Solved

4 Nics on one server, how can I make the route constant??

Posted on 2004-09-17
9
597 Views
Last Modified: 2013-12-23
Hi,

This is my dilema.  I have 4 nics on my Server.  The purpose for this is that I have 4 different ISP's.  
The ip addresses for each nic are as follow
172.16.1.x  255.255.255.0   ----------> DG ----------> 172.16.1.1
172.16.2.x  255.255.255.0   ----------> DG ----------> 172.16.2.1
172.16.3.x  255.255.255.0   ---------->DG ----------> 172.16.3.1
172.16.4.x  255.255.255.0   ---------->DG ----------> 172.16.4.1

This is the problem:
I noticed that the server running Windows 2000 Server is doing a load balance between all the nics.  At some point
if the request comes to the 172.16.1.x address, the response will be sent to the 172.16.2.x gateway.
This is variable will cause a loss in all my connections since the reply will be sent to a totally different link than the one
that came in.

How can I manage to make my server to respond always on the same interface, so that it doesn't fluctuate between nics.
This is causing network down situations on my lan.

Thanks
0
Comment
Question by:casatech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 37

Expert Comment

by:bbao
ID: 12090479
please show the outputs of IPCONFIG /ALL and ROUTE PRINT on the server which has 4 NICs installed. thanks,
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12091499
The issue is that no matter howmany NIC's you have, you can only have one default gateway.
If you look at the output of "route print" as bbao suggested you post, you will see all the default gateways with different metrics. Only the NIC with the lowest metric will be the true "default" path.

Only if the source and destination IP are local to the interface will you guarantee in/out the same interface.

If you are using private IP's on these NIC's, then I would assume there are 4 routers out in front of this server that are doing NAT? Or 1 router with 4 interfaces? I can't imagine using a Windows server as an Internet router...
0
 

Author Comment

by:casatech
ID: 12092747
Hi,
This is my  ipconfig all and the route print.  I have 4 PIXes doing the NAT Translations.  Two things I wanted to point out.
1- The metric on every nic is 1 - Didn't do anything fancy, just added the ip and Gateway on each nic.
2- The route print here is showing 172.16.1.1
at the moment, but if check it later the gateway will change to 172.16.2.1, 172.16.3.1 etc..

C:\Documents and Settings\Administrator>ipconfig /all

Windows 2000 IP Configuration

        Host Name . . . . . . . . . . . . : gigawebserver
        Primary DNS Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter DMZ 1 172.16.1.10:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Etherne
        Physical Address. . . . . . . . . : 00-06-5B-8C-62-03
        DHCP Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 172.16.1.11
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        IP Address. . . . . . . . . . . . : 172.16.1.10
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 172.16.1.1
        DNS Servers . . . . . . . . . . . : 196.40.31.66
                                            196.40.3.10

Ethernet adapter DMZ 2 172.16.2.108:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Linksys LNE100TX(v5) Fast Ethernet
dapter #2
        Physical Address. . . . . . . . . : 00-0C-41-20-3F-07
        DHCP Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 172.16.2.108
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 172.16.2.1
        DNS Servers . . . . . . . . . . . : 196.40.31.66
                                            196.40.3.13

Ethernet adapter  DMZ 3 172.16.3.197 & 202:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Linksys LNE100TX(v5) Fast Ethernet
dapter
        Physical Address. . . . . . . . . : 00-0C-41-20-3E-D3
        DHCP Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 172.16.3.202
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        IP Address. . . . . . . . . . . . : 172.16.3.197
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 172.16.3.1
        DNS Servers . . . . . . . . . . . : 196.40.31.66
                                            196.40.3.13
        Primary WINS Server . . . . . . . : 192.168.0.1

Ethernet adapter DMZ 4 172.16.4.173:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Intel(R) PRO/100+ Dual Port Server
dapter
        Physical Address. . . . . . . . . : 00-02-B3-AC-81-8C
        DHCP Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 172.16.4.173
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 172.16.4.1
        DNS Servers . . . . . . . . . . . : 196.40.31.66
                                            196.40.31.67

Ethernet adapter Local Network:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Intel(R) PRO/100+ Dual Port Server
dapter #2
        Physical Address. . . . . . . . . : 00-02-B3-AC-81-8D
        DHCP Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.0.19
        Subnet Mask . . . . . . . . . . . : 255.255.0.0
        Default Gateway . . . . . . . . . :
        DNS Servers . . . . . . . . . . . :

C:\Documents and Settings\Administrator>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x1000003 ...00 02 b3 ac 81 8d ...... Intel(R) PRO/100+ Dual Port Server Adapt

0x1000006 ...00 06 5b 8c 62 03 ...... Broadcom NetXtreme Gigabit Ethernet Driv

0x4000004 ...00 0c 41 20 3f 07 ...... Linksys LNE100TX(v5) Fast Ethernet Adapt
 NDIS5 Driver
0x4000005 ...00 02 b3 ac 81 8c ...... Intel(R) PRO/100+ Dual Port Server Adapt

