Help me understand routing tables

[Dog80]

As I mentioned in the other thread here I am having problem connecting to a VPN. I am quite convinced that the problem is that I am assigning some bad IP or netmask to my computer.

In this example the VPN works. I have DHCP enabled. 10.0.10.15 is the IP address of the virtual NIC created by the VPN client. 10.0.0.3 is the IP assigned by DHCP to my computer. 10.0.0.138 is the address of my DSL router. The VPN is used to connect to 10.0.10.x or something. I simply open Internet Explorer, type that IP and I am immediately connected to the orders website.

C:\>ipconfig /all

Ομάδα παραμέτρων IP των Windows 2000

        Όνομα κεντρικού υπολογιστή. . . . : IBM
        Επίθημα κύριου DNS. . . . . . . . :
        Τύπος κόμβου. . . . . . . . . . . : Εκπομπή
        Ενεργοποίηση δρομολόγησης IP. . . : Όχι
        Ενεργοποίηση αντιστοίχισης WINS . : Όχι
        Λίστα αναζήτησης επιθημάτων DNS . : lan

Ethernet προσαρμογέας Σύνδεση τοπικού δικτύου 2:

        Επίθημα DNS συγκεκριμένης σύνδεσης:
        Περιγραφή . . . . . . . . . . . . : Cisco Systems VPN Adapter
        Φυσική διεύθυνση. . . . . . . . . : 00-05-9A-3C-78-00
        Ενεργοποίηση DHCP . . . . . . . . : Όχι
        Διεύθυνση IP. . . . . . . . . . . : 10.0.10.15
        Μάσκα Subnet. . . . . . . . . . . : 255.0.0.0
        Προεπιλεγμένη πύλη . . . . . . .  :
        Διακομιστές DNS . . . . . . . . . :

Ethernet προσαρμογέας Σύνδεση τοπικά:

        Επίθημα DNS συγκεκριμένης σύνδεσης: lan
        Περιγραφή . . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connecti
on
        Φυσική διεύθυνση. . . . . . . . . : 00-0D-60-31-63-BF
        Ενεργοποίηση DHCP . . . . . . . . : Ναι
        Ενεργοποιήθηκε η αυτόματη ρύθμιση : Ναι
        Διεύθυνση IP. . . . . . . . . . . : 10.0.0.3
        Μάσκα Subnet. . . . . . . . . . . : 255.255.255.0
        Προεπιλεγμένη πύλη . . . . . . .  : 10.0.0.138
        Διακομιστής DHCP. . . . . . . . . : 10.0.0.138
        Διακομιστές DNS . . . . . . . . . : 10.0.0.138
        Αρχή χρήσης . . . . . . . . . . . : Τετάρτη, 3 Ιανουαρίου 2007 9:29:03 μ
μ
        Λήξη χρήσης . . . . . . . . . . . : Τετάρτη, 3 Ιανουαρίου 2007 11:29:03
μμ

C:\>route print
===========================================================================
Λίστα διασυνδέσεων
0x1 ........................... MS TCP Loopback interface
0x1000003 ...00 0d 60 31 63 bf ...... Intel 8255x-based Integrated Fast Ethernet

0x1000004 ...00 05 9a 3c 78 00 ...... Cisco Systems VPN Adapter
===========================================================================
===========================================================================
Ενεργές διαδρομές:
Network Destination    Netmask             Gateway      Interface   Metric
          0.0.0.0          0.0.0.0       10.0.0.138        10.0.0.3       1
         10.0.0.0    255.255.255.0         10.0.0.3        10.0.0.3       1
         10.0.0.0        255.0.0.0       10.0.10.15      10.0.10.15       1
         10.0.0.3  255.255.255.255        127.0.0.1       127.0.0.1       1
       10.0.0.138  255.255.255.255         10.0.0.3        10.0.0.3       1
         10.0.2.0    255.255.255.0       10.0.10.15      10.0.10.15       1
       10.0.10.15  255.255.255.255        127.0.0.1       127.0.0.1       1
   10.255.255.255  255.255.255.255         10.0.0.3        10.0.0.3       1
   10.255.255.255  255.255.255.255       10.0.10.15      10.0.10.15       1
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
    212.205.67.67  255.255.255.255       10.0.0.138        10.0.0.3       1
        224.0.0.0        224.0.0.0         10.0.0.3        10.0.0.3       1
        224.0.0.0        224.0.0.0       10.0.10.15      10.0.10.15       1
  255.255.255.255  255.255.255.255         10.0.0.3        10.0.0.3       1
Προεπιλεγμένη πύλη:     10.0.0.138
===========================================================================
Συνεχείς διαδρομές:
  Καμία

In the second example I have assigned the IP address 169.254.49.55 to my computer and I have added the IP address 192.168.1.12 at Internet Protocol (TCP/IP) → Properties → Advanced → IP Settings. In this case, the pump controller works (has the address 192.168.1.x) and I can share a printer on another computer with address 169.254.49.x. I cannot browse the Internet and I cannot connect to the VPN though.

