2

We have a network with 60 clients (not all on our domain) that connect to a single very bandwidth constrained Internet connection (VSAT satellite - 6Mbps, 800ms latency).

We have various ways to manage the bandwidth, but ideally we'd like all clients to automatically recognise that it's a metered connection, as Windows does when connected to a cellular connection.

Clients are connected via a pretty standard Cisco network, mix of WiFi and Ethernet.

How does Windows determine if a connection is cellular or not? Is there a way to spoof this on the network side?

Caligari
  • 111
  • 4
  • 2
    Windows determines metered connection based on the device it is connected to. For Ethernet and WiFi (including USB dongles) it is unmetered. If device is of a modem class (be it USB dongle or Bluetooth connected cellphone or COM port or etc.) then Windows sets this connection as metered. You can change connection properties to set or unset metered, but doing this manually for 60 PCs is time consuming. If all the clients are part of the domain, there probably might be some policy to setup network connection properties, but I have no details about it. – dmmedia Apr 27 '21 at 07:40
  • That's great, thanks. I guess if it's based on hardware IDs there's no way to set it at the network level, unfortunately.. it's a mix of machines from a few domains as well as non-domain (personal) machines, so GPO isn't really a viable option. – Caligari Apr 29 '21 at 03:36
  • Any network adapter can be set to metered. Please explain: Why is that not enough? Or do you want the adapter to switch to metered when connecting to a particular IP? And connecting how? – harrymc Apr 29 '21 at 09:12
  • It's not enough cos a) we can't rely on users to flag their connection as metered (not out of maliciousness, but lack of user education/will) and b) we don't have the time or resources to manually check/set a rotating cast of >60 clients. As I said in the original question, clients are connecting using WiFi or Ethernet to a Cisco based infrastructure. – Caligari Apr 29 '21 at 10:39
  • Connecting how? Is it a VPN or a specific network adapter or something else? (Add to your comment `@harrymc` for me to be notified.) – harrymc Apr 29 '21 at 19:15
  • @dmmedia I disagree it entirely based on device as I had a laptop WiFi connected to phone hotspot & Outlook could tell it was a cell phone limited plan. I appreciate pointing out that Win10 Settings click Ethernet properties shows a tick 'set as metered connection'. Run [sysinternals process monitor](https://docs.microsoft.com/en-us/sysinternals/downloads/procmon) then tick it to help find WHERE that is saved in registry or file. Googling `"set as metered connection" group policy site:microsoft.com -answers -social` didn't pull up any results. Lots of Group Policy settings use bandwidth word – gregg Apr 29 '21 at 21:49
  • So I did a bit of digging - my reading of the Windows DHCP spec (https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dhcpe/2e71d5c8-44c6-4416-97b0-0be64cad472c) is that Windows 10 > 1909 recognises ANDROID_METERED in option 43 of DHCP. I set that, and confirmed with Wireshark that clients are receiving it correctly, but Windows doesn't seem to actually do anything with the information. I double checked by establishing a hotspot connection to an Android device - same DHCP option, same result. Shame, as if it worked it would have been a perfect solution. – Caligari Apr 30 '21 at 05:45
  • Only other thing I found was this - https://docs.microsoft.com/en-us/windows-hardware/drivers/mobilebroadband/network-cost-information-element which is I suspect how phone hotspots operate. Unfortunately there's no way to have those flags in the 802.11 beacon on a Cisco network (that I could find). – Caligari Apr 30 '21 at 05:46
  • You are mixing between two things here: Setting a connection to metered and detecting a cellular network. You are focusing on the second one, while it's the first one that you would like to achieve. If you gave more information about how you are connecting, we might be able to tell how to set it to metered. – harrymc Apr 30 '21 at 08:27
  • Nah, I'm not mixing them up - just seems that the easiest, most widely applicable (for an environment where I don't have admin access over most machines) and most robust method would be to work out how Windows determines a connection is metered (as per gregg's comment above). There's nothing special about how the machines are connected - like I said in the original question, it's just a mixed WiFi/Ethernet network. Machines connect, get an IP and gateway via DHCP, and connect to the gateway, which is just a WAN device. No VPNs or anything special. – Caligari May 03 '21 at 11:59

1 Answers1

1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\DefaultMediaCost I guess changing WiFi DWORD value to 2 sets it to metered. It appears you may need to change permissions on key to do that, a workaround could be sysinternals psexec -s reg add HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\DefaultMediaCost /v WiFi /d 2

I have NOT tested this myself. A safe thing you could do is look at that keys value in regedit, toggle setting in Setting app/GUI, refresh regedit & if it changed you know its kosher & what value to revert it even (0?)

https://www.cnet.com/how-to/meter-your-ethernet-connection-in-windows-10/#! https://www.howtogeek.com/262477/how-to-set-an-ethernet-connection-as-metered-in-windows-8-and-10/

gregg
  • 5,598
  • 2
  • 21
  • 36
  • Thanks for that - good solution for the machines that I have admin access over - in the absence of a GPO, I'll write a script to update the registry (after testing). Guess I'm down to user education for the other machines. It'd be nice if Windows respected the ANDROID_METERED DHCP Option 43 flag (see my comment to my original question), but I guess you can't have it all. – Caligari May 03 '21 at 11:56
  • Group Policy Preferences allow registry key changes, although the one article said permissions might not let an admin change that, but I guess a GPO would change it in the System or Machine security context. Else a startup script with that `psexec` could be placed in a GPO. Group policy all the things! – gregg May 04 '21 at 20:52
  • This user MAY have answered your question? https://superuser.com/questions/1652404/windows-10-does-not-detect-wi-fi-as-metered-connection – gregg May 29 '21 at 22:18
  • Thanks @gregg - that would do it, but unfortunately I don't think there's any way to set vendor extensions to beacons on our Cisco infrastructure. That's exactly what we want to do though - thanks for the link, good to know it's possible at least. – Caligari Jun 02 '21 at 22:41