Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How can I get PCs on other segments to connect to internet?

Posted on 1999-10-05
26
Medium Priority
?
301 Views
Last Modified: 2013-11-13
I have a Cisco2600 as an ISDN router connecting to the internet and it is installed in our local segment, "128.188.3". Any PCs within this segment can just set their default gateway to this router and they can ping to the internet, Now if I want PCs on other segments such as "128.188.1" to be able to do the same thing, how can I do?
We are using HP Router650 to devide the whole LAN into several segments.  How to add default route to this Router650?  

0
Comment
Question by:kslzzg
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 8
  • 6
  • +1
26 Comments
 
LVL 37

Expert Comment

by:meverest
ID: 2102427
how are your 'segments' physically connected?

can you ping, say, from 128.188.3.1 to 128.188.1.1?

if they are the same physical ethernet, you can probably just change the netmask on the router to 255.255.0.0, but this may cause problems if the whole 128.188.x.x is not available to that interface.

alternatively, you can add an ip address to the cisco ethernet interface, say, 128.188.1.1 and set this as the default gateway for your 128.188.1

the 'right' answer depends on what your physical network looks like.

cheers.
0
 

Author Comment

by:kslzzg
ID: 2102707
I show you the draft for our LAN as below,

                                 ------------------------
                                 |   HP Router650 |
                                 --------------------------
                                            |
                          -----------------------------------------------------------
                          |                |                  |                      |
                128.188.1    128.188.3      128.188.9         128.188.10
                                         |                                           |
                               -----------------------                      HP PR router(128.188.10.2)
                               |                      |                              |          (128.188.20.1)
         (Cisco router)128.188.3.2       PCs                          |
                               |                                             HP PR router(128.188.20.2)
                     ( Internet )                                                            (128.188.51.1)
                                                                                     |
                                                                             128.188.51
         
    There are several Ethernet interfaces provided by HP router650, such as 128.188.1.1, 128.188.3.1, etc.  Any PCs here can ping to each other(We have been using it for years).   Recently the Cisco router was introduced in to connect to
the internet via ISDN line and it was connected to a switch inside segment3(128.188.3).   Only PCs within segment3 can ping to the internet once
their default gateway are set as 128.188.3.2(Previously they were 128.188.3.1 which is router650).  How can I get PCs on other segments to also be able to access to the internet ? I have already configured the Cisco router with the folllowing commands.
ip route 0.0.0.0 0.0.0.0 BRI0/0
ip route 128.188.0.0 255.255.0.0 128.188.3.1
  I also created a static route on Router650 as shown below,
 
"Configuration Editor"
Internet Address : 0.0.0.0
Type : Static Route

Subnet Mask : 0.0.0.0                  Next Hop : 128.188.3.2

Cost :                                 Preference  : 16
Propagate to RIP  : Yes
Propagate to EGP  : Yes
Propagate to OSPF  : Yes
Make route conditional on an alternate circuit group : No
           But it still failed to ping to the internet.  I checked the routing table via
command "rgetr" and the output is shown as below,

HP J2430A Router 650             ROUTER650_TB               6-Oct-1999  18:10:
I 10/06/99 18:09:21 ip: 'Invalid ARP Source: 165.21.12.249 on 128.188.3.1'
===========================- SESSION 2 - MGR MODE -=============================
Destination      Mtr   Next Hop         T/P         Age  IF
128.188.1.0        1   128.188.1.1      D/L     2146803   3
128.188.2.0        1   128.188.2.1      D/L     2146803   4
128.188.3.0        1   128.188.3.1      D/L     2146803   5
128.188.5.0        1   128.188.5.1      D/L     4158701   6
128.188.6.0        1   128.188.6.1      D/L     2146803   2
128.188.9.0        1   128.188.9.1      D/L     2143581   7
128.188.10.0       1   128.188.10.1     D/L     2146804   1
128.188.20.0       2   128.188.10.2     R/R          10   1
128.188.51.0       3   128.188.10.2     R/R          10   1
128.188.61.0       5   128.188.10.2     R/R          10   1
128.188.71.0       4   128.188.10.2     R/R          11   1
172.16.0.0         2   128.188.1.79     R/R          27   3

ROUTER650_TB:

    How come from this routing table  I cannot see the static route which I just
set?  I have already saved the static route setting.   Is there any way to manipulate
this routing table? Do you think the router will learn by itself and obtain the routing
table without human's interference?  I was told there is a HP technology called "ABC"  which stands for " Automatic Broadcasting" in HP switch2000.  But router650 is an obsolete product(more than 5 yrs ago) and it should not have such intelligence, is that true?
0
 
