Solved

IP routing mystery -- bug or feature?

Posted on 2001-06-06
11
211 Views
Last Modified: 2013-12-23
Common IP wisom says that two nodes on the same physical network having different IP network adresses (e.g. 10.0.0.1/255.0.0.0 and 192.168.1.1/255.255.255.0) cannot exchange any IP packets without a third box having routing software installed.

Try this: set up two boxes like above, connect them via a crossover cable, and enter the own adress in each boxes standard gateway setting. Now see them successfully ping each other. Wow.

I have checked this using Windows 2000, NT4, Windows 95 and the LAN Manager for DOS IP client, all behave the same way. Have no non-MS clients here.

Is this normal (RFC compliant) IP behavior working on non-Microsoft IP stacks as well? Is this just coincidence or by design?

Armin Linder
0
Comment
Question by:arminl
  • 3
  • 3
  • 2
  • +3
11 Comments
 
LVL 2

Expert Comment

by:tobyk
ID: 6161884
On ethernet each packet goes to every machine on the cable and with a crossover cable it's obviously got only one place to go and will make it to the other machines network card where the ip layer must recognise its ip address
0
 
LVL 37

Expert Comment

by:meverest
ID: 6162285
your assumption is not correct.  unless there is a default route for the given destination network, the system will assume that the destination is on the local network.

so the source computer just spits the packet out onto the ethernet as a broadcast, and the destination hears it.

this is doubly so if there is no default router specified.

so i would suggest that you are seeing expected behaviour.

cheers.
0
 
LVL 12

Expert Comment

by:Nenadic
ID: 6163052
As soon as TCP/IP is installed there is an entry in the routing table for the default route (route used when all others have been checked for gateway):
NETWORK          MASK             GATEWAY
0.0.0.0          0.0.0.0          <local IP address>
That address allows for packets destined for ALL networks of ALL sizes to be remoted via local card.
0
 
LVL 12

Expert Comment

by:Nenadic
ID: 6163053
To view your routing table you can use ROUTE PRINT from Command Prompt.
0
 
LVL 55

Accepted Solution

by:
andyalder earned 100 total points
ID: 6169102
It is the presence of the default gateway. You always ARP for the DG even if it is on another subnet.

You can take your experiment one step further. One dual homed machine and two single homed:

dual,
192.168.1.1/24
192.168.2.1/24

client1
IP 192.168.1.2/24
DG 192.168.2.1

Client2
IP 192.168.2.2/24
DG 192.168.1.1

Client 1 can ping client 2 quite happily even though we have set the hosts DGs up as the 'wrong' nic in the router.

I found the RFC once that says that you have to set the DG as one of the interfaces of the router, it does not say it should be the interface you are connected to. Wish I could find it again as if win2k is the router it replies to the ARP on the interface bound to that subnet rather than the interface it recieved the broadcast on which is really a bug.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 24

Expert Comment

by:SunBow
ID: 6169784
> Is this normal
 - Yes
> just coincidence or by design?
 - design

Both boxes are on same wire. So each hear's other's transmission regardless.

Each sends ping packet out, assuming it will be routed.
Each receives return packet, assuming it was routed

So, beware assumptions (do not neglect the report of round trip time. It can clue you when some relocated employee takes their PC with them and simply plugs it in at new location without telling anybody)

Actually, playing with routing options, you could consider running:
traceRt
rather than ping.

Try it on your scenarios above.
0
 
LVL 55

Expert Comment

by:andyalder
ID: 6170530
But SunBow, the initial transmission (ARP) would not happen if the DG was not present. You never broadcast an ARP for an address on another subnet you send your packet to the DG for forwarding. How do you find the MAC address of the DG? you ARP for it. That's the only reason it works. If you had static routes entered rather than a DG then neither experiment works.
0
 
LVL 4

Author Comment

by:arminl
ID: 6187449
Just by chance (believe it or not) I have today found the "official" Microsoft documentation within the readme file for service-pack 4. In chapter 3.5 they write

...
"Microsoft DHCP Server can be configured to set a client's default gateway equal to its IP address. This causes the client to use the Address Resolution Protocol (ARP) for all IP addresses on the local subnet and is useful for routerless networks. To enable this feature for all clients in a scope, add the following value to the registry:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DHCPServer\Subnets\a.b.c.d\SwitchedNetworkFlag=1 (REG_DWORD)"

It is not only a feature, but can even be distributed in a DHCP environment. Wether this is RFC compliant or not and wether other IP stacks behave the same way still needs to be seen. Anyone having a Linux or something alike at hand ...?

