My ISP has provided me with a /24 block of static IP addresses. Can someone please point me in the right direction for configuring my network to use these public addresses. I would like machines on the LAN to be assigned an address from the block and allow connections from the internet to be routed to the particular machine that has been configured with public ip address.
The way that this is frequently handled is to put the public addresses into a block on the edge device (firewall or router) and to do address translation. End stations (both PCs and servers) on the inside network are translated to these public addresses as they go to the Internet. The servers that need to be accessible from the Internet would have static translations configured and the other stations would be translated dynamically.
Thank you for your quick response Rick. Our block is /24 and we would like to add some clients in the building and operate as a mini ISP for some of the offices. How would this change the configuration you described above?
As Rick mentioned, public ip addresses is usually put in the edge device (firewall or router).
Between you and your ISP, there should be a smaller subnet to use for your edge device, /30 or /29 perhaps and this /24 is routed from your ISP to your edge device.
Now, between your edge device and your clients, what is the network architecture? Is it L2 or L3? If it's only L2, then you will be doing the NAT to your edge device - you can still perform subnetting so that you can QoS your client bandwidth use using the subnet assigned to them. If it's a L3, then you have to assign subnets per client edge device and perform the necessary routing of subnet assigned to your client to their edge device - they may be managing their edge device.
To make it simple, you can setup the architecture between your edge device and your client and create a policy which is permitted and which not.
[toc:faq]The ProblemOn traditional switches whenever we have a trunk
interface we use the VLAN tag to demultiplex the VLANs. The switch needs
to determine which MAC Address table to look in for a forwarding
decision. To do this we require the switch to do...
[toc:faq]Introduction:Netdr is a tool available on a RSP720, Sup720 or
Sup32 that allows one to capture packets on the RP or SP inband. The
netdr command can be used to capture both Tx and Rx packets in the
software switching path. This is not a substitut...
IntroductionOSPF, being a link-state protocol, allows for every router
in the network to know of every link and OSPF speaker in the entire
network. From this picture each router independently runs the Shortest
Path First (SPF) algorithm to determine the b...