WPAD detection in Internet Explorer


Hello again, I spent a lot of time recently troubleshooting WPAD detection using DHCP 252 option. In doing so, the information I collected may be useful to those deciding how to implement proxy auto-discovery in corporate networks. Proxy Auto-Disover configuration files , wpad.dat files, provide central administration for proxy connections to the Internet.


What I would like to talk about today is the order in which IE will search out a proxy auto-configuration file when using Automatically Detect setting (default) setting in IE. Internet Explorer goes down a list of predefined detection methods:


1. DHCP (252 option)


2. DNS A record query/queries


3. NetBios


NOTE: Only applies when ‘Automatically detect settings’ in Internet Options -> connections -> Lan Connections is the only option checked. Other options for configuring IE connection settings include Automatic Configuration Scripts and manually specifying a proxy server.


Now, if DHCP is configured to provide the WPAD location, IE stops the detection and will make a GET request for the wpad.dat file and no further searching is done. This is true even if the DHCP 252 option is incorrect and a correct entry is configured as a DNS record.


If DHCP 252 is not configured, IE will continue until it either exhausts the search or gets a response:


1. BootP request to DHCP for the 252 option containing the path to the wpad.dat file


if DHCP 252 is not configured:


2. DNS A query for “wpad.<dns suffix>” ex. wpad.domainname.com


if the DNS query fails:


3. A Netbios query for a machine named WPAD occurs


If Netbios fails:


4. A direct connection is attempted


If this attempt fails, the user is presented with the Cannot display the webpage or similar message.


The wpad.dat detection (steps 1 thru 3) occur when “Detecting proxy settings…” is displayed in the status bar in the lower left corner of the Internet Explorer window.


Example of a detection order:


– If a domain suffix is north.corp.contoso.com


IE will perform the following queries:


wpad.north.corp.contoso.com


wpad.corp.contoso.com


wpad.contoso.com


NOTE: If a domain suffix search order has been specified, the first domain in the list will be used instead.


As you can see, there is overhead associated with the detection method. If you do not have a wpad solution, there is no reason to have this option enabled. Disabling it can reduce network traffic as well as the initial page load times for Internet Explorer. Disabling this option forces IE to attempt a direct connection to the internet immediately, which it would eventually get to if no wpad files were found.


Another great Blog brought to you by Aurthur Anderson, an IE Senior Escalation Engineer.


Regards,


The IE Support Team

Comments (15)

  1. How can I check current WPAC status?

    I mean, I have "automatic detection" enabled, but how can I know if my PC has actually received a configuration set ?

  2. Hey Alejendro!

    Well, there are several ways to tell, but I don’t think I can do the answer justice in just a comment.  Tell you what, we will put together a follow-up blog to answer your question.  How does that sound?

    Regards,

    The IE Support Team

  3. uwe says:

    Hello, i have similar question as Alejandro, i find the wpad.dat files in the cache and can verify its correct, but its not working on all stations, is there anyway to "debug" it.

  4. maysara says:

    I have the same problem Alejandro Grijalba has, i still cant find how to do it !

  5. Bobby says:

    We have ~12,000 stations set for automatic configuration.  

    We recently changed the WPAD DNS entry to a new server cluster address, but ~ 3,700 of the stations still go to the old cluster.

    When we check DNS on those stations, they resolve the new address OK, but IE still goes to the old server.  

    We tried rebooting, etc., and it still goes t othe old server.

    When we uncheck "Automatic", check "manual", hit "OK, then go back and reverse the process, it then goes to the new server.

    This leads us to believe that IE is persisting the resolvedvalue of the WPAD entry somewhere, and not re-checking it unless there is a problem or some other stimlus to re-check…

    Can you tell us where this is persisted so we can use a GPO or other means to force it to change or re-check?  Changing this many stations via the manual process above is just not acceptable…

  6. arnaud says:

    We use a VPN Citrix Access Gateway and with "autoconf proxy" activated, it seems that IE doesn’t detect the new connectoide VPN and don’t get the .dat file.

  7. Chris says:

    Quote "by Alejandro Grijalba

    How can I check current WPAC status?

    I mean, I have "automatic detection" enabled, but how can I know if my PC has actually received a configuration set ?


    Tuesday, January 27, 2009 11:35 PM by Brent Goodpaster

    Hey Alejendro!

    Well, there are several ways to tell, but I don’t think I can do the answer justice in just a comment.  Tell you what, we will put together a follow-up blog to answer your question.  How does that sound? "

    Hello Brent,

    Please can you provide a link to the post with your answer, as I too an interested in seeing what cached WPAD file IE is reading.

    Many thanks

    Chris

  8. lawson23 says:

    I’m also interested in how to debug wpad problems.

    We have setup dhcp and dns and our main site works just fine local to the wpad server but a remote site that has a vpn tunnel to the wpad server experiences all kinds of problems.

    One question on the DHCP option 252.

    Does this have to be entered as a fully qualified domain name so that it has to have DNS?  Or can this entry be an IP address for example:   http://10.0.0.2:80/wpad.dat

    Sure would seem to me it would be better to use a IP than a fully qualified domain name for speed and to not depend on DNS.

    Internet explorer will be surfing and then all of a sudden show a "Internet Explorer cannot display the webpage"  No error code it is like it does not have Internet access anymore.

    We also have one user that gets prompted for credentials when he is using Automatically detect settings at this location.

    Thank you,

    Jamie

  9. Anshu_vas says:

    To know more about "Automatically detect settings and WPAD and option 252" refer to the following blog:

    https://blogs.msdn.com/anshu/archive/2010/04/06/internet-explorer-and-wpad.aspx

  10. Luca Fabbri says:

    Hello, I have this question: should wpad record be CNAME or HOST(A) record ? On official TechNet Library it is written CNAME.

    Bye,

    Luca

  11. axelr says:

    @Luca Fabbri  

    Creating a WPAD entry in DNS

    technet.microsoft.com/…/cc995062.aspx

    How to configure Microsoft DNS and WINS to reserve WPAD registration

    support.microsoft.com/…/934864

    Another informative article covering proxy server configuration scenario

    technet.microsoft.com/…/cc713344.aspx

  12. Raymond says:

    Hi, I met a puzzled problem. I am working on a WinINet application. My machine(Win7, x64, and IE8,IE9,IE10, 32bit) is in the domain, and wpad is configured, and "Automatically detect settings" is selected. I found for some urls, WinINet control doesn't get "INTERNET_STATUS_RESOLVING_NAME" and "INTERNET_STATUS_CONNECTING_TO_SERVER" message in InternetSetStatusCallback function. If I unselect the "Automatically detect settings", it is normal. Could you give some advice?

  13. edT says:

    I am also having the issue and noticed that on the machines that has the issue, they also have Vmware installed. When I disable the vmnet adapters, the wpad detections works quickly in ie9. Also, installing IE11 and then uninstall IE11 makes IE9 work with wpad.

  14. KegNot says:

    We discovered an issue with the 'Automatically Detect setting' in Internet Explorer 11 in combination with Windows 7 when we switched off NetBIOS over TCP/IP. Users auto-loading multiple sites were suddely experiencing load issues: 'Page can not be displayed' on Internet sites and popups for logon credentials for Internet sites. After unselecting the 'Automatically Detect setting' the auto-loading of sites was ok again..

    We no WPAD infrastructure in place and use a proxy.pac file for configuring the proxy settings. Therefore we don't need the 'Automatically Detect setting'.

    Still, it looks like an intersting bug in Internet Explorer 11. IE 11 in combination with Windows 8 doesn't show the issue.

    Is anyone else experiencing this?