Hi
I have received a /28 block from ISP and am trying to assign one of the public IPs to a server directly (not NAT).
Gateway: 203.13.YYY.161
Usable IPs: 203.13.YYY.162 - 203.13.YYY.174
Subnet Mask: 255.255.255.240
Following the advice from a helpful member on lede-dev, I only needed to:
Modify my lan config to add the public block, as such:
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
list ipaddr '192.168.1.1/24'
--->list ipaddr '203.13.YYY.160/28'
option ipv6 '0'
config interface 'wan'
option proto 'static'
--->option ipaddr '203.13.YYY.162'
--->option netmask '255.255.255.252'
option gateway '203.13.YYY.161'
option delegate '0'
option ifname 'eth1.2'
option ipv6 '0'
option dns '8.8.8.8 8.8.4.4'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option vid '1'
option ports '0t 1 2 3 4'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '5 6t'
option vid '2'
WAN zone in firewall (disable masquerading for public block):
config zone
option name 'wan'
option output 'ACCEPT'
option masq '1'
--->option masq_src '!203.13.YYY.160/28'
option mtu_fix '1'
option network 'wan'
option input 'ACCEPT'
option forward 'ACCEPT'
In addition, I needed to adjust the firewall with this rule so anything coming from WAN is properly forwarded:
config rule
option name 'public'
option src 'wan'
option dest 'lan'
option dest_ip '203.13.YYY.160/28'
option proto 'all'
option target 'ACCEPT'
Now with hosts connected to my LAN, assigning public IPs to them should be simply a matter of statically assigning the desired IP on the server itself, eg:
IP: 203.13.YYY.165
Netmask: 255.255.255.240
Gateway: 203.13.YYY.162 (LEDE router WAN IP)
But once I assign that, they can't connect or ping anything in LAN or WAN.
So in summary, I have a block, LEDE itself is using .162 for its WAN connection, I wish to assign one of other public IPs I received to hosts in LAN without NAT, how can I do that?
Any help is appreciated.