newbie to home network dhcp worries

[Moon]

Well thanks guy's! oddly enough as i described in the original post every
time i ask this question i get different opinions! Actually i have learned
alot from this conversation, at the moment i have nat and dhcp enabled on
both and its working, the 3 pc's get different address's depending upon
which is booted first from the router. I think as the modem is going to the
wan in on the router that it cant really matter that its issuing dhcp as
there is only the one address as there is only one receiving device (i may
put a static IP for this route).
I'm in UK and my isp issues a changing address ie every time i connect its
different. I do not run a server or want to host any services (in the future
i may want to set up a vpn to work - but this is months away). The modem
does offer a bridged option, and has a dhcp server and nat system.

 

[Leythos]

That is just silly or a lack of experience as almost
none of the ISP will give you public addresses for
your internal LAN, Roadrunner, SBC, etc., without
you paying extra.

You are a funny sort of critter - every Road Runner cable modem in Ohio
provides a dynamic IP that is also a Public IP, not a natted IP. I know
this is true for at least 9 counties where it's offered and from the
local sales people I work with. We had Adelphia, SBC, ComCast, Verizon,
Covad, etc... service all over the USA, and not one of those issues a
private IP to the customer.

Early, when I had RR residential server I also got a dynamic Public IP
address assigned to the first device connected to the cable modem, and
it was that way for many years. Later, moving to business class, I was
offered a NAT, but only if I wasn't going to manage the Public IP's I
asked for - I have a number of Public IP's and don't do NAT at the
router, I do that inside the firewall appliance (a WatchGuard Firebox
unit).

Even then you are likely better off using a NAT
which provides services on all supplied IPs
(usually 5, 13, etc) and then does address mapping
(not just port mapping) if you wish to expose
particular internal machines.

Better off has nothing to do with it working or not working. I agree,
NAT should be the default for ALL residential service, but, sadly, it's
mostly Public IP's in the USA.

No matter -- he did NOT have this situation and you
didn't tell him to ask for that -- and you don't know
that HIS ISP supports it.

He's clearly stated that he could have NAT or Public at the modem and
you keep ignoring that he was doing double NAT devices and double DHCP
devices and that it worked before he posted - and works now.

And again, if you move the EXTERNAL-INTERNAL
boundary further into the LAN you just confirm the
design I offered you.

And I said it would work, but you said that NAT at both devices would
not work, which is proven false by myself and the OP's own posts.

You made technical mistakes and won't accept the
obvous corrections with grace, which is no longer
interesting to me.

Turn that around and admit that double NAT works and you've got the root
of your inability to understand. I didn't make any mistakes in the
design, redesign, or the ability to run NAT/DHCP on both devices and
have it still function - hell, the OP had it working that way before he
posted - he just wanted to know if it was acceptable or not.

 

[Herb Martin]

Well thanks guy's! oddly enough as i described in the original post every
time i ask this question i get different opinions!

That is mostly for two reasons, the question was
slightly off-target to the real issues and those
who answered you were mostly ansering either
incompletely or incorrectly.

They weren't giving you the full REASONS for
their simple answers so that you would UNDERSTAND
it.

Actually i have learned
alot from this conversation, at the moment i have nat and dhcp enabled on
both and its working, the 3 pc's get different address's depending upon
which is booted first from the router.

What is the DHCP on the modem accomplishing?

I think as the modem is going to the
wan in on the router that it cant really matter that its issuing dhcp as
there is only the one address as there is only one receiving device (i may
put a static IP for this route).

Does it currently route from the inner network
to the Internet (and back)?

I'm in UK and my isp issues a changing address ie every time i connect its
different.

Perfectly normal.

I do not run a server or want to host any services (in the future
i may want to set up a vpn to work - but this is months away).

You can stabilize the NAME Resolution of the changing IP
by arranging an account with one of the Internet Dynamic
DNS services.

They will give you a name (for your changing IP) like:

yourServer.dyndns.net

You will run a (small) app on your server (many modern
DSL /CABLE router/modems will now do this too) to
register the address (with a password) for that name.

Then in your REAL DNS zone (best left at your registrar)
you add a CNAME entry to map RealServer.yourDomain.com
(e.g., www.yourDomain.com) to yourServer.dyndns.net

The modem
does offer a bridged option, and has a dhcp server and nat system.

You don't have to use the bridge option, but if
you find that it servers (YOU) no useful purpose
then you can do that to effectively (almost) remove
it from the equation (I do that mostly but it is not
the only choice.)

 

[Leythos]

What is the DHCP on the modem accomplishing?

