Dynamic Default Gateway??

I have a server with access to 3 gateways to the internet on it's internal
network. I wanted to serve clients connecting through each router (with port
redirection and no vpns) but I can only connect to the server from a remote
client if using the router that's configured as the server's default
gateway.

I guess that since the replies will go back to the client with a potentially
different ip (the server's default gateway), the reply is discarded and the
connection isn't made.

First of all, am I correct to assume this? And second, is there any way to
force the server to use a "dynamic" gateway, depending on where the incoming
requests come from?

Hello Sergio,

That's normal. You can not configure more then one DG.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

> I have a server with access to 3 gateways to the internet on it's
> internal network. I wanted to serve clients connecting through each
> router (with port redirection and no vpns) but I can only connect to
> the server from a remote client if using the router that's configured
> as the server's default gateway.
>
> I guess that since the replies will go back to the client with a
> potentially different ip (the server's default gateway), the reply is
> discarded and the connection isn't made.
>
> First of all, am I correct to assume this? And second, is there any
> way to force the server to use a "dynamic" gateway, depending on where
> the incoming requests come from?
>

Yes but is there a workaround to achieve what I'm trying to do here? Is this
an impossible scenario?

"Meinolf Weber" <meiweb(nospam)@gmx.de> wrote in message
news:(E-Mail Removed) .com...
> Hello Sergio,
>
> That's normal. You can not configure more then one DG.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>> I have a server with access to 3 gateways to the internet on it's
>> internal network. I wanted to serve clients connecting through each
>> router (with port redirection and no vpns) but I can only connect to
>> the server from a remote client if using the router that's configured
>> as the server's default gateway.
>>
>> I guess that since the replies will go back to the client with a
>> potentially different ip (the server's default gateway), the reply is
>> discarded and the connection isn't made.
>>
>> First of all, am I correct to assume this? And second, is there any
>> way to force the server to use a "dynamic" gateway, depending on where
>> the incoming requests come from?
>>
>
>

No, there is not any way to do that with Windows. Traffic is routed based
on its destination. What you are trying to do is route the traffic based on
its source (ie where it can from, not where it is going to).

"Sergio Henrique" <(E-Mail Removed)> wrote in message
news:O#(E-Mail Removed)...
> Yes but is there a workaround to achieve what I'm trying to do here? Is
> this an impossible scenario?
>
> "Meinolf Weber" <meiweb(nospam)@gmx.de> wrote in message
> news:(E-Mail Removed) .com...
>> Hello Sergio,
>>
>> That's normal. You can not configure more then one DG.
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>
>>> I have a server with access to 3 gateways to the internet on it's
>>> internal network. I wanted to serve clients connecting through each
>>> router (with port redirection and no vpns) but I can only connect to
>>> the server from a remote client if using the router that's configured
>>> as the server's default gateway.
>>>
>>> I guess that since the replies will go back to the client with a
>>> potentially different ip (the server's default gateway), the reply is
>>> discarded and the connection isn't made.
>>>
>>> First of all, am I correct to assume this? And second, is there any
>>> way to force the server to use a "dynamic" gateway, depending on where
>>> the incoming requests come from?
>>>
>>
>>
>
>

I see. Does anyone know of any 3rd party tool that can help me out here?
Even with all routers as default gateways, with the same metrics, windows
will still not choose the one where the request came from.

"Bill Grant" <not.available@online> wrote in message
news:Oa%(E-Mail Removed)...
> No, there is not any way to do that with Windows. Traffic is routed based
> on its destination. What you are trying to do is route the traffic based
> on its source (ie where it can from, not where it is going to).
>
> "Sergio Henrique" <(E-Mail Removed)> wrote in message
> news:O#(E-Mail Removed)...
>> Yes but is there a workaround to achieve what I'm trying to do here? Is
>> this an impossible scenario?
>>
>> "Meinolf Weber" <meiweb(nospam)@gmx.de> wrote in message
>> news:(E-Mail Removed) .com...
>>> Hello Sergio,
>>>
>>> That's normal. You can not configure more then one DG.
>>>
>>> Best regards
>>>
>>> Meinolf Weber
>>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>>> confers no rights.
>>> ** Please do NOT email, only reply to Newsgroups
>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>
>>>> I have a server with access to 3 gateways to the internet on it's
>>>> internal network. I wanted to serve clients connecting through each
>>>> router (with port redirection and no vpns) but I can only connect to
>>>> the server from a remote client if using the router that's configured
>>>> as the server's default gateway.
>>>>
>>>> I guess that since the replies will go back to the client with a
>>>> potentially different ip (the server's default gateway), the reply is
>>>> discarded and the connection isn't made.
>>>>
>>>> First of all, am I correct to assume this? And second, is there any
>>>> way to force the server to use a "dynamic" gateway, depending on where
>>>> the incoming requests come from?
>>>>
>>>
>>>
>>
>>

Don't make routing decisions at the Hosts. Make routing decisions at the
LAN Routers,...which you won't have in a single-subnet lan,...so that idea
is out.

