1 Static WAN-IP and 5 Static LAN IP's

redhat_newbie

Hi All,

I have been assigned 1 static WAN-IP and given 5 Static LAN IP's. With my current setup

Internet --> linksys router(dd-wrt) --> Machines in the LAN (192.168.0.xxx)
(wan ip taken by the router)

I am aware of port forwarding and this would make the static LAN IP's a waste.


I am not sure how to assign the 5 static IP's publicly available on the Internet.

1) I tried the static LAN IP and given subnet mask/DNS settings and it works fine. But WAN-IP is unused here.

Internet--> Linksys router (dd-wrt) --> 5 static LAN -IPs


Goal: Is to have WAN-IP and LAN-IP's publicly available to the outside world.

I googled and found out that it can be accomplished by a CISCO router( I dont know which one to use or the model number) and one of them suggested to have a switch between modem and multiple routers(with static LAN IP's).

Does any of you pals/network gurus out there have any clue to accomplish?

Thank you

Dardania

It's unclear what you're trying achieve.

You cannot assign anything in a private IP range (that is 192.168.x.x, 172.x.x.x or 10.x.x.x) on the internet.

Your dd-wrt has a WAN IP address -> can it not just NAT to route to devices on the LAN side?

D

MrVestek

redhat_newbie wrote: »

Hi All,

I have been assigned 1 static WAN-IP and given 5 Static LAN IP's. With my current setup

Internet --> linksys router(dd-wrt) --> Machines in the LAN (192.168.0.xxx)
(wan ip taken by the router)

I am aware of port forwarding and this would make the static LAN IP's a waste.


I am not sure how to assign the 5 static IP's publicly available on the Internet.

1) I tried the static LAN IP and given subnet mask/DNS settings and it works fine. But WAN-IP is unused here.

Internet--> Linksys router (dd-wrt) --> 5 static LAN -IPs


Goal: Is to have WAN-IP and LAN-IP's publicly available to the outside world.

I googled and found out that it can be accomplished by a CISCO router( I dont know which one to use or the model number) and one of them suggested to have a switch between modem and multiple routers(with static LAN IP's).

Does any of you pals/network gurus out there have any clue to accomplish?

Thank you

Bwahahahah, you can't use private IP address ranges publicly on the internet, that's why they're called PRIVATE IP addresses. Who or what 'assigned' you these private IPs in the first place?

watty

The IP the public see is the one on the WAN side of the Router (The linksys router is fine, though I prefer OpenWRT to DD-WRT).

The Static LAN IPs can be any private ranges you want. Only SERVICES really need to be public and that is what port forwarding does.

Thus if PC1 has a service listening on 192.168.0.101 port 2034
And PC2 has the same service on 192.168.0.102 it can't be on port 2034, it has to be on say port 2035 or 3101 etc..

the Public see PublicIP:2034 and PublicIP:2035 as if it is a single server/PC.

You can have any number of services listening and port forwarded on any number of PCs as long as LAN IP is different and Static and each port is unique as all the services appear on the single WAN static IP address via the Router Port Forwarding.

Outward connections to a server/service on the Internet from the PCs don't need port forwarding or static IPs as all outgoing connections can be open by default and don't need explict routing/NAT tables.


You can assign any IP in 192.168.0.xxx range except 0 and 255. 1 is usually the Router/Gateway, and entered as DNS and Gateway IP on all PCs, 192.168.0.1, with subnet 255.255.255.0

If you have a 2nd LAN (even on same wiring/router switch ports) that does not have Internet access it can be 192.168.1.xxx
So there are 256 possible separate Private Static LANs on 192.168.nnn.xxx

There are other Private LAN IP ranges you can use without permission from anyone as the the PRIVATE LAN IP ranges are deliberately not routed on the Internet.
10.xxx.xxx.xxxx is private subnet 255.0.0.0 = 16,777,216, = 1 class A
172.16.xxx.xxx to 172.31.xxx.xxx is private subnet with 16 x 255.255.0.0 subnets = 1,048,576 = 16 x Class B
192.168.xxx.xxx is 256 x 255.255.255.0 subnets = 65,536 ips= 256 x Class C networks.

Note that the 1st and last IP in any subnet is not for any PC. i.e you can't assign 192.168.0.0 or 192.168.0.255

each group of digits represents a byte so is 0 .. 255

This all IPV4. IPV6 is somewhat different. Generally IP6 should be disabled or turned off unless you need it and your ISP has given you an IP6 connection and IP (most can't).

watty

If the router or nothing else is acting as DHCP and you have NOT assigned a Static IP manually you may see a strange IP that won't connect to the Internet via your router.

Link-local addresses (Zeroconf)
A second set of private networks is the link-local address range codified in RFC 3330 and RFC 3927. The intention behind these RFCs is to provide an IP address (and by implication, network connectivity) without a DHCP server being available and without having to configure a network address manually. The network 169.254/16 has been reserved for this purpose. Within this address range, the networks 169.254.0.0/24 and 169.254.255.255/24 have been set aside for future use.

If a host on an IEEE 802 (ethernet) network cannot obtain a network address via DHCP, an address from 169.254.0.0 to 169.254.255.255 is assigned pseudorandomly. The standard prescribes that address collisions must be handled gracefully.

Link-local addresses have even more restrictive rules than the private network addresses defined in RFC 1918: packets to or from link-local addresses must not be allowed to pass through a router at all (RFC 3927, section 7).

To connect to the Internet the PC must have TWO things:
1) IP on same subnet as the router's IP
2) The IP of the Router as the PC's Gateway IP.
(This can be manually via Static IP configuration and saved or via DHCP or other dynamic mechanism)

You can also have the PC set as DHCP but a table of MAC addresses on the Router, so that the PC gets the same IP all the time as if Static, so that port forwarding works (i.e. avoiding Skype relay). The advantage is that the laptop or PC can be used on other DHCP networks elsewhere with no setting changes.

There should only NORMALLY be one gateway IP defined and only on the network interface that physically connects to the router/gateway. It should be blank / empty on any other network devices.

I usually disable zeroconf as it is a problem on some OS if you boot PC and have the ethernet cable disconnected or the WiFi poin is out of range.

redhat_newbie

Static WAN IP = 20.6.104.230 (for eg)

&

Static LAN IPs = 21.6.104.23 to 21.6.104.27

Links:

http://www.experts-exchange.com/Hardware/Networking_Hardware/Routers/Q_21959053.html

www.computing.net/answers/networking/setup-static-wan-ips-and-nat-lan-ip/32521.html

Thanks for the replies and thinking.

watty

It's fairly prehistoric to use public IPs on the LAN. No need. Just use one Static Public IP on the router and static private 192.168.0.xxx per each PC. Safer than putting the entire PC/Server on the internet. Only forward the services that are to be public.


The ONLY reason we are running out of IP4 IPs is the MILLIONS of IPs per USA universities and Military sites. ANY single site nowadays only needs half-a-dozen to a few hundred. Even if you gave every student a real public IP they still have 1000s of times too many.