Solved

Windows Server providing redundant wan solution.

Posted on 2004-10-07
22
630 Views
Last Modified: 2013-12-23
Hi,

My office has two internet connections available, a high bandwidth multiple line ADSL setup, and a single slow shared ADSL link.

I want to setup redundancy, so if the high bandwidth connection goes down, windows server will direct traffic to the second router on the shared link.  The network is setup as follows:

Router1 (primary, high speed): 192.168.0.1

Router2 (backup, slow speed): 192.168.0.2

Windows Server 2003: 192.168.0.3 – Runs DHCP to all workstations.


So, what I want to do is set all workstations default gateway to the windows server machine, then have the windows server machine forward internet traffic on to router 1, or if its down, router 2.  This will provide seamless internet connectivity for the office no matter what connection is up or down.

I have researched this for the last few days, but am still unable to set it up.  I think using OPSF to detect what gateway is up and direct traffic appropriately?

Could someone give me a step by step guide on setting up RRAS to achieve the above, or suggest a better solution if there is one, although I prefer the idea that all traffic goes through the windows server machine before it goes to the gateway.  

Please also note due to budget no major hardware can be purchased, ie cisco routers.

Much appreciated,

Elliot.
0
Comment
Question by:Eggeh
  • 11
  • 9
22 Comments
 
LVL 43

Expert Comment

by:JFrederick29
ID: 12252752
What you want to do is setup two default gateways on the Server but specify a metric on each route.  You will specify a higher metric on the least preferred route (slow ADSL link).  The lower the metric, the better the route.  For example:  Set the default gateway to 192.168.0.1 with a metric of 10 and add a second default gateway to 192.168.0.2 with a metric of 20.  The route to 192.168.0.1 will be preferred and used unless it is down.  If the primary gateway goes down, the route to 192.168.0.2 will be used.
0
 

Author Comment

by:Eggeh
ID: 12252790
Many thanks for the reply.

I assume the workstations will then have the default gateway of the Windows server 192.168.0.3?  If that is the case how do i setup RRAS to forward all internet traffic recieved from the workstations to the routers 192.168.0.1 and 192.168.0.2? (firewall and NAT are not required as this is already handled by the routers).

Thanks Again.

0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 12253010
Yes, set the default gateway of your clients to 192.168.0.3 (Windows server).  You need to install/enable RRAS on the server if not already installed.  You can then configure RRAS as a "network router".  You can then add static routes:

0.0.0.0 0.0.0.0 192.168.0.1 metric 10
0.0.0.0 0.0.0.0 192.168.0.2 metric 20
0
 

Author Comment

by:Eggeh
ID: 12274935
Ok, done all of the above.

Ive set up the two gateways, with the metrics above, i then setup static routes on RRAS also with the metrics.

At the moment im working from the server machine trying tracert's, i figure until thats working proerpley theres no point setting up the clients and testing it.

The problem is:

With 192.168.0.1 connection up, it works fine, if i pull that connection down, it takes around 3 minutes to swap over to 192.168.0.2, this is too long really, i was hoping for an instant transition?  Or near instant, is this possible with this method?

Also, it doesnt seem to switch back to 192.168.0.1 when the connection returns.

Cheers, Elliot.



0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 12275276
To be honest, I've never used Windows RRAS for this situation.  But I wouldn't be surprised if it is simply a drawback to using Windows as a router since routing isn't Windows' main function.  There may be a way to refresh the routing table to speed up failover but it is most likely a manual process.  I am also surprised that when the connection returns, it doesn't switch back, perhaps you didn't wait long enough?
0
 

Author Comment

by:Eggeh
ID: 12275524
Well its been around an hour now and it still hasnt changed back to i dont think its going to.

Could you perhaps point me in the direction of another way to do this?  With or without windows server handling it.  Although as i mentioned above i really cant look at any new hardware.

Cheers, Elliot.
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 12275578
Is the route back in the routing table? Post "route print".  Not sure of another way to do this without adding hardware.
0
 

Author Comment

by:Eggeh
ID: 12275835
By route print i hope you ment the IP routing table (exported from rras?)  Which is this:

Destination      Network mask      Gateway      Interface      Metric      View
0.0.0.0      0.0.0.0      192.168.0.1      Local Area Connection      10      Both
0.0.0.0      0.0.0.0      192.168.0.2      Local Area Connection      20      Both

Cheers, Elliot.
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 12275991
Not sure why it wouldn't be using the best route (metric 10 route) when it is installed in the routing table?  It should be...
0
 

Author Comment

by:Eggeh
ID: 12277427
I will attempt to try again tomorrow morning, as i cant play with the network too much as ive got an office full of users at the moment.

At the moment ive got DHCP sending out 192.168.0.2 as the gateway for the rest of the office, but i configured a machine with a static gateway of 192.168.0.3 to test this solution out.  Tomorrow i will disable the DHCP server to make sure it isnt interfering with the setup in some way.

Also when i tracert, should i not be seeing the first hop as 192.168.0.3, then the second hop as 192.168.0.1/2 depending on the router?  At the moment i dont see 192.168.0.3, only which ever router its sending traffic too.

Cheers, Elliot.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:Eggeh
ID: 12277480
Also, what about turning NAT of on the two routers, and using the windows server to do NAT, would this be helpful?
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 12277628
Yeah, there's the problem.  The default gateway on the PC's need to be set to 192.168.0.3 (the windows server).  The trace route should then show 192.168.0.3 as the first hop, then 192.168.0.1/2 for the second.
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 12277632
Leave NAT running on the routers.
0
 

Author Comment

by:Eggeh
ID: 12278336
I did have the default gateway set on the pc as 192.168.0.3, but the tracert doesnt show 192.168.0.3 for some reason, even though im pretty sure its going through that first.  I can only think the dhcp server is causing problems somewhere, so i will test that out in the morning.

I just had a read up on OSPF, could this be applied here as it has dead link connection?
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 12278464
Here's the kicker, using a router in front of your two routers will only help if the router itself goes down, not the ISP link.  If the link to your ISP fails, windows or any router will still see the route as being up since the connection to the router itself is still up.  Packets will continue to be forwarded to the router with the down link.  Can you get both connections into one router?  Are both connections to the same ISP?  If not, you may need to look into running a routing protocol with your ISP(s), like BGP and running an IGP like OSPF between the three routers (192.168.0.1, 192.168.0.2, 192.168.0.3).
0
 

Author Comment

by:Eggeh
ID: 12279342
Thanks for that, very informative.

The connections are completly different, the primary is 4 bonded adsl lines running on a stripped down version of linux as a router, the secondary is a short haul fibre link with a small piece of bandwidth broken off for us.  Completly seperate systems.


0
 

Author Comment

by:Eggeh
ID: 12296231
OK ive been playing with it a bit further, still no luck with faster switch over times, or it ever switching back to the lower metric one.

What is the ideal way to do this, cost aside?  And what hardware would make it possible, but as cheaply as possible.  Obviousley i havent got a problem spending money on new nics or software, its just the potential cost of a cisco router for instance could be to much.

I cant get both connections into the same router, and i doubt if i could get both of the ISP's to run a routing protocal.  Any other ways around this at all?

Cheers, Elliot.

0
 

Author Comment

by:Eggeh
ID: 12296259
Just to up the points as this is getting quite long, i think this is how you do it (experts exchange newbie).
0
 

Author Comment

by:Eggeh
ID: 12296267
Ok ill try again to up the points...
0
 
LVL 43

Accepted Solution

by:
JFrederick29 earned 500 total points
ID: 12296924
What model routers do you have connecting to your ISP's?

The main problem is that even if the failover time was faster, it would only failover if the connection from the Windows server to the router went down, not if the link to the ISP went down.  Without having it switchover on a ISP link failure, it really isn't worth much to you.  Ideally in this situation, you would run BGP with your ISP's and only receive a default route from them.  I doubt your provider will run BGP over DSL.

On the LAN side, you would either run HSRP (cisco) or VRRP on the two routers connecting to your ISP to provide default gateway redundancy to your inside hosts or you would use a router/multilayer switch in front of the two routers and run BGP on it as well or another routing protocol on all three routers (RIP, OSPF) and redistribute the default route from your ISP's into your routing protocol of choice.  Again, and as you stated, BGP from your provider is pretty unlikely, especially over DSL.

There are products made for active failover/load balancing, ultimately, this may be your best bet.

http://www.fatpipeinc.com/xtreme/





0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Nslookup is a command line driven utility supplied as part of most Windows operating systems that can reveal information related to domain names and the Internet Protocol (IP) addresses associated with them. In simple terms, it is a tool that can …
We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now