Changing default IP address when running server on two subnets?

Hi there,

I have a windows 2003 server with two network cards in running on two
seperate subnets. These are running behind a firewall that (at
present) doesnt route between the subnets.

I have had to add the second card to the server in order to add the
additional subnet as we needed to use more IP addresses. This server
is in a data centre running a number of websites for our company.

The server is running with the two subnets and by default all of the
outgoing requests are going out on the new subnet. This is a bit of
an issue as the server is part of a bigger network and there are a lot
of routing rules in place. How do i get the requests to come from the
server with the source IP address as the first subnet that was running
on there?

I have gone into the network connections > advanced > advanced
settings and changed the order of the network cards so it uses the
first network card/subnet but it still hasnt applied the changes. Why
i go to an IP lookup website it still lists the new subnet as the
source.

Any ideas? Does the server need a reboot for the changes to apply?

 

1. It follows the Nic with the Default Gateway.

2. It doesn't matter how many subnets there are,...the server should have
only one Nic and "live" on only one subnet.

--
Phillip Windell

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------


"Fox1977" <foxj77@gmail.com> wrote in message
news:f4c462a6-bb2b-4def-bba6-e7cbb27c7aa9@f16g2000vbf.googlegroups.com...<!--coloro:blue--><span style="color:blue <!--/coloro-->
> Hi there,
>
> I have a windows 2003 server with two network cards in running on two
> seperate subnets. These are running behind a firewall that (at
> present) doesnt route between the subnets.
>
> I have had to add the second card to the server in order to add the
> additional subnet as we needed to use more IP addresses. This server
> is in a data centre running a number of websites for our company.
>
> The server is running with the two subnets and by default all of the
> outgoing requests are going out on the new subnet. This is a bit of
> an issue as the server is part of a bigger network and there are a lot
> of routing rules in place. How do i get the requests to come from the
> server with the source IP address as the first subnet that was running
> on there?
>
> I have gone into the network connections > advanced > advanced
> settings and changed the order of the network cards so it uses the
> first network card/subnet but it still hasnt applied the changes. Why
> i go to an IP lookup website it still lists the new subnet as the
> source.
>
> Any ideas? Does the server need a reboot for the changes to apply? <!--colorc--><!--/colorc-->

 

Hi Phillip,

Unfortunately the server has default gateways on both NICs!

On 14 July, 14:36, "Phillip Windell" <philwind...@hotmail.com> wrote:<!--coloro:blue--><span style="color:blue <!--/coloro-->
> 1. It follows the Nic with the Default Gateway.
>
> 2. It doesn't matter how many subnets there are,...the server should have
> only one Nic and "live" on only one subnet.
>
> --
> Phillip Windell
>
> The views expressed, are my own and not those of my employer, or Microsoft,
> or anyone else associated with me, including my cats.
> -----------------------------------------------------
>
> "Fox1977" <fox...@gmail.com> wrote in message
>
> news:f4c462a6-bb2b-4def-bba6-e7cbb27c7aa9@f16g2000vbf.googlegroups.com...
><!--coloro:green--><span style="color:green <!--/coloro-->
> > Hi there,<!--colorc--><!--/colorc-->
><!--coloro:green--><span style="color:green <!--/coloro-->
> > I have a windows 2003 server with two network cards in running on two
> > seperate subnets.  These are running behind a firewall that (at
> > present) doesnt route between the subnets.<!--colorc--><!--/colorc-->
><!--coloro:green--><span style="color:green <!--/coloro-->
> > I have had to add the second card to the server in order to add the
> > additional subnet as we needed to use more IP addresses.  This server
> > is in a data centre running a number of websites for our company.<!--colorc--><!--/colorc-->
><!--coloro:green--><span style="color:green <!--/coloro-->
> > The server is running with the two subnets and by default all of the
> > outgoing requests are going out on the new subnet.  This is a bit of
> > an issue as the server is part of a bigger network and there are a lot
> > of routing rules in place.  How do i get the requests to come from the
> > server with the source IP address as the first subnet that was running
> > on there?<!--colorc--><!--/colorc-->
><!--coloro:green--><span style="color:green <!--/coloro-->
> > I have gone into the network connections > advanced > advanced
> > settings and changed the order of the network cards so it uses the
> > first network card/subnet but it still hasnt applied the changes.  Why
> > i go to an IP lookup website it still lists the new subnet as the
> > source.<!--colorc--><!--/colorc-->
><!--coloro:green--><span style="color:green <!--/coloro-->
> > Any ideas?  Does the server need a reboot for the changes to apply?<!--colorc--><!--/colorc-->
>
><!--colorc--><!--/colorc-->

