locked
Network binding order‎ without nvspbind RRS feed

  • Question

  • Hi,

    I am looking to put a new possibility, the NIC bind order with PowerShell.

    The use of nvspbind is unfortunately not an option.

    $ServerName = "work"
    
    $objReg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $ServerName)
    $objRegKey = $objReg.OpenSubKey("SYSTEM\\Currentcontrolset\\Services\\TCPIP\\Linkage" )
    $arrItem = $objRegKey.GetValue("Bind")
    $arrItem

    Seeking an opportunity to re-sort the outputof $arrItem and the RegKey then rewrite.

    Does anyone have an idea?

     

    Friday, June 20, 2014 4:10 PM

Answers

  • As noted previously, it is not recommended to edit the registry directly instead of using the correct APIs. You run the risk of putting the server in an unsupported state and breaking things.

    You have said that you have a specification document that requires a specific binding order, but this does not explain 1) why a specific binding order is required and 2) why you cannot use a tool that uses the network APIs to change the binding order.


    -- Bill Stewart [Bill_Stewart]

    • Proposed as answer by Bill_Stewart Tuesday, July 15, 2014 10:01 PM
    • Marked as answer by Bill_Stewart Tuesday, July 22, 2014 7:02 PM
    Tuesday, June 24, 2014 3:29 PM

All replies

  • The use of nvspbind is unfortunately not an option.

    Why not?

    That tool seems to be be most straightforward means of solving the problem.

    I wouldn't recommend trying to edit the binding order of a NIC remotely by editing the registry. If something bad happens then you may not be able to reconnect.


    -- Bill Stewart [Bill_Stewart]

    Friday, June 20, 2014 5:03 PM
  • The entry is a multi-string value.  Load it into an array and reorder as needed then write the value back.  The machine must be rebooted for this to take effect.

    WARNING: any mistakes and you may make the machine unusable.

    WS2012R2 has a CmdLet that can set the binding order I believe,

    When you do this from the GUI the network is restarted internally.  This doesn't work remotely.

    Note also that it should not be necessary to do this.  If you are having routing issues then change the metric which can be easily done via NETSH.  Set the default metri lower for the preferred interface.  It will accomplish the same thing if routing is unavailable.

    You can also set a static route that will force the connection over a specific interface,

    It is only some very old software that uses binding order to assume things about the network. No Windows logo'd software should do this.


    ¯\_(ツ)_/¯

    Friday, June 20, 2014 5:06 PM
  • Hi Bill,

    the request is PowerShell native

    Friday, June 20, 2014 6:12 PM
  • For the review of the multi-string value must I set the primary NIC on top. Here I have no idea.
    Friday, June 20, 2014 6:18 PM
  • the request is PowerShell native

    Yes, but why? The other question is, what problem are you having that this fixes?


    -- Bill Stewart [Bill_Stewart]


    Friday, June 20, 2014 6:31 PM
  • my problem is the functional specification document ; )
    Friday, June 20, 2014 6:36 PM
  • That doesn't answer why you can't use the nvspbind tool.

    Also note that jrv and I have both said the same thing here: It is not recommended to try to edit the NIC binding order by modifying a remote computer's registry. There are multiple reasons:

    1. If something goes wrong, the remote computer will be inaccessible and will require some kind of maintenance to get it working again.

    2. Doing this arguably puts the target computer in an unsupported state because you are not using the approved APIs.

    3. The network interface binding order as stored in the registry is an implementation detail. When you change the binding order using the GUI, it might be doing more than just changing registry settings. Implementation details are not contractual (from a software development perspective) and are subject to change without notice.


    -- Bill Stewart [Bill_Stewart]

    Friday, June 20, 2014 6:46 PM
  • Bill is spot-on.

    The utility restarts the network correctly. This cannot be done remotely which forces a reboot.  The utility also validates the request.  If you make a mistake it will not be known.

    You mention a document requirement. What functional specification document?  No Windows logo'd device or application can require setting binding order.  All Microsoft services that rely on binding order like ISA server and SharePoint now adjust to the current settings or enforce a set of rule transparently. You never need to do this.  It is a very old issue form W2K days.

    There are a great many chat room and forum discussions that claiom that setting binding order improves performance.  Tis is a lot of nonsense.  Routes that cannot be discovered will timeout on on IF the first time then use the corr4ect one after that until the next reboot.  Setting static routes or metric can avoid the initial timeout.

    Legacy software like Early pre-SP4 I believe SqlkServer 2000 had some issues with routing and the solution was to change the binding order.  This was fixed a long time ago.

    The router in Windows does not care about order.  Old software that tried to discover the local adapter invariably took the first one assuming it was a single homed system.  This was a major design error.  No software should ever make that assumption.  Current software uses the internal router only.  Only old software using straight IP communications can make this error.  Contact the vendor for a fix.

    If you must use non-compliant software then you would be safest setting the binding order manually.

