jaycee26
asked on
browsing different subnets on same LAN?
Hi,
I am not sure if this is possible, but can you browse from one non-concurrent subnet to another while being on the szame physical LAN (i.e. all workstations & servers are connected to the same hub)?
Example (hypothetical IPs):
2 ranges of IP addresses ... one being 210.5.6.225-255 (255.255.255.224) & the other being 211.6.7.65-95 (255.255.255.224). I want hosts browsing by NetBIOS name, the hosts on the other subnet for purposes of server shared resources. Each subnet has it's own gateway, configured as a router's internal ethernet port ... router connects to internet provider via ISDN. Provider hosts DNSs.
I am not sure if this is possible, but can you browse from one non-concurrent subnet to another while being on the szame physical LAN (i.e. all workstations & servers are connected to the same hub)?
Example (hypothetical IPs):
2 ranges of IP addresses ... one being 210.5.6.225-255 (255.255.255.224) & the other being 211.6.7.65-95 (255.255.255.224). I want hosts browsing by NetBIOS name, the hosts on the other subnet for purposes of server shared resources. Each subnet has it's own gateway, configured as a router's internal ethernet port ... router connects to internet provider via ISDN. Provider hosts DNSs.
Yes it is possible. You need to pick one machine as router. Assign a second IP that is from the other address range to this machine via the advanced section of TCPIP properties (do not assign it a gateway). Enable IP forwarding and reboot.
When you reboot, open a dos box and type route print. The resultant output will show you that your machine is passing packets to and fro between the two interfaces.
You now need to configure your machines with a gateway. Machines on the second range will need to give the address of the multihomed machine as their GW.
When you reboot, open a dos box and type route print. The resultant output will show you that your machine is passing packets to and fro between the two interfaces.
You now need to configure your machines with a gateway. Machines on the second range will need to give the address of the multihomed machine as their GW.
You should probably reject hstiles answer since it restates one of the routing options from my answer, does not provide for name resolution, and is basically wrong.
You can't just pick any "one machine" - it needs to be an NT server unless your network is small (fewer that 10 simultaneous connections is supported by NT Workstation)
If you need help setting up a multihomed NT router, just search Microsoft's search engine for "multihomed." Or ask, and I'll post some..
Do not change the gateways on the computers - leave the gateway as the router for the subnet. Just add a route on each router to the other subnet.
You can't just pick any "one machine" - it needs to be an NT server unless your network is small (fewer that 10 simultaneous connections is supported by NT Workstation)
If you need help setting up a multihomed NT router, just search Microsoft's search engine for "multihomed." Or ask, and I'll post some..
Do not change the gateways on the computers - leave the gateway as the router for the subnet. Just add a route on each router to the other subnet.
Browsing works by broadcasts, so as long as both subnets are on the same physical hub, it will work without problems.
It's unusual to have two subnets on the same physical LAN.
You may as well just have the same subnet as all your setup does is increase administrative overhead !
I don't think the other 2 read your question properly !
It's unusual to have two subnets on the same physical LAN.
You may as well just have the same subnet as all your setup does is increase administrative overhead !
I don't think the other 2 read your question properly !
ASKER
Klover, I like where you are coming from, but as Tim mentioned ... you may not have fully read my question.
The physical network consists of 1 (one) hub and one router (1). The hub connects everything together, and the router routes packets to my ISP for internet access. The internal ethernet port on the router (a small Lucent/Ascend product) is configured with an IP address from each subnet as this is the gateway for each of those subnets to connect users to the internet.
The reason for having 2 subnet ranges is due to someone else's decision on setting the network up previously ... and this will change, but until then .....
Is it not possible to assign a 2nd IP to the same nic in the server? Should both subnets be able to connect to the server then? Workstations on each side don't necessarily need to connect to each other.
The physical network consists of 1 (one) hub and one router (1). The hub connects everything together, and the router routes packets to my ISP for internet access. The internal ethernet port on the router (a small Lucent/Ascend product) is configured with an IP address from each subnet as this is the gateway for each of those subnets to connect users to the internet.
The reason for having 2 subnet ranges is due to someone else's decision on setting the network up previously ... and this will change, but until then .....
Is it not possible to assign a 2nd IP to the same nic in the server? Should both subnets be able to connect to the server then? Workstations on each side don't necessarily need to connect to each other.
