Multiple Static IP's with BT business bb

Associate
Joined
31 May 2007
Posts
1,086
Hi Guys,

New to this forum so Hi!

Today I requested a block of 5 IP's from BT and I am having some trouble using them, this could come across as noobish so please take it easy on me if I am doing something blatently wrong.

Now I was told by the person on the phone that I just had to reboot my router (Belkin 7633 at the time) and that it would automatically pick up the new IP details and voila, there I am.

This did not happen.

Calling BT back didn't get me anywhere, the girl on the phone didn't have a clue and was just putting me on hold all the time.

I couldn't get the Belkin to work with a static IP so I have gone back to the awful BT Business Hub. Now after following the instructions on their website I have managed to get this sort of working. I will try and explain below:

Internet//// ----(81.148.xx.xx) BT Hub ---- Local Network (left on private ips)
............................................|
............................................|------Debian Server on public ip 217.40.xx

What confuses me is that the BT Hub appears to have one of the static IPs assigned to it aswell as the 81.148 address, forgive me for being stupid but I was under the impression I would just set the router as the first static IP in the range and use the rest for whatever I needed.

The Deb server does indeed appear to be fully accessible to the internet but running simple commands on it like ping and whois queries doesn't get me anywhere, and google suggests this could be a routing issue because my router doesn't know where to send the reply packets.

Could someone with some knowledge please shed some light on this situation, has anyone had any experience setting up multiple (or a single) static IPs with BT business broadband?

Is it even possible to use the Belkin router as I despise the BT one?

I can see this turning into a long post as I have so many questions to ask so I will stop here for now, any help would be GREATLY appreciated.

Thanks in advance.
 
Associate
Joined
13 Nov 2005
Posts
694
Location
Havant
Oh dear bt business, I had the misfortune of using them a good few years back & left when they were unable to fix an ip fragmentation problem that developed overnight. I would seriously recommend moving... anyway..
They did things in a funny way I seem to remember, so the routers external ip was dynamically allocated & you set the routers internal ip to the 1st one in the range they have given you.
I have only ever used cisco gear whilst I was with them so i guess you would have to turn natting off on the belkin rouer.
Run a tracert from the linux box to see where it is falling over.
Looking at your diagram can either of the devices you have do a proper dmz to seperate from the lan?
 
Soldato
Joined
14 Oct 2003
Posts
7,831
Surely they issue you a block of IPs? Issue the first usable IP with subnet mask and gateway to the router and then use another IP from the block to the required machine. Wouldn't it be more secure to use PAT so at least the PC is protected by a Firewall?
 
Associate
Joined
4 Sep 2006
Posts
308
Location
Bristol
HI
What normally happens when BT issues you an IP block is you should be told your IP Range, Gateway address and Submask (255.255.255.248 - is normal for 5 addresses)

You will then need to set your Router up using those details - for example:
G/W Address from BT is used as your routers FIXED IP
Submask - 255.255.255.248
Some routers as cleaver enough to workout the IP Range from using the G/W address and submask.

Then assign your client machines with one of the IP's from your allocated range

Rob
 
Associate
OP
Joined
31 May 2007
Posts
1,086
They did things in a funny way I seem to remember, so the routers external ip was dynamically allocated & you set the routers internal ip to the 1st one in the range they have given you.

Thats right, although the business hub has the natted internal range and a separate range for the IPs that have been allocated...

Looking at your diagram can either of the devices you have do a proper dmz to seperate from the lan?

To be honest I don't know, I just want eth1 on the debian server to have a public ip and eth0 an internal one, I'm not too clued up on setting this kind of thing up at the moment which is one of the reasons I am trying to do it.

Surely they issue you a block of IPs? Issue the first usable IP with subnet mask and gateway to the router and then use another IP from the block to the required machine. Wouldn't it be more secure to use PAT so at least the PC is protected by a Firewall?

As m_cozzy said above the router continues to pick up a dynamic IP from BT, after looking around this is the norm it would seem, although I don't see why.

HI
What normally happens when BT issues you an IP block is you should be told your IP Range, Gateway address and Submask (255.255.255.248 - is normal for 5 addresses)

You will then need to set your Router up using those details - for example:
G/W Address from BT is used as your routers FIXED IP
Submask - 255.255.255.248
Some routers as cleaver enough to workout the IP Range from using the G/W address and submask.

