Professional Web Applications Themes

Network router problem - Mac Networking

I've set up 3 routers to provide security between two small networks, yet be able to share resources. The setup consists of a Speedstream DSL modem, a Netgear FVS318 immediately downstream; and two RP614v2 routers plugged into the '318. All computers (6 total) are plugged into the 614's. I configured the routers so that they each have unique IP addresses, and serve (DHCP) unique ranges of IP addresses. I then added an HP LJ 2300 (plugged into the '318) and configured direct routes (I think that's what Netgear calls making the HP's IP address "visible" to the computers on the ...

  1. #1

    Default Network router problem

    I've set up 3 routers to provide security between two small networks, yet be
    able to share resources.

    The setup consists of a Speedstream DSL modem, a Netgear FVS318 immediately
    downstream; and two RP614v2 routers plugged into the '318. All computers (6
    total) are plugged into the 614's.

    I configured the routers so that they each have unique IP addresses, and
    serve (DHCP) unique ranges of IP addresses.

    I then added an HP LJ 2300 (plugged into the '318) and configured direct
    routes (I think that's what Netgear calls making the HP's IP address
    "visible" to the computers on the networks) in each of the '614's.

    All computers could share the DSL service, and print to the HP printer
    without problem. Everything seemed fine.

    All worked for about a week. Then one of the 614 router's stopped
    functioning. I could not ping from or to any computer connected to that
    router. A router reset (reset button on the back) fixed it, temporarily. A
    week later the problem repeated. I replaced the router with a new one,
    figuring that it had an intermittent problem.

    All was fine for another week. Today, the same problem occurred, with the
    same router.

    Is it possible that the FVS318 is causing these problems in the 614? What
    else could cause these symptoms?

    Ideas?

    Thanks,
    --
    DaveC
    net
    This is an invalid return address
    Please reply in the news group

    DaveC Guest

  2. #2

    Default Re: Network router problem

    In article <individual.net>,
    DaveC <net> wrote:
     

    Why did you make the network so complicated? You only need one router
    serving DHCP addresses and performing NAT functions and then simple hubs
    or (preferably) switches to supply sufficient ports for the computers
    and printer.

    --
    There are 10 kinds of people in the world:
    those who understand binary, and those who don't.

    Tom Stiller

    PGP fingerprint = 5108 DDB2 9761 EDE5 E7E3
    7BDA 71ED 6496 99C0 C7CF
    Tom Guest

  3. #3

    Default Re: Network router problem

    On Wed, 19 May 2004 12:59:37 -0700, Tom Stiller wrote
    (in article <dca.giganews.com>):
     

    Medical database applications (two of them, one per segment) require that
    only one server -- and its clients -- be on each segment (ie, pinging between
    segments must not be possible). This necessitates a router for each of the
    network segments to provide isolation for each.

    Someone suggested a computer running routing & firewall software with several
    NICs, but I like small boxes with no moving parts.

    Other suggestions reach this goal are welcome.
    --
    DaveC
    net
    This is an invalid return address
    Please reply in the news group

    DaveC Guest

  4. #4

    Default Re: Network router problem

    net wrote:
     

    That sounds similar to a DHCP lease expiration issue. The misbehaving
    router gets an address from the "main" one, good for a while. Maybe
    that's a week, and when the address isn't good anymore, it doesn't manage
    to get a new one. It's something to consider, anyway.
    Alan Guest

  5. #5

    Default Re: Network router problem

    On Wed, 19 May 2004 18:39:08 -0700, Alan Anderson wrote
    (in article <168.1.100>):
     

    Hmm... I will consider that.

    The firmware of the main router (FVS318) is due for updating. I've been
    avoiding it because no one could find the PPPoE password. I guess I'll have
    to call SBC mee self.

    Thanks for the idea...
    --
    DaveC
    net
    This is an invalid return address
    Please reply in the news group

    DaveC Guest

  6. #6

    Default Network router problem


    I've set up 3 routers to provide security between two small networks, yet be
    able to share resources.

    The setup consists of a Speedstream DSL modem, a Netgear FVS318 immediately
    downstream; and two RP614v2 routers plugged into the '318. All computers (6
    total) are plugged into the 614's.

    I configured the routers so that they each have unique IP addresses, and
    serve (DHCP) unique ranges of IP addresses.

    I then added an HP LJ 2300 (plugged into the '318) and configured direct
    routes (I think that's what Netgear calls making the HP's IP address
    "visible" to the computers on the networks) in each of the '614's.

    All computers could share the DSL service, and print to the HP printer
    without problem. Everything seemed fine.

