Windows Troubleshooter Guide/Network Location Awareness

Windows computers have a system for detecting internet connectivity known as Network Location Awareness (NLA). It controls many aspects of how Windows categorizes internet connections, such as whether to assign networks as private or public. When you adjust firewall setting based on whether the network is "private" and "public", the definition of private and public is whether or not your network is currently connected to a network you define as private or public.

Detecting Internet Connectivity
Network Location Awareness also has the ability to check and alert you whenever you are connected to the internet through a task force called Network Connectivity Status Indicator (NCSI). NCSI itself is an API for other programs to use when they need to know how good your internet connection is.

Method
But since Network Connectivity Status Indicator is itself an API, how the software detects whether you have internet connectivity is not exposed and can thus be hidden. However, a simple test can show what NCSI can do to check your internet connection. Here is the method below:


 * 1) Check for website connection
 * 2) NCSI looks up   using your DNS.
 * 3) If the HTTP response header has a 200 OK status code, then it requests  . Note that if you go to that url, the text file reads " ".
 * 4) Check for DNS connection
 * 5) Also, NCSI does a check for the existence of   through your DNS.
 * 6) If it exists, then NCSI checks whether the IP is.
 * 7) If there is any problem in either getting a response for the DNS lookup or the IP doesn't match, the internet is assumed to have an issue.
 * 8) If the error dns_probe_finished_bad_config then try to get a static ip using vpn or contacting your internet service provider.[7]
 * 9) Check for IPv6 connection
 * 10) Similar, but   is expected to resolve to , and in HTTP test   is changed to   in text file URL.

Analysis
If #2 works and #1 fails (the definition of fails is if there isn't a response or a redirect), then Windows alerts you that some kind of authentication might be blocking your internet connectivity (like a need to sign-in before using the internet).

If #2 fails (the definition of fails is if there isn't a response [resolution failure] or the wrong address is returned), then Windows alerts you that you have no internet connection.

Note that sometimes, you might get a yellow warning sign/exclamation mark indicating that you have no internet, yet can connect fine. In this case, judging by the above cases, it should mean that #2 failed but #1 works.

Configuring NCSI
The configuration parameters for NCSI uses the Registry. The key is located at. The list of the typical values are here

As you can see, changing the data of the name will change the behavior of what NCSI does. For example, changing  will change what website it will check. is a boolean value that, if set to 0, turns off NCSI. Any other value turns it on. The last three names, ;  ; and , have no predictable effect on the system.

Privacy
As a side note, on the Microsoft documentation page describe how NCSI works, they mention that


 * IIS logs are stored on the server at www.msftncsi.com. These logs contain the time of each access and the IP address recorded for that access. These IP addresses are not used to identify users, and in many cases, they are the address of a network address translation (NAT) computer or proxy server, not a specific client behind that NAT computer or proxy server.