Networking

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. binding order powershell

    binding order cannot be easily managed via powershell without registry manipulation of guids.

    please make a sensible cmdlet

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  NIC  ·  Flag idea as inappropriate…  ·  Admin →
  2. Introduce Linux like SO_TimeStamp socket option in networking API

    Most of the network cards support High Precision clock synchronized with PTP protocol. In windows server introduce Linux like SO_TimeStamp set socket option to receive timestamp along with receiving packet. This will be used to identify network latency and a means to get high precision time stamp.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Time  ·  Flag idea as inappropriate…  ·  Admin →
  3. Provide support for changing LACP timer value to long/slow for NIC teams

    If you use native support for NIC teaming, LACP teams use a short/fast timer. This is an issue if you the team is connected to a Cisco Nexus and want to use In-Service Software Upgrades because ISSU requires slow/long timers.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Teaming & load balancing  ·  Flag idea as inappropriate…  ·  Admin →
  4. LBFO Team: Prevent duplicate multicast traffic on virtual nic

    When using a switch independent team, multicast traffic is received by all physical nics in the team (switch does not know the ports are in a team). When attaching a virtual switch to the team, it appears as if virtual nics receive the multicast traffic multiple times (once from each physical team member). Is it not possible to send it to the virtual nic only once (eg. only from the physical nic the virtual nic's VMQ is associated with)?

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Teaming & load balancing  ·  Flag idea as inappropriate…  ·  Admin →
  5. Create a WiFi policy linked to User Configuration, to allow for GP WiFi conn mngmt on non-domain devices

    Currently the WiFi Network Policies exists only under Computer Configuration -> Policies -> Windows Settings -> Security Settings and can only be applied to Computers that are members of the domain.
    We need a similar WiFi Network Policy under User Configuration to be able to manage the domain Users capability to connect to WiFi with Enterprise authentication irrespective to which device they use to connect to the Enterprise WiFi

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  6. Fix the ping timeout bug that gives incorrect "reply timed out" messages in Server 2012r2 and Windows 10 for pings under 1000ms timeout

    Ping can take a timeout, if the timeout is set less than 1000ms then genuine replies start getting ignored as timed out failures.

    Does not affect Server 2003 or 2008.

    Does affect Server 2012 r2 and Windows 10

    Appears to be a problem in WinAPI / networking stack rather than .Net or ping.exe implementation - happens at ICMPSendEcho2Ex and ICMP6SendEcho2Ex layers at least.

    Documented in detail here: https://stackoverflow.com/questions/45528336/winapi-why-does-icmpsendecho2ex-report-false-timeouts-when-timeout-is-set-belo

    and here: http://web.archive.org/web/20150519002258/http://www.frameflow.com:80/ping-utility-flaw-in-windows-api-creating-false-timeouts/

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Bug  ·  Flag idea as inappropriate…  ·  Admin →
  7. Remove-DhcpServerv4Reservation [IP Address] removes all reservations in the scope, even if the IP is not a scope IP

    When using Remove-DhcpServerv4Reservation and just giving it an IP address without using the option -IPAddress, the cmdlet removes all reservations and turns them into leases.

    This should not happen if the IP address is not a scope IP identifier and should throw an error rather than removing all reservations.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Managment tools  ·  Flag idea as inappropriate…  ·  Admin →
  8. Can you add analogue fail2ban (in linux) to windows server firewall?

    It't ve cool has an tools in OS firewall, that can ban bruteforce RDP or other port.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Firewall  ·  Flag idea as inappropriate…  ·  Admin →
  9. add a comments field only visible in the DNS Manager console.

    This would help with DNS Management by having the ability to add notes to static A records and aliases

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Managment tools  ·  Flag idea as inappropriate…  ·  Admin →
  10. DirectAccess should support multiple CA

    if the customer wants to upgrade or change the CA, he needs to bring in all the remote computers and do a GPO refresh on-premises; otherwise the moment the new CA is input into the configuration of DA server, the clients which are still using the old CA are kicked out of DA.

    we need a process for such transition, in case of an expired or compromised CA, to let the clients smoothly transition into the new CA without the requirement of them comping onsite for a GPO refresh. I would say enable the addition of Multiple CA rather than…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Misc  ·  Flag idea as inappropriate…  ·  Admin →
  11. Re-engineer DNS

    Recently, I had to switch about 200 records from Dynamic records to Static, because the Zone was set with 20 Min TTL, and I had servers, running on Dynamic DNS. I know that using the console, I can update a record to switch from Dynamic to a static record, but to my surprise, there wasn't an option via powershell :(

    Also Powershell doesnt let you manage the TTL or other options in DNS

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  12. 2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Bug  ·  Flag idea as inappropriate…  ·  Admin →
  13. 4G

    Network

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Layer 2 & Ethernet  ·  Flag idea as inappropriate…  ·  Admin →
  14. DnsServerResourceRecord does not support multi-string records

    RFC-4408 (section 3.1.3) https://tools.ietf.org/html/rfc4408#section-3.1.3 defines the use of multi-string records for SPF (DNS TXT records), however the Get- or Add- DNSServerResourceRecord commands do not support this. For the Get- the actual DNS record is truncated to 256 chars, and for the Add- it simply errors out with an invalid propery.

