Solved

Routing Puzzler

Posted on 2002-04-10
14
218 Views
Last Modified: 2010-08-05
I ran into the following puzzle I can not duplicate.

I helped a friend with his network and noticed that his workstations were configured with 192.168.0.0/24 network block. All very standard. What was odd however was that he had an HP printer on a totally different network address. Something like 34.25.4.6 and it worked. I could even punch in the printer address in netscape and get the printer configuration screen.

I typed route and there was a persistant route:
34.25.4.6 255.255.255.255 192.168.0.100
Each workstation had a persistant route pointing to its own local IP address.

Unfortunatly I "fixed" it before really understanding how they got it to work.

Any ideas on what they did to make this work.
They have windows me workstations and an NT server.

I don't have a problem it is just bugging me that I don't understand how they make it work.





0
Comment
Question by:davidpm
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
  • +2
14 Comments
 
LVL 4

Expert Comment

by:escheider
ID: 6931605
My first thought would be that the Router <192.168.0.100> was allowing traffic to be routed between the two networks <192.168.0.100> and <34.25.4.5> as your route indicates.  It shows that you are adding a specific hosts to the routing table and using 192.168.0.100 as your gateway.
0
 
LVL 3

Expert Comment

by:cincin77
ID: 6931635
I think it works as follows:

192.168.0.100 is machine that makes routing.
Think from the printer side:
printer would like to reach a computer in the subnet 192.168.0.0/24. it realizes that the target machine is on another subnet and looks for its default gateway which is 192.168.0.100. it prepares an arp packet for the mac address of the machine with IP 192.168.0.100 and broadcasts it. As the machine 192.168.0.100 gets this arp request it replys to the printer with its MAC address and printer can send its packets to its default gateway. And there must be a route on the machine stating:
Send the packets with a destination IP of 34.25.4.5 through the interface with the IP address of 192.168.0.100.
So the packets can go in two ways.

As you see from the point of IP, all of this can happen as  it is in your case.
0
 
LVL 8

Accepted Solution

by:
scraig84 earned 100 total points
ID: 6932042
I am getting a different impression from your post than the last two guys...

My understanding of your post was that each workstation pointed to itself for the gateway - not that every device is pointing to 192.168.0.100 as a gateway.  This address was simply an example, right?

If so, then it is fairly simple.  You'll notice in a workstation's route table that any time a broadcast is used, the gateway is itself - for example 255.255.255.255 is likely in your table now with the gateway as your IP address.  Therefore rather than trying to route this over a router, or try to get the device's MAC through an ARP request (which it couldn't do since it would be considered remote), the route table told the workstation to send it out with a broadcast MAC.  This would definitely get the packet there.  The printer could respond in the same way or some IP clients (non-windows) can be told to arp for remote devices.

This is HIGHLY inefficient, as it forces all machines to process every packet going to the printer enough to see that the IP address is not theirs, but it should work.
0
Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

 
LVL 55

Expert Comment

by:andyalder
ID: 6932392
So maybe someone added jetadmin on each PC (which finds jetdirects on any network address) rather than just on one PC to configure it. 192.192.192.192.....
0
 
LVL 4

Expert Comment

by:escheider
ID: 6932492
kinda sounds like we need more information, since everyone is coming up with different theories..
0
 
LVL 55

Expert Comment

by:andyalder
ID: 6932577
Me speak nonsense, 192.0.0.192 was what I meant (guessing davidpm's "Something like 34.25.4.6" address to be jetdirect default address. Assumed that his predecessor had followed something similar to http://www.hp.com/cposupport/networking/support_doc/bpj06552.html but jetadmin discovery methods use similar tricks.
0
 

Author Comment

by:davidpm
ID: 6932917
Scraig84 interpreted my scribbles correctly. Each workstation had the printer address routed to its local address.
As a further test I did the following on a different network.
Confirmed that the address of my workstation is 192.168.255.203/24
I plugged a Sonicwall router that has a web administration interface and an address of 192.168.168.168

On my 98 workstation I went to dos and typed
route add 192.168.168.168 mask 255.255.255.255 192.168.255.203

Then went to my browser and put in the 192.168.168.168 address.

