Windows Server 2008: specifying the default IP address when NIC has multiple addresses
Solution 1
With Server 2008 Service Pack 2 (not R2), or Vista SP2 and MS hotfix KB975808 there is a solution, although a bit clumsy. You would remove all the addresses you DON'T want as a source, then re-add each one at the command line using
Netsh int ipv4 add address <Interface Name> <ip address> skipassource=true
The hotfix enables the "Skip As Source" flag.
For a deeper dive on how different Windows versions select source IPs, see this TechNet blog post.
Solution 2
There isn't such as thing as a "Default IP" for a network interface; rather your systems routing table defines which logical interface should be used when communicating with other devices.
It sounds like what you'd like to do is configure a default route. This would cause all conversations initiated by this machine to be made from a specific IP.
Use route add to add a default gateway
Solution 3
Your situation is not quite clear, but if I get you right:
1) Why won't you just set your "need-to-be the default" IP the last?
2) Or, maybe you can try this (assuming that the gateway address is 192.168.99.1):
route delete 0.0.0.0
route -p add 192.168.99.1 mask 255.255.255.255 192.168.99.100
route -p add 0.0.0.0 mask 0.0.0.0 192.168.99.1 192.168.99.100
To get more information about the syntax of the "route" command, look here: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/route.mspx?mfr=true
Solution 4
I've been able to duplicate your issue: it just looks like Windows uses the lowest assigned IP address on a given network interface as the "outgoing" one, regardless of the actual order in which they were assigned.
I wasn't able to find any documentation about this behaviour, but I'm quite sure it is by design.
Edit
I think this really can't be done at the O.S. level, but it can be done by code in your application: a socket can be explicitly bound to a chosen IP address/port pair before connecting it to the remote endpoint. But you'll have to use lower-level libraries than standard web-services ones. I.E. you'll have to manually open a socket, connect it and use it to read/write data.
.NET/C# example:
using System.Net;
using System.Net.Sockets;
IPAddress local_addr = IPAddress.Parse("192.168.99.100");
IPAddress remote_addr = IPAddress.Parse("1.2.3.4");
int local_port = 4242;
int remote_port = 80;
IPEndPoint local_ep = new IPEndPoint(local_addr,local_port);
IPEndPoint remote_ep = new IPEndPoint(remote_addr,remote_port);
Socket s = new Socket(AddressFamily.InterNetwork,SocketType.Stream,ProtocolType.Tcp);
s.Bind(local_ep);
s.Connect(remote_ep);
// Now use the socket to talk to the remote host
This will open a connection to 1.2.3.4:80 originating it from 192.168.99.100:4242, so the remote host will see it coming from exactly that IP address.
Tried and tested by connecting to IIS, it logs the request as coming from the specified IP address.
Solution 5
The source address selection for an outbound call is handled differently by the TCP/IP stack since the Vista overhaul. In XP/2003 and earlier, the source address was determined by the route table when not explicitly declared by the application making the outbound call. Since Vista/2008, the source address could be determined by prefix affinity to the destination or next hop gateway address if destination is not local. The following Technet Blog posting explains the behavior change very well.
Related videos on Youtube
![Cédric Boivin](https://i.stack.imgur.com/TftPM.jpg?s=256&g=1)
Cédric Boivin
Updated on September 17, 2022Comments
-
Cédric Boivin almost 2 years
I have a Windows Server which has ~10 IP addresses statically bound. The problem is I don't know how to specify the default IP address.
Sometimes when I assign a new address to the NIC, the default IP address changes with the last IP entered in the advanced IP configuration on the NIC. This has the effect (since I use NAT) that the outgoing public IP changes too.
Even though this problem is currently on Windows Server 2008.
How can you set the default IP address on a NIC when it has multiple IP addresses bound?
There is more explication on my problem.
