June 15th, 2013, 10:25 AM
How to advice on static ip addresses
Hi everyone I have moved to Comcast Business services. I have 4 available static ip addresses. I can already port forward from their modem/gateway. It is defaulted to using a dhcp scope if I connect a cat5 cable from the modem/gateway directly to my gigabit interface.
I will start with what I do know. If I were to use a router behind the modem/gateway then I could configure the router to use one of the static ip addresses in the router WAN section.
I just found out that I cannot edit/add my own entries to their DNS servers (mx record). This is problematic in that an assumption must be made the technician creating the ticket has properly noted the correlation of ip to record entry. For example an mx entry for www that maps to available static ip address. The second is that a person is at the mercy of the isp to process the ticket in a timely manner.
My intent is to use the ip addresses to run my own DNS, mail, and web services.
Is it ok to only use 1 ip for all services? I would think this would be a problem for the software BIND, Apache, Mail to assign the same ip address?
So what would I use (hardware) that would handle assignment of all 4 ip addresses behind the modem/gateway and allow connection into the interface card for assigment to DNS, Web, and Mail?
June 15th, 2013, 01:22 PM
Hi MelRay, welcome to DevShed.
You can use one public IP address (given to you by Comcast) for multiple services; in your case BIND, Apache, and Mail. This is known as Port Address Translation. All you'll need to do is purchase a router from your local electronics shop and hook it up to your Comcast modem/gateway. Assign your router one of the public IPs Comcast gave you.
All your devices will connect to that router either wired or wireless (most routers have wifi built into them). The router will hand out private IP addresses, such as 192.168.1.1, to all the devices on your internal network. However, you will want to assign the computer hosting your mail, web, etc... a static IP.
To forward the necessary ports to the "server", all you have to do is point the necessary ports from your router to the private IP address of the machine running the necessary services. Apache is usually ran on port 80 (web traffic), BIND is port 53 I believe, and mail is port 25.
So basically your setup will go Comcast Modem>Router>Internal Network.
Last edited by seack79; June 15th, 2013 at 01:24 PM.
June 15th, 2013, 01:37 PM
Ok thank you very much. So funny as that was what I was just finishing setting up. I guess the next question is I enabled DMZ and used the dhcp assigned ip of the server box(Lease is set to forever). Now it will be out "front" of the cable modem gateway correct? Since I believe this is the case then I guess I still need to have Comcast add a DNS pointer to the static ip I used for the router I just added?
Originally Posted by seack79
June 15th, 2013, 05:16 PM
A DMZ will put it "out front" as you call it. The server won't be behind the firewall built into your router; it will allow public traffic to flow freely to it. In that case you'd have to allow those ports on the server itself if it has a software firewall built in. Comcast can setup your public DNS records for you; or you can do it yourself if the place you bought your domain from allows it. Personally I use http://freedns.afraid.org/ to maintain my public DNS records. They're free, I can edit the records myself, and it works great.
June 16th, 2013, 10:43 AM
I have static IP's on my internet connection and I simply use a switch with multiple routers, one for each public IP. This gives me isolated LAN's per public IP.
It is a truism of American politics that no man who can win an election deserves to. --Trevanian, from the novel Shibumi