?
Solved

Multihomed Intenet Server, two ISP connections (disjoined networks) 1 Box

Posted on 2005-03-16
3
Medium Priority
?
537 Views
Last Modified: 2013-11-30
I have a DNS server running on Windows Server 2003 with two NIC cards installed.  I don't think this is possible, but I thought I would ask anyway....

I have two connections to my ISP both on seperate subnets, each NIC in the server is set to a static IP on each of the subnets, I'll just use 192.168.x.x for example...

Nic 1
192.168.0.3
255.255.255.0

Nic 2
192.168.1.3
255.255.255.0

I want the server to respond to intenet requests that come in on it's network to go out the same interface, but in Windows 2003 the outbound traffic is always trying to go out Nic 1.

I've looked into solutions involving adding routes (doesn't work because the server will just choose the NIC of highest in the list).

I've tried setting no default gateway on each interface setting both to a metric of 1, traffic can come in, but the server has no idea how to get it back out.

I thought about setting the default gateway for each NIC to the SAME IP as that NIC is assigned. (Nic 1 192.168.0.3 and setting it's default gateway to the same IP), but again the server doesn't send the traffic back out.

If I were connected to two private networks this wouldn't be a problem, however since both interfaces are live to the internet both would need static routes to 0/0 (0.0.0.0/0) and setting two default gateways dosen't work.

It's driving me nutts because it seems like you should be able to get a server to respond on two sepearte networks, using two sepeate NIC's without it taking IN traffic on Nic 2 then trying to send OUT traffic to Nic 1 or vise versa.

To summerize,  I want one Server 2003 box with two NIC interfaces connected to two sepearte disjoined networks, to respond to traffic using the same interface that the traffic came in on (on the Internet).  Is there anyway to accomplish this thru the OS?
0
Comment
Question by:royalcanin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 17

Assisted Solution

by:ccomley
ccomley earned 150 total points
ID: 13560702
Are the routers doign NAT? If so I would have thought any request to teh server would appear to come (locally) from the router so the return path would be by the same router.

So if you're not doing NAT, consider it! :-)

0
 
LVL 3

Author Comment

by:royalcanin
ID: 13565125
Actually the setup is this

ISPline 1 -> ISP Router -> Firewall running NAT -> DMZ -> DNS Server

ISPline 2 -> ISP Router 2 -> Firewall 2 running NAT -> DMZ 2 -> DNS Server


The DMZ servers get live Internet IP's so NAT is not an option for them.
0
 
LVL 23

Accepted Solution

by:
sciwriter earned 600 total points
ID: 13572243
This is a fundamental weakness of ALL windows OSs.  If you had 2 separate 2003 boxes each with an internet connection, there would be no issue.  But each windows OS wants to look to ONE internet connection only.  It is really stupid, because they have no problem multi-homing across class C networks, but this is for network traffic, not internet traffic.  There are ways to get around this, but it is fundamental myopicism by the developers of windows, that they have never allowed the OS to selectively arbitrate multiple connections to the WAN called the internet.  Every other "WAN" yes, but not the one you want.  As I said, there ARE ways to get around this, mainly by taking the intelligence to switches and taking it away from windows -- sounds like you know enough to know what I mean.
0

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question