OK. The affected machines have a working local gateway but are not using it to get out to the world because they are not ping-able when the remote gateway is down. They are fine when the remote gateway is up. Based on the limited data, we can surmise the rule:
When given a list of two gateways, windows will, at its discretion, either: Use the first as default gateway (and ignore the second?). or Use the first only to reach the second and use the second to get out to the world (serial GWs). (just kidding), eab On 06/28/2016 09:05 AM, Michael Leone wrote:
On Mon, Jun 27, 2016 at 4:32 PM, Edward A. Berry <[email protected] <mailto:[email protected]>> wrote: 1. Am I wrong in believing that a Windows machine (Win 2008 R2 and Win 2012 R2) will use the gateways in the order listed? (i.e., use x.x.x.1 first, and not try to use x.x.x.2 unless x.x.x.1 is unavailable). Seems most of my VMs worked this way, but not all, yet all are configured the same way. One would think so. Even more strange, how could some of the machines be using the recovery-site gateway if they don't have a working gateway on the local subnet? That's just it, there *was* a working gateway from the production site the entire time. You are right, they couldn't have reached the recovery-site gateway, if the production-site gateway was down (and the VM was still on the production site, and not failed over). So why use it at all? They couldn't even reach it, much less know whether it was down or up! (Unless I'm missing something) eab On 06/24/2016 11:23 AM, Michael Leone wrote: Here's my setup: I have a lot of VMware VMs. We also use their SRM (Site Recovery Manager) for Disaster Recovery. Basically, SRM lets the VMs fail over to another site, in case of disaster. They will keep their current IP addressing. So what we did was set 2 gateways on each VM - first entry is x.x.x.1, which is the gateway at the production site. Second entry is x.x.x.2, which is the gateway at the recovery site. This way, if the VMs did fail over, they would still be able to find a gateway and continue to work (since theoretically x.x.x.1 would not be available, being a smoldering pile of ash or whatever). Note that these are all 1 NIC machines, no multi-homing. And all static addressing, no DHCP. I seem to recall testing this a couple years ago, and it worked fine. However, I'm old, so who knows how faulty my memory is ... Here's the problem - yesterday the recovery site went down. Mind you, the main production site stayed up, and in fact, has never gone down. But then I started getting weird calls - I couldn't ping some VMs, yet other on the same subnet as I am had no difficulties. Eventually, what I had to do was delete the x.x.x.2 gateway entry from the problematical machines, flush their DNS cache, and then everyone could access these VMs again. But why?. Since the main production site switch never went down, none of the VMs should have been using the recovery site as a gateway; they should all have been using x.x.x.1, and the fact that x.x.x.2 was unavailable should not have matter to them in the slightest. And even if they were using the recovery site x.x.x.2 as gateway, once it dropped, the VM should have still been able to use the other entry, the production site switch x.x.x.1, as a gateway and continued to be available. So, 3 questions then: 1. Am I wrong in believing that a Windows machine (Win 2008 R2 and Win 2012 R2) will use the gateways in the order listed? (i.e., use x.x.x.1 first, and not try to use x.x.x.2 unless x.x.x.1 is unavailable). Seems most of my VMs worked this way, but not all, yet all are configured the same way. 2. And, if the gateway in use (for example, x.x.x.2) becomes unavailable, I thought Windows would automatically try the other entry, without any user intervention. Is this not so? 3. What I want is that for the VMs to use the first gateway listed. If it can't reach or use that, then I want it to automatically use the next entry in the gateway list. Is this possible? If so, then how? Thanks for any help.
