Solved

Cannot bind another service to port 80 when IIS 7.0 is on

Posted on 2008-10-31
43
3,558 Views
Last Modified: 2013-11-19
Hi,

I have all the sites in IIS 7.0 bound to specific IP addresses. I'm trying to bind another service on the machine to port 80 on a different IP address that's not used in IIS. I get a binding failed message saying that port 80 is already open on that IP. When I stop the IIS service the other service can bind fine.

Is there a reason IIS is listening on all IPs when I have all existing sites bound to only one IP?

Any ideas on how to get this working?

Thanks!
0
Comment
Question by:Pugglewuggle
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 23
  • 7
  • 4
  • +3
43 Comments
 
LVL 1

Expert Comment

by:frandshansen
ID: 22853851
How do you get the IP address to the machine? Configured on its own network adapter ?
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 22853930
The machine has 2 static IP addresses assigned to one NIC. One is used for management and the other is used to serve content to the web.
Does IIS bind to the MAC address/NIC or to the IP addresses individually?
0
 
LVL 1

Expert Comment

by:frandshansen
ID: 22861884
Did you set up an IP address for each website in IIS to bind to?
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 12

Author Comment

by:Pugglewuggle
ID: 22862375
Yes, I went through the trouble of adding IPs to the bindings of all 40 sites instead of *.
:-) Since they are all assigned that particular IP and THEN I added another IP address to the NIC, the other software should be able to bind since IIS isn't touching that IP at all.
Any ideas?
0
 
LVL 1

Expert Comment

by:frandshansen
ID: 22871616
If you enter the secondary IP address in your browser, what do you get in touch with?
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 22871684
I get a 404 message, which is odd because that means IIS is responding with a 404... that shouldn't be happening - I just confirmed again that IIS has NO bindings whatsoever to that IP address on any site.
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23026591
Is anyone here?
0
 
LVL 20

Expert Comment

by:thehagman
ID: 23104184
Use netstat -an (or a GUI tool like tcpview.exe) to find out if the server is listening to
0.0.0.0:80 (i.e. all network interfaces) or more specifially to
(your ip address):80
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23104353
Interesting... System:4 is listening at 0.0.0.0:80 for TCP... I assume that's the worker process for IIS? Also, why's it listening on all IPs when I have it bound to a certain IP?!
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23104364
When I say "it" I mean all IIS sites are bound to the same IP.
0
 
LVL 11

Expert Comment

by:pcfreaker
ID: 23105009
Hi,

Have you set the default website to another port in order to keep IIS running? Another thing you can change is on the local computer  the services file located on c:\windows\system32\drivers\etc\services
There is a line refering to port 80, change it to a free one....

Rgds.
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23106744
The default site bound to the correct IP but still on port 80. Either way, that site is disabled and has been.
0
 
LVL 51

Expert Comment

by:Steve Bink
ID: 23109851
Do you have any sites listening on all/unassigned?
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23109870
No - all are assigned a specific IP.
0
 
LVL 11

Expert Comment

by:pcfreaker
ID: 23123000
Humph, but the website in which you have the port 80 selected, can you temporarily change it to 81 perhaps?
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23123606
Well, this is our production web server... I can't exactly do that if you know what I mean...
0
 
LVL 11

Expert Comment

by:pcfreaker
ID: 23124071
Humph, sorry I thought this would be a development server. My guess will not go on blind, since your server will not bind or publish any other service throught port 80, it needs to be listening and not established in order to comply with TCP RFC793.
www.faqs.org/rfcs/rfc793.html

Rgds.
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23142014
Yes - it is listening... no connection is established... I can't quite figure it out. I rebooted it the other night just to see if that fixed it and it didn't.
0
 
LVL 11

Expert Comment

by:pcfreaker
ID: 23149498
Well it might be listening, but IIS reserves the Port number to the website as long it is started even though is says listening. If you by any means change the website's port number to 81, there you would be able to use port 80.

If I find anything else I will let you know.

Rgds.

0
 
LVL 57

Expert Comment

by:giltjr
ID: 23158214
you can issue the command:

     netstat -ano | findstr /c:"0.0.0.0:80"

this will give you the PID that is listening on port 80.  Now you can chase down the owner of that pid to verify that it is IIS.  You can either bring up task manager or issue the command:

     tasklist | findstr /c:"###"

where ### is the pid from the first command.
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23200061
Here is the output of those commands...