With high-quality firewall devices (like MS ISA Server) you can tell it to
make the incomming request "appear to come from the Firewall instead of
actual client" which will solve the problem because the Target Host will
reply back to where it "thinks" the request came from. But you cannot do
this with most products and you certainly can't do it with "home user"
quality products you buy off the consumer retail shelf.

The best solution is to have one fast Internet connection instead of three
slower ones.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------


"Sergio Henrique" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>I see. Does anyone know of any 3rd party tool that can help me out here?
>Even with all routers as default gateways, with the same metrics, windows
>will still not choose the one where the request came from.
>
> "Bill Grant" <not.available@online> wrote in message
> news:Oa%(E-Mail Removed)...
>> No, there is not any way to do that with Windows. Traffic is routed
>> based on its destination. What you are trying to do is route the traffic
>> based on its source (ie where it can from, not where it is going to).
>>
>> "Sergio Henrique" <(E-Mail Removed)> wrote in message
>> news:O#(E-Mail Removed)...
>>> Yes but is there a workaround to achieve what I'm trying to do here? Is
>>> this an impossible scenario?
>>>
>>> "Meinolf Weber" <meiweb(nospam)@gmx.de> wrote in message
>>> news:(E-Mail Removed) .com...
>>>> Hello Sergio,
>>>>
>>>> That's normal. You can not configure more then one DG.
>>>>
>>>> Best regards
>>>>
>>>> Meinolf Weber
>>>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>>>> confers no rights.
>>>> ** Please do NOT email, only reply to Newsgroups
>>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>
>>>>> I have a server with access to 3 gateways to the internet on it's
>>>>> internal network. I wanted to serve clients connecting through each
>>>>> router (with port redirection and no vpns) but I can only connect to
>>>>> the server from a remote client if using the router that's configured
>>>>> as the server's default gateway.
>>>>>
>>>>> I guess that since the replies will go back to the client with a
>>>>> potentially different ip (the server's default gateway), the reply is
>>>>> discarded and the connection isn't made.
>>>>>
>>>>> First of all, am I correct to assume this? And second, is there any
>>>>> way to force the server to use a "dynamic" gateway, depending on where
>>>>> the incoming requests come from?
>>>>>
>>>>
>>>>
>>>
>>>
>
>

"Phillip Windell" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Don't make routing decisions at the Hosts. Make routing decisions at the
> LAN Routers,...which you won't have in a single-subnet lan,...so that idea
> is out.

BTW - My above comment is just a general comment about not using individual
Hosts to make routing descisions. But even if you hade a LAN Router it
would not solve your particular issue. Thought I'd clarify that before it
caused confusion.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------

But would an ISA Server with that setting on, solve my problem? Would ISA
keep track of the route the source took to get there in the first place?
Wouldn't ISA just try to find the quickest way to get to the servers reply
back to where it came from? I can use the trial to check it out, just wasn't
sure if this is what you've meant.

About how preferable it is to have one faster connection instead of many
slower one's... that's not a choice in our case. The company is located in a
remote industrial area where ISPs can't get download speeds beyond 1-2 mbps.
To make up for all the download and upload throughput we need, we have no
other choice but to try to take advantage of many slower connections.

I'm now starting to check out some multi-wan routers which should solve my
problem but if anyone can give me any more ideas on how to solve this with a
software solution, I'd be grateful.

Thanks.


"Phillip Windell" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
> "Phillip Windell" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> Don't make routing decisions at the Hosts. Make routing decisions at the
>> LAN Routers,...which you won't have in a single-subnet lan,...so that
>> idea is out.
>
> BTW - My above comment is just a general comment about not using
> individual Hosts to make routing descisions. But even if you hade a LAN
> Router it would not solve your particular issue. Thought I'd clarify that
> before it caused confusion.
>
> --
> Phillip Windell
> www.wandtv.com
>
> The views expressed, are my own and not those of my employer, or
> Microsoft,
> or anyone else associated with me, including my cats.
> -----------------------------------------------------
>
>

"Sergio Henrique" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> But would an ISA Server with that setting on, solve my problem?

If you did it right, yes. If you did it wrong, no.

> Would ISA keep track of the route the source took to get there in the
> first place?

No. It is irrelevant. Routes are determined by the destination something is
going to "now",...not the source it came from "last time".

> Wouldn't ISA just try to find the quickest way to get to the servers reply
> back to where it came from?

Correct. That would be the "doing it wrong" way :-). That is why you need
multiple ISAs,...one on each connection,...just like your current gateway
deivces. 3 gateway devices get replaced by 3 ISAs. Obviously very
$$$$$$$$. I'm not telling you to get ISA,..I'm using ISA as an example of
the difference in abilities of a good solid commercial quality product -vs-
the cheap, nearly featureless, abilities of the off the shelf consumer
"home-user" grade of products.

