[Webinar] Streamline your web hosting managementRegister Today


Windows 7 appears to ignore default gateway in dual gateway setup

Posted on 2013-11-20
Medium Priority
Last Modified: 2013-11-27
We have a network in place where we have several workstations that need to access two distinct networks (Supernet and Internet)

The first network comes in to Router A, then on to a switch. The second comes in on Router B, and out the same 24 port unmanaged (open) switch. From there, we have one network cable going to each of several workstations.

In order to be able to communicate with both networks using the same IP address, we've set up both routers (with completely different WAN IPs) to both have a LAN IP in the same local subnet. Let's say (slightly obscured). This is technically a Canadian government owned range of SuperNet IP addresses, so when they go out Router A to the supernet, they will be seen as public IP addresses. When they go out to the Internet on Router B, they are seen as internal IP addresses. As an example, Router IP would have a gateway LAN IP to it's clients of, and our ISP router would be in the same range, but closer to the other end, so

In order to avoid IP conflicts on the SuperNet, each workstation has a series of routes, something along the lines of:

route -p add mask metric 1 if 11
(default all traffic to ISP connected router)

This is followed by a series of routes along the lines of:
route -p add 142.149.#.# (SuperNet Gateway for specific IP's).
There are not too many of these, and they don't change, so we set the static routes, and go.

Obviously this is non-standard, but we've done it a number of times to avoid having two network cards on each machine, and to avoid running several additional cables. This has worked consistently in the past, on windows XP machines, and on a few Windows 7 machines (after a tweaking of ArpRetryCount in the windows 7 registry).

What is happening now, suddenly, at one of our networks, is that the new Windows 7 workstations are ignoring the default route, periodically. Immediately after a startup, most of the machines will not appear to have internet or supernet. If you wait long enough, say 10 minutes, it eventually "works itself out" somehow. During the period of not working, if I were to try to ping anything on either the internet or supernet, both respond. This led me to believe DNS issues, but I can actually ping domains on the internet and supernet both, BY Name - with no problems. Viewing in a browser, and telnet on port 80 both fail. This led me to believe a firewall, blocking the port. All firewalls disabled, all additional hardware removed, all routers have firewalls turned off, and still the same periodic problem.

A tracert google.ca - run on the Windows 7 machine during it's non-working time revealed that the first hop attempted appears to be going to Router A (SuperNet). This is what I mean in my Title when I say it appears to be ignoring the default route. Google definitely does not have an IP within the specified ranges in our other routes, and the primary route is to our ISP router ( in this example). Additionally if you view the Adapter ipv4 settings, the default gateway is listed as, but sure enough, every time you restart the windows 7 box and do a tracert google.ca, it goes to that SuperNet gateway first instead. Wait 10 minutes, then it goes to the proper one.

We've replaced pretty much every piece of hardware in the office, including cables, switches and routers.

Final note: There is one remaining Windows XP machine in the office, with all the same settings, and it has worked flawlessly the entire time, ruling out all other issues we could possibly come up with.

Question by:dalesarver
  • 4
  • 3
LVL 78

Expert Comment

by:Rob Williams
ID: 39664225
Are you saying you are using multiple default gateways?  Windows doesn't support that with or without metrics.  The options are they but they don't work.  Multiple NIC's and as many static routes is not a problem.

Perhaps it would be easier for us to understand if you could provide the results of route print,  ipconfig /all would also be helpful.

Author Comment

ID: 39667220
We actually only have one default gateway set up when you look at the settings in the IP configuration, however we do have the second gateway in the static routes. As I mentioned earlier, this is a configuration we have used a number of other times in other networks, and while I know it is not a standard way of running two networks, it has worked flawlessly several times before. Something is different on this network, or in these machines - that is causing this issue.

I don't have access to the network at the moment but I will tomorrow, so I'll be sure to grab a route print and an ipconfig /all at that time and post it back here after.
LVL 78

Expert Comment

by:Rob Williams
ID: 39667695
I suspect it is me but I am having a really hard time making a 'map' of the set up and why/what you are trying to accomplish.  The one point I do see that could be an issue is;
"every time you restart the windows 7 box and do a tracert google.ca, it goes to that SuperNet gateway first instead. Wait 10 minutes, then it goes to the proper one."  
There is a problem with metrics and especially gateways with Windows where the higher priority metric should be used first and generally is, until it fails, even for a second, then as it should it switches to the next highest priority, but with windows it will never switch back.  It almost sounds like this is what may be happening but your metrics are backward.

What are you using for subnet masks with the 142.19.x.x addresses?  t sounds like the Router's LAN and WAN are part of the same subnet which shouldn't even work, but you say it does.

Maybe the route print results will help to clarify.
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.


Author Comment

ID: 39669664
Thanks for your help, I'll be going there this evening, so I'll get a route print and ipconfig /all at that time, and post it here. In the meantime, here is a rough diagram of the network, attached. Is it possible that the DHCP on router labeled "b" is somehow causing confusion? I can't see why it would, but we're grasping at this point...It's also been suggested to me to disable the checkbox "register this connections ip address in the dns" in the adapter settings, but I've never had to do that before, and to be honest I'm not 100% sure what the purpose of that even is.
Our Subnet mask is on each of the problem workstations. We tried opening it up (again, grasping) to, but not surprisingly - to no avail. Hopefully the attached will offer some insight.
Thanks again!

Network Map
LVL 78

Expert Comment

by:Rob Williams
ID: 39670473
Based on the diagram it appears to me that you want all traffic to use router C unless destined for a 142.149.?.x IP.  If that is the case you simply need to configure the workstations with:

Static IP 142.149.?.3-5
Default Gateway 142.149.?.250
Subnet mask
and ad  the following rote:
route  -p  add  142.149.?.0  mask  142.149.?.1  (no metric needed)

Instead of adding the router to each PC you could add it to the default gateway router C if it supports static routes.

Am I missing something or over simplifying?

Accepted Solution

dalesarver earned 0 total points
ID: 39670952
Ok we figured it out. The routes were all fine, apparantly the Cisco router "a" or 142.149.?.1 had arp proxy enabled. The workstations weren't ignoring the default gateway, the secondary router was pretending to BE the default gateway, responding to arp requests and "capturing" the traffic intended for the other router. Ideally we would find and disable this setting but since we don't have access, we've simply isolated the two networks, and put in additional network cards. Oh well. Anyone who has this problem, arp proxy could be your culprit.

Author Closing Comment

ID: 39680282
We stumbled across this, with some valued assistance, by looking at an arp -a result, and noting that the two gateways listed had the same physical address in the arp table. It didnt take long from there to see what was happening.

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Virtualization software lets you run different versions of Windows, Ubuntu Linux and other versions of Linux all at the same time, rather than running each one directly from your computer's hard drive.
I was recently poking around with LibreOffice and figured out how easy it is to add great vector clip art to one's own LibreOffice gallery collection.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…

591 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question