...Armin
0
 
LVL 4

Author Comment

by:arminl
ID: 6301856
Somehow I need to finish up this issue, cannot leave it pending forever. Grading is quite difficult, since almost every reply contains some infos I do not agree with. From top to bottom:

tobyk: too trivial. You can also use any other kind of networking gear (hub, switch, bridge) in between the machines and bring in as many additional machines as you like, the test will still succeed though the packet now have choices where to go (assuming that a passive packet has any choice at all :-)

meverest: don't agree. The packet is not a broadcast (check it using the network monitor). In fact the funny thing is that the packet leaves the local IP stack at all.

nenadic: and so ...? Sure, that's how a default gateway always works. the funny thing here is that the Gateway destination adress is not a remote adress like normally used, but the own adress. So I assumed some confusion within the IP stack:

IP checks wether destination is in the same IP subnet --> no
Looks up a gateway adress to forward the packet to --> finds it's own adress.
Since the packet has already reached it's destination --> do what? Run into an indefinite loop? Discount the TTL and then drop the packet?

sunbow: "assuming it will get routed". IP packets never "get" routed the way I understand your comment in a manner that there are routers actively listening for packets that need routing. "assuming it was routed": in my understanding a client doesn't care where from it gets a packet, as long as the destination hardware adress is his own the client will accept the packet and then see, wether the destination IP is his own. If yes, the packet is delivered to higher protocols like TCP, ICMP or UDP, if no, and IP forwarding is enabled, the client sqeezes the packet through his own routing engine and eventuelly resends the packet to someone else for further delivery. Otherwise the packet is dropped.

Andyalder: correct. Are you sure that a static route would not work? I haven't tried this yet, so you could save me some time because the original test bed is not available at the moment, and why setting up another one and try if someone else already has the knowledge. EE is a huge time safer in some cases.

My own theory:
--------------
Obviously IP, after passing the packet to its routing engine and finding its own adress as the gateway adress (I almost bet it doesn't care wether the route was a static route or the default gateway) just spits out an ARP broadcast (which succeeds, of course, if the destination host is on the same LAN segment). The ARP reply makes it back to the questioner, because the ARP query packet does also contain the hardware and IP adress of the questioner, so the answering host has no difficulties to generate a reply packet. Then IP at the sender side sends the packet to the hardware adress like usual. This is very much the way andyalder described in his scenario, it's just the DG detail that needs to be verified, I don't see a technical reason why this should not work using a static route.

So the essence of my question is, wether or not this kind of implementation is usual IP stack implementation practice, or a Microsoft specific implementation. If the latter was the case using it would fail with anything but Microsoft IP stacks, and I'd never seriously consider telling anyone to make use of it.

Unfortunately I don't have any non-MS boxes here. I'll credit a fair amount of the points to someone who takes a bit of time to reproduce this setup with a MS box and a non-MS box, and tell us wether it works with non-Microsoft stacks as well or not, or, alternatively, finds the RFC where such a behaviour of the IP stack is mentioned so I can assume that others may have implemented it as well.

...Armin

0
 
LVL 55

Expert Comment

by:andyalder
ID: 6302026
Most of it stems from ftp://ftp.isi.edu/in-notes/rfc950.txt but although this is still the internet standard bits of it are ignored. e.g. can't enter a subnet mask of 255.255.255.88 on any machine I've ever seen. I observed that the DG on wrong subnet still works quirk on SCO 3.2v4.2 about 4 years ago.

When I set a static route rather than DG it does not work for me, please confirm this someone.
0
 
LVL 4

Author Comment

by:arminl
ID: 6379820
Want to close this question. After re-reading your comments I credit the points to andyalder, feel he helped me most.

To settle the additional questions not solved yet:

By trial and error (NT4, SP6)

* entering a dedicated route to a remote subnet pointing to my own IP does work, as long as there is no additional default gateway specified. If there is a default gateway specified, it seems to take precedence.

* Lacking any other OS installations than Microsofts I used two print boxes (D-Link DP-101 and HP JetDirect EX) and set them up having their own adress as default gateway. Both boxes took the setting, and worked like intended (could print from clients in other subnets without a router, if they were located on the same LAN)

So it seems that this way of implementing the DG is common practice, not just a Microsoft thing.

Armin Linder
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
ntp settings vcenter 4 50
Mac and Windows domain 6 83
Suddenly lost internet connection on network 44 97
OWA and AppPool problem 20 111
Sometimes you might need to configure routing based not only on destination IP address, but also on a combination of destination IP address (or hostname) and destination port number. I will describe a method how to accomplish this with free tools. …
Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now