External IP's

smokie123 · ‎12-09-2011

Hello,

I have 3 static IP's from my ISP, I wanted to order just 1 but they had a package that gives 2 more IP's for free, so i got 3 usable IP's.

I'm new to setting up static IPs per machine so thats what im asking about. im gonna try to give some information about my network before i ask my question.

I'm planning to setup a DMZ network, so this is what i got:

1 Router (routerA) from my ISP with 192.168.1.x

This router has is going to be used as my connection to the internet.
1 phyical server running Windows Server 2008 (192.168.1.20) that will handle my "local" DNS server and host 2 Virtual Machines. This will be connected to routerA LAN port.
2 Virtual Machines running the latest Ubuntu Server (192.168.1.20) and one VM running the latest FreeBSD (192.168.1.20).
Freebsd is going to run a mailserver.
ubuntu is going to run MySQL, Apache.

1 standard Router (routerB) with 192.168.2.x, The WAN port on this router will be connected to a standard LAN port on routerA.

All my other devices like my main Desktop, laptop, mobile devices will be connected to routerB.

These are the IPs i got from my ISP (they are made up IPs):

Usable IP 47.14.173.154 - 47.14.173.157
Network address 47.14.173.152
Router IP 47.14.173.153
Broadcast IP 47.14.173.158
subnet mask 255.255.255.248

What i orignally wanted was to use a static IP for the mailserver for backup purposes and the webserver, but since i got 3 IP's anyway for the price of one, i thought its a good idea to give the mailserver and the webserver their own IPs, and the last static IP to be used for my other devices and learn in the process.

So I know how LAN IPs work and how to give each local device its own static IP or dedicated IP in the router so there is no DHCP conflict between my devices, but I never really had the chance to give External static IPs to local servers.

What im asking is how can i give my mailserver and my webserver their own static IPs and make the last IP be used by other devices?

Reza Sharifi · ‎12-09-2011

What operating system is running on your web server and mail server?. If it is Microsoft then go to the control panel and under the network neighborhood assign the IP you want to the server.

47.14.173.153 to one server and

47.14.173.154 to the other server

I hope, I am understanding your question

HTH

smokie123 · ‎12-09-2011

Thanks for the reply Reza.

The mailserver is going to be running on FreeBSD 8.2-Release.

The webserver is going to be running on Ubuntu Server 11.10.

I dont get what you mean by "network neighborhood" ?

Thanks in advance.

Reza Sharifi · ‎12-09-2011

The network neighborhood I mentioned is for Microsoft product. For free BSD, use this link to configure the IP

http://www.cyberciti.biz/tips/freebsd-how-to-change-ip-address-or-setup-new-ip-address-to-existing-interface.html

and for Ubuntu use this link:

http://www.howtogeek.com/howto/ubuntu/change-ubuntu-server-from-dhcp-to-a-static-ip-address/

HTH

smokie123 · ‎12-09-2011

Thanks for the links. But those are for setting up local IPs for each machine.

What im asking for is how do I do that with the External IPs that i got from my ISP.

Edwin Summers · ‎12-09-2011

Smokie,

Reza's answer is correct if you want to connect the machines "directly" to the Internet. I may be wrong, but I suspect you are trying to use "private" (RFC 1918) addresses on your devices, and have your ISP-facing router NAT. In this case, you need to research "static NAT" mappings for the server, and "dynamic NAT with overload" for the workstations and other devices. The method you use to configure this depends on the routers that you are using.

Ed

smokie123 · ‎12-10-2011

Hello Edwin,

I didnt say he was wrong. With Local IPs i can assign them fine to each server, i mean i know how to do that.

But what i dont know is how to assign External IPs per machine and thats what im asking about. Is how to assign External IPs to each server.

Thanks in advance.

Edwin Summers · ‎12-10-2011

Both answers are correct, just depends on how your network is laid out - if you want to connect the servers directly to your internet connection, the assign your ISP-provided addresses directly to the machines.

