dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
680
NortheastIT
Premium Member
join:2014-07-31
Stewartsville, NJ

NortheastIT

Premium Member

[Networking] Multiple static IP's

I have a customer site where they have a block of 5 IP's assigned. They are using A sonicWALL NSA class Firewall / router as primary, and the Actiontec is behind assigned an IP on the LAN.
For various reasons to long to go into here, The firewall was setup a couple of years ago to only use the primary IP> 71.168.222.218 subnet 255.255.255.0 with a default gateway address of 71.168.222.1 and worked fine.

However, now there is a need to place the other IP's into play.

Now here is where my confusion started..
I want to set aside 71.168.222.222 to be passed through (transparent) the primary router which will be used to connect to a second router to service their equipment test /staging area.
I reconfigured the primary router from the single static IP to recognize the range, WAN was now set to 71.168.222.218 /255.255.255.248. A DMZ Interface was set to use 71.168.222.222. Once all setting were completed, I tried to test it using a laptop, as the second router is not on site yet. I ran into two issues related to the gateway.
The gateway Verizon wants us to use, 71.168.222.1 falls outside of the range assigned. First the firewall blocked traffic from that interface thinking it was a IP Spoof, Second the NIC card warned setting the default gateway was from different subnet. When I forced the setting anyway, the laptop could not go out on internet.

Believing the "proper" IP/ subnet should be 71.168.222.218/29 or 255.255.255.248, network ID 71.168.222.216 range 71.168.222.217 to 222, and broadcast ID 71.168.222.223. Verizon did not include 217 in my block of 5 IP's. So I set the gateway address to 217, It worked, I was able to go online and ping / tracert the works. What I found to be unsettling, however, is that it also worked when i made the gateway 218... can someone clarify how this should be, or at least tell me if I
am I correct in assuming I can use this as the gateway address?? I need to be sure this isn't going to drop if I use 217 as gateway.
Any assistance is greatly appreciated.

nycdave
MVM
join:1999-11-16
Melville, NY

nycdave

MVM

You can't use any other IP as the gateway IP except .1.
elefante72
join:2010-12-03
East Amherst, NY

elefante72

Member

@nycdave I think I read one time from you that even though they provide specific blocks, it is still a /24 network, hence the .1 GW. Is this correct?
NortheastIT
Premium Member
join:2014-07-31
Stewartsville, NJ

NortheastIT to nycdave

Premium Member

to nycdave
Well at present it is working.. guess is for how long.

What I find most troubling is no one can explain why.

I don't think there is such thing in conventional subnetting as a 5 block of addresses.

/29 consists of 8 IPs, 1 net ID, 1 Broadcast and typically 1 GW, 5 usable.

My theory is that Verizon does chop up the /24 in the same fashion- reserving the one IP for the actiontec modem in the typical setup. That address is really the gateway for the subnet. the .1 is the "gateway" for all the actiontec modems on the supernet. look at a Comcast modem. It works the same way. If your assigned a static IP and you choose to use your modem in transparent mode, the gateway is the address of the cable box.
I could be wrong, I just hate not knowing one way or the other. Thanks for the response.
YES I am very hard headed

nycdave
MVM
join:1999-11-16
Melville, NY

1 recommendation

nycdave to elefante72

MVM

to elefante72
It is a /29 with 5 usable IP's.

FiOS static blocks are as follows:

1
5
13
29
61
125

All static customers need to use .1 as their default gateway, with a mask of 255.255.255.0.
buckweet1980
join:2011-12-31
Saint Petersburg, FL

buckweet1980 to NortheastIT

Member

to NortheastIT
said by NortheastIT:

What I find most troubling is no one can explain why.

Can you get the ARP table outputs for these IPs and compare it to the .1 gateway that the others are talking about. My assumption is that there is proxy arp enabled on the gateway which is responding for unused IPs.

houkouonchi
join:2002-07-22
Ontario, CA

houkouonchi to NortheastIT

Member

to NortheastIT
as nycdave mentioned even if you are given a smaller subnet all IPs are to be configured like they are in a /24.
mario44222
join:2003-11-22
Cliffside Park, NJ

mario44222 to NortheastIT

Member

to NortheastIT
On the sonicwall, you could dedicated another interface like X3, X4, etc, put that in transparent mode and assign that interface the range (or it can be really just 1 of the static IPs), so therefore the X0 can be on its own static and the other interface is acting as the transparent where your 2nd router is.

Or another way to go about it is put a 5 port switch in front of the sonicwall so it would connect to the ONT directly and split the statics off that way.