Solved: Route Network A to network B

First of all, it is a bad idea to multihome your PDC, but that aside, did you enable IP forwarding in the TCP/IP properties on the PDC? Do the workstations on each network have the IP of the PDc as the default gateway?

VoiceOfDissent

ASKER

Yes, the default gateway is the PDC (10.4.4.1) I won't get into details as to *why* things are set the way they are set...Suffice it to say, it's not my mess but I have to deal with it...if I had my way, things would be different...but I don't, so... ;-)

And yes, IP forwarding is enabled.

geoffryn

Can you do a route print on the PDC and post the result?

VoiceOfDissent

ASKER

OK then....this is a nasty one...Try to ignore the excess garbage.

Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 206.135.208.77 206.135.208.181 1
10.1.2.64 255.255.255.192 10.4.4.196 10.4.4.1 1
10.1.2.69 255.255.255.255 10.4.4.196 10.4.4.1 1
10.1.2.102 255.255.255.255 10.4.4.196 10.4.4.1 1
10.1.2.103 255.255.255.255 10.4.4.196 10.4.4.1 1
10.1.2.104 255.255.255.255 10.4.4.196 10.4.4.1 1
10.1.2.105 255.255.255.255 10.4.4.196 10.4.4.1 1
10.1.2.106 255.255.255.255 10.4.4.196 10.4.4.1 1
10.1.2.107 255.255.255.255 10.4.4.196 10.4.4.1 1
10.1.2.108 255.255.255.255 10.4.4.196 10.4.4.1 1
10.1.2.110 255.255.255.255 10.4.4.196 10.4.4.1 1
10.1.2.112 255.255.255.255 10.4.4.196 10.4.4.1 1
10.1.2.192 255.255.255.192 10.4.4.196 10.4.4.1 1
10.1.2.197 255.255.255.255 10.4.4.196 10.4.4.1 1
10.1.2.201 255.255.255.255 10.4.4.196 10.4.4.1 1
10.1.2.203 255.255.255.255 10.4.4.196 10.4.4.1 1
10.1.2.204 255.255.255.255 10.4.4.196 10.4.4.1 1
10.1.2.205 255.255.255.255 10.4.4.196 10.4.4.1 1
10.1.2.207 255.255.255.255 10.4.4.196 10.4.4.1 1
10.1.4.64 255.255.255.192 10.4.4.196 10.4.4.1 1
10.1.4.69 255.255.255.255 10.4.4.196 10.4.4.1 1
10.1.4.102 255.255.255.255 10.4.4.196 10.4.4.1 1
10.1.4.103 255.255.255.255 10.4.4.196 10.4.4.1 1
10.4.4.0 255.255.255.0 10.4.4.1 10.4.4.1 1
10.4.4.1 255.255.255.255 127.0.0.1 127.0.0.1 1
10.4.4.192 255.255.255.192 10.4.4.196 10.4.4.1 1
10.4.7.192 255.255.255.192 10.4.4.196 10.4.4.1 1
10.4.8.0 255.255.255.0 10.4.4.196 10.4.4.1 1
10.4.8.5 255.255.255.255 10.4.4.196 10.4.4.1 1
10.4.8.10 255.255.255.255 10.4.4.196 10.4.4.1 1
10.4.8.11 255.255.255.255 10.4.4.196 10.4.4.1 1
10.4.8.13 255.255.255.255 10.4.4.196 10.4.4.1 1
10.4.8.14 255.255.255.255 10.4.4.196 10.4.4.1 1
10.4.8.16 255.255.255.255 10.4.4.196 10.4.4.1 1
10.255.255.255 255.255.255.255 10.4.4.1 10.4.4.1 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.1.48.0 255.255.255.0 192.1.48.20 192.1.48.20 1
192.1.48.0 255.255.255.0 10.4.4.1 10.4.4.1 1
10.4.4.192 255.255.255.192 10.4.4.196 10.4.4.1 1
10.4.7.192 255.255.255.192 10.4.4.196 10.4.4.1 1
10.4.8.0 255.255.255.0 10.4.4.196 10.4.4.1 1
10.4.8.5 255.255.255.255 10.4.4.196 10.4.4.1 1
10.4.8.10 255.255.255.255 10.4.4.196 10.4.4.1 1
10.4.8.11 255.255.255.255 10.4.4.196 10.4.4.1 1
10.4.8.13 255.255.255.255 10.4.4.196 10.4.4.1 1
10.4.8.14 255.255.255.255 10.4.4.196 10.4.4.1 1
10.4.8.16 255.255.255.255 10.4.4.196 10.4.4.1 1
10.255.255.255 255.255.255.255 10.4.4.1 10.4.4.1 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.1.48.0 255.255.255.0 192.1.48.20 192.1.48.20 1
192.1.48.0 255.255.255.0 10.4.4.1 10.4.4.1 1
192.1.48.20 255.255.255.255 127.0.0.1 127.0.0.1 1
206.135.208.180 255.255.255.252 206.135.208.181 206.135.208.181 1
206.135.208.181 255.255.255.255 127.0.0.1 127.0.0.1 1
206.135.208.255 255.255.255.255 206.135.208.181 206.135.208.181 1
224.0.0.0 224.0.0.0 10.4.4.1 10.4.4.1 1
224.0.0.0 224.0.0.0 192.1.48.20 192.1.48.20 1
224.0.0.0 224.0.0.0 206.135.208.181 206.135.208.181 1
255.255.255.255 255.255.255.255 10.4.4.1 10.4.4.1 1
===========================================================================