Ability Mail Server 2.exe is the executable that runs the mail server... which is strange because it's configured NOT to be listening right now...
 
C:\Users\Administrator>netstat -ano | findstr /c:"0.0.0.0:80"
  TCP    0.0.0.0:80             0.0.0.0:0              LISTENING       4
  TCP    0.0.0.0:8000           0.0.0.0:0              LISTENING       1824

C:\Users\Administrator>tasklist | findstr /c:"1824"
Ability Mail Server 2.exe     1824 Services                   0     63,900 K

C:\Users\Administrator>tasklist | findstr /c:"4"
System Idle Process              0 Services                   0         24 K
System                           4 Services                   0      4,748 K
smss.exe                       428 Services                   0        732 K
csrss.exe                      496 Services                   0      4,548 K
csrss.exe                      564 Console                    1      7,712 K
wininit.exe                    572 Services                   0      3,948 K
services.exe                   608 Services                   0      6,452 K
lsass.exe                      664 Services                   0     10,844 K
svchost.exe                    816 Services                   0      6,420 K
LogonUI.exe                    964 Console                    1     12,688 K
svchost.exe                   1000 Services                   0      8,224 K
svchost.exe                   1048 Services                   0     58,260 K
svchost.exe                   1136 Services                   0     10,504 K
svchost.exe                   1216 Services                   0     14,316 K
svchost.exe                   1384 Services                   0      9,156 K
taskeng.exe                   1612 Services                   0      4,204 K
spoolsv.exe                   1748 Services                   0     11,280 K
svchost.exe                   1776 Services                   0      9,348 K
Wrapper.exe                   1804 Services                   0      3,380 K
Ability Mail Server 2.exe     1824 Services                   0     63,900 K
java.exe                      1896 Services                   0     57,432 K
ekrn.exe                      1260 Services                   0     40,392 K
svchost.exe                   1724 Services                   0      4,864 K
svchost.exe                    756 Services                   0      2,844 K
svchost.exe                   2144 Services                   0      2,280 K
phw_repeater.exe              1728 Services                   0      3,304 K
winlogon.exe                  2644 RDP-Tcp#0                  2      4,620 K
dwm.exe                        604 RDP-Tcp#0                  2      3,532 K
explorer.exe                  1120 RDP-Tcp#0                  2     27,124 K
egui.exe                      4012 RDP-Tcp#0                  2      6,772 K
TrustedInstaller.exe          2372 Services                   0     29,412 K
cmd.exe                       2792 RDP-Tcp#0                  2      2,248 K
WmiPrvSE.exe                  1484 Services                   0      6,796 K
tasklist.exe                  2000 RDP-Tcp#0                  2      4,912 K
findstr.exe                   1332 RDP-Tcp#0                  2      2,004 K
C:\Users\Administrator>
0
 
LVL 57

Expert Comment

by:giltjr
ID: 23200349
If you just do a tasklist do you have the task inetinfo running?  Typically inetinfo is what owns/opens the ports IIS uses.  I'm not sure why System shows as the owner of this port.
0
 
LVL 51

Expert Comment

by:Steve Bink
ID: 23231077
Try these links:

http://msdn.microsoft.com/en-us/library/ms733768.aspx
http://technet.microsoft.com/en-us/library/cc781601.aspx

It sounds like socket pooling is enabled.  I know this used to be a big problem on IIS5, but I figured they fixed it by now.  Guess not..  :/
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23283908
Judging from MS's description (in this page: http://support.microsoft.com/default.aspx/kb/238131) of issues encountered with socket pooling enabled, I'm going to point the finger to that as the culprit.
However, the only example offered is:
netsh http add iplisten ipaddress=0.0.0.0:8000
and the executables help doesn't explain much either... from what I gather above, it's configuring the HTTP listener to listen to port 8000 on all IPs.
I just want to turn it off if I can, or at least get the mail server to listen to port 80 on that IP.
I have a funny idea I'd want to use this command to disable listening on the appropriate IP:
 
netsh http delete iplisten ipaddress=10.10.12.86

Does this look right or am I wrong?
I don't know whose crappy idea this was to leave this enabled (or at least not ask when setting up IIS), but they suck. Badly. MS - if you see this, please fix it. You probably won't though. :-/
Any clue?
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23283910
Okay, I ran the following and got those errors... any idea?