0x4000007 ...00 0c 41 20 3e d3 ...... Linksys LNE100TX(v5) Fast Ethernet Adapt
 NDIS5 Driver
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0       172.16.1.1     172.16.1.10       1
          0.0.0.0          0.0.0.0       172.16.2.1    172.16.2.108       1
          0.0.0.0          0.0.0.0       172.16.3.1    172.16.3.197       1
          0.0.0.0          0.0.0.0       172.16.4.1    172.16.4.173       1
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
       172.16.1.0    255.255.255.0      172.16.1.10     172.16.1.10       1
      172.16.1.10  255.255.255.255        127.0.0.1       127.0.0.1       1
      172.16.1.11  255.255.255.255        127.0.0.1       127.0.0.1       1
       172.16.2.0    255.255.255.0     172.16.2.108    172.16.2.108       1
     172.16.2.108  255.255.255.255        127.0.0.1       127.0.0.1       1
       172.16.3.0    255.255.255.0     172.16.3.197    172.16.3.197       1
     172.16.3.197  255.255.255.255        127.0.0.1       127.0.0.1       1
     172.16.3.202  255.255.255.255        127.0.0.1       127.0.0.1       1
       172.16.4.0    255.255.255.0     172.16.4.173    172.16.4.173       1
     172.16.4.173  255.255.255.255        127.0.0.1       127.0.0.1       1
   172.16.255.255  255.255.255.255      172.16.1.10     172.16.1.10       1
   172.16.255.255  255.255.255.255     172.16.2.108    172.16.2.108       1
   172.16.255.255  255.255.255.255     172.16.3.197    172.16.3.197       1
   172.16.255.255  255.255.255.255     172.16.4.173    172.16.4.173       1
      192.168.0.0      255.255.0.0     192.168.0.19    192.168.0.19       1
     192.168.0.19  255.255.255.255        127.0.0.1       127.0.0.1       1
    192.168.0.255  255.255.255.255     192.168.0.19    192.168.0.19       1
        224.0.0.0        224.0.0.0      172.16.1.10     172.16.1.10       1
        224.0.0.0        224.0.0.0     172.16.2.108    172.16.2.108       1
        224.0.0.0        224.0.0.0     172.16.3.197    172.16.3.197       1
        224.0.0.0        224.0.0.0     172.16.4.173    172.16.4.173       1
        224.0.0.0        224.0.0.0     192.168.0.19    192.168.0.19       1
  255.255.255.255  255.255.255.255     192.168.0.19    192.168.0.19       1
Default Gateway:        172.16.1.1
===========================================================================
Persistent Routes:
  None


0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 79

Expert Comment

by:lrmoore
ID: 12092819
Interesting setup....

>2- The route print here is showing 172.16.1.1
at the moment, but if check it later the gateway will change to 172.16.2.1, 172.16.3.1 etc..

It appears that with the same metric, it is "round-robin"ing the gateways.

My suggestion would be a good Layer 3 switch between this server and the 4 PIX firewalls w/ redundant gigabit uplinks to the server. The server only having 1 IP address.

May I be so bold as to ask the purpose of having 4 firewalls to 4 different ISP's connected to one server? There's got to be a better way to accomplish your goal..
0
 

Author Comment

by:casatech
ID: 12097534
Hi,

Thanks for the solution of the Layer 3 switch, we have actually thought about purchasing a L3 switch to provide routing and that way to only have 1 default gateway.
During the troubleshooting process we found out that some of the ports on one of the switch were failing, we changed the switch and it started working.

This is what I want to accomplish and this is the main reason why I opened up this ticket:
I want to provide full redundancy for my servers.  
1- We have 4 different ISP to provide redundancy for our servers.  (So far we have to manually connect each server
on different ISP)
If I put a Layer3 switch I know I will be able to route and there will only be a need for 1 default gateway for my servers.
But will I be able to distribute traffic according to percentages??? For example, tell the L3 switch to send 25% of the traffic to
each of the ISP???
2-  If you had to set up redundancy for your servers with 4 different ISP's and to create a load balance how would you do it?

Thanks
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12097711
The most common way I've done it and seen it done many many times:

  ISPA    ISPB   ISPC    ISPD
    |          |        |         |
  RTR1   RTR2  RTR3   RTR4  <== All routers running BGP (automatic proportional load-balancing)
    |______|        |_____|             to each ISP. Could all be one router.
           |    \       /     |
         SW1--------  SW2         <== redundant switches x-connected
             \              /              <== OSPF or other iGP routing protocol, with firewall participating
               \          /                         Yes, PIX will do OSPF
              Firewall PAIR <== redundant/ failover firewall pair (PIX in your case)
                    | |
                SWITCH -----|     <== could be another pair of x-connected switches
                 |     |  |       |             not necessarily L3, L2 only required
             SRV1   | SRV1  |
             NIC1    | NIC2   |
                        |          |
                     SRV2     SRV2
                      NIC1     NIC2

ALTERNATIVE:

 ISPA    ISPB   ISPC    ISPD
    |          |        |         |
  RTR1   RTR2  RTR3   RTR4  <== All routers running BGP (automatic proportional load-balancing)
    |______|        |_____|             to each ISP. Could all be on one router
           |                 |
         SW1          SW2        
            |                |              <== OSPF or other iGP routing protocol, with firewall participating
            |                |                    Yes, PIX will do OSPF
  Firewall PAIR       Firewall PAIR <== redundant/ failover firewall pair (PIX in your case)
             |                |
          SWITCH    SWITCH      <== could be another pair of x-connected switches
                 |  |     |       |               L3 switch here could do OSPF for load-balance, failover with the
             SRV1|   SRV1  |                PIX's
             NIC1 |   NIC2   |
                     |            |
                   SRV2     SRV2
                    NIC1     NIC2
0
 
LVL 1

Expert Comment

by:billyvandergaw
ID: 12103043
dude....your like crazy...you need only one nic.  maybe 2.  but 4?  with 4 ISP's?!  thats just insane.  Why do you need 4 ISP's?  why not invest in faster internet solutions instead of 4 slower ones?  I suggest purchasing one nic for one T1 or T3 connection if ur need for speed is what you want.  
0
 

Author Comment

by:casatech
ID: 12113790
Hi Irmore,

Thanks a lot for those suggestions.... *  I forgot to mention one mayor detail.... my ISP doesn't support
BGP...
Without BGP is there anything else to try???
Thanks
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 12113840
Only one, but it'll cost ya..:
http://www.fatpipeinc.com/xtreme/
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question