LVL 37

Expert Comment

by:meverest
ID: 2104967
i am assuming that the 650 is 128.188.3.1 (?)

yes, you are correct in assuming that the answer is to set the default route on the 650 to the cisco.

you might want to try to lower the cost to zero (it may be picking up lower cost default routes via rip or ospf or something)

do you really need rip/ospf etc? it looks like a small enough network to be able to do it all by static routes... at least kill rip, this is known to be a very noisy routing protocol.

cheers.
0
Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

 

Author Comment

by:kslzzg
ID: 2105278
Router650 can be accessed from all its configured ethernet interfaces. So of course we can say 128.188.3.1, 128.188.1.1, 128.188.9.1, 128.188.10.1 all stand for router650 but look from different angle of view.

I have set cost to zero and disable RIP/OSPF propagation but still of no use. Why
do you say they are very noisy routing protocol?  How can I modify the routing table in router650?   Is the default route the same as static route in terms of its
functions?   How can I set the default route for router650?  Do I need to specify it
for all its configureed ethernet interfaces?

After I saved the changes to the above-mentioned parameters, do I need to reboot
router650 to let the changes take effect?
0
 
LVL 37

Expert Comment

by:meverest
ID: 2105312
router 650 looks to be the key here.  go to any station that does not currently access internet and try tracert to some internet address, say 203.2.2.2 for example and make sure that this trace passes through router 650.

if the trace gets to that router, then all we need is to fix default routes for that unit and we should be right.

rip can be very noisy under some conditions.  unless you have routes changing often, then you don't need any routing protocols anyway.

no, you don't need a default route for each/every interface.  all routes are logically system-wide settings for such thing as a router!

all you need to do is to tell the router how to get to each subnet within your network space, and then one default route (ie the cisco) for 'anything else'

you then leave the routers to do the work for your hosts.

youmay need to reset the 650 for routes to take effect.  i am not familiar with that brand of router to be sure.

cheers.
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 400 total points
ID: 2105757
on your PCs 128.188.1.x, you need to set the default route:

    route add 0.0.0.0 128.188.1.1

(probably you need to use a netmask too if it is not 255.255.255.0)
the route command may slighly differ in sysntax according to the PC's OS (if there is no OS but M$'s Windows, set the default gateway in the Network Neighborhood and reboot)

This assumes that the 650 (router) still knows what's the default (internet-)gateway, which seems to be true 'cause it works for another segment.
0
 

Author Comment

by:kslzzg
ID: 2105876
Your are correct. Before the Cisco router was introduced in, all the default gateways for all PCs is set to be the local ethernet interface to the router for their segment if they want to talk to other segments.  For example, the default gateway for  one PC in segment 128.188.9  is set to 128.188.9.1 which points to the interface of Router650  defined for segment 128.188.9.   I show you the result of
running the following command from 128.188.9.14(one of our UNIX server),
# traceroute 203.2.2.2
traceroute to 203.2.2.2 (203.2.2.2), 30 hops max, 20 byte packets
 1 router650 (128.188.9.1)                         1 ms !N    1 ms !N    0 ms !N
#
You see it just stop at Router650. That means Router650 don't know how to route
packets to unknown destination 203.2.2.2.    Now I want to get it route to 128.188.3.2 which is a Cisco router connecting to the internet.   How can I do that?  Is there anybody familiar with HP router 650 ?

I once set the default gateway to the host itself and it also works!  Why?   What's the difference between this and what I have mentioned above regarding the default gateway?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 2105969
from 128.188.9.14, please post result of
   netstat -rn
and it's netmask
0
 
LVL 37

Expert Comment

by:meverest
ID: 2108202
here's a thought - what do you get from traceroute to 128.188.3.2 from any host?

nonetheless, it till comes down to setting a default route on the hp650.  oh well, when all else fails, look at the docs ;-)

cheers.
0
 

Author Comment

by:kslzzg
ID: 2108501
If I run "netstat -rn"  and traceroute from 128.188.9.14, I got the following result,
# netstat -rn
Routing tables
Destination     Gateway         Flags   Refs     Use  Interface  Pmtu PmtuTime
127.0.0.1       127.0.0.1       UH         212236399  lo0        4608
128.188.9.14    127.0.0.1       UH        20 1244300  lo0        4608
default         128.188.9.1     UG        6433161981  lan1       4352
128.188.9.0     128.188.9.14    U          0   97353  lan1       4352
# traceroute 128.188.3.2
traceroute to 128.188.3.2 (128.188.3.2), 30 hops max, 20 byte packets
 1 router650 (128.188.9.1)                         1 ms    1 ms    1 ms
 2 128.188.3.2 (128.188.3.2)                       2 ms *    3 ms
#


