Setting up a Linux server with a public Static IP

ubuntu routing ip nat iptables
9,789

If your server is acting as the firewall (NAT, Squid Proxy, etc.), then having an internal subnet is important too. When doing this, however, it's also best to place the public (external) and private (internal) networks on separate physical NICs.

Setting up different IP address netblocks should not make anything noticeably faster or slower, but it will require that some care go into planning how you're going to organize your network. For starters, on the server you'll only need to set the gateway to match the one that your ISP provided for your public Static IP address (NAT, proxy, etc., will use this on behalf of requests from internal computers).

The beauty of using private IP addresses is that you can have many computers, devices, etc., connected to the internet with a single IP address. In fact, this is a very common setup with NAT, and one that occurs with broadband/wireless routers (e.g., what LinkSys sells en masse).

Some helpful links:

  RFC1918 - Address Allocation for Private Internets (see section 3 on page 4)
  http://rfc1918.openrfc.org/

  Step-by-step configuration instructions for NAT with IPTables
  http://www.howtoforge.com/nat_iptables

  A discussion in a forum about setting up what you want to do
  http://ubuntuforums.org/showthread.php?t=713874

  How to Install and Configure DHCP Server in Ubuntu Server
  http://www.ubuntugeek.com/how-to-install-and-configure-dhcp-server-in-ubuntu-server.html

Share:
9,789

Related videos on Youtube

JM at Work
Author by

JM at Work

Updated on September 18, 2022

Comments

  • JM at Work
    JM at Work over 1 year

    I have setup a Ubuntu Linux server in an office. It should have a public IP so that outside users can access the internet. Currently, it is set with a public IP, but is it supposed to have a local IP so that users in the LAN can access via private IP (e.g., 192.168.0.xx) for faster speeds or file sharing?

    For public IP somehow the router or something must know to route requests between the public IP and the local IP?

    • MaQleod
      MaQleod almost 13 years
      Do you require that the server have a public IP, or just be accessible via a public IP? There is a major difference in how you would set up either circumstance.
  • Randolf Richardson
    Randolf Richardson almost 13 years
    The reason for my recommending that public and private networks be placed on separate NICs is to simplify security by isolating the private network from the internet (which should always be regarded as a danger zone since it is "public" after all). You'll still need to configure iptables (or "pf" or whatever you choose to use) to be secure -- I recommend starting with blocking everything first then making exceptions ONLY for those services you intentionally choose to make available to the public (e.g., a web site, OpenVPN, ICMP for ping and traceroute operations, etc.).

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How Do I Block an IP Address on ubuntu?
Linux as router with multiple internet providers
Can a Linux machine have two the same IP addresses on different interfaces/networks?
need to route the traffic through a specific network card
How to alias an IP address to make DLNA resource accessible from different IP network
How to route the incoming connections through a specific interface?
Using iptables SNAT based on source interface and ip address
How does the router know which device to send packets to?
Make CentOS 6.x a port forwarding NAT device
Web server behind NAT, how to listen for public IP address