Windows

Configure IT Quick: Use Windows to set up a quick and easy router

Understand the pros and cons of using a Windows server as a router

One of the lesser-known Windows server functions is that Windows can be configured to act as a basic router, similar to commercial routers such as those sold by Cisco Systems and other vendors. I’m going to explain the pros and cons of using a Windows server as a router. I’ll then go on to show you how to configure both a Windows NT 4.0 system and a Windows 2000 system as a router. Finally, I’ll show you how to manage the router from the Windows command line.

When to use Windows as a router
Before I actually show you how to configure Windows to act as a router, there are some issues that you need to be aware of. There are definitely benefits and drawbacks to using Windows as a router. The biggest benefits to using Windows as a router are cost and ease of configuration (especially if you're already familiar with Windows administration).

If you have a small office with a minimal IT budget, you can save money by adding routing functions to an existing Windows server rather than purchasing a hardware router. Of course, doing so does add some overhead to the server, so you must make sure that the server that you’re using isn’t running short on system resources, such as memory, disk space, or CPU time. You must also worry about security. By their very nature, hardware routers tend to be more secure than Windows routers. A big part of this is because the Windows operating system contains so many potential vulnerabilities that can be exploited.

The other situation where Windows can be a good solution is when you need a router for a temporary network that does not require high security. For example, an ad hoc network for a training seminar, a remote office that won't be functioning for more than a few months, or a small network that is in the process of being upgraded.

In this scenario, you can quickly set up a router with a Windows system and then return that system to use as a Windows server once its function as a router is no longer needed. That way, you don't have to invest in an expensive hardware router that you only need for a limited period of time.

Preparing the system
Now that I've gone over the pros and cons, it’s time to look at setting up a Windows router. Whether you are using Windows NT or Windows 2000, you must begin by setting up your server’s hardware. Since a router’s primary purpose is to move traffic between two or more networks, your server will require at least two NICs, one for each network that it will attach to. (As you may know, a server with multiple NICs is referred to as "multihomed.")

Technically, even a Windows machine with a single NIC makes routing decisions and has a built-in routing table. However, if only a single NIC exists in the system, then there is only one exit point for a packet. This is why you must have two or more NICs in a system if you are going to use it as a true router.

As you have probably already figured out, you must also configure TCP/IP appropriately. If you will be using the server as a router, you’ll want to assign a static IP address to each NIC in the server. You must make sure that you use an IP address range and subnet mask that’s appropriate for the network that the NIC will attach to.

The default gateway address will differ depending on the way that your network is configured and on the Windows router’s function. However, the default gateway address will either match the NIC’s IP address or it will match the IP address of another router on the network if appropriate. Technically speaking, even if you assign each NIC a different default gateway, Windows will only use a single default gateway. If you look at the network card bindings, whichever NIC is bound first, that NIC's TCP/IP configuration will be used to determine the default gateway for the entire system. Using a single default gateway is Window’s way of avoiding confusion.

Set up Windows NT 4.0 as a router
Now that I have explained how to get the server ready to become a router, let’s take a look at how to configure Windows NT 4.0 as a router. If you’re running Windows 2000, I’ll show you the configuration procedure in the next section.

To enable routing on a Windows NT 4.0 Server, right-click the Network Neighborhood icon and then select the Properties command from the resulting shortcut menu. This will cause Windows to display the Network properties sheet. Now, select the Protocols tab and then select the instance of the TCP/IP protocol that’s bound to the NIC of your choice and click the Properties button. This will display the TCP/IP Properties sheet. Select the Routing tab and then click the Enable IP Forwarding check box. Click OK to close the TCP/IP Properties sheet and then repeat the procedure for any other NICs in the system.

Now that you have enabled routing, packets will be able to flow between networks attached to the server. However, if you need for your Windows NT Server to exchange routing information with other routers on the network, you’ll need to enable the RIP protocol. To do so, return to the Network properties sheet and select the Services tab. Click the Add button and then select RIP For Internet Protocol from the Select Network Services dialog box and click OK. Click OK one more time to close the Network Properties sheet. At this point, you may be prompted for your Windows NT installation CD and you may be asked to reboot the server as well.

Set up Windows 2000 as a router
The procedure for setting up Windows 2000 Server as a router is quite a bit different from setting up Windows NT 4.0, but, like NT, you must still begin by configuring your system’s NICs. Once the NICs have been configured, enter the MMC command at the Run prompt to launch an empty Microsoft Management Console. At this point, select the Add / Remove Snap In command from the Console menu. This will display the Add / Remove Snap In properties sheet. Click the Add button found on the properties sheet’s Standalone tab and you’ll see a list of available snap-ins appear. Select the Routing and Remote Access option from the list and click the Add button followed by the Close and OK buttons. The Routing and Remote Access snap-in should now be available in the console.

At this point, navigate through the console tree: Console Root | Routing And Remote Access | Server Status. Right-click the Server Status option and select the Add Server command from the resulting shortcut menu. Select the This Computer option and click OK. When you do, you’ll see your server appear (beneath the Server Status container) listed as being unconfigured. Right-click the listing for the server in the column to the left and select the Configure and Enable Routing and Remote Access command from the resulting shortcut menu.

