Adding an IP with subnet mask 255.255.255.255 on Windows 2003
I would like to add a second IP to a Windows 2003 server, this IP is directly routed by the router to the first IP of the server and should use a /32 mask (255.255.255.255), my problem is that the Network configuration dialog only allow a minimum netmask of /30 (255.255.255.252)...
When i try to set the netmask to 255.255.255.255, windows answer the following :
The combination of IP address and subnet mask is invalid. All of the bits in the host address portion of the IP address are set to 1. Please enter a valid combination of IP address and subnet mask.
Example :
primary IP : 192.168.1.1 , subnet mask 255.255.255.0 , gateway 192.168.1.254
secondary IP : 192.168.2.1 , subnet mask 255.255.255.255
On the gateway, 192.168.2.1/32 would be routed to 192.168.1.1 (and 192.168.2.2/32 to another server on another subnet,...).
Any help would be appreciated.
When i try to set the netmask to 255.255.255.255, windows answer the following :
The combination of IP address and subnet mask is invalid. All of the bits in the host address portion of the IP address are set to 1. Please enter a valid combination of IP address and subnet mask.
Example :
primary IP : 192.168.1.1 , subnet mask 255.255.255.0 , gateway 192.168.1.254
secondary IP : 192.168.2.1 , subnet mask 255.255.255.255
On the gateway, 192.168.2.1/32 would be routed to 192.168.1.1 (and 192.168.2.2/32 to another server on another subnet,...).
Any help would be appreciated.
ASKER
If you read my example, you will understand that the gateway is not "off network", the gateway is just on the network of the first IP (the first IP use a standard netmask with a ranged network /24).
Only the secondary IP need a /32 netmask (and it's technically possible, it's working with linux servers)
Only the secondary IP need a /32 netmask (and it's technically possible, it's working with linux servers)
I'm sorry but I just can't understand what you are trying to accomplish. I can't see any reason to have an IP assigned to a server then tell the server that you have no gateway on this network and there aren't any other nodes either.
Can you explain a little more what you are trying to accomplish?
Can you explain a little more what you are trying to accomplish?
ASKER
Here's another example, with much details :
I have an internet router with a public ip n.n.n.n, to this ip my isp route a supplementary public small subnet, telling 1.1.1.1/30 (thus 1.1.1.1 - 1.1.1.4)
If i define this /30 directly, i'm only able to use one public server (one ip for the router, one network and one broadcast), thus on the router i've defined a private network 192.168.0. /24 and i route the 4 public IP's/32 to 4 private ip assigned to 4 servers
Thus, to resume, on the router i have the following routing table :
router wan ip : n.n.n.n
router lan ip : 192.168.0.254
route 1.1.1.1/32 -> 192.168.0.1
route 1.1.1.2/32 -> 192.168.0.2
route 1.1.1.3/32 -> 192.168.0.3
route 1.1.1.4/32 -> 192.168.0.4
and i have 4 servers accessing the router using a private ip (/24)
on each server i assign a secondary ip with the public ip using a subnet /32
Actually it's working with 4 linux servers, but i want to replace one with a windows server, and i cannot assign the public ip with a /32 netmask...
I do not want to use nat on the router to route the public ip's to the private ones, it's working great with static routing (and the real situation is much more complex, all the servers are using public ip's as primary, and i add a secondary ip from another public subnet, this secondary ip should be able to be rerouted easyly to another server, even on another network, i do not want to split a /24 public range to just 64 /30)
I have an internet router with a public ip n.n.n.n, to this ip my isp route a supplementary public small subnet, telling 1.1.1.1/30 (thus 1.1.1.1 - 1.1.1.4)
If i define this /30 directly, i'm only able to use one public server (one ip for the router, one network and one broadcast), thus on the router i've defined a private network 192.168.0. /24 and i route the 4 public IP's/32 to 4 private ip assigned to 4 servers
Thus, to resume, on the router i have the following routing table :
router wan ip : n.n.n.n
router lan ip : 192.168.0.254
route 1.1.1.1/32 -> 192.168.0.1
route 1.1.1.2/32 -> 192.168.0.2
route 1.1.1.3/32 -> 192.168.0.3
route 1.1.1.4/32 -> 192.168.0.4
and i have 4 servers accessing the router using a private ip (/24)
on each server i assign a secondary ip with the public ip using a subnet /32
Actually it's working with 4 linux servers, but i want to replace one with a windows server, and i cannot assign the public ip with a /32 netmask...
I do not want to use nat on the router to route the public ip's to the private ones, it's working great with static routing (and the real situation is much more complex, all the servers are using public ip's as primary, and i add a secondary ip from another public subnet, this secondary ip should be able to be rerouted easyly to another server, even on another network, i do not want to split a /24 public range to just 64 /30)
Interesting. Do the 4 servers need to communicate with each other using the public IP? If not then a /30 would work jut as well as any comms would go outside the gateway.
I've never seen this done on Windows on a LAN card though it happens all the time in dialup type situations.
Have you tried using the commandline toolBTW:
netsh
interface
etc.
type help at each level after netsh for syntax - not on windows at the moment to check myself sorry.
Steve
I've never seen this done on Windows on a LAN card though it happens all the time in dialup type situations.
Have you tried using the commandline toolBTW:
netsh
interface
etc.
type help at each level after netsh for syntax - not on windows at the moment to check myself sorry.
Steve
BTW I presume you'd have to combine that with a static default route too?
route -p add 0.0.0.0 mask 0.0.0.0 192.168.0.254 192.168.0.4
or whatever though I'm not entirely sure it will accept that either, I presume the first IP on this physical NIC is the private IP?
route -p add 0.0.0.0 mask 0.0.0.0 192.168.0.254 192.168.0.4
or whatever though I'm not entirely sure it will accept that either, I presume the first IP on this physical NIC is the private IP?
ASKER
With netsh, i've tryed to add an IP with mask 255.255.255.255, but the answer :
255.255.255.255 is not an acceptable value for mask.
The 4 servers need to communicate with each other, but even, using a /30 is not a good idea, with a /30 you should not use the first nor the last ip of the range as it's used for network and broadcast. The broadcast trafic sent by one computer could mess the one using the broadcast IP of the range... it's of course possible to use a loopback adapter to avoid the broadcast trafic on the lan, but it's really not a clean solution...
As i've told, the real situation is more complex, the /32 IP's are used as "portable" public IP, if a server crash in a datacenter, i can reroute the /32 portable IP to another server even in another datacenter easyly, i just need to update the routing table of my main router... but it's much easyier to explain using a "common" situation :)
255.255.255.255 is not an acceptable value for mask.
The 4 servers need to communicate with each other, but even, using a /30 is not a good idea, with a /30 you should not use the first nor the last ip of the range as it's used for network and broadcast. The broadcast trafic sent by one computer could mess the one using the broadcast IP of the range... it's of course possible to use a loopback adapter to avoid the broadcast trafic on the lan, but it's really not a clean solution...
As i've told, the real situation is more complex, the /32 IP's are used as "portable" public IP, if a server crash in a datacenter, i can reroute the /32 portable IP to another server even in another datacenter easyly, i just need to update the routing table of my main router... but it's much easyier to explain using a "common" situation :)
I understand what you are trying to do OK, just not sure I've ever seen it done in Windows. Agreed having tried that you can't add it directly to Windows in that way either. The fact that the four may need to communicate over the public IP's makes it more difficult of course too -- now my ISP gives me a block of 8 which makes things easier of course :-)
I suppose you could drop it down to a /28 or /29 and so avoiding the broadcast or network numbers in your 'fake' subnet.
Sorry no magic answers, mainly just interested!
Steve
I suppose you could drop it down to a /28 or /29 and so avoiding the broadcast or network numbers in your 'fake' subnet.
Sorry no magic answers, mainly just interested!
Steve
ASKER
As i use public ip's for public servers, it's not a good idea, i never know when i would need to communicate with another server wich use an ip in the /28 or /29 subnet (emails,...). For a public use i need a strictly correct configuration, the router route a /32 IP, i need to define a /32 IP on the server...
Thanks for your suggest, but i do not look for a way to turnaround :) There should be nothing wrong with a /32 IP, it's commonly used for many other purposes (PPP, DSL, PPTP, CableRouter,...), i do not see why Windows does not allow it on a lan interface (at least as secondary IP/Alias)...
Thanks for your suggest, but i do not look for a way to turnaround :) There should be nothing wrong with a /32 IP, it's commonly used for many other purposes (PPP, DSL, PPTP, CableRouter,...), i do not see why Windows does not allow it on a lan interface (at least as secondary IP/Alias)...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I've looked up this way, but the right registry key is : HKLM\SYSTEM\CurrentControl
It seems to work like that after rebooting the server, but now i have a netmask error each time i try to open the tcp/ip advanced settings, thus i need regedit each time i want to modify a setting...
Not a great solution, but it's working, it's the most important... i will try to fill a bug report, it's strange that Windows does not comply with such a basic tcp/ip settings...
Thanks for your help, it pointed me in the right direction :)
It seems to work like that after rebooting the server, but now i have a netmask error each time i try to open the tcp/ip advanced settings, thus i need regedit each time i want to modify a setting...
Not a great solution, but it's working, it's the most important... i will try to fill a bug report, it's strange that Windows does not comply with such a basic tcp/ip settings...
Thanks for your help, it pointed me in the right direction :)
OK, guess it depends upon OS etc. It seemed to change the one above when I looked. Interesting discussion anyway, never thought of using a 255.255.255.255 IP in this way before. Steve
I would do a static route on 192.168.1.254 to the 192.168.2.x network.