Tactical Software Tech Note

 


All Tech Notes

Redirectors and the TCP/IP Routing Table

Introduction

To make Microsoft's Dial-Up Networking function with a modem server (or a serial server with modems) regardless of LAN topology, a Tactical Software redirector may need to manipulate the client PC's routing table.  Depending upon several factors — including the number of network cards present in the PC, the entries in the routing table, and the location of the server — there may be situations where the redirector is unable to correctly configure the routing table.  With an understanding of this issue, the problem may also be fixed by manually adjusting the TCP/IP routing table.

Background

The Tactical Software redirector automatically reads the routing table on startup, and will determine if it needs to insert additional routes.  For each COM port, it reads the IP address of the specified server, and will insert a route if both of the following are true:

  1. The server's IP address is not on the same subnet as the PC.
  2. The route to the server's address is handled via a "default" route. A default route is one with a network address of 0.0.0.0.

What the Tactical Software Redirector Does

If the Tactical Software redirector determines that an additional route is necessary, then it needs to calculate the correct information for that route.  The redirector builds this route using the first default route found in the routing table.  It builds a "specific" route using the IP address of the server and a netmask of 255.255.255.255. It uses the same gateway address as is used in the default route.

For example, consider the following (abbreviated) routing table:

Network Address Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.47 1
10.0.0.0 255.255.255.0 10.0.0.47 10.0.0.47 1
10.0.0.47 255.255.255.255 127.0.0.1 127.0.0.1 1

This example for a PC with an address of 10.0.0.47, on a class C subnet (a netmask of 255.255.255.0). Only addresses 10.0.0.1 through 10.0.0.254 are accessible in this subnet, which is specified in the second route listed. The first route is the default route, which specifies that all other address outside the range of the 10.0.0.x subnet be delivered via the gateway at 10.0.0.1.

Now suppose that the server's IP address is 10.2.2.55, which is not on the client PC's subnet.  The redirector will take the gateway address of the default route, a netmask of 255.255.255.255, the IP address of the PC, and add a new route so that the routing table will now read:

Network Address Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.47 1
10.0.0.0 255.255.255.0 10.0.0.47 10.0.0.47 1
10.2.2.55 255.255.255.255 10.0.0.1 10.0.0.47 1
10.0.0.47 255.255.255.255 127.0.0.1 127.0.0.1 1

The new route specifies that the address 10.2.2.55 can be reached via the 10.0.0.1 gateway, and singles out that address over and above the other addresses reachable via the default route. This guarantees that the server will be accessible even if the default route changes.

Why the Redirector Does This

At first glance this additional route appears to be redundant. It is, after all, specifying the gateway address that is already listed in the default route. So, why bother?

The issue is that Dial-Up Networking sessions also manipulate the routing table.  Even when used with a local modem, DUN causes all subnets to be inaccessible.  This issue is not unique to redirected COM ports.

Consider this hypothetical Dial-Up Networking session to an ISP. Once dialed-in, the ISP will assign the calling PC an IP address of 10.23.0.135, and specify that a default route use the gateway at 10.23.0.1 (presumably this gateway knows how to route packets to the rest of the Internet). What happens next is that the routing table gets a new default route added, so the top two entries in the routing table look like this:

Network Address Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.23.0.1 10.23.0.135 1
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.47 2

The crux of the problem is this: with the above routing table, all packets outside the range 10.0.0.1 to 10.0.0.254 will be routed via 10.23.0.1 to the ISP — not to the gateway on the LAN. This includes the server which is at 10.2.2.55! Dial-Up Networking has, in effect, sawed off the limb it is sitting on by updating the routing table such that the server is no longer accessible to the PC.

Dial-Up Networking doesn't have this problem with a local modem because the modem can always send and receive data to the PC regardless of the state of the routing table. Modems on servers, however, can be cut off from the PC if the routing table suddenly makes them inaccessible. By adding the specific host route to the 10.2.2.55 address, the server is guaranteed to be always accessible, because the server is not dependent upon the default route.

Solving the Problem of Multiple Default Routes

The Tactical Software redirector can run into problems when the PC's routing table contains more than one default route. The two most common situations where this occurs are:

  1. The PC is "multi-homed," meaning it has more than one network card, each of which connects to a different subnet on the LAN. 
  2. The PC has been configured to have redundant default routes, with one intended to act as the backup for the other.

The problem is that the redirector needs to determine which gateway address to use for the additional routes (see above), and with multiple default routes it is forced to guess which gateway is the correct one. In lieu of more information,  The redirector will always use the gateway address from the first default route in the routing table. In either case listed above, this means that the redirector may have guessed wrong.

In the first case, the server may not in fact be accessible via the network card chosen for the gateway. In the second case, sometimes the backup gateway address is not online. In either situation, you will see connection errors occur in the Configuration Wizard even when you have specified a correct IP address.

There are two solutions to this problem:

  1. Avoid using default routes when at all possible. Unless your LAN can also route to the Internet, using a default route to route to other subnets is somewhat misleading. If the routing table is adjusted to specify the other subnets directly rather than using a default route, then the problem goes away. 
  2. Manually add a static route to the routing table which specifies which gateway to use for the server. In versions of Windows after 98/Me, this is done with the "-p" option to the route command.  In Windows 98/Me it can be done with a batch file in the startup folder.