Networking

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. DNS: Application high availability

    Hello,

    On your site "What's new in DNS Server in Windows Server 2016" is written that there will be a new feature called "DNS Policies", which can be used for "Application high availability". But i can't find this feature, which allows me to redirect clients to the healthiest endpoint like a failover-cluster. I'm not looking for a loadbalancer.

    Other People are looking too for this Feature and some documentation, when will it be available?

    This feature would be great for applications like ADFS and so on.

    "What's New" https://technet.microsoft.com/en-us/windows-server-docs/networking/dns/what-s-new-in-dns-server
    Other person: https://social.technet.microsoft.com/Forums/office/en-US/84d3b0de-e427-4987-b498-6b053851e2dc/dns-policies-application-high-availability?forum=WinServerPreview

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
  2. Enable-NetLldpAgent not useful

    The Enable-NetLldpAgent , in order to be useful in proper management of a network, should allow setting TLV subtypes.
    Or...........Some options I would prefer:
    set TLV 1 to ID subtype 5 (network address) instead of subtype 4 (MAC address)
    set TLV 2 to ID subtype 5 (interface name) instead of 3 (MAC address)

    include the optional TLV 5 system name

    MAC address is easily obtained by other networking tools. Using this as the information for mandatory TLVs is redundant and useless.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Managment tools  ·  Flag idea as inappropriate…  ·  Admin →
  3. Fix -WhatIf, -Verbose, and -ErrorAction support in the DnsServer PowerShell module

    The new cmdlets for DNS policies in particular have inconsistent and downright broken support for -WhatIf and -Verbose.

    Example:

    Add-DnsServerClientSubnet -cn MyDC -Name 'Whatever' -IPv4Subnet 10.0.0.0/32

    That works if you explicitly add -WhatIf. But if I make the call inside an advanced function that SupportsShouldProcess and call the outer function with -WhatIf, the preference will NOT carry over. In order to do that, I have to use -WhatIf:$WhatIfPreference.

    The same is true with -Verbose, having to use -Verbose:$VerbosePreference because it won't inherit it.

    This is true on the cmdlets for:
    - Client Subnets
    - Zone Scopes
    - Query Reoslution Policies

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
  4. Server 2016 wifi does not work

    In Windows Server 2016 RTM, like in the TP5, still Wifi does not work!
    I can enable the service, device is known in device manager and it also finds Wifi networks, but when i connect, after entering password, Explorer.exe crashes!

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Bug  ·  Flag idea as inappropriate…  ·  Admin →
  5. DnsServer Module cmdlets need a credential parameter

    It would be extremely useful if the cmdlets in the DnsServer module had the credential parameter. It's a lot easier to provide the credentials in a variable versus having to wrap the cmdlet in a script block every time you want to run it with different credentials.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
  6. Enable DHCP to send unrequested options.

    I thought I had posted this, but apparently not.
    Have the ability to force DHCP options down to a client. Right now it seems that the DHCP server only sends options back that are requested by the client. Having the ability to send non-requested options would be awesome. Not so much for Windows clients, but for Mac clients. The Netboot there doesn't request options 66 and 67. But if you send them down (such as the Mac Servers do), then it can boot from those options. If this were implemented, LOTS of Mac Admins would be very happy.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  DHCP  ·  Flag idea as inappropriate…  ·  Admin →
  7. Introduce a "debug" mode to the TCP/IP stack

    As this would be reasonably impactful of performance on busy servers, it would have to be designed for debug situations only. The idea is that we have a log specifically for TCP/IP debugging. In it would be written things like TCP session establishment, connection resets, adapter events, tcp window size change events, offload status, rss events, route changes, and a big one, MTU negotiation/black hole router events.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  TCP/IP  ·  Flag idea as inappropriate…  ·  Admin →
  8. Support CAA records in nslookup

    The nslookup command line tool should support CAA (id=257) DNS resource record types. Bonus points for teaching Resolve-DnsName about this type as well. Super bonus points for supporting and rendering arbitrary record types: just print the data in a side-by-side hex/ASCII view. This way I can view newer record types without needing an OS update.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
  9. Cannot create IKEv2 tunnel mode IPsec rules in PowerShell, but IKEv1 works just fine

    Bug:

    When creating an IPsec rule which uses the IKEv2 keying module in PowerShell, an error is thrown, but it is not likely a PowerShell error, but an underlying bug in Windows.

    Expected Behavior:

    We should be able to manage IKEv2 IPsec rules however we wish, including creating tunnel mode IKEv2 rules without using RRAS.