When you do, Windows will launch the Routing And Remote Access Server Setup Wizard. Click Next to bypass the Welcome screen and you’ll see a screen appear that lists some common configurations. Select the Network Router option and click Next. At this point, Windows will display the protocols that are loaded on your server and will ask you if you need to install additional protocols. If you’ve configured the server properly so far, TCP/IP should be on the list. Select the option that indicates that the protocol of choice is on the list, and click Next.

Windows will now ask you if you need to configure a demand dial connection to a remote network. Demand dial connections are great for redundancy, but, generally, if you are just configuring the server as a simple router, then you won’t need to worry about demand dial routing. Therefore, select No and click Next. Windows will now show you a configuration summary screen. Click Finish and Windows will enable routing on the server and start the appropriate services. You’ll now see various routing options appear beneath the server in the console tree.

In the next section, I’m going to show you how to configure routing from a command prompt. However, you might be interested in knowing that you can use the Routing And Remote Access console as a shortcut. If you select the Routing Interfaces container, the column on the right will display all of the NICs in the system. You’ll also see internal and loop-back virtual devices. If, at a later time, you want to add a demand dial routing interface to the system, you can right-click the Routing Interface container and select the New Demand Dial Interface option from the shortcut menu. If you want to add an additional NIC, you must do so through the Network Properties sheet rather than through the Routing And Remote Access console.

Another option that you might be interested in is the IP Routing container. If you expand this container, you’ll see that there is a General and a Static Routes container beneath it. If you select the General container, you’ll see a summary of the system’s routing interfaces and their corresponding IP addresses and the amount of traffic that has passed through each interface. If you right-click the General container, the resulting shortcut menu contains several options that you can use for displaying various TCP/IP and multicast information. You can even use this menu to add additional routing protocols.

If you select the Static Routes container, you’ll see any static routes that have been configured on the system. You can create new static routes by right-clicking the Static Routes container and selecting the New Static Route option from the shortcut menu. This shortcut menu also has a Show IP Routing table option that you can use to display the server’s entire routing table.

Basic routing commands
Now that I have shown you how to configure Windows to act as a router, you might be interested to learn how to configure the various routing options. The basic routing options are configured via Window’s ROUTE command. Here is the basic syntax of this command:
ROUTE [-F] [-P] {command [destination][]

The -F switch is optional. This switch tells Windows to clear the routing table of all gateway entries. If the -F switch is used in conjunction with other commands, then all gateway entries will be cleared prior to executing other instructions within the command.

The -P switch makes a specified route persistent. Normally, if a server is rebooted, then any routes that you specify via the ROUTE command are removed. The -P switch tells Windows to keep the route even if the system is rebooted.

The command portion of the ROUTE command’s syntax is relatively simple. The command set consists of four options: PRINT, ADD, DELETE, and CHANGE. For example, if you’d like to display the routing table, you can use the ROUTE PRINT command. You can even use wild cards with this command. For example, if you only wanted to print routes pertaining to the 147.x.x.x subnet, you could use the command ROUTE PRINT 147*.

The ROUTE DELETE command works very similarly to the ROUTE PRINT command. Simply enter the ROUTE DELETE command followed by the destination or the gateway that you want to delete from the routing table. For example, if you wanted to remove the 147.0.0.0 gateway, you could enter the command ROUTE DELETE 147.0.0.0.

The ROUTE CHANGE and the ROUTE ADD commands have the same basic syntax. Typically, when using these commands, you would specify the destination, subnet mask, and gateway. You might also specify a metric and an interface. For example, if you wanted to add a destination using the bare minimal syntax, you could do so as follows:
ROUTE ADD 147.0.0.0 255.0.0.0 137.26.2.3

In this command, 147.0.0.0 is the new destination that you are adding, 255.0.0.0 would be the subnet mask for the destination, and 137.26.2.3 would be the gateway address. You can extend the command with the METRIC and IF parameters. Doing so would look something like this:
ROUTE ADD 147.0.0.0 255.0.0.0 137.26.2.3 METRIC 1 IF 1

The METRIC parameter is optional and specifies the metric or number of hops for the route. The IF parameter tells Windows which interface to use. In this particular case, Windows would use the NIC that’s bound to Windows as interface 1. If you don’t use the IF parameter, then Windows will automatically search for the best interface to use.

I have given you the basics behind using the ROUTE command. As you can see, there is nothing too difficult about using this command. If you need a little extra help with the command syntax though, just enter the ROUTE /? command at the command prompt. This will display the command’s syntax and several usage examples.

Summary
As you can see, Windows can function quite well as a router. However, there are lots of issues to consider before configuring Windows to act as a router. In this Daily Drill Down, I’ve discussed these issues and provided you with detailed instructions for configuring both Windows 2000 and Windows NT 4 as a router.

 
0 comments

Editor's Picks