I read your question perfectly and understand exactly what you are trying to do. Klover is correct in so far as you might want to use a server instead of a workstation, but with regards to the gateway addresses... ...well!
Ironically, I just realised I misread your question....
I was thinking all you wanted to do was enable browsing, but there's not much point doing this unless you can access the resources, for which purpose you either need a router, or to install NetBEUI or NWLink as secondary protocols that ignore TCP/IP subnets.
I was thinking all you wanted to do was enable browsing, but there's not much point doing this unless you can access the resources, for which purpose you either need a router, or to install NetBEUI or NWLink as secondary protocols that ignore TCP/IP subnets.
I understand what he is trying to do...
Thought you had two seperate routers. In that case, can't you set the router to route traffic from one subnet to the other? Even though they are on the same LAN, they won't be able to talk to each other without a router.
Broadcasting won't work because the workstations on Subnet A will broadcast on 21.5.6.255 and Subnet B ain't gonna hear that!!! They are listening for broadcasts on 211.6.7.95!!!
Thought you had two seperate routers. In that case, can't you set the router to route traffic from one subnet to the other? Even though they are on the same LAN, they won't be able to talk to each other without a router.
Broadcasting won't work because the workstations on Subnet A will broadcast on 21.5.6.255 and Subnet B ain't gonna hear that!!! They are listening for broadcasts on 211.6.7.95!!!
ASKER
I set an IP address for each subnet on the nic in the server I have, and was able to ping the server from both subnets.
I also set up WINS on this server to enable NetBIOS name resolution ... but names are not being resolved. I tried the Lmhosts file option on the workstation to point to the IP of the nic it can see, but this doesn't help either ... lastly I thought that although I am still using 1 nic, I should set IP Forwarding ... still nothing.
I also set up WINS on this server to enable NetBIOS name resolution ... but names are not being resolved. I tried the Lmhosts file option on the workstation to point to the IP of the nic it can see, but this doesn't help either ... lastly I thought that although I am still using 1 nic, I should set IP Forwarding ... still nothing.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Is the server listed as multihomed in WINS server ?
If you IPCONFIG /ALL, do you have Hybrid node selected ?
If you IPCONFIG /ALL, do you have Hybrid node selected ?
ASKER
Klover ... you hit the nail on the head there!
I wouldn't want to use NetBEUI in any case due to it causing extra traffic.
Since I resolved the 'being able to see the server's IP address from both subnets' thing ... all I need to do now is resolve the server name to an ip address.
I wouldn't want to use NetBEUI in any case due to it causing extra traffic.
Since I resolved the 'being able to see the server's IP address from both subnets' thing ... all I need to do now is resolve the server name to an ip address.
ASKER
Klover ... you hit the nail on the head there!
I wouldn't want to use NetBEUI in any case due to it causing extra traffic.
Since I resolved the 'being able to see the server's IP address from both subnets' thing ... all I need to do now is resolve the server name to an ip address.
I wouldn't want to use NetBEUI in any case due to it causing extra traffic.
Since I resolved the 'being able to see the server's IP address from both subnets' thing ... all I need to do now is resolve the server name to an ip address.
ASKER
I am not sure about the server being listed as multihomed in WINS since I have shutdown the service, but in IPCONFIG /ALL it is of the Hybrid node type.
Would it be considered multihomed if it only has one nic? Or does multihomed mean multiple addresses?
WINS is enabled on a test workstation, as well as the Lmhosts file entry to try resolve the server name to it's IP address ... as per the suggestion a few comments back, but it ain't working.
Would it be considered multihomed if it only has one nic? Or does multihomed mean multiple addresses?
WINS is enabled on a test workstation, as well as the Lmhosts file entry to try resolve the server name to it's IP address ... as per the suggestion a few comments back, but it ain't working.
Just having an LMHOSTS file is not enough because it is never the first method of resolution -- Unless you use the #PRE tag...
10.0.0.1 SERVER #PRE
The #PRE loads the name into cache permanently.
10.0.0.1 SERVER #PRE
The #PRE loads the name into cache permanently.
Hard work for a 50 pointer... Hey, check to see if your router can forward the packets between the two networks. I know I had it working that way at our office with a Pipline 50. Actually, on second thought, NT as multihomed is probably better.
