IP Routing and the gateways

[Twister]

Hello!
I'm trying this forum for the first time. I am having a problem with the IP routing which I have configured. The situation is that I have two B-class networks combined with an NT server router (multi-homed). Both networks have the appropriate gateways defined i.e the NICs of the IP router. The router is working fine, the problem lies with some of the NT server computers on one network. The gateway configured on these servers doesn't respond. If I set a gateway one day it works that day but the next day it stops responding. IP is configured properly and they have service pack 5 installed. I have tried to eliminate the root of the problem and everything points to the two mission critical servers, one is mail and the other is proxy server. All other systems mostly Win98 on the network work fine. It seems strange but there definitely is a problem with gateway on the NT servers. I have racked my mind for more than three days but nothing has worked yet. If anyone has a clue to this mystery please let me know. Thanx!

 

[sladd]

Not sure if this will help but I will give you a little brain storm. The fact that only the NT servers are experiencing trouble definitely points to a name resolution problem. Are you running Wins? If not you may want to add entries on each NT Server in the LMHOSTS file for each computer on a different subnet. When the servers are experiencing problems are they able to ping the remote subnet? Ping each side of the gateway and then ping the remote subnet. If all pings are successful then you are probably dealing with a name resolution problem which may be (inefficiently) corrected in the manner above. If you any of the pings are unsuccessful you will probably want to review your TCP settings - perhaps the subnet mask?

 

[MaestroG]

Yep, I'm with sladd, but I'll add that you should be scouring the Event Viewer logs (System and Application) for clues to your sudden loss of connectivity. Also, I don't know of any reason not to upgrade to SP6a. MS came out with SP6 real fast because SP5 still didn't fix the TCP/IP Stack flaws from SP4 and then they quickly fixed another problem and released SP6a. It's been out a while and I have been using and/or upgrading to it for about a year now without BSODs or weird issues. Most of the time it is wise to only install any MS Service Packs or Service Releases when you are having problems. But, with SP6a, the corrections and fixes outweigh any reason to wait. In your case, I think both apply...you are having a (probably) TCP/IP related problem and you are only at SP5.

Anyway, make forsure your IP settings on this (these) server(s) are exactly what you think they are by running "ipconfig.exe /all" from the command prompt when this occurs. Then if all of them are correct, narrow down what type of problem you are having...name resolution...loss of IP connectivity...etc (use ping), and reply to the post so we can help you out further.

Good Luck and have fun!

MaestroG B-)

 

[onslaw]

Is the multi-home NT server the gateway for your entire network? default router for the network...

If yes, it should only have one "default" gateway. All other network paths should be code with the "route add/change ...." command.

This would effectively create a routing table for this multi-home server (router) with one "default" gateway. The one "default" gateway is used only when there is no route specify in the server's routing table, or "no route to host".

Hope this helps!

 

[Twister]

Hi,
Its not a name resolution problem as when I say the servers don’t respond I mean they don’t ping remote subnet or reply to a ping from the far side. I understand that if pinging with IP address doesn’t work nothing will and no communication will take place as the systems on one subnet CANNOT SEE the remote server. WINS is enabled but it’s definitely not a name resolution case as I specify IP address of the mail server for client mail configuration on the remote subnet. There isn’t anything in the System or Application logs relating to this issue. The idea of upgrading to SP6a has weight but can you guarantee that it will solve the problem MaestroG? I have some applications running on the network which are not tested on SP6a. So it might take some time. Answering Onslaw, yes the multihomed server is gateway to the entire network. And I don’t need to add routes as there are only two subnets (actually two B class networks) connected by this multihomed system, whose two NICs are default gateways to the coressponding subnets.

