Solved

Windows 7 appears to ignore default gateway in dual gateway setup

Posted on 2013-11-20
7
1,562 Views
Last Modified: 2013-11-27
We have a network in place where we have several workstations that need to access two distinct networks (Supernet and Internet)

The first network comes in to Router A, then on to a switch. The second comes in on Router B, and out the same 24 port unmanaged (open) switch. From there, we have one network cable going to each of several workstations.

In order to be able to communicate with both networks using the same IP address, we've set up both routers (with completely different WAN IPs) to both have a LAN IP in the same local subnet. Let's say 142.149.10.0/24 (slightly obscured). This is technically a Canadian government owned range of SuperNet IP addresses, so when they go out Router A to the supernet, they will be seen as public IP addresses. When they go out to the Internet on Router B, they are seen as internal IP addresses. As an example, Router IP would have a gateway LAN IP to it's clients of 142.149.10.1, and our ISP router would be in the same range, but closer to the other end, so 142.149.10.250.

In order to avoid IP conflicts on the SuperNet, each workstation has a series of routes, something along the lines of:

route -p add 0.0.0.0 mask 0.0.0.0 142.149.10.250 metric 1 if 11
(default all traffic to ISP connected router)

This is followed by a series of routes along the lines of:
route -p add 142.149.#.# 142.149.10.1 (SuperNet Gateway for specific IP's).
There are not too many of these, and they don't change, so we set the static routes, and go.

Obviously this is non-standard, but we've done it a number of times to avoid having two network cards on each machine, and to avoid running several additional cables. This has worked consistently in the past, on windows XP machines, and on a few Windows 7 machines (after a tweaking of ArpRetryCount in the windows 7 registry).

What is happening now, suddenly, at one of our networks, is that the new Windows 7 workstations are ignoring the default route, periodically. Immediately after a startup, most of the machines will not appear to have internet or supernet. If you wait long enough, say 10 minutes, it eventually "works itself out" somehow. During the period of not working, if I were to try to ping anything on either the internet or supernet, both respond. This led me to believe DNS issues, but I can actually ping domains on the internet and supernet both, BY Name - with no problems. Viewing in a browser, and telnet on port 80 both fail. This led me to believe a firewall, blocking the port. All firewalls disabled, all additional hardware removed, all routers have firewalls turned off, and still the same periodic problem.

A tracert google.ca - run on the Windows 7 machine during it's non-working time revealed that the first hop attempted appears to be going to Router A (SuperNet). This is what I mean in my Title when I say it appears to be ignoring the default route. Google definitely does not have an IP within the specified ranges in our other routes, and the primary route is to our ISP router (142.149.10.250 in this example). Additionally if you view the Adapter ipv4 settings, the default gateway is listed as 142.149.10.250, but sure enough, every time you restart the windows 7 box and do a tracert google.ca, it goes to that 142.149.10.1 SuperNet gateway first instead. Wait 10 minutes, then it goes to the proper one.

We've replaced pretty much every piece of hardware in the office, including cables, switches and routers.

Final note: There is one remaining Windows XP machine in the office, with all the same settings, and it has worked flawlessly the entire time, ruling out all other issues we could possibly come up with.

HELP!
0
Comment
Question by:dalesarver
  • 4
  • 3
7 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39664225
Are you saying you are using multiple default gateways?  Windows doesn't support that with or without metrics.  The options are they but they don't work.  Multiple NIC's and as many static routes is not a problem.

Perhaps it would be easier for us to understand if you could provide the results of route print,  ipconfig /all would also be helpful.
0
 

Author Comment

by:dalesarver
ID: 39667220
We actually only have one default gateway set up when you look at the settings in the IP configuration, however we do have the second gateway in the static routes. As I mentioned earlier, this is a configuration we have used a number of other times in other networks, and while I know it is not a standard way of running two networks, it has worked flawlessly several times before. Something is different on this network, or in these machines - that is causing this issue.

I don't have access to the network at the moment but I will tomorrow, so I'll be sure to grab a route print and an ipconfig /all at that time and post it back here after.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39667695
I suspect it is me but I am having a really hard time making a 'map' of the set up and why/what you are trying to accomplish.  The one point I do see that could be an issue is;
"every time you restart the windows 7 box and do a tracert google.ca, it goes to that 142.149.10.1 SuperNet gateway first instead. Wait 10 minutes, then it goes to the proper one."  
There is a problem with metrics and especially gateways with Windows where the higher priority metric should be used first and generally is, until it fails, even for a second, then as it should it switches to the next highest priority, but with windows it will never switch back.  It almost sounds like this is what may be happening but your metrics are backward.

What are you using for subnet masks with the 142.19.x.x addresses?  t sounds like the Router's LAN and WAN are part of the same subnet which shouldn't even work, but you say it does.

Maybe the route print results will help to clarify.
0
Do email signature updates give you a headache?

Do you feel like all of your time is spent managing email signatures? Too busy to visit every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

 

Author Comment

by:dalesarver
ID: 39669664
Thanks for your help, I'll be going there this evening, so I'll get a route print and ipconfig /all at that time, and post it here. In the meantime, here is a rough diagram of the network, attached. Is it possible that the DHCP on router labeled "b" is somehow causing confusion? I can't see why it would, but we're grasping at this point...It's also been suggested to me to disable the checkbox "register this connections ip address in the dns" in the adapter settings, but I've never had to do that before, and to be honest I'm not 100% sure what the purpose of that even is.
Our Subnet mask is 255.255.255.0 on each of the problem workstations. We tried opening it up (again, grasping) to 255.255.0.0, but not surprisingly - to no avail. Hopefully the attached will offer some insight.
Thanks again!

Network Map
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39670473
Based on the diagram it appears to me that you want all traffic to use router C unless destined for a 142.149.?.x IP.  If that is the case you simply need to configure the workstations with:

Static IP 142.149.?.3-5
Default Gateway 142.149.?.250
Subnet mask 255.255.255.0
and ad  the following rote:
route  -p  add  142.149.?.0  mask  255.255.255.0  142.149.?.1  (no metric needed)

Instead of adding the router to each PC you could add it to the default gateway router C if it supports static routes.

Am I missing something or over simplifying?
0
 

Accepted Solution

by:
dalesarver earned 0 total points
ID: 39670952
Ok we figured it out. The routes were all fine, apparantly the Cisco router "a" or 142.149.?.1 had arp proxy enabled. The workstations weren't ignoring the default gateway, the secondary router was pretending to BE the default gateway, responding to arp requests and "capturing" the traffic intended for the other router. Ideally we would find and disable this setting but since we don't have access, we've simply isolated the two networks, and put in additional network cards. Oh well. Anyone who has this problem, arp proxy could be your culprit.
0
 

Author Closing Comment

by:dalesarver
ID: 39680282
We stumbled across this, with some valued assistance, by looking at an arp -a result, and noting that the two gateways listed had the same physical address in the arp table. It didnt take long from there to see what was happening.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now