Multihomed = 2+ NIC
#PRE tag loads the entry into the cache on bootup.
Other entries are accessed as and when other name resolution methods fail.
H-node searches in the following order :
NetBIOS Name Cache
NetBIOS Name Server
Broadcasting a NetBIOS Name Query
Checking LMHOSTS
HOSTS file
DNS
If you want name resolution to span both subnets, you will need a seperate WINS server in each, both configured to pull replication info. from each other.
Or... you could use WINS Proxy Agent to forward WINS requests from one subnet to another, as long as all machines on that subnet were set to B-node.
My this is getting complicated...
You're probably best off setting up 2 WINS servers - far easier !
#PRE tag loads the entry into the cache on bootup.
Other entries are accessed as and when other name resolution methods fail.
H-node searches in the following order :
NetBIOS Name Cache
NetBIOS Name Server
Broadcasting a NetBIOS Name Query
Checking LMHOSTS
HOSTS file
DNS
If you want name resolution to span both subnets, you will need a seperate WINS server in each, both configured to pull replication info. from each other.
Or... you could use WINS Proxy Agent to forward WINS requests from one subnet to another, as long as all machines on that subnet were set to B-node.
My this is getting complicated...
You're probably best off setting up 2 WINS servers - far easier !
ftp://ftp.microsoft.com/bussys/winnt/winnt-docs/papers/winswp.doc
is the WINS white paper - may help you clear a few things up ?
I don't think this is a 50 point question any more !
is the WINS white paper - may help you clear a few things up ?
I don't think this is a 50 point question any more !
ASKER
I am going to email the community support and award both of you guys (klover & Tim) 50 points each for your help.
Thanks for your help.
Thanks for your help.
ASKER
Guys ... check out Q.10296722 in the Community Support section.
Is it fixed then ?
Where's the community support section gone ?
Could you post up a link to that question - I can't find it !
Could you post up a link to that question - I can't find it !
Ooops !
Found it - don't worry !
Found it - don't worry !
You don't need two WINS servers if you have a multihomed NT server running WINS.
Tim I have posted a new question for you in this topic area for 50 points from jaycee26's account.
https://www.experts-exchange.com/jsp/qShow.jsp?ta=winntnet&qid=10297005
darinw
Customer Service
https://www.experts-exchange.com/jsp/qShow.jsp?ta=winntnet&qid=10297005
darinw
Customer Service
ASKER
The problem is not fixed since I don't have the resources right now to set up another WINS server, or to multihome the server ... but, since I am able to ping the IP addresses of the nic from both subnets, it's just a matter of getting around to implementing name resolution by whatever means I will have in the near future.
So klover gets the points even though he totally neglected to point out the fact that you need to give each of your machines a relevant default gateway and didn't know that you could assign to IPs to one interface under NT? Fine.
hstiles, don't disrespect me boy...
I didn't "neglect" the default gateway issue.
First of all, I told him...
>>Some routers support 2 IPs on one Ethernet interface and will route traffic from one subnet to the other.
Well, I did a little digging. I found the operator's manual for a Pipe 50/75/85 and is says....
Assigning two addresses: Dual IP
The Pipeline can assign two separate IP addresses to a single physical Ethernet port and route between them-a feature often referred to as "dual IP." The two addresses provide logical interfaces to two networks or subnets on the same backbone.
Usually devices connected to the same physical wire belong to the same IP network. With dual IP, one wire can support two IP networks. Devices on the wire are assigned to one network or the other. The devices route information to each other through the Pipeline.
In this configuration, you would certainly set the default gatway on the workstations as the IP of the ISDN router, don't you agree?
In the event that his router did not support Dual IP, I told him to leave it set as the ISDN router interface for the subnet and add static routes pointing to the other subnet (at this point I thought he may have 2 routers.) I prefer this configuration because
a. you get fewer ICMP redirects (the Internet is likely to get more hits than the other side of the LAN) and
b. at least your users can still browse the Internet while the server is down (without having to wait for dead gateway detection, then have to reboot to reset the gateway)
And what makes you think I "didn't know that you could assign to (< I assume you meant "2") IPs to one interface under NT?"
I told jaycee in my first comment...