 

"foxj77" <foxj77@gmail.com> wrote in message
news:1d5753a7-4861-43a4-8ae9-d04030c38bf8@m18g2000vbi.googlegroups.com...<!--coloro:blue--><span style="color:blue <!--/coloro-->
>
> Hi Phillip,
>
> Unfortunately the server has default gateways on both NICs!<!--colorc--><!--/colorc-->

Hello Fox,

Unfortunately, that is not a good practice. A default gateway is the gateway
to the 'world,' so to speak. It's kind of saying to someone, there are two
doorways out of this room to get to the outside of the building. The person
is able to decide which one is better to use, however, when it comes to a
computer, that is not possible. The idea is to have only one default gateway
on any machine and allow the network infrstructure (routers) decide the best
way out the door.

Also, if this is a DC, or it has DNS installed on it, and worse, the
combination of either of the two and RRAS installed, makes it much more
difficult. If this is a DC, or you want to control which NIC gets registered
into DNS (all will get registered if the previous one of three roles are on
this machine), I have a complete blog on how to set it up.

Otherwise, I agree with Phillip in that one gateway and one NIC and allow
the machine to do it's job and your network to do the rest.

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum to benefit from collaboration
among responding engineers, and to help others benefit from your resolution.

Ace Fekay, MCT, MCSE, MCSA 2003 & 2000, MCSA Messaging
Microsoft Certified Trainer
aceman@mvps.RemoveThisPart.org


For urgent issues, you may want to contact Microsoft PSS directly. Please
check for regional support phone numbers.

 

"foxj77" <foxj77@gmail.com> wrote in message
news:1d5753a7-4861-43a4-8ae9-d04030c38bf8@m18g2000vbi.googlegroups.com...<!--coloro:blue--><span style="color:blue <!--/coloro-->
> Hi Phillip,
> Unfortunately the server has default gateways on both NICs!<!--colorc--><!--/colorc-->

You'll have to stop doing that. "Default",...by definition,...means there
can only be one. Windows will even warn of this when you try to apply a
Gateway to a Nic when another Nic in the machine already has one.

There is a such thing as Dead Gateway Detection,...but it does not in any
way apply to this situation.

You also need to get rid of the other Nics. Use a Router to join the
subnets,..use the same Router for ACLs to restrict/allow traffic between the
subnets according to company policy. The Server needs to have one
nic,...and have a single "identitiy",....on a single subnet.


--
Phillip Windell

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------

 

I've tried setting the new nic with the second subnet with no gateway
but the IP addresses dont work. I can only ping IP addresses on the
new subnet when the gateway is in the second nic.

The thing i am struggling to understand is why the options are there
in the advanced settings in the network connections but they dont seem
to make any difference.

I appreciate this is not the best way to do things but it is only a
temporary fix for a couple of months.

