Visit Our UNIX and Linux User Community


Server setup for multiple IP routing?


 
Thread Tools Search this Thread
Special Forums IP Networking Server setup for multiple IP routing?
# 1  
Old 02-29-2016
Server setup for multiple IP routing?

Hey there,

I am a network administrator of a student dorm. Me and my team (we do this in our spare time) have the task to upgrade and rebuild our dorm intern network. But unfortunately we don't have that much experience with server setup and ip-routing and stuff. So here is the topic I want to ask you about:

Currently our users can connect one device, which is addressed with a static ip-address (so we have quite few external ip addresses). Our boss wants us, to set up a few access points, so that the users can use wifi, provided by us. So far, so good. But we don't have as many ip addresses as we would need to cover at least 2 devices per user. So we thought about this and came up with a idea, to use our server as a router for 400+ ips. So that each student has its own private network with local ip-addresses, routed to one external ip address, special for each user.
So for example it would look like this:
User 1: (192.168.0.100;192.168.0.10)=>153.126.30.101=>Gateway=>Internet
User 2: (192.168.0.101;192.168.0.50)=>153.126.30.102=>Gateway=>Internet
...
User 479: (192.168.0.103;192.168.0.105;192.168.0.161)=>153.126.31.249=>Gateway=>Internet
User 480: (192.168.0.107;192.168.0.150)=>153.126.31.250=>Gateway=>Internet

Is this possible and if yes, do you have some advice what we should have a look into? Or can you even explain, what would be the best way to achieve this?

Best regards,
mrgruen
# 2  
Old 02-29-2016
Not sure I understand. The 192.168.0.0 private network offers 2^16 - 2 individual addresses (cf RFC 1918). Should that not suffice, why don't you use the 10.0.0.0 private network?
# 3  
Old 02-29-2016
Greetings,
You could use 2 private network one being a subnet of the other like that you have WIFI and lan virtualy separated... And use a proxy server for all request to the wild world... That said I agree with RudiC, using a private lan I see not why you should run short of IP ... its just a question of choosing the correct...
# 4  
Old 02-29-2016
Thank you for the quick responses.
Yeah, that's right. We could use private IPs, but because of legally issues every user has to be addressed with a public ip, that only belongs to him. We can't just open a private subnet for all users. So if one of the users does something illegal with his account, he is in charge and not we, part of the ISP. (because the only thing visible to the outside would be the public IP of our Server)
Or is my thinking totally off the track?

Last edited by mrgruen; 02-29-2016 at 11:51 AM..
# 5  
Old 02-29-2016
You are creating one large management nightmare. Just use DHCP and log all request. Then when something goes wrong or you need to know who did what look at the mac address associated to the IP address. Only thing you need to keep track of are MAC addresses. Ensure that only known MAC addresses receive an IP.

Another question is how are you going to ensure that only the user has access to his/her network?
# 6  
Old 02-29-2016
Quote:
Originally Posted by Lazydog
You are creating one large management nightmare.
But would it be possible though?

Quote:
Originally Posted by Lazydog
Then when something goes wrong or you need to know who did what look at the mac address associated to the IP address.
Ok, that sounds good. But there is one thing, I can't stop thinking about. In the past there were one or two request over four years (so, not that often, but it occurs) from the police who asked about the owner of a specific IP-adress to specific time. There was no more information about it (so no clue what event would be, nor the MAC-address of the subject). But with this system of yours we wouldn't be able to answer those requests in a proper way. That's why I thought every user should have an unique identifier, besides the MAC adress.

Quote:
Originally Posted by Lazydog
Ensure that only known MAC addresses receive an IP.
Yeah, we have some knowledge on that part, since our current network is based on MAC/IP-binding Smilie

Quote:
Originally Posted by Lazydog
Another question is how are you going to ensure that only the user has access to his/her network?
Well, I thought we could use something like IEEE802.x/Radius to authentificate the user going over WiFi and when they want to go online via the provided cable connection, then we could route the port of the connected switch to the ip... something like that...

