Question : Dual NIC gateway setting disappears

We have a Win2003 Server with two NICs, ipconfig as follows (portions removed to protect ID):

Ethernet adapter Local Area Connection 3:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Macronix MX98715-Based Ethernet Adapter
Generic)
Physical Address. . . . . . . . . : 00-80-C6-FA-6A-4A
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : xx.xx.166.227
Subnet Mask . . . . . . . . . . . : 255.255.255.248
Default Gateway . . . . . . . . . : xx.xx.166.225
DNS Servers . . . . . . . . . . . : xx.xx.170.3

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Server Adapter
Physical Address. . . . . . . . . : 00-E0-81-26-A9-A3
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.100.100.8
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.100.100.241
DNS Servers . . . . . . . . . . . : 192.100.100.5

Problem:
After some random amount of time (usually each evening), the gateway to the WAN loses its setting -- default gateway listed by ipconfig is blank. The server becomes unresponsive (of course) to the outside Internet. No other warning or error seems to appear on the system. Rebooting cures, gateway setting restored.

I have read the following, posted in response to other questions:

http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q262397&ID=KB;EN-US;Q262397
(when using two NICs, disable the default gateway for the LAN NIC)

We plan to try following the advice.

Even if this solves the problem, the question is, why? Why does the configuration work and then stop working?

Does Win2003 periodically do some kind of consistency check and disable the second gateway setting?
Does the firewall in some way produce a message that causes Win2003 to disable its setting?
What is causing this event?

Your previous help may be enough to get me past this problem, but I would also like to know why the setting changes.

Thank you.

Answer : Dual NIC gateway setting disappears

The following information was taken from a Merak Mail Forum. I thought many people may find the information useful:

Windows Server 2003 networking you need to be aware that MS seems to have adopted a different philosophy regarding multi-homing. By default a server with 2 NICs treats networking concept as fault tolerant redundancy. That is if one of your default gateways goes down the other NIC should route traffic to the other gateway. In real life however, many networks have been traditionally designed with one NIC pointing to an Internet gateway and the other to a LAN gateway and availability should always be available through either NIC depending upon if you're connecting to the server via the LAN or Internet. The solution to this problem is to disable the default Automatic Metric settings for both NICs and put in a static value of 1 (assuming your default gateway is 1 hop away).

We used to try and run multihomed servers with 2 "default gateways" - every now and then the server would drop off the internet. A server can only have one default gateway. Its basically a dumping ground for any traffic it doesn't know where to route.

The correct way (and now enforced by win2003) is to add static routes.

For example, a server we have is on 217.77.176.15. Its default gateway is 217.77.176.1. The server is also 192.168.2.15. It can reach any other 192.168.2.0/24 address by default. We also want to get to 192.168.1.0/24. Old way - add 192.168.2.1 (which is a router) as the gateway for second interface. Bad bad bad. Better way - route add 192.168.1.0 mask 255.255.255.0 192.168.2.1 -p

...the "servers" default gateway is defined by the NIC that you give the highest preference to. Specifying the IP Address, Subnet mask, gateway and metric for the gateway for each NIC will result in the routes automatically being added to the server's routing table (you can see this with Route Print). This difference is how Server 2003 handles the metric by "default". By "default" it sets the metric to automatic which results in the Server 2003 picking the default gateway by shortest actual distance determined by pinging each gateway. If the performance to one gateway is slightly, even fractions of a ms, better then that becomes the server's default gateway. Should connectivity to this default gateway become degraded or disappear then the next NIC's default gateway automatically kicks in. This is fine if you want fault tolerance. Now consider if you want to have two separate gateways run independently to two distinct networks as an always on. It is necessary to turn off the automatic metric and set the default gateways to each nic to an equal value (typically 1). Now the actual overall default gateway for the server will remain as the default gateway for the NIC which has the highest adapter preference. All of the routing information will be generated by Windows. Now you could manually create the routes but it really isn't necessary. The real idea here is that each NIC must be always available, listening for traffic coming from it's own respective default gateway. I mostly wanted to point out that the way the Server 2003 handles multiple NICs differently by default. Incidentally, this is an excellent way of separating specific protocols between two distinct networks, setting up port forwarding or migrating a server from one network to another without any downtime and without having to build a clone of the server. You can actually setup multiple IP addresses each with their own gateway and only one NIC. I've used this successfully many times during migrations but we won't go there. LOL Take care.

Random Solutions

Can someone give me a bandwidth comparison

J2me - Getting the phone model, resolution and other properties.

Re: Demoting a domain controller

need help with using a group policy to prevent local admins from installing apps on the internet

Logon Failure: The target account name is incorrect

Suspect Network (DNS/AD?) Comms Issues

Telling your Solaris Sendmail Server to hide it's actual hostname

How do you setup an automation script for modprobe?

Can't browse LAN when connected to SnapGear PPTP Server (VPN)