If I run them  from 128.188.51.11, I got the following,
# netstat -rn
Routing tables
Destination     Gateway         Flags   Refs     Use  Interface  Pmtu PmtuTime
127.0.0.1       127.0.0.1       UH        6433766778  lo0        4608
128.188.51.11   127.0.0.1       UH        62265928388  lo0        4608
128.188.61.52   128.188.51.9    UGHD       1      58  lan0       1500
128.188.61.54   128.188.51.9    UGHD       3    1036  lan0       1500
default         128.188.51.1    UG        6482089861  lan0       1500
128.188.51.0    128.188.51.11   U        112159080077  lan0       1500
# traceroute 128.188.3.2
traceroute to 128.188.3.2 (128.188.3.2), 30 hops max, 20 byte packets
 1 router-2 (128.188.51.1)                         2 ms    2 ms    2 ms
 2 128.188.20.2 (128.188.20.2)                    37 ms   20 ms   20 ms
 3 128.188.10.1 (128.188.10.1)                    21 ms   22 ms   22 ms
 4 128.188.3.2 (128.188.3.2)                      66 ms *   23 ms
#

By the way, how come there is such warning message in the router650's event log
as below ?
I 10/01/99 07:20:05 ip: 'Invalid ARP Source: 165.21.12.249 on 128.188.3.1'
I 10/01/99 07:35:09 ip: 'Invalid ARP Source: 165.21.12.249 on 128.188.3.1'
I 10/01/99 07:40:22 ip: 'Invalid ARP Source: 192.0.0.192 on 128.188.1.1'
I 10/01/99 07:49:41 ip: 'Invalid ARP Source: 192.0.0.192 on 128.188.1.1'
I 10/01/99 08:20:35 ip: 'Invalid ARP Source: 169.254.113.25 on 128.188.3.1'
..
..
..
I 10/08/99 09:02:07 ip: 'Invalid ARP Source: 165.21.12.249 on 128.188.3.1'
I 10/08/99 09:06:02 ip: 'Invalid ARP Source: 165.21.12.249 on 128.188.3.1'
I 10/08/99 09:06:20 ip: 'Invalid ARP Source: 127.0.0.1 on 128.188.3.1'
I 10/08/99 09:07:30 ip: 'Invalid ARP Source: 169.254.203.192 on 128.188.3.1'
I 10/08/99 09:13:25 ip: 'Invalid ARP Source: 165.21.12.249 on 128.188.3.1'
I 10/08/99 09:17:37 ip: 'Invalid ARP Source: 169.254.8.129 on 128.188.1.
0
 
LVL 37

Expert Comment

by:meverest
ID: 2108588
>I 10/01/99 07:20:05 ip: 'Invalid ARP Source: 165.21.12.249
> on 128.188.3.1'

it is telling you that there are hosts on the segment connected to interface 128.188.3.1 that claim to have those addresses - have you got bridging or arp forwarding enabled on your cisco router or something like that?  this sort of thing might be confusing the hp, but i wouldn't expect it to.

it still looks like bad routes on the 650.  can you get a dump of his routing table?

cheers.
0
 

Author Comment

by:kslzzg
ID: 2108793
The dump of routing table is already shown in the previous comment together with
the draft of whole LAN.   The bridging is enabled on 128.188.3.1.   For 128.188.3.2
 I am not sure.  Can you tell me how?
 
0
 
LVL 37

Expert Comment

by:meverest
ID: 2108980
turn all your bridging off - you don't need it with properly routed IP.

routing tables: (yes, sorry about that) it sure looks like your addition of default route has not been stored properly.  you /did/ restart the router to be sure?  also, some routers have a command that is needed to commit config changes to operational state - maybe the hp requires something like that?

like i said, sorry, but i can't help you with hp router specifics. :(

cheers.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 2109036
> The bridging is enabled on 128.188.3.1.
Bridging to which interface (IP)?
Me, as meverest, have no experience with the 650, but it sounds like a routing table problem there.
The traceroutes you posted work fine (go through the internet gateway 128.188.3.1), so I'm confused where your problem is. Could you please elaborate?

