How to switch between two network paths?

[Guest]

Ok, this has me stumped...

We have two computers located in different locations. Each has two NICs, and both are running Windows 2000 Pro.

Machine 1:
NIC 1:
192.168.220.237 IP Address
192.168.220.213 Default gateway
255.255.255.0 Subnet mask
NIC 2:
192.168.1.2 IP Address
no default gateway

Machine 2:
NIC 1:
192.168.38.85 IP Address
192.168.38.81 Default gateway
255.255.255.248 Subnet mask
NIC 2:
192.168.1.1 IP address
no default gateway

Machine 1 and 2 are connected through two different paths:

Path 1: From NIC 1 on Machine 1, into our 192.168.220.0 network at the location where Machine 1 is located, through the gateway (192.168.220.213), routed into a VPN tunnel, out through the Internet, and back to a VPN appliance at Location 2, and into their 192.168.38.80 network, and then into NIC 1 on Machine 2.

Path 2: From NIC 2 on Machine 1, into a microwave T-1 link, and into NIC 2 on Machine 2.

Both paths work on their own, as tested by turning off one path at a time and doing pings over the remaining path.

An application runs on Machine 1 that can point to just one of the IP addresses of Machine 2 (unless we reconfigure it, which we don't want to do). We want to point to 192.168.38.85. This will allow packets to go through the VPN tunnel to Location 2 and Machine 2.

However, it turns out that this path (the VPN) experiences a lot of latency, and causes the application to get upset. We can change to the microwave path, but we'd still like to maintain the VPN as a backup.

Here's the problem: we'd like to have the machines talk to each other at one IP address, but through two different paths based on whichever is the better (and working) path at the moment. This sounds like a job for static routes and appropriate metrics, but I'm having difficulty getting it to work as we want.

I tried adding the following route to Machine 1:
route add 192.168.38.80 mask 255.255.255.248 192.168.1.1 -p

And this route to Machine 2:
route add 192.168.220.0 mask 255.255.254.0 192.168.1.1 -p

I checked the routing tables on both machines after I entered them, and they were in there correctly.

Then I set the metric for the default gateways of both Machines (these are the routes for the VPN) to "2" in order to force it to be the backup.

But this only gets me one of the paths, and it doesn't switch when the path dies (we're trying by pulling the Ethernet cable from the back of NIC 2 on Machine 1).

The effort is to let the application use 192.168.38.85 as the address of Machine 2, and route through NIC 2 on Machine 2 to get to that address. The routing seems to work, but I can't get anything to then go through the VPN connection.

Is this possible? If so, what are we doing wrong? If this isn't possible this way, what other options might there be for auto-switching between two paths?

Thanks much.

Pat Furrie

 

[Gary Fose [MSFT]]

Hi Pat,

Add a persistent route in the routing tables of the machines for the others respective networks
without gateways. The VPN tunnel actually creates another gateway, so that may be what is
causing your issue. Adding a persistent route to the routing table will allow the trafic to get form
point A to B with everything connected.

Hope this helps,
Gary
--------------------
'--'Thread-Topic: How to switch between two network paths?
'--'thread-index: AcQCRw1CjdfMcfRyTC2nW3T3XWjHng==
'--'X-Tomcat-NG: microsoft.public.win2000.networking
'--'From: "=?Utf-8?B?UGF0IEZ1cnJpZQ==?=" <[email protected]>
'--'Subject: How to switch between two network paths?
'--'Date: Thu, 4 Mar 2004 16:16:06 -0800
'--'Lines: 55
'--'Message-ID: <[email protected]>
'--'MIME-Version: 1.0
'--'Content-Type: text/plain;
'--' charset="Utf-8"
'--'Content-Transfer-Encoding: 7bit
'--'X-Newsreader: Microsoft CDO for Windows 2000
'--'Content-Class: urn:content-classes:message
'--'Importance: normal
'--'Priority: normal
'--'X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
'--'Newsgroups: microsoft.public.win2000.networking
'--'Path: cpmsftngxa06.phx.gbl
'--'Xref: cpmsftngxa06.phx.gbl microsoft.public.win2000.networking:57285
'--'NNTP-Posting-Host: tk2msftcmty1.phx.gbl 10.40.1.180
'--'X-Tomcat-NG: microsoft.public.win2000.networking
'--'
'--'Ok, this has me stumped..



