Solved

Windows 7 appears to ignore default gateway in dual gateway setup

Posted on 2013-11-20
7
1,633 Views
Last Modified: 2013-11-27
We have a network in place where we have several workstations that need to access two distinct networks (Supernet and Internet)

The first network comes in to Router A, then on to a switch. The second comes in on Router B, and out the same 24 port unmanaged (open) switch. From there, we have one network cable going to each of several workstations.

In order to be able to communicate with both networks using the same IP address, we've set up both routers (with completely different WAN IPs) to both have a LAN IP in the same local subnet. Let's say 142.149.10.0/24 (slightly obscured). This is technically a Canadian government owned range of SuperNet IP addresses, so when they go out Router A to the supernet, they will be seen as public IP addresses. When they go out to the Internet on Router B, they are seen as internal IP addresses. As an example, Router IP would have a gateway LAN IP to it's clients of 142.149.10.1, and our ISP router would be in the same range, but closer to the other end, so 142.149.10.250.

In order to avoid IP conflicts on the SuperNet, each workstation has a series of routes, something along the lines of:

route -p add 0.0.0.0 mask 0.0.0.0 142.149.10.250 metric 1 if 11
(default all traffic to ISP connected router)

This is followed by a series of routes along the lines of:
route -p add 142.149.#.# 142.149.10.1 (SuperNet Gateway for specific IP's).
There are not too many of these, and they don't change, so we set the static routes, and go.

Obviously this is non-standard, but we've done it a number of times to avoid having two network cards on each machine, and to avoid running several additional cables. This has worked consistently in the past, on windows XP machines, and on a few Windows 7 machines (after a tweaking of ArpRetryCount in the windows 7 registry).

What is happening now, suddenly, at one of our networks, is that the new Windows 7 workstations are ignoring the default route, periodically. Immediately after a startup, most of the machines will not appear to have internet or supernet. If you wait long enough, say 10 minutes, it eventually "works itself out" somehow. During the period of not working, if I were to try to ping anything on either the internet or supernet, both respond. This led me to believe DNS issues, but I can actually ping domains on the internet and supernet both, BY Name - with no problems. Viewing in a browser, and telnet on port 80 both fail. This led me to believe a firewall, blocking the port. All firewalls disabled, all additional hardware removed, all routers have firewalls turned off, and still the same periodic problem.

A tracert google.ca - run on the Windows 7 machine during it's non-working time revealed that the first hop attempted appears to be going to Router A (SuperNet). This is what I mean in my Title when I say it appears to be ignoring the default route. Google definitely does not have an IP within the specified ranges in our other routes, and the primary route is to our ISP router (142.149.10.250 in this example). Additionally if you view the Adapter ipv4 settings, the default gateway is listed as 142.149.10.250, but sure enough, every time you restart the windows 7 box and do a tracert google.ca, it goes to that 142.149.10.1 SuperNet gateway first instead. Wait 10 minutes, then it goes to the proper one.

We've replaced pretty much every piece of hardware in the office, including cables, switches and routers.

Final note: There is one remaining Windows XP machine in the office, with all the same settings, and it has worked flawlessly the entire time, ruling out all other issues we could possibly come up with.

HELP!
0
Comment
Question by:dalesarver
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39664225
Are you saying you are using multiple default gateways?  Windows doesn't support that with or without metrics.  The options are they but they don't work.  Multiple NIC's and as many static routes is not a problem.

Perhaps it would be easier for us to understand if you could provide the results of route print,  ipconfig /all would also be helpful.
0
 

Author Comment

by:dalesarver
ID: 39667220
We actually only have one default gateway set up when you look at the settings in the IP configuration, however we do have the second gateway in the static routes. As I mentioned earlier, this is a configuration we have used a number of other times in other networks, and while I know it is not a standard way of running two networks, it has worked flawlessly several times before. Something is different on this network, or in these machines - that is causing this issue.

I don't have access to the network at the moment but I will tomorrow, so I'll be sure to grab a route print and an ipconfig /all at that time and post it back here after.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39667695
I suspect it is me but I am having a really hard time making a 'map' of the set up and why/what you are trying to accomplish.  The one point I do see that could be an issue is;
"every time you restart the windows 7 box and do a tracert google.ca, it goes to that 142.149.10.1 SuperNet gateway first instead. Wait 10 minutes, then it goes to the proper one."  
There is a problem with metrics and especially gateways with Windows where the higher priority metric should be used first and generally is, until it fails, even for a second, then as it should it switches to the next highest priority, but with windows it will never switch back.  It almost sounds like this is what may be happening but your metrics are backward.

What are you using for subnet masks with the 142.19.x.x addresses?  t sounds like the Router's LAN and WAN are part of the same subnet which shouldn't even work, but you say it does.

Maybe the route print results will help to clarify.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:dalesarver
ID: 39669664
Thanks for your help, I'll be going there this evening, so I'll get a route print and ipconfig /all at that time, and post it here. In the meantime, here is a rough diagram of the network, attached. Is it possible that the DHCP on router labeled "b" is somehow causing confusion? I can't see why it would, but we're grasping at this point...It's also been suggested to me to disable the checkbox "register this connections ip address in the dns" in the adapter settings, but I've never had to do that before, and to be honest I'm not 100% sure what the purpose of that even is.
Our Subnet mask is 255.255.255.0 on each of the problem workstations. We tried opening it up (again, grasping) to 255.255.0.0, but not surprisingly - to no avail. Hopefully the attached will offer some insight.
Thanks again!

Network Map
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39670473
Based on the diagram it appears to me that you want all traffic to use router C unless destined for a 142.149.?.x IP.  If that is the case you simply need to configure the workstations with:

Static IP 142.149.?.3-5
Default Gateway 142.149.?.250
Subnet mask 255.255.255.0
and ad  the following rote:
route  -p  add  142.149.?.0  mask  255.255.255.0  142.149.?.1  (no metric needed)

Instead of adding the router to each PC you could add it to the default gateway router C if it supports static routes.

Am I missing something or over simplifying?
0
 

Accepted Solution

by:
dalesarver earned 0 total points
ID: 39670952
Ok we figured it out. The routes were all fine, apparantly the Cisco router "a" or 142.149.?.1 had arp proxy enabled. The workstations weren't ignoring the default gateway, the secondary router was pretending to BE the default gateway, responding to arp requests and "capturing" the traffic intended for the other router. Ideally we would find and disable this setting but since we don't have access, we've simply isolated the two networks, and put in additional network cards. Oh well. Anyone who has this problem, arp proxy could be your culprit.
0
 

Author Closing Comment

by:dalesarver
ID: 39680282
We stumbled across this, with some valued assistance, by looking at an arp -a result, and noting that the two gateways listed had the same physical address in the arp table. It didnt take long from there to see what was happening.
0

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
When asking a question in a forum or creating documentation, screenshots are vital tools that can convey a lot more information and save you and your reader a lot of time
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question