>>Another way to do this is with a multihomed NT server
Maybe you should look up the definition of multihomed; I knew it all along. Here, I'll do it for you. (Tim should also pay attention as he gave a half correct response of "Multihomed = 2+ NIC" when asked for the definition.)
A multihomed computer is one that has multiple network interfaces. For computers using TCP/IP, these interfaces can be seperate network interface cards (NICs) or multiple IP addresses on one NIC.
If you don't believe me...
http://support.microsoft.com/support/kb/articles/Q157/0/25.ASP
Since I'm on a roll... What makes Tim think that two WINS servers are required to make this work???
I didn't "neglect" the default gateway issue.
First of all, I told him...
>>Some routers support 2 IPs on one Ethernet interface and will route traffic from one subnet to the other.
Well, I did a little digging. I found the operator's manual for a Pipe 50/75/85 and is says....
Assigning two addresses: Dual IP
The Pipeline can assign two separate IP addresses to a single physical Ethernet port and route between them-a feature often referred to as "dual IP." The two addresses provide logical interfaces to two networks or subnets on the same backbone.
Usually devices connected to the same physical wire belong to the same IP network. With dual IP, one wire can support two IP networks. Devices on the wire are assigned to one network or the other. The devices route information to each other through the Pipeline.
In this configuration, you would certainly set the default gatway on the workstations as the IP of the ISDN router, don't you agree?
In the event that his router did not support Dual IP, I told him to leave it set as the ISDN router interface for the subnet and add static routes pointing to the other subnet (at this point I thought he may have 2 routers.) I prefer this configuration because
a. you get fewer ICMP redirects (the Internet is likely to get more hits than the other side of the LAN) and
b. at least your users can still browse the Internet while the server is down (without having to wait for dead gateway detection, then have to reboot to reset the gateway)
And what makes you think I "didn't know that you could assign to (< I assume you meant "2") IPs to one interface under NT?"
I told jaycee in my first comment...
>>Another way to do this is with a multihomed NT server
Maybe you should look up the definition of multihomed; I knew it all along. Here, I'll do it for you. (Tim should also pay attention as he gave a half correct response of "Multihomed = 2+ NIC" when asked for the definition.)
A multihomed computer is one that has multiple network interfaces. For computers using TCP/IP, these interfaces can be seperate network interface cards (NICs) or multiple IP addresses on one NIC.
If you don't believe me...
http://support.microsoft.com/support/kb/articles/Q157/0/25.ASP
Since I'm on a roll... What makes Tim think that two WINS servers are required to make this work???
In the event that his router did not support Dual IP, I told him to leave default gateway on workstations set as the ISDN router interface for the subnet and add static routes pointing to the other subnet (at this point I thought he may have 2 routers.) I prefer this configuration because
I think we've gone a little off tangent.
The basic problem is that Jaycee cannot browse across subnets.
In order to browse across subnets, you need :
1 single-homed NT PDC (Domain Master Browser) on subnet 1.
(or you can have a multi-homed box if you disable NetBT on all interfaces bar one).
For subnet 1, this will also become a master browser.
On subnet 2, a master browser will be elected automatically (which needs to be an NT box).
We've not even covered what type of machines live on either subnets, and how many domains he's got !
This info will help ! - also - how many NICs in your PDC ?
Klover - 2 WINS servers - one primary, one secondary are required for redundancy.
You may as well stick one on each subnet.
One WINS server could serve both subnets, as they share the same network ID / local network...
My this is getting confusing !?
The basic problem is that Jaycee cannot browse across subnets.
In order to browse across subnets, you need :
1 single-homed NT PDC (Domain Master Browser) on subnet 1.
(or you can have a multi-homed box if you disable NetBT on all interfaces bar one).
For subnet 1, this will also become a master browser.
On subnet 2, a master browser will be elected automatically (which needs to be an NT box).
We've not even covered what type of machines live on either subnets, and how many domains he's got !
This info will help ! - also - how many NICs in your PDC ?
Klover - 2 WINS servers - one primary, one secondary are required for redundancy.
You may as well stick one on each subnet.
One WINS server could serve both subnets, as they share the same network ID / local network...
My this is getting confusing !?
