01-09-2008 01:53 AM - edited 03-05-2019 08:21 PM
Hi
I've got a router that linked to our ISP. What I'd like to do is migrate from our single router to a dual router setup. Between the routers I'd like to run HSRP. However I've got a slight problem, the ip addressing between the ISP and our site is:
ip address 212.x.x.2 255.255.255.252
This only give four ip address, one which the ISP is using that other is on my end. Given that limit how can I configure ip addressing on the interface while having my ip 212.x.x.2 as a floating ip in hsrp?
Is it possible to use private ip's on the interface i.e 192.168.40.x on each of my routers and configure the floating ip as 212.x.x.2?
Thanks in advance
Dan
01-09-2008 02:02 AM
Hi,
1st of all, my question is: how are you connected to the Internet? Leased line using serial interface on the router? If you're going to get a 2nd router, how is the internet connection going to be implemented? If it's going to be connected to one router then you don't need to add another router. Or are you going for a 2nd Internet connction?
01-09-2008 05:50 AM
Hi
Thanks for the reply. Currently its an ethernet connection presented as with an RJ-45 connection.
What I'm planning on doing is plugging in the ISP connection into a switch and then have these two routers plugged into the same vlan as the ISP link. I'll then have HSRP running so that if one router fails the other can just take over. But since I don't have free IP's on the link, I'm going to need to know whether I can use private IP's on the interface while having the external IP 212.x.x.2 as the floating IP. Hope this answers your question.
Thanks
Dan
01-09-2008 06:12 AM
Hi,
Yes it's much clearer now. Keep in mind that although you're implementing a two router scenario for higher availability, the design isn't that strong since you have the switch as a single point of failure. The correct thing to do for such cases is to apply two redundant Internet connections. Anyway back to your question:
Honestly, I never tried that before and I'm not sure if using private IPs for the physical interfaces and a real IP for the virtual router is going to work. I think it's worth to give it a try.
Anyhow, there are two other possible solution that I would go for:
1- Convert to private IP addressing which is the safest solution. The issue here is that your ISP needs to make some changes from their side too, and I know this is kind of headache.
2- Why don't you simply change the subnet mask on your outside interface to 255.255.255.248. This will give you extra IP addresses without disrubting connectivity to and from your ISP. But be careful that this solution will make communication through your router to any hosts using these IP addresses not possible. But anyway it's kind of workaround.
Hope this helps.
01-09-2008 06:34 AM
Hi
Thanks for that last thought on changing the subnet mask. I wasn't sure whether this would work, doesn't the ISP also have to change their subnet mask? or is this a misconception on my behalf?
Thanks
Dan
01-09-2008 06:49 AM
Hi,
Suppose the following addressing:
Your HRSP virtual router: x.x.x.2 255.255.255.248
Your ISP router: x.x.x.1 255.255.255.252
The ISP can keep their subnet mask as it is since they need only to speak to x.x.x.2 (and the subnet mask of 255.255.255.252 will allow this as the x.x.x.2 address will be considered a valid host IP from the ISP point of view within the 255.255.255.252 subnet mask).
On the other hand, changing the subnet mask on your side to 255.255.255.248 will still enable your router to speak with x.x.x.1 since it's a valid IP address within your subnet, as well as allowing you to have these extra IP addreses that can be accessed only from within your subnet:
x.x.x.3
x.x.x.4
x.x.x.5
x.x.x.6
Keep in mind that in this case if you try to generate traffic from your router itself towards your ISP using the physical interface IP address x.x.x.3 for example, this is not going to work since this address is not valid. Also don't try to NAT your internal users to any other address than x.x.x.2.
01-09-2008 02:58 AM
What i understand is tht the /30 subnet provided by the ISP is for serial interfaces.
ISP would have given a pool to be used for natting etc. I assume that 1 IP frm same pool would have been used to your fastethernet interface of router. So, you can use free IP from that pool. HSRP is configured on ethernet interfaces, so what IP's you have on serial interfaces doesnt mater.
hope that clarifies.
pls rate all helpful posts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide