Solved

One NIC multiple gateways

Posted on 2010-11-10
7
1,661 Views
Last Modified: 2012-08-14
I have searched high and low on this and the first dozen or more pages of google results for a good answer for the following.  Even here on EE I have seen dozens of wrong answers accepted as solutions to this problem (see below).  The scenario:

Windows Server 2003 with Exchange (one NIC with IP 192.168.100.95) exists in city A on a network connected to the internet through DSL on router 192.168.100.235.  From city A to city B (30 miles) is a Motorolla Canopy wireless system (10 Mbps) that connects an office in city B to the same network using the same subnet.  No router needed as it is all "LAN" traffic and not a VPN configuration.  In city B is a Cable internet connection on router 192.168.100.99.  The desire is to have both routers configured on all network nodes as default gateways so that if router 1 goes down then the other will take over.

Because of the geographic dispersity of the backup internet connection, a SonicWall or other dual-WAN router will not help in this scenario.

The (wrong) advice that I keep seeing is "oh it simply can't be done; you are trying to do something that TCP/IP can't do".  It's called Dead Gateway Detection and the technology has been around a long time. See below:

http://support.microsoft.com/kb/157025

and specifically an excerpt:

"If multiple routers are available on the same subnet, configure one (or more) default gateways on the same network adapter."

To be fair, I have only really seen questions phrased as "how do I do this" or "it just isnt' working" and that is not exactly the same as my issue.  Configuring multiple gateways is easy enough (it is right there in the TCP/IP properties window which should have been a red flag for the experts saying it was not possible) and by using proper metrics the failover looks like it works.  What happens, however, is that when multiple gateways are in place, even with different metrics (I used 1 for router 1 and 2 for router 2), internet connectivity on the Exchange server is hampered.  Just browsing sites seems to work perfectly fine in limited testing and the IP returned by IPChicken.com is always the same as the gateway in use (same as router 1 whenever it is active) but email flow into the Exchange server is very hit or miss when both routers are alive.  For example, one user found that email arrived at 7am, 10:35am, 2:20pm and 4pm.  However, knowing that he normally received a lot more email in a given day, we removed the 2nd gateway from the Exchange server and within minutes the rest of his email for the day, sent at all different times throughout the day, arrived as expected.  

One last piece to the puzzle, we use DYNDNS mailhop relay to queue our mail and it is then delivered to a DDNS address with the updater being on the Exchange server.  The DDNS updater is working fine and even with both gateways configured the DDNS address did not send an IP update for the hostname so it doesn't look like the server ever tried to failover to the 2nd router.  All ping tests to both routers result in zero packet loss.

Any ideas?

Bryan
0
Comment
Question by:technologyone
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 11

Expert Comment

by:Snibborg
ID: 34102048
My feeling ist that the problem can be solved by setting a persistent route in the routing table and setting the metric to be greater than the metric to the default gateway, which will have the highest priority.

This link to a Microsoft article may give you some inspiration in this regard. http://technet.microsoft.com/en-us/library/cc757323(WS.10).aspx

Using routing tables is the only way I'm aware of to direct the traffic flow you require.  I think the reason for the "you cannot do it" is because you cannot simply have two gateways, either on one NIC or multiple NIC's as they will both have the same metric level and therefore it will not work.  By manipulating the metric you can give the primary gateway the highest priority and any fallback route will pick up the slack if the primary fails.

Snibborg
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 250 total points
ID: 34111303
Windows has the option to configure multiple default gateways, and as you say you assign metrics, but unfortunately it does not work in Windows. It will with Linux, though I am not a Linux fan. In windows you can set it up, pull the plug on the primary gateway, it will fail over to the secondary gateway, and there it stays. It will never switch back unless you reboot the device. It just doesn't work. Newer windows operating systems usually warn you that multiple gateways are not supported when you try to configure it, thus i do not know why it is there.

Where multiple WAN routers are not possible the only option I see in your case would be to write a script that checks for Internet access via the primary rout every 'x' minutes, and if that fails, re write the routing table using netsh to use the other gateway.  am not a programmer, so I would not be much help with that.

0
 
LVL 4

Assisted Solution

by:lcappelli
lcappelli earned 250 total points
ID: 34903742
This might be off topic, but you do not necessarily need two default gateways to use 2 different routers with a fall back capability. Cisco Routers can use something called Hot Stand By Routing, this is a situation in which a virtual router exists between two routers that will switch between the 2 real routers, thus 2 possible paths, 2 routers, but the clients only needed 1 default gateway.

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094a91.shtml
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:technologyone
ID: 34984944
Doesn't this still give you a single point of failure though?  The virtual router is the single point of failure.
0
 
LVL 4

Expert Comment

by:lcappelli
ID: 34989298
No the virtual router can immediately assume the identity of the 2 real routers they it stands in for, hense the hotstandby fallover concept.
0
 
LVL 38

Expert Comment

by:younghv
ID: 35687778
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Vpn Server 2012 not working Draytek Vigor 2830 2 76
Surface Pro 4 wifi 4 50
Windows 2012 R2 HP Proliant 110 Gen9 multiple vlans on one NIC? 11 95
No IP Address Assigned to VM 10 155
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question