The same thing DHCP is suppose to accomplish - providing an IP to the
Linksys Router with the information necessary to reach the ADSL modem
and DNS information.

Does it currently route from the inner network
to the Internet (and back)?

If the OP can get out, which he's already stated it does, then it can
form outbound connections that (following NAT rules) allows the return
path to the requesting device inside the router network. If you meant,
does the modem/router combination, in the NAT configuration, provide a
dedicated path inbound to the router lan for public access of resources
in the router lan, then no it won't, but neither would any other config
without port forwarding (which is something that was not discussed).

 

[Herb Martin]

The same thing DHCP is suppose to accomplish - providing an IP to the
Linksys Router with the information necessary to reach the ADSL modem
and DNS information.

Ok, that is not practical -- if the Linksys router
is receiving a dynamic address the Modem will
NOT be able to route back to the interior network
unless you ALSO run a Dynamic Routing protocol
(probably RIP) on both devices.

While this is possible with SOME of these routers
(not all), it is unnecessary if you merely give the
Linksys a static address, and give the Modem a
manual ROUTE.

As I have told you all along, the DHCP on the Modem
is "ok" but it isn't really helping you.

This is part of the reason you have seemed to receive
so many "answers" most of them were partial answers.

 

[Leythos]

Ok, that is not practical -- if the Linksys router
is receiving a dynamic address the Modem will
NOT be able to route back to the interior network
unless you ALSO run a Dynamic Routing protocol
(probably RIP) on both devices.

And this is the entire point of the discussion with YOU - it's already
working, works fine in most of the home/residential devices, and has
already been proven to work at least 8 layers deep in our offices.

While it's not the method to use if you want inbound from the net, it
does allow bidirectional outbound conversations without any problems.

While this is possible with SOME of these routers
(not all), it is unnecessary if you merely give the
Linksys a static address, and give the Modem a
manual ROUTE.

Leaving everything in Dynamic on the WAN and LAN, it will work with
Netgear, Linksys, D-Link, and others. It will also work with many
firewalls, where they get a WAN IP dynamically from the ISP's router and
then the user has one or more additional Linksys routers setup with a
DHCP enabled WAN port (on the LAN side of the firewall which is
servicing DHCP) and then the linksys providing DHCP to it's LAN side to
workstations or nodes. It's simple, it's a normal use of DHCP, it
follows the standards for how devices use DHCP, and it's already proven
to work.

The fact that it's not easy to route inbound unsolicited traffic means
nothing, that was never a part of this discussion or the OP's question.

The fact that router addresses COULD change does not impact then network
or the users, at least as long as all the units properly connect via
DHCP to each other.

Sure, it would be better if the Linksys router was using a fixed WAN
address on the modems LAN, but as long as the modem knows where the
Linksys router is (via it's DHCP assignment), it's not going to have any
trouble routing traffic from the Linksys LAN to the Modem to the
internet and back (as long as it started on the Linksys LAN).

As I have told you all along, the DHCP on the Modem
is "ok" but it isn't really helping you.

And no one is disagreeing with you, in fact I have already agreed with
it and suggested that it would be easier to manage inbound traffic if
the Linksys was using a fixed IP on the WAN - and that both need to be
in different subnets (Modem LAN 192.168.1.0/24 and Linksys LAN
192.168.2.0/24).

Why don't you try it yourself so that you can see that it works, works
well, and not just guess that it's not going to work well. Even between
lease renewals it works fine. I've got this setup running at several
sororities - PUBLIC IP to ROUTER doing DHCP to (WAN=DHCP) ROUTER
(LAN=DHCP)doing DHCP to the houses computers. Between the inner and
outer routers is a server with a fixed IP that monitors the traffic
outbound and does smtp forwarding for the internal users. None of them
have a problem.

 

[Ryan Hanisco]

I'm gonna regret saying anything... but...

Just because it works doesn't make it the best solution. Of course, there
is a point where this becomes moot here too... He'll never care if it
scales, has double NAT issues or would prevent tunneling.

--
Ryan Hanisco
MCSE, MCDBA
Flagship Integration Services

 

[Leythos]

I'm gonna regret saying anything... but...

Just because it works doesn't make it the best solution. Of course, there
is a point where this becomes moot here too... He'll never care if it
scales, has double NAT issues or would prevent tunneling.

Exactly, and that was no the what he asked about - he wanted to know if
it was good or not - and good only depends on what he was using the
network for. Since he's not running any servers inside it doesn't really
make ANY difference to his internal users (as he pointed out).

Thanks