We have two computers located in different locations. Each has two NICs, and both are
running Windows 2000 Pro



Machine 1

NIC 1

192.168.220.237 IP Addres

192.168.220.213 Default gatewa

255.255.255.0 Subnet mas

NIC 2

192.168.1.2 IP Addres

no default gatewa



Machine 2

NIC 1

192.168.38.85 IP Addres

192.168.38.81 Default gatewa

255.255.255.248 Subnet mas

NIC 2

192.168.1.1 IP addres

no default gatewa



Machine 1 and 2 are connected through two different paths



Path 1: From NIC 1 on Machine 1, into our 192.168.220.0 network at the location where
Machine 1 is located, through the gateway (192.168.220.213), routed into a VPN tunnel, out
through the Internet, and back to a VPN appliance at Location 2, and into their 192.168.38.80
network, and then into NIC 1 on Machine 2



Path 2: From NIC 2 on Machine 1, into a microwave T-1 link, and into NIC 2 on Machine 2



Both paths work on their own, as tested by turning off one path at a time and doing pings over
the remaining path



An application runs on Machine 1 that can point to just one of the IP addresses of Machine 2
(unless we reconfigure it, which we don't want to do). We want to point to 192.168.38.85. This
will allow packets to go through the VPN tunnel to Location 2 and Machine 2.



However, it turns out that this path (the VPN) experiences a lot of latency, and causes the
application to get upset. We can change to the microwave path, but we'd still like to maintain
the VPN as a backup



Here's the problem: we'd like to have the machines talk to each other at one IP address, but
through two different paths based on whichever is the better (and working) path at the moment.
This sounds like a job for static routes and appropriate metrics, but I'm having difficulty getting
it to work as we want



I tried adding the following route to Machine 1

route add 192.168.38.80 mask 255.255.255.248 192.168.1.1 -



And this route to Machine 2

route add 192.168.220.0 mask 255.255.254.0 192.168.1.1 -



I checked the routing tables on both machines after I entered them, and they were in there
correctly



Then I set the metric for the default gateways of both Machines (these are the routes for the
VPN) to "2" in order to force it to be the backup



But this only gets me one of the paths, and it doesn't switch when the path dies (we're trying by
pulling the Ethernet cable from the back of NIC 2 on Machine 1)



The effort is to let the application use 192.168.38.85 as the address of Machine 2, and route
through NIC 2 on Machine 2 to get to that address. The routing seems to work, but I can't get
anything to then go through the VPN connection.



Is this possible? If so, what are we doing wrong? If this isn't possible this way, what other
options might there be for auto-switching between two paths?



Thanks much.



Pat Furrie
'--'


This posting is provided "AS IS" with no warranties, and confers no rights. Use of included
script samples are subject to the terms specified at http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best
directed to the newsgroup/thread from which they originated.

 

[Guest]

Gary

In my post, I showed that I did add persistent routes, but that it didn't work. I'm a bit confused about the VPN being "another gateway". I did get traffic going from one network to the other, but not auto-switching to the other path if the first went down, and vice-versa. I think this is a point of getting the *right* persistent route, as well as understanding what makes the route switching in Windows happen (what are the conditions? Is it just getting the packet to the next step up the chain, or is it about getting the packets to the destination?