Another common problem with routing are the used netmasks.
According to the posted routes from the 650, you should have netmask 255.255.255.0 on all your machines. Could you please check.
0
 

Author Comment

by:kslzzg
ID: 2109156
So far I haven't got a chance to reboot the Router650 since I added in the static/default route,  I need to schedule a down time to do that because it will
affect our end users.  I am not sure whether rebooting Router650 will solve my problem.   Do you think the routing table can not be updated until I reboot the router?

I was told that enabling bridging will let other protocols besides IP and  IPX get through the interface, such as NETBIOS, appletalk,etc.  Do you think the bridging
can affect the setup of default route?  I show you which interfaces are turned on bridging as below,

HP J2430A Router 650             ROUTER650_TB               8-Oct-1999  16:01:
I 10/08/99 16:00:33 ip: 'Invalid ARP Source: 165.21.12.249 on 128.188.3.1'
===========================- SESSION 2 - MGR MODE ============
-----------------------------------------------------------------------------------------------------------------------
System name:    ROUTER650_TB
IP host-only:   NO            SNMP enabled:  YES      Inbound  Telnet enabled: YES
                     |Brg        DoD IP            DoD IP         IPX          Port   WAN Port
                     |Enab    Address         Subnet Mask   Network  Conf   Parameters
2:Ethernet 1   |YES  128.188.1.1     255.255.255.0   1
2:Ethernet 2   |         128.188.2.1     255.255.255.0
2:Ethernet 3   |YES  128.188.3.1     255.255.255.0   3
2:Ethernet 4   |YES  128.188.10.1   255.255.255.0  10
3:Ethernet 1   |YES  128.188.5.1     255.255.255.0    5
3:Ethernet 2   |YES  128.188.6.1     255.255.255.0    6
3:Ethernet 3   |
3:Ethernet 4   |
4:FDDI 1        |          128.188.9.1     255.255.255.0                  EN
-----------------------------------------------------------------------------------------------------------------------

   You see all the netmasks are set to 255.255.255.0. So far I think the problem is
still with the router650 that disabled the static/default route.  That's why it failed to
route the packets to 128.188.3.2 when I tried to ping to the internet.  But how can I
get the default route work for router650?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 2109241
please reread my previous comment
0
 

Author Comment

by:kslzzg
ID: 2109259
So far I haven't got a chance to reboot the Router650 since I added in the static/default route,  I need to schedule a down time to do that because it will
affect our end users.  I am not sure whether rebooting Router650 will solve my problem.   Do you think the routing table can not be updated until I reboot the router?

I was told that enabling bridging will let other protocols besides IP and  IPX get through the interface, such as NETBIOS, appletalk,etc.  Do you think the bridging
can affect the setup of default route?  I show you which interfaces are turned on bridging as below,

HP J2430A Router 650             ROUTER650_TB               8-Oct-1999  16:01:
I 10/08/99 16:00:33 ip: 'Invalid ARP Source: 165.21.12.249 on 128.188.3.1'
===========================- SESSION 2 - MGR MODE ============
-----------------------------------------------------------------------------------------------------------------------
System name:    ROUTER650_TB
IP host-only:   NO            SNMP enabled:  YES      Inbound  Telnet enabled: YES
                     |Brg        DoD IP            DoD IP         IPX          Port   WAN Port
                     |Enab    Address         Subnet Mask   Network  Conf   Parameters
2:Ethernet 1   |YES  128.188.1.1     255.255.255.0   1
2:Ethernet 2   |         128.188.2.1     255.255.255.0
2:Ethernet 3   |YES  128.188.3.1     255.255.255.0   3
2:Ethernet 4   |YES  128.188.10.1   255.255.255.0  10
3:Ethernet 1   |YES  128.188.5.1     255.255.255.0    5
3:Ethernet 2   |YES  128.188.6.1     255.255.255.0    6
3:Ethernet 3   |
3:Ethernet 4   |
4:FDDI 1        |          128.188.9.1     255.255.255.0                  EN
-----------------------------------------------------------------------------------------------------------------------

   You see all the netmasks are set to 255.255.255.0. So far I think the problem is
still with the router650 that disabled the static/default route.  That's why it failed to
route the packets to 128.188.3.2 when I tried to ping to the internet.  But how can I
get the default route work for router650?
0
 

Author Comment

by:kslzzg
ID: 2109299
Sorry for duplicate post that I reposted by mistake.

As I what I have mentioned earlier,  for example, the bridging on 128.188.3.1 means that this interface will let other protocols besides IP and IPX go through Ethernet interface 128.188.3.1 to other other segments. I have checked  the subnet masks for PC on other segments that I want to dial from, and they all showed 255.255.255.0,  If there are some PCs with 255.255.0.0,  there will be complaining messages appeared in the event log of OpenView running on one of
HP unix workstation.  But I don't see this will prevent the default route from working.  
 
