Question about router/gateway setting in a DHCP scenario

[andrew2000]

Hey All,
I have a rather interesting problem on a network involving the DHCP configuration, specifically to the Gateway\Router setting (Windows 2000 Server).

Here is my setup:
Windows 2000 Server running DHCP, DNS, etc.
Single-homed, with a routeable IP.

1 DHCP scope, all internal non-routeable IP's
This scope is set to use the routeable IP from the
server as the gateway for all the clients.

****
So on to the problem, all of my 40 Windows XP clients have no problem pinging the server/gateway (external/routeable IP), but my one Windows NT client can't, returning the error "Destination Host Unreachable" when I try to ping the server.

I have poured over all of the TCP/IP settings on the NT box, but can't figure out why it can't ping the server. It can ping machines on the DHCP scope fine.

What is even more confusing, is that the XP boxes CAN ping the server. I don't understand how they can ping the address of the gateway seeing as they are on a different subnetwork and the server is not dual-homed.

I'm planning to ask our CISCO guy, but he is not around right now.

Does anyone have any ideas? More specifically, does anyone know why given the same DHCP setup the XP boxes can ping the server but the NT box can't? Makes no sense to me. It would make more sense to me if neither the XP boxes or the NT box could ping it seeing as it is not dual-homed.

Thanks!
Drew

 

[pgerth]

Something is missing here, you say the server only has a single network card and only one IP address but that address is on the outside network? You also mention a cisco tech, is there a cisco router or routing switch involved? If I do an ASCII drawing does it look like this

| |--Server
XP WS----[Router]--|
|
NT WS--|

If your DHCP config is handing out Servers IP address as the gateway then your setup is wrong. You should be handing out Routers IP on the workstations side as the gateway . Server will also need a route back to WS. There is a possible , is Router a Windows box running ICS? NT is working the way ists supposed to , it can't use Server as a gateway as its on another network and it cant get there without getting through Router.

 

[andrew2000]

Yeah you are right, I screwed up when I typed up that part about handing out the server handing out it IP as the gateway. It actually does hand out the routers IP address as the gateway, which is also on the outside network. Sorry, the wife was asking me to do something while I was typing that part.

Here is what it looks like:

(Outside world)
|
Router (external IP x.x.x.2)
|
Switch
|
Core Switch
| | |-Switch-XP's on floor 1 (int. IP's from server)
| |-Switch-XP's on floor 2 and NT sys(int. IP's )
|
Switch
|
Server (one nic-- external IP x.x.x.30)

*****
Sorry if the switch diagram is super complicated. There are actually lots of other servers patched into various switches but I tried to simplify it. Basically we have 3 floors. The server is on one floor and it is patched into one switch, which is in turn patched into the core switch. The workstations are on 2 other floors, each floor with it's own switch, each of which are patched into the core switch. The router is a firewall patched into yet another switch which is patched into the core switch.

Before we get too deep into the switch stuff, I wanted to rehash the basics:

1. The windows XP systems on both floors can ping the server and gateway just fine.
2. The windows NT system can ping the XP systems (same IP range) but can ping neither the server or the gateway.

On Monday I'll go double check that I put the correct gateway in the NT box, I won't rule out human error. It still should be geting the gateway info from DHCP, but in troubleshooting I set the gateway manually on the NT box.

Thanks!
Drew

 

[andrew2000]

One more thing--you mentioned the server's route back to the workstations. I believe, but don't know for a fact, that the CISCO tech has VLAN's setup and that in that setup somewhere he has a route back to the workstations setup.

What floors me is that everything is working fine for the XP systems, but an NT system on the same subnet (and assigned an IP from the same DHCP server) can't ping the very server from which it got it's IP.

Much thanks--and Happy New Year,
Drew

 

[pgerth]

Andrew, VLANs can confuse the issue. If the server in the bottom of your pic has an outside address then its possible its on a seperate VLAN , possibly a DMZ. There may also be access lists involved that would restrict access to certain resources. Your NT box could be on a different VLAN to your XP boxes with routing between them taking place back at the router or in the switch if it has routing capability . On the NT box and some XP boxes do an Ipconfig /all , are they all on the same subnets, check the masks and addresses to be sure. Do a tracert between them, do the same from them to the server/gateway. BTW can you ping the Internet from all the boxes? Try ping

http://www.novell.com,

it always works<g>.