ASKER
okay guys ... it's seems this is getting a little heated.
hstiles ... i didn't select klover's answer as the correct one, this i left up to the Community Support folks (see CS question number mentioned in one of my comments above)
klover & Tim ... additional info on my network is as follows-
ONE physical network consisting of ONE ISDN router, ONE NT PDC server, about 40 Windows 98 PCs and ONE HP LJ 2100 connected to the parallel port on the PDC.
I know there should be a BDC too, and I would like there to be a few other devices too, but financial constraints are not making this happen right now, hence my dilemma with trying to get PCs on both subnets to see the PDC so as to logon to gain access to the print, file share, etc. resources.
MY ISP has provided me with 2 255.255.255.224 subnets; they are unable to give me contiguous ones; the little router has been configured with a gateway IP from each subnet so as to send internet requests out to the service provider.
Dual IPing the single nic in the PDC has enabled me to be able to ping the PDC from both of these subnets, but this is not sufficient to handle logon requests. The PCs on the subnet which the PDC has the secondary IP for can't browse, ping ... or anything else, the server name. They can ONLY ping the IP address.
Does this clear things up a little? I know it should have all been described right in the beginning. Apologies for that.
hstiles ... i didn't select klover's answer as the correct one, this i left up to the Community Support folks (see CS question number mentioned in one of my comments above)
klover & Tim ... additional info on my network is as follows-
ONE physical network consisting of ONE ISDN router, ONE NT PDC server, about 40 Windows 98 PCs and ONE HP LJ 2100 connected to the parallel port on the PDC.
I know there should be a BDC too, and I would like there to be a few other devices too, but financial constraints are not making this happen right now, hence my dilemma with trying to get PCs on both subnets to see the PDC so as to logon to gain access to the print, file share, etc. resources.
MY ISP has provided me with 2 255.255.255.224 subnets; they are unable to give me contiguous ones; the little router has been configured with a gateway IP from each subnet so as to send internet requests out to the service provider.
Dual IPing the single nic in the PDC has enabled me to be able to ping the PDC from both of these subnets, but this is not sufficient to handle logon requests. The PCs on the subnet which the PDC has the secondary IP for can't browse, ping ... or anything else, the server name. They can ONLY ping the IP address.
Does this clear things up a little? I know it should have all been described right in the beginning. Apologies for that.
Perhaps I should have left a comment regarding why I chose klover's comment as the answer. Jaycee26 indicated in a comment that klover had hit it dead on with a previous comment.
darinw
Customer Service
darinw
Customer Service
Jaycee,
With your setup, you won't be able to automatically view browsing information across subnets, as you don't have an NT-based Master Browser in your 2nd subnet.
As you only have one NIC in your PDC, you can only bind one instance of NetBT to it.
By your explanation, it seems the ISP has given you 40-50 odd valid Internet addresses - is this correct ?
Normally, the ISP would just assign you ONE external IP address, to which you could attach a Proxy server or NAT router, so I'm perplexed as to why they've given you a 'range' of IP addresses, and fear they could be ripping you off !
To get everything to work, without extra expenditure, an LMHOSTS file on each PC will do the job.
Note you can store this file on a network drive and point clients to it, if you want to ease the pain of administration.
Your last comment made things so much clearer !
Tim
With your setup, you won't be able to automatically view browsing information across subnets, as you don't have an NT-based Master Browser in your 2nd subnet.
As you only have one NIC in your PDC, you can only bind one instance of NetBT to it.
By your explanation, it seems the ISP has given you 40-50 odd valid Internet addresses - is this correct ?
Normally, the ISP would just assign you ONE external IP address, to which you could attach a Proxy server or NAT router, so I'm perplexed as to why they've given you a 'range' of IP addresses, and fear they could be ripping you off !
To get everything to work, without extra expenditure, an LMHOSTS file on each PC will do the job.
Note you can store this file on a network drive and point clients to it, if you want to ease the pain of administration.
Your last comment made things so much clearer !
Tim
Put every one on one private subnet, like 192.168.0.1/24, turn on NAT on your ISDN box (it's more secure anyway) and call it good. I'm sitting behind an ISDN NAT firewall right now.
PS Here's a little trick I like for using LMHOSTS and keeping it up to date. You have to copy it manually to any workstation that can't resolve the IP of the server the first time, but after that it works great.
