MultiHomed Workstation - Which NIC is being used?

  • Thread starter Thread starter RDK
  • Start date Start date
R

RDK

.....I have a Windows 2000 workstation which has three NICs. Each NIC
(subnets 10.0.2.5, 10.0.1.5 and 10.0.0.5) has an independent route to the
internet. That is we have three redundant routes to the internet (three
different suppliers).

One of these routes is low speed (250 KBS) while the others are 1MB and 5MB.

How can I tell which NIC is being used when I open up IE? Or, how can I
specify (without disabling the other NICs) which NIC should be the primary
(preferred) NIC, secondary, ... for internet access?

Thanks....RDK
 
You could do it 2 ways and still achieve the same result.

In the Advanced properties of your network connections set a metric for
each connection, a lower metric set to an interface makes that
connection a preferred route for all outgoing traffic. Setting multiple
interfaces with the same metric enables load sharing across these
connections.

If you are looking to set an application process (iexplore.exe in your
case) to use a connection-of-choice for that process all the time, i
don't think there is a way (but i am willing to be wrong about this).

The next method used the Route.exe command line executable to set the
metric for gateways using a default route which is persistent across
system reboots.

% Route Add 0.0.0.0 Mask 0.0.0.0 10.0.2.5 Metric 20 -p
Let's say this was your 5MB connection

% Route Add 0.0.0.0 Mask 0.0.0.0 10.0.1.5 Metric 22 -p
and this was your 2MB connection

% Route Add 0.0.0.0 Mask 0.0.0.0 10.0.0.5 Metric 35 -p
and this was your 0.25MB connection
 
The Windows IP stack supports only one default gateway. If all three of your
interfaces have routes out to the Internet, you will be using only one interface.
Which interface gets used depends on how you've configured the stack.

In no instance will you get any form of traffic load balancing. You can configure
varying metrics, but that usually makes sense only if you're trying to make
routing decisions based on cost. If you use a lower (that is, more preferred)
metric for faster connections then *all* your traffic will go out that connection.
If you use the same metric everywhere, Windows XP and 2003 will use only
one interface for all traffic -- the one that's listed first in the binding
order in the advanced settings dialog. Windows 2000 just randomly picks one.

See http://support.microsoft.com/?id=157025 for some more details on your
configuration.

It sounds like you're describing a need for "ISP load balancing." Rainfinity
makes a product called RainConnect that does exactly that. Check it out.

Steve Riley
(e-mail address removed)
 
Steve...Thanks for the information, except now I'm a bit confused by the
reference article you sent me to. May I elaborate on my setup:

NIC1 10.0.0.5 has a gateway (firewall router address) of 10.0.0.1 and
its "modem" is connected to ISP1 - 5 MBS
NIC2 10.0.1.5 has a gateway (firewall router address) of 10.0.1.1 and
its "modem" is connected to ISP2 - 1 MBS
NIC3 10.0.2.5 has a gateway (firewall router address) of 10.0.2.1 and
its "modem" is connected to ISP3 - 0.25 MBS
except via my workstation these three subnets are not connected (well I
guess they are connected via the Internet).

In this mode if I fire up an app on my Win2k workstation which wants to
access the interent, I'm never sure which NIC is actually servicing the
request. In a development and production environment I prefer to keep the 5
MBS pipe clear for business traffic and use one of the others for testing.
But, I do need to access devices on the 5 MBS subnet periodically. Now, my
read of the reference article is that I should leave the gateway field blank
for NIC's 1 and 3, and to populate NIC2 with all three router addresses. Is
this correct? And then I have to use the Router.exe to define routes for
the other two??

Networking is not my speciality, can you provide a couple concrete examples.

Thanks....RDK

ps...I assume that any incoming traffic to my workstation webs and/or
databases from devices (servers and/or users) on any of the three subnets
will always return via the NIC on which it was received?...
 
Before I can fully answer, I need to know one thing: what is the subnet mask
on these interfaces?

Steve Riley
(e-mail address removed)
 
Thank you steve for pointing that out to me, so, is there no way you can
acfhieve traffic load sharing across multiple links to the internet
without third party solutions?

