jlramirez Premium Member join:2004-10-01 Sugar Grove, IL |
"sticky" IPs, MACs and IP addressesWhat is the best way around a cable provider that uses "sticky" IPs based on MAC addresses when you are supposed to have a block of 5 IPs? I'm used to the traditional blocks given from providers however Mediacom does things a bit differently.
I'm told only 1 IP per MAC and am trying to figure out a way around it on a ASA 5505 device. Any ideas?
TIA |
|
|
Let me ask you this. Does Mediacom support a block of 5 IP addresses? Typically only DSL or "real services" such as T1 that support such IP block. If Mediacom does not support such, then the discussion is a moot point |
|
|
|
meta
Member
2009-Oct-8 10:07 am
If its a business account they can allocate more blocks. They usually just add a static route for whatever subnet they allocate and point it at your customer devices external IP. |
|
jlramirez Premium Member join:2004-10-01 Sugar Grove, IL |
to aryoba
They apparently don't route the block, only assign IPs to MACs but allow multiple statics if I have multiple MACs.
Unfortunately they don't do it like everyone else seems to (ie. Comcast, AT&T, etc) for business accounts.
I thought I read somewhere (wish I remembered) a way to have the ASA use multiple MACs but that was probably trunking I'm thinking of and sub-ifs. |
|
|
meta
Member
2009-Oct-8 8:38 pm
Thats a crock of BS from them lol I havent met a business service provider yet that wouldnt add a static route for cash. Usually the point to point transit address is completely separate from the "lan block" of public addresses they assign and add the static route for. Id just escalate with ur account rep and get them to make it work, or suggest how to configure your firewall to somehow actually use all the addresses you are paying for (and need). |
|
TomS_Git-r-done MVM join:2002-07-19 London, UK |
to jlramirez
Sub-ifs will typically share the same MAC address as the physical interface they are created on, normally because sub-ifs are in different VLANs, and it is not necessary to provide unique MAC addresses in each VLAN.
Im not sure if you can change the MAC on a sub-if either. Probably depends on the platform and software features. |
|
|
Mediacom does not offer the ability to have more than 1 ip assigned per MAC with their cable modem offering. If you were to go the fiber route, they can route whatever size block is needed. |
|
jlramirez Premium Member join:2004-10-01 Sugar Grove, IL 2 edits |
to TomS_
I have the Sec+ license on my 5505. I'm wondering.... Could I do multiple VLANs on different ASA ports (configuring more than 1 outside interface on the other ethernet ports) and assign their statics to the other ports designated as 'outside' ports and do the NAT/Static maps that way with perhaps a single inside port?
Just a thought... Not sure how well the ASA would adapt but was an idea...
EDIT: That won't work as I can't have IPs in the same subnet overlapping other VLANs.... |
|
|
Why cant mediacom do it like charter & time warner cable and just route you a subnet? Crappy non-rip network? |
|
TomS_Git-r-done MVM join:2002-07-19 London, UK |
TomS_
MVM
2009-Oct-9 10:44 pm
I would consider a network running RIP to be crappy. |
|
1 edit |
said by TomS_:I would consider a network running RIP to be crappy. You would consider a HFC cable network running a bridged network to be better than a routed one? Or are you just saying rip in general? I thought thats what most routed cable modem networks used. |
|
1 edit |
meta
Member
2009-Oct-10 1:18 am
If there is any company generating more than a million dollars a year in revenue actually running RIP, they need to spend some of that money and hire a network professional to remove the offending infrastructure. Nobody should be running RIP anymore. |
|
|
said by meta:If there is any company generating more than a million dollars a year in revenue actually running RIP, they need to spend some of that money and hire a network professional to remove the offending infrastructure. Nobody should be running RIP anymore. I guess i thought it was rip due to some of these commands in an ambit, rip auth-mode enable rip interval 30 rip silence-mode disable rip key 1 key-string ******** rip filtered-list del ethernet 1 rip filtered-list del ethernet 2 rip filtered-list del ethernet 3 |
|
|
to meta
said by meta:If there is any company generating more than a million dollars a year in revenue actually running RIP, Actually, yes there are many of them said by meta:they need to spend some of that money and hire a network professional to remove the offending infrastructure. Nobody should be running RIP anymore. On the contrary, those companies pay a lot of money to have such RIP network. In some environments, running RIP as global standard is brilliant idea. But I don't want to elaborate further since the RIP discussion is not what this thread is about. I don't want to derail the train of thoughts or hijack the OP. Anyone who likes to have the RIP discussion, feel free to open up a new thread and I will chime in |
|
aryoba |
to jlramirez
said by jlramirez:What is the best way around a cable provider that uses "sticky" IPs based on MAC addresses when you are supposed to have a block of 5 IPs? I'm used to the traditional blocks given from providers however Mediacom does things a bit differently. I'm told only 1 IP per MAC and am trying to figure out a way around it on a ASA 5505 device. Any ideas? TIA Are you required to have 5 different modem as well? |
|
elnino join:2006-08-27 Akron, OH |
to jlramirez
If you want to use multiple external IPs on your ASA, I think the best way is to statically NAT those to individual IPs on your network. Normally an ASA will proxy-arp for static NAT assignments |
|
TomS_Git-r-done MVM join:2002-07-19 London, UK |
TomS_
MVM
2009-Oct-10 9:53 am
But the MAC address will be the same for all of them, and that is the problem the OP has in this situation. There must be one unique MAC for each IP address for it to work. |
|
TomS_ |
to meta
said by meta:Nobody should be running RIP anymore. I wouldnt go so far as to say that no one should be using it, but there are certainly nicer protocols that could be used instead. |
|
TomS_ |
to cooldude9919
said by cooldude9919:You would consider a HFC cable network running a bridged network to be better than a routed one? Or are you just saying rip in general? I thought thats what most routed cable modem networks used. [/BQUOTE Im not familiar with HFC networks, but just RIP in general. Refer to my post above. |
|
jlramirez Premium Member join:2004-10-01 Sugar Grove, IL |
to aryoba
said by aryoba:said by jlramirez:What is the best way around a cable provider that uses "sticky" IPs based on MAC addresses when you are supposed to have a block of 5 IPs? I'm used to the traditional blocks given from providers however Mediacom does things a bit differently. I'm told only 1 IP per MAC and am trying to figure out a way around it on a ASA 5505 device. Any ideas? TIA Are you required to have 5 different modem as well? No, they say to put a switch in connected to their modem and get 5 different firewalls or to otherwise connect the servers directly to the internet. Amazing, I feel like I've jumped back more than a decade.... |
|
|
aryoba
MVM
2009-Oct-12 9:04 am
said by jlramirez:said by aryoba:said by jlramirez:What is the best way around a cable provider that uses "sticky" IPs based on MAC addresses when you are supposed to have a block of 5 IPs? I'm used to the traditional blocks given from providers however Mediacom does things a bit differently. I'm told only 1 IP per MAC and am trying to figure out a way around it on a ASA 5505 device. Any ideas? TIA Are you required to have 5 different modem as well? No, they say to put a switch in connected to their modem and get 5 different firewalls or to otherwise connect the servers directly to the internet. For testing purposes, you definitely can try this kind of setup. However I'm not sure if the setup will work or be reliable. said by jlramirez:I feel like I've jumped back more than a decade.... I agree |
|