Solved

Cannot bind another service to port 80 when IIS 7.0 is on

Posted on 2008-10-31
43
3,454 Views
Last Modified: 2013-11-19
Hi,

I have all the sites in IIS 7.0 bound to specific IP addresses. I'm trying to bind another service on the machine to port 80 on a different IP address that's not used in IIS. I get a binding failed message saying that port 80 is already open on that IP. When I stop the IIS service the other service can bind fine.

Is there a reason IIS is listening on all IPs when I have all existing sites bound to only one IP?

Any ideas on how to get this working?

Thanks!
0
Comment
Question by:Pugglewuggle
  • 23
  • 7
  • 4
  • +3
43 Comments
 
LVL 1

Expert Comment

by:frandshansen
Comment Utility
How do you get the IP address to the machine? Configured on its own network adapter ?
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
The machine has 2 static IP addresses assigned to one NIC. One is used for management and the other is used to serve content to the web.
Does IIS bind to the MAC address/NIC or to the IP addresses individually?
0
 
LVL 1

Expert Comment

by:frandshansen
Comment Utility
Did you set up an IP address for each website in IIS to bind to?
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
Yes, I went through the trouble of adding IPs to the bindings of all 40 sites instead of *.
:-) Since they are all assigned that particular IP and THEN I added another IP address to the NIC, the other software should be able to bind since IIS isn't touching that IP at all.
Any ideas?
0
 
LVL 1

Expert Comment

by:frandshansen
Comment Utility
If you enter the secondary IP address in your browser, what do you get in touch with?
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
I get a 404 message, which is odd because that means IIS is responding with a 404... that shouldn't be happening - I just confirmed again that IIS has NO bindings whatsoever to that IP address on any site.
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
Is anyone here?
0
 
LVL 20

Expert Comment

by:thehagman
Comment Utility
Use netstat -an (or a GUI tool like tcpview.exe) to find out if the server is listening to
0.0.0.0:80 (i.e. all network interfaces) or more specifially to
(your ip address):80
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
Interesting... System:4 is listening at 0.0.0.0:80 for TCP... I assume that's the worker process for IIS? Also, why's it listening on all IPs when I have it bound to a certain IP?!
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
When I say "it" I mean all IIS sites are bound to the same IP.
0
 
LVL 11

Expert Comment

by:pcfreaker
Comment Utility
Hi,

Have you set the default website to another port in order to keep IIS running? Another thing you can change is on the local computer  the services file located on c:\windows\system32\drivers\etc\services
There is a line refering to port 80, change it to a free one....

Rgds.
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
The default site bound to the correct IP but still on port 80. Either way, that site is disabled and has been.
0
 
LVL 50

Expert Comment

by:Steve Bink
Comment Utility
Do you have any sites listening on all/unassigned?
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
No - all are assigned a specific IP.
0
 
LVL 11

Expert Comment

by:pcfreaker
Comment Utility
Humph, but the website in which you have the port 80 selected, can you temporarily change it to 81 perhaps?
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
Well, this is our production web server... I can't exactly do that if you know what I mean...
0
 
LVL 11

Expert Comment

by:pcfreaker
Comment Utility
Humph, sorry I thought this would be a development server. My guess will not go on blind, since your server will not bind or publish any other service throught port 80, it needs to be listening and not established in order to comply with TCP RFC793.
www.faqs.org/rfcs/rfc793.html

Rgds.
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
Yes - it is listening... no connection is established... I can't quite figure it out. I rebooted it the other night just to see if that fixed it and it didn't.
0
 
LVL 11

Expert Comment

by:pcfreaker
Comment Utility
Well it might be listening, but IIS reserves the Port number to the website as long it is started even though is says listening. If you by any means change the website's port number to 81, there you would be able to use port 80.

If I find anything else I will let you know.

Rgds.

0
 
LVL 57

Expert Comment

by:giltjr
Comment Utility
you can issue the command:

     netstat -ano | findstr /c:"0.0.0.0:80"

this will give you the PID that is listening on port 80.  Now you can chase down the owner of that pid to verify that it is IIS.  You can either bring up task manager or issue the command:

     tasklist | findstr /c:"###"

where ### is the pid from the first command.
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
Here is the output of those commands...