VoiceOfDissent

ASKER

As you can see...I'm coming into quite a mess here. Again, not the way I would prefer things, but I'm pretty much forced to play ball with what was tossed to me.

VoiceOfDissent

ASKER

Hmm...for the sake of argument, let's assume that we're only concerned with my PC being able to access the destination machine, 192.1.48.128. Because, in all honesty, no one else needs to be accessing SyBase anyways. Beg pardon for my muddled thoughts here, long day.

The rest of the systems are using 10.4.4.196 as a gateway...why, I can't answer right now.

geoffryn

That route table is messed up. You appear to have conflicting routes for 192.1.48.0

192.1.48.0 255.255.255.0 192.1.48.20 192.1.48.20 1
192.1.48.0 255.255.255.0 10.4.4.1 10.4.4.1 1

That route should not exist off both interfaces with the same metric. Try deleting the route on the 10.4.4.1 interface.

VoiceOfDissent

ASKER

Taken care of...but still can't ping 192.1.48.128 from my workstation...only from the PDC.

geoffryn

You also have a strange route for 10.4.4.0. I wouldn't even try fix this problem unless you are going to fix the entire route table.

geoffryn

And what is the 206.135 address? You should be able to consolidate all the 10.1.2.x routes into 1 and all the 10.4.8.X routes into 1. There is too much mixing of netmasks .0 .192 ?

SysExpert

Same problem with

224.0.0.0 224.0.0.0 10.4.4.1 10.4.4.1 1
224.0.0.0 224.0.0.0 192.1.48.20 192.1.48.20 1

also
192.1.48.0 255.255.255.0 192.1.48.20 192.1.48.20 1
192.1.48.0 255.255.255.0 10.4.4.1 10.4.4.1 1

shows up twice !!

after cleaning this, print it again and remove any duplicates,
then post it again.

I hope this helps !

geoffryn

The 224. is multicast. Even if you delete it it will come back and it should be on both interfaces, don't worry about it. But fix the other stuff

VoiceOfDissent

ASKER

Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 206.135.208.77 206.135.208.181 1
10.1.2.0 255.255.255.192 10.4.4.196 10.4.4.1 1
10.1.4.64 255.255.255.192 10.4.4.196 10.4.4.1 1
10.1.4.102 255.255.255.255 10.4.4.196 10.4.4.1 1
10.4.4.0 255.255.255.0 10.4.4.1 10.4.4.1 1
10.4.4.1 255.255.255.255 127.0.0.1 127.0.0.1 1
10.4.4.192 255.255.255.192 10.4.4.196 10.4.4.1 1
10.4.7.192 255.255.255.192 10.4.4.196 10.4.4.1 1
10.4.8.0 255.255.255.0 10.4.4.196 10.4.4.1 1
10.255.255.255 255.255.255.255 10.4.4.1 10.4.4.1 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.1.48.0 255.255.255.0 192.1.48.20 192.1.48.20 1
192.1.48.20 255.255.255.255 127.0.0.1 127.0.0.1 1
206.135.208.180 255.255.255.252 206.135.208.181 206.135.208.181 1
206.135.208.181 255.255.255.255 127.0.0.1 127.0.0.1 1
206.135.208.255 255.255.255.255 206.135.208.181 206.135.208.181 1
224.0.0.0 224.0.0.0 10.4.4.1 10.4.4.1 1
224.0.0.0 224.0.0.0 192.1.48.20 192.1.48.20 1
224.0.0.0 224.0.0.0 206.135.208.181 206.135.208.181 1
255.255.255.255 255.255.255.255 10.4.4.1 10.4.4.1 1
===========================================================================

The 206.135.xxx.xxx are connected to our T-1. I've been expressly warned about the hazards of messing with those, so I'll leave it alone.

