Join Log in
Score:0
Hackjaku avatar Server

Windows Server 2016 unpredictable static routes

ch flag
Hackjaku

I am configuring routes on a Windows Server 2016 machine.

I've already set up a Lan to Lan VPN as follows on a DrayTek router:

Local network: 10.23.42.96/29

Remote networks: 10.41.73.0/24, 10.41.86.128/28

which is online and working. The network interface on the machine has two IPs:

IPv4 address. . . . . . . . : 10.23.42.98
Subnet mask . . . . . . . . : 255.255.255.248
IPv4 address . . . . . . .  : 10.123.11.200
Subnet mask . . . . . . . . : 255.255.255.0
Default gateway . . . . . . : 10.123.11.254

My goal is to set 10.23.42.97 as the gateway for all the traffic going to the two remote networks I listed before. I added three static routes with those commands:

route -p ADD 10.41.86.128 MASK 255.255.255.240 10.23.42.97 IF 17
route -p ADD 10.41.73.0 MASK 255.255.255.0 10.23.42.97 IF 17
route -p ADD 10.23.42.96  MASK 255.255.255.248 10.23.42.97 IF 17

and this is the output of route -p print command:

PS C:\Users\Administrator> route -p print
===========================================================================
Interface list
  2...98 f2 b3 39 d1 de ......Broadcom NetXtreme Gigabit Ethernet #3
 15...98 f2 b3 39 d1 dd ......Broadcom NetXtreme Gigabit Ethernet
 16...98 f2 b3 39 d1 df ......Broadcom NetXtreme Gigabit Ethernet #2
 17...98 f2 b3 39 d1 dc ......Microsoft Network Adapter Multiplexor Driver
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 10...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 route table
===========================================================================
Active routes:
     Network address          Mask          Gateway     Interface   Metric
          0.0.0.0          0.0.0.0    10.123.11.254      10.23.42.98    281
      10.23.42.96  255.255.255.248      10.23.42.97      10.23.42.98     26
      10.23.42.98  255.255.255.255         On-link       10.23.42.98    281
       10.41.73.0    255.255.255.0      10.23.42.97      10.23.42.98     26
     10.41.86.128  255.255.255.240      10.23.42.97      10.23.42.98     26
      10.123.11.0    255.255.255.0         On-link       10.23.42.98    281
    10.123.11.200  255.255.255.255         On-link       10.23.42.98    281
    10.123.11.255  255.255.255.255         On-link       10.23.42.98    281
     10.123.251.0    255.255.255.0         On-link    10.123.251.250    281
   10.123.251.250  255.255.255.255         On-link    10.123.251.250    281
   10.123.251.255  255.255.255.255         On-link    10.123.251.250    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      169.254.0.0      255.255.0.0         On-link    169.254.161.92    281
   169.254.161.92  255.255.255.255         On-link    169.254.161.92    281
  169.254.255.255  255.255.255.255         On-link    169.254.161.92    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link    10.123.251.250    281
        224.0.0.0        240.0.0.0         On-link    169.254.161.92    281
        224.0.0.0        240.0.0.0         On-link       10.23.42.98    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link    10.123.251.250    281
  255.255.255.255  255.255.255.255         On-link    169.254.161.92    281
  255.255.255.255  255.255.255.255         On-link       10.23.42.98    281
===========================================================================
Permanent routes:
   Network address            Mask          gateway  Metric
          0.0.0.0          0.0.0.0    10.123.11.254  Default
     10.41.86.128  255.255.255.240      10.23.42.97       1
       10.41.73.0    255.255.255.0      10.23.42.97       1
      10.23.42.96  255.255.255.248      10.23.42.97       1
===========================================================================

and route print command:

PS C:\Users\Administrator> route print
===========================================================================
Interface list
  2...98 f2 b3 39 d1 de ......Broadcom NetXtreme Gigabit Ethernet #3
 15...98 f2 b3 39 d1 dd ......Broadcom NetXtreme Gigabit Ethernet
 16...98 f2 b3 39 d1 df ......Broadcom NetXtreme Gigabit Ethernet #2
 17...98 f2 b3 39 d1 dc ......Microsoft Network Adapter Multiplexor Driver
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 10...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 route table
===========================================================================
Active routes:
     Network address            Mask          Gateway     Interface   Metric 
          0.0.0.0          0.0.0.0    10.123.11.254      10.23.42.98    281
      10.23.42.96  255.255.255.248      10.23.42.97      10.23.42.98     26
      10.23.42.98  255.255.255.255         On-link       10.23.42.98    281
       10.41.73.0    255.255.255.0      10.23.42.97      10.23.42.98     26
     10.41.86.128  255.255.255.240      10.23.42.97      10.23.42.98     26
      10.123.11.0    255.255.255.0         On-link       10.23.42.98    281
    10.123.11.200  255.255.255.255         On-link       10.23.42.98    281
    10.123.11.255  255.255.255.255         On-link       10.23.42.98    281
     10.123.251.0    255.255.255.0         On-link    10.123.251.250    281
   10.123.251.250  255.255.255.255         On-link    10.123.251.250    281
   10.123.251.255  255.255.255.255         On-link    10.123.251.250    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      169.254.0.0      255.255.0.0         On-link    169.254.161.92    281
   169.254.161.92  255.255.255.255         On-link    169.254.161.92    281
  169.254.255.255  255.255.255.255         On-link    169.254.161.92    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link    10.123.251.250    281
        224.0.0.0        240.0.0.0         On-link    169.254.161.92    281
        224.0.0.0        240.0.0.0         On-link       10.23.42.98    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link    10.123.251.250    281
  255.255.255.255  255.255.255.255         On-link    169.254.161.92    281
  255.255.255.255  255.255.255.255         On-link       10.23.42.98    281
===========================================================================
permanent routes:
   Network address            Mask     Gateway        Metric
           0.0.0.0          0.0.0.0    10.123.11.254  Default
     10.41.86.128  255.255.255.240      10.23.42.97       1
       10.41.73.0    255.255.255.0      10.23.42.97       1
      10.23.42.96  255.255.255.248      10.23.42.97       1
===========================================================================

The main problem is that the connection seems to be very unstable and unpredictable. If I run, for example tracert 10.23.42.96, the command shows me the first hop and the intended gateway (10.23.42.97). If I run tracert 10.41.73.1 sometimes it goes through the correct gateway and sometimes it just times out. If I run the command twice in a row, it's very likely that I will see two different outcomes.

Am I missing something? I already set up a system like this on Linux, and it's working without any problems. I am pretty new to networking, expecially under Windows. Can you please tell me what am I doing wrong? Thank you very much.

EDIT

Removed partial output of route print and added the complete output of route -p print and route print.

185
0 + 4
djdomi avatar
za flag
djdomi
`route print` and `route -p print` mostly does not give the same output
0
Reply
Hackjaku avatar
ch flag
Hackjaku
Thanks. I edited the original question to include the complete output of both commands.
0
Reply
us flag
Lasse Michael Mølgaard
Why the third route: `route -p ADD 10.23.42.96 MASK 255.255.255.248 10.23.42.97 IF 17`? As far as I can gather that subnet is `local`, so no need to add a route to it, since it is in the routing table by default.
0
Reply
Hackjaku avatar
ch flag
Hackjaku
I dont'have ```10.23.42.96``` as a default gateway, if I try to trace without having that route in the table, the packet goes through the default ```10.123.11.254```. The weird part is that this one is the **only** route with some consistency. Whenever I trace a packet to ```10.23.42.x``` I get the expected ```10.23.42.97``` gateway result. The other two are ignored 9 times out of 10 (```tracert``` times out every step).
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.