Last edited by mrgruen; 02-29-2016 at 04:04 PM..
# 7  
Old 02-29-2016
I'd be VERY surprised if you could deploy close to 500 public IP addresses for a student dorm.

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX and Linux Applications

Proxy Server and SFTP routing

Hi Friends, I am trying to connect to remote server via proxy server and transfer files from my server . the proxy server is windows. I wanted to know is that is it possible? I am using command to connect is /usr/local/bin/sftp -o "ProxyCommand nc proxyserver.com 8080"(E-Mail... (6 Replies)
Discussion started by: mallayanala
6 Replies

2. Ubuntu

Routing trouble between multiple networks

Hi everyone, Hopefully there is someone here that can help me with the problem I got. At my office I have 1 ubuntu firewall/gateway and several networks. On the firewall/gateway I have three network cards, one for internet, one for network 192.168.100.0 and one for network 172.20.1.0 We... (0 Replies)
Discussion started by: thbor83
0 Replies

3. UNIX for Dummies Questions & Answers

routing multiple IPs

hi guys This is suse 11 sp1 I have a Server that has 4 NICs, I've created 2 bonds bond0(eth0-eth1) - 10.10.10.2 bond1(eth2-eth3) - 10.10.10.3 Each bound goes to a Storage Device which is directly connected so bond0 goes to Storage_Controller_1 and 2 like this Server_bond0 <-------->... (2 Replies)
Discussion started by: karlochacon
2 Replies

4. Linux

GNUGK-How to setup static gateway to gateway routing

Dear Sir I am a newbie in the world of IP telephony. I have been working with Asterisk PBX (SIP) and Cisco Call Manager (MGCP) but now I am learning on how to work GNUGK for H.323 Gatekeeper. I am having a problem, configuring static call routing on GNUGK in the section ... (0 Replies)
Discussion started by: mfondoum
0 Replies

5. IP Networking

MPLS Setup and routing

We have a client that is bringing in a MPLS router into our network. Right now they connect to our site using a tunnel between our two firewalls. I have a policy in place that locks them down to 4 specific servers (the servers have a gateway of 10.199.1.1 w/ a subnet of /24). Keep that in mind.... (2 Replies)
Discussion started by: sdotsen
2 Replies

6. AIX

Routing setup - AIX

Hi All, I know there is a way to do this in routers. The question is whether it is posisble to do this in AIX. For our Web Focus ODBC connection to the Disaster Recovery servers, we want to restrict the access to the ODBC ports so that only the IP address of the Web Focus server can get to... (1 Reply)
Discussion started by: strunz
1 Replies

7. HP-UX

routing issues with multiple NIC cards

I am running HP_UX 11.23 with 4 NIC cards (this is our TSM server) I have 4 subnets we are backing across. trying to keep traffic on their subnets. I only have one route statment should I add more. route add net 123.99.8.0 netmask 255.255.255.0 123.99.8.254 route add net 123.99.67.0 netmask... (2 Replies)
Discussion started by: myork
2 Replies

8. AIX

NIM server setup on etherchannel setup environment

I know that IBM's official stance is that NIM does not work on etherchannel environment, but has anyone able to get around it? I'm working on a p5-590 LPAR system, and the NIM master and clients are all on the same frame. Any help is appreciated. (1 Reply)
Discussion started by: pdtak
1 Replies

9. UNIX for Dummies Questions & Answers

setup a DNS server for my redhat server

Using Redhat Linux Enterprise AS 4 can someone teach me how to setup a dns server for my webserver? i've registered a domainname at mydomain.com but when i type in the domain i register i cannot enter to my webserver. someone told me that it is related with the DNS setting on my server. i've... (2 Replies)
Discussion started by: kaixiang88
2 Replies

10. IP Networking

routing through a proxy server

I'm new to this forum, so please be gentle ! I need to get my IBM RS running AIX4.3 onto the internet to a particular ftp server, through a NT server running proxy services. This NT server is directly connected to our internet router vis a secondary NIC on the NT server. When I add the route... (2 Replies)
Discussion started by: garry
2 Replies

Featured Tech Videos