how do you configure a subnet of 8 public ip's
The provider gives me an additional subnet with 8 public ip on the WAN side (connected with PPPoE) and I have to configure it in the router. I don't use the first and last one but the second must be configured on the router to be the default gateway to the other public IPs configured on the hosts behind the router. How you do it?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
@lucky99eu The first IP is the network identifier, the last is the broadcast IP. The useable IPs in between have to be configured on the router's lan interface or a seperate vlan. One of these (which one does not matter) is your gateway IP , the rest can be assigned manually to your end devices or distributed by your DHCP.
Here is an example:
- Copy Link
- Report Inappropriate Content
many thanks for the answer, your explanation is perfect but this way I had already considered it. Actually I expressed myself badly, I'll explain the scenario better using your example parameters:
WAN side:
- the provider gives me a PPPoE connection and on this I get an IP like this: 100.100.30.57 which communicates with the provider's default gateway
- the provider announces on this connection the additional subnet 100.100.100.1/29 for which I cannot use the first and last but only the 6 internal IPs and necessarily one of these must act as the default gateway for the other 5 (for example the first 100.100.100.1)
LAN side:
- I have a LAN that has several hosts and everything is configured on the private subnet 192.168.0.xxx/24, so the router must have a LAN interface with an IP that is the default gateway of the network (for example 192.168.0.1)
NEEDS:
- inside I have a web server that must have a public IP 100.100.100.2 and therefore will have to talk to its default gateway 100.100.100.1 to go to the internet
- therefore on the LAN interface of the router I would need to place a second IP address where NAT does not apply. On other routers I can configure a primary address 192.168.0.1 and a secondary address 100.100.100.1 and then in the NAT only enable the function between 100.100.30.57<->192.168.0.1, while the addresses 100.100.100.1-6 do not make NAT and are in routing
in some routers this thing of routing the public IPs of the additional subnet is more complex to achieve and is done by configuring 1:1 NATs, but it is always necessary to have a way to associate the public IP which must be the gateway to the router's LAN 100.100.100.1
I believe that on these routers it is not possible because only one IP address can be associated at LAN interface and therefore either NAT is done with the IP 192.168.0.1 or routing is done with the public IPs 100.100.100.1
what do you think about it?
- Copy Link
- Report Inappropriate Content
Have you tried with vlan yet ?
Other way: If your webserver provides two LAN ports (2 lans or 1 lan & 1 wifi) you can use different ports for your private and public network.
- Copy Link
- Report Inappropriate Content
for the VLAN question, I was hoping we could add another new vlan but always with VID 1 in order to add a second different IP, instead an error tells to us that the VID must be different. So, I saw that it is possible to configure 2 VLANs and both can be untagged. I just have to try that, therefore the LAN system behind the router, i.e. the switch and the hosts (all unmanaged without vlan) I don't know if they can be used both by hosts on a sabnet with NAT mode or by hosts with the other subnet with routing mode.
Other way by dividing NAT mode (private subnet) and Routing mode (public network) on two LAN ports: to do this I can not be able to divide the switch ports of the router into 2 distinct parts to be able to assign 2 different IPs. On the WAN side it can be done because the individual ports are each recognized by a card (tab) and therefore we have wan1 - wan2 - wan spf, etc. but on the LAN side the ports cannot be physically divided and are seen as a single "eth", however VLANs can be added by differentiating one port on VLAN1 and the other on VLAN2. Since everything is untagged, now I have to check if the LAN hosts that are unmanaged see both addresses (and if switching loops are not generated)
- Copy Link
- Report Inappropriate Content
I did some tests and it is possible to create 2 different VLANs and leave them untagged. VLAN1 with IP 192.168.0.1 to do NAT and VLAN2 with IP 100.100.100.1 to use as default gateway of internal public hosts, therefore, I assigned VLAN1 on port LAN1 and VLAN2 on port VLAN2. If from the only switch I connect 1 network cable on LAN1 and try to ping the router at 192.168.0.1, it works, but it doesn't work if I try to reach 100.100.100.1 and in the same way if I unplug the cable and connect it to LAN2 starts pinging from network 100 and no longer pings from network 192. But if I connect 2 network cables at the same time....everything explodes and nothing works on the network even when I disconnect the cables, I have to restart the switch. So the solution is not feasible because the ports are not physically disconnected. It would probably work with VLANs configured everywhere, but this doesn't solve the problem of not being able to touch the network of customers I don't have access to the various devices to be able to configure the VLANs
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 886
Replies: 5
Voters 0
No one has voted for it yet.