In the network login script...
Net use f: \\server\netadmin
copy f:\lmhosts c:\windows /y
copy f:\hosts c:\windows /y
nbtstat -R
Sorry to get a little beligerent, but I don't like being singled out as giving crappy answers, when I'm not the one giving them. I'm backing off of Tim - I mistook your recommendation of dual WINS servers as a requirement.
PS Here's a little trick I like for using LMHOSTS and keeping it up to date. You have to copy it manually to any workstation that can't resolve the IP of the server the first time, but after that it works great.
In the network login script...
Net use f: \\server\netadmin
copy f:\lmhosts c:\windows /y
copy f:\hosts c:\windows /y
nbtstat -R
Sorry to get a little beligerent, but I don't like being singled out as giving crappy answers, when I'm not the one giving them. I'm backing off of Tim - I mistook your recommendation of dual WINS servers as a requirement.
ASKER
Tim, yes, my internet provider has given us 2 non-contiguous ip ranges of 30 addresses in each.
I have only just started working at this new company, and I think they are paying for 2 subnets within a subnet. In any case, I think we are going with another isp in a couple of months, probably Frame Relay (DSL in our area is still too buggy) ... and probably by this time there will be a Proxy in place.
Thanks for your help.
klover, thank you for all your help too ... where can I get more info on setting up this ISDN NAT firewall? Does the router documentation contain the instruction for this? I think the Pipeline model I have is a 50, but we may be going for a 95 model pretty soon as it can handle 4 64k channels ... we need more bandwidth pretty soon.
hstiles, thanks for your help too ... sorry for not including you in the 50 points each thing ... the other 2 seemed so keen by posting and posting ... pretty determined to get my problem fixed.
I'll let you know how I get on with the LMhosts file ...
I have only just started working at this new company, and I think they are paying for 2 subnets within a subnet. In any case, I think we are going with another isp in a couple of months, probably Frame Relay (DSL in our area is still too buggy) ... and probably by this time there will be a Proxy in place.
Thanks for your help.
klover, thank you for all your help too ... where can I get more info on setting up this ISDN NAT firewall? Does the router documentation contain the instruction for this? I think the Pipeline model I have is a 50, but we may be going for a 95 model pretty soon as it can handle 4 64k channels ... we need more bandwidth pretty soon.
hstiles, thanks for your help too ... sorry for not including you in the 50 points each thing ... the other 2 seemed so keen by posting and posting ... pretty determined to get my problem fixed.
I'll let you know how I get on with the LMhosts file ...
Ethernet > NAT
off of the main telnet router menu. Set NAT routing to ON.
Hint: With NAT routing on, it does not matter what IPs you use inside. You could expand the subnet mask on the subnet that hosts your server enough to accomodate the other half of the network. Then you only have to renumber half of your hosts. ReIPing your whole LAN can be a pain, don't ask me how I know.
off of the main telnet router menu. Set NAT routing to ON.
Hint: With NAT routing on, it does not matter what IPs you use inside. You could expand the subnet mask on the subnet that hosts your server enough to accomodate the other half of the network. Then you only have to renumber half of your hosts. ReIPing your whole LAN can be a pain, don't ask me how I know.
How much does it cost you to lease 60 IP address from your ISP ?
Compare this to a cost of $89 for a reasonable Proxy server (that handles all the NAT for you) and I'll think you'll fall off your chair !
Compare this to a cost of $89 for a reasonable Proxy server (that handles all the NAT for you) and I'll think you'll fall off your chair !
He don't need no stinkin' proxy. His router supports NAT. You can still feel free to fall off your chair!
Someone has to route traffic from one subnet to the other. Some routers support 2 IPs on one Ethernet interface and will route traffic from one subnet to the other. (My Ascend Pipe50 does this) Another way to do this is with a multihomed NT server with IP forwarding enabled.
The second requirment is name resolution. You can run WINS on the multihomed server mentioned above to dynamically created the browse list. (Best option) If you don't have an NT server you can use LMHOSTS files on each computer to map NetBIOS names to IP addresses for computers on the remote subnet. The LMHOSTS files reside in c:\windows on Win9x computers and in c:\winnt\system32\drivers\
192.168.50.1 NTSERVER #PRE #DOM:"your domain"