alt text http://www.nmediasolutions.com/_images/probleme/ip.png
Here is the output of
ipconfig
:DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 192.168.99.49(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.51(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.52(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.53(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.54(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.55(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.56(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.57(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.58(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.59(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.60(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.61(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.62(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.64(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.65(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.66(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.67(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.68(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.70(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.71(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.100(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.108(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.109(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.112(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.99.63(Duplicate) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.99.1
If I do a
pathping
there is the answer, the first up is the 99.49, also if my default IP address is 99.100Tracing route to www.l.google.com [72.14.204.99] over a maximum of 30 hops: 0 Machine [192.168.99.49]
There is the routing table on the machine:
Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.99.1 192.168.99.49 261 10.10.10.0 255.255.255.0 On-link 10.10.10.10 261 10.10.10.10 255.255.255.255 On-link 10.10.10.10 261 10.10.10.255 255.255.255.255 On-link 10.10.10.10 261 192.168.99.0 255.255.255.0 On-link 192.168.99.49 261 192.168.99.49 255.255.255.255 On-link 192.168.99.49 261 192.168.99.51 255.255.255.255 On-link 192.168.99.49 261 192.168.99.52 255.255.255.255 On-link 192.168.99.49 261 192.168.99.53 255.255.255.255 On-link 192.168.99.49 261 192.168.99.54 255.255.255.255 On-link 192.168.99.49 261 192.168.99.55 255.255.255.255 On-link 192.168.99.49 261 192.168.99.56 255.255.255.255 On-link 192.168.99.49 261 192.168.99.57 255.255.255.255 On-link 192.168.99.49 261 192.168.99.58 255.255.255.255 On-link 192.168.99.49 261 192.168.99.59 255.255.255.255 On-link 192.168.99.49 261 192.168.99.60 255.255.255.255 On-link 192.168.99.49 261 192.168.99.61 255.255.255.255 On-link 192.168.99.49 261 192.168.99.62 255.255.255.255 On-link 192.168.99.49 261 192.168.99.64 255.255.255.255 On-link 192.168.99.49 261 192.168.99.65 255.255.255.255 On-link 192.168.99.49 261 192.168.99.66 255.255.255.255 On-link 192.168.99.49 261 192.168.99.67 255.255.255.255 On-link 192.168.99.49 261 192.168.99.68 255.255.255.255 On-link 192.168.99.49 261 192.168.99.70 255.255.255.255 On-link 192.168.99.49 261 192.168.99.71 255.255.255.255 On-link 192.168.99.49 261 192.168.99.100 255.255.255.255 On-link 192.168.99.49 261 192.168.99.108 255.255.255.255 On-link 192.168.99.49 261 192.168.99.109 255.255.255.255 On-link 192.168.99.49 261 192.168.99.112 255.255.255.255 On-link 192.168.99.49 261 192.168.99.255 255.255.255.255 On-link 192.168.99.49 261 224.0.0.0 240.0.0.0 On-link 192.168.99.49 261 224.0.0.0 240.0.0.0 On-link 10.10.10.10 261 255.255.255.255 255.255.255.255 On-link 192.168.99.49 261 255.255.255.255 255.255.255.255 On-link 10.10.10.10 261
I think my route should look like:
Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.99.1 **192.168.99.100** 261 10.10.10.0 255.255.255.0 On-link 10.10.10.10 261 10.10.10.10 255.255.255.255 On-link 10.10.10.10 261 10.10.10.255 255.255.255.255 On-link 10.10.10.10 261 192.168.99.0 255.255.255.0 On-link 192.168.99.100 261 192.168.99.49 255.255.255.255 On-link 192.168.99.100 261 192.168.99.51 255.255.255.255 On-link 192.168.99.100 261 192.168.99.52 255.255.255.255 On-link 192.168.99.100 261 192.168.99.53 255.255.255.255 On-link 192.168.99.100 261 192.168.99.54 255.255.255.255 On-link 192.168.99.100 261 192.168.99.55 255.255.255.255 On-link 192.168.99.100 261 192.168.99.56 255.255.255.255 On-link 192.168.99.100 261 192.168.99.57 255.255.255.255 On-link 192.168.99.100 261 192.168.99.58 255.255.255.255 On-link 192.168.99.100 261 192.168.99.59 255.255.255.255 On-link 192.168.99.100 261 192.168.99.60 255.255.255.255 On-link 192.168.99.100 261 192.168.99.61 255.255.255.255 On-link 192.168.99.100 261 192.168.99.62 255.255.255.255 On-link 192.168.99.100 261 192.168.99.64 255.255.255.255 On-link 192.168.99.100 261 192.168.99.65 255.255.255.255 On-link 192.168.99.100 261 192.168.99.66 255.255.255.255 On-link 192.168.99.100 261 192.168.99.67 255.255.255.255 On-link 192.168.99.100 261 192.168.99.68 255.255.255.255 On-link 192.168.99.100 261 192.168.99.70 255.255.255.255 On-link 192.168.99.100 261 192.168.99.71 255.255.255.255 On-link 192.168.99.100 261 192.168.99.100 255.255.255.255 On-link 192.168.99.100 261 192.168.99.108 255.255.255.255 On-link 192.168.99.100 261 192.168.99.109 255.255.255.255 On-link 192.168.99.100 261 192.168.99.112 255.255.255.255 On-link 192.168.99.100 261 192.168.99.255 255.255.255.255 On-link 192.168.99.100 261 224.0.0.0 240.0.0.0 On-link 192.168.99.100 261 224.0.0.0 240.0.0.0 On-link 10.10.10.10 261 255.255.255.255 255.255.255.255 On-link 192.168.99.100 261 255.255.255.255 255.255.255.255 On-link 10.10.10.10 261
How can I be sure the IP address used in the image (supposed to be the default IP address) will be use by my server as the default address?