However, if I understand your original post correctly, you're trying to set up something like:

ISP --> router(a) --> servers

|---------------------------->router(b) ------------> workstations/other devices

Given this, and the addressing you mentioned in your original post, you want Network Address Translation (NAT). You can make static NAT assignments for your servers, and a dynamic - overload NAT assignment for your other devices (on the third IP).

The manner in which NAT is configured is dependent upon the router. What routers are you using?

smokie123 · ‎12-17-2011

Hello Edwin.

I've been busy with other matters and I just had a chance to reply now.

Edwin Summers wrote:

Both answers are correct, just depends on how your network is laid out - if you want to connect the servers directly to your internet connection, the assign your ISP-provided addresses directly to the machines.

This is what I exactly want. But my problem is I do not know how to assign the ISP-provided IP addresses directly to my machines.

If you can tell me how to do that or point me to the right direction I would be happy to try it.

Do I just add the ISP-provided IP address the same way i do with NAT IP addresses on the machine?

Does the machine(server) need to have 2 NIC cards or is one enough for what im planning to do?

Edwin Summers wrote:

The manner in which NAT is configured is dependent upon the router. What routers are you using?

Right now im using a Netopia (Motorola) 7347 - router(a) which is provided from my ISP but they are sending me

Zyxel Prestige 2802HWL which haven't arrived yet and supposedly it has more advanced features.

router(b) is a Netgear DGN2200.

Thanks for the help.

smokie123 · ‎12-17-2011

For example, my ubuntu server right now is connected directly to router(a) using an Ethernet cable.

Is this how to add an ISP-provided IP address to my ubuntu:

edit /etc/network/interfaces and add the following:

# The primary network interface (local)

auto eth0

iface eth0 inet static

address 192.168.1.200

netmask 255.255.255.0

network 192.168.1.0

broadcast 192.168.1.255

gateway 192.168.1.1

# The external IP network interface (virtual)

auto eth0:1

iface eth0:1 inet static

address 47.14.173.154

netmask 255.255.255.248

network 47.14.173.152

broadcast 47.14.173.158

gateway 47.14.173.153

Doing this, I can ping the IP 47.14.173.154 from within my ubuntu server but I cannot ping it from outside my network. So im not sure if this is the right way of doing it or if I still need to do more in my router(a) settings.

Edwin Summers · ‎12-20-2011

Smokie,

Sorry I missed following-up on this. Were you able to get this resolved?

smokie123 · ‎12-20-2011

Hello Edwin,

Sadly I have not solved this.

Any help will still be appriciated.

Edwin Summers · ‎12-21-2011

I'm looking over your information again - your first router ("routerA") connecting to the ISP...is it routing or bridging? There are a few ways the ISP can be handling this connection. One being that they are doing the routing, in which case their router would be addressed as "47.14.173.153". In this case, you would assign the "public" IPs directly to your machines (not using private/RFC 1918 addresses in the 192.168.x.x range).

Another case would be the ISP expecting you to perform the routing...in which case they have asked you to assign

"47.14.173.153" to your router ("routerA"). In this case, you could use NAT to statically translate some of your assigned public addresses to your servers.

Not wanting to make any assumptions on your ISP connection, do you know how they have provisioned your connection (are you routing or bridging)? If not, do you have any other information regarding the ISP connection/configuration you can share?

smokie123 · ‎12-21-2011

Thank you very much for that great reply Edwin.

Unfortunatly, most of your questions are a bit advanced for my knwoledge and I can only assume that my ISP is expecting me to "route" everything myself, that is why I think they made me change my router to the Zyxel, which can handle more advanced options.

If you dont mind, I would like to get back to you in this post or by sending you a private message if you dont mind in couple of days once I got all the information needed from my ISP.

Thanks again and i wish you a happy holiday.

Edwin Summers · ‎12-21-2011

No problem at all, and sorry for taking so long to get back. Feel free to PM or post back to here. I don't mind the private message at all, but posting back to here will likely benefit more as you'll have access to all of the great minds on the forum.

Best and Happy Holiday!

Ed