ColdFusion Muse

Dual NIC - Dual Gateway Issue on Windows 2000

Mark Kruger November 4, 2005 7:04 PM Hosting and Networking Comments (0)

Here's a tip on a windows 2000 box. If you have 2 NICs connected to the same subnet using NAT with static IPs but you are using 2 separate gateways you may suffer from periodic outages of 80 to 180 seconds. In a network I recently worked on, there was a machine that handled static mappings for 2 sets of IPs routed through 2 separate PIX using static mappings and NAT. In this scenario the PIX is the gateway. So NIC 1 with address 192.168.0.8 was setup with gateway 192.168.0.1 and NIC 2 with IP 192.168.0.9 was set up with gateway 192.168.0.2 - both gateway metrics set to 1.

Remember, the nature of IP is that there are many routes to get to the same address. It is not point to point. A packet gets fired into the net and "finds it's way" - kind of like those fragile little sea turtles who have to find their way into the ocean before they get picked off by a sea gull. So what happens when a NIC doesn't find the gateway in a timely (few millisecond) manner? If there is another gateway installed on the machine it will attempt to use this alternative route.

The problem is NAT. There is a static mapping on PIX A for the ip address 192.168.8 that matches some outside routable "real" internet address. The PIX actually "tags" packets and knows where to send them to and from. When that alternate gateway is attempted the tagging becomes a mismatch. This has the effect of causing the server to "hang" - at least in regard to network packets on that specific NIC, while it waits for packets it "knows" it sent successfully. At some point it recycles (about 80 seconds in our scenario) and starts using the right gateway again.

In Linux I could bind the IP to a specific gateway, but windows is more "helpful" than that. It's determined to get that sea turtle to the sea - even if it has to go through that other gateway to do it. I could find now way to bind the NIC specifically to the gateway - although it is possible to adjust the order using metrics. My only option was to remove one of the gateways - not the best choice because the gateways control external subnets of Internet IPs. I'm next going to try adding a static mapping for the ip to the alternate gateway - so they would both have the same static Map. I think that will do the trick.

  • Share:

0 Comments

Google Search
Google
Subscribe
Enter your email address to subscribe to this blog.
Recent Comments
  • Remembering Wil Genovese
    Mary Jo said: Wil's presence here will be sorely missed. We became good friends over the years and I will miss our... [More]
  • Remembering Wil Genovese
    charlie arehart said: Very sad news, and a real loss for the CF community which was blessed with so much of his knowledge ... [More]
  • Remembering Wil Genovese
    Mark A Kruger said: @Mike, Ha - yes! He was always a hoot at staff meetings. :) To be clear to the rest of the world ... [More]
  • Remembering Wil Genovese
    Mike Letson said: On several occasions, Will led me through deep technical waters that enabled me to serve my clients ... [More]
  • Remembering Wil Genovese
    Russ said: Rest in Peace man, my condolences to the family. Cancer seems to kill so many people now. :-( Both ... [More]
Archives By Subject
Twitter
    Facebook
    Aggregators


    Subscribe in NewsGator Online

    Add to Google
    RSS