    Steps To Reproduce:

    In PowerShell, the following code should work (notice the KeyModule):

    -------start---------
    $P1MachineCertOnly = New-NetIPsecPhase1AuthSet -Default <rest of command not shown>

    $IPsec3Tunnel = @{

    IPsecRuleName = &#39;IPsec3&#39;
    
    DisplayName = &#39;IPsec3&#39;
    KeyModule = &#39;IKEv2&#39;
    Mode = &#39;Tunnel&#39;
    LocalAddress = &#39;192.168.1.0/24&#39;
    LocalTunnelEndpoint = &#39;192.168.1.204&#39;
    RemoteAddress
    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Firewall  ·  Flag idea as inappropriate…  ·  Admin →
  10. Roll back network changes if not confirmed

    If you change network settings, you should be prompted to confirm once the change has finished in the same way as display settings. If not the change is rolled back.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Managment tools  ·  Flag idea as inappropriate…  ·  Admin →
  11. DirectAccess

    DirectAccess not work properly with RRAS NAT while using three network with two public network and one private network.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Misc  ·  Flag idea as inappropriate…  ·  Admin →
  12. Override teming mode for management OS virtual NICs

    It would be greate, if we can tell for this particular vNIC to send/receive traffic trough one NIC and not to perform loadbalancing or failover. If you've got only 2 NIC adapters, you can't properly install hyper-V host with iSCSI (for iSCSI Multipath I/O is better option, than teaming), SMB v3 also would benefit (we than could keep traffic not crossing switches or stacking (IRF/MLAG) connection). Another option could be partition HW NIC using SR IOV technology, and bring VF to management OS.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Teaming & load balancing  ·  Flag idea as inappropriate…  ·  Admin →
  13. Keep Network Teams intact after upgrade

    After in-place upgrading Srv2016 Build 10154 to build 10158 the network teams needed to be reconfigured. All teams disappeared, hopefully this will be fixed in the following updates. Rebuilding the teams isn't fun..

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Teaming & load balancing  ·  Flag idea as inappropriate…  ·  Admin →
  14. Windows needs better inbox packet filtering.

    "netsh trace" and/or NetEventPacketCapture lacks capable packet filtering. A lot of secure and change managed environments do not [easily] allow the installation of packet capture tools for collecting network data, like Wireshark (or the now defunct netmon and Message Analyzer).

    The two built-in packet capture tools in Windows, "netsh trace" and NetEventPacketCapture, can only filter packets by IP address, MAC, and protocol. This makes collecting a targeted trace, sometimes needed when collecting traces on sensitive networks or when other data floods the ETL, impossible.

    This is a request to add, at a minimum, the ability to filter packets by TCP…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Misc  ·  Flag idea as inappropriate…  ·  Admin →
  15. Provide useful parameters for Enable-NetLldpAgent

    Enable-NetLldpAgent not useful

    The Enable-NetLldpAgent , in order to be useful in proper management of a network, should allow setting TLV subtypes.
    Or...........Some options I would prefer:
    set TLV 1 to ID subtype 5 (network address) instead of subtype 4 (MAC address)
    set TLV 2 to ID subtype 5 (interface name) instead of 3 (MAC address)

    include the optional TLV 5 system name

    MAC address is easily obtained by other networking tools. Using this as the information for mandatory TLVs is redundant and useless.

    And include lldp driver and PS modules in every version of Windows. You can't build a…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Layer 2 & Ethernet  ·  Flag idea as inappropriate…  ·  Admin →
  16. Additional DHCP Server Failover Links

    In Server 2012, Windows Server had DHCP failover added to eliminate the requirement of clustering for HA. DHCP failover is limited to either a Load Balanced pair or an Active-HotStandby member.

    It would be nice to have a load balanced pair of DHCP servers, with a second failover association of a Hot-Standby at a remote location.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  DHCP  ·  Flag idea as inappropriate…  ·  Admin →
  17. DHCP server should check network connection and start servicing IPs after Event 1041

    In the scenario where the DHCP server is started before the network switch, event 1041 is triggered and even after network is operational no IP addresses are services unless the DHCP service is manually started.

    https://social.technet.microsoft.com/Forums/windowsserver/en-US/e3f48935-33a1-4a16-87c2-8989c9cf42b4/dhcp-failover-does-not-work-if-service-is-not-servicing?forum=winserveripamdhcpdns

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  DHCP  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add support for SNMPv3

    Is there any thought to updating the built in SNMP agent to support v3 in Windows server 2016, and not just deprecating the existing agent? Currently it seems there is no industry supported standard that is a replacement for SNMP, and until there is it should be added to Windows Server 2016

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add more BGP debug info

    There's no info about:
    - routes that ingress or egress through BGP really,
    - reasons of including/excluding BGP routes in/from main route table.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Misc  ·  Flag idea as inappropriate…  ·  Admin →
  20. Product to Product SPPC (Secure Port & Protocol Comunication) for Server 2017

    Hola,

    (if that clear, read until reach bottom of this post)

    Just like to ask Microsoft if they could make a secure server to server communication protocol, that use say 44443, that is a strip-down TCP that don't use the 3-hand system (more like secure UDP with error correction). That allows each product to talk to each other, using a PKI, or on-prem ADCS certificate.
    But this communication should be base on Control+Data info
    were each product can list all the control-command(standards) that it accepts.

    What is this for, you ask:

    So it will be easy for all products to…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Misc  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base