In the Windows environment, there may be problems with network card after replacing hardware such as hardware server board and network card, recovering operating system or network virtualization failure. For example, there are more network cards that should not exist in Device Manager, the current network connection cannot be renamed because of a naming conflict, the IP address conflict cannot find the network adapter that conflicts with it, the virtual network card cannot be deleted after the virtual failure of the networks, and so on. Let's summarize how to remove these visible or invisible ghost-like NICs.
I. Identify various network devices and network connections
Because network virtualization adds many virtual network devices (including virtual NICs) to physical machines, the situation can become complicated, so first we need to distinguish them. Of course, if you do not have network virtualization, then you can skip this part. In a network virtualization environment, the Device Manager should be visible: physical network cards starting with Intel (depending on the physical NIC vendor), Hyper-V virtual Ethernet Adapter, and Microsoft network Adapter Multiplexor Network card Group (Windows Server 2012 starts to support network card groups, through the command lbfoadmin can manage network card Group, NIC Group in the network virtualization environment often appear), after the display of hidden devices, also visible hyper-V virtual Switch Extension Adapter Virtual Switch and so on.
The network connection in the network and Sharing Center can be considered as the configuration of some network devices, its name and properties can be customized, but its dependent devices are basic and corresponding.
Let's look at the specific configuration of these network connections.
1. Network connection of physical network card
Its main settings are the Tcp/ipv4, Tcp/ipv6 protocol, and two link-layer topology discovery protocols. is the network Connection property of the physical NIC named Ethernet 04.
2, network connection of NIC Group
If you just configure the NIC group, the network connection configuration and physical Nic are basically the same, with the exception of the Tcp/ipv4, Tcp/ipv6 protocol, and the two link-Layer Topology Discovery protocol, which is configured with Microsoft Load Balancing/failover Provider protocol. The NIC group aggregates multiple physical network cards for failover and load balancing of network connections. The network connection for those aggregated physical network cards is only the Microsoft Networking Adapter Multiplexor protocol protocol. On the left is the network connection property named Management Nic Group, and on the right is the network connection attribute of the physical network card named Ethernet 01 in the NIC Group (one of the converged NICs).
3, network connection of virtual network card
Virtual network cards are typically created after the virtual switch is created, and additional virtual network cards can be created on the physical host through SCVMM. The network connection of the virtual network card is the same as the network connection configuration of the physical network card, so the function of the virtual network card and the physical NIC are the same, except that the virtual network card is built on the physical network card. is the network Connection property of the virtual network card named Vethernet (Cluster).
4. Network connection of Virtual Switch
Here are two things:
If the virtual switch is built on a separate physical network card (this is the case for virtual switches created directly in Hyper-V manager), then the network connection used to create the physical network adapter for the virtual switch is configured to use only Hyper-V extensible virtual Switch protocol. Network connection properties for Ethernet 01 physical NIC after creating virtual switch on a physical network card named Ethernet 01
If the virtual switch is built on a network card group (the virtual switch created in the host after the host is configured in SCVMM as a logical switch based on the NIC group), then the networking connection for the NIC group used to create the virtual switch is configured to just use Hyper-V extensible Virtual switch protocol, and the physical NIC configured for the NIC group is described in the above NIC group section. If the left side is created with a virtual switch named Management Logical switch, the network connection properties for the NIC group with the same name are created, and the right side is the network connection attribute for the physical network card named Ethernet 01 in the NIC Group (one of the converged NICs).
In summary, when creating a virtual network card and Nic group, in addition to creating the appropriate networking devices , the corresponding network connection will be created, but creating the virtual switch will only create the appropriate network device , but will not create a network connection . A virtual switch is built on a physical network card or network card group, only the reconfiguration of the physical NIC and Nic group.
Second, remove network devices and network connections
Once you know the relationship between the various network devices and the network connection, it is more clear to remove the target, in principle should follow:
Next we'll look at the various scenarios to see why and how to delete.
1. Remove the virtual NIC and its network connection
(1) via GUI and PowerShell
Virtual network cards and their network connections created after configuring a logical switch for a host using the SCVMM console or SCVMM PowerShell can normally be deleted in the SCVMM console or SCVMM PowerShell. However, sometimes due to host hardware changes (mainly motherboard or network card) or other unforeseen circumstances, the creation process is abnormal, after attempting to delete the configuration for recovery, still left on the host should not exist on the virtual network card or its network connection, then SCVMM is helpless, These virtual network cards cannot be deleted directly on the host through the GUI (either through Device Manager or Hyper-V manager). Because the new virtual network adapter is named when the suffix is automatically incremented, so these redundant virtual network cards are not too much harm, but associated with the network connection often also has a naming conflict problem (because the network connection name can not be duplicated, these legacy virtual network card network connection will occupy the name), unable to name the network connection as needed, is unacceptable to many people.
Virtual network cards and their network connections can be viewed and removed through PowerShell on the host. Use the Get-netadapter command to view all network cards, use Get-vmnetworkadapter–all to view the virtual network card, and use the Get-vmnetworkadapter–managementos command to view the virtual network card on the host. Use Remove-vmnetworkadapter–managementos–name to remove the virtual network adapter and network connection specified on the host.
