Menu
What's new
By:
Filters Better Search

Best way to configure 2 public IPs on ERLite-3?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

A

aznphatb0i

Occasional Visitor
Hello!

I currently have an ERLite-3 with CogentCo internet and a single static public IP.

I want to use 2 public IP addresses, and have one assigned to each LAN port on the ERLite-3.

Is this possible and what is the easiest / best way to go about this? Are there any negatives to this configuration?

Thanks in advance for your sage advice!
 
What do you mean by "I want to use 2 public IP addresses"?
Did you get these addresses from Cogent already?
Are you renting those additional addresses in a /29 or lower block?
Is Cogent handing you out a /29 or lower or are they handing off a /30,/31 and expecting you to route the additional blocks?
Do you want to NAT them?
Do you want to hand them off directly?

As an aside, it would be best to ask the question in the Ubiquiti forums as well.
https://community.ubnt.com/t5/EdgeRouter/bd-p/EdgeMAX
 
This was the information that was provided by my ISP:

"Your request for IP information for your account is provided below.
Along with your .XX2 you currently also have .XX3 through .XX6 to use

The below is for order id - X-XXXXXXXXX

Address: XX.XX.XXX.XX1
Netmask: 255.255.255.248= 29
Network: XX.XX.XXX.XX0/29
Broadcast: XX.XX.XXX.XX7
HostMin: XX.XX.XXX.XX1<<<<<<<<<< Cogent Uses this Address as your Gateway
HostMax: XX.XX.XXX.XX6
Hosts/Net: 6"​

The ERLite-3 has two LAN ports. My goal is to have each LAN port be an isolated network with a different public facing IP address.
 
If your ISP provisions two IPv4 over the same physical link, use two physical RJ45 ports for each IP is a waste of resource.

That's what happened to me recently. And I figure there is a feature in Edgemax known as "pseudo-ethernet" that did exactly what I have imagined.

Two IP addresses over the same physical interface. Can do both DHCP or static address assignment. Very nice. Search Ubiquiti forums for details.

I feel a bit guilty of getting a second public IPv4 for a home network. No huge benefit but fun to experiment with limited usage scenarios.
 
kvic said:
If your ISP provisions two IPv4 over the same physical link, use two physical RJ45 ports for each IP is a waste of resource.

That's what happened to me recently. And I figure there is a feature in Edgemax known as "pseudo-ethernet" that did exactly what I have imagined.

Two IP addresses over the same physical interface. Can do both DHCP or static address assignment. Very nice. Search Ubiquiti forums for details.

I feel a bit guilty of getting a second public IPv4 for a home network. No huge benefit but fun to experiment with limited usage scenarios.
Click to expand...
That's not what the OP is trying to achieve.
They need to create a source NAT rule.

Eg. Eth0 WAN
Assign ip 1.1.1.2/29
Assign ip 1.1.1.3/29

Eth1 LAN A
Assign ip 192.168.2.1/24
Eth2 LAN B
Assign ip 192.168.3.1/24

Create a rule following this guide
https://help.ubnt.com/hc/en-us/articles/115009504308-EdgeRouter-Routing-How-to-Distribute-Public-IPs
Replace the file server with your subnets

Edit:
There are some great reasons why you want to split traffic between two public IPs with each assigned a subnets. One is for guests to not get you primary IP banned. Overlapping dnat ports from forwarding and keeping the external IP in line. Scalping tickets to a concert . . .
 
Last edited:
Cloud200 said:
That's not what the OP is trying to achieve.
They need to create a source NAT rule.
Click to expand...

My previous response describes one possible implementation under the hood in case (1) of the doc that you linked. Particularly useful if you have to get two IP addresses from ISP through DHCP.
 
kvic said:
I feel a bit guilty of getting a second public IPv4 for a home network. No huge benefit but fun to experiment with limited usage scenarios.
Click to expand...

CoxHSI still hands out /30's - so one can use both addresses if one wants to - as mentioned above, can either bind both IP's to a single MAC addr, or drop in a switch, and have two completely separate LAN's - @Cloud200 approach is the right approach, IMHO...

OT - I think CoxHSI does this on purpose - legacy of the pre-router days when most folks would directly hook up more than one computer to the Cable Modem.

As an example - using a documentation IP addr/mask for demonstration purposes...

Code: 
ipcalc 192.0.2.80/30
Address:   192.0.2.80           11000000.00000000.00000010.010100 00
Netmask:   255.255.255.252 = 30 11111111.11111111.11111111.111111 00
Wildcard:  0.0.0.3              00000000.00000000.00000000.000000 11
=>
Network:   192.0.2.80/30        11000000.00000000.00000010.010100 00
HostMin:   192.0.2.81           11000000.00000000.00000010.010100 01
HostMax:   192.0.2.82           11000000.00000000.00000010.010100 10
Broadcast: 192.0.2.83           11000000.00000000.00000010.010100 11
Hosts/Net: 2                     Class C
 
sfx2000 said:
CoxHSI still hands out /30's - so one can use both addresses if one wants to - as mentioned above, can either bind both IP's to a single MAC addr, or drop in a switch, and have two completely separate LAN's - @Cloud200 approach is the right approach, IMHO...
Click to expand...

Nor I find anything incorrect in my first response..

While on server side, ISP can change to hand out more than one IPv4 per MAC, you still need two "interfaces" to bind the IPv4 addresses on client side. That was my point.
 
kvic said:
While on server side, ISP can change to hand out more than one IPv4 per MAC, you still need two "interfaces" to bind the IPv4 addresses on client side. That was my point.
Click to expand...

Yep, agreed - keep in mind that in linux, it's trivial to create virtual interfaces and bind them all to the same MAC addr...

In fact, the cloud architectures generally rely on that one...
 
sfx2000 said:
Yep, agreed - keep in mind that in linux, it's trivial to create virtual interfaces and bind them all to the same MAC addr...
Click to expand...

Yes, I've been doing that for a long time. I believe I unleash this little trick to ASUS folks here in some posts, and also through the recommended setup of pixelserv-tls.

I believe most ISP requires a different MAC for a 2nd IP. Interface alias won't work there. Hence, again my original point..

Perhaps I've been not answering the OP as I didn't read the whole thread except a few words from the first post.
 
You must log in or register to reply here.

Similar threads

M
ZenWiFi XT9 - 2 guest mesh networks w/ assigns IPs - Possible?
Replies
5
Views
953
glens
G
C
Using 2 routers (no bridge), DDNS configuration not working
Replies
3
Views
485
ddaenen1
ddaenen1
E
DHCP questions & help
Replies
10
Views
570
JGrana
JGrana
V
AX86u Heavy LAN traffic and needs to hookup to changing LAN addresses.
Replies
0
Views
244
VideoE
V
R
Asus routers giving out public (WAN-side) IP addresses
2
Replies
20
Views
2K
RadicalDad
R
Similar threads
Thread starter Title Forum Replies Date
T Opinions on best use of 2.5gb port Routers 3
J Best combination question Routers 7
A Trying to plan best use of router & switches on home network Routers 10
X Best router for firewal software? Routers 1
ArashT Port forward to public ip Routers 17

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 971 (members: 27, guests: 944)
Top