Marvin L. Anglin
manglin@atlonline.com
Atlanta On-Line InterNet, Inc.
770-955-3000
-----Original Message-----
From: Dale E. Reed Jr. <daler@iea-software.com>
To: ntisp@iea-software.com <ntisp@iea-software.com>
Date: Saturday, July 24, 1999 5:36 AM
Subject: Re: [NTISP] Routing a subnet thru RRAS dialup line
>Danny Sinang wrote:
>>
>> A customer dials into our NT server 4.0 machine running RRAS and gets a
>> fixed or static IP address.
>>
>> Now he needs valid IP addresses for the PC's on his LAN.
>>
>> So this means I have to route through his dialup connection.
>
>Yep.
>
>> I've successfully routed all the way from my upstream provider to my NT
>> server. Now I need to tell my NT server to route through the dialup
>> connection.
>
>Thats the trick (see below).
>
>> Problem is, you can't specify which interface you want to use in the
"route
>> add" command in NT. And even if there was a way, what is the name of the
PPP
>> interface that my customer dialed into ?
>
>You don't need to. There are only two kinds of routes: next hop and
>default.
>Default is everything you don't know. A next hop route is where you
>define
>an ip or subnet to be routed to an IP address KNOWN to your router (NT).
>Its not legal to route to an IP that isn't known, and by known I mean
>an IP address in the subnet of one of your ethernet interfaces.
>
>
>Here is a section from my 1995 (wow, that was a while ago) set of NT
>FAQS that I use to keep. The comments from the guy below were about NT
>3.51,
>not NT 4. AFAIK, you don't have to add the routes on NT4 to get this to
>work.
>
>
>> Q4C-1: How do I enable IP routing between a
>> WindowsNT PPP/SLIP connection to the internet and the local IP
>> subnet?
>>
>> Do not use the same IP address for the local ethernet card and
>> the RAS PPP to PPP link. The local ethernet card should have an
>> IP assigned from you local subnet, and the PPP IP address should
>> be assigned from the Internet providers subnet you are dialing into
>> using RAS.
>>
>> Enabling Routing of IP Packets on RAS Clients for NT:
>>
>> \HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
>>
>> IPEnableRouter
>> REG_DWORD:0x1 Enables IP routing
>> REG_DWORD:0x0 Disables IP routing
>>
>> You must set the DisableOtherSrcPackets registry entry on RAS clients
>> if you want to route IP packets through that RAS client. This parameter
>> only affects forwarding of packets on the client side--this does not
>> affect the server.
>>
>> Note: (I could not find this entry so I assume you must add it.)
>>
>> The registry path for this entry is:
>> \HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RasArp\Parameters
>>
>> DisableOtherSrcPackets
>>
>> REG_DWORD:0x1 Disable IP packets from external sources
>> REG_DWORD:0x0 Enable IP packets from external sources
>>
>> Controls the routing of IP packets with an IP source address other than
>> the IP address of the RAS network adapter card.
>>
>> Set to 0 packets with source address other than the IP address of the
>> RAS adapter will be sent.
>>
>> Set to 1 packets with source address other than the IP address of the
>> RAS adapter will not be sent.
>>
>> Default: 1
>>
>> We received the following message from Carl Byington with comments
>> on the use of Windows NT as a TCP/IP gateway with IP routing enable.
>>
>>
>> FROM: Carl Byington
>> TO: Steve Scoggins
>> DATE: 11/9/94 11:23 AM
>>
>> Re: Routing with PPP works!
>>
>> Well, it does work but there are some pitfalls.
>>
>> We have a class C internet network that is subnetted, and my part of it
uses the subnet mask
>> 255.255.255.248 - that gives me 8 host addresses, 2 of which are loopback
and broadcast so
>> I can have 6 hosts on my subnet, although I currently have only two
machines. My host
>> addresses are .17 and .18 and the reserved ones are .16 and .23.
>>
>> The .18 machine is the secondary machine without a modem. The .17
machine is the primary
>> machine with the modem and another IP address for the RAS link.
>>
>> The RAS link uses IP addresses .9 (the Unix end) and .10 (my end). Note
that this puts the
>> RAS link on a different network than my local ethernet.
>>
>> I have
SYSTEM/CurrentControlSet/Services/RasArp/Parameters/DisableOtherSrcPackets
set
>> to 0 (I had to create this entry).
>>
>> I have SYSTEM/CurrentControlSet/Services/Tcpip/Parameters/IPEnableRouter
set to 1.
>>
>> The configuration for .18 is
>> default gateway = .17
>> dns server address = .130
>>
>> The configuration for .17 is
>> default gateway = .17
>> dns = none
>>
>> The RAS configuration on .17 is
>> require specific IP address = .10
>> dns server address = .130
>> use default gateway on remote network
>>
>> With that configuration, if I just boot .17, I can ping .18 but not .130
since we are not
>> connected yet. After bringing up the RAS link, I can ping .130 and the
rest of the world.
>> HOWEVER, we are not done yet. Attempts to ping from .17 to .18 cause NT
to die with the
>> blue screen. This is on the 807 debug build from MSDNII.
>>
>> So we reboot .17 and this time set a static route to .18 with
>> 'route add x.x.x.18 x.x.x.17'
>> reconnect the RAS link and everything works like a charm. Both .17 and
..18 can ping the
>> world thru the RAS link, and both can run Mosaic. WHEE!!
>>
>> It seems that the 'use default gateway on remote network' setting in the
RAS tcp/ip dialog
>> overrides all the local routing unless you have static routes set. If
the local network had a lot
>> of machines, that would be a real pain. In my case, I can just have the
startup group run a
>> single route add command.
>>
>> The other problem is that the route add does not work unless you are
logged in with
>> administrator privileges, and it does not stick around between reboots.
Therefore, after every
>> reboot, you need to log in as administrator and reset the local static
routes. If you fail to do
>> this, then bringing up the ras link and pinging local machines kills your
machine. Oh well, at
>> least the consequences are severe enough that the training time is fairly
small.
>>
>> Thank you very much for all your help with this!
>
>
>
>--
>
>Dale E. Reed Jr. Emerald and RadiusNT
>__________________________________________
>IEA Software, Inc. www.iea-software.com
>
>For more information about this list (including removal) go to:
>http://www.iea-software.com/support/maillists/liststart
>
For more information about this list (including removal) go to:
http://www.iea-software.com/support/maillists/liststart