how-to block ads
|
netlive
join:2008-05-14
 ·CenturyLink
| Re: Static IP addresses Sorry, but this isn't how static IPs work, especially if you are running mail services that rely on reverse DNS resolution.
There is no "negating" the sticky vs. static "thing". A sticky IP ***IS NOT*** a static IP. I will repeat this as many times as it takes until people stop spreading this false information. They work in completely different ways and have entirely different characteristics that are meaningful when hosting services in house.
The only way you can "correct" this is to find an ISP that has a clue and will actually allocate real static IPs. | |
|  DJBuzz24
join:2008-07-01
Fort Smith, AR
 ·Suddenlink
1 edit | Re: Static IP addresses once you find an "isp that has a clue", they're most likely going to agree with you to appease you.
The problem you are most likely experiencing is 2 fold....
1. You don't like DHCP because it requires your MAC address to be registered with the ISP. This prevents you from buying your own CPE and configuring it without your ISP being notified. If you do not notify them, your static IP will not be properly assigned and routed. This is 100% common with DHCP, but more commonly being used in router-level DHCP configurations for security purposes as well.
2. You're upset about PPPoE. This is a bone of contention for many people, as the appearance of a username/password combination is "old-school", and true services should only be run over Point-to-Point circuits. This is old-school thinking, and though there is a bit of overhead associated with PPPoE, the line of thinking that authentication of circuit access is "not cool" is simply a misnomer.
In either case, you'll be better off with a full PtP circuit that doesn't rely on DHCP (though many actually do, and have for over a decade), or just simply getting over a common misnomer of how IP addresses are assigned.
My recommendation is that if it works 9 out of 10 times (90%), you should call tech support on the 1 time it fails. Common PtP circuits guarantee availability of 99.90% uptime or better, generating a required call to support .10% of the time. You're trading 10% availability for 1/10th the cost.
In any event, this isn't a pissing contest, but rather just trying to help someone with buzzword misconceptions.
***UPDATE***
netlive, since you're running services on your connection and if you're not using an upstream DNS server (master, off-site DNS), my suggestion would be to grab a simple piece of software that notifies you anytime your WAN IP changes. Many of these small programs can email, sms, or IM you your new IP, allowing you to make the necessary changes on your end (i.e. calling support to report the outage).
You could also register for DynDNS, etc, which will update your host file with your new IP. I can honestly say that, in many past experiences, editing the hostfile, updating the serial number, restarting BIND, and checking my work never took more than 15-20 seconds for it to aggregate to most US servers. Back in the day it could take up to 24hrs to aggregate worldwide, but we're on much, much faster equipment now 
again, just trying to help. | |
| | netlive
join:2008-05-14
·CenturyLink
| Re: Static IP addresses Although I may sound crabby I am also just trying to help by clearing up this ongoing persistent confusion over this issue.
As I have said numerous times already, you cannot effectively run an email server without proper reverse DNS resolution. This simply cannot be done with a sticky IP because reverse DNS authority cannot be delegated for it. That means your email service is not going to work properly. You have offered several hacks trying to make a sticky IP work like a static IP, but none of them address the reverse DNS issue.
Dynamic DNS resolvers are also not the solution for the same reason. It's also really unprofessional for customer-facing services, and results in needless, randomly dropped connections with a variable and uncontrollable time-to-recovery.
My beef is not with PPPoE or sticky IPs themselves, as these are clearly residential class services used by residential customers doing residential things with them. My beef is with the real misnomer of people insisting that static IPs and sticky IPs are interchangeable with just a few little hacks. This simply is not the case.
Really all you are talking about is getting an IP that doesn't change, and if that's all you care about then I have no argument that sticky IPs do the job just fine. But a static IP is more than just an IP that doesn't change, and anybody who doesn't understand this has obviously never been in a situation where the differences actually mattered. That still doesn't mean that the sticky IP that works in your case is a suitable replacement for a static IP that is necessary in other cases.
