This question is about whether it is possible to extend the IP routing
options that I see for Windows Server 2003 to cope with multiple ISP
connections.  My understanding of Windows IP networking is that what
I?m after is not in Windows itself, so I?m probably looking for a
third party solution.

In my example, my server has three network interfaces, with the following details:

   ISP #1:   82.8.2.82 on the network 82.8.2.0/24 with a router at 82.8.2.1. 
   ISP #2:   195.19.5.195 on the network 195.19.5.0/24 with a router at 195.19.5.1

ISP?s 1 and 2 are separate connections to the Internet from different providers.  

With Windows IP routing as it currently stands, I would normally have
to choose one of my two ISP links to configure as my default gateway. 
Even if I were to configure both as default gateways, Windows would
make an arbitrary choice of one of them.

Discussions of Windows? approaches to multiple gateways are common,
such as http://www.microsoft.com/technet/community/columns/cableguy/cg0903.mspx
and http://support.microsoft.com/default.aspx?scid=kb;en-us;157025&Product=win2000
.  They all discuss how Windows selects only one default gateway to
use at any time, plus any static routes, of course.

Let?s assume that ISP #1 is the default gateway.

I now try to make the following TCP connection from my home PC
(207.204.75.193) into my server:

  207.204.75.193 : 1025  -->  195.19.5.195 : 23

I?m trying to Telnet into my server over ISP #2.  This connection will
fail.  I presume that what?s happening is that Windows sends the
response (the SYN ACK) via ISP #1 which either rejects it because it
appears to be a spoof packet or Windows was stupid enough to respond
with the wrong IP address.

For this particular connection, I could configure a static route to
say ?route to 207.204.75.193 via ISP #2? but this would be missing the
point.

As far as I understand, there is enough information in the TCP
connection described above for a suitably intelligent IP router to
realise that the IP packets relating to this TCP connection should be
routed via the interface ISP #2.  My question therefore is this:  Is
such ?suitably intelligent? IP routing available for Windows, and if
so, how do I get it?

---

Clarification of Question by lanhamster-ga on 05 Dec 2005 07:33 PST

Correction:  My initial example had a third networking interface on an
internal network.  As it was relevant to my question, I removed it.

My question didn't address outbound IP routing, although it is part of
my concern.  Specifically, I want to make two IP connections (VPNs as
it happens) to a remote host, one over each of my ISP links.

well if memory serves me, you need smart routers. If these are home
style routers, they are not smart enough. Any commercial grade router 
(esp Cisco) should be able to handle this. I know you can run BGP, or
variations thereof, to achieve your desired results. i.e. (1) the
routers route traffic out the correct pipe, and (2) advertize
correctly so packets come back on the correct pipe.

However if you have a setup like "everything goes out Router "A",
except a particular subnet (like you're peering with a work site)
which goes out "B" then a single router with two WAN connections would
be a reasonable alternative. The you could default route 0.0.0.0/0 WAN
"A"; and route X.X.X.0/24 WAN "B"; more or less.

Keep in mind, routing should be left to routers, not your WIN 2003 box.

Thank you for your comment, although I think it is not relevant here.

Running BGP would not help me, as the ISP's I'm connected to aren't
interested in listening to advertisments my router might send out -
the ISPs have allocated me some IP addresses of their own ranges and I
don't want to set up an A.S. just for this server.

If a single router were connected to these two ISPs, it would have to
be connected to a third network which it would share with my server. 
If I've not been assigned provider-independant IP addresses (and
become and A.S.) then this scenario would involve NAT/PAT.  The server
would send using one ethernet interface, but the problem - in an
identical form to the example in my question - has moved to the
router.  Because the router would have to be performing NAT/PAT, it
would be acting as if it were the end-point of the TCP connection, in
other words it's acting like a server.

In this scenario, the routing logic is required at the TCP end-point. 
I understand the argument that routing should generally be left to
routers, but this isn't routing - it's "serving".

My question stands.

The choice of gateway should not be messing up this connection. If you
send an arbitrary packet to 207.204.75.193 from your server it could
use either gateway, and it's very hard to control which. However if
you telnet to 195.19.5.195 you are creating a TCP connection - when
the server ack's it the TCP packet will come from 195.19.5.195 and the
IP router in windows is smart enough to send it from the 195.19.5.195
interface.

I'm not sure why it's failing - Maybe your ISP blocks telnet, Maybe
the telnet service is only bound to the 82.8.2.82 interface. To sort
it out I suggest you load up the Ethereal (free program, google it)
network monitoring program and try to connect a few times while
monitoring first one then the other interface - then you'll see
exactly what packets are getting to the server and what it is sending
as a response.