DSL giving me static IP's, now what?

DSL giving me static IP's, now what?

Post by L » Sat, 21 Jun 2003 13:34:29



Ok, My setup is one Linux Box(Mandrake) used as a simple file and
print server for about 20 users. IP addresses are assigned via DHCP.
This was a stand alone box but now we are getting DSL. The DSL company
says they will issue me 5 static IP addresses. My IP Newbian questions
are:

How can I keep my DHCP going and still use this static IP to get the
server online?

I have only 1 box, what am I to do with 5 static IP's?

Am I going to have to install another ethernet card for these static
Ip's?

If there any links or good books that can help me get an understanding
I'll appreciate it...

Thanks

 
 
 

DSL giving me static IP's, now what?

Post by Martin Coope » Sat, 21 Jun 2003 16:28:39



> Ok, My setup is one Linux Box(Mandrake) used as a simple file and
> print server for about 20 users. IP addresses are assigned via DHCP.
> This was a stand alone box but now we are getting DSL. The DSL company
> says they will issue me 5 static IP addresses. My IP Newbian questions
> are:

> How can I keep my DHCP going and still use this static IP to get the
> server online?

You will end up getting a /29, which gives you 8 IP's.  One of these
will be your broadcast address, one will be your network address, one
will be the IP address of your ADSL router.  This leaves 5 IP's to do
with as you will.
You will want to assign one of the IP's to eth0 on the linux box, and
set the gateway to the IP of the router.  Most routers support DNS
passthrough, so you should enable this and set the nameserver settings
on your linux box to the IP of your router.  You will also want to set
eth0 as the default route on the linux machine.
In your dhcp configuration, add your router IP as the nameserver to be
dished out to your local machines. That's it really, everything else
will work as before.

Quote:

> I have only 1 box, what am I to do with 5 static IP's?

> Am I going to have to install another ethernet card for these static
> Ip's?

That's upto you.  The data going to these static IP's will enter your
LAN via the router, but you don't have to use them.  However, if you
want, you can assign one to your mailserver, one to your webserver etc.

Quote:

> If there any links or good books that can help me get an understanding
> I'll appreciate it...

For info on the ADSL side of things, take a look at
http://www.adslguide.org.uk.  For linux, take a look at
http://www.linuxdocs.org/HOWTOs/DSL-HOWTO

--

   Martin

 
 
 

DSL giving me static IP's, now what?

Post by L » Sat, 21 Jun 2003 22:43:18




> > Ok, My setup is one Linux Box(Mandrake) used as a simple file and
> > print server for about 20 users. IP addresses are assigned via DHCP.
> > This was a stand alone box but now we are getting DSL. The DSL company
> > says they will issue me 5 static IP addresses. My IP Newbian questions
> > are:

> > How can I keep my DHCP going and still use this static IP to get the
> > server online?

> You will end up getting a /29, which gives you 8 IP's.  One of these
> will be your broadcast address, one will be your network address, one
> will be the IP address of your ADSL router.  This leaves 5 IP's to do
> with as you will.
> You will want to assign one of the IP's to eth0 on the linux box, and
> set the gateway to the IP of the router.  Most routers support DNS
> passthrough, so you should enable this and set the nameserver settings
> on your linux box to the IP of your router.  You will also want to set
> eth0 as the default route on the linux machine.
> In your dhcp configuration, add your router IP as the nameserver to be
> dished out to your local machines. That's it really, everything else
> will work as before.

> > I have only 1 box, what am I to do with 5 static IP's?

> > Am I going to have to install another ethernet card for these static
> > Ip's?

> That's upto you.  The data going to these static IP's will enter your
> LAN via the router, but you don't have to use them.  However, if you
> want, you can assign one to your mailserver, one to your webserver etc.

> > If there any links or good books that can help me get an understanding
> > I'll appreciate it...

> For info on the ADSL side of things, take a look at
> http://www.adslguide.org.uk.  For linux, take a look at
> http://www.linuxdocs.org/HOWTOs/DSL-HOWTO

Thank you Martin, I appreciate that. That was very helpful. In the
meantime I guess I'll pick up a good book on TCP/IP...
 
 
 

DSL giving me static IP's, now what?