And I'm not really sure why it matters in the context of this discussion, but I do operate 6 DNS servers (among other services) in data centers that are dispersed across 3 continents. I also maintain both incoming and outgoing VPN connections across redundant business class DSL lines (with real static IPs) in order to monitor, maintain, and provide failover services to these systems. And yes, this is just one such instance where the differences between sticky IP and static IP means the difference between functional and not functional. | |
| | | DJBuzz24
join:2008-07-01
Fort Smith, AR
·Suddenlink
1 edit | Re: Static IP addresses Seriously, just hard-code your IP's on all your interfaces, including your router's WAN interface as well as your Modem's DSL interface.
Regardless of whether the addresses are statically assigned or dynamically assigned, they'll be hard-coded, the interfaces mac addresses and IP's cached in the ARP tables, and the routed network shouldn't care how the addresses got there.
You can test this by using a private LAN in your home. Use your router to assign DHCP addresses, then hard code your clients (laptop .2, desktop .3, xbox .4, etc) IP's. Fire up your hard-coded laptop, etc, and watch it move traffic. If you boot another machine with a different hard coded IP, it will work as well. As long as the MAC's are registered with the DHCP server and show up in the ARP tables, you'll be surfing away. Most consumer routers will even allow you to save your DHCP config so that those MAC addresses are not only required, but will be the only interfaces to get the addresses they're designed to get.
I know this is going to sound like, "it's not a bug, it's a feature", but running DHCP for the customer's network, *especially* a business, introduces a bit of added security for the client in that unauthorized equipment are less likely to be able to connect to the network.
**edit**
As for your DNS resolution, as long as your in-addr's are setup correctly, things should work. You may need to get a DNS admin on the phone with your upstream provider, but what you're talking about doing is nothing not already being done and working well.
If your problems exist beyond this, I'll be glad to work through some with you. It's what I do for a living now, and in all of the cases I've worked I've never met a total failure. | |
| | | | netlive
join:2008-05-14
·CenturyLink
| Re: Static IP addresses Do you even know what reverse DNS is or how it works? Your comments sound more like an incoherent buzzword dump from some wiki article. Your description of this process outs you as someone who has never dealt with it before, nor even understands the basic principles at work.
"You may need to get a DNS admin on the phone with your upstream provider, but what you're talking about doing is nothing not already being done and working well."
Is that so? They can just wave a magic wand and suddenly authority is delegated for an IP that is still controlled by their DHCP server? That sounds like a really neat trick. Go ahead and get CenturyTel (or any other sticky IP provider for that matter) on the phone and let us know how that works for you.
And which magic hack do you use to configure a virtual IP out of your DHCP-controlled IP? What about configuring multihomed providers? We could go down this road all day long, but the short of it is that you're just reaching for excuses as to why your hacks are suitable replacements for proper configurations. If you are truly doing this for a living you should be seeking to expand your understanding of proper solutions and not making excuses for ridiculous hacks that only work in limited circumstances.
I won't even go into your scenario regarding DHCP because it's wholly irrelevant to the topic, but DHCP as a security feature because it limits unauthorized equipment? Where in the world are you getting this stuff? You sound like someone who knows just enough to be really dangerous, and the worst part is you are defending your hacks as reasonable solutions and trying to pass them off as professionally sound advice. | |
| | | | | 
GeekJedi
RF is Good For You
Premium
join:2001-06-21
Mukwonago, WI
clubs:
1 edit | Re: Static IP addresses Wow. Can you be even *more* condescending?
--
The goal of the broadcast engineer is to get all the meters on the transmitter to go as far to the right as possible!! | |
| | | | | | DJBuzz24
join:2008-07-01
Fort Smith, AR
·Suddenlink
| Re: Static IP addresses said by GeekJedi  :Wow. Can you be even *more* condescending? It would seem he is angry at me for suggesting that configuring your static IP on your interfaces is some sort of "hack", instead of some sort of step in the configuration process.
Maybe I should just FedEx him my magic wand. | |
| | | | | | | DJBuzz24
join:2008-07-01
Fort Smith, AR
·Suddenlink
| Re: Static IP addresses alright, now I think I've thought about it enough and realized what netlive's problem may be....
