The configuration of Routing and Remote Access is important in the network, and the Routing and Remote Access server uses the IP forwarding process to forward packets to a neighboring host on a connected subnet.
Routing and Remote Access configuration is an essential step in the network, with the development of routing technology, I believe that the remote access server will be more mature. This is an address range on the intranet network to which the Routing and Remote Access server is connected. This type of address is used whenever the Routing and Remote access server obtains the IP address of the remote access client from the DHCP server or when a manually configured static pool contains an IP address within the address range of a connected subnet. The advantage of using subnet addresses is that there is no need to make any changes to the routing infrastructure.
Subnet Outer address range
This is an address range that represents a different subnet that logically connects to the remote access server. This type of address is used when a static pool contains an IP address that is located on a separate subnet. The advantage of using a subnet address is that the IP address of the remote access client is easier to identify. The type of address determines how traffic is forwarded from an intranet node to a connected remote access client. When a connection's remote access client sends a package, the following procedure occurs:
1. Packets are sent to the Routing and Remote Access server via a PPP link.
2. The Routing and Remote Access server uses the IP forwarding process to forward packets to a neighboring host on a connected subnet, or it is more likely to forward it to a neighboring router on a connected intranet (intranet). For more information about IP forwarding procedures, see Understanding IP routing tables. When traffic is sent to the Routing and Remote Access client, the process of transferring it to the remote access server is different depending on whether the remote access client is assigned to a subnet address or to a subnet address.
packet transmission for the subnet address
3lian Material
For a subnet address, the remote access server acts as a proxy Address Resolution Protocol (ARP) device, which is responsible for responding to arprequest frames for these addresses for the IP addresses of the Routing and Remote Access clients assigned to the connection. The remote access server maintains a list of IP addresses assigned to remote access clients and responds to ARP requests on behalf of those clients. For a remote access client that is using an address on a subnet, the process of transferring the package to it is as follows:
1. A node on the intranet subnet to which the remote server is connected sends a arprequest frame requesting the MAC address of the node assigned to the IP address of the remote access client.
2. The remote access server receives an ARP request, checks the remote access client table for the connection, and, when a match is found, uses a arpreply message containing its own MAC address to ring the ARP request.
Nodes on the
3.Intranet subnet forward packets to the remote access server.
4. The remote access server receives the packet, checks the destination IP address, determines the corresponding PPP connection, and forwards the packet via this PPP connection. For a subnet address, the neighboring node performs a direct transmission, as if the remote client were directly connected to the subnet of the neighboring node. The neighboring node does not know that the destination is actually accessed through the remote access server.
Packet transmission of
subnet address
for subnet addresses, the remote access server acts as a router, forwarding packets between the nodes on the subnet to which they are connected (typically routers) and the connected remote access clients. The process of transferring a package to a remote access client that is using a subnet address is as follows:
1. A node on the intranet subnet to which the remote server is connected sends a arprequest frame requesting the MAC address of the IP address of the remote access server.
2. The remote access server should use a arpreply message containing its own MAC address to ring the ARP request.
Nodes on the
3.Intranet subnet forward packets to the remote access server.
4. The remote access server receives the packet, checks the destination IP address, determines the corresponding PPP connection, and forwards the packet via this PPP connection.
for subnet addresses, neighboring nodes perform indirect transmissions, treating the remote access server as a router. In order for a remote access client assigned a subnet address to be able to access nodes on the intranet, the routing infrastructure must contain routes that match the subnet address ranges, and those routes point to an intranet interface to the remote access server. To add these routes, you can do one of the following: Because routes that correspond to the subnet address range are automatically added to the remote access server's routing table, you can configure a routing protocol for the Routing and Remote Access server, such as Routing Information Protocol (RIP) or Open Shortest Path First (OSPF) protocol. To propagate routes that are not on the subnet to neighboring routers. Adds a route corresponding to the subnet address range to a neighboring router as a static route and configures the router to propagate those routes to its neighboring routers. For small networks that do not use routing protocols such as RIP or OSPF, you can also manually add routes to routers that correspond to the range of subnet addresses.
method to obtain IP address
You can configure the Routing and Remote Access service to automatically obtain the IP address of a remote access client, or to obtain an address from a static IP address pool. This configuration occurs when you use the Routing and Remote Access Server Setup Wizard, where you can make changes to the properties of a remote access server in the Routing and Remote Access snap-in in the IP tab.
automatically obtain IP address
when configured to automatically obtain an IP address, the Routing and Remote Access service instructs the DHCP client component of TCP/IP to use DHCP to obtain 10 IP addresses at a time. The Routing and Remote Access service attempts to obtain the top 10 IP addresses when the first remote access client connects (not when the Routing and Remote Access server is started). The Routing and Remote Access service uses the first IP address obtained from DHCP for an internal (Internal) interface (visible from the IP Routing Conventions node in the Routing and Remote Access snap-in). Subsequent addresses are assigned to IP-based remote access clients when they are connected. Any IP addresses that are recovered when a remote client disconnects will be reused.
When the first 10 IP addresses obtained from DHCP are all used concurrently, and when another remote access client attempts to establish a connection, the Routing and Remote Access service uses the DHCP client component to obtain an additional 10 addresses. You can change the value of the Hkey_local_machinesystemcurrentcontrolsetservicesremoteaccessparametersipinitialaddresspoolsize registry key ( DWORD) To modify the number of addresses obtained at one time. If a DHCP server cannot be contacted, the DHCP client returns the address in the range of Automatic Private IP address (APIPA) from 169.254.0.1 to 169.254.255.254. APIPA addresses are subnet addresses that do not have corresponding routes in the intranet routing infrastructure. The remote access client is assigned to an APIPA address, but cannot communicate across the remote access server.
Note: There are some ways to allow the APIPA address to be used as a subnet address or subnet address, however, the presence of a APIPA address means that there is a configuration error or connectivity problem that cannot be connected to a DHCP server. Or it means that there is a lack of IP addresses in the scope of the DHCP server for the subnet to which the remote access server is connected. Instead of configuring these methods to use APIPA addresses for remote access clients, these issues should be corrected