Let me give more details of the problem. Two domains with no trust connected with IP router. The NICs of the router have the configuration given below:
NIC A:
IP address: 192.167.2.71
Subnet Mask: 255.255.0.0
Default Gateway: 192.160.1.90
NIC B:
IP address: 192.160.1.90
Subnet Mask: 255.255.0.0
Default Gateway: 192.167.2.71

The configuration of the both networks is:
Connecting to NIC A:
IP address range: 192.167.2.0 –192.167.2.254
Subnet Mask: 255.255.0.0
Default Gateway: 192.167.2.71
Connecting to NIC B:
IP address range: 192.160.1.0 –192.160.1.254
Subnet Mask: 255.255.0.0
Default Gateway: 192.160.1.90
Now the problem once again. All the Win98 systems ping successfully each other, but not the remote NT servers. Its seems that the IP address of the gateway entered on the NT servers doesn’t work, like it doesn’t exist. If I re-apply the IP address of the gateway on the NT servers they start pinging and replying. But after sometime or if the server is restarted the gateway seems to be dead and the server doesn’t respond (ping). Ipconfig.exe gives the desired configuration i.e. the one that’s set on the server. I think SP6a might resolve the issue but I wonder how people worked there way around before the release of SP5 or SP6 etc.Hope it clears the picture a bit. Thanx!

 

[MaestroG]

OK, I can't guarantee SP6a will not create problem issues with applications that aren't tested with it. BUT, here's something you can try since you are able to try things.

In a Multihomed configuration I once setup which sounds exactly like yours, I had a problem routing the Class B subnets through the NT Server. I had two NIC's installed and each had it's appropriate IP and a router on each subnet as that subnet's default gateway, only the routers weren't in place for my LAN, only FrameRelay connectivity to remote hosts. So, the NT Server, with IP Forwarding, was routing for the two subnets, but the default gateways for each NIC and each workstation was not the server (this is the only difference in my experience and your setup).

What I had to do was set the subnet mask on each NIC in the routing server to Class C (255.255.255.0) even though each subnet was actually a Class B. When I did, each machine on either subnet could see each other.

Maybe you could try this. Can't explain it any deeper other than that did it for me on the NT 4.0 Server I was MultiHoming and using as a router between two subnets.

Let us know what you think and/or try.

MaestroG

 

[MaestroG]

BTW, your IP range is not Class B range. 192.167.2.x is a Class C network address (255.255.255.0). Maybe this is something to investigate! I'll do a lookup on IP addresses and report exact info here (otherwise I'd pull it out of my picture perfect memory...he he...and type it in.).

BRB...

MaestroG

 

[MaestroG]

This is straight out of anIP Address Subnetting Tutorial (

http://www.ralphb.net/IPSubnet/)

which is great easily written info:

Address Classes
There are 5 different address classes. You can determine which class any IP address is in by examining the first 4 bits of the IP address.
Class A addresses begin with 0xxx, or 1 to 126 decimal.
Class B addresses begin with 10xx, or 128 to 191 decimal.
Class C addresses begin with 110x, or 192 to 223 decimal.
Class D addresses begin with 1110, or 224 to 239 decimal.
Class E addresses begin with 1111, or 240 to 254 decimal.
Addresses beginning with 01111111, or 127 decimal, are reserved for loopback and for internal testing on a local machine. [You can test this: you should always be able to ping 127.0.0.1, which points to yourself] Class D addresses are reserved for multicasting. Class E addresses are reserved for future use. They should not be used for host addresses.

Now we can see how the Class determines, by default, which part of the IP address belongs to the network (N) and which part belongs to the node .


Class A -- NNNNNNNN.nnnnnnnn.nnnnnnn.nnnnnnn
Class B -- NNNNNNNN.NNNNNNNN.nnnnnnnn.nnnnnnnn
Class C -- NNNNNNNN.NNNNNNNN.NNNNNNNN.nnnnnnnn
In the example, 140.179.220.200 is a Class B address so by default the Network part of the address (also known as the Network Address) is defined by the first two octets (140.179.x.x) and the node part is defined by the last 2 octets (x.x.220.200).

In order to specify the network address for a given IP address, the node section is set to all "0"s. In our example, 140.179.0.0 specifies the network address for 140.179.220.200. When the node section is set to all "1"s, it specifies a broadcast that is sent to all hosts on the network. 140.179.255.255 specifies the example broadcast address. Note that this is true regardless of the length of the node section.

