Default Static Route

I have a server 08 with 9 Static Routes.  I need to change the default Static Route and I'm not sure if this can be done.  The issue is the server was built on a 169.123.x.x address and now it's the default static route.  My default static route should be 10.75.x.x.
WellingtonISAsked:
Who is Participating?
 
Guy LidbetterCommented:
Let me put the default route in context:

On a firewall, the default rule is to block everything. You then have a list of allowed connections which the firewall will check first before going to the default rule of blocking. This is not to say just because its the default rule the firewall will block everything. The same with the default route... it will check all the configured routes before going to the default.

You do not have to configure your switch, that is simply another way of doing this, and usually the way in larger businesses. If what you had previously is working for you, stick with it unless you have a business case to start configuring your switches.

Just don't let the fact there is now a default route confuse you, The traffic will still try every static route first before trying to go out, and since the internet has its own IP range which is a completely different mask, your connection will just drop at the gateway as opposed to go out with internal information.
0
 
Guy LidbetterCommented:
Hi Wellington,

I'm not sure what you mean by default static route?
Are you talking about the route table or persistent routes?

When you refer to a default static route could you explain what you mean? As far as routing goes, you configure a range, a gateway to get to that range and sometimes which interface to use... depending on the IP resolved for a destination your Server would use the appropriate route.
0
 
WellingtonISAuthor Commented:
They are persistant routes and the only gateway I need is for the external network.  All internal routes are static persistant.  The problem is if I remove the 169.123 nothing routes.  I'm trying to view images from this server.  My thinking is the packet is taking the default route of 169.123 - that was meant for management only.  I believe because the server was built this was with the IP of 169.123.x.x the packets are looking for that way out...
0
Network Scalability - Handle Complex Environments

Monitor your entire network from a single platform. Free 30 Day Trial Now!

 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Please show your routes (all of them, please). You can obfuscate public IPs, e.g. replace the first two octets with 1.1. or the like.
0
 
Guy LidbetterCommented:
Your configured default gateway is the route taken if no interface or gateway is specified. You will definitely need to specify a gateway on any internal routes as well if they are to know where the exit point for other VLANs is. Could you please paste the persistent route table out for us to look at?

EG

Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0    192.168.2.254  Default
0
 
FarWestCommented:
It is called default gateway
Default gateways can be set when setting the ip4 or Ip6 properties of the NIC
But it should be from the same subnet . because routers should have in subnet and out subnet addresses

Server routing has not thing to do with inbound traffic problems. You can.t access the server because your client is not in the same subnet or in different subnet but the client has not a gateway defined to link the two subnets

Of course beside other issues like security
0
 
WellingtonISAuthor Commented:
I don't think I can print my routing table on line but heres a somewhat picture
10.186.x.x 255.255.x.x 10.75.x.x 1
10.186.x.x 255.255.x.x 10.75.x.x 1
10.186.x.x 255.255.x.x 10.75.x.x 1
10.186.x.x 255.255.x.x 10.75.x.x 1
10.186.x.x 255.255.x.x 10.75.x.x 1
0.0.0.0 0.0.0.0 10.10.x.x Default - this is correct and its for outside
10.75.x.x 255.255.x.x 10.75.x.x 1
0.0.0.0 0.0.0.0 169.123.x.x default (this should be only for management and I think this is my issue)

I will need a route for 169 but not as a default

I have a 2003 server with the same setup except there are no default routes.  I'm wondering if I should just delete the 0.0.0.0 on both and just add the gateway to the nic card?
0
 
Guy LidbetterCommented:
try this

route change 0.0.0.0 MASK 0.0.0.0 169.123.x.x metric 300

Open in new window



this will put a cost of 300 on the path and may force external traffic down the cheaper 10.10.x.x route instead.
0
 
WellingtonISAuthor Commented:
ok but my question is if the public then becomes the default 0.0.0.0 0.0.0.0 10.10.x.x then will all the traffic be pushed out to the public IP instead?
0
 
Guy LidbetterCommented:
public traffic yes... the other routes you created should go through the gateway you specified...  i.e.

10.186.x.x 255.255.x.x 10.75.x.x 1: 10.186.x.5 will go through 10.75.x.x
10.75.x.x 255.255.x.x 10.75.x.x 1 : 10.75.x.5 will go through 10.75.x.x

Just as configured...
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
You shall have no default route but one. Any other route needs to be more specific. I'm not clear why you would need the 169.123.x.x route. The other one should work, if 10.10.x.x is your gateway to the Internet.
0
 
Guy LidbetterCommented:
Does the server have 2 interfaces? One public and one internal?

If that is the case, at the top of your route table is an interface list. If you want a speciffic route to go out a specific interface, append the static route config with an interface number... i.e.