Post by Rod Smi » Sun, 22 Jun 2003 00:09:47




Quote:

> Ok, My setup is one Linux Box(Mandrake) used as a simple file and
> print server for about 20 users. IP addresses are assigned via DHCP.
> This was a stand alone box but now we are getting DSL. The DSL company
> says they will issue me 5 static IP addresses. My IP Newbian questions
> are:

> How can I keep my DHCP going and still use this static IP to get the
> server online?

If by "20 users" you mean that you have 20 client computers, then 5
addresses is not sufficient *IF* you want all the clients to be directly
accessible from the Internet at large. The simplest configuration would
be to leave your local network configuration exactly as it is, with the
possible exception of adding a new or changed default route, and set up a
NAT router, which can be a ~$100 dedicated box, a new computer dedicated
to this purpose, or an existing computer that takes on this duty. This
system will be the default router for the network, and will use one
external IP address. All the other computers will "masquerade" behind
that one IP address. This approach works well for many small networks. A
similar approach is to not even use NAT, but this will restrict the
internal computers' access to the Internet. If you do this, you don't
really need five IP addresses; you just need one. If your ISP doesn't
offer a price break if you drop to a single IP address, you can just
leave four unused. If your ISP offers a lower price for a
single-IP-address account, though, you might want to consider changing
your order.

A variant on this approach is to give up to five computers their own IP
addresses on the Internet at large and to have the rest masquerade behind
a NAT router. Essentially, it'd look like this (ASCII art ahead; best
viewed in a monospaced fone):

                               +------------+      +-----------+
                              /| Exposed #1 |     /| Hidden #1 |
                             / +------------+    / +-----------+
                            /                   /
/----------\   +--------+  /   +------------+  /   +-----------+
| Internet |---| Router |------| NAT Router |------| Hidden #2 |
\----------/   +--------+  \   +------------+  \   +-----------+
                            \                   \
                             \ +------------+    \ +-----------+
                              \| Exposed #2 |     \| Hidden #3 |
                               +------------+      +-----------+

In this setup, the NAT router is configured just as I described earlier.
The Exposed computers (and the NAT router) would be configured with your
ISP's static IP addresses, although you could use a DHCP server to deliver
those addresses to these computers. (This server could be on the Router,
on the NAT Router, or on some other system.) The advantage of this setup
is that the Hidden computers would be well protected against certain types
of attack, because they wouldn't be directly reachable from the Internet
(the NAT router blocks direct access attempts, while still permitting the
Hidden computers to initiate contact with other sites). The Exposed
computers could be used to run servers (web servers, etc.) or for those
rare user applications that have problems working through a NAT router;
but they'd be directly accessible to the entire Internet, which would make
them vulnerable to attack.

In either case, a Linux box can function as a NAT router, or you can buy
a standalone box to do the job. Even for a network of 20 computers, a
broadband router you buy at CompUSA or the like should be adequate, and
should be easy to set up. (You'd need extra switches or hubs, but you've
presumably already got those.)

Quote:> I have only 1 box, what am I to do with 5 static IP's?

It's unclear why you say you're using DHCP to assign IP addresses and
running file and print server software if you've only got one physical
computer. If you mean you only have one that's directly connected to the
Internet, then see above; you don't need five, but if that's just part of
the package you want for other reasons, leaving four of them unused won't
do any harm, except that you'll be consuming five (eight, really, as
Martin Cooper explained) IP addresses when you only need one.

Quote:> Am I going to have to install another ethernet card for these static
> Ip's?

It depends on how you set it all up. If you buy a separate NAT router and
put everything behind that router, then no, you shouldn't need more
NICs. If you want to turn an existing computer into a NAT router, then
the best approach is to use two NICs in it.

Quote:> If there any links or good books that can help me get an understanding
> I'll appreciate it...

Without knowing a bit more about your network, it's not clear to me
precisely what documentation would help you the most; however, I've got
information on several networking books (including some by me) at:

http://www.rodsbooks.com/books/books-network.html

Of course, the Linux Documentation Project is a free and often useful
resource. The documentation there is quite varied in topic, length, and
quality. Here's its URL:

http://en.tldp.org

--

http://www.rodsbooks.com
Author of books on Linux, FreeBSD, and networking

 
 
 

DSL giving me static IP's, now what?

