Help Center> Virtual Private Cloud> Best Practices> Configuring Policy-based Routes for an ECS with Multiple NICs> Configuring Policy-based Routes for a Windows ECS with Multiple NICs (IPv4/IPv6)
Updated on 2024-04-19 GMT+08:00
View PDF

Configuring Policy-based Routes for a Windows ECS with Multiple NICs (IPv4/IPv6)

Scenarios

This section describes how to configure policy-based routes for a dual-NIC ECS running Windows Server 2012 (64-bit).

For details about the background knowledge and networking of dual-NIC ECSs, see Overview.

Procedure (Windows ECS Using IPv4)

  1. Collect the ECS network information required for configuring policy-based routes.

    For details, see Collecting ECS Network Information.

  2. Log in to an ECS.

    Multiple methods are available for logging in to an ECS. For details, see Logging In to an ECS.

  1. Check whether the source ECS can use its primary NIC to communicate with the destination ECS:

    ping -S IP address of the primary NIC on the source ECS IP address of the destination ECS

    In this example, run the following command:

    ping -S 10.0.0.59 10.0.2.12

    If information similar to the following is displayed, the source ECS can use its primary NIC to communicate with the destination ECS.

    Before configuring policy-based routes, ensure that the source ECS can use its primary NIC to communicate with the destination ECS.

  2. Configure a policy-based route for the extension NIC.

    route add -p 0.0.0.0 mask 0.0.0.0 Subnet gateway of the extension NIC metric Route priority

    Configure the parameters as follows:
    • 0.0.0.0/0: Default route. Do not change it.
    • Subnet gateway of the extension NIC: Enter the IP address collected in 1.
    • Route priority: Set its value to 261. The priority of the extension NIC must be lower than that of the primary NIC. A larger value indicates a lower priority.

    In this example, run the following command:

    route add -p 0.0.0.0 mask 0.0.0.0 10.0.1.1 metric 261

    • The primary NIC already has policy-based routes and you do not need to configure again.
    • If the ECS has multiple extension NICs, configure policy-based routes for all extension NICs one by one.
  3. Check whether the policy-based route is successfully added.

    route print

    If information similar to the following is displayed, the policy-based route has been added. The route is persistent and will not be lost after the ECS is restarted.

  4. Check whether the source ECS and the destination ECS can communicate with each other.

    ping -S IP address of the primary NIC on the source ECS IP address of the destination ECS

    ping -S IP address of the extension NIC on the source ECS IP address of the destination ECS

    In this example, run the following commands:

    ping -S 10.0.0.59 10.0.2.12

    ping -S 10.0.1.104 10.0.2.12

    If information similar to the following is displayed, both the NICs of the source ECS can communicate with the destination ECS.

Procedure (Windows ECS Using IPv6)

  1. Collect the ECS network information required for configuring policy-based routes.

    For details, see Collecting ECS Network Information.

  2. Log in to an ECS.

    Multiple methods are available for logging in to an ECS. For details, see Logging In to an ECS.

  1. Run the following command to check whether the ECS has IPv6 enabled and can obtain IPv6 addresses.

    ipconfig

    If information similar to the following is displayed, each NIC has an IPv6 address starting with 2407, which indicates that the ECS can obtain IPv6 addresses.

    Perform this step for both the source and destination ECSs to ensure that the ECSs have obtained IPv6 addresses. Otherwise, the ECSs cannot communicate with each other using IPv6 addresses.

    ECSs in this example run Windows Server 2012 (64-bit). No additional configuration is required for such ECSs because they can automatically obtain IPv6 addresses. If your ECS cannot automatically obtain IPv6 addresses, see Dynamically Assigning IPv6 Addresses.

  2. Check whether the source and destination ECSs can communicate with each other.

    ping -6 -S IP address of the primary NIC on the source ECS IP address of the destination ECS

    ping -6 -S IP address of the extension NIC on the source ECS IP address of the destination ECS

    In this example, run the following commands:

    ping -6 -S 2407:c080:802:aba:8999:5e61:e19:cf7e 2407:c080:802:be7:c2e6:d99c:b685:c6c8

    ping -6 -S 2407:c080:802:be6:ec23:ec4:c886:cc1 2407:c080:802:be7:c2e6:d99c:b685:c6c8

    If information similar to the following is displayed, both the NICs of the source ECS can communicate with the destination ECS.

    ECSs in this example run Windows Server 2012 (64-bit). You do not need to configure policy-based routes for these ECSs because both the NICs of such an ECS can communicate with others using IPv6.