Replaced Windows registry lookup with WMIC process invocation

[Bilge]

Reading the registry is a weak solution because we don't know if the settings we're reading are from active interfaces or not. WMI, by contrast, only emits the DNSServerSearchOrder key (containing the DNS name servers) when the interface is actively in use (connected).

Drawbacks

WMI is still not a perfect solution because if there are multiple active interfaces (uncommon), we don't know which interface or DNS servers Windows will actually use, but generally this is unimportant because (1) usually there's only one active interface, and (2) where there are multiple in use, if the name servers are public anyway the probability that any will work is high. Where this might be a problem is when using a VPN or other tunnel that would be unreachable from a different NIC. It is supposed there are no Windows users currently experiencing that use-case, however if there are, I do not have a solution for them.

Deprecated approach

WMIC as an interface for WMI is actually deprecated (lol). Nevertheless, it's still available by default in Windows 11 at this time, but the "next version of Windows" will have it disabled by default. It is unclear to me if that means Windows 12 or the next service pack for Windows 11. In any case, we should look to move towards PowerShell in the near future, which seems to be supported OOTB since Windows 7 (albeit with a diminished feature set).

PowerShell

One benefit of using PowerShell is we won't need to do any output massaging since it can be tamed using various tools embedded in the shell itself. The following invocation will emit the name servers one per line.

Get-WmiObject -Class Win32_NetworkAdapterConfiguration | Select-Object -ExpandProperty DNSServerSearchOrder

However, PowerShell is notably slower than WMIC. A typical benchmark on my system yields the following results.

WMIC	PowerShell
0.191s	0.350s

That is, PowerShell takes almost twice as long to output the same information. Most of this time is overhead from shell start-up, though; once in a PowerShell session, the command may execute very quickly, but this is a moot point for our use case.

IPv6

One other observed characteristic of the DNSServerSearchOrder key we're querying here is that it never seems to contain IPv6 addresses. Other properties of Win32_NetworkAdapterConfiguration do contain references to IPv6 addresses, such as IPAddress and DefaultIPGateway, so WMI isn't IPv6-phobic itself, thus leading to a preponderance of the perpetual absence in the DNS space. There is no solution known to me at this time to retrieve the IPv6 servers by any WMI mechanism, whether we migrate to PowerShell or not.

References

• How does Windows decide which DNS Server to use when resolving names?

[bwoebi]

Another approach could be using something like https://github.com/stevebauman/wmi? But obviously that requires the COM extension, which however is generally available, just needs to be enabled in php.ini...

[Bilge]

Hmmm, yes, let's require a library last maintained 4 years ago that nobody uses and requires a platform-specific extension that's not only disabled by default but isn't even referenced in the template, what could go wrong? 🤔 Still, good to know it exists 👌🏻