Krellan DD-WRT Novice
Joined: 27 Sep 2006 Posts: 39
|
Posted: Sun Dec 17, 2006 10:08 Post subject: IP address forwarding for static subnet? |
|
I have a fine WRT54G router working nicely with DD-WRT v23 SP2.
I have a static subnet containing several IP addresses that belong to me. However, the router will only "see" one of those addresses at a time. I'd love a way to have the router handle traffic for the other IP addresses as well.
I have an AT&T (formerly SBC) DSL connection using PPPoE.
I have a static subnet of 8 IP addresses (6 useable):
71.x.y.137
71.x.y.138
71.x.y.139
71.x.y.140
71.x.y.141
71.x.y.142 = this IP address is the one that is always assigned to me by AT&T's PPPoE server
The PPPoE connection will always assign me 71.x.y.142, but incoming packets will also arrive for the other IP addresses. I need IP address forwarding, so I can forward those along to more machines behind the firewall and on a private network:
192.168.1.1 = router's IP address
192.168.1.2
and so on....
As it is now, the "extra" IP addresses around my PPPoE addresses just get eaten by the router, and not processed on at all.
What I need is the ability to do a 1-to-1 mapping of IP addresses across the WAN and LAN sides.
Let's say I want to set up servers on the other 5 usable worldwide IP addresses:
71.x.y.137 <--> 192.168.1.7
71.x.y.138 <--> 192.168.1.8
71.x.y.139 <--> 192.168.1.9
71.x.y.140 <--> 192.168.1.10
71.x.y.141 <--> 192.168.1.11
I have a number of services on each of these server machines. I'd like to open up certain ports on the firewall and have them redirected appropriately with port forwarding, but also do IP address forwarding as well.
Basically, what I need is an extension of the already-existing port forwarding. I need the ability for the router to act upon a different incoming WAN IP address, not just the already-existing WAN IP address of the router itself.
I basically need to do IP address+port forwarding, not just port forwarding.
If "WAN IP Address" were added as an additional column in the Port Forwarding table, this would be exactly what I need. I could then configure the appropriate WAN IP addresses and ports to reach the proper local servers.
Another idea would just be to somehow map the IP addresses, and skip port forwarding entirely. This wouldn't be as good of a solution, though. The idea is for each of the outside addresses to correspond with a particular local machine, kind of like what "DMZ" does, but not just for a single local machine. Ideally, I'd be able to map a table of WAN IP addresses to their corresponding LAN IP addresses. The problem with "DMZ" is that it bypasses the firewall feature of the router, opening up all ports. Not good.
I'm running with a Linux box as the router/firewall now, but would like to replace it with a WRT54G if possible. Can DD-WRT do this?
Thanks! |
|