Joined: 23 Sep 2017 Posts: 229 Location: Swindon, UK
Posted: Wed Jun 12, 2019 19:50 Post subject: Using Public IP Range
Hi,
I posted this in another forum but there seems to be much more traffic here
I am a UK Virgin Media Cable customer.
In process of switching from residential to Business.
I will have a range of 13 public IP addresses.
The router they will be supplying does not have Wifi.
I need Wifi.
I must use their router but can add an additional one (or maybe an access point, not sure?)
I have just been told their router uses Generic Routing Encapsulation (GRE) tunnelling protocol if this is relevant.
I just bought 2 days ago a Nighthawk X6 R8000 before I decided to switch to public IP addresses.
I am guessing this R8000 is not up to the job of disabling NAT and using Public IPs?
Even in access point mode (which would be the preferred method).
If I updated to dd-wrt would I be able to achieve my aim?
If this is not possible does anyone have a recommendation of a router that can handle this?
Something not too expensive =<£200 and preferably available in UK PC World so I can try and swap the one I just bought
Or maybe a Wifi access point that can handle this?
Joined: 23 Sep 2017 Posts: 229 Location: Swindon, UK
Posted: Thu Jun 13, 2019 1:50 Post subject:
Thanks for link, interesting read but they all use private IP addresses and NAT which I wish to avoid (most of my clients need to be occasionally accessible remotely using same port numbers).
I know a bit about networking but am very far from an expert.
All devices on LAN must also be able to talk to each other.
This is briefly how I kind of envisage the setup.
ISP Supplied Router (primary router):
DHCP Disabled
Assigned 1 public IP Address by WAN setup (the gateway address for whole network).
2 Ports on router used for the 2 clients physically located next to router (IP settings assigned on each statically).
-----------------
2nd Router (or preferably an AP, or router in AP mode)
On same subnet as primary router (though if router used in router mode I would have to use a second subnet and setup a route to primary router, losing at least a couple of IP addresses in process. I could only spare 2 IP addresses at a push).
So, I prefer using an AP or router in AP mode. Assuming this from now on.
DHCP enabled.
1 public IP statically setup on it for its own use.
DHCP scope setup with remaining 9 public IP addresses for remaining clients (all WIFI).
AP would need to support using IP address reservations.
(or probably I would setup all clients statically avoiding need for DHCP on network altogether).
Port on AP connected to a port on router.
Clients connect to AP via WIFI.
All use IP of primary router as gateway.
Now I think this would easily be possible using the hardware I have if I was using NAT and private IP address.
But I need to use all public IP addresses.
And I don’t think, using NetGears firmware, the Nighthawk X6 R8000 supports disabling NAT and using public IP addresses (but am hoping I am wrong).
Hence wondering if dd-wrt would be able to do this.
If not, what AP (or router in AP mode) could I use to achieve this?
Joined: 23 Sep 2017 Posts: 229 Location: Swindon, UK
Posted: Thu Jun 13, 2019 3:09 Post subject:
I just checked the AP mode setting on the R8000 and it does not have a DHCP server and my IP supplied router does not support WIFI so I would be setting up all clients statically. Not a problem.
Still hopeful (juts a little bit) that it supports public IP addresses.
Have posted to several forums, including the NetGear one but have not received any reply that states if it does or does not support Public IPs.
In fact the only reply I have received at all has been here so many thanks for that
I have logged a support call directly with NetGear to see if they can advise and asking for a recommendation if it does not.
Joined: 23 Sep 2017 Posts: 229 Location: Swindon, UK
Posted: Thu Jun 13, 2019 6:04 Post subject:
Actually I thought some more about this and of course an AP does not do NAT (it just passes packets to the router), so there is nothing for it to disable. I am hoping that this means that public IP addresses will work OK with the R8000 in AP mode. Just so long as it allows me to set a public IP or it picks one up from DHCP. Hopefully NetGear will confirm this later today or tomorrow.
Joined: 23 Sep 2017 Posts: 229 Location: Swindon, UK
Posted: Thu Jun 13, 2019 7:27 Post subject:
Thanks Per Yngve Berg. I used dd-wrt before on a previous router and loved it. With the information you have just provided I think I will start to love it all over again
Joined: 16 Nov 2015 Posts: 6446 Location: UK, London, just across the river..
