]> No IP address when configuring a Network Bridge in Windows 11 🌐:aligrant.com

No IP address when configuring a Network Bridge in Windows 11

Alastair Grant | Wednesday 21 September 2022

I wanted to extend a network from one PC to another and didn't have any switches to spare, but I did have a second NIC in one of the PCs, this one running Windows 11.  I figured I would create a "Network Bridge".

A Network Bridge is where two separate network cards are joined at the hip and can start talking to each other.  Unlike concepts like Internet Connection Sharing, bridging works at a low level, meaning that the device on the far side of the bridge see the network in a similar way as being directly connected to the same network switch.  This is useful if you want the far side device(s) getting their own IP addresses etc.

To do this in Windows is straight forward, from the Network Connections Control panel item, you simply select the combination of two nics you want to join, right click, and select to create a bridge.  This is where my problems started. I was initially shown an error:

An unexpected error occurred while configuring the Network Bridge.

And what I found was while the bridge was created, there was only one nic in the group.  There are a few tricks documented about deleting WMI bits, and recreating interfaces.  But none of that was necessary for me, I simply added the nic in through the Network Bridge's property page.  I spent a long time on this though, as I thought it wasn't working as I wasn't getting an IP address on the new "virtual" interface (or indeed, anywhere).

Though the telling thing was, my far side device (connected via the bridge) was indeed getting an IP address.  I resorted to monitoring my DHCP server, and with a bit of tcpdump sniffing, I could see the DHCP requests coming through ok.  The hint I needed was in the ISC dhcpd logs:

dhcpd: 5 bad IP checksums seen in 5 packets

I'm not sure to the details of why, but Checksum offloading doesn't work in a bridged environment.  When packets are sent over Ethernet they have a checksum to ensure their integrity, modern network cards (like the Intel i219 I'm using here) have the ability to calculate this fast onboard, without needing to waste CPU resources to do this.

As soon as this was disabled, I got an IP address and the network sprung into action.  To disable it go to the properties for each of the adapters in the bridge and look for a setting along the lines of "IPv4 Checksum Offload".  You may find it named slightly different, or different ones for different network stacks.  Start with them all disabled and experiment with adding ones back where you care.

Breaking from the voyeuristic norms of the Internet, any comments can be made in private by contacting me.