C:\Users\Administrator>netsh http delete iplisten ipaddress=10.10.12.86
IP address delete failed, Error: 2
The system cannot find the file specified.
 
0
 
LVL 51

Expert Comment

by:Steve Bink
ID: 23284498
Unfortunately, I do not have a 2008 server here to play with.  What do you when you run this:

netsh http show iplisten
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23285602
I did that and it shows no listeners.
0
 
LVL 51

Expert Comment

by:Steve Bink
ID: 23286045
That explains why the delete command failed.  Can't delete an IP that isn't there.  :)

On the other hand, if there are no listeners, it shouldn't be tying up the port, either.  What happens if you try to add an IP, then delete it?
0
 
LVL 57

Expert Comment

by:giltjr
ID: 23286273
What do you get if you enter http://localhost as the URL?
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23288315
Nothing happens if I add an IP. I still can't bind the mail server to that IP on port 80.
When I enter http://localhost I get a 404.
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23288320
One thing to note - this is because I have host headers running to have multiple sites on the same IP.
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23288326
I added localhost as a host header on port 80 and this made no difference - I still get a 404. I tried this individually with all IPs assigned to the server to see what would happen. Nothing.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 23290860
Does anything show in any of the IIS log files when you use the URL http://localhost?
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23482794
No, nothing shows.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 23485913
Do you happen to have the  Windows Remote Management service running?  If so stop it and see if port 80 goes away.
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23489533
What do you mean Windows RM service? You mean the IIS RM service?
0
 
LVL 57

Expert Comment

by:giltjr
ID: 23491463
I ran across this:

http://dotbas.net/blogs/operating-systems/windows-7-kernel-listening-port-80-default?

It talks about the Windows Remote Management service and it listens on port 80 and is shown as being owned by system.  It says in Window 7 it is enabled by default, but the services has been there for awhile.

0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23493217
Interesting. I'll check that out and let you know.
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23494316
Okay, so I disabled the service and turned off IIS services. This allows me to bind the service to port 80.

Here's an interesting tidbit though. When I completely stop IIS services (even if WRM is running!!!) I can bind. If IIS is on I cannot.

Any ideas?
0
 
LVL 57

Expert Comment

by:giltjr
ID: 23497712
I need to look into this Windows remote management stuff some more too.  Based on the link I provide it seems that when he shutdown IIS his port 80 disappeared also.

The only thing I can think of off hand is that the WRM installs as a small service/website under IIS and all IIS does is act as a pass through between WRM and the remote computer.  So as long as both are up, port 80 is in use, if one is down, port 80 is open.
0
 
LVL 12

Accepted Solution

by:
Pugglewuggle earned 0 total points
ID: 23499080
Okay! I was on the phone with MS for like 6 hours last night and got it fixed!

We added a registry key called ListenOnlyList. How weird. Apparently IIS was binding to all IPs for some reason. Here is how to set it to only listen specified ones:

Run the "net stop http" command to stop W3SVC.

Open regedit and add a subkey called ListenOnlyList as a REG_MULTI_SZ here:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\

Then, in the multi-line string list (value) add which IPs you want to listen with on a separate line.

Close regedit and then run "net start http" to restart W3SVC.

Try it and it should work! Here's a screen of the keys.

Thanks for all the help! I really appreciate it!
re.jpg
reg.jpg
0
 
LVL 12

Author Comment

by:Pugglewuggle
ID: 23499235
Also, sometimes it might not work if you just start and stop the service - you may need to restart the whole server. Just letting you know!
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When the s#!t hits the fan, you don’t have time to look up who’s on call, draft emails, call collaborators, or send text messages. An instant chat window is definitely the way to go, especially one like HipChat. HipChat is a true business app. An…
Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
Any person in technology especially those working for big companies should at least know about the basics of web accessibility. Believe it or not there are even laws in place that require businesses to provide such means for the disabled and aging p…
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question