Thanks for the assitance

On 14 July, 16:01, "Ace Fekay [MCT]" <ace...@mvps.RemoveThisPart.org>
wrote:<!--coloro:blue--><span style="color:blue <!--/coloro-->
> "foxj77" <fox...@gmail.com> wrote in message
>
> news:1d5753a7-4861-43a4-8ae9-d04030c38bf8@m18g2000vbi.googlegroups.com...
>
>
><!--coloro:green--><span style="color:green <!--/coloro-->
> > Hi Phillip,<!--colorc--><!--/colorc-->
><!--coloro:green--><span style="color:green <!--/coloro-->
> > Unfortunately the server has default gateways on both NICs!<!--colorc--><!--/colorc-->
>
> Hello Fox,
>
> Unfortunately, that is not a good practice. A default gateway is the gateway
> to the 'world,' so to speak. It's kind of saying to someone, there are two
> doorways out of this room to get to the outside of the building. The person
> is able to decide which one is better to use, however, when it comes to a
> computer, that is not possible. The idea is to have only one default gateway
> on any machine and allow the network infrstructure (routers) decide the best
> way out the door.
>
> Also, if this is a DC, or it has DNS installed on it, and worse, the
> combination of either of the two and RRAS installed, makes it much more
> difficult. If this is a DC, or you want to control which NIC gets registered
> into DNS (all will get registered if the previous one of three roles are on
> this machine), I have a complete blog on how to set it up.
>
> Otherwise, I agree with Phillip in that one gateway and one NIC and allow
> the machine to do it's job and your network to do the rest.
>
> --
> Ace
>
> This posting is provided "AS-IS" with no warranties or guarantees and
> confers no rights.
>
> Please reply back to the newsgroup or forum to benefit from collaboration
> among responding engineers, and to help others benefit from your resolution.
>
> Ace Fekay, MCT, MCSE, MCSA 2003 & 2000, MCSA Messaging
> Microsoft Certified Trainer
> ace...@mvps.RemoveThisPart.orghttp://twitter.com/acefekay
>
> For urgent issues, you may want to contact Microsoft PSS directly. Please
> checkhttp://support.microsoft.comfor regional support phone numbers.<!--colorc--><!--/colorc-->

 

"foxj77" <foxj77@gmail.com> wrote in message
news:1096baba-0981-4afc-954c-fdddc8147b94@f33g2000vbm.googlegroups.com...<!--coloro:blue--><span style="color:blue <!--/coloro-->
> I've tried setting the new nic with the second subnet with no gateway
> but the IP addresses dont work. I can only ping IP addresses on the
> new subnet when the gateway is in the second nic.<!--colorc--><!--/colorc-->

It is because it is a Server,...not a LAN Router.
You are not supposed to be able to ping it by any other IP on any other Nic.
You can only ping from a Host that is on the same subnet as the IP you
pinged, and even that assumes that the source and destination on on the same
"wire",...then same physical layer.
You need to stop createing problems you shouldn't create then try to solve
the problems that shouldn't have been created.

Run the Server on one IP#,...on one Nic,...on one subnet.

--
Phillip Windell

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------

 

"foxj77" <foxj77@gmail.com> wrote in message
news:1096baba-0981-4afc-954c-fdddc8147b94@f33g2000vbm.googlegroups.com...<!--coloro:blue--><span style="color:blue <!--/coloro-->
> I've tried setting the new nic with the second subnet with no gateway
> but the IP addresses dont work. I can only ping IP addresses on the
> new subnet when the gateway is in the second nic.
>
> The thing i am struggling to understand is why the options are there
> in the advanced settings in the network connections but they dont seem
> to make any difference.
>
> I appreciate this is not the best way to do things but it is only a
> temporary fix for a couple of months.
>
> Thanks for the assitance<!--colorc--><!--/colorc-->

You can't ping the other IP address because there is no route to it in your
infrastructure. This is a routing issue with your network.

Do you have a Visio of your network and what you're trying to do? Use this
Visio as an example of how to construct an Visio that is easy to read and
understand. This should also give you an idea what we're talking about
concerning routing within a network.


Also, what options are you referring to? To create multiple gateways? I have
four German Shepherds, two of which are police trained protection dogs. They
are extremely intelligent and smart, and if I try to get them to do
something that's not possible, they just look at me as if saying, What - you
know that ain't possible, right?? And they won't do it. The operating system
is very intelligent, but it ain't that smart, so there may not be any
built-in warning, so it relies on us to know its limitations.

