• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 765
  • Last Modified:

Windows Server providing redundant wan solution.

Hi,

My office has two internet connections available, a high bandwidth multiple line ADSL setup, and a single slow shared ADSL link.

I want to setup redundancy, so if the high bandwidth connection goes down, windows server will direct traffic to the second router on the shared link.  The network is setup as follows:

Router1 (primary, high speed): 192.168.0.1

Router2 (backup, slow speed): 192.168.0.2

Windows Server 2003: 192.168.0.3 – Runs DHCP to all workstations.


So, what I want to do is set all workstations default gateway to the windows server machine, then have the windows server machine forward internet traffic on to router 1, or if its down, router 2.  This will provide seamless internet connectivity for the office no matter what connection is up or down.

I have researched this for the last few days, but am still unable to set it up.  I think using OPSF to detect what gateway is up and direct traffic appropriately?

Could someone give me a step by step guide on setting up RRAS to achieve the above, or suggest a better solution if there is one, although I prefer the idea that all traffic goes through the windows server machine before it goes to the gateway.  

Please also note due to budget no major hardware can be purchased, ie cisco routers.

Much appreciated,

Elliot.
0
Eggeh
Asked:
Eggeh
  • 11
  • 9
1 Solution
 
JFrederick29Commented:
What you want to do is setup two default gateways on the Server but specify a metric on each route.  You will specify a higher metric on the least preferred route (slow ADSL link).  The lower the metric, the better the route.  For example:  Set the default gateway to 192.168.0.1 with a metric of 10 and add a second default gateway to 192.168.0.2 with a metric of 20.  The route to 192.168.0.1 will be preferred and used unless it is down.  If the primary gateway goes down, the route to 192.168.0.2 will be used.
0
 
EggehAuthor Commented:
Many thanks for the reply.

I assume the workstations will then have the default gateway of the Windows server 192.168.0.3?  If that is the case how do i setup RRAS to forward all internet traffic recieved from the workstations to the routers 192.168.0.1 and 192.168.0.2? (firewall and NAT are not required as this is already handled by the routers).

Thanks Again.

0
 
JFrederick29Commented:
Yes, set the default gateway of your clients to 192.168.0.3 (Windows server).  You need to install/enable RRAS on the server if not already installed.  You can then configure RRAS as a "network router".  You can then add static routes:

0.0.0.0 0.0.0.0 192.168.0.1 metric 10
0.0.0.0 0.0.0.0 192.168.0.2 metric 20
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
EggehAuthor Commented:
Ok, done all of the above.

Ive set up the two gateways, with the metrics above, i then setup static routes on RRAS also with the metrics.

At the moment im working from the server machine trying tracert's, i figure until thats working proerpley theres no point setting up the clients and testing it.

The problem is:

With 192.168.0.1 connection up, it works fine, if i pull that connection down, it takes around 3 minutes to swap over to 192.168.0.2, this is too long really, i was hoping for an instant transition?  Or near instant, is this possible with this method?

Also, it doesnt seem to switch back to 192.168.0.1 when the connection returns.

Cheers, Elliot.



0
 
JFrederick29Commented:
To be honest, I've never used Windows RRAS for this situation.  But I wouldn't be surprised if it is simply a drawback to using Windows as a router since routing isn't Windows' main function.  There may be a way to refresh the routing table to speed up failover but it is most likely a manual process.  I am also surprised that when the connection returns, it doesn't switch back, perhaps you didn't wait long enough?
0
 
EggehAuthor Commented:
Well its been around an hour now and it still hasnt changed back to i dont think its going to.

Could you perhaps point me in the direction of another way to do this?  With or without windows server handling it.  Although as i mentioned above i really cant look at any new hardware.

Cheers, Elliot.
0
 
JFrederick29Commented:
Is the route back in the routing table? Post "route print".  Not sure of another way to do this without adding hardware.
0
 
EggehAuthor Commented:
By route print i hope you ment the IP routing table (exported from rras?)  Which is this:

Destination      Network mask      Gateway      Interface      Metric      View
0.0.0.0      0.0.0.0      192.168.0.1      Local Area Connection      10      Both
0.0.0.0      0.0.0.0      192.168.0.2      Local Area Connection      20      Both

Cheers, Elliot.
0
 
JFrederick29Commented:
Not sure why it wouldn't be using the best route (metric 10 route) when it is installed in the routing table?  It should be...
0
 
EggehAuthor Commented:
I will attempt to try again tomorrow morning, as i cant play with the network too much as ive got an office full of users at the moment.

At the moment ive got DHCP sending out 192.168.0.2 as the gateway for the rest of the office, but i configured a machine with a static gateway of 192.168.0.3 to test this solution out.  Tomorrow i will disable the DHCP server to make sure it isnt interfering with the setup in some way.

Also when i tracert, should i not be seeing the first hop as 192.168.0.3, then the second hop as 192.168.0.1/2 depending on the router?  At the moment i dont see 192.168.0.3, only which ever router its sending traffic too.

Cheers, Elliot.
0
 
EggehAuthor Commented:
Also, what about turning NAT of on the two routers, and using the windows server to do NAT, would this be helpful?
0
 
JFrederick29Commented:
Yeah, there's the problem.  The default gateway on the PC's need to be set to 192.168.0.3 (the windows server).  The trace route should then show 192.168.0.3 as the first hop, then 192.168.0.1/2 for the second.
0
 
JFrederick29Commented:
Leave NAT running on the routers.
0
 
EggehAuthor Commented:
I did have the default gateway set on the pc as 192.168.0.3, but the tracert doesnt show 192.168.0.3 for some reason, even though im pretty sure its going through that first.  I can only think the dhcp server is causing problems somewhere, so i will test that out in the morning.

I just had a read up on OSPF, could this be applied here as it has dead link connection?
0
 
JFrederick29Commented:
Here's the kicker, using a router in front of your two routers will only help if the router itself goes down, not the ISP link.  If the link to your ISP fails, windows or any router will still see the route as being up since the connection to the router itself is still up.  Packets will continue to be forwarded to the router with the down link.  Can you get both connections into one router?  Are both connections to the same ISP?  If not, you may need to look into running a routing protocol with your ISP(s), like BGP and running an IGP like OSPF between the three routers (192.168.0.1, 192.168.0.2, 192.168.0.3).
0
 
EggehAuthor Commented:
Thanks for that, very informative.

The connections are completly different, the primary is 4 bonded adsl lines running on a stripped down version of linux as a router, the secondary is a short haul fibre link with a small piece of bandwidth broken off for us.  Completly seperate systems.


0
 
EggehAuthor Commented:
OK ive been playing with it a bit further, still no luck with faster switch over times, or it ever switching back to the lower metric one.

What is the ideal way to do this, cost aside?  And what hardware would make it possible, but as cheaply as possible.  Obviousley i havent got a problem spending money on new nics or software, its just the potential cost of a cisco router for instance could be to much.

I cant get both connections into the same router, and i doubt if i could get both of the ISP's to run a routing protocal.  Any other ways around this at all?

Cheers, Elliot.

0
 
EggehAuthor Commented:
Just to up the points as this is getting quite long, i think this is how you do it (experts exchange newbie).
0
 
EggehAuthor Commented:
Ok ill try again to up the points...
0
 
JFrederick29Commented:
What model routers do you have connecting to your ISP's?

The main problem is that even if the failover time was faster, it would only failover if the connection from the Windows server to the router went down, not if the link to the ISP went down.  Without having it switchover on a ISP link failure, it really isn't worth much to you.  Ideally in this situation, you would run BGP with your ISP's and only receive a default route from them.  I doubt your provider will run BGP over DSL.

On the LAN side, you would either run HSRP (cisco) or VRRP on the two routers connecting to your ISP to provide default gateway redundancy to your inside hosts or you would use a router/multilayer switch in front of the two routers and run BGP on it as well or another routing protocol on all three routers (RIP, OSPF) and redistribute the default route from your ISP's into your routing protocol of choice.  Again, and as you stated, BGP from your provider is pretty unlikely, especially over DSL.

There are products made for active failover/load balancing, ultimately, this may be your best bet.

http://www.fatpipeinc.com/xtreme/





0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

  • 11
  • 9
Tackle projects and never again get stuck behind a technical roadblock.
Join Now