• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

multihome network setup for win server 2003

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Beginners // Misc. Computer Questions

View previous topic :: View next topic  
Author Message
thealps
Just Arrived
Just Arrived


Joined: 22 Jul 2010
Posts: 0


Offline

PostPosted: Thu Jul 22, 2010 10:17 pm    Post subject: multihome network setup for win server 2003 Reply with quote

Hi folks!

I did some searching but didnt find a really solid answer for my specific situation. I have a windows server 2003 that I dev on and have ftp/web servers for clients while I am devving. My machine has one NIC with a direct line outside of the LAN in my building with dedicated IPs so I can use a domain name and give my clients easy access. I have a second NIC that is part of the buildings shared LAN and uses DHCP to access the internet and the resources of the LAN (file sharing, printer sharing, etc). Most of the computers on the LAN are mixed Mac OS 9 and X, Win XP and newer.

I got the 2 NICs so that I could have this server be accessible from the public for the ports I wanted with static IP but I also have 5 other computers that I want to be able to share files with easily (preferably via windows filesharing)

Currently I have no problems with seeing my server from the static IPs but I cannot access to or from this box on the LAN. I am quite certain I need to change the route table, but exactly how I am not certain. I am a C# / asp.net programmer and not a network wiz by any means.

Can anyone help me out with detailed info on how to set up both NICs properly to accomplish 1. static IP NIC accepting public internet traffic and 2. DHCP NIC able to do filesharing and printer sharing over the LAN

Or link to me a good graphical tutorial for dumbass web developers like me who know barely enough about networking to get in serious trouble Wink

Thanks in advance!!
Back to top
View user's profile Send private message
Weaver
Trusted SF Member
Trusted SF Member


Joined: 04 Jan 2003
Posts: 0
Location: WI, USA

Offline

PostPosted: Fri Jul 23, 2010 10:35 am    Post subject: Reply with quote

thealps wrote:
Currently I have no problems with seeing my server from the static IPs but I cannot access to or from this box on the LAN. I am quite certain I need to change the route table, but exactly how I am not certain. I am a C# / asp.net programmer and not a network wiz by any means.


I do not quite understand what you mean in saying "but I cannot access to or from this box on the LAN."

Can you ping the LAN Interface IP address from a device with a LAN IP address in the same subnet? That is to say, if your server's LAN IP is 192.168.1.10/24, can you ping 192.168.1.10 from a device in the 192.168.1.0/24 subnet?

Assuming there is not a firewall blocking your traffic (on the server itself or the host from which you are issuing the ping) you should be able to pass traffic that is on the same subnet.

Windows Server 2003 uses the weak host model for both sending and receiving. There exists a [direct connect] route in the routing table for all IP networks to which the server is connected. This route is added by default for all interfaces with IP addresses.

If a the server receives a an IP packet sourced with an IP that is on a directly connected network, the directly connected route will hit on lookup and get return packet back to the host. No further action required.

The issues arise if you have multiple subnets on the LAN side of most dual-homed hosts. When the server receives a packet sourced from an IP on the LAN "side" that is not the directly connected LAN subnet -- the server goes through the route lookup as always, but *can* have undesired results depending on the configuration.

Technical note: Since Windows Server 2003 uses the weak host model for sending and receiving it actually does not matter on which interface the IP packet is received. For the sake of explaining behavior in this specific example I am using the term "LAN side" to convey a location on the LAN side of a dual-homed host that is homed to seemingly disjointed networks (Internet and LAN [which may or may not have Internet access]).


  • Two interfaces each with an IP address and a default gateway (either statically assigned or pulled via DHCP) will produce two default routes in the routing table. If the interface speeds are different, the 2003 IP stack will assign a lower (better) metric to the faster interface default route. If the interface speeds are the same, the metric will be same for both default routes. Note that interface speed is not your DSL/Cable/DS1/DS3 speed but, in the case of Ethernet -- 10 Mb/s, 100 Mb/s, 1000 Mb/s, etc.
  • When it is time to send the return packet the 2003 IP stack will see multiple default routes and choose the default route with the lower metric. If both default routes have the same metric the 2003 IP stack will choose the default route installed by the interface/adapter highest in the binding order (see Adapters and Bindings tab in the Advanced Settings dialog box in Network Connections).
  • If the default route chosen happens to be the route on the Internet interface and the Internet and LAN sides are disjointed, then that traffic will never make it back to non-directly-connected LAN subnet. As a matter of fact the first Internet upstream router will (almost always) drop the traffic if it is sourced from a RFC1918 private IP.
  • In this case you will need to add a route to the non-direct-connected LAN subnet to the server. This route will specify the server's LAN interface gateway as the next-hop router (or whatever the next hop router should be).


Technet - The Cable Guy - Strong and Weak Host Models
Technet - The Cable Guy - Default Gateway Behavior for Windows TCP/IP

-Weaver
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Beginners // Misc. Computer Questions All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Looking for more Windows Networking info?

Sign up to the WindowsNetworking.com Monthly Newsletter, written by Enterprise Security MVP Deb Shinder, containing news, the hottest tips, Networking links of the month and much more. Subscribe today and don't miss a thing!
View a sample newsletter.

Become a WindowsNetworking.com member!

Discuss your Windows Networking issues with thousands of other Windows Newtorking experts. Click here to join!

Community Area

Log in | Register

Readers' Choice

Which is your preferred data recovery solution?

Follow TechGenix on Twitter