Watch your bindings order

Just got back from installing an additional NIC in an ISA2004 firewall. The ole network bindings order gotcha hit me yet again so I thought it was time to write this down to remind me – and hopefully save you from this grief.


When adding a new network interface (phyiscal, wireless, 1394 etc) to a Windows machine (and I’m considering XP & Windows Server 2003 here but the same may well apply to other versions) you need to make sure you set the bindings order for all the network cards correctly in order to maintain proper operation.


For example, in your typical SBS2003 server there are 2 netowrk interface cards (NICs) and the server, when performing operations such as DNS lookups etc, needs to check with the internal NIC first because that’s where things like DNS and WINS are bound first. Get the network card binding order wrong and you’ll find DNS lookups will fail (this is why you ALWAYS USE THE WIZARDS!!! (excuse the shouting)).


Anyway, back to the story at hand. I installed an additional NIC into this firewall, giving it 3 interfaces in total. All appeared to be OK so I left the site. Got a call about 10 minutes later to be told “I can’t browse the Internet from my computer”. After spending some time RDP’d into the server (using my new Telstra Next-G card which totally rocks!!) I thought I’d disable the new NIC for now. Also noticed an error in the event logs about the proxy service not being able to bind to the internal NIC.


It was about this time that I thought of those darn network binding order settings. I checked them and sure enough the new NIC (for the DMZ) was at the top of the list. Moved it down to the bottom, restarted the ISA services but that didn’t fix it.


We restarted the server and this proved the winner as everything was then able to start up & bind appropriately.


So, the lesson here is when installing an additional NIC into anything, in particular a server, check the bindings order. “Where is that?” I hear you ask?


Open your network connections folder and select the “Advanced” menu item. Click on “Advanced Settings…”.


Check the list of connections for the order of the network cards – make sure the internal NIC (the one things are bound to) is the top one. {and one of these days I’ll work out how to attach images to this thing so I can show you what to look for}.


Remembering this would have saved me from sitting on the side of the road for 25 minutes and let my client get out of the office a bit ealier.


 

2 thoughts on “Watch your bindings order”

  1. YES YES YES!!!! Of course…

    Thank you, I had a WINS server binding the the 2nd network card in my AD server and for the life of me I couldn’t work out why.

    Reading you blog sorted this out for me in no time flat. Now i can go and uninstall WINS knowing I will not loose sleep over a silly problem that i couldn’t sort out.

    Great work!! Thanks again!!!

    Ian

Leave a Reply

Your email address will not be published. Required fields are marked *


*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>