Setting up
Routing in Windows 2000
In order to connect two different networks into one
interconnected network, routing needs to take place. Routing is not difficult
if you understand the underlying issues involved.
For this manual we will use three different networks
(they are all RFC 1918 addresses):
192.168.0.1 /24 you
10.0.0.1
/24 your next door
neighbor
172.16.0.1
/24 a remote network
Ordinarily, hosts on these three networks would not be
able to communicate with each other, even if they were on the same local wire
loop.(this is not a network)
simply
because the source computer would realize that the destination computer
belonged on a separate network and would try to send the information, not to
the destination, but to the default gateway so that the information could be
forwarded to the remote network.
Routing can be used to break the network into managable chunks that we can then think of as subnetworks.
Between any two networks, there are two computers that
are called routers. Windows 2000 has the ability to route TCP/IP traffic. This
tutorial will help you set up Windows 2000 to be a router between networks.
Routing Traffic Between
Networks
First we must set up a logical diagram for our
network(s).
Our first network is 192.168.0.0/24
Our second is 10.0.0.0/24
and our third
is 172.16.0.0/24
One or two computers in each of these networks will be
the router. Each router will have two Network cards, an internal and an
external card.
The internal network card should have an internal IP
address, internal to the network, that is.
Our first network's router will have 192.168.0.1 for it's internal network car address.
Our second network will have 10.0.0.1 as it's network address
Our second network will also have a second router to
connect to the third network. This router's internal address will be 10.0.0.2.
Our third network's router will have an address of
172.16.0.1
Between each set of routers, there exists a very small
network of just those two computers. Therefore, these computers must have compatable addresses.
The external interface on the 192.168.0.1 computer
will be 192.168.100.1 and it's partner, 10.0.0.1 will
have and external address of 192.168.100.2. Both of these computers should have
a subnetmask of 255.255.255.252. This allows for only
two computers on this network, which is what we are shooting for.
The 10.0.0.2 computer should have an external address
of 192.168.100.5 and it's partner, 172.16.0.1 should
have an external address of 192.168.100.6. Both of these should have a subnet
mask of 255.255.255.252.
Our diagram should look something like this
192.168.0.3 192.168.0.2 172.16.0.2 172.16.0.3
| | | |
192.168.0.1 (192.168.100.1) 172.16.0.1
(192.168.100.5)
| |
| |
10.0.0.1(192.168.100.2) -------------------------10.0.0.2(192.168.100.6)
|
10.0.0.3
Now that our addresses are set up, we are ready to set
up routing.
First, click Start-> Programs-> Administrative
Tools -> Routing And Remote Access
You should get the Routing and Remote access window
like this
Right click on your computer and chose Configure and
Enable Routing and Remote Access
You will get the welcome to the routing wizard, click
next to begin.
On the next screen, there are several choices. Two of
the most prominent are Network Router and Internet connection server. Network
Router is used if you want to connect two independant
networks together. Internet Connection Server is used if you want to connect
your network to the internet. Other choices are VPN Server, Remote Access
Server and to Manually configure the router.
For our purposes we want to connect two different
networks so that computers can communicate between them.
Select Network Router from the menu and click next.
TCP/IP should be the only protocol that is displayed
in the next box. This is fine unless there are other protocols that you need to
use. Click next.
Demand dialed connections are only dialed if there is
traffic between networks. For our purposes, we have an ethernet
connection and so do not need to dial in. Select No, and click next. Then click
finish.
We should now install routing protocols because the
only networks that our routers know of are the ones that are directly connected
to the routers and their direcly connected neighbors.
Right click General under IP Routing in the left hand
pane. Select new routing protocol. Select RIP and click OK.
This allows our routers to broadcast all information
that they have about networks out all interfaces. Eventually, 192.168.0.1 will
learn that there is a 172.16.0.0 network out there and to get to it, it needs
to go through 10.0.0.1 and 10.0.0.2.
Network Address Translation
Network address translation is a different story. NAT
is used when you want to get out, but you don't want anybody else to get in. For
example, it is used at home so that you can get out to the internet, but
hackers cannot get in.
Your internal network is hidden from everybody outside
of the NAT Router. In this way you can use the private address space of RFC
1918 to address your hosts without paying ICANN for the addresses. Your ISP
will assign you one IP address, which you will assign to the external interface
of the router. The router's internal interface will have your internal network
number and you can have as many computers inside your network as you have RFC
1918 addresses (millions).
First we have to remove the routing setup that we had
earlier. Right click on your server in the Routing and Remote Access Window. Click Disable Routing and Remote Access. This will take a
minute.
After it finishes, right click your server and select
Configure and Enable Routing and Remote Access. Click next on the wizard.
Choose internet connection server and then NAT router. Choose the interface of
your external interface, click OK and Finish.
If you are the only network to set up NAT (within your internetwork) you should be able to ping everybody else,
but nobody should be able to ping you. Of course if all three network have set this up, the only thing you should be able
to ping is the other network's external address.