Ability Mail Server 2.exe is the executable that runs the mail server... which is strange because it's configured NOT to be listening right now...
 
C:\Users\Administrator>netstat -ano | findstr /c:"0.0.0.0:80"
  TCP    0.0.0.0:80             0.0.0.0:0              LISTENING       4
  TCP    0.0.0.0:8000           0.0.0.0:0              LISTENING       1824

C:\Users\Administrator>tasklist | findstr /c:"1824"
Ability Mail Server 2.exe     1824 Services                   0     63,900 K

C:\Users\Administrator>tasklist | findstr /c:"4"
System Idle Process              0 Services                   0         24 K
System                           4 Services                   0      4,748 K
smss.exe                       428 Services                   0        732 K
csrss.exe                      496 Services                   0      4,548 K
csrss.exe                      564 Console                    1      7,712 K
wininit.exe                    572 Services                   0      3,948 K
services.exe                   608 Services                   0      6,452 K
lsass.exe                      664 Services                   0     10,844 K
svchost.exe                    816 Services                   0      6,420 K
LogonUI.exe                    964 Console                    1     12,688 K
svchost.exe                   1000 Services                   0      8,224 K
svchost.exe                   1048 Services                   0     58,260 K
svchost.exe                   1136 Services                   0     10,504 K
svchost.exe                   1216 Services                   0     14,316 K
svchost.exe                   1384 Services                   0      9,156 K
taskeng.exe                   1612 Services                   0      4,204 K
spoolsv.exe                   1748 Services                   0     11,280 K
svchost.exe                   1776 Services                   0      9,348 K
Wrapper.exe                   1804 Services                   0      3,380 K
Ability Mail Server 2.exe     1824 Services                   0     63,900 K
java.exe                      1896 Services                   0     57,432 K
ekrn.exe                      1260 Services                   0     40,392 K
svchost.exe                   1724 Services                   0      4,864 K
svchost.exe                    756 Services                   0      2,844 K
svchost.exe                   2144 Services                   0      2,280 K
phw_repeater.exe              1728 Services                   0      3,304 K
winlogon.exe                  2644 RDP-Tcp#0                  2      4,620 K
dwm.exe                        604 RDP-Tcp#0                  2      3,532 K
explorer.exe                  1120 RDP-Tcp#0                  2     27,124 K
egui.exe                      4012 RDP-Tcp#0                  2      6,772 K
TrustedInstaller.exe          2372 Services                   0     29,412 K
cmd.exe                       2792 RDP-Tcp#0                  2      2,248 K
WmiPrvSE.exe                  1484 Services                   0      6,796 K
tasklist.exe                  2000 RDP-Tcp#0                  2      4,912 K
findstr.exe                   1332 RDP-Tcp#0                  2      2,004 K
C:\Users\Administrator>
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 57

Expert Comment

by:giltjr
Comment Utility
If you just do a tasklist do you have the task inetinfo running?  Typically inetinfo is what owns/opens the ports IIS uses.  I'm not sure why System shows as the owner of this port.
0
 
LVL 50

Expert Comment

by:Steve Bink
Comment Utility
Try these links:

http://msdn.microsoft.com/en-us/library/ms733768.aspx
http://technet.microsoft.com/en-us/library/cc781601.aspx

It sounds like socket pooling is enabled.  I know this used to be a big problem on IIS5, but I figured they fixed it by now.  Guess not..  :/
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
Judging from MS's description (in this page: http://support.microsoft.com/default.aspx/kb/238131) of issues encountered with socket pooling enabled, I'm going to point the finger to that as the culprit.
However, the only example offered is:
netsh http add iplisten ipaddress=0.0.0.0:8000
and the executables help doesn't explain much either... from what I gather above, it's configuring the HTTP listener to listen to port 8000 on all IPs.
I just want to turn it off if I can, or at least get the mail server to listen to port 80 on that IP.
I have a funny idea I'd want to use this command to disable listening on the appropriate IP:
 
netsh http delete iplisten ipaddress=10.10.12.86

Does this look right or am I wrong?
I don't know whose crappy idea this was to leave this enabled (or at least not ask when setting up IIS), but they suck. Badly. MS - if you see this, please fix it. You probably won't though. :-/
Any clue?
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
Okay, I ran the following and got those errors... any idea?

