Persistent Route ignored on W2K when destination network is unavailable

  • Thread starter Thread starter ITguy_uk
  • Start date Start date
I

ITguy_uk

I currently have Windows 2000 Professional (SP4) workstations that
have persistent routes set to another subnet which is the other side
of a private WAN connection. These workstations have their default
gateway set to our internet proxy server which allows them to access
external sites e.g. web sites and FTP servers. These routes are set
using:

C:/route -p add <destination IP> MASK 255.255.255.0 <Gateway IP>

e.g:

C:/route -p add <192.168.1.0> MASK 255.255.255.0 <192.168.5.1>

This works as expected as can be seen from tracert (IPs changed to
example ones):

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\>tracert server1

Tracing route to server1 [192.168.1.2]
over a maximum of 30 hops:

1 <10 ms <10 ms <10 ms 192.168.5.1 <========== local
WAN router
2 50 ms 50 ms 50 ms 203.204.6.72 <========== remote
WAN router
3 50 ms 60 ms 50 ms server1 [192.168.1.2]

Trace complete.

This works as expected until the WAN link is down for any amount of
time. Once the WAN link has been down for a period of more than approx
1 hour the workstations lose connectivity with the remote subnet.
When I run the "route print" command I can still see the persistent
route listed but on running tracert to a host on the other subnet the
traffic is routed via the default gateway (internet connection via
ISP) rather than the internal WAN gateway.

If I re-run the route command above the route is restored and
connectivity re-instated. It is almost as if there is a timeout where
after a specified time windows stops attempting to access that subnet
via the specified static route and defaults to the default gateway.
This seems to be incorrect, if a route is persistent then windows
should keep re-trying until the connection is restored or produce an
error message to inform the user the route is no longer available (on
screen or event log).

My questions are:

1.Does anyone know why it is defaulting to the default gateway when
the persistent route loses connectivity?

2. Does anyone know how to prevent this default gateway fall back
(registry or network properties setting)?

3. Should windows utilise the default gateway when connectivity is
lost to a host accessible via a previously persistent route?

4. Why does it still list (ROUTE PRINT) the persistent route even
though it is no longer using it due to loss of connectivity?

I have looked on the MS KB and searched on google but it does not seem
to be mentioned anywhere. Any hints would be appreciated.

Thanks in advance
 
Although it would seem it should work, the client's routing table is not
that place to do this. This should be done at the routing device that they
use (in this case the proxy). Place the static routes on the proxy instead.
Then make sure the full address range of this remote subnet is also included
in the proxy's LAT. The Client's DFG takes them to the proxy box which then
routes it via the static route to the proper gateway. "Routing" (aka IP
Forwarding) must be enabled on the proxy,...which of course isn't the most
desireable thing for a proxy. Proxys should never "double" as a LAN routing
device.

Other questions though, only NAT services require the use of "gateways" to
get to the net,...proxys do not,...proxys use settings in the browser to
"find" the proxy. You may be incorrectly using the proxy as a Default
Gateway. The clients should use a LAN routing device as the Default Gateway
which would itself use the internet gateway as its DFG. Situations vary, and
I have no idea what your situation is.

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

ITguy_uk said:
I currently have Windows 2000 Professional (SP4) workstations that
have persistent routes set to another subnet which is the other side
of a private WAN connection. These workstations have their default
gateway set to our internet proxy server which allows them to access
external sites e.g. web sites and FTP servers. These routes are set
using:

C:/route -p add <destination IP> MASK 255.255.255.0 <Gateway IP>

e.g:

C:/route -p add <192.168.1.0> MASK 255.255.255.0 <192.168.5.1>

This works as expected as can be seen from tracert (IPs changed to
example ones):

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\>tracert server1

Tracing route to server1 [192.168.1.2]
over a maximum of 30 hops:

1 <10 ms <10 ms <10 ms 192.168.5.1 <========== local
WAN router
2 50 ms 50 ms 50 ms 203.204.6.72 <========== remote
WAN router
3 50 ms 60 ms 50 ms server1 [192.168.1.2]

Trace complete.

This works as expected until the WAN link is down for any amount of
time. Once the WAN link has been down for a period of more than approx
1 hour the workstations lose connectivity with the remote subnet.
When I run the "route print" command I can still see the persistent
route listed but on running tracert to a host on the other subnet the
traffic is routed via the default gateway (internet connection via
ISP) rather than the internal WAN gateway.

If I re-run the route command above the route is restored and
connectivity re-instated. It is almost as if there is a timeout where
after a specified time windows stops attempting to access that subnet
via the specified static route and defaults to the default gateway.
This seems to be incorrect, if a route is persistent then windows
should keep re-trying until the connection is restored or produce an
error message to inform the user the route is no longer available (on
screen or event log).

My questions are:

1.Does anyone know why it is defaulting to the default gateway when
the persistent route loses connectivity?

