Ethernet routing to a second subnet from a wintel machine

No, you need to add an IP route.

Won't help a bit if you don't add an IP route.

Are they on the same IP subnet?

-- mrr

Does your 'wintel' machine have an address on that network, or an interface route to it through the correct interface?

I'm not sure why you need a static ARP entry. If your host has an address in the correct network and a route to it, ARP will just happen in the background. Actually, even just a static route would do, provided you didn't expect to get any traffic back.

- Philip

ce

I don't think it has, it only has the IP address acquired via dhcp from my ISP. I am not familiar with wintel systems, this is why I ask if there is a way - although if there were one I would expect it to be obvious enough to me.

no

t.

Well that is straight forward enough. On my DPS machines, outbound packets will route according to an entry (or "subnet", ARP table entries are maskable) in the ARP table; if no routing entry is found in the ARP table, the packet will go down its respective subnet gateway if it belongs there; if it is on the same subnet and there was no ARP entry for it, a network ARP query will be initiated. I expected similar behaviour from windows; but no, the manually set ARP entry is ignored.

o get

Nope, does not work on windows.

Dimiter

------------------------------------------------------ Dimiter Popoff Transgalactic Instruments

------------------------------------------------------

You're probably asking for more than the XP is able to fill in.

To route packets from the ISP's net to a local subnet and back needs NAT (Network Address Translation), which is Internet Connection Sharing in windowspeak.

I'm not sure if XP is able to associate two different networks with one physical interface. Linux calls it IP Alias. You would need one static address and one DHCP on the same Ethernet card, and this is probably Greek to Windows. I'd buy a second interface card, if it is mechanically possible.

No-no, I am not asking for that. I just want the packets originating from the windows machine to go to the DPS machine on the same wire, I am not expecting windows to route incoming IP traffic to the DPS machine, nor to do NAT for the DPS machine and route its IP traffic out to the Internet. I am just after a local connection without disconnecting the wintel machine from the Internet. What I do now is manually set the windows IP address to 192.168.100.something and access the 192.168.100.something_else machine; I did not have to do that until recently but my ISP began to give me via dhcp addresses from _different_subnets_ over the same cable modem (yes, they are morons and I wish I had options), and lately began limiting the number of addresses they give me (used to give me 5 with no problem for years - before a takeover took place...).

Dimiter

------------------------------------------------------ Dimiter Popoff Transgalactic Instruments

------------------------------------------------------

Is adding a NAT router an option? The router would pick up the ISP's DHCP info while your Windows and DPS machines would both be on the same local non-routable network.

It is an option of desperation, of course, but adding another box only because windows cannot do the correct lookup in its ARP table is what it is... :-) . Actually I could make the DPS machine behave as a router and all that - will do it before too long - but there should be a way devices on the same wire to communicate with each other...

Then I prefer that window machine to be with a real IP address, it keeps a listening VNC viewer to accept support connections from customers etc. Port forwarding will do most if not all of what my current needs are but I still cannot accept that a purely software issue - a very simple to solve one - will force me to add hardware etc.

Dimiter

------------------------------------------------------ Dimiter Popoff Transgalactic Instruments

------------------------------------------------------

So you're asking for an IP alias on the only NIC. I did not find such an option on my copy of XP. However, there are plenty of differently crippled XP editions, so some of the more capable editions may be able.

So you are saying it can't work normally? I am not a lot more of a wintel user than the average office worker, hence my post to the community. Using some crippled version etc. will not be what I will try out, I'll rather keep on switching manually the IP address of the wintel pc until I solve it by adding functionality to the DPS side.

Thanks,

Dimiter

------------------------------------------------------ Dimiter Popoff Transgalactic Instruments

------------------------------------------------------

To quote Maxwell Smart: 'Sorry about that, boss'.

