Solved

help with Windows Routes and Metrics

Posted on 2013-10-26
3
478 Views
Last Modified: 2014-07-02
i have a single device sitting on a network with a firewall (cisco asa) between it and a device that sends data to it.  For an example (not real IP's) here is info

Destination device = 10.10.10.100
source device network card 1 = 192.168.10.10, firewall gateway 192.168.10.1
source device network card 2 = 192.168.20.10, firewall gateway 192.168.20.1

there are basically two routes for the firewall that we want to prioritize to always go over card 1 unless it is down.  In the route tables on windows we issued these commands

route add -p 10.10.10.100 mask 255.255.255.255 192.168.10.1 metric 1
route add -p 10.10.10.100 mask 255.255.255.255 192.168.20.1 metric 2

after the persistent route tables show the correct entries as expect.

what we expected was for the route to take metric 1 on card1 if available and if card 1 fails to automatically pick communications using card 2 which has a metric of 2 (more expensive)

it doesn't work, we disconnected the cable off of card 1 and ping to device fails
if we make them both metric 1, it looks like it at least pings and gets through, but how do we prioritize using the metric then??

Any help would be appreciated, maybe i'm expecting too much from Windows networking.
Do you think just disconnecting the card is not enough for windows to take the next metric?

thanks
0
Comment
Question by:rkneal
  • 2
3 Comments
 
LVL 68

Accepted Solution

by:
Qlemo earned 500 total points
Comment Utility
It should work that way. As soon as you disconnect the physical network connection for card 1, all according routes should get invalid, even if persistent. But no dice, proper routing is only done with non-persisting routes, because those are dismissed (of course) as soon as the associated network connection has gone. A workaround is to to use non-persistent routes, and set those on a regular base in case the connection comes back again.

Anyway, is it likely the connection to the ASA will fail? More probably the connections behind ASA are down, and that would not help you at all.
0
 
LVL 44

Expert Comment

by:Darr247
Comment Utility
Try
route add -p 0.0.0.0 mask 0.0.0.0 192.168.10.1 metric 1
route add -p 0.0.0.0 mask 0.0.0.0 192.168.20.1 metric 2

instead.
0
 
LVL 68

Assisted Solution

by:Qlemo
Qlemo earned 500 total points
Comment Utility
Default gateway failover doesn't work for the same reason, so I don't think that makes any difference.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now