Windows XP routing

Dell / OPTIPLEX 330
March 23, 2009 at 13:20:14
Specs: XP/SP3, Core2Duo 2.20ghz 2GB ram
I am trying to use a windows xp pc with two nics to route between a vlan (vlan 10) and (vlan 1)

I'm able to get things to almost work, but I can't seem to get access to more than 4 or 5 hosts on vlan 10.

Vlan 1 is 192.168.4.x and Vlan 10 is 192.168.14.x

When I say access, I mean pings. Interestingly enough the computer which is acting as the router can ping any address in Vlan10.

What am I missing here? I'm guessing either A it can't be done, or B, it's something else I missed.

Any help would be appreciated.

Thanks,

Andy


See More: Windows XP routing

Report •


#1
March 24, 2009 at 06:35:46
As far as I know, XP itself isn't capable of VLAN tagging so you must have another device that is. More than likely, it would be a managed L2 or L3 switch. If this is the case, please tell us what make/model switch you're using.

It would also be helpful to know how you have it configured at this time with regard to which ports are in which VLAN, etc.

I am trying to use a windows xp pc with two nics to route between a vlan (vlan 10) and (vlan 1)

So you have two static routes in XP's routing table. One pointing from 192.168.4.0 to 192.168.14.0 and the other in the opposite direction.......right?


I'm able to get things to almost work, but I can't seem to get access to more than 4 or 5 hosts on vlan 10.

If one works, then any number should work. This has nothing to do with your routing....or at least, it shouldn't! Provide details on your setup and with luck, we'll be able to help you.


Report •

#2
March 24, 2009 at 07:01:41
Thanks for the response!

Ok, well here's what I've got:

I'm using Adtran NetVanta managed switches. These are the 1224 models.

For the XP router I'm using a dell optiplex 330 running windows xp sp2 with two nics.

Two Vlans are configured on the Adtran switches. They are Vlan 1 192.168.4.x and Vlan10 192.168.14.x

I just noticed something you told me however. Those routes in the ip routing table....I don't think I put those in!


So If I'm correct I'm going to do this on the XP machine I'm using as a router:

route /p add 192.168.4.0 mask 255.255.255.0 (gateway to 192.168.14.x)

and

route /p add 192.168.14.0 mask 255.255.255.0 (gateway to 192.168.4.x)

If not how should I be doing that?

I think we'll start there.


Report •

#3
March 24, 2009 at 07:20:11
That looks right for adding a persistent route. I haven't ever really done it in windows, only in UNIX and there are some minor differences, but you can use google to research the routing to be sure.

Do get back to us here and let us know if that fixes the issue. I'm pretty sure it will since without a route between the two VLAN's, they will not be able to communicate.


Report •

Related Solutions

#4
March 24, 2009 at 08:24:57
Hmm doesn't seem like that worked.

I added routes 192.168.14.0 (destination) through the 192.168.4.x gateway...and then did another for the192.168.4.0 destination through the 192.168.14.0 gateway

After I did that everything came to a halt. Nothing could be pinged.


Report •

#5
March 24, 2009 at 08:33:00
vlans have nothing to do with routing in xp.
routing vlans have nothing to do with ip which is why they call it vlan [not ip] routing.

You add routing on top of vlans for more granularity of control. This is usually applied in large installations.

If your only issue is ping not being returned by a few hosts why would you look to your routing as the problem???? If you can get to one you can get to all.

Consider reviewing the firewall settings on the pcs that don't return ping.


Report •

#6
March 24, 2009 at 08:55:01
I have tried this from multiple PC's with the same result. All have the firewalls turned off completely including the router PC itself.

I can telnet to the adtran switches which have their interface addresses on vlan 10 at addresses 192.168.14.240-245 from the router PC.
However, I can't get to them on my PC, or the others ive tried.

I can ping any host in vlan10 through the router pc and I get a response, however through my PC and the others, I do not get responses from hosts past 192.168.14.5.

On the test PC's I'm using a static persistent route:

192.168.14.0 (destination) mask 255.255.255.0 192.168.4.x (gateway)

I can ping/access any address on vlan10 from 192.168.14.1-5. Nothing past that beginning with 14.6.

I'm not sure what else the problem would be if it's not firewalls, and not the static route


Report •

#7
March 24, 2009 at 16:06:51
at the router pc can you ping anyone/everyone on both ip subnets [forget about vlans]

Do you have gateway entries on both nics in the xp router host? You should not.

Does each subnet host have the xp router as gateway for its ip segment?

Now just to make sure you are running ICS on the xp box?
Each adtran is connected to a nic and not each other?
I have no idea why you would be using vlans under these circumstances but just to check each set of pcs of each adtran are all in the same vlan in common with the xp nic?


Report •

#8
March 25, 2009 at 09:19:43
To answer your question about the vlans use we have one for data and one for phone. I want to set up intervlan routing because it is necessary to allow remote IP phones.

I've thrown out the xp box as a router thing because I actually have a real router now. So, I set up a cisco 1710 with the following:

Building configuration...