    All worked for about a week. Then one of the 614 router's stopped
    functioning. I could not ping from or to any computer connected to that
    router. A router reset (reset button on the back) fixed it, temporarily. A
    week later the problem repeated. I replaced the router with a new one,
    figuring that it had an intermittent problem.

    All was fine for another week. Today, the same problem occurred, with the
    same router.

    Is it possible that the FVS318 is causing these problems in the 614? What
    else could cause these symptoms?

    Someone suggested a DHCP lease expired and wasn't renewed. How can I check
    for a lease expiration?

    Thanks,
    --
    DaveC
    net
    This is an invalid return address
    Please reply in the news group

    DaveC Guest

  7. #7

    Default Re: Network router problem

    In article <individual.net>,
    DaveC <net> wrote:
     

    I don't know about the Netgear routers, but my Linksys display's the
    lease remaining time on its main configuration page. However, if the
    two 614s have unique IP addresses, then they're not using DHCP to obtain
    them and there's no lease to expire.

    What happens if you switch the two 614s?

    --
    There are 10 kinds of people in the world:
    those who understand binary, and those who don't.

    Tom Stiller

    PGP fingerprint = 5108 DDB2 9761 EDE5 E7E3
    7BDA 71ED 6496 99C0 C7CF
    Tom Guest

  8. #8

    Default Re: Network router problem

    (added comp.protocols.tcp-ip where this really belongs)

    DaveC wrote:
     
     

    That is what I would do if I wanted security between two nets
    using a common WAN connection.
     

    Well, they really need separate subnets. Is that what you mean?
     

    Anything on the 318 side should be visible to the other machines
    without doing anything special.

    Machines connected to the 614s must have the default route
    pointing to the appropriate 614, but DHCP should do that for you.

    The printer should have a static address on the appropriate net,
    so that it doesn't change. I suppose its default route should
    point to the 318, though it really shouldn't need one.
     
     

    (snip)
     
     

    There are two questions. First are the DHCP leases given by the 614's
    to the connected computers. The other is the leases given by
    the 318 to the 614's. I would probably configure the 614's with
    static WAN addresses and default routes, but the normal instructions
    likely use DHCP.

    The machines connected to the 614s should have some way to
    view their DHCP information, I believe IPCONFIG on windows
    machines. The setup system for the 614s should indicate the
    DHCP assignments given by the 318.

    I think the next thing I would do is give the 614's static
    WAN addresses and turn off the DHCP server on the 318.

    Post the network addresses and netmasks used for each of the
    three nets. That way we can figure out if they make sense.
    (There should not be any security related matters in posting them.)

    -- glen

    glen Guest

  9. #9

    Default Re: Network router problem

    On Wed, 2 Jun 2004 11:45:05 -0700, Tom Stiller wrote
    (in article <dca.giganews.com>):
     

    Hmm... of course your right.

    When the problem originally occurred, I figured the router was defective and
    returned it to the store for another 614. I installed the new router and
    configured it identically. Today, about 10 days later, it failed in the same
    mode (I can ping other computers on the network (ie, connected to the same
    614), but I can't get through the 318 to the WAN, or to the IP-configured
    printer plugged into the 318). Power-cycle the router and all is well again.

    I've switched the DC power supplies to the two 614s, in case it was a
    supply/glitch problem, The same router failed.
     

    I'm reluctant to do that, because the one Dr. that does have a fully
    functioning network wouldn't be happy if his network crashed, rather than his
    partner's. At least now, it's perceived as a limited problem (not
    office-wide). But if I can't come up with any other possibility, I'll have to
    give that a try.

    Netgear tech support says that it's a power problem. Since it's this one
    router and none of the other equipment, I'm highly skeptical.

    Other ideas?

    Thanks,
    --
    DaveC
    net
    This is an invalid return address
    Please reply in the news group

    DaveC Guest

  10. #10

    Default Re: Network router problem

    DaveC wrote:
     
    <snip - problem description (one router hoses after 1 week)>

    Problem is likely that you are using low end consumer gear. The code on
    those "routers" (to me calling these things routers is like calling a
    gocart a car) tends to me not the most stable. Ya get what you pay for.

    Look into upgrading to some "real" routers. Try a sonicwall or
    watchguard at the border of the dsl connection, and put "real" routers
    (cisco 2600 series or nortel ARN) inside the border. and hook them all
    up with real switches, for chrissake! no actual endpoint devices should
    be plugged into routers (yes, I know, the '318's and 614 have the built
    in switch. but these "routers" are giving you problems, aren't they?)





    --
    Copyright 2004 T. Sean Weintz
    This post may be copied freely without
    the express permission of T. Sean Weintz.
    T. Sean Weintz could care less.
    T. Sean Weintz is in no way responsible for
    the accuracy of any information contained in
    any usenet postings claiming to be from
    T. Sean Weintz. Users reading postings from
    T. Sean Weintz do so at their own risk.
    T. Sean Weintz will in no way be liable for
    premature hair loss, divorce, insanity,
    world hunger, or any other adverse relults
    that may arise from reading any usenet
    posting attributed to T. Sean Weintz

    ALSO - FWIW, The following WHOIS Record is years out of date:
    Weintz, Sean (SW2893) IDT.NET
    Sean Weintz
    462 Sixth Street , #A
    Brooklyn, NY 11215

    T. Guest

  11. #11

    Default Re: Network router problem

    On Wed, 2 Jun 2004 11:49:48 -0700, glen herrmannsfeldt wrote
    (in article <gjpvc.36867$eY2.14387attbi_s02>):
     

    Indeed, I did use static addresses for the 614s, as someone else in this
    thread pointed out.
     

    What about for Mac OS 9.x? If I look at the TCP/IP info in the TCP control
    panel, it has a "renew lease" button, but no details about the lease.

    When the router "fails", I am able to ping other computers in that (sub?) net
    (ie, connected to the same 614). I just can't ping the 318 or anything
    beyond, including the IP printer plugged into the 318.
     

    I have not turned off DHCP in the 318. I'll try this.
     

    Netgear FVS318
    WAN Port
    IP 67.x.x.x
    Subnet mask: 0.0.0.0
    DHCP: no (basically functions as a bridge?)
    one static route configured in this router for printer: 192.168.0.2

    LAN Port:
    IP 192.168.0.1
    Subnet mask: 255.255.255.0
    DHCP: server
    DHCP range: 192.168.0.2 - 100
    RIP direction: both
    RIP version: RIP-2B
    MTU size: 1500 (default)

    Netgear RP614v2 #1
    WAN Port:
    IP: 192.168.0.3 **
    Subnet mask: 255.255.255.0
    DHCP: client ***
    LAN Port:
    IP: 192.168.1.1
    Subnet mask: 255.255.255.0
    DHCP: server
    DHCP range: 192.168.1.2 - 50

    Netgear RP614v2 #2
    WAN Port:
    IP: 192.168.0.3 **
    Subnet mask: 255.255.255.0
    DHCP: client ***
    LAN Port:
    IP: 192.168.2.1
    Subnet mask: 255.255.255.0
    DHCP: server
    DHCP range: 192.168.2.2 - 50

    Computers are all DHCP clients, no fixed IP's.

    ** The interface between the 318 and the 614s should use unique IP's, right?
    The 318's LAN port IP is 192.168.0.1. The 614's WAN IP's are both
    192.168.0.3. Would this cause a problem? I'll check to confirm these IP's
    when I go to the site in about an hour.

    *** The two 614's should be in "Client: no" mode, right (ie, neither Server
    or Client)?

    All ideas welcome.

    Thanks,
    --
    DaveC
    net
    This is an invalid return address
    Please reply in the news group

    DaveC Guest

  12. #12

    Default Re: Network router problem

    "DaveC" <net> wrote in message
    news:individual.net... 
    >
    > Indeed, I did use static addresses for the 614s, as someone else in this
    > thread pointed out.

    >
    > What about for Mac OS 9.x? If I look at the TCP/IP info in the TCP control
    > panel, it has a "renew lease" button, but no details about the lease.
    >
    > When the router "fails", I am able to ping other computers in that (sub?)[/ref]
    net 
    >
    > I have not turned off DHCP in the 318. I'll try this.[/ref]

    this does stop you putting other devices on the interconnect LAN and using
    DHCP. Just assign the 614s addresses outside the DHCP range on the 318.