Hopefully this is a bit cleaner. Thanks, guys.

vsamtani

What are the other network cards in your PDC, and what are their IP addresses? And what purpose are they serving?

From what you've said so far, it sounds like you have three NICs in the PDC. Let me just recap to get it clear:

1. ip:10.4.4.1, on a 10.4.4.0/255.255.255.0 network
2. ip:192.1.48.20 on a 192.1.48.0/255.255.255.0 network
3. ip:206.135.208.181 on a 206.135.208.180/255.255.255.252 network

We also need to know what's going on with your T-1. Is there a router box, and if so, what is its ip address?

If my assumptions above are correct, then in the scenario where you have a separate router box for your T1, connected to your 3rd network card 206.135.208.181, and the router box has ip address aa.bb.cc.dd, your route table needs to look like this:

===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 aa.bb.cc.dd 206.135.208.181 1
10.4.4.0 255.255.255.0 10.4.4.1 10.4.4.1 1
10.4.4.1 255.255.255.255 127.0.0.1 127.0.0.1 1
10.4.4.255 255.255.255.255 10.4.4.1 10.4.4.1 1
192.1.48.0 255.255.255.0 192.1.48.20        192.1.48.20 1
192.1.48.20 255.255.255.255 192.1.48.20        192.1.48.20 1
192.1.48.255 255.255.255.255 192.1.48.20 192.1.48.20 1
206.135.208.181 255.255.255.252 206.135.208.181 206.135.208.181 1
206.135.208.181 255.255.255.255 127.0.0.1 127.0.0.1 1
206.135.208.255 255.255.255.255 206.135.208.181 206.135.208.181 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 224.0.0.0 10.0.0.34 10.0.0.34 1
255.255.255.255 255.255.255.255 10.0.0.34 10.0.0.34 1
===========================================================================

On the other hand, if your T1 connection is going directly into the NIC in your PDC with ip address 206.135.208.181, it needs to look like this:

===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 206.135.208.181 206.135.208.181 1
10.4.4.0 255.255.255.0 10.4.4.1 10.4.4.1 1
10.4.4.1 255.255.255.255 127.0.0.1 127.0.0.1 1
10.4.4.255 255.255.255.255 10.4.4.1 10.4.4.1 1
192.1.48.0 255.255.255.0 192.1.48.20        192.1.48.20 1
192.1.48.20 255.255.255.255 192.1.48.20        192.1.48.20 1
192.1.48.255 255.255.255.255 192.1.48.20 192.1.48.20 1
206.135.208.181 255.255.255.252 206.135.208.181 206.135.208.181 1
206.135.208.181 255.255.255.255 127.0.0.1 127.0.0.1 1
206.135.208.255 255.255.255.255 206.135.208.181 206.135.208.181 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 224.0.0.0 10.0.0.34 10.0.0.34 1
255.255.255.255 255.255.255.255 10.0.0.34 10.0.0.34 1
===========================================================================

(the only change is the first line, your default route).

You have entries in your route table currently for 10.1.4.x machines. Do you have any such machines?

In any case, Network A machines need to have their netmasks set to 255.255.255.0 and their default gateway set to 10.4.4.1. Network B need subnet mask 255.255.255.0 and def gateway 192.1.48.20. This assumes that your PDC is the thing that connects directly to your T1 (or to the T1 router). Please do give more details on the T1, and obscure the actual ip addresses so that hackers who read this page don't get tempted.

Vijay

VoiceOfDissent

ASKER

Vijay,

Yes, your assumptions about the functions of the three network cards are correct.

