0

SkipAsSource Flag Cleared In Windows 2012

For a while now I've been using the Netsh SkipAsSource Flag to allow multiple IPs on a server and only the primary IP registers in DNS.  The previous series of articles in this series are here:

  1. Fine Grained Control When Registering Multiple IP Addresses On a Network Card
  2. Fine Grained Control When Registering Multiple IP Addresses–Part Deux
  3. Fine Grained Control When Registering Multiple IP Addresses–Part Trois

Update 19-9-2013;  Tried this out on the RTM build of Windows Server 2012 R2.  Same issue.

Life was good until Shawn Martin added a comment asking about a hotfix for Windows Server 2012 to fix a previous issue from Windows Server 2008 R2.  Hotfix 2554859 was noted in the original article, but I had not experienced the behaviour on Server 2012 as I was not using the GUI.

This is an excerpt from KB 2554859 describing the issue:

  • You install hotfix 2386184 on the computer to enable the skipassource flag of the netsh command.
  • You assign many IP addresses to a network adapter on the computer by using the netsh command together with the skipassource flag.
  • You update some IP settings for the network adapter in the Network and Sharing Center graphical user interface (GUI). For example, you edit the subnet mask of an IP address that has the skipassource flag set to true.
  • In this scenario, the skipassource flag of the IP address and of all IP addresses that are listed under that address in the GUI are cleared incorrectly.

Unfortunately, this issue also manifests itself in Windows Server 2012, though the last bullet is slightly different.

Let's run through the behaviour you will see and then what to do about it

Starting Configuration

This is our starting configuration.  A simple setup with a single IPv4 address bound to one NIC.

Get-NetAdapter | Get-NetIPAddress | Select IPAddress, SkipAsSource

Windows Server 2012 Starting IP Configuration

Let's use PowerShell's New-NetIPAddress cmdlet to add an additional IP 192.168.10.121 and specify the –SkipAsSource parameter.

New-NetIPAddress –IPAddress 192.168.10.121 –InterfaceAlias "Ethernet 2" –SkipAsSource $True

Windows Server 2012 - Binding New IPv4 Address With New-NetIPAddress

Looks OK, but we shall verify…

Get-NetAdapter | Get-NetIPAddress | Select IPAddress, SkipAsSource

Checking SkipAsSource Is Set Using PowerShell

So far so good!  Time to change it up!

Enter the GUI

To replicate the issue, let's now make a change to the IP we just added through the GUI, and change the subnet mask:

Changing Subnet Mask To /24 In Windows 2012 GUI

And when we check the SkipAsSource settings after saving the change in the GUI, we can see that the SkipAsSource flag has been lost for the IP address of 192.168.10.121

After Editing in GUI, SkipAsSource Flag Is Cleared For IP

Interestingly enough if we add multiple additional IPs, each of which is set to SkipAsSource $True, and we only edit IP 192.168.10.121 in the GUI; only that specific IP loses it's SkipAsSource flag.

We can see this below, IPs 192.168.10.121 to .125 were added all of which have SkipAsSource set to $True.

Editing Single IPv4 Does Not Revert SkipAsSource For Other IPv4 Addresses In Windows 2012

GUI is then used to edit just 192.168.10.121, and afterwards only that IP has lost its SkipAsSource flag.

Editing Single IPv4 Does Not Revert SkipAsSource For Other IPv4 Addresses In Windows 2012

Workaround

At this time to please do not edit the IP configuration of a machine where SkipAsSource is used via the GUI.  PowerShell can be used to configure IPs where this feature is used.  If the GUI is used the SkipAsSource will be set changed for the IP(s) that were modified.

This is an example of using Set-NetIPAddress to change the PrefixLength (Subnet Mask) to /24.  Note that even through SkipAsSource was not explicitly used in the Set-NetIPAddress cmdlet, the original setting was honoured

Using PowerShell In Windows 2012 To Preserve SkipAsSource

Cheers,

Rhoderick

Rhoderick Milne [MSFT]

Leave a Reply

Your email address will not be published. Required fields are marked *