[ previous ] [ next ] [ threads ]
 
 From:  "Neil A. Hillard" <m0n0 at dana dot org dot uk>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Monowall in the UK with multiple IP's - Which Modem?
 Date:  Wed, 2 Nov 2005 20:08:41 +0000
Hi,

In message <007e01c5dfde$fe8092e0$050a780a@defiant>, Kristian Shaw
<monowall at wealdclose dot co dot uk> writes
>I've got a /30 from Eclipse and that's all you get. Your ADSL modem is
>automatically assigned the first address in the /30.
>
>Some ADSL routers allow you to configure the LAN address to match the
>WAN address, which then leaves you one more usable address for the WAN
>side of your firewall.
That's correct.  I used to have a /30 and the router would be allocated
the first usable address from the range (on Eclipse).

I have my router configured in bridge mode and the LAN & WAN interfaces
have the same address.

I now have a /29 in this configuration.  I've got an Origo ASR-8400
router (now made by Safecom, available from Ebuyer as an SAMR-4114) but
this only wants to work in bridge mode when using PPPoE to the exchange.
My exchange is happy with this and its been working for about 10 months
so far now.  If anyone has one of these routers I knocked up some
instructions on setting them up in bridge mode for a colleague so please
feel free to ask for them.

I have OPT1 bridged to WAN and filtering bridge enabled so I can use
real world IP addresses on OPT1, apply firewall rules and still access
those services from the LAN without having to resort to different DNS
views.  I'm running a SIP server on OPT1 and removing NAT makes things a
whole lot easier.

A half-bridge is where the router acquires the first IP address in the
range and then leases it to the firewall, usually on a very short lease
(the above routers default to a 60 second lease!).  With a half-bridge
you can't use multiple addresses.

Either way, with a /30 you are stuck with only being able to use one of
the addresses.


HTH,


                                Neil.

>----- Original Message ----- From: "David Cook"
><david dot cook at jetpress dot com>
>To: <mono at wiredplace dot com>; <m0n0wall at lists dot m0n0 dot ch>
>Sent: Wednesday, November 02, 2005 4:26 PM
>Subject: RE: [m0n0wall] Monowall in the UK with multiple IP's - Which Modem?
>
>
>Steve,
>
>I've had a look at Eclipse's tech support pages. Looks like you have
>been allocated a /30 block of addresses, 4 in total 2 usable (2 are the
>network and broadcast addresses). This is in addition to a single
>address that is allocated to the ADSL router automatically when it
>connects to the service.
>
>A /30 block is ideal for m0n0wall and a cheap no-frills ADSL-ethernet
>router will do the job as long as Network Address Translation can be
>disabled. NAT will be performed at your m0n0wall.
>
>The two addresses you have are assigned to the Ethernet interface of
>the ADSL router and the WAN interface of m0n0wall. m0n0wall uses the
>address assigned to the Ethernet interface of the ADSL router as its
>default gateway.
>
>The instructions that Eclipse have for configuring a Speedtouch for no-
>NAT should give you a better idea of what I mean, but use
>255.255.255.252 as a subnet mask. The subnet mask of 255.255.255.248
>used in their example is for a /29 address block.
>
>A suitable cheap router is the Conexant chipset based Dynamode R-ADSL-

>WebProductID=96221). We use these all the time together with m0n0wall
>on Soekris hardware. Just disable the routers internal firewall and
>NAT.
>
>Regards
>
>David Cook
>
>> -----Original Message-----
>> From: mono at wiredplace dot com [mailto:mono at wiredplace dot com]
>> Sent: 02 November 2005 13:27
>> To: m0n0wall at lists dot m0n0 dot ch
>> Subject: RE: [m0n0wall] Monowall in the UK with multiple IP's - Which
>> Modem?
>>
>>
>> On Wed, 2 Nov 2005, David Cook wrote:
>>
>> > How are your IPs allocated, do you have a single address allocated to
>> > the router/modem and then an additional block?
>>
>> At the moment i only have 2 sequential ip address, but I have the option
>> of getting more if I fill in a form.
>>
>> > Who is your ISP?
>>
>> Eclipse
>>
>> Cheers
>>
>> Steve
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
>
>JP Computer Services
>JET PRESS Limited
>Nunn Close
>Huthwaite
>Nottinghamshire
>NG17 2HWUK
>
>
>Web:   www.jpcompserv.co.uk
>Tel:   0845 083 3070
>Fax:   0845 083 3071
>
>
>Confidentiality Notice
>This message and its contents are confidential. The contents are solely
>for the attention of the recipient(s) named above and any unauthorised
>disclosure, copying or distribution is forbidden.  If you are not the
>recipient named above, please contact the sender immediately and
>destroy this message.  The views expressed in this message are those of
>the sender and not necessarily those of JP Computer Services.
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch

-- 
Neil A. Hillard                E-Mail:   m0n0 at dana dot org dot uk