tags:

views:

206

answers:

1
+1  Q: 

Why are Route.EXE and WMI / IpHelper reporting different metrics?

When I call "route PRINT" from the command line in Windows XP I get (? characters are IP addresses I obfuscated intentionally for posting):

Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     192.168.50.1  192.168.50.106       25
          0.0.0.0          0.0.0.0  192.168.254.254  192.168.254.64       9999
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
     192.168.50.0    255.255.255.0   192.168.50.106  192.168.50.106       25
   192.168.50.106  255.255.255.255        127.0.0.1       127.0.0.1       25
   192.168.50.255  255.255.255.255   192.168.50.106  192.168.50.106       25
    192.168.254.0    255.255.255.0   192.168.254.64  192.168.254.64       9999
   192.168.254.64  255.255.255.255        127.0.0.1       127.0.0.1       9999
  192.168.254.255  255.255.255.255   192.168.254.64  192.168.254.64       9999
  207.???.???.???  255.255.255.255     192.168.50.1  192.168.50.106       1
  207.???.???.???  255.255.255.255     192.168.50.1  192.168.50.106       1
        224.0.0.0        240.0.0.0   192.168.50.106  192.168.50.106       25
        224.0.0.0        240.0.0.0   192.168.254.64  192.168.254.64       9999
  255.255.255.255  255.255.255.255   192.168.50.106  192.168.50.106       1
  255.255.255.255  255.255.255.255   192.168.50.106           10006       1
  255.255.255.255  255.255.255.255   192.168.50.106           60003       1
  255.255.255.255  255.255.255.255   192.168.254.64  192.168.254.64       1
Default Gateway:      192.168.50.1

When I call "Get-WmiObject Win32_IP4RouteTable | ft Destination, Mask, NextHop, InterfaceIndex, Metric1, Metric2, Metric3" from Powershell on the same XP machine I get the following:

Destination       Mask             NextHop            InterfaceIndex          Metric1          Metric2          Metric3
-----------       ----             -------            --------------          -------          -------          -------
0.0.0.0           0.0.0.0          192.168.50.1               262146               26               -1               -1
0.0.0.0           0.0.0.0          192.168.254.254             65541                1               -1               -1
127.0.0.0         255.0.0.0        127.0.0.1                       1                2               -1               -1
192.168.50.0      255.255.255.0    192.168.50.106             262146               26               -1               -1
192.168.50.106    255.255.255.255  127.0.0.1                       1               26               -1               -1
192.168.50.255    255.255.255.255  192.168.50.106             262146               26               -1               -1
192.168.254.0     255.255.255.0    192.168.254.64              65541                1               -1               -1
192.168.254.64    255.255.255.255  127.0.0.1                       1            10000               -1               -1
192.168.254.255   255.255.255.255  192.168.254.64              65541                1               -1               -1
224.0.0.0         240.0.0.0        192.168.50.106             262146               26               -1               -1
224.0.0.0         240.0.0.0        192.168.254.64              65541                1               -1               -1
255.255.255.255   255.255.255.255  192.168.254.64              65541                1               -1               -1
255.255.255.255   255.255.255.255  192.168.50.106             262146                2               -1               -1
255.255.255.255   255.255.255.255  192.168.50.106              65542                2               -1               -1
255.255.255.255   255.255.255.255  192.168.50.106             393219                2               -1               -1

192.168.254.64 is the IP address on the virtual adapter for my VPN. The VPN policy is currently configured so that regular internet traffic should bypass the VPN, and the metrics displayed by route PRINT make sense in that context. The virtual interface is assigned a metric of 9999 so traffic will default to any other available interface.

However, the routing table returned by WMI shows the metric as 1. If I call GetIpForwardTable using the IpHelper API I get the same values as with WMI. Does anyone happen to know why these two tables wouldn't match?

A: 

It looks like route print is "aggregating" the metrics, whereas the query you're doing in PowerShell is telling you exactly what each one is truly set to.

In other words, the metric of 10000 is only actually set on the route entry for your VPN IP address. When route print displays it, it likely does a route lookup and determines that packets to that destination should use the metric set on the VPN interface address.

Mike  2009-10-18 01:51:51

related questions

Verifying files for testing
How do you create your own moniker (URL Protocol) on Windows systems?
Windows Equivalent of 'nice'
Is this a good way to determine OS Architecture?
Dual vs. Quadcore on a Webserver
Is there a WMI Redistributable Package?
PHP Error - Uploading a file
Ruby On Rails with Windows Vista - Best Setup?
OpenVPN Config file to prevent timeout
How can I create Debian install packages in Windows for a Visual Studio project?
How do I configure and communicate with a serial port?
What's the best setup for Mono development on Windows?
Appropriate pagefile size for SQL Server
XML Editing/Viewing Software
Linux shell equivalent on IIS
What is a better file copy alternative than the Windows default?
Windows Help files - what are the options?
Heap corruption under Win32; how to locate?
Best way to access Exchange using PHP?
Get a preview jpeg of a pdf on windows?
WinForms ComboBox data binding gotcha
How do you schedule tasks in Windows?
Register Windows program with the mailto protocol programmatically
Embedding Windows Media Player for all Browsers
Best Subversion clients for Windows Vista (64bit)