Geek help: static IP addresses

[ciphergoth]

Quick geek help sought with making sure I understand IP routing properly.

Zen have allocated me the static IP address block 82.68.129.72/29. Of these eight addresses, one is the network address, one is the broadcast address.

I've fitted an ADSL card to my main PC, saltationism. So it has two interfaces: an ADSL interface and a LAN one. That's two more addresses taken. So there are four left: I can give up to four more machines on the LAN static IP addresses.

The thing that worries me is that if the subnet for the LAN is 82.68.129.72/29, then can I assign an address from that subnet to the ADSL card? If I do, will my LAN be able to route to that address? If not, what should I do instead?

Comments

[adrasteah.livejournal.com]

What do you mean by ADSL card?

Your PC should only need one IP address.

You need an IP address for your router/gateway as well, or is that what you mean by ADSL card?

[mr-purpleduck.livejournal.com]

It would be best to use NAT on the inside LAN and not use real world addresses, as you would have to use saltationism as a bridge device (i.e. it's being not a router) as the 82.68.129.72/29 subnet can not be on the ADSL interface and the LAN interface at the same time as this would lead to to routing table entries.

I know iptables in Linux has support for bridges, so it would be possible to have this topology. But it would involve using proxy-arp which gives one of those ick feelings.

[kimble.livejournal.com]

Is the ADSL (ppp) interface automatically negotiating its IP with the remote end, and if so, is it being allocated an address in that subnet?

I'm with Nildram, not Zen, but I have a single (static) IP as part of the basic service in addition to my routed subnet. On the router (a linux box with USB stingray thing, so I'd guess functionally equivalent to your PCI setup) I have a ppp0, which has the single static IP (which isn't part of my subnet) and an eth0 that I've allocated the first IP from my subnet to.

I've heard that it's possible to get a ppp device to use the same IP as eth0, but haven't tried that myself. I have (accidentally, cos I didn't read the instructions properly) previously set the router up to give ppp0 an address from my subnet, and that didn't seem to break anything - but was a waste of a perfectly good IP address.

YMMV

[olethros.livejournal.com]

Hmm, this could go a couple of ways depending on what Zen have in mind - and I don't have enough info about that to be able to say for sure.

I'll point you in both directions and see what falls out. There are two ways of routing your /29.

One is that your ADSL line and your LAN are two separate networks, with two different address allocations. The ADSL line will have (say) a /30 - two reserved, one their end, one the ADSL card on your PC router. Separately, Zen's router will have a configuration set that any traffic for 82.68.129.72/29 will be fired at your router, and it's up to it to do the right thing from there.

The other way is as I think you suspect - every device on your network lies inside that /29, including your main PC. This is how my DSL back at home works, but in your instance it's slightly wackier because your ADSL card and your LAN need to be on the same logical network and have addresses on the same subnet. If that is how you're supposed to set this up then you'll need to enable bridging in some manner between your ADSL card and your LAN interface.

wechsler had the idea that you could split your /29 into two /30s, and assign one to the ADSL link and the other to your LAN - but while that's possible it (like either of the above) will only work if that's how Zen expect you to do it.

Sorry if that's clear as mud -- bother me at Whitby for more info. :)

[hughe.livejournal.com]

82.68.129.72 - Network address
82.68.129.73  - available
82.68.129.74  - available
82.68.129.75  - available
82.68.129.76  - available
82.68.129.77 - LAN IP on linux  \__ bridge / firewall between
82.68.129.78 - ADSL IP on linux /
82.68.129.79 - Broadcast address

i dont see it being too much of a problem.

You could just use 192.168 addresses and do port forwarding for what you need.

[drreagan.livejournal.com]

Simple solution: have the other machines on the network send their routes to the PC's ethernet cards IP address as their gateway/router.
There's no reason why they would need to talk directly to the IP address of the ADSL card.

Another solution is to set up some sort of bridging between the ADSL card and the Ethernet card. If your ADSL interface is working via PPP of some sort, adding the word "proxyarp" to the PPP options file will make this work. If it's acting like an ethernet card of some sort, then it'll be more difficult.

[stgpcm.livejournal.com]

what is the presentation of the card on your box? ppp or eth?

if it is ppp what is the other end?

you should be able to get away with having the same address on both interfaces - assuming the linux PPP stuff isn't completely braindead.

[simm42.livejournal.com]

You can deffinatly have the linux gateway running the same IP for the ppp0 and eth0 - you just have to get your IP tables rules right - I have figured something similar out at work - but only done it once so it would probably take me the same time again, with lots of call to man.

Another option you have is keeping a 192.168. with a 255.255.255.0 netmask home network, giving eth0 the usual .1 on router and whatever it gets on the ADSL, though then just use IP tables to re route each address on the ADSL, either one to one, or one to many to machines on the inside. What you may want to do is one to one all the available IP addresses, then use your gateway IP address and masquerade that one through to any machines you dont want to give one to one. This gives protection to them, lets them log onto the net, but makes anyone getting into them a bit harder.

That way from your 8 you lose one to the network address, one to broadcast, you have 1 for your gateway machine, which is also used for any machines sitting behind IP masquerading and then you have the other 5 IP addresses all available.

This is what I have been planning to do myself as once I live in an area that can have ADSL I plan to get zen, unfortunatly unless they can persuade the new forest ponies that they want to be online it will probably be after I next move house - so may be a while.

You probably also want to set up a domain registreation for you home network, put DNS (BIND being the obvious choice, though I use dnsmasq as a nice light weight alternative) on your gateway so you can name your machines, and remember to put an IP tables rule in that if you are requesting one of the external addresses for your network it actually routes it internally so you get network rather than broadband bandwidth.

Should hopefully make it to Whitby on the friday night - though we wont be hitting the main gig. Possibly being coming on the saturday with Jareth, will depend how he is feeling, he's had a bit of a cold and at 4 weeks old we are being a little careful with him.

Might see you around

Simon

Tis a bit late at night for me to answer right now...

[kingginger.livejournal.com]

... but have you got it sorted?

If not I can chuck in 2 pence tommorow as to how I run my static IP's from Plus.net

Although I dont use Linux, I shouldnt imagine things would be that different on Windows??