Cable Forum - View Single Post

Ian-Highlander · 12-02-2008, 14:44

NTL/Telewest BB static IP's are not true static ones, they are fixed DHCP ones. My understanding of it is that when you pay your Ã‚Â£10, the IP numbers are assigned to your account and the modem is sent a config file that switches off NAT and tells it how many IPs you're allowed to use. The IP's are assigned by directly connecting the device you want the IP number to the internet and it's MAC address is registered in their DHCP tables as being permanently assigned that IP number. That IP is then automatically assigned to that MAC address whenever it's connected to the network (you still have to set the machine to dynamically assigned IP address it will just be given the same one all the time).

It's frankly a really crap way of doing it and causes all sorts of problems if, like me you're running multiple machines as each one needs to be firewalled. Normally, I'd use a single linux box running stateful packet inspection iptables and sit the other boxes behind it, however on the NTL/Telewest system this wont work as the MAC address of the firewall is the only one their system sees and therefore it only assigns the one address and you are left resorting back to NAT with internal IP's.

The support team's only solution to this is to suggest plug the modem into a switch and plug the machines into the switch. They didn't have an answer when I pointed out the obvious "but then they are not protected in any way" fact.

My solution is three seperate firewalls, which is a bit excessive but allows me to use three of the IP's as I actually want to. I have the modem into a switch, three linux firewalls into that same switch, two of them running webservers, then behind each of those I have a windows mail server. The third one has my LAN sitting behind it. Means that currently I only use 3 of my assigned IP addresses but I have future plans for possibly more which will use the others.

By the way, if you pay the Ã‚Â£10 one off fee, make sure you ask for a block of 5 IP numbers if you have use for them otherwise they will only assign you one.

HTH

Ian

Edit:

Screenshot of my config screen below, as you can see, mine is considerably different to yours (no NAT/Firewall/Forwarding etc options) and has the line "Maximum number of CPEs" which is the number of IP's the modem (also an NTL 2050) can use consecutively.

[img]Download Failed (1)[/img]

12-02-2008, 14:44	#16
Ian-Highlander Inactive Join Date: Jun 2003 Location: Stevenage Services: SkyHD TV Homechoice TV & 8Mb Broadband Virgin Media 20Mb/768k NTL/Telewest Business 10Mb/768k Posts: 52	Re: IP address questions NTL/Telewest BB static IP's are not true static ones, they are fixed DHCP ones. My understanding of it is that when you pay your Ã‚Â£10, the IP numbers are assigned to your account and the modem is sent a config file that switches off NAT and tells it how many IPs you're allowed to use. The IP's are assigned by directly connecting the device you want the IP number to the internet and it's MAC address is registered in their DHCP tables as being permanently assigned that IP number. That IP is then automatically assigned to that MAC address whenever it's connected to the network (you still have to set the machine to dynamically assigned IP address it will just be given the same one all the time). It's frankly a really crap way of doing it and causes all sorts of problems if, like me you're running multiple machines as each one needs to be firewalled. Normally, I'd use a single linux box running stateful packet inspection iptables and sit the other boxes behind it, however on the NTL/Telewest system this wont work as the MAC address of the firewall is the only one their system sees and therefore it only assigns the one address and you are left resorting back to NAT with internal IP's. The support team's only solution to this is to suggest plug the modem into a switch and plug the machines into the switch. They didn't have an answer when I pointed out the obvious "but then they are not protected in any way" fact. My solution is three seperate firewalls, which is a bit excessive but allows me to use three of the IP's as I actually want to. I have the modem into a switch, three linux firewalls into that same switch, two of them running webservers, then behind each of those I have a windows mail server. The third one has my LAN sitting behind it. Means that currently I only use 3 of my assigned IP addresses but I have future plans for possibly more which will use the others. By the way, if you pay the Ã‚Â£10 one off fee, make sure you ask for a block of 5 IP numbers if you have use for them otherwise they will only assign you one. HTH Ian Edit: Screenshot of my config screen below, as you can see, mine is considerably different to yours (no NAT/Firewall/Forwarding etc options) and has the line "Maximum number of CPEs" which is the number of IP's the modem (also an NTL 2050) can use consecutively. [img]Download Failed (1)[/img]