Re: New to RRAS for Routing
- From: "Bill Grant" <not.available@online>
- Date: Sun, 7 Aug 2005 10:27:20 +1000
Perhaps you could read a basic text on IP routing. A newsgroup like this
is a place for sorting out networking problems, not an academy. Here is a
brief outline of the basics.
To route between two subnets, you do not need any routes on the router
itself. The router has an interface in each subnet, so it is aware of both
subnets. If it receives a packet addressed to a machine in a subnet it
delivers it directly (ie "on the wire" using hardware addressing). The
important thing is that the packet must actually get to the router!
Here is an example of the simplest case. All traffic goes to the router
by default routing and is delivered in the "other" subnet.
192.168.0.x dg 192.168.0.1
|
192.168.0.1 dg blank
router
192.168.1.1 dg blank
|
192.168.1.x dg 192.168.1.1
If the default route is not to the internal router, extra routing info
is required to get the required traffic to that internal router. eg
Internet
|
gateway router
192.168.0.254
|
192.168.0.x dg 192.168.0.254
|
192.168.0.1 dg 192.168.0.254
router
192.168.1.1 dg blank
|
192.168.1.x dg 192.168.1.1
In this case, routing between the subnets fails. The default route of
the 192.168.0 subnet clients is to the gateway router, so the traffic for
192.168.1 never reaches the internal router. To make it work you must add
extra routing in the 192.168.0 subnet to get traffic for 192.168.1 to the
internal router.
This is where you can use static routes. To get the traffic to the
internal router you could add a static route
192.168.1.0 255.255.255.0 192.168.0.1
If you add this route to a machine in the 192.168.0 subnet, that machine
can be reached from 192.168.1 . If you add the route to the gateway router,
every machine can be reached, because the gateway router "bounces" the local
traffic to the internal router.
Using a proxy server changes the requirements because a proxy server
does not rely on default routing. The client has the IP address of the proxy
server coded in and can address it directly. But if the proxy server is in
another subnet, the proxy server must have the recessary routing information
to be able to route the return traffic to the client.
The LAT of a proxy server contains the addresses of all the subnets
which are "local" (ie on the inside of the local network). So if you add an
extra subnet to your LAN, you need to check that it is included in the LAT.
Stephen S wrote:
> Dear Phillip,
>
> Thank you for your advice. Maybe, I am new to Networking and Routing.
>
> Would you mind if I ask some more questions ?
>
> 1) In your point 1, all hosts on the LAN = Testing LAN ?
> 2) In your point 2, the RRAS Router already connected to different LAN
> segments. Does it mean that it is because I have enable "LAN
> Routing" in Configure, Custom configuration; check the box for LAN
> routing ? 3) In your point 3, do you mean the Internet Sharing Device
> = Proxy Server in my office ?
> 4) In your next mail, you mention there are entries have to be added
> to the Local Address Table, how many entires have to be added there ?
> a) Testing LAN Address
> b) ???
>
> Thanks again.
>
> "Phillip Windell" <@.> wrote in message
> news:enQt%23wcmFHA.576@xxxxxxxxxxxxxxxxxxxxxxx
>> I didn't quote your posts because the questions in it cannot be
>> followed with an answer according to the pattern and order you asked
>> them. I will layout the pattern for the design here. It is very
>> simple,...you are making
>> it 10 times,..no, 100 times harder than it needs to be.
>>
>> 1. The RRAS box is the LAN's router. Therefore all hosts on the LAN
>> use it
>> as their Default Gateway. The RRAS Router then, in turn, uses the
>> Internet
>> Sharing Device as its Default Gateway
>>
>> 2. The RRAS Router is already directly connected to the different LAN
>> segments, therefore it *already* knows about them,..because they are
>> directly connected,...therefore you do not add static routes to the
>> RRAS Router.
>>
>> 3. The Internet Sharing Device is only connected to one Internal LAN
>> Segment,...therefore it is not directly connected to the other LAN
>> Segments,...therefore it does not know about them like the RRAS
>> Router does.
>> Therefore the Internet Shareing Device needs a Static Route added to
>> its routing table (*its* routing table, not the RRAS box's routing
>> table) for the LAN Segments that it is not directly attached to. The
>> RRAS Router would
>> be the "gateway" used in the Static Route.
>>
>> All done,...simple and clean.
>>
>> --
>> Phillip Windell [MCP, MVP, CCNA]
>> www.wandtv.com
>> -----------------------------------------------------
>> Understanding the ISA 2004 Access Rule Processing
>> http://www.isaserver.org/articles/ISA2004_AccessRules.html
>>
>> Microsoft Internet Security & Acceleration Server: Guidance
>> http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
>> http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp
>>
>> Microsoft Internet Security & Acceleration Server: Partners
>> http://www.microsoft.com/isaserver/partners/default.asp
>> -----------------------------------------------------
.
- Follow-Ups:
- Re: New to RRAS for Routing
- From: Stephen S
- Re: New to RRAS for Routing
- References:
- New to RASS for Routing
- From: Stephen S
- Re: New to RASS for Routing
- From: Bill Grant
- Re: New to RRAS for Routing
- From: Stephen S
- Re: New to RRAS for Routing
- From: Stephen S
- Re: New to RRAS for Routing
- From: Stephen S
- Re: New to RRAS for Routing
- From: Stephen S
- New to RASS for Routing
- Prev by Date: Re: Router-to-Router VPN connects but doesn't route
- Next by Date: Re: Router-to-Router VPN connects but doesn't route
- Previous by thread: Re: New to RRAS for Routing
- Next by thread: Re: New to RRAS for Routing
- Index(es):
Relevant Pages
|
