[THIN] Re: OT - Where are NIC bindings?

Not to get into a pissing match... I know that you *can* have multiple
Interfaces with Default gateways.  This screws up the routing engine within
Windows (which isn't that great to begin with).

To change the binding order, you need to open up the Properties of My
Network Places, and then click on Settings, then Advanced.  There you can
change the bindings.

I feel for you.  I just know that from experience, this type of
configuration is a pain to have in place.  What you might want to do is
this:

1.  Remove the Default GW from the External NIC
2.  Add static routes manually back to your DSL clients
3.  Leave the Default GW on the Internal NIC

This will not cause any problems with your dial-in users.  Of course, this
assumes that your Broadband clients have a static IP, and not DHCP. 

Chris

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Adam.Baum@xxxxxxxxxxxxxx
Sent: Tuesday, September 30, 2003 3:56 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT - Where are NIC bindings?


Chris,

You CAN have two default gateways.  It may not be according to RFC, but it
does work.  This server has been up for a few months and the primary farm
server has been up over a year.  Never had any problems except for this one
server.  As for NAT, can't do it.  It would require a real firewall.  This
setup (network hardware) is so old, it's really just a cheap DSL router.
In any event, it would not bypass my requirement without a major redesign on
my end.

The overall problem is that the when you access the server from the
Internet, you come in through DSL.  When you try to access the Internet from
the MF server, you go out through a different set of network infrastructure.
The history of this farm is that we never provided outbound Internet access.
We only wanted people to come in to the network via the Internet and ICA
dial-in (yes, we have modem banks attached to the
servers).   The current crop of City Councilmen do not have broadband
connections so when they dial-in for remote access and need to check the
Internet, they do not want to hangup and dial their ISP.  They naturally
asked to have outbound Internet access turned on.  Since we are required to
filter, we had to send them out a different path.

We have a longterm plan of getting rid of the DSL and move the servers into
our big infrastructure, but the DSL is cheap and is at full T1 bandwidth.
Our main Internet connection for the rest of the City is T1x3.  This is
shared by 3000 people, e-commerce, web servers, etc and runs about 80%
utilization.  You can see where I am going with this...

So..how do I change the binding order in W2K?

adam




 

                      "Chris Lynch"

                      <lynch00@xxxxxxx>        To:
<thin@xxxxxxxxxxxxx>

                      Sent by:                 cc:

                      thin-bounce@freel        Subject:  [THIN] Re: OT -
Where are NIC bindings?                                      
                      ists.org

 

 

                      09/30/2003 11:31

                      AM

                      Please respond to

                      thin

 

 





First off, you cannot have two default gateways.  This goes against the
TCP/IP standard.  You are causing more problems than what you are trying to
resolve.  Why not do NAT traversal on your firewall so that some External IP
gets translated to your Internal MF server?  This would bypass the whole
requirement for what you have explained?

"because we also have ICA async dial-in on these servers"

This isn't a reason to have a dual-homed NIC machine.  I assume by this
statement, you have actual Modem users that dial-in, correct?

Chris

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Adam.Baum@xxxxxxxxxxxxxx
Sent: Tuesday, September 30, 2003 8:27 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] OT - Where are NIC bindings?

I have one MF server that seems to lose its way.  It is dual NICd with one
NIC connected to my Intranet, the other to the Internet.  For some reason,
every now and then the server will not be able to find my internal network.
Both NICs have default gateways.  If I remove the default gateway for the
external NIC, acces the missing resource, and then add the gateway back in,
all works well.  That is until I reboot.

Why do I have two default gateways, when one would work just fine?  Well,
people use this set of servers for remote access so all the ICA info must go
out to the external NIC.  However, we allow people to browse the Internet
from these servers and we filter (Websense).  This requires that all
Internet (port 80) traffic go through our Proxy servers which require
them to go out the Internal facing NIC.   Why can't people just browse the
internet since they are attaching via the Internet?  Good question.
Answer: because we also have ICA async dial-in on these servers.

It all boils down to this:  the wayward server has its NICs backwards.
Port 1 is Internal, port 2 is external. All the other servers in this farm
have it set the opposite.  So instead of re-wiring (which would make me get
off my butt), I would rather just change the binding order and see if it
solves the problem.  My question is: where in W2K do you change binding
order?

adam




********************************************************
This Week's Sponsor - Emergent Online
Essential Thin Client Utilities.
Meet Jim Kenzig of thethin.net at the Emergent Online Booth #24 at Citrix
iForum on October 13th.
http://www.go-eol.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
New! Online Thin Computing Magazine Site http://www.OnDemandAccess.com

For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use
the below link:
http://thethin.net/citrixlist.cfm


********************************************************
This Week's Sponsor - Emergent Online
Essential Thin Client Utilities.
Meet Jim Kenzig of thethin.net at the Emergent Online Booth #24 at Citrix
iForum on October 13th.
http://www.go-eol.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
New! Online Thin Computing Magazine Site http://www.OnDemandAccess.com

For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use
the below link:
http://thethin.net/citrixlist.cfm





********************************************************
This Week's Sponsor - Emergent Online
Essential Thin Client Utilities.
Meet Jim Kenzig of thethin.net at the Emergent Online Booth #24 at Citrix
iForum on October 13th.
http://www.go-eol.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
New! Online Thin Computing Magazine Site http://www.OnDemandAccess.com

For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use
the below link:
http://thethin.net/citrixlist.cfm


********************************************************
This Week's Sponsor - Emergent Online
Essential Thin Client Utilities.
Meet Jim Kenzig of thethin.net at the Emergent Online
Booth #24 at Citrix iForum on October 13th.
http://www.go-eol.com 
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
New! Online Thin Computing Magazine Site
http://www.OnDemandAccess.com

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm

Other related posts: