INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

new connection with 6 static public IPs (/29 block) routed via single /30

new connection with 6 static public IPs (/29 block) routed via single /30

new connection with 6 static public IPs (/29 block) routed via single /30

(OP)
We're getting a new connection which the provider describes as having 6 static public IPs (/29 block) routed via single /30. In the past I've always just gotten a /29 for our connections, where I would have private ip address on one router interface (192.168.0.1/24 say) and then second router interface with one of the public ip addresses and would put in a default route to the provider ip from the same subnet ie if subnet block was 50.50.50.0/29 provider gateway would be 50.50.50.1 and my router external interface would be 50.50.50.2. Then I would use static nat to have 4 devices with public ip addresses.

How do I handle these two public ip ranges that provider is giving me? For example let's use private/internal subnet of 192.168.0.0/24, router ip of 192.168.0.1, public subnet 100.100.100.0/30 where provider has told me to configure 100.100.100.2 as my external router interface, and add a default route to 100.100.100.1(address on their end), and second subnet is 200.200.200.0/29. Do I need a router with 3 interfaces, one for each subnet? Or do I need two routers like this
Private subnet ->router -> public /29 subnet ->router ->public /30 subnet ?
Right now I'm looking at using a Cisco 2811 as router, interfaces fe0/0 and fe0/1. Normally I would use fe0/0 for outside/public address and fe0/1 for inside/private address, then use ip nat overload for client internet access and ip nat static for web server/mail server.

Does anyone have experience with a connection like this? Any help appreciated, thanks

RE: new connection with 6 static public IPs (/29 block) routed via single /30

Been a while since I have done one like this (literally years) but from what I remember we would assign the /30 address to the physical interface connected to the service provider and then set up a Loopback interface with the IP addresses of the public assigned to us. We could then set up NAT and port forwarding as needed.

I believe you can also assign ALL the addresses to the interface assigned to the SP using IP address X.X.X.X X.X.X.X secondary

Mike

RE: new connection with 6 static public IPs (/29 block) routed via single /30

Your provider should be routing your /29---you can configure inside interface as public (the /29 addresses) or NATted to privates.

-Tim

ip access-list extended IP-Options-and-Powerball
deny ip any any winning-powerball-ticket
permit ip any any option any-options
!
class-map ACL-Options-and-Powerball
match access-group name IP-Options-and-Powerball
!
policy-map CoPP-POLICY
class ACL-Options-and-Powerball
drop
!
control-plane
service-policy input CoPP-POLICY

RE: new connection with 6 static public IPs (/29 block) routed via single /30

(OP)
Thanks for the input guys. Sorry for the delay getting back. Right now I have it configured with basic NAT overload configuration with /30 address on external interface, private address on internal interface, and as you said Mike one of the /29 addresses as a loopback. NAT overload is working properly and I am able to ping and do traceroute to /29 loopback address from outside so I know service provider is doing the routing to this subnet. Will be adding static NAT and also site to site vpn onto it shortly. It's located at a new site that is still in state of change. Thanks again

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close