Networking

How can we improve the networking platform and management in Windows Server?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Fix default NPS firewall rules for Server 2019

    Hi all,

    I understand there is an issue with Windows Server 2019/Windows 10 1809 however I was wondering if Microsoft are aware of any problems regarding the Firewall rather than the systems handling of user files.

    Recently I setup a Server 2019 VM (1.5GB Dynamic RAM, 2 Allocated Cores, 36GB Drive space, 3GB NIC Team) and installed the NPS and RDS Gateway role onto it however I noticed that despite the NPS role adding the standard firewall rules for port 1813 and 1812 they do not seem to be working.

    I have confirmed that with an exception allowing port 1812…

    56 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    17 comments  ·  Firewall  ·  Flag idea as inappropriate…  ·  Admin →
  2. [Bug] Server 2019, firewall logging injects NULL bytes into file "pfirewall.log"

    When firewall logging is activated, the resulting "pfirewall.log" gets a string of about 955,868 null bytes inserted into it. The actual log line entries are there, along with 900K of null's. OS seems to fixated on making a minimum size file. Big bug somewhere.

    1 vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Firewall  ·  Flag idea as inappropriate…  ·  Admin →
  3. Create a WiFi policy linked to User Configuration, to allow for GP WiFi conn mngmt on non-domain devices

    Currently the WiFi Network Policies exists only under Computer Configuration -> Policies -> Windows Settings -> Security Settings and can only be applied to Computers that are members of the domain.
    We need a similar WiFi Network Policy under User Configuration to be able to manage the domain Users capability to connect to WiFi with Enterprise authentication irrespective to which device they use to connect to the Enterprise WiFi

    1 vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  4. 2 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Bug  ·  Flag idea as inappropriate…  ·  Admin →
  5. Support CAA records in nslookup

    The nslookup command line tool should support CAA (id=257) DNS resource record types. Bonus points for teaching Resolve-DnsName about this type as well. Super bonus points for supporting and rendering arbitrary record types: just print the data in a side-by-side hex/ASCII view. This way I can view newer record types without needing an OS update.

    3 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
  6. Fix the ping timeout bug that gives incorrect "reply timed out" messages in Server 2012r2 and Windows 10 for pings under 1000ms timeout

    Ping can take a timeout, if the timeout is set less than 1000ms then genuine replies start getting ignored as timed out failures.

    Does not affect Server 2003 or 2008.

    Does affect Server 2012 r2 and Windows 10

    Appears to be a problem in WinAPI / networking stack rather than .Net or ping.exe implementation - happens at ICMPSendEcho2Ex and ICMP6SendEcho2Ex layers at least.

    Documented in detail here: https://stackoverflow.com/questions/45528336/winapi-why-does-icmpsendecho2ex-report-false-timeouts-when-timeout-is-set-belo

    and here: http://web.archive.org/web/20150519002258/http://www.frameflow.com:80/ping-utility-flaw-in-windows-api-creating-false-timeouts/

    2 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Bug  ·  Flag idea as inappropriate…  ·  Admin →
  7. DNS recursion using wrong NS for delegated zone CNAME

    When Server 2016 DNS Server has a delgation within a primary zone, CNAME records in that delegation result in queries to the delgation's name servers, not forwarders / root hints.
    For example:

    Primary zone: one.example
    Delegation: foo.one.example, with nameserver ns.bar.com

    In that delegated zone, there exists a record:

    baz.foo.one.example IN CNAME other.two.example

    two.example's zone, hosted by ns.somethingelse.com, has a record:
    other.two.example IN A 1.2.3.4

    From a client pointed at the DNS server, query baz.foo.one.example.

    I would expect the server to query ns.bar.com for baz, receive a reply of other.two.example, and then query either two.example's nameserver, or use the default forwarders…

    16 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Bug  ·  Flag idea as inappropriate…  ·  Admin →
  8. Broke RRAS

    At the moment PPPoE is broken in Windows Server 2016 over RRAS.
    It would be great if this could be solved.
    Till yet we're using Windows Server 2012. But we would like to upgrade but can't 'cause RRAS is broken.

    8 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Misc  ·  Flag idea as inappropriate…  ·  Admin →
  9. Fix -WhatIf, -Verbose, and -ErrorAction support in the DnsServer PowerShell module

    The new cmdlets for DNS policies in particular have inconsistent and downright broken support for -WhatIf and -Verbose.

    Example:

    Add-DnsServerClientSubnet -cn MyDC -Name 'Whatever' -IPv4Subnet 10.0.0.0/32

    That works if you explicitly add -WhatIf. But if I make the call inside an advanced function that SupportsShouldProcess and call the outer function with -WhatIf, the preference will NOT carry over. In order to do that, I have to use -WhatIf:$WhatIfPreference.

    The same is true with -Verbose, having to use -Verbose:$VerbosePreference because it won't inherit it.

    This is true on the cmdlets for:
    - Client Subnets
    - Zone Scopes
    - Query Reoslution Policies

    6 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
  10. Expose whether DNS Client Server Address assigned by DHCP or Static

    The Get-DNSClientServerAddress cmdlet does not provide information on whether or not the Server Addresses were assigned via DHCP or have been statically assigned.

