.168.56.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
Ethernet adapter VMware Network Adapter VMnet1:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::20f6:6352:de0b:fa24%19
IPv4 Address. . . . . . . . . . . : 192.168.152.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
Ethernet adapter VMware Network Adapter VMnet8:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::810c:4a64:b675:1e63%20
IPv4 Address. . . . . . . . . . . : 192.168.172.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
Does my computer has malware ? this event also effect some others windows7/windows8 (now around 5-10 from 100s) computer on my network as well.
Best Answer
I have found what's causing the problem.
There's one ADSL router connected to my VLAN X and it has IP address of 10.9.100.100 and IPv6 of fe80::1. This router is also response to IPv6 DHCP request and windows 7 is default to IPv6 so that's why i'm having this weird event.