What router hardware or software should be used when multiple public IPs are routed into the same LAN?
- by lcbrevard
I am looking for recommendations to replace a set of consumer grade (Linksys, Netgear, Belkin) routers with something that can handle more traffic while routing more than one static public IP into the same LAN address space.
We have a block of static public IPs, 5 usable, with Comcast Business. Currently four of them are in use for:
General office access
Web server
Mail and DNS servers
Download and backup web server for separate business
All systems (a mixture of physical and virtual) are in the same LAN address space (10.x.y.0/24) to enable easy access between them inside the office. There are 30 or more systems in use depending on which virtual machines are currently active. We have a mixture of Windows, Linux, FreeBSD, and Solaris.
Currently a separate consumer grade router is used for each of the four static addresses, with its WAN address set to the specific static address and a different gateway address for each:
uses 10.x.y.1 - various ports are forwarded to various LAN IPs on systems with gateway 10.x.y.1
uses 10.x.y.254 - port 80 is forwarded to a server with gateway 10.x.y.254
uses 10.x.y.253 - ports for mail and dns are forwarded to a server with gateway 10.x.y.253
uses 10.x.y.252 - ports as needed are forwarded to server with gateway 10.x.y.252
Only router 1. is allowed to serve DHCP and address reservation based on the MAC is used for most of the internal "server" IP addresses so they are at fixed values. [Some are set static due to limitations in the address reservation capabilities of router 1.]
And, yes, this really does work! But... I am looking for:
better DHCP with more capable address reservation
higher capacity so I don't have to periodically power cycle the routers
One obvious improvement would be to have a real DHCP server and not use a consumer grade router for that purpose.
I am torn between buying a "professional" router such as Cisco or Juniper or Sonic Wall verus learning to configure some spare hardware to perform this function.
The price goes up extremely rapidly with capabilities for commercial routers! Worse, some routers require licensing based on the number of clients - a disaster in our environment with so many virtual machines.
Sorry for such a long posting but I am getting tired of having to power cycle routers and deal with shifting IP addresses afterwards!