*Cisco explains IP Addressing well:

http://www.cisco.com/warp/public/701/3.html

*You can also read at this site, but it is heavier reading:

http://www.3com.com/nsc/501302.html

*You can try to make sense of Microsoft's explaination Creating an IP Subnetting Table at:

http://www.microsoft.com/technet/training/tcpip8bt.asp

*This guy does a good job too:

http://www.hildrum.com/IPSubnets.htm

Good luck! Write back and let us know how it's going.
MaestroG B-)

 

[kjonnnnn]

192 is CLass C.

Maybe im a newbie, but each card is naming the other card as its gateway....? Is that right?

 

[MaestroG]

Good observation, kjohnnnnn...the default gateway has to be on the same subnet as the IP...the default gateway tells the computer what IP to use to get out of it's subnet to see others.

So, that's another change you can try...change to this:

NIC A:
IP address: 192.167.2.71
Subnet Mask: 255.255.0.0 (and try 255.255.255.0)
Default Gateway: 192.167.2.71
NIC B:
IP address: 192.160.1.90
Subnet Mask: 255.255.0.0 (and try 255.255.255.0)
Default Gateway: 192.160.1.90

The configuration of the both networks is:
Connecting to NIC A:
IP address range: 192.167.2.0 –192.167.2.254
Subnet Mask: 255.255.0.0
Default Gateway: 192.167.2.71
Connecting to NIC B:
IP address range: 192.160.1.0 –192.160.1.254
Subnet Mask: 255.255.0.0
Default Gateway: 192.160.1.90

MaestroG

 

[MaestroG]

Sorry to beat this thread to death, but I wanted to say, if you can see (ping) both subnets from the Multihomed server, you've got it licked. Your network is configured correctly...the problem is at the server. If you get the NIC's settings right, you'll be able to ping both sides. Then, since your network is setup right already, everyone should be able to talk with IP. There are other issues with WINS and DHCP and DNS if you wish to also have name resolution for both, between both that we haven't even touched on. All this is just IP right now.

If you can't tell, I'm enjoying this way tooooo much!!!

Time to take a lunch break!

 

[Twister]

WOW! MaestroG you are great. Thanks for all these insightful tips and links but I think I know all I need to know about classes, subnetting and routing. One important thing which I should have mentioned a lot earlier is that all the IP addresses and the subnet masks are real except the network ID. Replace 192.160 and 192.167 with any B class ID, like 131.107 and you wouldn't drift from the line. My network IDs are definitely class B, believe me and pardon me.

Now latest update on the problem. Two NT servers with SP5 don't respond and the servers with SP4 have no problem in replying to pings. Every morning I "Refresh" the IP address of the gateway on the NT servers with SP5. They do fine on that day but the next morning they are dead again. That's been the early morning drill for me for a few days now. But you see re-applying the IP addresses on servers every day is no solution at all. I'm considering upgrading all the servers to SP6a but it might take some time. In my view the root of the problem lies somewhere in SP5. If any of you guys has time and energy to emulate this scenario on your network but that can confirm the cause of the problem.

And MaestroG, I salute your serious-minded approach to troubleshooting. Though the idea of having C class subnet mask of the IP router of two B class networks doesn't impress me, I'll try it after the weekend.

 

[Twister]

WOW! MaestroG you are great. Thanks for all these insightful tips and links but I think I know all I need to know about classes, subnetting and routing. One important thing which I should have mentioned a lot earlier is that all the IP addresses and the subnet masks are real except the network ID. Replace 192.160 and 192.167 with any B class ID, like 131.107 and you wouldn't drift from the line. My network IDs are definitely class B, believe me and pardon me.

And now the latest update on the problem. Two NT servers with SP5 don't respond and the servers with SP4 have no problem in replying to pings. Every morning I "Refresh" the IP address of the gateway on the NT servers with SP5. They do fine on that day but the next morning they are dead again. That's been the early morning drill for me for a few days now. But you see re-applying the IP addresses on servers every day is no solution at all. I'm considering upgrading all the servers to SP6a but it might take some time. In my view the root of the problem lies somewhere in SP5. If any of you guys has time and energy to emulate this scenario on your network but that can confirm the cause of the problem.