C:\>ipconfig /all

Ομάδα παραμέτρων IP των Windows 2000

        Όνομα κεντρικού υπολογιστή. . . . : IBM
        Επίθημα κύριου DNS. . . . . . . . :
        Τύπος κόμβου. . . . . . . . . . . : Εκπομπή
        Ενεργοποίηση δρομολόγησης IP. . . : Όχι
        Ενεργοποίηση αντιστοίχισης WINS . : Όχι

Ethernet προσαρμογέας Σύνδεση τοπικού δικτύου 2:

        Επίθημα DNS συγκεκριμένης σύνδεσης:
        Περιγραφή . . . . . . . . . . . . : Cisco Systems VPN Adapter
        Φυσική διεύθυνση. . . . . . . . . : 00-05-9A-3C-78-00
        Ενεργοποίηση DHCP . . . . . . . . : Όχι
        Διεύθυνση IP. . . . . . . . . . . : 10.0.10.15
        Μάσκα Subnet. . . . . . . . . . . : 255.0.0.0
        Προεπιλεγμένη πύλη . . . . . . .  :
        Διακομιστές DNS . . . . . . . . . :

Ethernet προσαρμογέας Σύνδεση τοπικά:

        Επίθημα DNS συγκεκριμένης σύνδεσης:
        Περιγραφή . . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connecti
on
        Φυσική διεύθυνση. . . . . . . . . : 00-0D-60-31-63-BF
        Ενεργοποίηση DHCP . . . . . . . . : Όχι
        Διεύθυνση IP. . . . . . . . . . . : 192.168.1.12
        Μάσκα Subnet. . . . . . . . . . . : 255.255.255.0
        Διεύθυνση IP. . . . . . . . . . . : 169.254.49.55
        Μάσκα Subnet. . . . . . . . . . . : 255.255.0.0
        Προεπιλεγμένη πύλη . . . . . . .  : 10.0.0.138
        Διακομιστές DNS . . . . . . . . . : 10.0.0.138

C:\>route print
===========================================================================
Λίστα διασυνδέσεων
0x1 ........................... MS TCP Loopback interface
0x1000003 ...00 0d 60 31 63 bf ...... Intel 8255x-based Integrated Fast Ethernet

0x2000004 ...00 05 9a 3c 78 00 ...... Cisco Systems VPN Adapter
===========================================================================
===========================================================================
Ενεργές διαδρομές:
Network Destination    Netmask             Gateway      Interface    Metric
          0.0.0.0          0.0.0.0       10.0.0.138   169.254.49.55       1
         10.0.0.0        255.0.0.0       10.0.10.15      10.0.10.15       1
         10.0.2.0    255.255.255.0       10.0.10.15      10.0.10.15       1
       10.0.10.15  255.255.255.255        127.0.0.1       127.0.0.1       1
   10.255.255.255  255.255.255.255       10.0.10.15      10.0.10.15       1
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
      169.254.0.0      255.255.0.0    169.254.49.55   169.254.49.55       1
    169.254.49.55  255.255.255.255        127.0.0.1       127.0.0.1       1
  169.254.255.255  255.255.255.255    169.254.49.55   169.254.49.55       1
      192.168.1.0    255.255.255.0     192.168.1.12   169.254.49.55       1
     192.168.1.12  255.255.255.255        127.0.0.1       127.0.0.1       1
    192.168.1.255  255.255.255.255     192.168.1.12   169.254.49.55       1
    212.205.67.67  255.255.255.255    169.254.49.55   169.254.49.55       1
        224.0.0.0        224.0.0.0       10.0.10.15      10.0.10.15       1
        224.0.0.0        224.0.0.0    169.254.49.55   169.254.49.55       1
  255.255.255.255  255.255.255.255    169.254.49.55   169.254.49.55       1
Προεπιλεγμένη πύλη:     10.0.0.138
===========================================================================
Συνεχείς διαδρομές:
  Καμία

C:\>

Is there any way to tweak the routing table so the VPN works with the second example set-up?

[si_blakely]

Dog80:

As I mentioned in the other thread here I am having problem connecting to a VPN. I am quite convinced that the problem is that I am assigning some bad IP or netmask to my computer.
Is there any way to tweak the routing table so the VPN works with the second example set-up?

I am a bit confused as to what you are trying to achieve in your second setup. Your assigned IP address cannot route to either the internet or your VPN. I’ll try to explain why…

An IP address is a valid number for a network.
A Subnet defines which ip addresses are connected to each other locally, and do not need routing. So for two computers to talk directly via ip, they need to be connected to the same physical network and be in the same ip subnet.

So to talk to your DSL router at 10.0.0.138 in the subnet from 10.0.0.1-10.0.0.254 (255.255.255.0 or /24) your computers IP Address must be in that range - no other option. The IP stack will not even try to send a packet out if there is no path.

A Route defines a way to get to ip addresses outside the local subnet. It does this by defining the remote subnet by ip address and mask, and the local address (or gateway) that gets you there. So your DSL router is the gateway for all ip addresses outside of 10.0.0.0/24.

When you connect your VPN, the VPN client connects to a VPN server ip address - through the DSL router - and you are given an additional ip address - 10.0.10.15/8. All ip packets for 10.x.x.x that are not for 10.0.0.x will go via the VPN into the VPN accessible network. All other ip packets will go to the DSL router to the internet.

I hope this is clear, and you should be able to see why your second config does not work.

You have three subnets on the same physical network, but only two ip addresses on your PC
169.254.49.x/16 PC and PC with Printer
192.168.1.x/24 PC and Pump Controller

10.0.0.x/24 DSL Router

While they are all physically connected to the same network, you have no ip address to connect to your DSL router - you need a 10.0.0.x ip address to do that. The TCP/IP stack will not even try to send a packet out the wrong interface.

My advice is to reconfigure everything to be in the same ip subnet - 10.0.0.x. Then all your issues go away - everything can talk to everything else.
Alternatively, add a 10.0.0.x ip address to your PC network adapter. Then it can talk to the DSL router.

Hope this helps.

Si