36

When MDaemon is connected to the Internet, local machines cannot connect to MDaemon

When a dialup session is established, machines on the local network can no longer connect to MDaemon.

The reason that you are unable to ping MDaemon from a different subnet on your network once it has connected to your ISP, is that when it connects, your ISP changes the default gateway in your MDaemon/WinGate machine's Route table. This change moves the default gateway setting from the IP address of your server, to the IP address of their server, allowing your machine to communicate with the outside world. The only way to get around this is to make an addition to the MDaemon machine's route table. Below is a brief description of route tables.

INTERFACE

An interface is a logical interface associated with a piece of communications hardware that has a TCP/IP stack. These bits of hardware include things like modems, Ethernet cards, Ethernet interfaces on a router, etc. The logical interface always has an IP address associated with it. These IP addresses must be unique within any connected network.

When you want to make a TCP/IP connection, or just send some packets to a machine, you have to figure out which interface to send the packets out of. It is obviously no good sending packets out your LAN adapter when you are trying to connect to an Internet site. Conversely, it is no good sending packets out your modem when you are trying to access a machine on your LAN.

For this reason there are routing tables. The routing table is a table that the TCP/IP stack looks at when it wants to send a packet somewhere, and the routing table tells the stack which interface to pump the packets out of in order to get to the desired destination.

Route table entries specify:

  1. A range of destinations (made up by network address / subnet mask - see later).
  2. Which router (gateway) to send packets to for these destinations?
  3. Which interface to send packets out to get to these destinations?

EXAMPLE:

This is a sample route table when on-line with a modem.

Active Routes:

 

Network Address   

Netmask Gateway   

Address Interface   

Metric 

0.0.0.0   

0.0.0.0   

203.96.10.254   

203.96.10.51 1   

127.0.0.0   

255.0.0.0   

127.0.0.1   

127.0.0.1 1

192.168.0   

255.255.0.0   

192.168.0   

192.168.0.4 2   

192.168.0.4   

255.255.255.255   

127.0.0.1   

127.0.0.1 1   

192.168.0.255   

255.255.255.255   

192.168.0.4   

192.168.0.4 1

203.96.10.0   

255.255.255.0   

203.96.10.51   

203.96.10.51 1

203.96.10.51   

255.255.255.255   

127.0.0.1   

127.0.0.1 1

203.96.10.255   

255.255.255.255   

203.96.10.51   

203.96.10.51 1

224.0.0.0   

224.0.0.0   

203.96.10.51   

203.96.10.51 1

224.0.0.0   

224.0.0.0   

192.168.0.4   

192.168.0.4 1

255.255.255.255   

255.255.255.255   

192.168.0.4   

192.168.0.4 1

There are 2 interfaces on the box - a LAN adapter with an IP address of 192.168.0.4 and a modem PPP interface with address 203.96.10.51 You will see that there is an entry in the table for both of these, plus some others. If we look at the 4th entry, that is the definition of the entry for the LAN card. What it is saying is that if we get a packet that we want to send to 192.168.0.4 MASK 255.255.255.255 (which means that it must match the whole address), then we send the packet over interface 192.168.0.4 - the gateway is ignored. The next significant one is the 3rd entry. That is saying that if we have a packet for 192.168.0.0 MASK 255.255.0.0 (that means anything from 192.168.0.1 to 192.168.254.254 since 255 is reserved as is 0) then we send it out interface 192.168.0.4 - this means all our LAN traffic goes out of the LAN card. By comparison, the 7th entry is the same as the 4th entry, but for the PPP interface (modem). The 6th entry is the same as the 3rd entry, but applies to the range 203.96.10.1 to 203.96.10.254 which is a subnet on the service provider. This will give us access to their router. The other VERY significant entry is the 1st one. The effect of having a destination of 0.0.0.0 with MASK 0.0.0.0 means ANY IP address. This is called the DEFAULT ROUTE. This one is the last route used if there is no match on the others. This is the one that causes problems in multi-segment networks when you dial up, because it is changed by the PPP login process. What this means is that if we don't have a static route (like the other entries) for a destination, we send it out over the default route to 203.96.10.254 (our ISPs router) which is accessible through the interface 203.96.10.51 (our modem).

What this is saying, is that everything goes out over our modem, except things that match a static route - so this includes our LAN (local subnet only).

The other entries are:

127.0.0.0 is the localhost (loopback interface) this is a software only interface internal to the stack itself, and is not accessible over any interface. This means that this interface can only be accessed from the machine itself.

192.168.0.255 is the broadcast address for broadcast packets on our LAN.

203.96.10.255 is the broadcast address for broadcast packets on the LAN segment on our ISP.

224.0.0.0 is another broadcast (or perhaps multicast) address on both our LAN and the ISPs LAN. The effect of two matching entries means any packets sent to this destination will be broadcast on our LAN and the ISPs LAN.

255.255.255.255 is the global broadcast address.

ROUTES AUTOMATICALLY CREATED BY THE OS

There are a number of routes created automatically by the OS. Whenever an interface is added, you get a route for the interface, one for the subnet the interface is on, and one for the broadcast address for that interface. If you look at the route table above, the interface 192.168.0.4 results in the addition of route entries 2, 3, 4, 5 and 6.

The OS also creates the localhost interface (1st one).

IMPORTANT

If you specify a default gateway for your LAN adapter (i.e you have a router on your LAN), then you also get a default route entry. This is the entry that is used to access the other subnets on your LAN.

WHAT THIS ALL MEANS

What this means is that your PPP login when it changes your default route so that by default all your packets go to your ISPs router (so you can access Internet sites), makes the rest of your LAN segments inaccessible. Unless you have manually entered a static route to those subnets, they will have been dependent on the default route.