    This is presumably because the information is not provided to WMI/CIM.

    This information is available by using NETSH, so it is available in the OS.

    This would allow some problems in the xDNSServerAddress resource in the xNetworking DSC resource module (in the Resource Kit) to be solved.

    For more information about the problem and why it is causing problems, please see this issue in the xNetworking resource module: https://github.com/PowerShell/xNetworking/issues/164

    9 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Managment tools  ·  Flag idea as inappropriate…  ·  Admin →
  11. DNS Manager should sort IP addresses numerically

    In DNS Manager the Data column treats everything as a string so it sorts alphabetically. Instead, it should be smarter and recognize different types of data and sort those numerically. Specifically, it should recognize IPv4 addresses and sort them numerically.

    We could go from:

    To:

    10.0.0.1
    10.0.0.2
    10.0.0.100
    10.0.0.101
    10.0.0.200
    10.0.0.201

    16 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Managment tools  ·  Flag idea as inappropriate…  ·  Admin →
  12. Additional DHCP Server Failover Links

    In Server 2012, Windows Server had DHCP failover added to eliminate the requirement of clustering for HA. DHCP failover is limited to either a Load Balanced pair or an Active-HotStandby member.

    It would be nice to have a load balanced pair of DHCP servers, with a second failover association of a Hot-Standby at a remote location.

    4 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  DHCP  ·  Flag idea as inappropriate…  ·  Admin →
  13. DnsServer Module cmdlets need a credential parameter

    It would be extremely useful if the cmdlets in the DnsServer module had the credential parameter. It's a lot easier to provide the credentials in a variable versus having to wrap the cmdlet in a script block every time you want to run it with different credentials.

    6 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add support for SNMPv3

    Is there any thought to updating the built in SNMP agent to support v3 in Windows server 2016, and not just deprecating the existing agent? Currently it seems there is no industry supported standard that is a replacement for SNMP, and until there is it should be added to Windows Server 2016

    4 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add more BGP debug info

    There's no info about:
    - routes that ingress or egress through BGP really,
    - reasons of including/excluding BGP routes in/from main route table.

    3 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Misc  ·  Flag idea as inappropriate…  ·  Admin →
  16. Fix DNS management console sorting bug

    Come on, after 8 years you have still not fixed this bug?
    https://social.technet.microsoft.com/Forums/windowsserver/en-US/f1b686ad-824f-4c16-a66c-f9470a2dfa6d/2008-dns-ip-address-sorting-issue
    And NO, this is neither MMC nor regional settings problem, since DHCP management console sorts the same (IP addresses) values CORRECTLY.
    And NO, exporting to Excel is NOT an option!
    Come on grow up and get serious, even in Srv 2K and 2K3 it worked like charm!

    76 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
  17. reengineer the whole DHCP Server

    The MMC console based management of windows server is still unchanged since server 2003. These are the things that bother me:

    - Window size is not saved. have to maximize everytime the window is opened
    - Treemenu on the left is collapsed every time the window is opened
    - Menu window on the left is very narrow, have to extend it every time the window is opened
    - Cant edit IP address range exclutions (you have to delete and recreate every time)
    - Cant edit reservations IP address

    Following features would be great to have:

    - Right click on a…

    15 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  DHCP  ·  Flag idea as inappropriate…  ·  Admin →
  18. Bring load balancing to windows server!

    Many modern HTTP applications are deployed in enterprises with 3rd party load balancers running in layer 7 mode. I have yet to find a solution which runs on windows. NLB is often difficult to deploy because of incompatibilities with switches/hypervisors (some improvement with IGMP multicast), and does not operate in layer 7.

    IIS AAR can do layer 7 but does not do high availability without combining with NLB

    32 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Teaming & load balancing  ·  Flag idea as inappropriate…  ·  Admin →
  19. Include SNMPv2/v3 / 64bit counters to Windows Server 2016

    As we all know all Windows Servers from 2000 to 2012 R2 only support 32bit counters for SNMP. Because of this if you run diagnostics on high speed interfaces / virtual interfaces like 1GbE, 10GbE, 40GbE, 100GbE counters will go over it's 32bit value and reset, causing MRTG graphs and other SNMP monitoring utilities to report false values. So my idea is that microsoft implements 64bit counters in SNMP implementation and finally adds support for 64bit SNMP.
    My 7 year old 3com switch supports 64bit SNMP counters but the latest Windows 2012 R2 does not.

    MRTG: http://oss.oetiker.ch/mrtg/

    16 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Improve DNS logging options

    Allow us to put a filter in to log for specific lookups. We should be able to specify a list of names, a list of domains. We will at times have a misbehaving client or piece of malware, or we have an old domain or host and we'd like to know what's still using it. Being able to create a targeted log for these types of situations would often come in handy. As it is, we end up needing to run a network capture on all our domain controllers. The ability to use a Powershell or dnscmd command to add…

    19 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Networking

Feedback and Knowledge Base