I am looking for recommendations to replace a set of consumer grade (Linksys, Netgear, Belkin) routers with something that can handle more traffic while routing more than one static public IP into the same LAN address space.
We have a block of static public IPs, 5 usable, with Comcast Business. Currently four of them are in use for:
- General office access
- Web server
- Mail and DNS servers
- Download and backup web server for separate business
All systems (a mixture of physical and virtual) are in the same LAN address space (10.x.y.0/24) to enable easy access between them inside the office. There are 30 or more systems in use depending on which virtual machines are currently active. We have a mixture of Windows, Linux, FreeBSD, and Solaris.
Currently a separate consumer grade router is used for each of the four static addresses, with its WAN address set to the specific static address and a different gateway address for each:
- uses 10.x.y.1 – various ports are forwarded to various LAN IPs on systems with gateway 10.x.y.1
- uses 10.x.y.254 – port 80 is forwarded to a server with gateway 10.x.y.254
- uses 10.x.y.253 – ports for mail and dns are forwarded to a server with gateway 10.x.y.253
- uses 10.x.y.252 – ports as needed are forwarded to server with gateway 10.x.y.252
Only router 1. is allowed to serve DHCP and address reservation based on the MAC is used for most of the internal "server" IP addresses so they are at fixed values. [Some are set static due to limitations in the address reservation capabilities of router 1.]
And, yes, this really does work! But… I am looking for:
- better DHCP with more capable address reservation
- higher capacity so I don't have to periodically power cycle the routers
One obvious improvement would be to have a real DHCP server and not use a consumer grade router for that purpose.
I am torn between buying a "professional" router such as Cisco or Juniper or Sonic Wall verus learning to configure some spare hardware to perform this function.
The price goes up extremely rapidly with capabilities for commercial routers! Worse, some routers require licensing based on the number of clients – a disaster in our environment with so many virtual machines.
Sorry for such a long posting but I am getting tired of having to power cycle routers and deal with shifting IP addresses afterwards!
Best Answer
you can get a DrayTek 2950 router, supports multiple public IP addresses amongst other features. supports vpn tunnels (200) without purchasing extra licenses.
http://www.draytek.co.uk/products/vigor2950.html
You can search for a draytek dealer in your area.
Draytek will do all port forwarding, you can connect multiple WAN connections, can run them in either failover or load-balance mode, you can assign WAN IP Aliases (Public IP Addresses). You can even assign Public static IP to your servers and input the correct subnet and subnet mask in your router so it routes your public IP subnet too.
Hope that helps