Re: Help requested with RIPv1 lan issues (UK school)

From: Ron Lowe (ron-msng_at_{d.e.l.e.t.e.}lowe-family.me.uk)
Date: 12/11/04 

Date: Sat, 11 Dec 2004 11:44:58 -0000

"andy" <andy@login2.net> wrote in message
news:ehZlphx3EHA.3120@TK2MSFTNGP12.phx.gbl...
> Hi,
> I am looking for some guidance and comments on a issue we are seeing on
> our
> school network.
>
> Scenario: 9 servers, 3 DC's all Server 2003 standard or Enterprise. One
> ISA
> 2000 server, Exchange 2003 server, SMS 2003, MOM 2005. Full SP. 650 XP Pro
> clients some SP2 others SP1.
>
> Clients are grouped together in sets of 15 or 30 depending on room size,
> each room is connected via a 100MB (cat 5e) switched network to a gigabit
> backbone (all fibre). We have two sites linked by Gigabit fibre. Our core
> switches are 3Com with DLink switches in the classrooms.
>
> We use addresses in the range 192.168.x.y on our network where x =
> classroom
> number and y=pc within the classroom, we have a persistent route
> configured
> on each client that points to the 192.168.2.0 subnet which is where our
> servers live.
>
> Our servers have static routing entries to all our subnets.
>
>
> We have suffered several network issues over the last three months:-
>
> AD replication issues, high packet loss, loss of mapped user drives.
>
> So we replaced our Allied Telesyn switches with new 3Com, replaced our
> site
> to site fibre and have had new links pulled in from the cabs to our server
> rooms.
>
> We rebuilt AD and the servers are replicating perfectly, however we still
> have odd students who fail to have their drive mapped at login or who
> loose
> access to their drive whilst logged in. There appears to be no pattern as
> this occurs at random. Logging out and logging back in always restores the
> users access to mapped drives. The event log on the clients indicate that
> the share is offline.
>
> So, I have been monitoring our LAN using Ethereal and I am seeing bursts
> of
> RIP v1 request traffic from our clients that cause our normal client to
> server pings to rise from <4ms to around 170ms with the occasional
> 'request
> timed out' occurring. Watching the wire it seems that each RIP request
> lasts
> around 3 or 4 seconds. Sometimes in the space of 1/2 hr we may see 4 or 5
> clients making similar broadcasts, sometimes we see several clients making
> the same broadcast at the same time. We have no idea why some clients send
> the RIP request traffic and others don't.
>
> Could this be the cause of students loosing their mapped drives by hogging
> the network? Do we need to setup RRAS on a server to deal with these
> requests? or should we just disable RIP on the clients?
>
> Is there a easy way to disable RIP where it installed using group policy
> or
> similar without visiting each XP client?
>
> I did Google for answers and tried Usenet too. Any help is gratefully
> received.
>
> Andy.
>
>
>
>

Hi, I hope you dont mind me butting in...

Can we take a few steps back and look at your overall topology here?
Either I don't understand your topology, or you've got an odd topology.

Untill the underlying topology is working properly,
we can't really look at higher-level issues.

You describe a network where everything is connected together by switches.
Is that correct?
Yet then you go on to discuss RIP, static routes on clients etc.

RIP and static routes etc are used in a routed network,
to describe which routers connect to which subnets.
A routed network requires routers to define the seperate subnets, and route
between them.

Is that what you have?
It doesn't sound like it.

It sounds like you just have one large network ( or 'broadcast domain' ),
hooked together with switches.
You have then assigned IP addresses on different subnets on the same
network.
It sounsd like you are trying to route on a non-routed network.

It is possible ( but not common practice ) to have multiple IP subnets on
one network,
but you need to set up routing between them.

How are you currently routing traffic from (say) 192.168.10.x to
192.168.2.x?
How it that IP forwarding working?
Do you have routers to do this?
You say you have static routes on the clients to the 192.168.2.x subnet.
And static routes on the server to the classes.
Can you describe exactly what these routes point to as gateways?

Once we understand the how the existing routing ( or not ) works ( or not )
, then we can advise on how this ought to be set up.

I'm probably going to end up telling you that:

1) To do what you want, you need a router to handle each subnet.
   If you want a seperate subnet per classroom, you need a router per
classroom.
   ( or a muli-ported router that can handle multiple subnets. )

2) Routes don't belong on the clients or servers, and you should not be
running RIP
    on the clients or servers either ( unless they are explicitly
functioning as routers) .
    All routes should be statically ( or dynamically ) set on the routers.
    The clients should only have one route, and that should be the Default
Gateway route
    pointing at the router which handles the classroom.

3) If you don't want to buy a bunch of routers, then you should stop trying
to route.
   Accept the fact you don't have a routed network.
   Just set it up as such...

The easiest way would simply be to supernet the whole 192.168.x.x network.
To do that, simply change the subnet mask on all the machines to 255.255.0.0
Remove all static routes, and all RIP.
Now , the machines are all on the 192.168.x.x single subnet.
They will communicate by ARP on the local subnet across the switches.
There is no routing to be done. 

-- 
Best Regards,
Ron Lowe
MS-MVP Windows Networking