1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Networking Question

Discussion in 'Networking' started by dpierce91, Oct 31, 2017.

Thread Status:
Not open for further replies.
Advertisement
  1. dpierce91

    dpierce91 Thread Starter

    Joined:
    Oct 31, 2017
    Messages:
    5
    I have a Tower that i am converting to a Dedicated server using OpenVZ Virtualization for Virtual Private Servers i got the Virtualization part figured out i can create and log into the VPS using the IP Address from the Router but that is a DHCP ip so i ordered 3 Static IP's from my ISP and they Require that they are MAC Bound to a specific device and i want to use all 3 Static IPS on the Desktop or Dedicated server that i am setting up not what i would need to do as far as that Purchase a Smart Network Switch to bind them too i use CentOS 6.9 (Final) as the operating system on the Desktop so if i bout a switch and bound all 3 ips to that switch would i just add them to the IP Configuration like i normally would and the create a Bridge from the Static IP to the Virtual Machine through the ifcfg configuration. i am new to setting something like this up i am verse in linux but i am just trying to start up a small business to earn some money on the side and if it grows that is great too i just don't know how to utilize the 3 static ips i ordered.
     
  2. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    5,956
    A switch won't work for what your ISP is requiring. The way I would do this is to get a firewall which supports one to one static NAT rules. What you would be doing is one of the IPs would be the actual IP for the firewall's physical interface. The other two would be defined via static NAT rules.

    For example:

    1.1.1.10 is assigned to the firewall interface
    1.1.1.11 is defined in a static NAT rule
    1.1.1.12 is defined in a static NAT rule

    The static NATs would be:

    1.1.1.10 -> 192.168.1.10
    1.1.1.11 -> 192.168.1.11
    1.1.1.12 -> 192.168.1.12

    The 192 addresses would be statically assigned to the VMs. You don't want to have the VMs operate under DHCP. I've done this at one of my previous jobs using a Cisco PIX 515E. And I think I did this on a SonicWall before. Most business grade firewalls will support what I've outlined above. Also, if you go down this path, you'll also need to set access rules to allow the traffic through the firewall portion of the firewall to the VMs.
     
  3. dpierce91

    dpierce91 Thread Starter

    Joined:
    Oct 31, 2017
    Messages:
    5
    But would the 192.168.1.10 be the public ip for the VPS i need the VPS to be able to be accessible to the public like say if someone wanted to build a website on the VPS then the public could access that website through the static ip that is assigned to that VPS I am using OpenVZ for the Virtualization and HyperVM to manage it via the Web so when i create a VPS i can assign it ip's from a pool that i can create through HyperVM since i don't have enough ip's to really set up a pool i will assign the addresses manually so how would i accomplish that is that within the scope of the sonic wall functions?
     
  4. dpierce91

    dpierce91 Thread Starter

    Joined:
    Oct 31, 2017
    Messages:
    5
    I need to do it cheap but i don't want to do it so cheap that there is a security issue either but i don't have hundreds of dollars to throw into it i am starting small and working my way up.
     
  5. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    5,956
    That's what my example does. I used the 1.1.1.x public IPs as an example. All the servers will be presented to the Internet with the 1.1.1.x addresses.

    Well, you can do this possibly with just connecting the server to a switch. But you will have to determine what the virtual MAC addresses of each of the VMs are. You have to statically assign the public IPs you've been given to the VMs. I don't know how OpenVZ works. I've only used VMware extensively. If you do it this way, you have to see if OpenVZ allows separate physical management port so you can have this accessible only from your internal network for adminstration. If administration is only available via the production side port which the VMs communicate in and out of, then, this option is not viable. Finally, doing it this way will expose the VMs fully to the Internet which is a huge security risk.
     
  6. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1198748

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice