Messages

Hi Bart,

Thanks for the confirmation!

I'm assuming VPS providers do this the same way and set the needed configuration via router & switch API's?
I've rented machines where the IP was obtained via DHCP, others have the IP set statically.

I don't understand how it would be safe to set the (external) IPv4 statically on the machine, couldn't the user set another IP when renting a bare metal instance? If necessary by spoofing the MAC address?

Hi! I'm hosting a few machines in local co-location and have a few questions regarding how to set things up correctly.
-I have a /29 block IPv4 addresses, I want to provide 1 IP address per machine.
-The machines should get an address via DHCP from the router but still be behind the firewall.
-The user of the machine should not be able to connect with a static IP and mess with the settings.

I was thinking the easiest would be to set NAT 1 to 1 on physical interfaces of the router. There aren't enough ports on my router though so the alternative would be to use VLANs and tie the external addresses with the VLANs.

I've got very limited experience setting up routers and firewalls so my question is; does this make sense? Any details which I might forget regarding setup/security would be highly appreciated.