Tuesday, December 7, 2010

Microsoft finally follows it's own RFC... now stuff is broken.

We have a web service that goes out and talks to other web services. Our web service and the other ones are protected by firewalls, as we don't want just anyone hitting our web services. As we move to windows 2008 r2, we noticed something funny was happening..... our connections were being blocked.
Turns out that Microsoft is finally following their own RFC and it is breaking things.  Windows servers now will use the "IP address most closely matching the gateway" to decide what IP address to use as the default one.  So now our webservice was using the "lowest" ip address we had, which was for a site that had nothing to do with the webservice.
I found out I wasn't alone being surprised by this new "feature" and found that there is a workaround.
In short, you need to:
-Download and apply the hofix. (the MS extractor was currupt, so I used 7zip to extract the files)
-Reboot for the hotfix to take effect.
-Gather a list of all your IP addresses on that machine, take out the one you want to be the "default IP." Put them in the variable $currentIPs.  Then you can run the script as below, it will remove and add the IPs all at once with little downtime.

I forgot to remote desktop using the FQDN, so I was disconnected, but when I reconnected everything was happy.

$currentIps = "","","",""

foreach ($ip in $currentIps){

netsh interface ip delete address public $ip
write-host "$ip deleted"
netsh interface ip add address "public" $ip skipassource=true
write-host "$ip added"
Write-Host "I suggest you reboot your server now, just in case."

Notice the "skipassource=true."  This will not work before the hotfix.  Again you do not want to run that parameter with your IP address that you DO want to be the default one.
(My Subnet mask is, if yours is different, then change it above.)

1 comment:

  1. How about an explanation on how to run the script? A total newbie like me does not have a clue or where to look to find the information on how to run your script.