Solved

Windows 2000 question - multiple gateways

Posted on 2003-10-22
14
12,075 Views
Last Modified: 2013-11-30
Hello!
We have two gateways to the Internet on our network.
Is it possible to make a webserver (neither IIS nor Apache) running on Windows 2000 server always return replies to the same gateway it was received from?
The server may have one or two NICs.
Links to MSDN that explains in detail how this could be setup or why this is not possible would be good.
0
Comment
Question by:rj2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
  • +5
14 Comments
 
LVL 8

Expert Comment

by:scraig84
ID: 9601783
It is not possible because routing decisions are made by the OS and are independant of any application.  Routing decisions on any OS or router are made by routing tables and are have nothing to do with the source or the originally received packet.  At that level of decision making, it is not concerned with where other packets came from or are going.  It looks at the destination address, examines the routing table, and makes a decision based on this information ONLY.  
0
 
LVL 31

Expert Comment

by:qwaletee
ID: 9602109
Well, to some extent, it is irrelevant.  Once a TCP transaction is open, the data TENDS to flow back the same way it came, but not necessarily.  That's justthe nature of TCP/IP.

If there is a certain block of addresses that you always want to contact via a particular gateway, you can set that up in either the host routing tables, or the gateway routing tables.
0
 
LVL 8

Expert Comment

by:scraig84
ID: 9602160
>>Well, to some extent, it is irrelevant.  Once a TCP transaction is open, the data TENDS to flow back the same way it came, but not necessarily.  That's justthe nature of TCP/IP.

It only "tends" to flow back the same way if there are limited options in active paths.  

>>If there is a certain block of addresses that you always want to contact via a particular gateway, you can set that up in either the host routing tables, or the gateway routing tables.

This will only work if you know who the clients are.  If you are load balancing across links and you have no idea who the clients may be (for example on a public web server) this is literally impossible.

Out of curiosity - what is the need for a solution such as this?
0
Turn your laptop into a mobile console!

The CV211 Laptop USB Console Adapter provides a direct Laptop-to-Computer connection for fast and easy remote desktop access with no software to install.

 
LVL 10

Author Comment

by:rj2
ID: 9602389
The purpose is to have the webserver accessible using two different external IPs so that if it can't be accessed by the first IP due to e.g. problem in ISP1's network or problem with ISP1's router or whatever it should be accessible with second external IP using ISP2's network. Server is accessed by special client software that understands this and tries other IP automatically if server can't be reached using first IP.
0
 
LVL 10

Author Comment

by:rj2
ID: 9602412
What is the best way to set up a server that should be accessible using two different external IPs?
There are two Cisco routers, one for each ISP. The routers use NAT.
0
 
LVL 6

Expert Comment

by:tchamtieh
ID: 9603023
I think you're trying to setup some sort of fail-over capabilities on that server. Well... there are 2 ways of doing this:

- Round Robin DNS: this is where you have 2 IPs or more assigned to the same server, each IP on a different NIC. In this case, 50% or so of your visitors will go to NIC1 and the other 50% or so to the other NIC.

- Load Balancing/Fail-Over: This can be accomplished in Windows 2K Advanced Server. It has a built in Load Balancing feature. Or you can purchase a Lod-Balancer and configure it so that traffic will balance between the 2 NICs and in case one of the NICs fail, it will route traffic to the second NIC.

Hope that helps :)

-Thomas
0
 
LVL 6

Expert Comment

by:tchamtieh
ID: 9603034
I forgot to mention a 3rd solution which is much more expensive, and that's BGP. Running BGP on your router will allow you to fail-over to the second ISP in case the first ISP link goes down. In this case, you need a good router and you can actually connect both of your T1 lines to the same router, something like a Cisco 3640 or 7206 with 2 WIC cards.

-Thomas

0
 
LVL 16

Expert Comment

by:_nn_
ID: 9603644
>> The routers use NAT.

A possibly dumb idea : get them to masquerade the incoming connections. This way, the webserver will only "see" the IP addresses of one of these routers and it will "naturally" reply to the originating one. Drawback : the server logs are then almost useless.
0
 
LVL 31

Expert Comment

by:qwaletee
ID: 9604025
There are a few non-BGP routers that will load balance between two POPs and automatically failover to using just one if the other dies.  Symantec bought one of them about a year back, for their firewall appliance line.
0
 
LVL 10

Author Comment

by:rj2
ID: 9604145
What I want is the server to be available using a custom client also if it can't be reached using ISP1's network.
Such high availability is needed  only for this custom client that knows that server can be reached using two different IPs.
I thought maybe it was possible to make the client try other IP automatically and setup the router (Cisco 1721 with 2 WICs) to route requests to the same gateway that the request came from for traffic initiated from outside.
Does that make sense/is that possible? If yes, how do I setup the router to do this?
Are there other or better ways of achieving this?
0
 
LVL 35

Expert Comment

by:ShineOn
ID: 9604294
tchamtieh has the best recommendations - round-robin DNS, load balancing and BGP.  What will work best for you has to be your decision.  

You can't just point a single-interface NIC at two different gateways and expect any consistency.

You can try doing a dead-gateway-detection deal, but that won't load-balance or guarantee that the in and out routes are consistent, and won't help with public name resolution.
0
 
LVL 10

Author Comment

by:rj2
ID: 9604569
Ok, but is it possible to point a single-interface NIC at the Cisco 1721 router, and let the Cisco 1721 send requests to the gateway the request came from, using a setup like this (ie only one gateway in the LAN)?

s  w  i  t  c  h (in LAN)
      |
Our router (Cisco 1721)
   |                   |
ISP1               ISP2
     
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 9605967
The router does not maintain a source path. It can't. It only knows about a source and destination IP address and a routing table with a default route for all routes not connected.
What you want cannot be done as long as both ISP links are active at one time.
However, if you loose connection to ISP1, then the only route out is ISP2.
Assuming that your client will only look for the alternate IP if it can't reach the first IP (through ISP1), then it is logical to assume that the outbound route to ISP1 would be dead and the packets automagically go back out through ISP2..
You might need to use a route-map for the nat statements...
0
 

Expert Comment

by:pheonix05
ID: 9609211
The only true remedy to this scenario is for you or your firm to acquire your own set of IPs from arin. In this case, your two or more providers will advertise your IP block.  In this scenario if you loose connectivity with one provider you will still be accessible via the other.  You would most likely need to setup BGP routing schemes with the other providers.

0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question