EdgeRouter - Routing: How to Distribute Public IPs


Overview


This article will describe methods to distribute Public IPs using the EdgeRouter with steps to implement each method.

NOTES & REQUIREMENTS:
Applicable to the latest EdgeOS firmware on all EdgeRouter models. Knowledge of the Command Line Interface (CLI) and basic networking knowledge is required. Please see the Related Articles below for more information.
 
Devices used in this article:

Table of Contents


  1. Introduction
  2. How to Distribute Using 1:1 NAT
  3. How to Distribute Using a Transit Address
  4. Related Articles

Introduction


Back to Top

There are several different methods to distribute an assigned block of Public IPs to multiple devices. The preferred method is to use 1:1 NAT when limited Public IP Addresses are available. In this case each host on the network has a private IP and it translates to a specified Public IP created on the WAN interface.  

Another method is when an upstream provider gives a Public IP block using a transit address, in which case the Public IPs can be distributed directly on the router interface or split into multiple smaller subnets.


How to Distribute Using 1:1 NAT


Back to Top

One advantage of this method is that Public IPs are not used simply to distribute other usable IPs, making this method most efficient. Follow the steps bellow to configure.

EdgeRouter Port Configuration

  • eth0 (WAN) - 203.0.113.1/29 & 203.0.113.2/29
  • eth1 (LAN) - 192.168.1.1/24

distribute1to1nat.png

GUI: Access the Graphical User Interface.

1. Add Public IP addresses being used to the WAN interface.

Dashboard > eth0 > Actions > Config > Add IP +

Manually Define IP Address > Address: 203.0.113.1/29
Manually Define IP Address > Address:
203.0.113.2/29
Proxy ARP: Checked 
NOTE: When using 1:1 NAT with multiple Public IPs it is required to manually add each IP and check Proxy ARP.

2. Configure Source NAT Rule.

This step will send all traffic from the UNMS server outbound using 203.0.113.2.

Firewall/NAT > NAT > Add Source NAT Rule

Outbound Interface: eth0
Translation > Specify address and/or port: Checked
Translation > Specify address and/or port > Address: 203.0.113.2
Source Address: 192.168.1.20
Protocol: All Protocols

3. Configure Destination NAT Rule.

This step will send all traffic destined to 203.0.113.2 to the UNMS server at 192.168.1.20.

Firewall/NAT > NAT > Add Destination NAT Rule

Inbound Interface: eth0
Translation Address: 192.168.1.20
Protocol: All Protocols
Destination Address: 203.0.113.2

How to Distribute Using a Transit Address


Back to Top

In this topology the upstream provider has given the 203.0.113.1/26 Public IP block using the 192.0.2.1/24 transit address. This diagram below shows an example using UFiber GPON equipment to distribute a unique Public IP to multiple customer devices. This method can also be applied using airMAX equipment or a simple switch to distribute the public IPs.

EdgeRouter Port Configuration

  • eth0 (WAN) - 192.0.2.1/24
  • eth1 (Public IP Block) - 203.0.113.1/26

distributetransit.png

NOTE: The example above shows a UFiber ONU in router mode with address 203.0.113.2. The other ONUs are in bridge mode giving the airCube and EdgeRouterX a Public IP. The gateway for each device in the 203.0.113.0/26 network is the address on eth1 of the EdgeRouter Infinity, 203.0.113.1. The UFiber OLT does not receive a management IP from the public IP block and acts simply as a transparent bridge.

Related Articles


Back to Top

EdgeRouter - Hairpin NAT

Intro to Networking - Network Address Translation (NAT) and the Internet

EdgeRouter - Source NAT

EdgeRouter - Destination NAT


We're sorry to hear that!