Default Gateways and Routing

Another point of confusion when configuring the network adapters is where to place the default gateway.

Many administrators try to place gateways on both network adapters, which causes extremely unreliable traffic flows. It does not matter if the adapters are all on the same or different subnets; only one adapter should have a default gateway assigned.

The next decision is where to place the default gateway. For an Edge Server, always place the default gateway on the network adapter associated with the Access Edge Server IP address. This applies whether a single external adapter is used for all three roles or whether multiple adapters are used. This ensures that all requests the server does not know how to route are passed out through the Access Edge IP address.

A question that inevitably comes up is, “How does an Edge Server communicate with the internal network through an adapter that has no default gateway defined?” The answer to that question is, “With static routes.” The gateway associated with the internal adapter’s IP address is still used, but it won’t be the default gateway. Routing is something generally associated with network devices, but in the case of a multi-homed server, an administrator must configure the routing table to act appropriately. For a Lync Server Edge role, the administrator must manually enter route statements to use that internal adapter for internal subnets. Figure 27.13 shows how the external adapter has a default gateway associated, but routing statements for internal networks make use of the internal adapter.

Figure 27.13 Edge Server Gateways and Routing

Adding Static Routes

Static routes can be added via a command prompt either through the older route command or with the newer netsh command set.

First, identify the internal-facing network adapter’s name. If it was named descriptively, such as “Internal,” this information is already known. Open a command prompt with elevated administrative privileges and type each route statement with the following syntax:

netsh interface ipv4 add route <IP address /mask> <Interface Name> <Gateway>

As an example, assume there are three internal subnets—10.0.1.x, 10.0.2.x, and 10.0.3.x—that are all /24 subnets where servers and clients exist. The internal-facing adapter of the Edge Server is named Internal, the adapter’s IP address is 172.16.0.20, and the gateway for that subnet is 172.16.0.1.

The following commands should be entered on the Edge Server to tell the server to use the internal-facing adapter and gateway to reach those subnets:

netsh interface ipv4 add route 10.0.1.0 /24 "Internal" 172.16.0.1
netsh interface ipv4 add route 10.0.2.0 /24 "Internal" 172.16.0.1
netsh interface ipv4 add route 10.0.3.0 /24 "Internal" 172.16.0.1

Alternatively, if an organization uses all 10.x.x.x IP addressing for internal subnets, those statements can be reduced to a single line that accounts for all three subnets listed and possibly any new subnets added later.

The following example uses a /8 bitmask to route any traffic destined for a 10.x.x.x address through the internal adapter:

netsh interface ipv4 add route 10.0.0.0 /8 "Internal" 172.16.0.1

To recap the procedure, first identify the internal subnets where clients and servers are located. Next, try to summarize those subnets to minimize the amount of route statements required. Finally, enter the route statements on the Edge Server.