Posted: Thu Jun 13, 2019 9:09 Post subject:
your best hit is WAP...in this case all the routing DHCP & DNS goes to the ISP router provided...WAP is working like a switch with WiFi nothing special on it
the other option is to eliminate, the ISP router and use your R8000 as a Gateway but you will need to put
your ISP modem in bridge mode so there will be no double NAT.... you can fairly use DDWRT pppoe interface
and have a multiple subnets on VLANs...
https://wiki.dd-wrt.com/wiki/index.php/One-to-one_NAT https://wiki.dd-wrt.com/wiki/index.php/VLAN_Support http://www.bitsbythepound.com/dd-wrt-router-with-multiple-public-ip-addresses-429/ _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Joined: 23 Sep 2017 Posts: 229 Location: Swindon, UK
Posted: Thu Jun 13, 2019 10:32 Post subject:
Thanks Alozaros but there is no separate modem. It is router/modem combo and it is mandatory to use it or lose the public IP addresses. Yes I agree, the best bet is to use the R8000 as an AP (WAP). Was just worried it might not support public IP initially but I see no reason for this to be the case. The only reason was maybe NetGear preventing it in a consumer product to force use of their more expensive business offerings (but now I think this is just worry/paranoia/stupidity on my part). Confident now it will work, many thanks
Joined: 23 Sep 2017 Posts: 229 Location: Swindon, UK
Posted: Thu Jun 13, 2019 13:59 Post subject:
Alozaros wrote:
the other option is to eliminate, the ISP router and use your R8000 as a Gateway but you will need to put
your ISP modem in bridge mode so there will be no double NAT.... you can fairly use DDWRT pppoe interface
and have a multiple subnets on VLANs...
Having just spoke to their tech support, they have confirmed the router they supply does not support 13 public IP addresses they supply and they will provide the router setup in modem mode and I must use my own router.
So here I am going to put dd-wrt on my R8000.I will configure it as a gateway router.
I have not installed dd-wrt for some time but I am sure i will pick it up again quickly.
What I will need some help/advice with configuring it to use the public IP addresses.
Could you/anyone tell me if the following is possible and easy to configure:
Disable NAT on the router. Every device will have a public IP.
Setup the WAN on the router with the details from my ISP to use one of the 13 static public IP addresses.
I do not need or desire any additional subnets setup except for the one supplied by the ISP.
Setup a DHCP range with reserved IP addresses to their MAC addresses for the remaining 12 IP addresses.
Two devices will be wired. The other ten will be on WIFI. Is the WIFI setup with tri-band, the same as it comes from NetGear?
As the 12 devices will have public IP addresses I am assuming the ones that need to be remotely accessible (web, email and media servers etc) will not need any port forwarding rules setting up?
<edit>maybe just firewall rules, or is this implemented in forwarding rules? I will need to set some devices up to use the same TCP/UDP ports. Sorry it has been a while since I had to do this</edit>
I assume I still look in the beta folder for the latest dd-wrt builds?
the difference is Kong test his builds personally and does some fixes
if needed...but basically all builds are BS builds as he is the main
developer...
I do prefer Kong and use its builds so far so good
R8000 tri band means he has an extra radio on 5Ghz so 3 radios in total
1 x 2,4 & 2 x 5Ghz
second this set up is a bit challenging for me to explain how to...
But in my case, i would prefer either to create VLAN's and utilise some of the IP's
from the router side and use all the DDWRT extras or add a switch before the router,
give an IP to the router from it use the router as a Gateway with NAT its own DHCP&DNS,
than you can pull out more IP's for those devices plugged in the switch (each has its own)...
sadly this set up, is not very safe and sound, unless you have a nice high class switch with
VLAN support...at the end it will be less weight on the router...
you can still use the NAT on the router as it has DMZ option too and you can put there your server..
otherwise its not very practical to take down the NAT... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Joined: 23 Sep 2017 Posts: 229 Location: Swindon, UK
Posted: Thu Jun 13, 2019 18:00 Post subject:
Thanks for the detailed reply.
I did end up using Kongs builds last time I was on dd-wrt.
The only problem I had was getting wifi speeds anywhere remotely like with the stock firmware, despite studying the docs (but this was not just on kong).
I do have a couple of servers which are on NAS, a couple of different flavours.
I really just want to get it all up and running as quick as possible from when they install the router. Which is why I just want to get everything on the public IPs.
Only able to plug the two devices into the router directly due to location restraints and lack of wiring.
Of course I do like to tinker so will look into all the other options once up and running and time permitting.
Would be good to get some NAT running for guest wifi access.
Thanks again for your reply, I am really looking forward to getting this up and running.
Will start updating the R8000 to Kong later today if I get a chance, but still have a week or so until they install.
<edit>damn it! forgot to untick sig for this reply. Best get in and edit it now.</edit>
<edit 2>looks like I did resolve the wifi speed in the end looking at the results in my sig so this is promising</edit> _________________ Router Model: Netgear R8000
Firmware: DD-WRT v3.0-r41813 std (12/29/19)
Modem: Super Hub 3.0
ISP: Virgin Media 350/35 Mbps
Joined: 23 Sep 2017 Posts: 229 Location: Swindon, UK
Posted: Fri Jun 14, 2019 11:32 Post subject:
Annoying - spend ages reading all flashing instructions threads to re-refamiliarize myself as not flashed dd-wrt for a couple of years. Set myself a few hours today to get this R8000 flashed to kongs build. The when I tried to flash I got the error:
This firmware is not compatible with your router error code -1
Looking at a few links on google searches it seems that NetGear have blocked installing firmware with a lower version (grrr NetGear).