Packet routing on Windows server with two NICs

Posted on

Packet routing on Windows server with two NICs – Managing your servers can streamline the performance of your team by allowing them to complete complex tasks faster. Plus, it can enable them to detect problems early on before they get out of hand and compromise your business. As a result, the risk of experiencing operational setbacks is drastically lower.

But the only way to make the most of your server management is to perform it correctly. And to help you do so, this article will share nine tips on improving your server management and fix some problem about windows, networking, , , .

This problem has me stumped. I have searched on Google but there is neither any mention of this behavior nor any explanation. Maybe I am using wrong search words. I have read solutions to many problems on this site but this is my first time posting a question.

I have several Windows 2008R2 servers configured with two NICs on each server. The first NIC is public, with IP address in the public domain, the second NIC has IP address in the private domain 10.0.0.0/8. The purpose of private IP is for clustering (Oracle RAC) so the private NICs are accessed only by Oracle and name resolution is done via hosts file.

The first NIC is configured with default gateway and DNS server. The second NIC has just the IP address and netmask. The IP address configured is 10.1.8.1/255.0.0.0.

On this server, if I do a tracert to 10.185.1.44 (another server on our network), it fails the first time. Second time, it succeeds. The behavior is consistent and reproducible on any server with two NICs.

As can be seen from the following output, in the first attempt, Windows tries to route the packets to the private interface and fails. In second attempt, Windows routes the packets to public interface and tracert is successful. I have removed the actual public IP addresses for security’s sake.

Q1: Why is Windows trying to reach 10.185.1.44 via private NIC in first attempt and then using the public NIC in second attempt?

Q2: The second observation is that once tracert is successful, if I do a next tracert within about 2 minutes, it is successful. If I try the next tracert after about 3 minutes, it fails the first time, then succeeds.

IPv6 is completely disabled. The binding order of adapters is public first, private next.

tracert 10.185.1.44   
Tracing route to 10.185.1.44 over a maximum of 30 hops
  1  myserver.mydomain.com [10.1.8.1]  reports: Destination host unreachable.
Trace complete.

tracert 10.185.1.44
Tracing route to 10.185.1.44 over a maximum of 30 hops
  1     3 ms    <1 ms    <1 ms  default gateway on public NIC
  2    <1 ms    <1 ms    <1 ms  next hop IP
  3     2 ms     1 ms     1 ms  next hop IP
  4     2 ms     2 ms     2 ms  next hop IP
  5     3 ms     2 ms     2 ms  next hop IP
  6     4 ms     2 ms     3 ms  next hop IP
  7     2 ms     3 ms     2 ms  next hop IP
  8     2 ms     2 ms     2 ms  next hop IP
  9     3 ms     2 ms     2 ms  10.185.1.44
Trace complete.

Any explanation of the phenomena will be appreciated.

Solution :

You need to read the post “How does Subnetting work”. Your two NICs, despite having very different octets are actually in the same subnet because of the very large subnet mask you’ve used. Because your default gateway is reachable by either subnet, the system is alternative NICs attempting to reach the destination when the first fails.

10.1.8.1/8 and 10.185.1.44/8 are in the same subnet. If you want to keep this simple, just use a different RFC1918 space like 172.16.0.0/12 or 192.168.0.0/16 networks.

Leave a Reply

Your email address will not be published.