Colocation 1:1 NAT

Hi! In my colocation rack I've got a 1 gbit network drop with a /29 IPv4 block.
I'm using 1 IP for the router at the moment, and the 4 servers are using that address via NAT.

I have 2 servers which I would like to give a dedicated IP, how would I best set that up? I assume I need to setup 1:1 NAT? Does the router still act as firewall in that case?

Additionally I would install a server with 2 VM's, each should have a dedicated IP as well, how would I start setting that up?


In any case you can assign the servers a private IP and with a set of SNAT/DNAT to make a 1:1 NAT. The router can still be a firewall, or not, it depends on you.

In a previous thread, you asked a similar question and marked this as the solution:

Does it still apply?

Why? Just route the IPs normally.

That's probably what I'll end up doing, since I want the machine to automatically get one of the available IP's based on its mac address.

I do use Wireguard now and put the IPMI ports on a seperate VLAN. WAN is currently set to 1 static IP. To be frank I did not really understand how to actually configure the settings to be able to set one of the public IP's straight on the devices themselves while still using the device as firewall.

Do you mean to set a static IP on the devices? I would prefer to bind the mac addresses to the public IP's in the router, so the user of the machine can't mess around with it & gets the correct config via DHCP.

As is clear, I don't really know what I'm doing here so forgive my ignorance.

No, just assign public IPs to the servers via DHCP, and then don't NAT those IPs just route them.