If you cannot view and delete the virtual NIC and its network connections through PowerShell, you can also try two methods: one is to use the DevCon command-line tool, and the other is to manipulate the registry directly.
(2) via DevCon command line tool
Deleting a network device is essentially a driver for removing a device, and Microsoft's own DevCon command-line tool can be used instead of Device Manager to manage computer devices, especially those that are hidden, and the DevCon command-line tools can be downloaded and utilized here. Placing the corresponding version Devcon.exe file in the Windows\System32 directory for invocation on the command line is not a panacea for version and compatibility issues DevCon. Use the following command to query and delete the virtual network card, where the path root\vms_mp is explained below.
(3) Through the registration form
As a last resort, we can also delete through the registry, this is a dangerous thing, please operate with caution. Use the regedit command to open the registry.
Delete the network connection first. Open Node hkey_local_machine\system\currentcontrolset\control\network\{4d36e972-e325-11ce-bfc1-08002be10318}, There are a number of GUID-named nodes, each of which represents a network connection that now or ever existed, through which the Name property in the connection node can be used to know which network connection the node is representing, and to write down the GUID name before deleting it. Delete nodes with the same GUID names in the following paths, with detailed configuration of the network connections, including IP and subnet masks, and so on, in these nodes:
Hkey_local_machine\system\currentcontrolset\services\tcpip\parameters\adapters\
Hkey_local_machine\system\currentcontrolset\services\tcpip\parameters\interfaces\
Then remove the network device. Open the node hkey_local_machine\system\currentcontrolset\enum\root\vms_mp\, this location is the virtual network card driver configuration path, through its child nodes of the FriendlyName property, Locate the network clip node that you want to delete, which is the path that appears in the DevCon command.
But it is not easy to delete this child node, because this path in the registry is a system critical path, by default, these child nodes and all of its nodes and items are under the control of the system account, other accounts do not have permission to operate, so using administrator administrator to run the registry is useless, But fortunately, by acquiring its ownership, administrator can eventually get permission to operate. Since only one node or item can be set at a time, this will be a tedious work to repeat. The steps are as follows:
In the node right-click Permission permissions, although the prompt does not have permission, but allows to enter the modification, select Senior Advanced, such as modify owners owner to obtain ownership. However, it is important to note that although the dialog cannot be confirmed after the owner has been modified, the option to discard cancel can ultimately take ownership.
Close all dialogs and re-right-click permissions, you can add user Administrator and authorize. Set from the deepest visible node until all nodes and items under it are granted permissions, finally delete the entire child node and restart the host. (This step, in fact, can also be used to get permissions on files or folders that are restricted under NTFS)
(The physical network card can also be removed by the process of the registry above.) It is also worth mentioning that in the registry and CurrentControlSet the same level will have ControlSet001 or ControlSet002 and other similar named nodes, these nodes have the same structure and data as the CurrentControlSet, There is no need to delete the corresponding nodes within the ControlSet001 or ControlSet002, they are just copies of the system configuration, and they will be overwritten by the modifications in the CurrentControlSet after the system restarts normally. )
2. Delete the virtual Switch
In a network virtualization environment, you should first remove the logical switch or virtual switch on the host through the SCVMM console or SCVMM PowerShell to properly remove the associated configuration for the host in SCVMM, but if you find a virtual switch in the host that is still not deleted, You can also delete on the host through Hyper-V Manager and Hyper-V PowerShell.
If not, you can use the DevCon command-line tool and operate the registry as if you were removing the virtual network card, except that the virtual switch-driven configuration node is hkey_local_machine\system\currentcontrolset\enum\root\ VMS_VSMP, don't repeat it here.
3. Remove the NIC Group
In a network virtualization environment, if the logical switch configured for the host is associated with an upstream port with a network card group, the NIC group is always created on the host and the virtual switch is created on the NIC group. If the removal of the logical switch fails, more than the NIC group is left on the host, it can be removed in the NIC group manager or PowerShell. Windows Server 2012 does not support network card groups, you can manage the NIC groups by opening the NIC Group manager via command Lbfoadmin, or you can use the Remove-netlbfoteam command.
It is prudent to use the DevCon command-line tool and the registry to delete, I do not test whether there will be serious consequences, but it is easy to know the network Card Group Registry node is hkey_local_machine\system\currentcontrolset\enum\ Compositebus\ms_implat_mp.
There are also cases in the network where WMI's library file corruption causes the NIC group to be unable to manage, and you can try to fix it as follows, and more about the WMI library repair, as you can see here:
%windir%/Disable all the network adapters remove Hklm\system\currentcontrolset\control\network \CONFIG enable all the network adapters enable NIC teaming
4. Remove the physical network card
Redundant physical network card is often due to hardware changes or system recovery after the formation, the removal of physical network card is relatively simple, in the Device Manager or DevCon command line can be deleted, in the registry can also refer to the deletion of virtual network card.
Remove Hidden physical network cards in Windows and virtual NIC after network virtualization fails
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
