FIX: IIS 6.0 incorrectly binds to ports when IP addresses are added to the IP inclusion list

Article translations Article translations
Article ID: 892847 - View products that this article applies to.
Expand all | Collapse all

On This Page

SYMPTOMS

You may notice that Microsoft Internet Information Services (IIS) 6.0 incorrectly binds to ports when IP addresses are added to the IP inclusion list. Consider the following scenario:
  • The Web server has two IP addresses. These IP addresses are bound to an installed network card in Internet Information Services Manager (IISM) in IIS 6.0. In this example, the two IP addresses are 10.10.10.2 and 10.10.10.3.
  • There are two Web sites in IIS 6.0. Web site 1 is bound to 10.10.10.2:80 for HTTP traffic. Web site 1 is also bound to 10.10.10.2:443 for SSL traffic. Web site 2 is bound to 10.10.10.3:80 for HTTP traffic only.
In this scenario, when you use the netstat command to view the ports on which the computer is listening, you may notice that IIS 6.0 is bound to port 80 and to port 443 on both IP addresses.

This issue occurs when either of the following conditions is true:
  • Both IP addresses have been added to the IP inclusion list.
  • Both port 80 and port 443 are bound on 0.0.0.0.
You cannot resolve this problem by setting the IIS 6.0 DisableSocketPooling property to True.

CAUSE

This problem occurs because the Http.sys file binds to any ports on the Web sites for the IP addresses that are configured in IISM.

RESOLUTION

Service pack information

To resolve this problem, obtain the latest service pack for Windows Server 2003. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
889100 How to obtain the latest service pack for Windows Server 2003

Hotfix information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:
http://support.microsoft.com/contactus/?ws=support
Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.

Prerequisites

You must have Microsoft Windows Server 2003 Service Pack 1 (SP1) installed to apply this hotfix.

Restart requirement

You must restart the computer after you apply this hotfix.

Hotfix replacement information

This hotfix does not replace any other hotfixes.

Registry information

You must create a registry key to enable this hotfix. To do this, follow these steps:
  1. Apply this hotfix.
  2. Click Start, click Run, type regedit, and then click OK.
  3. Locate and then click the following registry key:
    HKLM\SYSTEM\CurrentControlSet\Services\HTTP\Parameters
  4. Right-click Parameters, point to New, and then click DWORD Value.
  5. Type DisableEndpointSharing, and then press ENTER.
  6. Right-click DisableEndpointSharing, click Modify, type 1 in the Value data box, and then click OK.
  7. Delete any entries in the IP Listen list.

    Note To complete this action, you must have the Microsoft Windows Support Tools installed.

    To determine whether any IP addresses are listed, open a command prompt, and then run the following command:
    httpcfg query iplisten
    If the IP Listen list is empty, the command returns the following string:
    HttpQueryServiceConfiguration completed with 1168.
    If the command returns a list of IP addresses, remove each IP address in the list by using the following command:
    httpcfg delete iplisten -i x.x.x.x
    Note In this command, the placeholder x.x.x.x represents the IP address that is listed in the IP Listen list.

    If the deletion command succeeds, it returns the following string:
    HttpQueryServiceConfiguration completed with 0.
  8. Click Start, click Run, type cmd, and then click OK.
  9. At the command prompt, type NET STOP HTTP /y, and then press ENTER.
  10. At the command prompt, type iisreset /restart, and then press ENTER.
Note This change will have no effect if the HTTP.SYS IP Listen list contains any entries.

File information

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
Windows Server 2003 SP1, Itanium Architecture
Collapse this tableExpand this table
File nameFile versionFile sizeDateTime
Http.sys5.2.3790.2419794,62411-Apr-200521:40
Windows Server 2003 SP1, x64
Collapse this tableExpand this table
File nameFile versionFile sizeDateTime
Http.sys5.2.3790.2419535,04011-Apr-200521:40
Windows Server 2003 SP1, x86
Collapse this tableExpand this table
File nameFile versionFile sizeDateTime
Http.sys5.2.3790.2419289,28009-Apr-200503:48

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. This problem was first corrected in Windows Server 2003 Service Pack 2.

MORE INFORMATION

In Microsoft Internet Information Services 5.0, you can resolve this issue by setting the DisableSocketPooling property to True in the IIS 5.0 metabase. Although the DisableSocketPooling property is a valid property in the IIS 6.0 metabase, setting this property to True in the IIS 6.0 metabase does not resolve the problem.

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

REFERENCES

For more information about how to add an IP address to the IP inclusion list, click the following article number to view the article in the Microsoft Knowledge Base:
813368 Setting metabase property DisableSocketPooling has no effect

Properties

Article ID: 892847 - Last Review: September 22, 2011 - Revision: 4.0
APPLIES TO
  • Microsoft Internet Information Services 6.0
Keywords: 
kbautohotfix kbwinserv2003sp2fix kbfix kbbug kbqfe kbhotfixserver KB892847

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com