Current configuration : 1060 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname xxxx
!
enable secret
!
memory-size iomem 15
ip subnet-zero
!
!
no ip domain lookup
!
ip audit notify log
ip audit po max-events 100
vpdn enable
!
no ftp-server write-enable
!
!
!
!
!
!
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Ethernet0
no ip address
ip nat outside
shutdown
half-duplex
!
interface FastEthernet0
no ip address
ip nat inside
ip policy route-map nonat
speed auto
!
interface FastEthernet0.1
encapsulation dot1Q 1 native
ip address 192.168.4.25 255.255.255.0
!
interface FastEthernet0.10
encapsulation dot1Q 10
ip address 192.168.14.5 255.255.255.0
!
ip classless
no ip http server
no ip http secure-server
!
!
!
!
line con 0
password 7 xxxxxx
line aux 0
password 7 xxxxxx
login
modem InOut
transport input all
flowcontrol hardware
line vty 0 4
password 7 xxxxxx
login
!
!
end


We have five Adtran switches as this site and 2 between a couple of other buildings that are connected by wireless RF links.

All of the switches here in this building are connected together through uplinks. The cisco router is connected by one ethernet cable from it's fasteth0 port to a port on one of the switches. We have a gigabit backbone switch so I put it in that one. I've moved it around from switch to switch though. Wherever I plug it in, it doesn't really seem to matter.

I run test pings on the router to confirm I have connectivity between both vlans. Multiple addresses from vlan1 return pings, and so does vlan10.

Vlan10 pings from within the router come out like this:

router#ping 192.168.14.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.14.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
router#ping 192.168.14.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.14.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/5/8 ms
router#ping 192.168.14.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.14.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/8 ms
router#ping 192.168.14.5

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.14.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
router#ping 192.168.14.6

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.14.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
router#ping 192.168.14.7

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.14.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
router#ping 192.168.14.8

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.14.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/6/8 ms
router#ping 192.168.14.9

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.14.9, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/7/12 ms
router#ping 192.168.14.10

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.14.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

Notice I was able to get responses all the way up to 192.168.14.10.

Everything looks good so far....

Until...

I return to my PC and add a static route

route /p add 192.168.14.0 mask 255.255.255.0 192.168.4.25

I then do the same Ping tests I did at the router and here was the result for vlan10 addresses:

C:\Users\Akent>ping 192.168.14.1

Pinging 192.168.14.1 with 32 bytes of data:
Reply from 192.168.14.1: bytes=32 time<1ms TTL=254
Reply from 192.168.14.1: bytes=32 time<1ms TTL=254
Reply from 192.168.14.1: bytes=32 time<1ms TTL=254
Reply from 192.168.14.1: bytes=32 time<1ms TTL=254

Ping statistics for 192.168.14.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\Users\Akent>ping 192.168.14.2

Pinging 192.168.14.2 with 32 bytes of data:
Reply from 192.168.14.2: bytes=32 time=4ms TTL=254
Reply from 192.168.14.2: bytes=32 time=5ms TTL=254
Reply from 192.168.14.2: bytes=32 time=4ms TTL=254
Reply from 192.168.14.2: bytes=32 time=5ms TTL=254

Ping statistics for 192.168.14.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 4ms, Maximum = 5ms, Average = 4ms

C:\Users\Akent>ping 192.168.14.3

Pinging 192.168.14.3 with 32 bytes of data:
Reply from 192.168.14.3: bytes=32 time=5ms TTL=254
Reply from 192.168.14.3: bytes=32 time=4ms TTL=254
Reply from 192.168.14.3: bytes=32 time=4ms TTL=254
Reply from 192.168.14.3: bytes=32 time=3ms TTL=254

Ping statistics for 192.168.14.3:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 3ms, Maximum = 5ms, Average = 4ms

192.168.14.4 (nothing is assigned to this IP)

Pinging 192.168.14.5 with 32 bytes of data:
Reply from 192.168.14.5: bytes=32 time=1ms TTL=255
Reply from 192.168.14.5: bytes=32 time=1ms TTL=255
Reply from 192.168.14.5: bytes=32 time=1ms TTL=255
Reply from 192.168.14.5: bytes=32 time=1ms TTL=255

Ping statistics for 192.168.14.5:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 1ms, Average = 1ms

C:\Users\Akent>ping 192.168.14.6

Pinging 192.168.14.6 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 192.168.14.6:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

C:\Users\Akent>ping 192.168.14.7

Pinging 192.168.14.7 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 192.168.14.7:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Notice we're already dead in the water by 192.168.14.6. Remember that when pinging from the router I was able to get all the way beyond 14.6 to 14.10.

I also used Angry Ip scanner to run an IP scan from my PC on vlan10, and it found the 4 hosts I'm able to ping, and all the rest were dead in the entire range for 192.168.14.0.

I would think I should be able to talk to both subnets in their entirety as long as I use the proper gateway which I believe I have.

I know I have turned the tables with the Cisco router now being thrown into the mix, but I've done my best to explain.

Any thoughts would be appreciated. Thanks!



Report •

#9
March 28, 2009 at 17:02:51
Well I finally figured this out.

Basically the problem came down to default gateways. Because of the fact that ALL of the equipment on vlan 10 with the exception of a few things had either no default gateway or a default gateway of 192.168.14.10 specified, so my router, being not on that gateway, wasn't going to cut it, AND the 192.168.14.10 "gateway" isn't a router it's actually our voicemail system.

Dhcp on the adtran switches was dishing out 192.168.14.10 as the default gateway, so if I change it to the vlan 10 address of the inter vlan router I should be good.


Report •


Ask Question