asked on

Need help with the "Route -p" command for dual homed servers

Hi guys,

I need help with a persistent "Route -p" command.

I have a single server with 2 Nics.

IP Address:

IP Address:

I want traffic on the to stay on that network and I want traffic on the 10.10.10.x to stay on that network but I do want that 10.10.10.x network to go out the for the internet.

Any advice on what the Route -P command would be to do that?
Traffic will stay local to it's own subnet by default.
A PC/Server can only have one gateway address so you need to remove the gateway from the adapter.
Then, enable routing and remote access on the server and check "LAN routing". Finally, just set the gateway on the PC's in the 10.10.10.x subnet to use as their default gateway. This will effectively add to those PC the following route, with no need to manually add it.
route -p add  mask
You want local traffic to go to the local gateway:

So, for NIC2:
IP Address:
This is probably already there as you can see from:
route print

You want packets on LAN2 destined for the internet to get onto LAN1 and routed to the default  address' gateway.

So, first, you want to route LAN2 packets destined for the "default" address to go to LAN1 with NIC1 being the gateway or "next hop".

route -p mask metric 1

Or, maybe this would be sufficient:

route -p mask metric 1

In the end you need from "route print"  1

Which means any address outside either LAN will go from the interface (NIC1) to the internet gateway

Then, you want packets *from* the internet destined for LAN2 to go to NIC1 as the gateway.

*On the gateway router*  on LAN1 you probably need the equivalent of:

route -p mask

This establishes NIC1 as the gateway to LAN2.

Then, you need the packets arriving at NIC1 to be routed to NIC2.

route -p mask

I may have made some mistakes here but those are the key ideas.

Note that packets on LAN2 that are addressed for LAN1 will be routed via the default LAN2 route.
Note that packets on LAN1 that are addressed for LAN2 will be routed.
So, isolation between the LANs may need to be implemented with a firewall than only allows the internet traffic path ... something like that.

And routing on this computer has to be enabled.

I hope this helps.  I've not done it myself but this should get you closer and it may work!

What you can't do is establish a route that has the gateway or next hop address in a range that's different than one of the LAN subnet ranges.