Pa

----- Gary Fose [MSFT] wrote: ----

Hi Pat

Add a persistent route in the routing tables of the machines for the others respective networks
without gateways. The VPN tunnel actually creates another gateway, so that may be what is
causing your issue. Adding a persistent route to the routing table will allow the trafic to get form
point A to B with everything connected

Hope this helps
Gar
-------------------
'--'Thread-Topic: How to switch between two network paths
'--'thread-index: AcQCRw1CjdfMcfRyTC2nW3T3XWjHng=
'--'X-Tomcat-NG: microsoft.public.win2000.networkin
'--'From: "=?Utf-8?B?UGF0IEZ1cnJpZQ==?=" <[email protected]
'--'Subject: How to switch between two network paths
'--'Date: Thu, 4 Mar 2004 16:16:06 -080
'--'Lines: 5
'--'Message-ID: <[email protected]
'--'MIME-Version: 1.
'--'Content-Type: text/plain
'--' charset="Utf-8
'--'Content-Transfer-Encoding: 7bi
'--'X-Newsreader: Microsoft CDO for Windows 200
'--'Content-Class: urn:content-classes:messag
'--'Importance: norma
'--'Priority: norma
'--'X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.
'--'Newsgroups: microsoft.public.win2000.networkin
'--'Path: cpmsftngxa06.phx.gb
'--'Xref: cpmsftngxa06.phx.gbl microsoft.public.win2000.networking:5728
'--'NNTP-Posting-Host: tk2msftcmty1.phx.gbl 10.40.1.18
'--'X-Tomcat-NG: microsoft.public.win2000.networkin
'--
'--'Ok, this has me stumped..



We have two computers located in different locations. Each has two NICs, and both are
running Windows 2000 Pro



Machine 1

NIC 1

192.168.220.237 IP Addres

192.168.220.213 Default gatewa

255.255.255.0 Subnet mas

NIC 2

192.168.1.2 IP Addres

no default gatewa



Machine 2

NIC 1

192.168.38.85 IP Addres

192.168.38.81 Default gatewa

255.255.255.248 Subnet mas

NIC 2

192.168.1.1 IP addres

no default gatewa



Machine 1 and 2 are connected through two different paths



Path 1: From NIC 1 on Machine 1, into our 192.168.220.0 network at the location where
Machine 1 is located, through the gateway (192.168.220.213), routed into a VPN tunnel, out
through the Internet, and back to a VPN appliance at Location 2, and into their 192.168.38.80
network, and then into NIC 1 on Machine 2



Path 2: From NIC 2 on Machine 1, into a microwave T-1 link, and into NIC 2 on Machine 2



Both paths work on their own, as tested by turning off one path at a time and doing pings over
the remaining path



An application runs on Machine 1 that can point to just one of the IP addresses of Machine 2
(unless we reconfigure it, which we don't want to do). We want to point to 192.168.38.85. This
will allow packets to go through the VPN tunnel to Location 2 and Machine 2.



However, it turns out that this path (the VPN) experiences a lot of latency, and causes the
application to get upset. We can change to the microwave path, but we'd still like to maintain
the VPN as a backup.



Here's the problem: we'd like to have the machines talk to each other at one IP address, but
through two different paths based on whichever is the better (and working) path at the moment.
This sounds like a job for static routes and appropriate metrics, but I'm having difficulty getting
it to work as we want.



I tried adding the following route to Machine 1:

route add 192.168.38.80 mask 255.255.255.248 192.168.1.1 -p



And this route to Machine 2:

route add 192.168.220.0 mask 255.255.254.0 192.168.1.1 -p



I checked the routing tables on both machines after I entered them, and they were in there
correctly.



Then I set the metric for the default gateways of both Machines (these are the routes for the
VPN) to "2" in order to force it to be the backup.



But this only gets me one of the paths, and it doesn't switch when the path dies (we're trying by
pulling the Ethernet cable from the back of NIC 2 on Machine 1).



The effort is to let the application use 192.168.38.85 as the address of Machine 2, and route
through NIC 2 on Machine 2 to get to that address. The routing seems to work, but I can't get
anything to then go through the VPN connection.



Is this possible? If so, what are we doing wrong? If this isn't possible this way, what other
options might there be for auto-switching between two paths?



Thanks much.



Pat Furrie
'--'


This posting is provided "AS IS" with no warranties, and confers no rights. Use of included
script samples are subject to the terms specified at http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best
directed to the newsgroup/thread from which they originated.