    Example of a valid DNS record (that can be configured by the DNS GUI)
    $RecordName = "spfrecord"
    $RecordText = "v=spf1 ip4:192.168.0.1 ip4:192.168.0.2 ip4:192.168.0.3 ip4:192.168.0.4 ip4:192.168.0.5 ip4:192.168.0.6 ip4:192.168.0.7 ip4:192.168.0.8 ip4:192.168.0.9 ip4:192.168.0.10 ip4:192.168.0.11 ip4:192.168.0.12 ip4:192.168.0.13 ip4:192.168.0.14 include:spf.protection.outlook.com mx -all"
    $Zone = "contoso.com"
    $Type = "TXT"
    $DNSServer = "DC1.contoso.com"
    Add-DnsServerResourceRecord -DescriptiveText $RecordText -Name…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Managment tools  ·  Flag idea as inappropriate…  ·  Admin →
  15. get-netipconfiguration

    Get-netipconfiguration throws exception if you have multiple default gateways configured for an interface.

    PS C:\Users\Administrator> Get-NetIPConfiguration

    Exception setting "NetProfile": "Cannot convert the "System.Object[]" value of type "System.Object[]" to type
    "Microsoft.Management.Infrastructure.CimInstance"."
    At C:\Windows\system32\WindowsPowerShell\v1.0\Modules\NetTCPIP\NetIPConfiguration.psm1:201 char:17
    + ... $IPConfig.NetProfile = Get-NetConnectionProfile -Interfac ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : NotSpecified: (:) [], SetValueInvocationException
    
    + FullyQualifiedErrorId : ExceptionWhenSetting

    InterfaceAlias : Ethernet0
    InterfaceIndex : 4
    InterfaceDescription : Intel(R) 82574L Gigabit Network Connection
    IPv4Address : 172.16.110.222
    IPv6DefaultGateway :
    IPv4DefaultGateway : {12.12.12.12, 172.16.110.2}
    DNSServer : 172.16.110.100

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  TCP/IP  ·  Flag idea as inappropriate…  ·  Admin →
  16. Fix Remote-NetIPAddress to work inside try/catch

    Writing a script to provision a machine - we first remove the IPAddress (and any default gateway), But sometimes there is no address. That;s fine - we just try/catch and move on, liike this:

    Try {

    Remove-NetIPAddress -InterfaceIndex $IfIndex `
    
    -AddressFamily IPv4 `
    -Confirm $false
    }

    Catch {Write-Verbose 'No IPAddresses found'}

    But instead of the nice write-verbose message, we get a fatal error:
    Remove-NetIPAddress : No matching MSFTNetIPAddress objects found by CIM query for instances of the ROOT/StandardCimv2/MSFTNetIPAddress class on the CIM server:
    SELECT * FROM MSFT_NetIPAddress WHERE ((IPAddress LIKE 'False')) AND ((InterfaceIndex = 3)) AND ((AddressFamily =…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Bug  ·  Flag idea as inappropriate…  ·  Admin →
  17. Move the GlobalBlocklist to the ADS

    Everytime you set up a new DC with DNS (integrated DNS Zones) you have to remember to clear the GlobalBlocklist in the Registry (when using wpad and isatap). If you set up new DC everytime a new OS is live, you have to remember for this every ~ 3 years. Please move the GlobalBlocklist to a Paramter in the integrated zones, so that every DNS Server with this zone get a real "Global" Blocklist. Or, at least, make the Blocklist visible in the mmc. Would make the search for the misconfiguration a lot faster.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
  18. Provide logging around DNS record aging

    It would be nice to have DNS logging around what records would be scavenged if scavenging was turned on.

    Add a log (or easy PowerShell way) to pull the records that would be scavenged, following the built-in algorithm that DNS uses (https://technet.microsoft.com/en-us/library/cc959277.aspx)

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
  19. DirectAccess better visibility of connection interface

    it is hard to tell which IPv6 interface DirectAccess is using to connect to the infrastructure. now you have to run netsh on httpstunnel and teredo and 6 to 4 to have some "educated guess" about which one is the one chosen for DA.

    we should be able to easily identify which interface (native or tunnel) is being utilized for DA communication on the client. the server GUI shows it already.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Misc  ·  Flag idea as inappropriate…  ·  Admin →
  20. Routing & RAS installation without Direct Access

    Allow installtion of Routing & RAS without Direct Access. On some Servers I only want to get VPN and not DirectAccess.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Misc  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base