Ace

 

What functions is the server providing on the network?

"Fox1977" <foxj77@gmail.com> wrote in message
news:f4c462a6-bb2b-4def-bba6-e7cbb27c7aa9@f16g2000vbf.googlegroups.com...<!--coloro:blue--><span style="color:blue <!--/coloro-->
> Hi there,
>
> I have a windows 2003 server with two network cards in running on two
> seperate subnets. These are running behind a firewall that (at
> present) doesnt route between the subnets.
>
> I have had to add the second card to the server in order to add the
> additional subnet as we needed to use more IP addresses. This server
> is in a data centre running a number of websites for our company.
>
> The server is running with the two subnets and by default all of the
> outgoing requests are going out on the new subnet. This is a bit of
> an issue as the server is part of a bigger network and there are a lot
> of routing rules in place. How do i get the requests to come from the
> server with the source IP address as the first subnet that was running
> on there?
>
> I have gone into the network connections > advanced > advanced
> settings and changed the order of the network cards so it uses the
> first network card/subnet but it still hasnt applied the changes. Why
> i go to an IP lookup website it still lists the new subnet as the
> source.
>
> Any ideas? Does the server need a reboot for the changes to apply? <!--colorc--><!--/colorc-->

 

The server is a web/database server. We have to run the server with
two nics as we have the two subnets on two different vlans on our
network. There is a routing issue where the firewall cannot route
between the two subnets as they are running on subinterfaces. We are
working to get the firewall swapped for another model i know this is a
pretty obvious flaw!

The sites that are running on the two subnets do not need to talk to
the other subnet and this is why we have tried to implement it this
way.

I have rebooted the box and managed to get it change the default IP
address ok.

The only issue I have now is that we are getting intermittent short
5-10 second outages on each alternative subnet. There's no pattern
with the outages. Anyone any ideas why.

Thanks for the advice so far.

Thanks


On 15 July, 00:43, "Kevin Longley" <kwlong...@cirtronics.com> wrote:<!--coloro:blue--><span style="color:blue <!--/coloro-->
> What functions is the server providing on the network?
>
> "Fox1977" <fox...@gmail.com> wrote in message
>
> news:f4c462a6-bb2b-4def-bba6-e7cbb27c7aa9@f16g2000vbf.googlegroups.com...
><!--coloro:green--><span style="color:green <!--/coloro-->
> > Hi there,<!--colorc--><!--/colorc-->
><!--coloro:green--><span style="color:green <!--/coloro-->
> > I have a windows 2003 server with two network cards in running on two
> > seperate subnets.  These are running behind a firewall that (at
> > present) doesnt route between the subnets.<!--colorc--><!--/colorc-->
><!--coloro:green--><span style="color:green <!--/coloro-->
> > I have had to add the second card to the server in order to add the
> > additional subnet as we needed to use more IP addresses.  This server
> > is in a data centre running a number of websites for our company.<!--colorc--><!--/colorc-->
><!--coloro:green--><span style="color:green <!--/coloro-->
> > The server is running with the two subnets and by default all of the
> > outgoing requests are going out on the new subnet.  This is a bit of
> > an issue as the server is part of a bigger network and there are a lot
> > of routing rules in place.  How do i get the requests to come from the
> > server with the source IP address as the first subnet that was running
> > on there?<!--colorc--><!--/colorc-->
><!--coloro:green--><span style="color:green <!--/coloro-->
> > I have gone into the network connections > advanced > advanced
> > settings and changed the order of the network cards so it uses the
> > first network card/subnet but it still hasnt applied the changes.  Why
> > i go to an IP lookup website it still lists the new subnet as the
> > source.<!--colorc--><!--/colorc-->
><!--coloro:green--><span style="color:green <!--/coloro-->
> > Any ideas?  Does the server need a reboot for the changes to apply?<!--colorc--><!--/colorc-->
>
><!--colorc--><!--/colorc-->