Getting onto the subject of the T-1 is kind of straying from my initial question...which is how to route Network A (10.4.4.x) to Network B (192.1.48.x). I'm not concerned so much with the routing tables, as that falls a bit outside my realm of experience, as well as responsibility. In fact, I have no responsibility to this end...I merely want to make my life easier by accessing Sybase through ODBC...which I can't do until I can successfully route to the 192.1.48.128 machine that it is housed on. I'm not overtly concerned with how "dirty" things are...just so long as I can do what I need to do.

As stated earlier, I can successfully ping 192.1.48.20, the NIC attached to network B on the PDC. Getting beyond it is another question.

vsamtani

Can you ping from the sybase box to anything on network A?

Let's just boil it down as you suggested to three machines: your machine on Network A (let's call it PC-A), your sybase host on Network B (let's call it PC-Sybase) and your NT box (let's call it, ummm, NT-Box)...

PC-A needs to have one and only one gateway defined, and that is 10.4.4.1. Its subnet mask should be 255.255.255.0

PC-Sybase needs to have one and only one gateway defined, and that is 192.1.48.20. Subnet mask also 255.255.255.0

(I'm sure these are both already correct - can you confirm?)

NT-Box needs to have these routes in its route table:
Network Destination Netmask Gateway Interface Metric
10.4.4.0 255.255.255.0 10.4.4.1 10.4.4.1 1
10.4.4.1 255.255.255.255 127.0.0.1 127.0.0.1 1
10.4.4.255 255.255.255.255 10.4.4.1 10.4.4.1 1
192.1.48.0 255.255.255.0 192.1.48.20 192.1.48.20 1
192.1.48.20 255.255.255.255 192.1.48.20 192.1.48.20 1
192.1.48.255 255.255.255.255 192.1.48.20 192.1.48.20 1

in other words, it can have other entries as well, eg the ones that relate to the T1 and whatever else might be going on, but it must have these somewhere in the table. From your last posted route table, you have all of these except the third, where you have 10.255.255.255 instead of 10.4.4.255, but that shouldn't have any ill effects on pinging.

As far as I can see, if your last posted route table is what's on NT-box, then it has the correct routing entries, and even if it has some incorrect ones as well, they don't interfere with the routes between networks A and B. I don't want to sound annoying here, but please double and triple check the gateway setting on your pc-sybase box - it must be 192.1.48.20, and it should be the only and default gateway.

Vijay

dcgames

Hmm.. Lots of discussion, but I don't see anyone checking the routes on the CLIENT. Just the router (PDC)..

The setup is straight forward:

On any PC on network A

a) default route = 10.4.4.1
b) No defined routes for 192.1.48.0

If routes for 192.1.etc. are defined in the PC client, then make sure that the route to 192.1.48.128 uses gateway 10.4.4.1.

Now, on the PDC which is NOT a PDC in this case, but a router, you need a the following routes:

10.4.4.0/255.255.255.0 gateway 127.0.0.1 interface-A
192.1.48.0/255.255.255.0 gateway 127.0.0.1 interface-B
IP Forwarding should be enabled both ways.

On the SYBASE server you need to have:

a) default route = 192.1.48.20
b) No other routes for 10.4.4.0

If routes for 10.4.4.0 exist, make sure the route to 10.4.4.pc goes to 192.1.48.0.

Check if there are any FIREWALLS or IP-Filtering being done?

Go to the client and PING 10.4.4.1, 192.1.48.20 and 192.1.48.sybase and tell us what you see?

Do a trace route also to see what it tries.

Dave

VoiceOfDissent

ASKER

OK...As requested, Dave...from the client PC...

Active Routes:

Network Address Netmask Gateway Address Interface Metric
0.0.0.0 0.0.0.0 10.4.4.1 10.4.4.80 1
10.4.4.0 255.255.255.0 10.4.4.80 10.4.4.80 1
10.4.4.80 255.255.255.255 127.0.0.1 127.0.0.1 1
10.255.255.255 255.255.255.255 10.4.4.80 10.4.4.80 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 224.0.0.0 10.4.4.80 10.4.4.80 1
255.255.255.255 255.255.255.255 10.4.4.80 10.4.4.80 1

Pinging 10.4.4.1 with 32 bytes of data:

Reply from 10.4.4.1: bytes=32 time=1ms TTL=128
Reply from 10.4.4.1: bytes=32 time<10ms TTL=128
Reply from 10.4.4.1: bytes=32 time=1ms TTL=128
Reply from 10.4.4.1: bytes=32 time<10ms TTL=128

Pinging 192.1.48.20 with 32 bytes of data:

Reply from 192.1.48.20: bytes=32 time<10ms TTL=128
Reply from 192.1.48.20: bytes=32 time=1ms TTL=128
Reply from 192.1.48.20: bytes=32 time=1ms TTL=128
Reply from 192.1.48.20: bytes=32 time<10ms TTL=128

Pinging 192.1.48.128 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

VoiceOfDissent

ASKER

Addendum...there are no firewalls or IP flitering being done.

geoffryn

Post the route table fron the Sybase box.

vsamtani

The ping results indicate that the PDC is correctly forwarding between the two NICs, and it would be enormously surprising if it's not also routing correctly between networks A 10.4.4.0 and B 192.1.48.0. And the ping result on 192.1.48.128 (request timed out) corroborates this, since if the PDC were having routing troubles it would be more likely to tell respond with "destination network unreachable".

The forces of routing law and order are closing in on your sybase box....

V

VoiceOfDissent

ASKER

I would be forced to agree with you. Unfortunately, my access to the SyBase box is limited for the moment. All I have to go on there is information passed along...PDC is a new server. It was brought in before I was, and replaced the old PDC...with the old PDC, apparently this all worked properly. Which really has me scratching my head now, because from all indications, the SyBase box wasn't touched, and the new server is set up like the old server. Obviously, something is missing. You guys are being a tremendous help in running this down, though. When I can get access to the Sybase box, I can post some results.

vsamtani

VoD: any progress?

Vijay

eng40490

From PC-sybase,
ping 10.4.4.1
ping 10.4.4.80 # the client

PC-sybase would not, by default, send (or responsd to) any packet to a private ip-address like 10.x.x.x. To overwrite the default, define a route in PC-sybase's routing table.

route add 10.4.4.0 mask 255.255.255.0 192.1.48.20

if your problem has already been solved, Tell me your solution please.

VoiceOfDissent

ASKER

I haven't posted in a long while on this...but the solution was tied to the sybase server...it's routing was a mess. After obtaining permission to poke around in there (the system is not property of my company) I cleaned up a few things, and now, wonderfully, get the results I need....

C:\>ping 192.1.48.128

Pinging 192.1.48.128 with 32 bytes of data:

Reply from 192.1.48.128: bytes=32 time<10ms TTL=253
Reply from 192.1.48.128: bytes=32 time<10ms TTL=253
Reply from 192.1.48.128: bytes=32 time<10ms TTL=253
Reply from 192.1.48.128: bytes=32 time<10ms TTL=253

Thanks to everyone who helped. I'd give you all points if I could.

VoiceOfDissent

ASKER

Just in case any of you take notes or care, it's been a long 8 months for me...And figuring out all of this without the aid of explanation or documentation has been an arduous task when coupled with my "normal" duties of dealing with airlines and clients, and the data they require...

Our network consists of 2 parts...our front office, the travel agents, who run on a Win95/98 network spearheaded by a couple Win NT servers. This is where the clients gateway into 10.4.4.196 as I mentioned awhile back. This is required by the reservation software.

Our backoffice, our accounting department, runs on a Win98 interface, logging into a Netware server. On this same side is the database server, which provides access for all of our reporting needs. The database server is my target, as all of my reports are created through an ODBC connection combined with Access and Crystal reports. This topic began because it is in my best interest to be able to access this server directly from my desktop, without the need of multiple computers (as was the case when I began working here). I've since managed to eliminate my need for 2 different computers.

I'm not a fan of the whole Win9x architecture, especially in this environment, but unfortunately we are tied by contract to this default OS. I'm having that rewritten when renewal comes around in 2003, but until then, we're stuck with the following scenario:

Front office, token ring network. Back office, 100mBps ethernet. The primary domain controller (multihomed) contains 3 network cards, as someone pointed out; one on each of the above interfaces, and one as a direct link to the internet through a wonderfully slow frame-relay. Our primary domain controller functions as our proxy server and Exchange server as well. I am unhappy with this scenario, but unfortunately, the hooks of protocol have me held firm. My goal is to change these issues in the future, but for now I have to make due.

My primary job is to work with our clients and airlines on reporting issues, while my secondary job is to maintain this network with the support of our parent...who, unfortunately, seem to know less about their job than they should.

Again, thanks to all of you. You helped to save me a lot of aggravation.