Getting DSL with 5 Static IPs, a few questions...

[ahsia]

I have been previously using cable modem, for a good 3 years, but recently moved to a place with cable is not an option, so I had to go with DSL. I have 4 machines, a work laptop, a gaming machine, a file server, and another P4 I am currently building. Decided to spend $15 extra and get the 5 static IPs instead of one dynamic, but I got a few questions:

1. I am worried about none of my machines being behind a router. The router I had didn't have a firewall, but at least it provided some protection. Now that these machines will be connect directed to the internet, do I need to use some kind of software firewall (i.e. BlackIce, ZoneAlarm) to be on the safe side? If so, what should I use?

2. I have the Linksys BEFSR41, the 4-port router with both a WAN port and a uplink port on the back. Since I am getting 5 IPs, I really don't need a router. Am I able to use this router strictly as a switch with the uplink port? So I can connect the DSL modem to the uplink port, and use the 4 ports for my 4 machines.

3. I have a few roommates that would like a wireless connection. If I do get a wireless router, will I be able to use one of the IPs I get and use the wireless router behind the Linksys BEFSR41 (since I am using this as a switch)?

4. This is a general DSL question. The service I ordered is 5 static IPs with 384kbps-1.5mbps. Now, is that 384kbps-1.5mbps per IP? Or 384kbps-1.5mbps for all 5 IPs? I assume it is per IP, but I wanted to get that straight.

Sorry for all the questions. I have been using cable modem, and never really had to deal with having a direct connection with an IP since I have always used a router. Thanks for the help...

 

[Scarpozzi]

1. I am worried about none of my machines being behind a router. The router I had didn't have a firewall, but at least it provided some protection. Now that these machines will be connect directed to the internet, do I need to use some kind of software firewall (i.e. BlackIce, ZoneAlarm) to be on the safe side? If so, what should I use?

Zone Alarm is free...should be fine. I would recommend that if you run any Linux boxes, be sure to lock those down as well using the firewall settings.

2. I have the Linksys BEFSR41, the 4-port router with both a WAN port and a uplink port on the back. Since I am getting 5 IPs, I really don't need a router. Am I able to use this router strictly as a switch with the uplink port? So I can connect the DSL modem to the uplink port, and use the 4 ports for my 4 machines.

I'm not sure exactly how that will work having 5 ips on one DSL connection. It will be easier when you figure out how your ISP is setup.

3. I have a few roommates that would like a wireless connection. If I do get a wireless router, will I be able to use one of the IPs I get and use the wireless router behind the Linksys BEFSR41 (since I am using this as a switch)?

That will work fine. You can take any of those IPs and use a wireless router to provide even more connections through NAT.

4. This is a general DSL question. The service I ordered is 5 static IPs with 384kbps-1.5mbps. Now, is that 384kbps-1.5mbps per IP? Or 384kbps-1.5mbps for all 5 IPs? I assume it is per IP, but I wanted to get that straight.

You're going to have 1.5mbps for all 5 IPs. It's not based on IP, it's based on max bandwidth through your DSL line and/or modem. You should be able to share the connection and won't see much of a bandwidth limitation unless you're trying to upload files to somewhere else. I ran a website from mine for 2 years and could only support about 15 connections at once without them seeing much of a performance hit.

I would recommend putting up a hardware firewall if possible. Only run the systems you must outside of that hardware firewall. DSL connections are always targetted by worm viruses for DOS attacks and just about any other malicious worms....

By the way...if they have a deal with 1 ip that's cheaper, it may be a better deal unless you really need the extra IPs. With the router, you should be able to use NAT to get about 25 private addresses out of each one.

 

[vi edit]

You can still use your router, just don't enable DHCP, and set up one to one NAT if you can.

Basically, 1to1 works like this - give machine a private IP - 192.168.0.2, and then assign a public IP for it on the router side and point to it. So, if anybody on the outside world trys hooking up with say 216.195.209.145(random public IP) the router grabs it, then points it to the private IP you have assigned.

This is nice because it's still technically a pingable address, but you have the advantage of doing port restrictions on the router.

 

[ahsia]

Originally posted by: vi_edit
You can still use your router, just don't enable DHCP, and set up one to one NAT if you can.