    FWIW i have 2 Netgears cascaded to isolate the "safe" wired LAN from
    wireless.

    topology is
    WAN - FR314 - wired LAN (4 PCs) - MR814 - wireless laptops.

    this lets wireless devices have internet access, but not get to wired shares
    and printers. 
    >
    > Netgear FVS318
    > WAN Port
    > IP 67.x.x.x
    > Subnet mask: 0.0.0.0
    > DHCP: no (basically functions as a bridge?)
    > one static route configured in this router for printer: 192.168.0.2
    >
    > LAN Port:
    > IP 192.168.0.1
    > Subnet mask: 255.255.255.0
    > DHCP: server
    > DHCP range: 192.168.0.2 - 100
    > RIP direction: both
    > RIP version: RIP-2B
    > MTU size: 1500 (default)
    >
    > Netgear RP614v2 #1
    > WAN Port:
    > IP: 192.168.0.3 **
    > Subnet mask: 255.255.255.0
    > DHCP: client ***
    > LAN Port:
    > IP: 192.168.1.1
    > Subnet mask: 255.255.255.0
    > DHCP: server
    > DHCP range: 192.168.1.2 - 50
    >
    > Netgear RP614v2 #2
    > WAN Port:
    > IP: 192.168.0.3 **
    > Subnet mask: 255.255.255.0
    > DHCP: client ***
    > LAN Port:
    > IP: 192.168.2.1
    > Subnet mask: 255.255.255.0
    > DHCP: server
    > DHCP range: 192.168.2.2 - 50
    >
    > Computers are all DHCP clients, no fixed IP's.
    >
    > ** The interface between the 318 and the 614s should use unique IP's,[/ref]
    right?

    Yes.
     

    certainly going to confuse the WAN attached router - how can it decide where
    to send return traffic?

    frankly i am surprised it worked OK for a while - it implies that the 2nd
    614 has some sort of workaround - maybe it ignores the configured address if
    it ARPs on power up and sees another device on that IP address.

    or if you "cloned" the config, maybe the 2 614s share other settings - like
    the WAN port MAC address, which might make things work by accident......
     
    Server 

    if this is on the 614 WAN port then "no DHCP client" is correct
     
    --
    Regards

    Stephen Hope - return address needs fewer xxs


    shope Guest

  13. #13

    Default Re: Network router problem


    "T. Sean Weintz" <org> wrote in message
    news:supernews.com... [/ref]
    yet be [/ref]
    immediately [/ref]
    (6 
    > <snip - problem description (one router hoses after 1 week)>
    >
    > Problem is likely that you are using low end consumer gear. The code on
    > those "routers" (to me calling these things routers is like calling a
    > gocart a car) tends to me not the most stable. Ya get what you pay for.
    >
    > Look into upgrading to some "real" routers. Try a sonicwall or
    > watchguard at the border of the dsl connection, and put "real" routers
    > (cisco 2600 series or nortel ARN) inside the border. and hook them all
    > up with real switches, for chrissake! no actual endpoint devices should
    > be plugged into routers (yes, I know, the '318's and 614 have the built
    > in switch. but these "routers" are giving you problems, aren't they?)
    >[/ref]

    or - if you like integrated router / switches, try cisco 831s for a
    reasonable SOHO router with embedded 4 port switch...... even Cisco gets
    around to using good ideas :)

    see http://cisco.com/en/US/products/hw/routers/ps380/index.html
    for more than you ever wanted to know about mainstream low end routers.
     
    --
    Regards

    Stephen Hope - return address needs fewer xxs


    shope Guest

  14. #14

    Default Re: Network router problem

    Update:

    Netgear FVS318
    WAN Port
    IP 67.x.x.x
    Subnet mask: 0.0.0.0
    DHCP: no (basically functions as a bridge?)
    ### Correction: no static routes for this router ###

    LAN Port:
    IP 192.168.0.1
    Subnet mask: 255.255.255.0 ### static ###
    DHCP: server
    DHCP range: 192.168.0.2 - 100
    RIP direction: both
    RIP version: RIP-2B
    MTU size: 1500 (default)

    Netgear RP614v2 #1
    WAN Port:
    IP: 192.168.0.3 ### dynamically assigned ###
    Subnet mask: 255.255.255.0
    DHCP: client
    LAN Port:
    IP: 192.168.1.1 ### static ###
    Subnet mask: 255.255.255.0
    DHCP: server
    DHCP range: 192.168.1.2 - 50
    ### one static route configured to printer: 192.168.0.2 ###

    Netgear RP614v2 #2
    WAN Port:
    IP: 192.168.0.6 ### dynamically assigned ###
    Subnet mask: 255.255.255.0
    DHCP: client ***
    LAN Port:
    IP: 192.168.2.1 ### static ###
    Subnet mask: 255.255.255.0
    DHCP: server
    DHCP range: 192.168.2.2 - 50
    ### one static route configured to printer: 192.168.0.2 ###

    All seems correctly configured:
    318 router is acting as DHCP server (on LAN side)
    614 routers are acting as DHCP clients (on WAN side)
    and acting as DHCP servers (on LAN side)

    All IPs are unique. (There were no duplicate IP's; that was a doent/edit
    error on my part...)