I think it is safe to assume that RDK's Subnet Masks are Equal to or
Longer than /24 (255.255.255.0) as the numbers in the third octect of
his IP addresses are consecutive.
 
OK. So you have three NICs, each in its own subnet, and each with a default
gateway configured. If you haven't changed any default settings, these will
all have the same metric. Therefore, routing will behave this way.

1. Any traffic destined for subnet 10.0.0.0/24 will go out NIC1.

2. Any traffic destined for subnet 10.0.1.0/24 will go out NIC2.

3. Any traffic destined for subnet 10.0.2.0/24 will go out NIC3.

4. All other traffic will leave the adapter that's highest bound. Open the
Network Connections folder, choose Advanced from the menu, choose Advanced
Settings. Look at the Connections box on the Adapters and Bindings tab. Whichever
interface is listed first is the one that gets used. Windows will never initiate
oubound connections using the other two.

Default gateways are used only when the destination address of a packet is
on some network other than the local segment, as defined by the subnet mask.
Thus, for the first three conditions, no default gateways are used at all.
In the fourth condition, the highest-bound NIC will process all traffic.
This will include any other subnets inside your internal network as well
as the Internet at large.

Now say you have another subnet in your network, 10.0.3.0/24, and you would
like all traffic to that subnet to use NIC2. So long as there is connectivity
between 10.0.1.0/24 to 10.0.3.0/24, you can add this static route:

route add 10.0.3.0 mask 255.255.255.0 10.0.1.1

Make sure that 10.0.3.0/24 knows how to route back through 10.0.1.0/24 for
any traffic that it receives from that subnet.

Oh, and Shalom B. -- no, there is no facility in the stack to do any load
balancing of multiple NICs and default gateways.


Steve Riley
(e-mail address removed)
 
Steve.....Thanks this answers almost all of my questions. However,
recalling my PS and your #4 below:

4. All other traffic will leave the adapter that's highest bound.

ps...I assume that any incoming traffic to my workstation webs and/or
databases from devices (servers and/or users) on any of the
three subnets will always return via the NIC on which it was
received?...

Let's assume that NIC1 is the "highest bound", does this mean that traffic
from the 10.0.1.* subnet (coming in via NIC2) to a web server on my
workstation from an Internet source (firewall DMZ for example) will exit
back to the Internet via NIC1, or will it know that it has to exit via NIC2?

Thanks......RDK
 
Reply traffic follows whichever route it has to, according to the source
addresses of the inbound traffic. Regardless of which interface received
the inbound traffic, the same routing rules apply for return traffic. So
if it comes in on NIC2 but NIC1 is able to route back to the source, your
computer will use NIC1 to send the reply so long as that NIC is bound highest.

Windows (like nearly all operating systems) follows what's called the "weak
end-system" model where there is no real link kept between interfaces and
flows. It's all up to the routing engine to decide where to send traffic,
and that decision is made on a per-packet basis.

Steve Riley
(e-mail address removed)
 
Steve.....Hmmmmm. If the inbound traffic is sent to the internet address
for NIC2, is processed by my workstation, and the response is sent back via
NIC1 and its different Internet IP address won't that cause the originating
firewall to reject the reply?....RDK
 
You got it. Known behavior of *all* stacks that follow the weak end-system
model.

See http://support.microsoft.com/default.aspx?scid=kb;en-us;175396 for a
description of the problem. If your application creates packets with NIC2's
IP address as the source, then you won't have a problem. But if the application
just drops the traffic on the stack without regard to which source address
it should use, then you'll encounter exactly what you're describing.

That's why it's best not to have more than one way out to the Internet.

Steve Riley
(e-mail address removed)
 
Steve....One final (I know they all say that) question. My apps are SQL,
IIS for webs and Media Server for audio and video. Are these apps which
create packets with the right IP address?

And, many thanks for this very informative and useful discussion......RDK
 
Glad to have helped. Alas, I don't have answers about the specific programs
you mention...

Steve Riley
(e-mail address removed)
 
Back
Top