> About how preferable it is to have one faster connection instead of many
> slower one's... that's not a choice in our case.

A Default Path (Default Gateway) is a "bit bucket" for traffic. It is a path
to send traffic when the Destinations is unknown. Unknown means there is no
local specific established route to the destination,...like there would be
for a second subnet on the LAN. Therefore by definition & logic there can
only be one "I don't know what to do with it so I will throw it here" type
of path.

The short of it is that one fast path "works" because it fits the way TCP/IP
was natively designed to route. Multiple slower pathes don't work because
the TCP/IP's native routing design doesn't know what to do with them. The
multiple-WAN port devices you mentioned below over come that by operating
and making decisions "above" TCP/IP but they have their limitations.

> The company is located in a remote industrial area where ISPs can't get
> download speeds beyond 1-2 mbps. To make up for all the download and
> upload throughput we need, we have no other choice but to try to take
> advantage of many slower connections.
>
> I'm now starting to check out some multi-wan routers which should solve my
> problem but if anyone can give me any more ideas on how to solve this with
> a software solution, I'd be grateful.

Those will load balance the connection but they will not let you use certain
connections for certain things. They simply "merge" the connections into one
logical connection. They are limited to 2 connections,..I have not heard of
any that do more. So get the two fastest connections you can get and drop
the rest. These devices may not work well in all situations with all
senarios you might come up with, you will just have to accept the fact that
you may have limitations,...but with that said one of these duel-WAN port
devices is probably you best bet for a low price.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------

Thanks for the explanation on the ISA servers but would it work because
there would be an established connection between the client and ISA and
another one between ISA and the server? Is this the logic behind this?

As you guessed, this would be far too expensive for this experience.

About our many slow connections, well, we simply have to deal with that
wether we want it or not. We already use them to split the traffic of many
vpns to our remote stores, now I'm just trying to figure out how to split
traffic for other services outside our vpns.

About the multi-wan router. The one that caught my eye is indeed a
triple-wan router. That's why I talked about 3 connections to the internet,
it's just an example since we actually have more than that.

It's this: http://www.peplink.com/products/balance-380/


"Phillip Windell" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
> "Sergio Henrique" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> But would an ISA Server with that setting on, solve my problem?
>
> If you did it right, yes. If you did it wrong, no.
>
>> Would ISA keep track of the route the source took to get there in the
>> first place?
>
> No. It is irrelevant. Routes are determined by the destination something
> is going to "now",...not the source it came from "last time".
>
>> Wouldn't ISA just try to find the quickest way to get to the servers
>> reply back to where it came from?
>
> Correct. That would be the "doing it wrong" way :-). That is why you
> need multiple ISAs,...one on each connection,...just like your current
> gateway deivces. 3 gateway devices get replaced by 3 ISAs. Obviously
> very $$$$$$$$. I'm not telling you to get ISA,..I'm using ISA as an
> example of the difference in abilities of a good solid commercial quality
> product -vs- the cheap, nearly featureless, abilities of the off the shelf
> consumer "home-user" grade of products.
>
>> About how preferable it is to have one faster connection instead of many
>> slower one's... that's not a choice in our case.
>
> A Default Path (Default Gateway) is a "bit bucket" for traffic. It is a
> path to send traffic when the Destinations is unknown. Unknown means
> there is no local specific established route to the destination,...like
> there would be for a second subnet on the LAN. Therefore by definition &
> logic there can only be one "I don't know what to do with it so I will
> throw it here" type of path.
>
> The short of it is that one fast path "works" because it fits the way
> TCP/IP was natively designed to route. Multiple slower pathes don't work
> because the TCP/IP's native routing design doesn't know what to do with
> them. The multiple-WAN port devices you mentioned below over come that by
> operating and making decisions "above" TCP/IP but they have their
> limitations.
>
>> The company is located in a remote industrial area where ISPs can't get
>> download speeds beyond 1-2 mbps. To make up for all the download and
>> upload throughput we need, we have no other choice but to try to take
>> advantage of many slower connections.
>>
>> I'm now starting to check out some multi-wan routers which should solve
>> my problem but if anyone can give me any more ideas on how to solve this
>> with a software solution, I'd be grateful.
>
> Those will load balance the connection but they will not let you use
> certain connections for certain things. They simply "merge" the
> connections into one logical connection. They are limited to 2
> connections,..I have not heard of any that do more. So get the two fastest
> connections you can get and drop the rest. These devices may not work
> well in all situations with all senarios you might come up with, you will
> just have to accept the fact that you may have limitations,...but with
> that said one of these duel-WAN port devices is probably you best bet for
> a low price.
>
> --
> Phillip Windell
> www.wandtv.com
>
> The views expressed, are my own and not those of my employer, or
> Microsoft,
> or anyone else associated with me, including my cats.
> -----------------------------------------------------
>
>