    To reiterate:
    When error occurs, computers connected to failed 614 router can ping each
    other, but not any of the routers (192.168.0.1, .1.1, or .2.1). Nor can they
    ping the printer (static route in the 318 router). Power cycle the failed
    router and all is well again for days (approx 10 days).

    Suggestions by some that the equipment isn't "professional" doesn't help. If
    you can tell me *why* this is happening, and *why* more-"professional" brands
    will fix the problem, your argument would be much more persuasive.

    Ideas? (I'm running out, right now...)

    Thanks,
    --
    DaveC
    net
    This is an invalid return address
    Please reply in the news group

    DaveC Guest

  15. #15

    Default Re: Network router problem

    "shope" <com> wrote: 

    Do you only allow certain ports thru the MR814, or do you block
    NetBios, or what? I'd think to have real isolation you'd want:

    WAN -> RouterA -> (RouterB & WiFiRouter)

    and then hang the secure LAN off RouterB and the insecure stuff off
    WiFiRouter.

    --
    William Smith
    ComputerSmiths Consulting, Inc. www.compusmiths.com
    William Guest

  16. #16

    Default Re: Network router problem

    In article <individual.net>,
    DaveC <net> wrote:
     

    What value is there in employing DHCP between the 318 and the two 614s?
    Why not assign the 614s fixed IP addresses and avoid the whole issud of
    DHCP leases between the routers? 

    --
    There are 10 kinds of people in the world:
    those who understand binary, and those who don't.

    Tom Stiller

    PGP fingerprint = 5108 DDB2 9761 EDE5 E7E3
    7BDA 71ED 6496 99C0 C7CF
    Tom Guest

  17. #17

    Default Re: Network router problem

    In article <individual.net>,
    DaveC <net> wrote: 

    approx 10 days, repeatable?
    well there goes my theory of a periodic/weekly cron job
    on one of the clients causing strife up the wire...

    Since you say it's always this particular one failing,
    I'd still be looking for something happening on that subnet,
    not necessarily inside the router box.
    J.Random Guest

  18. #18

    Default Re: Network router problem

    DaveC wrote:
     
     

    I don't think it should ever be 0.0.0.0.
     
     

    Probably you should turn RIP off. I can't see where it
    would cause problems here, but it can.
     
     

    I would statically assign this, outside the DHCP range
    of the 318.
     

    You should not need a static route here. Hosts on the 614 LANs
    should have a static route (DHCP assigned) to the 614s.
    Routers should always know how to get to the directly attached
    nets, unless you remove the route entry.

    The 614's should have a WAN side static default route,
    either through DHCP or statically assigned, pointing to the 318
    LAN side.
     

    The only other thing I can think of is thermal. Are the
    routers stacked so that one gets hotter? How about a fan
    ing over them to cool them a little more.

    -- glen

    glen Guest

  19. #19

    Default Re: Network router problem

    >> topology is [/ref]

    I, too, don't understand how this can provide isolation of the wireless net
    from the wired. All traffic for the wireless subnet must pass through the
    wired net. Doesn't this make the wired segment -- by definition -- insecure?
     

    Yeah, I also would use some configuration like this (view with monospace
    font):

    WAN
    |
    |
    |
    Router A
    | |
    | |
    | |
    Wireless Router B
    Router +------+------+------+
    ~ ~ | | |
    ~ ~ | | |
    ~ ~ | | |
    Wireless PC PC PC
    PCs

    This isolates the two sub nets from each other. I'm using a similar topology
    to isolate 2 wired subnets. They need to be wired in *parallel* to have
    complete isolation, don't they?
    --
    DaveC
    net
    This is an invalid return address
    Please reply in the news group

    DaveC Guest

  20. #20

    Default Re: Network router problem

    On Wed, 2 Jun 2004 16:21:30 -0700, Tom Stiller wrote
    (in article <dca.giganews.com>):
     

    It does seem simpler, doesn't it. I'd be glad to try this solution. What is
    the range I should choose the static addresses from for the 614's?

    And just turn off DHCP on the LAN side of the 318? Anything else to it?

    Thanks,
    --
    DaveC
    net
    This is an invalid return address
    Please reply in the news group

    DaveC Guest

Page 1 of 2 12 LastLast

Similar Threads

  1. Networking 2 xp with network router
    By mb in forum Windows Networking
    Replies: 0
    Last Post: July 6th, 02:24 AM
  2. Make a Network out of a Router?
    By Tom in forum Windows Networking
    Replies: 1
    Last Post: July 4th, 09:24 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139