Win2k detectdeadgateway ... but not really dead ..

[gvandelaer]

Hy all,

I've set up RRAS for Win2k clients with fixed IP's (192.168.0.0/24),
The clients don't have RAS-server as "default gw", because I don't
wan't them to surf via internal proxy when connected via VPN.

Now I have a second internal network (172.16.0.0/21) in use, and I
want the VPN clients to be able to see this too, without using
RAS-server as "default gw" for the VPN-clients off-course...

So I looked into "detectdeadgateway" and "tcpmaxretransmission" hacks
in registry, but these only skip to second gateway (via metrics) when
the first can not be contacted any more.

I want the Win2k to check via first gateway, if no reply within x
seconds, than use second gateway ... no when trying to contact a
172.16.0.0/21 address, it immediately uses the default gw... (which is
normal behaviuor .. I know), and since the default gw is not dead, it
will not switch back to the 192.168.0.0-gateway...

Is this possible at all in Win2k ? Can I use dhcp to to announce
multiple gateways

thnx,
gert

 

[Curtis Koenig [MSFT]]

Hi Gert,
Dead Gateway Detection (DGD) is a notoriously bad algorithm, in part
because each machine has to discover for itself that the DG has died. It is
a much better model to use RRAS Servers with RIP that announce a route. The
router with the highest priority number that has an available route is the
one that clients will use (so you can force them to one that is technically
not going to the internet). When one fails the other will take over and
when the higher priority one returns they will go back to that route. DGD
does not allow for this nor is it a gracefull failure like what can be
expected by using RIP. You can advertise multiple DG with DHCP but again I
would not advise using DGD as the algorithm is clunky and frought with
problems.
--
Curtis Koenig
Support Professional
Microsoft Clustering Technologies Support
MCSA, MCSE, MCSAS, MCSES, CISSP

This posting is provided "AS IS" with no warranties and confers no rights.
Please reply to the newsgroup so that others may benefit. Thanks!

--------------------

 

[gvandelaer]

Hya Curtis,

I had read some more about DGD features and the docs I found all
confirm my preliminary tests and your comments ...

I am now going to set up a "DHCP Relay Agent" on the RRAS box,
and I will than announce multiple DGW (or static routes) for VPN
clients ...

Are there any caveats to look out for ?

bye,
gert

 

[Curtis Koenig [MSFT]]

Hi Gert,
There are not real gotchas I can think of, however if you are announcing
multiple DGs then you are using DGD and you are going to have the inherent
problems of DGD. I would still strongly suggest that you use RIP to
advertise multiple outbound routes.

--
Curtis Koenig
Support Professional
Microsoft Clustering Technologies Support
MCSA, MCSE, MCSAS, MCSES, CISSP

This posting is provided "AS IS" with no warranties and confers no rights.
Please reply to the newsgroup so that others may benefit. Thanks!

--------------------

 

[gvandelaer]

Hi Gert,
There are not real gotchas I can think of, however if you are announcing
multiple DGs then you are using DGD and you are going to have the inherent
problems of DGD. I would still strongly suggest that you use RIP to
advertise multiple outbound routes.

Hey Curtis,

.... no real gotchas ... apart from the fact that Microsoft
implementation of dhcp (on the client side) does not support "static
route"

So I'll be using RIP than ...(or maybe OSPF), I'll be using zebra on
Linux for that, but i need to do some reading on RIP first, because
it's all a bit new to me ...

Do I need to enable any special service on Win2k for the clients to
receive route announcements via rip or ospf ?

bye,
gert