Multihomed Multi ISP/Internet - packets go out the wrong interface

Discussion in 'Windows Networking' started by Shirkan, Aug 8, 2006.

  1. Shirkan

    Shirkan Guest

    Hi all, i hope someone got some suggestions.
    I have a Server 2003, 2 Network Cards, 2 Networks (10.10.x.x and
    10.4.x.x)
    The 10.10.x.x goes to a router, connected to a DSL Line (whis is also
    the default gateway).
    The 10.4.x.x also goes to a router whis is connected to an E1 Line.

    The Server is running IIS. I am trying to make the website reachable
    from both internet/ISP connections.
    The problem is, if i connect from the E1, the server actually receives
    the traffic, but sends the replies out the wrong interface. Pretty
    stupid, since a packet arriving at one interface, the reply should go
    out (automatically) the same interface.

    Well, its not doing it. It goes in one interface and out the wrong one.

    I know some basic routing, but none like Rip or OSPF. But i also know,
    that Routers or Firewalls like Cisco Pix is not doing things like the
    server does. What goes in one way come out the same way and not
    another.

    Is there a way to fix that issu with Routing and RAS enabled and what
    exactly do i have to configure in order to make that work.

    Or do i have to change things on my IIS settings?

    Any help would greatly be appreciated.
     
    Shirkan, Aug 8, 2006
    #1
    1. Advertisements

  2. Regardless of the number of adapters or default gateways you configure on a
    Windows machine, it will use one and only one such gateway unless and until
    it fails. If traffic received on the 10.4.x.x adapter has a limited number
    of known source IPs or networks, then you could configure static routes
    pointing to the E1 router.

    Doug Sherman
    MCSE, MCSA, MCP+I, MVP
     
    Doug Sherman [MVP], Aug 9, 2006
    #2
    1. Advertisements

  3. Shirkan

    Shirkan Guest


    Yes, thats fine for traffic "source outgoing" but, i have incoming
    traffic from the internet (random ip's) and i want it to send the reply
    packet through the (of course) same NIC - any cheap router does it, so
    should windows
     
    Shirkan, Aug 9, 2006
    #3
  4. Shirkan

    Shirkan Guest

    Basically, once it receives incoming traffic, the roiute "SHOULD" be
    known and the reply 'SHOULD" be sent through the correct interface, and
    not the default gateway since thats the one for "unknown" routes....
     
    Shirkan, Aug 9, 2006
    #4
  5. Shirkan

    Shirkan Guest

    or in other words, if i have 2 NICS on a PIX Firewall, - same situation
    - one default gateway -

    if traffic comes in from one interface, the Pix knows to send the
    replies back through the same interface and NOT thorugh the default
    gateway.
    To my understanding, thats basic routing functionality - but of course
    that may not ne thrue with windows.
    I just wonder, if that can be resolved with OSPF - but i have no idea
    how to configure that and i was trying to avoid having to learn that.

    I can solve that issue with Vlans on my Pix firewall, since it will
    route the way it shoud be, but that would mean at least a day of
    downtime (cost money) and a headache in reconfiguring the Pix (lots of
    acess-list lines and static mapping with vpn)

    So if there is no way to teach windumb how to route correctly i may
    have no other way......

    Thanks anyways to all that replay
     
    Shirkan, Aug 9, 2006
    #5
  6. "so should windows"

    When Windows does not behave the way we wish, we call this a 'feature.'
    With standard routing there is no distinction between an outgoing reply and
    any other out going directed packet. You need dynamic routing or a hardware
    solution to alter this behavior.

    Doug Sherman
    MCSE, MCSA, MCP+I, MVP
     
    Doug Sherman [MVP], Aug 10, 2006
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.