    You can use the registry solution.  I recommend that you spend some time learning how to use PowerShell before attempting to do this.  The remote registry API is documented online.  Your only issue is how are you going to decide which adapter belongs on top.
    If this is critical then you should really contact a consultant to help you resolvce the best way to do this.


    ¯\_(ツ)_/¯

    Friday, June 20, 2014 7:47 PM
  • Warning:

    "Seeking an opportunity to re-sort the outputof $arrItem and the RegKey then rewrite."

    What would the resort criteria be?  You have a bunch of GUIDs.  They will not sort into any reasonable order.

    What sort do you want.  Numeric? Alpha? Sort by vendor?  Sort by MAC address? Sort by IP?

    Can you see why this is not going to work.

    If you have to DHCP adapters why not just switch cables and reboot.


    ¯\_(ツ)_/¯

    Friday, June 20, 2014 7:50 PM
  • Hi jrv,

    Thanks for your helpful reply. I would use the name.

    here is my sample script

    $Nic_OnTop = "Operation"
    
    function Nic_OnTop
    {
    
    	ForEach ($Adapter in (Get-WmiObject Win32_NetworkAdapter -Filter "NetEnabled='True'"))
    	{  $Config = Get-WmiObject Win32_NetworkAdapterConfiguration -Filter "Index = '$($Adapter.Index)'"
    	   	if ($Adapter.NetConnectionID -eq $Nic_OnTop)
    			{
    				$MultiSzBind = [System.Collections.ArrayList] (get-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\services\tcpip\Linkage\" | Select -ExpandProperty Bind)
    				Write-Host "Bind old"
    				$MultiSzBind
    				Write-Host "Remove Bind"
    				$MultiSzBind.Remove("\Device\" + $Adapter.GUID)
    				$MultiSzBind
    				Write-Host "Bind New"
    				$MultiSzBind.insert(0,"\Device\" + $Adapter.GUID)
    				$MultiSzBind
    				Set-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\services\tcpip\Linkage\" -name “Bind” -Value $MultiSzBind -Type MultiString
    				
    				$MultiSzExport = [System.Collections.ArrayList] (get-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\services\tcpip\Linkage\" | Select -ExpandProperty Export)
    				Write-Host "Export old"
    				$MultiSzExport
    				Write-Host "Remove Export"
    				$MultiSzExport.Remove("\Device\Tcpip_" + $Adapter.GUID)
    				$MultiSzExport
    				Write-Host "Export new"
    				$MultiSzExport.insert(0,"\Device\Tcpip_" + $Adapter.GUID)
    				$MultiSzExport
    				Set-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\services\tcpip\Linkage\" -name “Export” -Value $MultiSzExport -Type MultiString
    								
    				$MultiSzRoute = [System.Collections.ArrayList] (get-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\services\tcpip\Linkage\" | Select -ExpandProperty Route)
    				Write-Host "Route old"
    				$MultiSzRoute
    				Write-Host "Remove Route"
    				$MultiSzRoute.Remove("`"" + $Adapter.GUID + "`"")
    				$MultiSzRoute
    				Write-Host "Route new"
    				$MultiSzRoute.insert(0,"`"" + $Adapter.GUID + "`"")
    				$MultiSzRoute
    				Set-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\services\tcpip\Linkage\" -name “Route” -Value $MultiSzRoute -Type MultiString
    			}
    
    	}
    }
    
    Nic_OnTop

    However, when I went back to the bindings GUI, again the order hadn't changed.

    A little QS with nvspbind confirmed that too.

     


    • Edited by Fubycon Tuesday, June 24, 2014 10:01 AM
    Tuesday, June 24, 2014 9:23 AM
  • You cannot just replace the GUIDs. You have to sort the entries as they exist into the order you need.  This is a very advanced scripting/programming technique.

    As posted earlier.  You do not need to do this.  Call the vendor of the software and have them give you a fix or don't use non-Windows software,

    If you insist on reprogramming this then you  would do best by contacting a consultant.  We will not write this for you.

    The articles posted describe how to do this quite well. Actuallyunderstanding what they are tellingyou to do maybe difficult.  THe array of strings is not just a list of GUIDs.  it is a list of comma separated associations.


    ¯\_(ツ)_/¯

    Tuesday, June 24, 2014 11:09 AM
  • As noted previously, it is not recommended to edit the registry directly instead of using the correct APIs. You run the risk of putting the server in an unsupported state and breaking things.

    You have said that you have a specification document that requires a specific binding order, but this does not explain 1) why a specific binding order is required and 2) why you cannot use a tool that uses the network APIs to change the binding order.


    -- Bill Stewart [Bill_Stewart]

    • Proposed as answer by Bill_Stewart Tuesday, July 15, 2014 10:01 PM
    • Marked as answer by Bill_Stewart Tuesday, July 22, 2014 7:02 PM
    Tuesday, June 24, 2014 3:29 PM