OCS server multiple gateways

All replies

• 

  

  0

  Sign in to vote

  In general you should have only one default gateway on the EDGE

  The one configured on the external interface

   

  I guess they mean in the graphic to add specific static routes in the configuration of your server for your internal routes

   

  We have had our EDGE server reviewed by someone from Microsoft Consulting and they insisted that the default gateway was on the external interface

  Friday, August 29, 2008 12:52 PM
• 

  

  0

  Sign in to vote

  Thanks for the reply. Specific static routes is what would make sense to me.  Looks then that the graphic may need a bit of rework as they specifically state multiple default GWs.. 

  Friday, August 29, 2008 3:59 PM
• 

  

  0

  Sign in to vote

  You are absolutely right on that 2 different default GW does not make sense.

  Maybe I can contact someone via our partner channel to verify

   

  Friday, August 29, 2008 9:17 PM
• 

  

  0

  Sign in to vote

  It's kind of odd that they'd have got that so wrong on a paper that deals spcifically with perimeter network config.

   

  Friday, August 29, 2008 9:31 PM
• 

  

  0

  Sign in to vote

  You can find some more information in this article on Technet

  http://technet.microsoft.com/en-us/library/cc779696.aspx

   

  I still would prefer static routes instead of using multiple Def GW

  Using multiple gateways

  If you have multiple interfaces and you configure a default gateway for each interface, TCP/IP by default automatically calculates an interface metric that is based on the speed of the interface. The interface metric becomes the metric of the default route in the routing table for the configured default gateway. The interface with the highest speed has the lowest metric for its default route. The result is that whenever multiple default gateways are configured on multiple interfaces, the fastest interface will be used to forward traffic to its default gateway.

  If multiple interfaces of the same speed have the same lowest interface metric, then, based upon the binding order, the default gateway of the first network adapter is used. The default gateway for the second network adapter is used when the first is unavailable.

   

  In previous versions of TCP/IP, multiple default gateways all had a default route metric set to 1, and the default gateway used depended on the order of the interfaces. This sometimes caused difficulty in determining which default gateway the TCP/IP protocol was using.

   

  The automatic determination of the interface metric is enabled by default through the Automatic metric check box on the IP Settings tab on the advanced properties of the Internet Protocol (TCP/IP) protocol.

   

  You can disable the automatic determination of the interface metric and type a new value for the interface metric.

   

  Monday, September 1, 2008 8:51 AM
• 

  

  0

  Sign in to vote

   

  So I've stumbled across this great read showing two default gateways: http://www.microsoft.com/downloadS/details.aspx?FamilyID=e4a8d703-e41a-47d9-b9dd-2799f894af92&displaylang=en 

   

  The Microsoft design on page 18 shows each edge server with dual gateways in a multi-firewall scenario. The text also reads:

   

  Each has its own default gateway and dual network interface card (NIC).

   

  In a single firewall scenario the "dead gateway detection" in Windows 2003/2008 will result in connectivity issues if both gateways are on the same network:

   

  To accommodate the need for one interface for internal and one for external traffic, you would need to configure both gateways on each network adapter, one internal and one external. This is not recommended because the dead gateway detection function of the Windows® operating system uses the second gateway for failover.

  Dead gateway detection is a TCP feature in Windows Server 2003 and Windows Server 2008 that identifies when a gateway is not functioning properly and reroutes traffic to the next gateway on the list. Thus, if you configure both gateways, you risk connectivity interruptions on either incoming or outgoing traffic when dead gateway detection switches the active default gateway.

  As a result, the preferred resolution is to have two subnets and two routers,

   

  So I think the answer is finally clear....

   

   

   

  Monday, September 1, 2008 5:43 PM
• 

  

  0

  Sign in to vote

  Not entirely clear to me.  Two subnets, two routers, yes.  But two default gateways?  Multiple DGs are intended to provide failover in a single subnet, but expressly not failover between disjoint subnets, for reasons already discussed?

   

  Tuesday, September 2, 2008 11:43 PM
• 

  

  0

  Sign in to vote

  Deli Pro-Exchange wrote:

  You are absolutely right on that 2 different default GW does not make sense.

   

  My consolidated edge server does not work with a single default gateway!

   

  I have three interfaces:

   

  1. internal to our private network, no default gateway

   

  2. DMZ: separate private subnet with 2 NATted addresses for access and webconf. If I do not set a default gateway on this interface pointing to the router, I cannot login as a remote user.

   

  3. A/V: direct connected to outside using a public IP address and a default gateway address pointing to our provider. If I delete this gateway I cannot do audio or video calls.

   

  I have disabled dead gateway detection in the registry. It seems to work fine but sometimes I get interruptions on external VoIP calls.

   

  I did not have enough public addresses to use them in our perimeter network.

  Thursday, September 11, 2008 9:08 AM