Route for a single host?

Discussion in 'Cisco' started by Jake, Jun 17, 2004.

  1. Jake

    Jake Guest

    Maybe I'm a dumbass for even asking this, but here goes.

    We're working on a disaster recovery plan and one part includes our
    mainframe being reloaded in a different state. We're planning on
    relocating the rest of our servers to a different branch.

    Here's the problem though. Our mainframe and other critical servers
    are sitting on a 172.17.1.0 subnet. I really want to avoid having to
    change the IP's of the servers because it will cause a major headache.

    Our mainframe is on IP 172.17.1.5 will be in Florida. All other
    servers on the 172.17.1.0 subnet will be in Cali. Is it possible to
    add a route statement to the router to point traffic to 172.17.1.5
    down a single pipe to Florida and have all other servers in the
    172.17.1.0 subnet at Cali?

    Thanks
     
    Jake, Jun 17, 2004
    #1
    1. Advertisements

  2. :We're working on a disaster recovery plan and one part includes our
    :mainframe being reloaded in a different state. We're planning on
    :relocating the rest of our servers to a different branch.

    :Here's the problem though. Our mainframe and other critical servers
    :are sitting on a 172.17.1.0 subnet. I really want to avoid having to
    :change the IP's of the servers because it will cause a major headache.

    :Our mainframe is on IP 172.17.1.5 will be in Florida. All other
    :servers on the 172.17.1.0 subnet will be in Cali. Is it possible to
    :add a route statement to the router to point traffic to 172.17.1.5
    :down a single pipe to Florida and have all other servers in the
    :172.17.1.0 subnet at Cali?

    It is a bit more complicated than that. You would need to set up
    a VPN of some sort between the two locations. That could be an IPSec
    tunnel in 'lan extension mode', or it could be a PPTP in which the
    Florida router was "dynamically" allocated 172.17.1.5 [you have
    to watch the routing closely on this one], or it could be a GRE tunnel
    between the lans.

    I don't know enough to say which would be the preferred mechanism. If
    you have non-IP traffic (e.g., IPX) then GRE would be the choice.
    If your traffic is pure IP, then lan-extension mode might be better
    from a security standpoint. I wouldn't do PPTP or L2TP unless the other
    two possibilities didn't work out.
     
    Walter Roberson, Jun 17, 2004
    #2
    1. Advertisements

  3. On the Cali router:

    ip route 172.17.1.5 255.255.255.255 <interface>

    where <interface> is the connection between the Cali and Florida routers
    (if you don't have a WAN link between them, you can set up a VPN and
    point the route to the Tunnel interface).

    On the Florida router:

    ip route 172.17.1.5 255.255.255.255 <interface>

    where <interface> is the LAN interface that the mainframe is on, e.g.
    Ethernet0.
     
    Barry Margolin, Jun 17, 2004
    #3
  4. Hi,

    it´s possible, but not a really good design for me.

    It is necessary, that "Proxy Arp" is enabled on both router´s (on Cisco it´s active default). Because the servers in Cali think´s, that the sever with 172.17.1.5 is in the own network. So nobody uses the default gateway to talk to 172.17.1.5.

    Regards

    Carsten Remien

    --
    \|/
    (o o)
    ---------------------oOOO--(_)--OOOo----------------------
    Out the 100Base-T, off the firewall, through the router, down
    the T1, over the leased line, off the bridge, nothing but Net.
    (Use ROT13 to see my email address)
    .oooO Oooo.
    ----------------------( )---( )-----------------------
    \ ( ) /
    \_) (_/
    | Maybe I'm a dumbass for even asking this, but here goes.
    |
    | We're working on a disaster recovery plan and one part includes our
    | mainframe being reloaded in a different state. We're planning on
    | relocating the rest of our servers to a different branch.
    |
    | Here's the problem though. Our mainframe and other critical servers
    | are sitting on a 172.17.1.0 subnet. I really want to avoid having to
    | change the IP's of the servers because it will cause a major headache.
    |
    | Our mainframe is on IP 172.17.1.5 will be in Florida. All other
    | servers on the 172.17.1.0 subnet will be in Cali. Is it possible to
    | add a route statement to the router to point traffic to 172.17.1.5
    | down a single pipe to Florida and have all other servers in the
    | 172.17.1.0 subnet at Cali?
    |
    | Thanks
     
    Remien, Carsten, Jun 17, 2004
    #4
  5. Jake

    mh Guest

    Change your current network, so that the mainframe is on a separate IP
    subnet, then your DRP issue (from an IP addressing perspective) will
    be trivial.
     
    mh, Jun 18, 2004
    #5
  6. Jake

    Hansang Bae Guest

    Proxy arp is not required. If he enters a route with a /32 mask,
    longest match rule will kick in. Not a great design, but it will work.


    --

    hsb

    "Somehow I imagined this experience would be more rewarding" Calvin
    *************** USE ROT13 TO SEE MY EMAIL ADDRESS ****************
    ********************************************************************
    Due to the volume of email that I receive, I may not not be able to
    reply to emails sent to my account. Please post a followup instead.
    ********************************************************************
     
    Hansang Bae, Jun 19, 2004
    #6
  7. sorry, but you are wrong.

    Network nodes in Subnet 172.17.1.0/24 does not talk to the gateway when the destination address is 172.17.1.5. Because 172.17.1.5 is in the same subnet. So you need a node (like the router) that listen to this address and routes it to florida.

    --
    \|/
    (o o)
    ---------------------oOOO--(_)--OOOo----------------------
    Out the 100Base-T, off the firewall, through the router, down
    the T1, over the leased line, off the bridge, nothing but Net.
    (Use ROT13 to see my email address)
    .oooO Oooo.
    ----------------------( )---( )-----------------------
    \ ( ) /
    \_) (_/
    | In article <>, says...
    | > Hi,
    | >
    | > it=3Fs possible, but not a really good design for me.
    | >
    | > It is necessary, that "Proxy Arp" is enabled on both router=3Fs (on Cisco it=3Fs active default). Because the servers in Cali think=3Fs, that the sever with 172.17.1.5 is in the own network. So nobody uses the default gateway to talk to 172.17.1.5.
    |
    | Proxy arp is not required. If he enters a route with a /32 mask,
    | longest match rule will kick in. Not a great design, but it will work.
    |
    |
    | --
    |
    | hsb
    |
    | "Somehow I imagined this experience would be more rewarding" Calvin
    | *************** USE ROT13 TO SEE MY EMAIL ADDRESS ****************
    | ********************************************************************
    | Due to the volume of email that I receive, I may not not be able to
    | reply to emails sent to my account. Please post a followup instead.
    | ********************************************************************
     
    Remien, Carsten, Jun 19, 2004
    #7
  8. Jake

    Jake Guest

    Been on vacation - almost forgot I posted this message here.

    Thanks for the help everyone. It's more clear now than it was last
    week. I will most likely end up changing the network a bit to put the
    mainframe on it's own subnet, like mh said.
     
    Jake, Jun 21, 2004
    #8
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.