-
We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.
Multiple public Static IP addresses
Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
networkman
Lifer
Considering that the folks that had the "cheek" to tell you you shouldn't be doing it that way ALSO happen to be some of the sharpest network folks in the entire Anandtech forums, that should give you pause to consider their input. Of course you'd have known that had you been browsing the forums for a while before taking the opportunity to post and subsequently insult the lot of them.
The fact that some are still willing to help you at all is a testament to their character.
The fact that some are still willing to help you at all is a testament to their character.
1. I am trying to confgiure one-to-one NAT on my Zyxel Prestige 660H router. I would like to map each external public IP to particular internal IP addresses. My IP Information sent to me by my ISP is:
Router IP address: 87.127.54.*
No NAT IP range: 87.127.54.* to 87.127.54.*
Netmask: 255.255.255.248
A screenshot of my router NAT config:
http://img507.imageshack.us/img507/1820/router0mv.png
2. To test it, I am forwarding a particular external IP to my internal desktop IP and opening my browser and going to whatismyip.com to see if it's using it properly.
When I do this, it either won't load any pages or will just use the router IP.
3. There's nothing in the logs to speak of.
I've tried that too, doesn't work. When I set it up to use one-to-one NAT none of my machines can access the internet in any way. I know that the addresses exist and are working because when I disabled NAT entirely on the router and gave my machines NIC cards the external addresses it worked, but it wasn't secure so I want to use one-to-one NAT.
It may be that my router is a plastic piece of crap. I only bought it new back in April and chose it because it claimed to be able to handle multiple addresses, which it seems to fail miserably at. Looks like I may replace it with a Cisco 837 or something.
RebateMonger
Elite Member
Yeah, SSL throws a wrench into hosting multiple secure public WEB sites with only one IP address. You can create wildcard SSL certificates if all of the web sites have the same root domain names, but if you host completely different domains, it's a problem.
You are right. There ARE circumstances where multiple IPs at a site are necessary or desirable.
I'm moving my company's SBS 2003 Server to my home, where I already have my own SBS 2003 Server. Since my home SBS Server acts as a test bed, I'll want it directly hooked to the Internet with its own IP, just like my main business Server. But I COULD have used a single IP for all this, using ISA 2004's server publishing capabilities. And I certainly WOULD have used a single IP if the second server was a simple Web, FTP, or Terminal Server.
The initial replies to the OP were based upon a his/her requirements that included no mention of SSL sites, only basic web hosting and remote access functions. Those are easily handled with a single IP address, with less cost and complication than with multiple IP addresses.
I'm just thinking of the initial security issues. I can't count the number of times a person has asked me how to put 2 or 3 computers on an internal network with public IP's only to have them come back a week or two later saying, um yeah, my computer now has all these viruses on it or that it was compromised due to having a public IP going directly to the computer. It's just a bad idea IMO. If you do actually have one of the few legitimate reasons for having this type of setup, you would also have the knowledge of how to implement it with your router and how to put the proper safeguards to protect from malicious activity, which the OP obviously doesn't.
There are legimate Pro. Situation that multi public IP is needed.
However the general public usually needs them for,
Manipu;ation of IPs when one is banned of a server.
Game servers schemes.
Bidding on sites that do not allow large quantity of purchasing by one bidder.
And few more activities like the above that do not deserve help to begin with.
:sun:
However the general public usually needs them for,
Manipu;ation of IPs when one is banned of a server.
Game servers schemes.
Bidding on sites that do not allow large quantity of purchasing by one bidder.
And few more activities like the above that do not deserve help to begin with.
:sun:
RebateMonger
Elite Member
Yup. I've seen that EXACT thing happen. It was a worm that placed itself in all the shared folders of an XP computer, which then replicated itself to other shared folders on other PCs. This was before the XP SP2 firewall was out.
Why do you people always have to assume the worst?
I don't have multiple IPs for any of those reasons you mentioned. If I wanted to go on a site I was banned off I would just use an open proxy. Simple as.
I have multiple IP addresses because I host multiple sites on multiple servers. None of them use SSL at this moment in time but I need to use multiple servers for load balancing, i.e. one server for scripts (Coldfusion & ASP etc.) and one for static content such as images. Also, I'm a Windows guy so I use Server 2003 & IIS/6.0 not Apache.
Also, there may be a time when I want to run a Gameserver or whatever , so the flexibility of not being forced to use NAT is good for me.
Perhaps your objections to me having multiple IPs run deeper than simple advice. Maybe it's a kind of IP communism where you think that because IPs are running out they should be rationed or something.
Anyhow, I know what needs to be done and how to do it, but like I said it doesn't work probably because my router is either broken or just crap.
I guess that 8 years of experience in tying to provide voluntary help on public BBS' results with some sense of profiling that is derived from the communication style of the Help Seeker.
Of course there are times that mistakes are made, but in general it holds.:light:
:sun:
RebateMonger
Elite Member
Original request:
New request:
These are two ENTIRELY different situations. Which one do you want the answer to?
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 25K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 24K
-
-
