Thursday, May 26, 2011

How Windows Server Picks the Source IP Address

When Windows Server (in my testing, 2008) has multiple IP addresses configured on a single adapter, Windows will choose the IP address closest to the gateway as the source address. We ran into this problem when using NAT through a firewall for a web service call.
The second (newly added) IP was for a website hosted on the server. This second address was being placed in the packet as the source but was not in the NAT rule, so the web service call failed.

Microsoft has a hotfix (KB2386184) that is supposed to correct this by adding a new flag to netsh (skipassource). This flag is intended to tell the OS not use the specified address as a source address in the packet. Unfortunately, this did not remedy the problem as stated (nor work as Microsoft stated). To correct the issue, we chose a "higher" address from the subnet (farther away from the gateway address) and everything worked as planned.

No comments: