I have trouble with Windows 2003 Server (and perhaps XP/others, but probably not win7/server 2008) where if I have two IPs on my network card set up as follows:
10.0.0.8/8 (netmask 255.0.0.0)
10.222.0.8/24 (netmask 255.255.255.0)
Depending on the order of the entries in the IP list for that card, the operating system may use the incorrect IP as the source address.
For example, when I then attempt to connect to 10.222.0.5, the computer sends the packets with a destination IP address of 10.222.0.5 as it should but a source IP address of 10.0.0.8 -- which, of course, is outside of the netmask range of the target 10.222.0.5, so the packets get dropped by the receiving host because, of course, it's ip/netmask of 10.222.0.5/255.255.255.0 excludes any IP in the 10.0.x range.
The network OS layer SHOULD make sure that when sending packets to a certain IP address that they are "from" an IP that is within the netmask of that IP address -- that's one of the purposes of having a routing table in the first place!
Is there a solution for this? I've had trouble with it for years, always assuming that Microsoft would fix it in their "next" update - but they haven't. Maybe it's user error?
By way of background, routing tables should be evaluated in order of tightest netmask first:
10.0.0.8/255.255.255.255 -> Direct to self
10.222.0.8/255.255.255.255 -> Direct to self
10.222.0.0/255.255.255.0 -> Out an interface with an ip/mask within this range, with a source IP 10.222.0.8
10.0.0.0/255.0.0.0 -> Out an interface an ip/mask within this range, with a source IP of 10.0.0.8
0.0.0.0/0.0.0.0 via 10.0.0.1 -> Out an interface with an IP/mask of default gateway, source IP 10.0.0.8
It just makes no sense to send out a packet with a source address outside of the network you're sending it to. But this seems to be the default behavior of win2k3 if the wider netmask IP is listed first when you go to add IPs. Nor does it make sense to evaluate the routing table in any order other then tightest netmask first.
So, in short - How can I make win2k3 always send packets with a source IP that is within the netmask range to which it is sending, even when I have overlapping ip/netmasks on the same interface?
Thanks very much!
by "netmask range" I mean the range of IPs covered by a certain IP and netmask. For example, an IP/netmask of 10.0.0.0/255.255.0.0 covers from 10.0.0.0 to 10.0.255.255.