How to set up my Routing??

  • Thread starter Thread starter Andreas B.
  • Start date Start date
A

Andreas B.

Hello Gurus,

Below I have describe how my network is set up
and what boxes are included etc.

I hope someone of you can help me with my
issue, not being able to access the internet
from certain boxes and not getting boxes to
chat with eachother over different subnets.

I know that I have one box (Server01, Win2k box with AD),
that must act as a spider between two nets in my
network.

Please read below and see if you can help me setting
up the Routing on my Server01 computer.


LAN 1 - Is the net via ADSL modem (static IP from ISP)
LAN 2 - Wireless LAN (wireless gateway/router/switch)
LAN 3 - With NIC's connected via a switch

The setup is following:

LAN1
====

ADSL Modem connected to D-Link Wireless Gateway/Router.
The static IP from ISP let say it's a.b.c.d.


LAN2
====

The Gateway/Routers (GWR) internal LAN is 192.168.2.x.
The GWR has IP 192.168.2.1 defined to the local network.

Now there are to boxes that has Wireless NICs. One laptop
with IP 192.168.2.6 and one Win2K Server (AD server) with
IP 192.168.2.2. Both have the follow TCP/IP config:

IP: 192.168.2.2 (Server01)
NM: 255.255.255.0
GW: 192.168.2.1 (the Gateway/Router)

IP: 192.168.2.6 (Laptop)
NM: 255.255.255.0
GW: 192.168.2.1 (the Gateway/Router)

Both these computers can access the internet!

LAN3
====

My LAN3 has the networkmask 192.168.3.x.
Following computers are connected to this net.

IP: 192.168.3.1 (Server01 that also has Wireless NIC)
NM: 255.255.255.0
GW: 192.168.3.1 (Don't if this is right?)

IP: 192.168.3.2 (Server02)
NM: 255.255.255.0
GW: 192.168.3.1 (pointing to Server01)

IP: 192.168.3.3 (Workstation)
NM: 255.255.255.0
GW: 192.168.3.1 (pointing to Server01)

The thing is now. I want Server01
(192.168.2.2/192.168.3.1) to be able to route between
these two networks.

I want the Workstation (192.168.3.3) to be able to
access the internet (cannot do that now) and also
be able to access the Laptop (192.168.2.6).

I have figured out that I must use Routing on the Server91
box, becuase it is the spider in the net.
But I dont know HOW to Route!!??

Best regards,
Andreas
 
Your message is very difficult to follow but you indicate
that Net2 can access the Internet -- my guess is that
Net2 is adjacent to the router on the Internet and that
you are having trouble with Net3 which is likely behind
another router.

Usually, people overlook putting a MANUAL (or static)
route on the Internet router -- this route defines the address
of the second router as the path to the next network.

Internet --- router1 -- Net2 -- router2--net3

Everything on Net3, and router2 can use router1 as the "default
gateway" (router).

router1 must use the ISP's router as it's default (because the list
of everythining on the Internet would be impossible to add manually.)

So how does router1 return responses to net3 machines? Obviously,
it cannot send directly, and just as obviously it can use router2 for
this traffic IF it knows that....

So on Router2 do (the equivalent of):

route add x.y.z.net mask 255.j.k.l router2IP

Where the dotted elements are IP net & mask for net3 and the address of
router2.
 
Hi again Herb!

I'm so thankful for your concern and willingness
to help me out, but I'm not very bright in this
matter.

To make it easier for you to understand HOW I
really have set up this, please view the following
link:

http://www.bodinjr.com/lan.gif

And don't hesitate to mail me in private if you'd
like to.

Thank you very much for your help!!

Best regards,
Andreas
 
http://www.bodinjr.com/lan.gif

(I am assuming you are using subnet mask 255.255.255.0 or /24)

Ok, your Server01-AD (and the satellite Laptop Wireless) must use
the D-Link (Internet GW/NAT/Router) as their DEFAULT Gateway.
Of course Workstation 1 must do this too.

They will then SEND all "unknown" destinations to the D-Link, which
uses the ISP 194.236.112.1 as ITS default Gateway (presumably that
is the ISP router.)

So here's the FIRST problem: The D-Link's TWO Nics (LAN and Wireless)
are one the SAME subnet, which will not work. Put the wireless on a
DIFFERENT range. Right now, they are both on subnet-2 and you are using
subnet 3 for the 3Com switch (I bet it is just a hub and not a switch) net.

Presumably you intended to make the D-Link-Workstation1 net on subnet-1.

Now, here's the harder problem, all these machines can NOW communicate,
but ONLY the Server01-AD KNOWS about subnet-3.

Since the D-Link sends everything it doesn't have a specific route for to
the
INTERNET, nothing gets RETURNED (or sent) to subnet 3 with the 3COM.

All the machines on subnet-3 much use Server-01 LAN as Default Gateway
(so it can send to ALL other nets.)

Fix subnet 1 to be the D-Link LAN.
Workstation1 to D-Link LAN as Default Gateway
Point Server 1 (and the wireless Laptop) D-Link Wireless as Default Gateway
Point all 3-Com switch machines (except Server-01) to Server-01 as Default
Gateway

KEY: Give the D-Link a MANUAL route through the wireless interface
equivalent
to the Win2000 command:
route add 192.168.3.0 mask 255.255.255.0 192.168.2.2 (<---Server01's
address)

(The above teaches the D-Link to route TO the Server-01-3Com subnet3. You
will
have to use the D-Link interface to add this route, might be a web page or
whatever.)

