Dead Gatway detection

Jeremy · Oct 25, 2003

Hi.

Running W2k Server as a NAT box (3 nics, 3 subnets, 2 of
them being public), with a linux IPchains firewall on the
outside. Firewall is connected to a DSL AND a cable modem,
since DSL has a nasty habit of going down.

What I'm wondering is how the dead gateway detection works
in Window tcp/ip. Will it see that the firewall is not
returning packets from the internet, and call it dead, or
will it simply go 'my gateway is up, so everything's
peachy', and not switch to the second gateway?

Is there some other way of getting this working, other
than scripting something?

Any thoughts/comments/miracles are welcome

J

Joe Richards [MVP] · Oct 27, 2003

Multiple default gateways have always been an issue with Windows. Supposedly if they are set up as routers with RIP they
handle it better though.

Might be good to start here...

http://support.microsoft.com/?kbid=157025

Curtis Koenig [MSFT] · Oct 28, 2003

Hi Jeremy,
Dead Gateway Detection (DGD) is a very convoluted algorithm. In essesnece
each TCP/IP application is treated as independant, thus when one
application detects that the DG is dead it does not tell the other apps and
the TCP/IP properties are not adjusted (this is part of the RFC). However,
when 51% of the applications fail then the TCP/IP stack is adjusted and all
applications from a given client will switch their DG. This does not
communicate this to other cliens, so each client on a network has to go
through this and results in a patchy network and it also does not fail-back
when the original DG comes back online. Another problem here is that only
IP based applications will work with it. So your browser (not pure IP but
HTTP) will not cause DGD to initiate.

The best solution is to use RRAS boxes that have each outgoing gateway
advertised with RIP (or a hardware router that can do RIP). You can set a
higher weight for your preferred gateway and it will be used. Also when it
comes back up a higher weight will cause the traffic to shift to it. The
advantage here is that all applications and all clients shift to the new
gateway at the same time and not individually. This is much more dynamic
and much more resiliant to change.
--
Curtis Koenig
Support Professional
Microsoft Clustering Technologies Support
MCSA, MCSE, MCSAS, MCSES, CISSP

This posting is provided "AS IS" with no warranties and confers no rights.
Please reply to the newsgroup so that others may benefit. Thanks!

--------------------

Dead Gatway detection

Jeremy

Joe Richards [MVP]

Curtis Koenig [MSFT]