[THIN] Re: OT - Where are NIC bindings?
- From: Adam.Baum@xxxxxxxxxxxxxx
- To: thin@xxxxxxxxxxxxx
- Date: Tue, 30 Sep 2003 15:56:02 -0700
Chris,
You CAN have two default gateways. It may not be according to RFC, but it
does work. This server has been up for a few months and the primary farm
server has been up over a year. Never had any problems except for this one
server. As for NAT, can't do it. It would require a real firewall. This
setup (network hardware) is so old, it's really just a cheap DSL router.
In any event, it would not bypass my requirement without a major redesign
on my end.
The overall problem is that the when you access the server from the
Internet, you come in through DSL. When you try to access the Internet
from the MF server, you go out through a different set of network
infrastructure. The history of this farm is that we never provided
outbound Internet access. We only wanted people to come in to the network
via the Internet and ICA dial-in (yes, we have modem banks attached to the
servers). The current crop of City Councilmen do not have broadband
connections so when they dial-in for remote access and need to check the
Internet, they do not want to hangup and dial their ISP. They naturally
asked to have outbound Internet access turned on. Since we are required to
filter, we had to send them out a different path.
We have a longterm plan of getting rid of the DSL and move the servers into
our big infrastructure, but the DSL is cheap and is at full T1 bandwidth.
Our main Internet connection for the rest of the City is T1x3. This is
shared by 3000 people, e-commerce, web servers, etc and runs about 80%
utilization. You can see where I am going with this...
So..how do I change the binding order in W2K?
adam
"Chris Lynch"
<lynch00@xxxxxxx> To: <thin@xxxxxxxxxxxxx>
Sent by: cc:
thin-bounce@freel Subject: [THIN] Re: OT - Where
are NIC bindings?
ists.org
09/30/2003 11:31
AM
Please respond to
thin
First off, you cannot have two default gateways. This goes against the
TCP/IP standard. You are causing more problems than what you are trying to
resolve. Why not do NAT traversal on your firewall so that some External
IP
gets translated to your Internal MF server? This would bypass the whole
requirement for what you have explained?
"because we also have ICA async dial-in on these servers"
This isn't a reason to have a dual-homed NIC machine. I assume by this
statement, you have actual Modem users that dial-in, correct?
Chris
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf
Of Adam.Baum@xxxxxxxxxxxxxx
Sent: Tuesday, September 30, 2003 8:27 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] OT - Where are NIC bindings?
I have one MF server that seems to lose its way. It is dual NICd with one
NIC connected to my Intranet, the other to the Internet. For some reason,
every now and then the server will not be able to find my internal network.
Both NICs have default gateways. If I remove the default gateway for the
external NIC, acces the missing resource, and then add the gateway back in,
all works well. That is until I reboot.
Why do I have two default gateways, when one would work just fine? Well,
people use this set of servers for remote access so all the ICA info must
go
out to the external NIC. However, we allow people to browse the Internet
from these servers and we filter (Websense). This requires that all
Internet (port 80) traffic go through our Proxy servers which require
them to go out the Internal facing NIC. Why can't people just browse the
internet since they are attaching via the Internet? Good question.
Answer: because we also have ICA async dial-in on these servers.
It all boils down to this: the wayward server has its NICs backwards.
Port 1 is Internal, port 2 is external. All the other servers in this farm
have it set the opposite. So instead of re-wiring (which would make me get
off my butt), I would rather just change the binding order and see if it
solves the problem. My question is: where in W2K do you change binding
order?
adam
********************************************************
This Week's Sponsor - Emergent Online
Essential Thin Client Utilities.
Meet Jim Kenzig of thethin.net at the Emergent Online Booth #24 at Citrix
iForum on October 13th.
http://www.go-eol.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
New! Online Thin Computing Magazine Site http://www.OnDemandAccess.com
For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use
the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - Emergent Online
Essential Thin Client Utilities.
Meet Jim Kenzig of thethin.net at the Emergent Online
Booth #24 at Citrix iForum on October 13th.
http://www.go-eol.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
New! Online Thin Computing Magazine Site
http://www.OnDemandAccess.com
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - Emergent Online
Essential Thin Client Utilities.
Meet Jim Kenzig of thethin.net at the Emergent Online
Booth #24 at Citrix iForum on October 13th.
http://www.go-eol.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
New! Online Thin Computing Magazine Site
http://www.OnDemandAccess.com
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
Other related posts:
