Multiple default gateways can cause connectivity problems
This article describes the connectivity issues that occur when multiple default gateways are used in TCP/IP configuration options.
Original product version: Windows 2000
Original KB number: 159168
When multiple default gateways are used in TCP/IP configuration options on a Windows NT computer, connectivity to computers on remote networks may be lost. On multihomed computers connected to disjointed networks, static routes may be added to the routing table to get connectivity to remote networks.
Windows NT computers can be configured with multiple default gateways. When a dead gateway is detected by TCP, it can direct IP to switch default gateways to the next gateway in the backup list. This switch can occur when there are multiple gateways configured for the same network adapter or when different default gateway addresses are given on various network cards on a multihomed computer. A switch is triggered when TCP has tried one-half of the TcpMaxDataRetransmissions times to send a packet through the current default gateway.
For more information on dead gateway detection and registry parameter TcpMaxDataRetransmissions, see the following Microsoft Knowledge Base articles:
128978Dead Gateway Detection in TCP/IP for Windows NT
140552 How to Optimize Windows NT to Run Over Slow WAN Links w/TCP/IP
After the switch, all IP traffic originating from any network adapter on this computer destined for remote networks will be sent to the currently selected gateway. On disjointed networks, this can lead to lost connectivity and subsequent termination of active sessions with computers on remote networks connected through the first gateway. This is because the currently selected gateway may be unaware of other routes managed by the first gateway if those routers do not exchange routing information to each other.
If the switched gateway is unreachable or inactive on the network, it loses connectivity to all remote sites. At this point, a ping to this computer from a remote network will fail to get a positive response. Similarly, any outgoing ping to a remote host from this computer will give a Request timed out error. This behavior is by design and conforms to TCP/IP specifications.
The following illustrations describe situations where multiple gateways are used.
Consider a computer with two network cards, Netcard1 and Netcard2, and the following IP addresses and default gateways:
IP Address: 220.127.116.11
Default Gateway: 18.104.22.168 22.214.171.124
IP Address: 126.96.36.199
Default Gateway: 188.8.131.52
If you want to Telnet to a workstation with an IP address of 184.108.40.206, the IP datagrams will be routed through the 220.127.116.11 gateway. If 18.104.22.168 is detected as unavailable, IP switches to the second gateway 22.214.171.124. When this gateway fails, then use 126.96.36.199, and so on. This applies only to TCP traffic and switching gateways occurs based on the mechanism described earlier. Telnet, FTP, and NetBIOS Session service network traffic use TCP for network communications.
Also consider where the two networks connected to Netcard1 and Netcard2 are disjointed (that is, not connected to each other through any other router). If there's a network (say 22.101.x.x) that is accessible only through Netcard2, the IP datagrams for this network will still be routed through 188.8.131.52 because it's the primary default gateway. To route IP datagrams destined to network 22.101.x.x through 184.108.40.206, a static route needs to be added to the routing table through the ROUTE utility. To add the route, type the following command:
route add 220.127.116.11 MASK 255.255.0.0 18.104.22.168
Another possible solution for the above scenario is to run multiprotocol routing on the multihomed Windows NT computer so it can exchange routing information with other routers on the network running Routing Information Protocol. Multiprotocol routing is available in Windows NT 3.51 Service Pack 2 or later.
For more information, see the following Microsoft Knowledge Base article:
171564 TCP/IP Dead Gateway Detection Algorithm Updated for Windows NT