C:\Users\Administrator>netsh http delete iplisten ipaddress=10.10.12.86
IP address delete failed, Error: 2
The system cannot find the file specified.
 
0
 
LVL 50

Expert Comment

by:Steve Bink
Comment Utility
Unfortunately, I do not have a 2008 server here to play with.  What do you when you run this:

netsh http show iplisten
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
I did that and it shows no listeners.
0
 
LVL 50

Expert Comment

by:Steve Bink
Comment Utility
That explains why the delete command failed.  Can't delete an IP that isn't there.  :)

On the other hand, if there are no listeners, it shouldn't be tying up the port, either.  What happens if you try to add an IP, then delete it?
0
 
LVL 57

Expert Comment

by:giltjr
Comment Utility
What do you get if you enter http://localhost as the URL?
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
Nothing happens if I add an IP. I still can't bind the mail server to that IP on port 80.
When I enter http://localhost I get a 404.
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
One thing to note - this is because I have host headers running to have multiple sites on the same IP.
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
I added localhost as a host header on port 80 and this made no difference - I still get a 404. I tried this individually with all IPs assigned to the server to see what would happen. Nothing.
0
 
LVL 57

Expert Comment

by:giltjr
Comment Utility
Does anything show in any of the IIS log files when you use the URL http://localhost?
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
No, nothing shows.
0
 
LVL 57

Expert Comment

by:giltjr
Comment Utility
Do you happen to have the  Windows Remote Management service running?  If so stop it and see if port 80 goes away.
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
What do you mean Windows RM service? You mean the IIS RM service?
0
 
LVL 57

Expert Comment

by:giltjr
Comment Utility
I ran across this:

http://dotbas.net/blogs/operating-systems/windows-7-kernel-listening-port-80-default?

It talks about the Windows Remote Management service and it listens on port 80 and is shown as being owned by system.  It says in Window 7 it is enabled by default, but the services has been there for awhile.

0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
Interesting. I'll check that out and let you know.
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
Okay, so I disabled the service and turned off IIS services. This allows me to bind the service to port 80.

Here's an interesting tidbit though. When I completely stop IIS services (even if WRM is running!!!) I can bind. If IIS is on I cannot.

Any ideas?
0
 
LVL 57

Expert Comment

by:giltjr
Comment Utility
I need to look into this Windows remote management stuff some more too.  Based on the link I provide it seems that when he shutdown IIS his port 80 disappeared also.

The only thing I can think of off hand is that the WRM installs as a small service/website under IIS and all IIS does is act as a pass through between WRM and the remote computer.  So as long as both are up, port 80 is in use, if one is down, port 80 is open.
0
 
LVL 12

Accepted Solution

by:
Pugglewuggle earned 0 total points
Comment Utility
Okay! I was on the phone with MS for like 6 hours last night and got it fixed!

We added a registry key called ListenOnlyList. How weird. Apparently IIS was binding to all IPs for some reason. Here is how to set it to only listen specified ones:

Run the "net stop http" command to stop W3SVC.

Open regedit and add a subkey called ListenOnlyList as a REG_MULTI_SZ here:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\

Then, in the multi-line string list (value) add which IPs you want to listen with on a separate line.

Close regedit and then run "net start http" to restart W3SVC.

Try it and it should work! Here's a screen of the keys.

Thanks for all the help! I really appreciate it!
re.jpg
reg.jpg
0
 
LVL 12

Author Comment

by:Pugglewuggle
Comment Utility
Also, sometimes it might not work if you just start and stop the service - you may need to restart the whole server. Just letting you know!
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

I've been asked to discuss some of the UX activities that I'm using with my team. Here I will share some details about how we approach UX projects.
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Any person in technology especially those working for big companies should at least know about the basics of web accessibility. Believe it or not there are even laws in place that require businesses to provide such means for the disabled and aging p…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now