VPC multihomed network

Discussion in 'Virtual PC' started by Jerry Dubuke, Jan 10, 2005.

  1. Jerry Dubuke

    Jerry Dubuke Guest

    Hi all,
    I am setting up a test environment for our corporate upgrade.

    I currently have a VPS set up as 2003 Standard server set up on local only
    for adapter 1 - 192.168.131.2 on a Windows XP Pro host.
    This server is running DHCP/DNS/AD.
    I added a second adapter - bound to host O/S physical NIC with DHCP and I am
    getting an getting IP address 192.168.1.x which is correct.

    I am able to ping the virtual network (have a second server installed local
    only), and I can ping the local network by name as well as IP address.

    What I *cannot* do is resolve any internet addresses. I get invalid ip
    address errors.

    I have the forwarding of the server set up to go to my main DNS server in
    the Hosts's network (192.168.0.10), which is how I can get my physical
    network resolution...

    What did I miss?

    Jerry
     
    Jerry Dubuke, Jan 10, 2005
    #1
    1. Advertisements

  2. Jerry Dubuke

    Bill Grant Guest

    What you have to do is regard the local only virtual network as another
    segment of your network and set up the routing accordingly. This means that
    you need to enable the virtual server as an IP router. It also means that
    your real network needs to know how to reach the virtual network. Since the
    Windows server gets a 192.168.1 IP address and your DNS server is in
    192.168.0 I presume you already have a segmented network.

    First up, I would not use the DC as the router. If you have a second
    server in the virtual network, use it as the RRAS server. As with NT,
    W2k/2003 has problems with multihomed DCs. Next, all the routers in your
    real network (including the Internet gateway router) need to know how to
    reach the virtual subnet via the virtual server router. Otherwise all
    requests will go to the default gateway router and be lost.

    I have had a setup like this running in VPC, so I can assure you that it
    works. You just need to set it up as you would set up a "real" new segment
    on your LAN. Also remember that AD clients need to use the local DNS service
    to find AD services. Set all machines in the virtual network to use the
    local DNS server, and set it (ie the local DNS server) to forward to your
    LAN DNS server at 192.168.0.10 (and/or a public DNS server).

    Here is a diagram of how mine was set up.

    Internet
    |
    public IP
    router
    192.168.0.1
    |
    private LAN (including VPC host)
    192.168.0.x dg 192.168.0.1
    |
    192.168.0.103 dg 192.168.0.1
    RRAS (virtual machine W2003 server)
    192.168.21.11 dg blank
    |
    192.168.21.1 dg 192.168.21.11
    DC (vm 2003 server with AD,DNS)
    |
    192.168.21.21 dg 192.168.21.11
    XP client (vm XP AD client)

    To make the routing work, the LAN machines need to know where the 192.168.21
    subnet is. You can enable NAT on the RRAS router (so all that the traffic
    uses the NAT router's 192.168.0 address). This works, but you are doing NAT
    twice to get to the Internet (and the "real" network can't contact the
    virtual one, because they are on the public side of the RRAS NAT). Or you
    can add routing info so that the real network can see the virtual network
    through the Windows router. In the example above, you would add a static
    route to the Internet router.

    192.168.21.0 255.255.255.0 192.168.0.103

    The Internet router then redirects 192.168.21.0 traffic to the internal
    router (and doesn't try to send it out to the Internet, where it gets
    dropped).
     
    Bill Grant, Jan 11, 2005
    #2
    1. Advertisements

  3. Jerry Dubuke

    Jerry Dubuke Guest

    this is what I thought...and I mistyped that 192.168.1 address - it is
    really 192.168.0...
    The internet problem was a brain-damaged loss on my part...I needed to point
    to my 192.168.0 proxy DUHHH....

    The next issue - - -
    since my VPC server is visible on the corporate LAN, and it is DHCP for the
    192.168.131 subnet, will I have problems when a pc powers up on my corp LAN
    getting a correct DHCP from my DHCP server on the 192.168.0 subnet? Not
    sure, but it seemed like right after I got my virtual set up, a couple of my
    users had problems with printing to a LAN printer, and logging in to the
    Corp Domain. I disabled the VPC connector on my HOST computer, and all
    settled back in...
    Jerry
     
    Jerry Dubuke, Jan 14, 2005
    #3
  4. Jerry Dubuke

    Bill Grant Guest

    It shouldn't be a problem unless you have specifically allowed DHCP
    relay. DHCP uses LAN broadcasts which don't cross routers. So the DHCP
    server should only get requests on the "local only" interface.
     
    Bill Grant, Jan 15, 2005
    #4
  5. Jerry Dubuke

    Bill Grant Guest

    The virtual server might be upsetting browsing on the LAN. If it is you
    can stop the computer browser service on it.
     
    Bill Grant, Jan 16, 2005
    #5
  6. Jerry Dubuke

    Jerry Dubuke Guest

    OK - so that makes the network burp a "coincidence" - gawd how I hate those!
    Thanks for the update.
    Jerry
     
    Jerry Dubuke, Jan 17, 2005
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.