Then assign your client machines with one of the IP's from your allocated range

Rob

Thanks Rob, this is what I originally intended to do, but I can't set my routers WAN IP statically as mentioned above.

The printout from BT has the IP range and Subnet Mask, it also has a Router Port IP which is 217.40. something . something but not within the subnet of my IP's. Any idea what this is for?


The connection does actually work at the moment with the BT Hub, the main reason I am posting is because I don't fully understand how!

Again all help is much appreciated.

Thanks
 
Associate
Joined
17 May 2004
Posts
1,585
This is the standard way that BT Multiple Static IP works, which is also the way that my Zen connection works.

You are allocated a block of 8 Publlic IP addresses. for arguments sake 1.1.1.0/29 giving your

1.1.1.0 as the network
1.1.1.1 available
1.1.1.2 available
1.1.1.3 available
1.1.1.4 available
1.1.1.5 available
1.1.1.6 as the routers Ethernet address
1.1.1.7 as the Broadcast

You do not know or care what the ADSL side of the router is. NAT is turned OFF on the Router so the Public IP on your ethernet is what goes out to the Internet. Your ADSL Router then connects as normal and is allocated an IP to the WAN by BT.

You give the Debian Server an address of

1.1.1.5/29 and set the DNS Server as 1.1.1.6 and DG of 1.1.1.6

You then set the DNS for your public domain so that debianserver.yourdomain.co.uk points to 1.1.1.5.

Hope this explains how it should work. This is certainly how it has worked at 40-50 sites for me.

As has been pointed out this means that there is no firewall between the Debian Server and the Internet and you should get a firewall solution. I used to put in a firewall as 1.1.1.5 and then use that to NAT to my servers in the DMZ off my firewall. ie NAT 1.1.1.5 to 192.168.1.5 on the DMZ, 1.1.1.4 to 192.168.1.4 on the DMZ. I would use 1.1.1.1 as the WAN side of the Firewall and then Hide NAT outbound traffic from the Internal Network behind this address.

If all you have is one Server then probably better to use 1 static IP and PAT on the ADSL box to redirect the services to the Server on the private IP behind the ADSL box.

The Static IP is therefore on the WAN side of the ADSL Router and uses NAT/PAT to protect the server.
 
Associate
OP
Joined
31 May 2007
Posts
1,086
Thats a great post, thanks for the help.

So if I change it to just a single static IP, will this be assigned to my router rather than how things are at the moment? This is what I originally wanted...

Thanks
 
Associate
Joined
4 Sep 2006
Posts
308
Location
Bristol
Illusion

I take it your wanting to run a webserver of some sort? If all you want is 1 static IP, Would it not be easier and cheaper to set up a Dyndns account to handle the redirect of your dynamic IP address?

Just a thought!
Rob
 
Associate
Joined
4 Sep 2006
Posts
308
Location
Bristol
If you have access to the DNS settings for your domain, you could set a CNAME record to point back to your DYNDNS URL - thus anyone who enters www.YOURDOMAIN.COM would be pointed in the direction of your DYNDNS URL and then onto your server....

Just an idea!
Rob
 
Associate
Joined
13 Nov 2005
Posts
694
Location
Havant
Thats a great post, thanks for the help.

So if I change it to just a single static IP, will this be assigned to my router rather than how things are at the moment? This is what I originally wanted...

Thanks

It sounds like you just need 1 static ip. Then you can port forward this onto your lan.
Alternatively as mentioned absolutely ignore whatever appears on the adsl interface(wan) & set the routers lan ip to the public address they have given you. Ideally though you would then need another router to seperate the lan off on a private range, unless the routers you have a seperate dmz interface (doubt it)

EDIT Reading again the linux box i guess is seperating your lan from the internet as you mention eth0 & eth1, so i assume this is also the firewalling/natting lan traffic. An iptables firewall will be fine for home use. Having said that I run a cisco 837 & asa5505 on my /29 from zen.
 
Last edited:
Associate
Joined
17 May 2004
Posts
1,585
Thats a great post, thanks for the help.

So if I change it to just a single static IP, will this be assigned to my router rather than how things are at the moment? This is what I originally wanted...

Thanks

Yes, if you have a single Static IP that would be assigned to your WAN interface when your ADSL router connects up. You then use NAT/PAT to direct services to the Linux box.
 
Back
Top Bottom