TOTAL
Since dec 2006
1'942'871 Visitors
4'218'042 Pages

Nov 2010 Stats
82'909 Visitors
146'476 Pages
196 countries
Full statistics



Help us translate
our tutorials!

JOIN the
OpenManiak Team.
OM TEAM
Director:
Blaise Carrera
Tutorials creation:
Blaise Carrera
Translaters:
Giovanni Fredducci
Angel Chraniotis
Moham. H. Karvan
Alexandro Silva
Blaise Carrera
Andrei Chertolyas
Sergiy Uvarov
Nickola Kolev
Łukasz Nowatkowski
Ivo Raisr
Catalin Bivolaru
Bogdan A. Costea
Kirill Simonov
Oliver Mucafir
JaeYoung Jeon
Seungyoon Lee
Jie Yu & Si Cheng
Tao Wei
YukiAlex
Fumihito Yoshida
Muhammad Takdir
Çağdaş Tülek
Auditors
Leslie Luthi
Joe Anderson
Jennifer Ockwell
Nigel Titley
Alison Rees
Sabrina Barbey
Webmaster:
Blaise Carrera
WANEM - The Easy Tutorial - Network Scenario

WANem Network Scenario
Last Change : Oct 25 2010 french flagenglish flag


Tool
Install
Ergonomy
Forum



Details What is WANem?
Screenshots
Prerequisites
Basic configurations
Network Scenarios
Basic mode
Advanced mode




If you like our tutorials, don't hesitate to support us and visit our sponsors!
Si vous aimez nos tutoriaux, n'hésitez pas à nous supporter et visiter nos sponsors!



Depending on how the client and the server are connected to each other, you must choose between two scenarios.

1. The client and the server are in the same broadcast domain.
Static routes have to be implemented on both client and server with WANem as the gateway to reach each other.
If you are not sure whether the client and the server are in the same broadcast domain, use the traceroute command. If you see a unique hop, it means the client and the server are in the same brodacast domain.

2. The client and the server are not in the same broadcast domain.
In this case, there are routing between the two devices and the client must be positioned in the same broadcast domain than WANem and have a route to the server with WANem as the gateway. To ensure that the packets returning from the server to the client will pass through WANem and thus have a symmetric routing, you must configure source NAT on WANem (see source nat picture).

If you are not sure whether the client and the server are in the same broadcast domain, use the traceroute command. If if you see more than one hop, it means that there is routing between the two devices and thus that they are in two different broadcast domains.

Lets see two traceroute examples performed on a windows machine to show the two scenarios described above:

Same broadcast domain: Different broadcast domain:
tracert 10.1.1.1
1. 10.1.1.1
 
 
 
tracert 10.1.1.1
1. 10.7.2.1
2. 10.2.5.1
3. 10.1.2.1
4. 10.1.1.1



1. Client and server are the same broadcast domain:

wanem: scenario with client and server in the same broadcast domain

You have to add a route on both client and server machines to force the traffic to pass through WANem.

On the windows machine:

Click on Start -> Run -> cmd
route add 192.168.1.50 mask 255.255.255.255 192.168.1.111
On the Linux machine:

route add 192.168.1.10 mask 255.255.255.255 gateway 192.168.1.111
Check the routing

From the client (Windows machine)

C:\Documents and Settings\Admin>tracert 192.168.1.50
Tracing route to 192.168.1.50 over a maximum of 30 hops

   1   8 ms   9 ms    8 ms   192.168.1.50

Trace complete.
         

C:\Documents and Settings\Admin>tracert 192.168.1.50
Tracing route to 192.168.1.50 over a maximum of 30 hops

   1   2 ms   2 ms    2 ms   192.168.1.111
   2   8 ms   9 ms    8 ms   192.168.1.50

Trace complete.
From the server (Linux machine)

root@server#traceroute 192.168.1.10
traceroute to 192.168.1.10 (192.168.1.10), 30 hops max, 38 bytes packets
   1.   192.168.1.111 (192.168.1.111)   0.077ms   0.052ms   0.076ms
   2.   192.168.1.10 (192.168.1.10)      0.125ms   0.154ms   0.076ms

2. Client and server are in different broadcast domains:

wanem: scenario with client and server in different broadcast domains

On the windows machine:

Click on Start -> Run -> cmd
route add 10.0.1.1 mask 255.255.255.255 192.168.1.111
C:\Documents and Settings\Admin>tracert 10.0.1.1
Tracing route to 10.0.1.1 over a maximum of 30 hops

   1   2 ms   2 ms    2 ms   192.168.1.111
   2   2 ms   2 ms    2 ms   192.168.1.1
   3   50 ms   20 ms    42 ms   10.255.1.1
   4   150 ms   130 ms    160 ms   10.0.1.1

Trace complete.
In this scenario the server cannot initiate a connection and thus run a traceroute to the client. This is due to the source NATing on the WANem machine.

Source NAT picture:

wanem source nat

The picture above shows a logical view of the source NAT process occurring in the second scenario.
In this case only the client can initiate a connection. When the packets destined for the server arrives on the WANem machine, their source IP are translated and take the WANem IP address. When they come back from the server, the packets destination is the WANem IP address which will be translated on the WANem machine to the client IP address. (see picture below)
If source NAT is not used the packets coming back to the client will bypass the WANem machine. In this case you have asymmetric routing meaning that the routing between two hosts does not take the same path in both directions.

If you want to check than you return path pass through WANem to see that you have a really a symmetric routing, use the "record" option of the well-known Ping command.

ping -r 9 10.0.1.1
Reply to request 1 (4 ms). Received packet has options
  Total option bytes= 40, padded length=40
  Record route:
     (192.168.1.10)
     (192.168.1.111)
     (192.168.1.1)
     (10.255.1.1)
     (10.0.1.1)
     (10.0.1.2)
     (10.255.1.2)
     (192.168.1.111)
     (192.168.1.10)
    <*>
  End of list



IMPORTANT NOTICE:

Be careful when configuring routes on a server in business production.
A routing mistake could lead to your server being unconnectable.
As a general rule, try always to perform tests on non-production machines.

Top of the page





If you liked our tutorials, don't hesitate to support us and visit our sponsors!
Si vous aimez nos tutoriaux, n'hésitez pas à nous supporter et visiter nos sponsors!