-
Cédric Boivin over 14 yearsHow i can change my routing table, actually is the 99.49 i need the default route be 99.100
-
aschufo over 14 yearsThis is really weird as our infrastructure here uses this a lot for webserver filters and stuff. Have you tried removing all the IPs from the card properties except the one you want to be default, apply, and put them back afterwards?
-
Cédric Boivin over 14 yearsYes i try it, and the same problem occur when i enter 99.49
-
Cédric Boivin over 14 yearsDon't work, see my modification on my post.
-
Cédric Boivin over 14 yearsit's there a way to change the interface address ?
-
Alexey Shatygin over 14 yearstry without "if": route -p add 192.168.99.1 mask 255.255.255.255 192.168.99.100 but it should work, could you quote the erroe please?
-
fxmtor over 14 yearsDefault gateway is default route and vice versa. It's just a matter of terminology.
-
aschufo over 14 yearsis 99.49 the lowest of your IPs?
-
Cédric Boivin over 14 yearsI know that, but cannot change the default route. How i can change it ? What is the correct command formulas
-
Cédric Boivin over 14 yearsYes it is you can look my ipconfig on the top
-
Cédric Boivin over 14 yearsThis time, no error message, but that don't change nothing
-
Jeff Miles over 14 yearsYou could try this: "route add 0.0.0.0 mask 0.0.0.0 192.168.99.100 metric 2"
-
Alexey Shatygin over 14 yearsIt should change your routing table. Can you do "route print", this command, and "route print" again and put the output here?
-
Alexey Shatygin over 14 yearsAnd, before doing the command I've posted, make "route delete 0.0.0.0"
-
Cédric Boivin over 14 yearsIt's not work, the interface adresse of my 0.0.0.0 entry don't change and if i make a pathping on external site, the first up still the same before the change
-
Cédric Boivin over 14 yearsThis command is not good , route -p add 0.0.0.0 mask 0.0.0.0 192.168.99.1 192.168.99.100 if 192.168.99.100 (Why specify 192.168.99.1 and 192.168.99.100) ?
-
Mircea Vutcovici over 14 yearsIt is not called "Default IP" it is called "primary IP address" and it is the IP address that all new TCP/UDP connections generated from the server will have. All other addresses are called secondary. See: cisco.com/en/US/docs/ios/12_3t/ip_addr/command/reference/…
-
Cédric Boivin over 14 yearsI read somewear that could be a binary comparaison with the ip address ?
-
Massimo over 14 yearsYes, binary comparison is very likely the way "the lowest one" is selected; I haven't tried with IPs belonging to different subnets, though.
-
Cédric Boivin over 14 yearsMy biggest problem at this time, is i got over 300 web sites on multiple ip addresse, and when my server go on internet to call another server (web service), i can't be certain wich public ip my server will have.
-
Cédric Boivin over 14 yearsThanks for this answer but in my scenario it's impossible to applicate this solutions. The solutions need to come from the OS, or maybe the firewall. It's a good way to solve the problem by application, but we go to many application, to solve the trouble on each web site.
-
Massimo over 14 yearsBut even if you were able to do as you wish, you couldn't make different web sites use different IPs; this way, you could :-)
-
Massimo over 14 yearsAnyway, I really don't think there's anything you can do at the O.S. level here...
-
Cédric Boivin over 14 yearsI really dont know why this answer get 4 point. This answer solve nothing !
-
Cédric Boivin over 14 yearsThanks, actually i got lot of web site are binding with different local ip Nat to different public IP for SSL web site and is working very fine. The only problem is when a web site, try to communicate a external web service, i can't be certain of the public ip of my call
-
Massimo over 14 yearsI was exactly talking about outgoing connections; luckily, there has never been any problem for incoming ones :-)