Disaster Recovery: How can I configure multiple default gateways so that one sever outage doesn't mean loss of net access?

We have a network with a leased line coming into the office to a router that is managed by our ISP. We then have a sonicwall attached to that router with an IP of The SonicWall has two machines attached to it, an Exchange Server and a DC / File / DHCP / RAS etc server. They are both dual homed, the external adapters are attached to the firewall but the internal adapters to our 24 port switch.


DC / Gateway


Right now the clients are using (DC) as a gateway. It is also a VPN / NAT / RAS server. I am trying to add resiliancy to the network by making it such that the loss of one server doesn't take out our net access. This is especially important because our servers are offsite (connected via sonic to sonic vpn) and we need access to our customer db, etc.

I have set up secondary DNS on the exchange machine and it syncronises with the DC so that if DNS crashes we're still in good shape. I've set it up so that the DC handles DHCP for and the Exchange Machine can handle in case DHCP gets cocked up. But what I really need to do is configure the Exchange as a second gateway and pass this to clients via DHCP, because now whenever the DC needs to go down for one reason or another we lose net access and therefore access to all our collocated machines. How do I do this? Should I install RAS on the Exchange server and configure it like the first (NAT, etc)?

I would also like to mirror the files we have on the DC (we have team file storage) on the Exchange in case of a critical failure--is there a way to make data sync between the two that doesn't require add on components (or cheap ones). We're going to add a secondary DC as soon as we get the cash, but for now what's the best way to prevent downtime if one of the machines goes down?


Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

First - loose the server as the gateway. I would also loose the dual homing of the machines. This usually causes problems at one stage or another and doesn't bring anything to the security of the network - not when the machine is a member of a domain.

Next, you will need to purchase a different router - one that can handle mutiple gateways and detect if one has failed. There is no other way of changing it as Windows can only deal with one gateway.
Cisco do one that can fail over to ISDN. I have one at one of my clients supplied by the ISP. Takes seconds to failover and the router deals with everything.

Mirroring the files in Exchange - can't be done.
Mirroring flat files is quite possible - use DFS. It is built in to Windows 200x. If you converted the users to a domain dfs for their shares then you can move everything around and the users will not notice. I do this with all the shares that I setup now - straight to DFS and then leave them to get on with it.

However the best way to prevent downtime is not to allow the machines to go down. Use quality hardware, specified correctly with a top notch support agreement. If it is that critical then ensure that you have spare parts on site so that you can swap immediately. Don't allow anyone to change anything they like on the servers. Once they are built and running, then nothing gets changed, fiddled with or experimented. They are live production kit, so hands off.

jbregAuthor Commented:

Ok, I want to know how to do it within the architecture I have. I need to keep this architecture the way it is. People VPN into the office so it's essential that there are two NICs in the machines. I also want to keep the public and private separate--but rather than argue about that I just want to understand how to make the configuration I have as resilient as possible. The router is a cisco 1721 it has an ADSL WIC and auto-failover configured. That's not the problem. I can even run a spare ADSL we have in the OPT of the sonicwall eliminating the router as a point of failure. I'm not afraid of losing network connectivity per se.

Windows has the ability for clients to support multiple default gateways, no? Let's assume I had a second server that was identical in every way to the DC which acts as a gateway--couldn't I simply specify that machine as a second default gateway and then when traffic didn't work through the first it would go to the second, much like primary and secondary DNS settings on clients? What are the steps in doing this?

I don't want to mirror the files "in exchange" but rather mirror the files onto the exchange server disks (mirroring exchange can be done with 3rd party products among them Steel Eye Lifekeeper, which also has products for mirroring SQL, but that's another story). Even if I move to DFS, how do I get the two stores, one physically located on G:/Storage of one machine and another on G:/Storage of another to synchronise with each other constantly?

The hardware is pretty much the best money can buy. Supermicro, 2.8g Xeon, ICP Raid cards 256mb w/battery backup, RAID 10, 2gig RAM, etc. We have a 4hr fix SLA with our ISP who, unlike dell, etc. actually stock the parts on hand and are minutes away.

But that's not the point. Like anything, I have to assume things will fail. And at the worst possible time. The gateway has to be rebooted for, inter alia, the copius MSFT updates. Anytime that happens we lose connectivity. But I've got another server sitting next to it that's running almost precisely the same configuration, so I figure the best thing is to spread the risk over two machines. Which is what led me to ask the question i did...
Windows doesn't support mutiple default gateways. You can only have one. It can use mutiple routers, but you have to modify the route information yourself. Even if you do that, if the second route goes down, the traffic will stop - Windows will not adjust automatically. That is what a router is for.
Don't forget that the default gateway is inbound and outbound traffic, and the traffic must go out on the same route it came in (if external request).

Is that "Steel Eye Lifekeeper" supported by MS? I wasn't aware of any other than DoubleTake being supported and that is 2000 only. I don't use anything like that unless it is supported by MS.

DFS will mirror the files for you. Once you have set it up the files will be copied across. It takes a little while initially, I have seen up to a week previously but once it is done, the mirroring updates are almost instant.

The only way that you can maintain connectivity while a Windows server is being rebooted is via a seperate device, which really has to be a dedicated router. I wouldn't even consider anything else in this scenario.

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

jbregAuthor Commented:
If you go into a net connection, TCP/IP properties, advanced settings, IP settings. The first box is IP addresses where you can add multiple IP addresses. The second is "Default gateways". You can add more than one entry to this list. Are you saying that even if you do this it won't try and route traffic through the second gateway if the first is down? What is the purpose of multiple entries here, then?


As they are a large org and HP partners it is almost certain they are MSFT supported. They do products for SQL as well, and if they weren't really MSFT supported (given they are DR products) I don't think they'd have such a large following. We're looking at this for expansion, but it is a bit pricey (then again, you don't need the enterprise editions of SQL or exhange...)

If indeed I can't use multiple default gateways, or they won't fail over automatically, how would you suggest I configure the network to maximise uptime whilst still enabling one-to-one Nating on the sonicwall, and VPN access, etc. I'd love to keep the public and private separate, but the only choice would be to go router-->sonicwall-->switch-->everything else...

I know where you mean, and I have been there before and tried it before. It just doesn't work. Again it is down to routing. The default gateway is for all traffic that isn't on this LAN. It tells Windows where to send the traffic, which is another router which sorts out where it needs to go.

I think you would benefit from speaking to Ciscos routing specialists. I am sure there is a way that you can do what you want, it will just take the right bit of kit.
It will have to sit in front of the sonicwall. Getting traffic out will not be a problem, it is getting traffic in that is the issue.
I know it can be done, I have a client with a leased line and a backup ISDN line. Leased line fails and the ISDN takes over, including the routing of the IP addresses. Bit slow but everything works. You need something similar.

jbregAuthor Commented:
Why the heck does MSFT allow it if it's useless? Surely there must be some utility for the feature?

Is there any documentation or such on this?

It's not getting the connectivity part that's the problem. The 1721 has a WIC in it with ADSL and is attached to a 2mb leased line. When the leased line fails the ADSL kicks in and actually preserves the same IP address. But that's not the problem.

The problem is we have layered a gateway between the source of connectivity (router), the firewall (sonic) and the private network. That comes in the form of the DC and Exchange, which are effectively intermediaries between the router-->sonic (together public network) and the switch (internal). What I want to do is to continue using these intermediaries (DC and Exchange) to do DHCP and to act as VPN servers, etc. but want to make sure that when one goes down it doesn't kill traffic to the clients....
I suspect that it could be part of the dead gateway detection. I haven't had much luck getting that to work - I think it is very picky on how it detects the dead gateway.

I have been looking for some documentation, the best I can find is this:


I still don't see what the additional gateway brings to the solution. If it is for additional security then you have the sonicwall. It appears that you adding additional hops without any gain.
Furthermore it introduces a single point of failure and getting around that will be difficult in the current configuration.

jbregAuthor Commented:
Router ---> Sonic ---> DC ---> Switch

If DC fails, traffic can't get from the sonic to the switch; thus, all internal clients lose net access. They don't connect directly to the sonic as the sonic doesn't connect directly to the switch, so traffic can't get through.

Now, there is also an Exchange box connected, so I want to set up this:

Router ---> Sonic ---> DC ---> Switch (Where DC is gateway 1)
Router ---> Sonic ---> Exchange ---> Switch (Where exchange is Gateway 2)

Clients have 2 default gateways (IP of DC Internal NIC) and (IP of Exchange Internal NIC). When DC fails, then traffic continues in both directions via Gateway 2 (Exchange).

Ohterwise it's Sonic-->Switch-->All Clients and Servers

That means that the DC can't act as a DHCP / NAT / VPN server, etc., doesn't it?
If you set the network up using the last option:

Sonic-->Switch-->All Clients and Servers

Then the server can still do everything.
DHCP, VPN etc.
NAT is done by the Sonicwall.

VPN is terminated on the server, you just need to adjust the ports on the Sonic to let it through.
DHCP is done on the server - this is so it gives out the correct address for DNS (AD and all that). Just disable DHCP on the Sonicwall.

As long as the Sonicwall is configured to go to your Cisco router correctly, and the Cisco manages the failover correctly then you are fine. The DC needs to be rebooted, the VPN will be lost for a moment, but everything else will continue to operate.
There is nothing to stop you using the Exchange server as a secondary DNS server. Make it a secondary for all zones and then have that IP address as the secondary DNS server.

If you want redundancy on the VPN as well, then you will need to use a VPN appliance or get a firewall that can also act as a VPN end point. I don't know if the SonicWall can, but I know that Cisco PIX will as I have implemented three or four.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.