Solved

help with Windows Routes and Metrics

Posted on 2013-10-26
3
499 Views
Last Modified: 2014-07-02
i have a single device sitting on a network with a firewall (cisco asa) between it and a device that sends data to it.  For an example (not real IP's) here is info

Destination device = 10.10.10.100
source device network card 1 = 192.168.10.10, firewall gateway 192.168.10.1
source device network card 2 = 192.168.20.10, firewall gateway 192.168.20.1

there are basically two routes for the firewall that we want to prioritize to always go over card 1 unless it is down.  In the route tables on windows we issued these commands

route add -p 10.10.10.100 mask 255.255.255.255 192.168.10.1 metric 1
route add -p 10.10.10.100 mask 255.255.255.255 192.168.20.1 metric 2

after the persistent route tables show the correct entries as expect.

what we expected was for the route to take metric 1 on card1 if available and if card 1 fails to automatically pick communications using card 2 which has a metric of 2 (more expensive)

it doesn't work, we disconnected the cable off of card 1 and ping to device fails
if we make them both metric 1, it looks like it at least pings and gets through, but how do we prioritize using the metric then??

Any help would be appreciated, maybe i'm expecting too much from Windows networking.
Do you think just disconnecting the card is not enough for windows to take the next metric?

thanks
0
Comment
Question by:rkneal
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 70

Accepted Solution

by:
Qlemo earned 500 total points
ID: 39603855
It should work that way. As soon as you disconnect the physical network connection for card 1, all according routes should get invalid, even if persistent. But no dice, proper routing is only done with non-persisting routes, because those are dismissed (of course) as soon as the associated network connection has gone. A workaround is to to use non-persistent routes, and set those on a regular base in case the connection comes back again.

Anyway, is it likely the connection to the ASA will fail? More probably the connections behind ASA are down, and that would not help you at all.
0
 
LVL 44

Expert Comment

by:Darr247
ID: 39604640
Try
route add -p 0.0.0.0 mask 0.0.0.0 192.168.10.1 metric 1
route add -p 0.0.0.0 mask 0.0.0.0 192.168.20.1 metric 2

instead.
0
 
LVL 70

Assisted Solution

by:Qlemo
Qlemo earned 500 total points
ID: 39604930
Default gateway failover doesn't work for the same reason, so I don't think that makes any difference.
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes you might need to configure routing based not only on destination IP address, but also on a combination of destination IP address (or hostname) and destination port number. I will describe a method how to accomplish this with free tools. …
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question