i recently got a cidr block from my isp. we got a bunch of gateway ips...and have since struggled with the setup. Finally, a senior tech called and suggested to use following ips ( these ips are not real but sort of give an idea) wan ip . 96.168.154.126 ( to use that on external interface) gateway 96.168.154.139 (default gw for ext interace) IP block--- 96.134.63.128-159 gateway -96.168.63.129 (to use on internal interface) my network guy thinks that is not correct and said ip block should be something like 96.134.63.128-159 what do u guys think thanks christy
Hi, Assuming the actual net block you were assigned is 96.134.63.128/27 the following would be true: 96.134.63.128 is the network address and cannot be used by a host (unless using subnet zero) 96.134.63.129 is the first usable address 96.134.63.158 is the last usable address. 96.134.63.159 is the broadcast address and cannot be used by a host. the subnet mask for this network is 255.255.255.224. Your first problem is to get your routers external interface configured correctly. Follow the ISP exactly and configure the interface as described. After that is configured you will need to configure your internal interface. It common practice to use the first usable address as the gateway IP but is not required. So to the internal interface you need to assign any usable IP address (96.134.63.129-96.134.63.158) with a subnet mask of 255.255.255.224 Now I assume you will have some switch connected to the internal interface and will have computer hooked up for testing. You should pick a ip address out of the pool (one that isn't used for the gateway) and configure it as follows IP: 96.134.63.130 (any usable ip) Subnet Mask: 255.255.255.224 Gateway: 96.134.63.129 (assuming you have this assigned to your internal interface). Now the last bit of the puzzle will be configuring the routes on your router. This depends greatly on the type of your router.
thanks for the response. I didnt know ips in two different ranges could be configured ...even my network guy thought that was incorrect.. we have debian installed and dont use a router. server has two nic cards -one used for external interface ..the other is used as an internal and LAN running of it. I guess we will have to install a 3rd nic in the server to use the internal ips from cox. Cox rep suggested to use a router instead of using advanced ..as he thought that would be easier.. we have a zyxel 550 lying around..do you think that would serve the purpose thanks agin christy
Hi, I'm assuming the confusing part is that the wan ip is from a different subnet than the block you received. This can be valid depending on how Cox has their network setup. I would expect Cox knows that they are doing when they are assigning you the information. As I have never worked with the zyxel 550 I cannot say if it would or wouldn't have all the features required to make this work for you. Having said that I believe it must at least allow you to define static routes for it to be usable in this case. In my personal opinion using the debian box will be more complicated to get configured but allows for much more advanced features. Have you been able to get the external inferface configured properly so the Debian box is able to access the internet? Why do you need a 3rd nic? you can assign multiple addresses to a single interface? I assume your current setup looks something like: Cox ---> eth1 Debian <--- eth0 --- switch --- computer1 |---------- web server 1 |---------- web server 2 |---------- web server 3 Code (markup):
this is what the setup looks like: cox >eth0 of server with debian on it> eth1>switch>clients are u saying that we can use eth1 for LAN as well as use it for public ips? I have configured external interface properly and are connected to internet
Hi, Yes, you can if you create a alias interface. On Debian (I'm not familiar with Debian) it should be something like this: open up /etc/network/interfaces in your favorite editor (creating a backup copy of the file before editing would also be wise) add the following at the end of the file: auto eth1:1 iface eth1:1 inet static address 96.134.63.129 netmask 255.255.255.224 network 96.134.63.128 broadcast 96.134.63.159 execute: /etc/init.d/networking restart (do not do this remotely) Please note that you may need to modify your iptables NAT rules to make sure it doesn't interfere with the non-private ip addresses. The last bit would be to set up the route: route add -net 96.134.63.128 netmask 255.255.255.224 gw 96.134.63.129
If i do that...how would i add additional virtual interfaces..i have 30 public ips. before we obtained cidr block we have 6 ips...and they were set up like this eth0:1 etc...now since you are suggesting to use eth2:1 for the 2nd ip range, how would we add additional virtual interfaces. thanks
You would simply add more and increment the n number in ethX:n like so: auto eth1:2 iface eth1:2 inet static address 96.134.63.130 netmask 255.255.255.224 network 96.134.63.128 broadcast 96.134.63.159 auto eth1:3 iface eth1:3 inet static address 96.134.63.131 netmask 255.255.255.224 network 96.134.63.128 broadcast 96.134.63.159 ... Note that you only have to do this for the ip addresses you want to use on the Debian box.