| Spencer Clark 2004-06-07, 3:56 pm |
| Dear all,
We are experiencing a very wierd issue with Windows 2003 Enterprise server.
Originally we had a Windows 2000 server and this gave us no issues what so
ever. It takes a while to explain so bear with me.
We have the following setup. We wish to communicate from a website on
Windows 2003 Enterprise server to a samba share on a SCO Openserver 5.0.6
unix box. the version of samba is 2.2.8a compiled in house. The website
pulls live stock information from the unix box each time a customer places
an order, and connects to the unix server to authorise credit card
payments.this is achieved by use of UNC paths to point at the relevent
shared folders on the unix server.
The network configuration on the unix server is as follows
192.168.0.241/24 10/100 Local network for
administration
192.168.10.241/24 10/100 ASP client network
192.168.11.241/24 Fibre network for link to websites and
data backups
The deafult gateway is setup as 192.168.0.1, this happens to be the
internal address of our Firewall. The firewall is a Watchguard firebox III
1000. Configured with all three interfaces on a public IP address and using
NAT for the private subnets.
Originally we had linked to this server a Windows 2000 server configured as
follows
192.168.0.254/24 10/100 Local network for
administration
192.168.11.254/24 Fibre network for link from websites
and data backups
X.X.X.254 Public ip address for web access
The default gateway for this server is 192.168.0.1. There is an entry in
winnt/system32/drivers/etc/hosts that points to the
192.168.11.241 address of the unix server. On this box all requests from the
website to the unix server are made using UNC paths, the host name of the
unix server matching the entry in the local hosts file.All connections work
as they should, through the fibre network. All well and good. We now reach
the problem. We are attempting to upgrade the server to Windows 2003
Enterprise.
the server is configured in a very similar way to the Windows 2000 server.
192.168.0.250/24 10/100 Local network for
administration
192.168.11.250/24 Fibre network for link from websites
and data backups
X.X.X.254 Public ip address for web access
The default gateway was originally 192.168.0.1. There is an entry in
winnt/system32/drivers/etc/hosts that points to the
192.168.11.241 address of the unix server. This is exactly the same as for
the Windows 2000 server.
Connections from this server choose any interface on the windows server to
make the connection, chosen randomly from all three available interfaces.
This rapidly became apparant as we restricted the shares on the unix box to
be only available on the 192.168.11.0/24 subnet. We were seeing a large
number of errors from the website saying it was unable to communicate with
the unix server. As soon as we enabled the samba share on the
192.168.0.0/24 subnet then all the error messages went away. the problem is
that we need to restrict the traffic between the website and the unix server
to the 192.168.11.0/24 subnet.
In order to try and achieve this we have carried out the following changes
to the networking configuration on the Windows 2003 server.
1. We have changed the default gateway of the Windows Server to 192.168.11.1
2. We have changed the bind order of the network cards to place the fibre
card as the first card.
3. We have entered manual metrics, assigning 1 to the fibre card and 20 to
the other 2 cards.
4. We have added a persistant static route to the unix server through the
fibre interface card.
5. We have removed the NetBios configuration from the two networks we do not
want to use.
None of this makes any difference. The windows server still randomly
selects an interface to connect through. We have tried re-installing the
operating system on another server, just in case there was an issue with the
hardware, but this produces the same results.
Any ideas on what is necessary to try to fix this would be appreciated
Spencer Clark
System Support Manager
|