Jump to content
RESET Forums (homeservershow.com)

Home Network IP Address Scheme Best Practice


schoondoggy

Recommended Posts

  • Replies 63
  • Created
  • Last Reply

Top Posters In This Topic

  • nrf

    10

  • itGeeks

    9

  • jmwills

    9

  • ShadowPeo

    6

Top Posters In This Topic

Popular Posts

Mine is varied but have used it for 20 years so not changing now 1 router 2 printer 3 main pc After that odds are static pc and evens are device like NAS,ilo,rac, vhost 51-60 ip cam 21-30 networ

I use a mixture - servers and infrastructure get fixed IPs. Since some routers require reserved IPs to fall within its dhcp range and some outside I don't mess with it. I have frequently changed route

I usually group IP Addressing by functionality.  I even go to the extreme of keeping domains within a range.

Posted Images

this seems like a blunt statement. aren't there still firewall protections provided by the 'router' component?

Link to post
Share on other sites

this seems like a blunt statement. aren't there still firewall protections provided by the 'router' component?

 

indeed - just because it's routable doesnt mean all traffic can pass. The router is still acting as a firewall to allow in only traffic relating to existing sessions, or traffic i specifically allow (like to specific ports on servers etc.)

Link to post
Share on other sites

But you're still only getting one external IP address from the ISP, unless you are running a business class model.  I know of NO ONE running IPv6 on their internal networks and I work for one of those three letter agencies.

Link to post
Share on other sites
GotNoTime

But you're still only getting one external IP address from the ISP, unless you are running a business class model.

Which is why IPv6 gives you so much more flexibility. You avoid NAT which causes a lot of unnecessary complication and breakage. You don't need to setup static port forwarding rules. You don't need to deal with the security hole that is UPnP. You're able to have multiple servers using the standard defined ports.

 

I know of NO ONE running IPv6 on their internal networks and I work for one of those three letter agencies.

Comcast 100% completed their roll out of dual stack IPv4 + IPv6 last year. The large ISPs in the UK are rolling out IPv6 as well now. Smaller nice ISPs have already had IPv6 for years now.
Link to post
Share on other sites

I know of NO ONE running IPv6 on their internal networks and I work for one of those three letter agencies.

 

Well thats just a challenge now isnt it lol...

 

IRS...?

Link to post
Share on other sites

lol, tell us you work for a 3 letter agency but then not which one, I've figured it out, given you tell us you work for one clearly isn't what someone that worked for one would do, so, it UPS isn't it.....

 

 

Sent from my iPad using Tapatalk

Link to post
Share on other sites

3 letter agencies aside, my ISP gives a ipv4 ip address, a 128 bit ipv6 address,  plus a 64-bit ipv6 delegated prefix (range) which is distributed among the lan members. maybe sophos is considered a "business class model" but this seems like a very conventional ipv6 scenario

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...