Maybe the PTR's, etc aren't all setup correctly. There's a good chance your upstream provider doesn't have anything more than placeholders (if anything at all), causing your reverse DNS to fail.
In all honesty, I've run mail servers out of various apartments like this for years, and always behind a NAT'd, DHCP'd network. It's cool in that I assign IP's on the devices that stay on the network, while allowing a certain set (say, all .20's) to remain DHCP assigned for LAN parties, etc. I've even had DNS servers running off those connections, but I've always made sure my upstream provider (the one that owns the netblock I'm in) was providing forwarding with proper PTR's setup to point to my A records.
AOL used to have some kinda reverse resolver thing that would tell you if your reverse DNS was setup correctly. I'm sure you can google it and find it or something similar.
But in all seriousness, netlive, it's more than likely foul DNS causing your issue and nothing to do with how your IP address is assigned. Again, your configuration may be fine, but your upstream would need to have their end configured as well.
I read your SinTel review, and I've got to agree with another poster...the entire experience sounds ill. I feel your pain, as I've certainly had my share of bad ISP experiences, and SinTel is no exception (man, I used to *hate* their billing dept), but at the end of the day I'm glad you found someone that could provide specifically what you needed.
I think Nunya should at least give it a shot, as support@centurytel.net and this forum are only a few clicks away | |
| | | | | | | | netlive
join:2008-05-14
·CenturyLink
| Re: Static IP addresses I have nothing against you DJBuzz. Since you've read my CT review you know that for the better part of 2 months I had no other option than to try every hack possible in a vain attempt to make my situation work. It just wasn't going to happen. I knew going in that I was in the top 1% of cases where hacks (or "work-arounds" if you prefer) weren't going to work, which is why I spoke with a dozen different CT reps at all levels to confirm that their services were described accurately. I carefully explained my situation over and over again just to make sure there was no confusion over terminology. It wasn't until I actually went to set up service that I came to find out everything I had been told was a lie, and that conveniently they had "no records of me ever calling them" about the issue.
So yeah, I'm still really raw about the whole static vs sticky thing, especially after being lied to so thoroughly by a major ISP about it. I don't care what work-arounds you can implement for sticky IPs, they still aren't static IPs. For 90% or more of the people out there this doesn't make a difference, but that still doesn't mean you can describe them as interchangeable because they aren't in all cases. That is the entire substance of my ongoing argument.
And I will be updating my CT review shortly as I am learning even more about CenturyTel's situation here, and believe it or not it gets even uglier. | |
| | | | | DJBuzz24
join:2008-07-01
Fort Smith, AR
·Suddenlink
1 edit | thanks for your input, netlive, but I was addressing Nunya's original question about running reliable services off his business class connection. Nunya, you can indeed do this, as I've stated. As for modems and routers, certainly stay away from the Westell's. If you can still get the 2wire gear from CenturyTel I would go that route. Again, don't worry about PPPoE, as your circuit should be provisioned to compensate for any overhead (the biggest concern I've heard).
As for you, netlive, obviously what works well in practice on my installs does not work for you. I have no desire to get into a pissing contest or compare resumes. As for getting a DNS admin on the phone, this is something that should easily be passed along from your account manager @ CenturyTel. All the DNS guys should have to do is setup your in-addrs for your routed network, and if you know anything about DNS, the rest is your responsibility. Chances are there are already pointer records on their servers, but most likely not the hostnames you're wanting (dsl4923.yourarea.centurytel.net). Again, if this is the case, you should let your account rep know, and get a Tier 3 or better on the phone.
I've never had much problem making this happen (especially with business accounts), but YMMV.
BTW, every bit of this is off the top of my head, as it has indeed been a couple years since I've actually done full-time DNS administration. However, I do still manage several domains, a few of which are hosted over these very types of connections, and all of which work 99.9% of the time. I can assure you that if I were using a wiki, etc my posts would most likely be more documentation than suggestion. S'just how I roll.
And yes, I know just enough to be dangerous. But then again, I'm not the one with the problem. | |
| | | |
|