Basically, 1to1 works like this - give machine a private IP - 192.168.0.2, and then assign a public IP for it on the router side and point to it. So, if anybody on the outside world trys hooking up with say 216.195.209.145(random public IP) the router grabs it, then points it to the private IP you have assigned.

This is nice because it's still technically a pingable address, but you have the advantage of doing port restrictions on the router.

What routers have the "One to One" NAT capability? Most routers I know can only handle one IP address. This would nice so I won't have to worry about having a software firewall on each machine. I can just configure the router, and the ports I want to have open.

As for the 5 IPs, I don't really need all 5, since I do have a router. I know almost all router can NAT upto 253 private addresses, but the bandwidth issue is what I am concerned about. At times when my roommate runs P2P programs such as Kazaa, our one dynamic connection gets so poor that I feel like I am on 14.4K dial up, which is why I thought going with 5 IPs, I would be getting 384kbps-1.5mbps connection for each individual IP. But if 5 IPs are sharing that bandwidth, then the only benefit I would be getting would be have a static address vs. a dynamic address. Can someone else shed some light on this? Thanks!

 

[vi edit]

but the bandwidth issue is what I am concerned about. At times when my roommate runs P2P programs such as Kazaa, our one dynamic connection gets so poor that I feel like I am on 14.4K dial up, which is why I thought going with 5 IPs, I would be getting 384kbps-1.5mbps connection for each individual IP. But if 5 IPs are sharing that bandwidth, then the only benefit I would be getting would be have a static address vs. a dynamic address

No, it doesn't work that way. You have one DSL connection coming into the house with a set bandwith limit. You can have 1 IP or you can have 50 IP's running off that line any you still only have that set bandwith limit. You can't magically add bandwith with adding another IP. The only way you can do it is by getting a second DSL connection.

 

[ahsia]

Originally posted by: vi_edit

but the bandwidth issue is what I am concerned about. At times when my roommate runs P2P programs such as Kazaa, our one dynamic connection gets so poor that I feel like I am on 14.4K dial up, which is why I thought going with 5 IPs, I would be getting 384kbps-1.5mbps connection for each individual IP. But if 5 IPs are sharing that bandwidth, then the only benefit I would be getting would be have a static address vs. a dynamic address

No, it doesn't work that way. You have one DSL connection coming into the house with a set bandwith limit. You can have 1 IP or you can have 50 IP's running off that line any you still only have that set bandwith limit. You can't magically add bandwith with adding another IP. The only way you can do it is by getting a second DSL connection.

Well, I did some research on SBC Pac Bell's site, and this is what they said:

"With S Package SBC Yahoo! DSL service, does each IP address operate at the same speed?

Yes"

SBC Q and A

I don't know what that exactly means, "operate at the same speed", because the S Package offered by SBC comes with 5 IP static, and the bandwidth listed is 384kbps - 1.5mbps. I would assume that they are saying each IP operates at that bandwidth.... I don't know. Can anyone who knows more about DSL help out here?

 

[vi edit]

"With S Package SBC Yahoo! DSL service, does each IP address operate at the same speed?

Poorly worded question, with an even more misguided answer.

Simply put, you can not increase bandwith without either a) upping your bandwith agreement or b) adding in an extra line

If you have a 1.5 megabit line, that will be all that you ever get. Every single machine (Static or NAT) will share that bandwith.

The only reasons for getting static IP's are for the following -
- when you don't have a router/nat device
- when you want to host a web server without setting up some sort of dynamic DNS service
- when you have multiple PC's trying to use online services that require unique IP's

Adding IP's does not add bandwith.

 

[ahsia]

I definitely agree with your theory. I can't imagine they being able to give that much bandwidth to each static IP. Especially since their premium package gives 5 static at 1.5mbps - 6mbps. That would mean each static could get up to 6mbps? I don't think so. By the way, you know of any routers that does one-to-one NAT routing like you mentioned?

 

[vi edit]

I'll poke around my linksys when I get home. I thought it had it. Not sure though.

Otherwise, I know that some comsumer level hardware firewalls by norton and sonicwall will do if for sure. Those solutions would actually be preferable, at least in my opinion.