2. Does anyone know how to prevent this default gateway fall back
(registry or network properties setting)?

3. Should windows utilise the default gateway when connectivity is
lost to a host accessible via a previously persistent route?

4. Why does it still list (ROUTE PRINT) the persistent route even
though it is no longer using it due to loss of connectivity?

I have looked on the MS KB and searched on google but it does not seem
to be mentioned anywhere. Any hints would be appreciated.

Thanks in advance
 
Phil,

Thanks for the reply, this has been one of those grey areas that I
haven't been able to get to the bottom of. It did seem ludicrous that
a global setting like the gateway to a particular subnet should be set
on individual machines. I did look at setting this via DHCP but there
was no obvious method of doing this so this didnt seem the correct
method of acheiving this.

Apologies for not being clearer in my original post but the hosts on
this network access the internet via a NAT firewall (connected to
broadband) and not a proxy server. Currently the client machines
default gateway is set to the internal IP of the NAT firewall, so that
most internet traffic goes through this appliance. Some of the hosts
on the network need to access a remote server on a different subnet
via a WAN link. The WAN link traffic is routed by a Cisco router which
I do not have access to the config of (the comms provider do this).
From what you have said I need to do one of the following:

1. Set the default gateway to the NAT firewall on the hosts and add a
route on the NAT firewall so that any traffic to the remote server
across the WAN gets redirected to the Cisco router.

2.Set the default gateway to the Cisco router on the hosts and add a
route on the Cisco firewall so that any traffic to the internet gets
redirected to the NAT firewall.

I think option 1 is preferable as I don't have control of the Cisco
router config and the majority of the traffic will be for the internet
and not the remote server across the WAN. Als does a NAT firewall
count as a LAN routing device or should there be a LAN routing device
in front of the NAT firewall?

Thanks again for clearing up my confusion


Phillip Windell said:
Although it would seem it should work, the client's routing table is not
that place to do this. This should be done at the routing device that they
use (in this case the proxy). Place the static routes on the proxy instead.
Then make sure the full address range of this remote subnet is also included
in the proxy's LAT. The Client's DFG takes them to the proxy box which then
routes it via the static route to the proper gateway. "Routing" (aka IP
Forwarding) must be enabled on the proxy,...which of course isn't the most
desireable thing for a proxy. Proxys should never "double" as a LAN routing
device.

Other questions though, only NAT services require the use of "gateways" to
get to the net,...proxys do not,...proxys use settings in the browser to
"find" the proxy. You may be incorrectly using the proxy as a Default
Gateway. The clients should use a LAN routing device as the Default Gateway
which would itself use the internet gateway as its DFG. Situations vary, and
I have no idea what your situation is.

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

ITguy_uk said:
I currently have Windows 2000 Professional (SP4) workstations that
have persistent routes set to another subnet which is the other side
of a private WAN connection. These workstations have their default
gateway set to our internet proxy server which allows them to access
external sites e.g. web sites and FTP servers. These routes are set
using:

C:/route -p add <destination IP> MASK 255.255.255.0 <Gateway IP>

e.g:

C:/route -p add <192.168.1.0> MASK 255.255.255.0 <192.168.5.1>

This works as expected as can be seen from tracert (IPs changed to
example ones):

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\>tracert server1

Tracing route to server1 [192.168.1.2]
over a maximum of 30 hops:

1 <10 ms <10 ms <10 ms 192.168.5.1 <========== local
WAN router
2 50 ms 50 ms 50 ms 203.204.6.72 <========== remote
WAN router
3 50 ms 60 ms 50 ms server1 [192.168.1.2]

Trace complete.

This works as expected until the WAN link is down for any amount of
time. Once the WAN link has been down for a period of more than approx
1 hour the workstations lose connectivity with the remote subnet.
When I run the "route print" command I can still see the persistent
route listed but on running tracert to a host on the other subnet the
traffic is routed via the default gateway (internet connection via
ISP) rather than the internal WAN gateway.

If I re-run the route command above the route is restored and
connectivity re-instated. It is almost as if there is a timeout where
after a specified time windows stops attempting to access that subnet
via the specified static route and defaults to the default gateway.
This seems to be incorrect, if a route is persistent then windows
should keep re-trying until the connection is restored or produce an
error message to inform the user the route is no longer available (on
screen or event log).

My questions are:

1.Does anyone know why it is defaulting to the default gateway when
the persistent route loses connectivity?

2. Does anyone know how to prevent this default gateway fall back
(registry or network properties setting)?

3. Should windows utilise the default gateway when connectivity is
lost to a host accessible via a previously persistent route?

4. Why does it still list (ROUTE PRINT) the persistent route even
though it is no longer using it due to loss of connectivity?

I have looked on the MS KB and searched on google but it does not seem
to be mentioned anywhere. Any hints would be appreciated.

Thanks in advance
 
Back
Top