There is one more optimization you can make (but it's probably not worth the
trouble):
The wireless PC can get to Subnet-3 MORE EFFICIENTLY by sending traffic for
subnet-3 to Server-01 direct (add route there too) but since it can send to
the DLink
and the DLink can send to Server-01 to reach subnet 3, this only optimizes
the net
UNLESS you have a LOT of traffic going between Laptop and the 3Com-subnet3.

You should understand the WHY of the above -- when I have TWO (or more)
routers that can help me, I can only use ONE of them as MY default gateway,
All routes behind OTHER routers must be explicitly added (unless you use
dynamic routing software which does the same job --automatically.)
 
Hello again Herb!!


Thank you very much for the help.
Now I get a clearer picture of HOW it works.

But I ran into some probbs, the D-Link Gateway
doesn't allow me to add routes. I can find no
Routing Table in the unit. Maybe have to buy
a better one!!

The D-Link does not split between Wireless and
LAN connections, it's like a switch adding them
both toghether.

Another litte thought...
On Server01, I have the Routing And Remote Access set up,
with default config, by that I mean, I just choosed
"Network Router" in the Wizard when deploying the service
on the Server01 Win2k Server.

I think I have figured out with your solution that
the reason why my Workstation and Server on the 3Com
Switch (yes it is a 8-port Switch, not a hub) cannot PING
the laptop och workstation connected to the D-Link, is
that the D-Link does not know how to route back the
information!(?) Therefor I get my "time out" on the
pings??

I thank you so much for your help!!

Best regards,
Andreas B.
 
But I ran into some probbs, the D-Link Gateway
doesn't allow me to add routes. I can find no
Routing Table in the unit. Maybe have to buy
a better one!!
Click to expand...

You may indeed -- the other day we were discussing
such a router (might be another brand) and it shocked
me to discover that it had no such capability -- my little
DSL unit had it.

Without this feature they are basically JUNK IF you have
more than one subnet on the inside.
The D-Link does not split between Wireless and
LAN connections, it's like a switch adding them
both toghether.
Click to expand...

Ok, so then my correction there was in error. I use
a Win2000 server (RRAS router) in such a position
and it of course treats the NICs/Networks as separately.

That by the way IS (effectively) a Bridge between those two.
(Not a switch probably although this distinction may blur.)
Another litte thought...
On Server01, I have the Routing And Remote Access set up,
with default config, by that I mean, I just choosed
"Network Router" in the Wizard when deploying the service
on the Server01 Win2k Server.
Click to expand...

Should work, since NIC (real hardware interfaces) are added
automatically to IP routing (if they run IP) -- Modems and VPNs
have to be configured in RRAS AS "interfaces."

It doesn't need any STATIC routes so that isn't the issue -- were
it in the position of the D-Link if would need routes unless it
were DIRECTLY connected to each network (instead of having
ANOTHER router in the position it now occupies.)

Routers AUTOMATICALLY know about the nets connected
DIRECTLY to their interfaces (NICs or dynamic like dial/VPN.)
I think I have figured out with your solution that
the reason why my Workstation and Server on the 3Com
Switch (yes it is a 8-port Switch, not a hub) cannot PING
the laptop och workstation connected to the D-Link, is
that the D-Link does not know how to route back the
information!(?) Therefor I get my "time out" on the
pings??
Click to expand...

RIGHT -- this is the KEY. If you used NetMon (a sniffer or Snort)
to watch packets, you would SEE the request leave but no response
return to them from stations on the D-Link net.
 
A thought crossed my mind...

What if, I on the Server01 (the one with W-lan & LAN)
set up NAT between the nets. Wouldn't that make
the D-link know to route back the the W-Lan and the NAT
on the Server01 would then know that this package
had been NATted (?) and should continue to transport
to the 3.x net?

Or am I way out?? :)

Once again, thanks for your time!!
I really appreciate your support and I know understand HOW
Routing works, just becuase I got it into practise with my
own "problem" and not just theoretically reading it!

Best regards,
Andreas
 
What if, I on the Server01 (the one with W-lan & LAN)
set up NAT between the nets. Wouldn't that make
the D-link know to route back the the W-Lan and the NAT
on the Server01 would then know that this package
had been NATted (?) and should continue to transport
to the 3.x net?
Click to expand...

Nope -- NAT is about ADDRESS TRANSLATION. NAT
are, it's true, also ROUTERS but in that sense they act like
the routers you are already using. NAT isn't necessary (or
really helpful) between YOUR OWN two nets, but only between
YOUR PRIVATE nets and the PUBLIC Internet.
Or am I way out?? :)
Click to expand...

Yep. said:
Once again, thanks for your time!!
I really appreciate your support and I know understand HOW
Routing works, just becuase I got it into practise with my
own "problem" and not just theoretically reading it!
Click to expand...

That's pretty much how I learned it, but it turns out there are only
a half dozen or so key points and you can learn it theoretically then
use that to scale up to almost any size network.
 
Back
Top