VMware Cloud Community
KenatEMC
Contributor
Contributor
‎02-19-2009 08:55 AM
Jump to solution

Routing between two network adapters

I have 8 fiber switches that are configured to use a private network for management.

The subnet is 192.168.8.0/24.

I have a W2K3 server (SERVER-A) with two NIC, one NIC (192.168.8.1) is attached to

the 192.168.8.0 subnet and the other NIC (192.168.100.14) is attached to the 192.168.100.0/24 subnet.

I have set up two persistent routes to route between these NIC using the following commands:

route -p add 192.168.8.0 mask 255.255.255.0 192.168.100.14

route -p add 192.168.100.0 mask 255.255.255.0 192.168.8.1

I have another W2K3 server (SERVER-B) with a single NIC (192.168.100.12) that needs to be able

to communicate with the fiber switches thru tcp/ip. The packets need to be routed back to this server.

On it I set up a persistent route:

route -p add 192.168.8.0 mask 255.255.255.0 192.168.100.14

Everything work just fine.

(Assume SERVER-A and SERVER-B are now powered off)

I'm trying to replicate this on my VMware ESX 3.5upd3 Server.

The ESX server has two NIC, one attached to each of the subnets. I create a VM to replace SERVER-A

with the same number of NICs and the same IP addresses.

I then create the routes as follows:

route -p add 192.168.8.0 mask 255.255.255.0 192.168.100.14

route -p add 192.168.100.0 mask 255.255.255.0 192.168.8.1

PROBLEM: As soon as I add the second route I can no longer ping any server on the 192.168.100.0 subnet.

This also causes logins to take a very long time.

Do I need to set up routing between the NICs at the ESX level to make this work?

If so want might the command look like? If not what might my problem be?

Thanks in advance for helpful responses

0 Kudos
1 Solution

Accepted Solutions
kjb007
Immortal
Immortal
‎02-19-2009 11:48 AM
Jump to solution

If you want to set up your machine as a router, then you have to let the router know it's next hop. Right now, the next hop from the machine is its own interfaces, which won't work. And since you're not running some kind of routing protocol, giving two ways to exit the server is also not a good idea, because it does not know which one to use. It will use 1 for some and the other for some.

To do what you intend (or I think you intend), you need to remove the static routes, and pick a default route, which would be your next hop. This should be another router in your environment. Then, the other servers you want to route through ServerA, you would point to ServerA's interface on that segment.

Hope that makes sense.

-KjB

vExpert/VCP/VCAP vmwise.com / @vmwise -KjB

View solution in original post

0 Kudos
5 Replies
kjb007
Immortal
Immortal
‎02-19-2009 11:14 AM
Jump to solution

Looking at the route commands you have posted, you are trying to route your networks through the opposite interface. Meaning, traffic for 192.168.8.0 will go out 192.168.100.14, and traffic for 192.168.100.0 will go out 192.168.8.1. Is this really your intention? This does not sound like it would work, unless your router will allow you to tunnel your traffic over layer 2 through the opposite VLAN, which can be done, but I don't think is your intent. Check your binding order, because it appears that is exactly what is happening in your case. It is most likely reversed, but by default, since you are only trying to talk to machines on the same subnet as your interfaces, they will go out the interface that is on the same segment. So, with your routes as posted, you are altering the default behavior, and attempting to force the traffic destined for the same subnet, to go out the opposite interface.

-KjB

vExpert/VCP/VCAP vmwise.com / @vmwise -KjB
0 Kudos
KenatEMC
Contributor
Contributor
‎02-19-2009 11:35 AM
Jump to solution

I think my design is bad. What I was trying to do is use SERVER-A as a VM router AND run the application. I just need to get packets to and from the network that the fabric switches are on (192.168.8.0) from the 192.168.100.0 subnet.

I'm going to try building a VM router with two NICs, 192.168.100.8 and 192.168.8.1

Then setup a route on each server that needs to access the fiber switches.

route -p add 192.168.8.0 mask 255.255.255.0 192.168.100.8

thanks for responding

0 Kudos
kjb007
Immortal
Immortal
‎02-19-2009 11:48 AM
Jump to solution

If you want to set up your machine as a router, then you have to let the router know it's next hop. Right now, the next hop from the machine is its own interfaces, which won't work. And since you're not running some kind of routing protocol, giving two ways to exit the server is also not a good idea, because it does not know which one to use. It will use 1 for some and the other for some.

To do what you intend (or I think you intend), you need to remove the static routes, and pick a default route, which would be your next hop. This should be another router in your environment. Then, the other servers you want to route through ServerA, you would point to ServerA's interface on that segment.

Hope that makes sense.

-KjB

vExpert/VCP/VCAP vmwise.com / @vmwise -KjB
0 Kudos
KenatEMC
Contributor
Contributor
‎02-19-2009 01:41 PM
Jump to solution

The problem is resolved. Thanks for the help. I made this much harder that it needed to be.

0 Kudos
kjb007
Immortal
Immortal
‎02-19-2009 05:22 PM
Jump to solution

Don't forget to leave points for helpful/correct posts.

-KjB

vExpert/VCP/VCAP vmwise.com / @vmwise -KjB
0 Kudos