dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
529
TheHox
join:2012-05-31

1 recommendation

TheHox

Member

Handing out static public IP's to biz customers only?

So my little WISP is slowly growing, and for now I have a /27 until I get my stuff from ARIN. I've always just run NAT since I was just starting out, but now I do have a few businesses and some home users that want their own static/public IP.

I am not sure which way to go about this. Majority of my network is routed, I do have a few small towers on the edge just running a switch that I have not VLANd anything yet. The goal was to either vlan them back to the next upstream router, or put a router there.

I've seen others doing this via VLANs, some via PPPoE, some routing.. I run UBNT radios and Mikrotik routers, and to be honest, I have no clue how to NAT everyone besides the few that want a static public.

Could anyone point me in the right direction? Or have any pointers on which method would work better? Thank you
SBBVince
Premium Member
join:2009-07-22
Simpsonville, KY

1 recommendation

SBBVince

Premium Member

IMO: Radius and PPPoE.

If your network is routed, I think it might be easier to set up Radius and use PPPoE. That is how I would do it. That is how we expanded our public IP allotments for business customers and gamers that would benefit from a public IP address on their router.

Rhaas
Premium Member
join:2005-12-19
Bernie, MO

1 recommendation

Rhaas

Premium Member

I do a mixture of pppoe and static assignments. It depends on the end customer -
a SOHO or someone just needing a static IP to watch cameras etc - they are static pppoe assignments.
A larger business/school needing a /29 or more then I static route it over a /30 or assign the allocation to a vlan facing the customer.
TheHox
join:2012-05-31

TheHox

Member

Is there any good write ups for setting up PPPoE on a mikrotik network? I thought I saw something like that back in the day but I don't have it saved anywhere. I not only needed advice on which method to use, I also need help setting that up as at the moment I am stuck with my NAT.
SBBVince
Premium Member
join:2009-07-22
Simpsonville, KY

1 recommendation

SBBVince to TheHox

Premium Member

to TheHox
Typically if a business customer needs a range, we set it up on a MT router. We don't do much with schools, and most business installs whether commercial or SOHO allow us to install a MT, even if it is being used as a pass through device.

If a company needs a /29 or /30 we route it directly to them. Gamers and SOHO customers usually just get a PPPoE account because I have use two different IP addresses on the MT with relative ease. One we use to manage and one for internet traffic. It makes troubleshooting issues much easier for our in house support techs.
LittleBill
join:2013-05-24

1 recommendation

LittleBill to TheHox

Member

to TheHox
said by TheHox:

Is there any good write ups for setting up PPPoE on a mikrotik network? I thought I saw something like that back in the day but I don't have it saved anywhere. I not only needed advice on which method to use, I also need help setting that up as at the moment I am stuck with my NAT.

i think your at the point where you need to setup a lab

Inssomniak
The Glitch
Premium Member
join:2005-04-06
Cayuga, ON

Inssomniak to TheHox

Premium Member

to TheHox
If you network is mikrotik: I use a radius attribute to send a Framed-Route attribute to mikrotik and it inserts the route for a subnet to the pppoe IP address. Then they can do what they want with it.. Other times its just a static PPPoE IP, other times I will let the customer do the pppoe on their own router.
wirelessdog
join:2008-07-15
Queen Anne, MD

wirelessdog to TheHox

Member

to TheHox
For immediate purposes just do a static 1:1 NAT and be done.
bburley
join:2010-04-30
Cold Lake, AB

bburley to TheHox

Member

to TheHox
In "ip firewall nat" insert a srcnat and dstnat rule for each public IP that is assigned to an internal static IP _BEFORE_ your masquerade rule. Since the rules are executed in order, the 1:1 nat rules will not allow the assigned IP's to ever reach the masquerade rule.