The capabilities of different XP editions are more fine-grainedly limited than in previous Windowses. My copy is Windows XP Professional, but it is a pretty limited version, though not as bad as Home edition. I checked it once more: There is an alternate IP configuration available, but it cannot be used at the same time as the primary address.

Technically, an IP alias makes the interface to respond to ARP requests for the alias address in addition to the main address. Also, the sending IP in the IP headers has to be set to match the subnet it is sent to.

So you want to assign one static, and one DHCP address to a single NIC? At least on XP, that was possible, but needed to be done via a registry edit:

I've heard that this is broken on Win7, but can't confirm.

I am not entirely sure of the rules involved, but I believe this is incorrect behaviour for IP routing.

If your PC interface has an address 192.168.0.20 with a /24 mask, then any packets addressed to IP addresses outside that range should be sent according to the routing table - which will send them to the default gateway if nothing else is defined. I think that if you have an ARP table entry for an IP address that is not on the network of the interface, then that entry is invalid. Windows is correct here in not sending the packet on.

The ideal arrangement is if Windows had something equivalent to Linux interface aliases, which allow you to put more than one IP address on the same network interface. However, as is usual in network issues, Windows is far less flexible than Linux.

I have an idea for a solution, however - if you are up for some downloading and fiddling around. I hope my description is accurate - I don't have any windows machines here at home that I can test with.

If you install a TAP-Win32 interface, you can make a virtual network interface. These are used, amongst other things, by OpenVPN - my guess is that the easiest way to install such an interface is to install OpenVPN but don't bother setting up a tunnel (although if you actually want a VPN, then I recommend OpenVPN as an excellent solution).

Once you have a TAP-Win32 interface, open the "network interfaces" control panel window, and give it a useful name, and assign it a static address on your 192.168.100.x network. Then select your normal interface and the TAP interface, right-click and choose to make a bridge connecting them. If it all works out nicely, both interfaces will be connected on a virtual bridge to your real network interface, and the TAP interface will give you a second IP on 192.168.100.x connected to the same physical port.

I /do/ hope you don't have the windows machine connected directly to the internet without a decent firewall or at least a NAT router between them?

I got it working - ya-hoo!!! A guy posated this link on a Bulgarian-language forum and it worked:

Link to the BG language forum topic:

Thanks to all who replied and in particular to 'bobyk' on the mcu-bg.com forum!

Dimiter (imagine me bouncing :-) )

------------------------------------------------------ Dimiter Popoff Transgalactic Instruments

------------------------------------------------------

Thanks - that is the same link I got at almost the same time on the mcu-bg.com forum (perhaps I looked there first :-) )!

Works indeed!

Dimiter

Nothing invalid about it, as it takes a specific (perhaps manual) intervention to define an ARP route. Just tried it out, the DPS machine has no problem reaching the wintel pc either at its 192.168.100.xx or at it 85.130.xx.xx address. Just some additional functionality which is in no ones way. Would have worked without adding the second IP address to the wintel pc if they also had that functionality, but I am fine and happy now anyway :-).

Dimiter

You may also use ipv6 (the CURRENT Internet, as of 4 years ago) on the wire if your applications support that. Just fire up rtadvd on one of your servers.

-- mrr

Windows (XP, at least, not sure about others) is perfectly happy with multiple IP's on a single NIC. I don't know what the max number is, but I've successfully run 4 IPs, which was all I needed at the time. By default, when configuring multiple IP's on a NIC, one of them cannot be acquired via DHCP, but others have posted a Registry hack that will change that behavior.

Don't know this relevant in this case, but if you have a true bridge (not a plain hub), packets to and from any machine may not be seen on other bridge ports.

Was using wireshark recently to monitor traffic, network on one bridge port, machine on another, wireshark on another, nothing seen on wireshark. Caused a bit of head scratching until I realised what was happening. ie: the bridge learns what is connected to what and applies filtering so that each host receives only related traffic. With a hub, everything gets sent everywhere...

Regards,

Chris