Post by Seth H Holme » Sun, 22 Jun 2003 00:25:11



> Ok, My setup is one Linux Box(Mandrake) used as a simple file and
> print server for about 20 users. IP addresses are assigned via DHCP.
> This was a stand alone box but now we are getting DSL. The DSL company
> says they will issue me 5 static IP addresses. My IP Newbian questions
> are:

> How can I keep my DHCP going and still use this static IP to get the
> server online?

If I understand things correctly, you have only one box. You won't
need to use DHCP anymore because you will pick one address and assign
it to the box and it just won't change. You'll need to change your
configuration for how the interface gets it's IP address. I don't know
how Mandrake handles this.

Quote:> I have only 1 box, what am I to do with 5 static IP's?

Assign one to the box, and don't use the other 4. If you get more
machines later, you've got IP addresses for them.

Quote:> Am I going to have to install another ethernet card for these static
> Ip's?

No.

Quote:> If there any links or good books that can help me get an understanding
> I'll appreciate it...

O'Reilly and Associates publishes good books on almost every topic
involving computers, networking, etc. I recommend their TCP/IP book.
They used to public a great book called "Getting Connected: The
Internet at 56k and Up" but it's out of print.

--
Seth H Holmes

 
 
 

1. DSL, Static IP's, & Firewall

I'd like to setup a small network of 3 computers (Win98) on a DSL connection which will have unique
static IP addresses for each machine.  But I don't want each machine sitting on the DSL hub.  I'd
like to put a firewall machine between the DSL router and the private network, at the same time
keeping the static IP mapping for each machine.  In other words, I don't need a proxy server but I
do want a firewall for each IP address.  

I'm thinking of setting up a Linux box with 4 network cards (3 to interface with the DSL router and
one to interface to the private sub net).  I'm very new to Linux and firewalls.  Can some one tell
me if I'm on the right track with this idea?  Or is there a better way to accomplish my goal without
spending big bucks on special hardware?  

Actually I'm not sure if the approach I'm thinking of is the best or not.  This networking stuff is
fairly new to me.  Here's what I've got right now.

A DSL connection with one dynamically (DHCP) assigned IP address which feeds to a Win98 box running
Wingate 3.  The Wingate machine feeds a local hub which has three machines (2 Win98 and 1 Linux).
I've got the Win98 machines working as well as can be expected by sharing one public IP address.
All outgoing TCP and UDP requests work well.  Wingate has no problem doing the NAT outbound.  The
problem comes about when trying to map incoming port requests.

For example IRC's Ident function (Authentication) appear at the router on port 113.  I can set a NAT
entry in the DSL router to past the request to the Wingate machine just fine.  But the problem then
becomes... where to map the request from there.  I basically have to pick on machine to pass all
Ident requests to.  Bottom line... only one work station on my network can run an IRC server that
uses authentication.

This same inbound port mapping problem is present in a number of other applications.  So, one
solution is to buy a block of static IP addresses.  One for each machine on the local network.  But,
I don't want to place the Win98 machine directly on the Internet and expose all ports.  I want to
have a firewall between.

So, my thought is that by putting 3 network cards at the gateway, I can assign a unique IP mapping
from the outside world to the machines on the local network.

Other changes that I'm going to make at the same time is to make the gateway box a Linux machine
(putting my three Win98 machines as client machines on the local network).  I'm new to Linux, is
this a resonable approach to the problem?  And can Linux be configured to handle this type of setup?

Thanks in advance for taking the time to help... I appreciate the assistance.

2. COMPRO ANTIVIRUS NT SERVER

3. Problems with Gnet BB2060 DSL modem/router and routing static IP's

4. ppp-on & fix-cua

5. Dual-homed with static-IP ISDN and dyn-IP DSL

6. Awk cannot work with more than 199 fields.

7. Dynamically assign VPN IP's to LAN static IP's

8. getrusage()

9. Configuring DSL with Static IP ???

10. DSL Router w/ Static IP on Suse 7.2 pro

11. eth1 problems - eth0:LAN:tulip eth1:DSL:3c509 w/ipmasq (static IP)

12. Linux as DSL Router with static IP

13. SOHO hosting through DSL with 8 static IP - HELP!