And MaestroG, I salute your serious-minded approach to troubleshooting. Though the idea of having C class subnet mask of the IP router of two B class networks doesn't impress me, I'll try it after the weekend.

 

[jayr0]

I am going through a similar situation on my network except we are not using a multihome box. We adding another segment to the network (switching from class b to class A addresses due to expansion) & the boxes on the class A subnet cannot talk to the class b subnet & so forth. This has been outstanding for about a week or so where we couldn't ping or see several servers although they appeared in network neighbhorhood. In our case we closed all the ports on the on the cisco router except port 137-138 & later found that it would be better if we setup a wins server on the new subnet. Now I know my problem is different but maybe this info can help.

 

[Twister]

As I said, I'll do what MaestroG suggested, trying C Class subnet mask on a B Class network and it worked! I'm amazed. But. It doesn't solve my problem. The two NT servers with SP5 aren't talking, ahh.... B-(

The second thing which I've tried, inter alia, is that I removed the gateway of the second NIC of the IP router, which I set to the IP address of the first NIC. IP router keeps working but the two NT servers are unbending.

Another thing which I tried is that I've installed SP5 on all the servers on both sides of the router. My vender told me that there should be uniformity between all the MS products so as to get them working. And I agreed with him.

The next thing which I'll try is that I'll install the SP6a on all the servers without much consideration. But. A notion pricks my mind:what if SP6a doesn't resolve the issue?...

Any remote possiblities, ideas, clues, hints, tips-off, whatever anyone can throw in, are badly needed.

Tired Twister %-(

 

[wybnormal]

I will add just a couple of notes. If you have two NICs of the same brand/type.. change one out to a different type of card. Sounds strange but it has fix 3 multihomed servers I have. Apparently the issue lays in the driver of the NIC and NT not really expecting TWO of the same NICS/Drivers acting as a router. I had the same issues and it fixed it.

Good luck!

Mike S
"Diplomacy; the art of saying 'nice doggie' till you can find a rock" Wynn Catlin

 

[Twister]

Mike,
I'm using two different NICs, one from Intel and the other is from Acer. Besides, the IP router is working fine, it's just two NT servers with SP5 which do not regularly ping (talk).

One interesting thing which I discovered last weekend is that Ipconfig /all gives contradicting results. When I enter the gateway on the NT servers and check Ipconfig it gives the expected results. But when the same servers are not reponding and I check Ipconfig, it shows the gateway entered to be the gateway of PPP NdisWan adapter. I have checked the registry for the gateway of the server's NIC and it's pretty fine. I don't see anything troublesome in the parameters of TCP/IP in the registry, bound to the NIC of the server.

As far as the PPP NdisWan adapter is concerned, frankly I have very little knowledge about them. all I know is that we need them for RAS. Any ideas, Mike.

 

[wybnormal]

Here is an interesting thread I found over at Win2K Mag--
::Snip::
Now--and here's the strange part--I set the Default Gateway to all blanks. Instead of "0.0.0.0," I put a blank into each field. I don't know why this works, but I know that it does. In fact, it seems to be essential to the recipe. I haven't found a way to route packets via NT without it. ::Snip::

whole article at :

http://www.win2000mag.com/Articles/Index.cfm?ArticleID=2465&pg=2

Not sure if it's "fix" but it's interesting reading.

Mike S
"Diplomacy; the art of saying 'nice doggie' till you can find a rock" Wynn Catlin

 

[fgbartlett]

"If I set a gateway one day it works that day but the next day it stops responding. "

If you set the gateway one day, then artificially jack the clock to 2 minutes before midnight, then the date rolls over, does it break after the date rollover?

If so...it sounds very similar to a cache problem I once bumped into, but I'm assuming you are already totally shutting down and rebooting after the network configuration change under NT 4, so the configuration changes _should_ stick. NT resets some configuration info at midnight; if it is cached and the registry is not updated, the previous registry info is used, resulting in..."If I set X one day it works that day but the next day it stops working."

If it works up until you artifically jack the clock, and it breaks immediately the 'next' artifical day, then I would suspect some kind of cache issue, but haven't a clue what it would be. Good luck.

regards,
Fred