Home / server / Questions / 528358
Accepted
DiverseAndRemote.com
Asked: 2013-08-03 12:38:58 +0800 CST

how to configure two ip blocks for use on a network

  • 772

My ISP has given me a /30 and a /27 ip block I can use. for the sake of not giving out my ips I'll use 192.168.1.192/30 and 192.169.1.224/27. I'm not using a router in my setup, I only have a switch. Right now I do not have the possibility to use a hardware router so please dont hassle me about that.

So here is what I have:

  • On a debian server I have it set to 192.168.1.194, subnet: 255.255.255.252, gateway: 192.168.1.193, DNS 8.8.8.8
  • On a centos server i have 192.169.1.226, subnet 255.255.255.224, gateway 192.168.1.194
  • On my windows 7 laptop i have 192.169.1.227, subnet 255.255.255.224, gateway 192.168.1.194

I can access the internet from the first debian server however I cant access anything on any of the other machines.

I've tried setting the gateways on the centos & windows machines to either 192.168.1.194 and 192.168.1.193 but that doesn't fix the problem. Is there something obvious I'm missing with this config?

My guess is that I need to configure the debian server as a router since it has the main ip address but how do I do that? Ive already enabled ipv4 forwardign on the debian server.

Also note that the ISP uplink is a GigE fiber connection and none of my servers has a fiber nic to connect to.

networking

3 Answers

  1. Do either of your linux boxes have two nics?

    You can use them as a hardware router quite easily.

    You'll want to enable ipv4 forwarding.

    Even if they don't currently have a second NIC, adding one is pretty trivial and cheap. Beyond that, you are going to have a mess on your hands.

    • 1

  2. The /30 can have 1 host plus a gateway. The other can support up to 29 hosts plus your gateway. If your provider only gave you one gateway address they most likely expect you to use a host in the /30 block as the router for the other block.

    These are 2 separate network blocks. Hosts in the larger block have no way to talk to the gateway address in the smaller block without some sort of a router. If your debian host has an additional interface you could use it as a router but there be aware that done improperly you could open your hosts to malicious activity.

    At minimum you will need to:

    1. Setup an additional address in the larger network on the debian host. This can be a separate NIC or a subinterface.
    2. Turn on ipv4.forwarding
    3. Configure iptables to allow the traffic to pass through the debian host.
    4. Use the address from the first step as the gateway for the remaining hosts.
    • 1
  3. Best Answer

    I'd do something like that. Server 1 needs iptables configuration for security, and also NAT. As said by others, ipv4.forwarding must be enabled.

    Network Topology

    EDIT: As Frederik Nielsen commented, you don't need any NAT if every device of your network has its own public IP address.

    • 1