IT WORKED!


Should be easy for anyone to test, all you need is two computers. Just use ping instead of a web server/browser for proof.

So does this mean that Scraig84 is corrent?
>> the route table told the workstation to send it out with a broadcast MAC.  

If so what exactly does the above quote mean. IOW under what other circumstaces are packets sent with a broadcast MAC and why? In what way does this route statement make this happen? I know what a broadcast IP address is but what is a broadcast MAC?

I thought I knew IP. Guess I know nada. Sigh%%%







0
 

Author Comment

by:davidpm
ID: 6932923
This may be an answer to one part of the my question.

http://www.erg.abdn.ac.uk/users/gorry/course/inet-pages/arp.html

The revelent passage.
>>An Ethernet network uses two hardware addresses which identify the source and destination of each frame sent by the Ethernet. The destination address (all 1's) may also identify a broadcast packet (to be sent to all connected computers).
0
 
LVL 55

Expert Comment

by:andyalder
ID: 6933396
>So does this mean that Scraig84 is corrent?
>>> the route table told the workstation to send it out >with a broadcast MAC.  

In a way. The routing table entry tells the workstation that the normally remote IP address is on the local broadcast domain, it broadcasts ARP for the mac address and then everything following is unicast, same as normal.

I was more suggesting a reason for those static routes being there in the first place.
0
 

Author Comment

by:davidpm
ID: 6933765
Andy what you say makes a lot of sense. It seem highly unlikely that that it would have to broadcast for each packet. If I get a chance and set this up again make a connection and check my arp table and the mac of the remote device is there that should confirm your contention.
Do you agree?

0
 

Author Comment

by:davidpm
ID: 6933773
Andy does this mean that you disagree with the "highly inefficent comment".

As to whey they did it that way it could be as simple as they not knowing how to change the IP of the printer. This is very likely because when I showed them the web interface they were amazed.

I'm still not clear as to exactly
>>>
The routing table entry tells the workstation that the normally remote IP address is on the
local broadcast domain,<<
this happens. When else does this happen. Is this an anomoly or artifact or a built-in concept used for other purposes.
0
 
LVL 8

Expert Comment

by:scraig84
ID: 6933910
I just did a test with it and traced what happens.  Andy is correct that rather than sending every packet to a broadcast MAC, it forces the workstation to arp locally for the address.  So, the "highly inefficient" comment would be incorrect on my part.  Since most OS's don't even need to have broadcast addresses in their routing tables, I made the assumption that if another route was placed in, that it would be treated the same as other broadcasts.

Anyway, at least you know why it works at this point.  Bizarre way of deciding to make something function though!
0
 
LVL 55

Expert Comment

by:andyalder
ID: 6934009
>Bizarre way of deciding to make something function
though!
I certainly agree with that.

When else does it happen? look at the normal routing table, there's a static route to the local subnet through the local NIC, something like

10.0.0.0  255.255.0.0  10.0.10.101  10.0.10.101 1
which tells the machine that anything on 10.0.x.x on my PC belongs on the local cable and not to send it to the default gateway.

Also the case of 2 subnets on a single hub without a router to forward packets, say 192.168.0.0 and 192.168.1.0, you could adjust the subnet mask to /23(supernet) or you could add a static route like

192.168.1.0 255.255.255.0 192.168.0.1 192.168.0.1 1
except that you would have to add this route on every PC and the route would be different on each since the gateway to the other subnet is through it's own IP address which makes it almost un-maintainable except as a temporary workaround.
0
 

Author Comment

by:davidpm
ID: 6935776
I wish this screen allowed split points. Scraig was first to get it even though he wasn't exactly right at first.

Andy thanks for your clarifications.
I have a related question I'm sure you will be able to help with. I'll post a referance to it here so you will get a notification when it apears.
0

Featured Post

Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question