New HTTP.SYS Namespace Reservation in 3.5

A while ago I wrote about the “temporary listeners” wildcard namespace reservation that comes with .NET 3.0. I didn’t like it – and my opinion hasn’t changed here.

It turns out that .NET 3.5 adds a new reservation during installation:

c:> netsh http show urlacl

Reserved URL            : http://+:8731/Design_Time_Addresses/
        Listen: Yes
        Delegate: No
        SDDL: D:(A;;GX;;;IU)

I believe this reservation is made to make the “WCF Service Library” and the accompanying generic WCF service host work.

Actually this reservation is much more sensible than the “temporary” one because:

  • it is not on a commonly used port which means that chances that the firewall is already open are relatively low. Remember that the “temporary” one points to port 80 which is also used by IIS, SQL Server WS-RemoteManagement etc…
  • It is using INTERACTIVE as opposed to WORLD (aka Everyone). This means that this reservation only applies to services started by the carbon unit operating the machine.

I had a discussion today with my friend Oliver who ran into the namespace reservation problem and thought that the best workaround would be to use the “temporary” namespace as it is already registered and doesn’t require any command line fiddling. After I told him that I disagree, he asked me what would be the recommended way of handling this problem at development time (without elevating Visual Studio to admin all the time, of course ;).

I tackled this for me by reserving a dev time base address like http://+:9000/Services/ (ACLed only for myself) and key off all my services from that URI. But actually I think the new design time addresses make sense in design time ;) They are already there and have sensible settings for most standard development scenarios (but not for NT Services – since these are not interactive). Too bad the old “temporary” reservation didn’t go away in 3.5…

Will try that in the future and see how it works out.

This entry was posted in WCF. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s