Maybe after I scheduled a downtime to reboot the router650, then I give you feedback.

Thank you again for your advices and comments.
0
 
LVL 37

Expert Comment

by:meverest
ID: 2112351
yes, i think that a reboot can't hurt.  but also, i would like to make sure that there is no 'commit changes now' type command for the hp.  if this is what is needed, even rebooting won't help.

as for bridging, sure - you can leave it on if you want to let appletalk etc get through, but if you have ip then you can run appletalk encapsulation over ip if you really need to.  if you leave bridging on, then you will load up your network with rubbish traffic that you neither want nor need - as you have already discovered, bridging has broadcast arp trafic on at least one segment.  this is absolutely useless traffic and not only uses up valuable bandwidth, but also takes up processor overhead on your router/s.

i prefer to stick to the approach "if you don't *need* it, turn it off"

cheers.
0
 

Author Comment

by:kslzzg
ID: 2118826
Just as what we expected,  after resetting the router650, I can ping to the internet
from other segments now!  I also checked the routing table inside router650, the
static/default route was there.  

 But how come there are still warning messages like  'Invalid ARP Source: 165.21.12.249 on 128.188.3.1' ?   There shouldn't be any hosts on the segment connected to interface 128.188.3.1 that claim to have those addresses like "165.21.12.249", because the IP addresses for all nodes in our LAN should start with "128.188.".    Do you know why? I don't know whether there is any bridging or arp forwarding enabled on the CISCO router or something like that.
  How to check this?
 
Cheers!

Zhang Zhao Gui
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 2118864
> .. Invalid ARP Source: ...
(didn't reread all the comments, so this might still be mentioned)
Probably the 650 or Cisco is configured as a "ARP proxy", means that it answers all arp requests itself instead of forwarding the request (this is a usefull feature for switched lines).
0
 

Author Comment

by:kslzzg
ID: 2118916
I checked the configuration setting in router650, and found that both Normal ARP and ARP proxy are set to "Yes", should I turn the latter off to get rid of the warning message?  How can it answer all arp requests without arp forwarding ? If not  the warning message "Invalid ARP source" will appear in the event log, right ?
If I turned off ARP proxy then will ARP forwarding be enabled automatically?  
 Why do you you say it is a useful feture for switched lines?  What are switched lines?
 
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 2119020
Sorry (no hp650 expert), but you need to check the manuals how ARP proxy works on this machine.
Usually this is to answer "ARP: who has ..." requests. Sounds like the 650 answers and also gets a response from the owner of this MAC.
IMHO, ARP proxy makes no sense (but trouble, sometimes) on leased lines (permanently connected to the remote site). It might be useful on switched (dial-up lines) to avoid useless connections.
Does this answer you questeions?
0
 
LVL 37

Expert Comment

by:meverest
ID: 2119040
arp proxy and forwarding os only required for bridging two network segments that are on the same physical subnet.

it is so that when a device broadcasts for (say) 181.23.1.1, then if that host is on the other side of a router, then the router must pass the arp packets across the WAN for the address to rresolve.

like i mentioned earlier, if you do not need it for a good (known) reason, turn it off.  and i don't think that you need it in this case - all your subnets are distinct and IP routed.

cheers.


cheers.
0
 

Author Comment

by:kslzzg
ID: 2119064
Yes, I learnt quite a lot from both of you.  Thank you again  for your help.

Cheers.

0
 
LVL 1

Expert Comment

by:Moondancer
ID: 6857146
This question was awarded, but never cleared due to the JSP-500 errors of that time.  It was "stuck" against userID -1 versus the intended expert whom you awarded.  This corrects the problem and the expert will now receive these points; points verified.

Please click on your Member Profile and select "View Question History" to navigate through any open or locked questions you may have to update and finalize them.  If you are an EE Pro user, you can also choose Power Search to find all your open questions.

This is the Community Support link, if help is needed, along with the link to All Topics which reflects many TAs recently added.

http://www.experts-exchange.com/jsp/qList.jsp?ta=commspt
http://www.experts-exchange.com/jsp/zonesAll.jsp
 
Thank you,
Moondancer
Moderator @ Experts Exchange
0

Featured Post

Survive A High-Traffic Event with Percona

Your application or website rely on your database to deliver information about products and services to your customers. You can’t afford to have your database lose performance, lose availability or become unresponsive – even for just a few minutes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question