Interface List
  3...84 2b 2b 9e 9c c2 ......Intel(R) 82567LM-3 Gigabit Network Connection
  1...........................Software Loopback Interface 1

Route add 10.186.x.x MASK 255.255.x.x 10.75.x.x if 3  (this will force this traffic through interface 3 above)
0
 
WellingtonISAuthor Commented:
OK I understand I'm just asking if my default route is the public IP will that give me issue interally?  In otherwords will all the traffic then be routed outside???
Server has 4 nic cards  I only want the pubic nic card to have a gateway which is why I have the static routes.  I believe the 169. is only there because the server was built with this address.  I have a tendency to want to delete that all together.  But still the quesiton remains if I do this then with the 0.0.0.0 to the public gateway as default, will this mess up my internal traffic?
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
We and others cannot make any use of internal (private) IPs, so there is no reason to obfuscate them in the amount you did - they now look all the same, and certainly are not. And I'm certain the obfuscated routes are wrong - 10.75.x.x should be your default gateway, not 10.10.x.x.
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
The more specific routes win over the more generic ones, so the default route is taken only if there is no other, better matching route.
0
 
Guy LidbetterCommented:
No Wellington, it will not... only traffic which does not fit a route in your routing table will go out via your default rule.
Unless you have omitted an internal network, NONE of your prod traffic will go out  to the public.

The 0.0.0.0 out of 169 rule is completely irrelevant to prod internal traffic. Its basically saying if you cant see this route it must be internet so go out that door there...
0
 
WellingtonISAuthor Commented:
ok  I removed the 0.0.0.0 static route and took the gateway out of 169.  Now is there a way to designate a default static route interally without adding a gateway?  Now because I did this I can't load images.  I need to designate a default interal route without adding a gateway
0
 
Guy LidbetterCommented:
Wellington, I see that you have missed the concept of a gateway.

In simple terms, a gateway is simply a device that joins two different networks. Each of your VLAN's are a different network, therefore you have a gateway between each one. E.G. the switch that routes between between 192.168.1.0/24 and 192.168.2.0/24 is a gateway.

The default gateway is configured on your machine as a point for your computer to go and ask where a network is, internal or external if it does not know where it is. An internet gateway is simply a switch which provides access to outside your organisation.

The switch can be configured with routing information for a range of networks and if configured correctly means you don't need static routes on your server, your machine will be able to find all your internal VLANS, the switch will deal with the request.

A static route enables you to hit a specific switch with that information if your default gateway does not have it. This is useful if you are segregating networks.

No internal traffic will EVER be routed out to the internet and back again. Mostly because the internet will never know your internal network IP so your connection will just end there.
0
 
WellingtonISAuthor Commented:
So what your saying is I have to configure this in the switch and not on the server.  I ask this because on my 2003 server this is what I did.  On my 2003 server I have the public IP with a gateway and the other nic cards do not have gateways instead I put on the server static routes.  In 2008 server I noticed that the default route is what the gateway is so obviously this has changed with 2008.  This is where my confusion is coming from.  On my 2003 server I did not have to do anything on the switch I did it all with static routes.  All the static route on my 2003 server have a metric of 1 and there is no designated default route as in 2008 server.
0
 
WellingtonISAuthor Commented:
OK that's what I thought!  However, the box was built with this 169 ip and somehow the application is defaulting to this ip and unless I use this 169 gate, images will not load.
0
 
Guy LidbetterCommented:
Where are the images held?
0
 
WellingtonISAuthor Commented:
on an emc with an ip of 169..
0
 
Guy LidbetterCommented:
Then set a persistent static route of
169.x.x.0 MASK 255.255.255.0 169.123.x.x -p

Open in new window


The reason it fails when you remove the default rule is that you don't use the switch for vlan switching, and you don't use a static entry like above. So you are hoping the connection will fall back to the default route which you want to use for public gateway 10.10.x.x.

Adding the static route and removing the 0.0.0.0 0.0.0.0 169.123.x.x default  entry will solve the issue.
0
 
WellingtonISAuthor Commented:
You can't do a static route on it's own gateway it will not work
0
 
WellingtonISAuthor Commented:
OK the problem has been solved by opening the network routes to a more general route.  I've added DNS to one of the NIC cards and then I added the gateway to the public IP.  As a result the routing is working. I'm not sure who to give point to for this solution.
0
 
Guy LidbetterCommented:
Give them to whomever you feel helped you the most, or split them evenly.

Glad you've got this sorted... hope we've been helpful :-)
0
 
WellingtonISAuthor Commented:
This was actually solved by opening up that static routes to a more general subnet.  Once we did that it worked. Thanks everyone
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.