[SOLVED] Configuring Static IP CentOS so router Motorola NVG510 can recognize device and port forward NAT.

jmc1987 · 10-07-2013, 12:04 PM

Hello and thanks for reading,

So I've been working with Linux servers for a good while now and the way I've always done things have always worked....Until NOW that is.

Basically AT&T upgraded my internet residential service from DSL to there new Uverse setup which required a new modem. The modem is also a router with a built in firewall (typical router).

So Basically I've been playing with Virtual Machines which I created servers and some I need to broadcast to the open world. Now I know AT&T has the ports open, but the problem I'm experiencing, where a typical router allows you to do Port Fowarding/NAT and you basically forward a port to a host number.

All my servers I've created and communicate with the openwords.

Now this new router just doesn't let me forward a port to a host unless its in the Device list.

Now this is what I can't figure if I use DHCP it works and pulls and address, but it still not in the Device List. On my Linux Mint Virtual Machine I can use DHCP with the network manager and the device is listed. That is the James-VirtualBox.

So basically what I want to know is how do I forward the host/device name to the router on my CentOS installation pulling a static IP?

I've attached the a pic for the Router Port forwarding

Code:

[root@oknode ~]# ping linuxquestions.org
PING linuxquestions.org (75.126.162.205) 56(84) bytes of data.
64 bytes from www.linuxquestions.org (75.126.162.205): icmp_seq=1 ttl=53 time=27.7 ms
64 bytes from www.linuxquestions.org (75.126.162.205): icmp_seq=2 ttl=53 time=27.2 ms
^C
--- linuxquestions.org ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1457ms
rtt min/avg/max/mdev = 27.285/27.494/27.704/0.267 ms
[root@oknode ~]# ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:17:31:88:53:0B
          inet addr:192.168.1.101  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::217:31ff:fe88:530b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7973 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2714 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:843689 (823.9 KiB)  TX bytes:281403 (274.8 KiB)
          Interrupt:20 Base address:0x2c00

[root@oknode ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=none
HOSTNAME=oknode.xxx.org
NETMASK=255.255.255.0
IPADDR=192.168.1.101
HWADDR=00:17:31:88:53:0B

[root@oknode ~]# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.0     *               255.255.255.0   U     0      0        0 eth0
link-local      *               255.255.0.0     U     1002   0        0 eth0
default         dsldevice.att.n 0.0.0.0         UG    0      0        0 eth0
[root@oknode ~]# cat /etc/hosts
127.0.0.1   localhost oknode.xxx.org oknode
192.168.1.101 oknode.xxx.org oknode

# Yes the xxx in the domain name is edited out

redfox2807 · 10-07-2013, 12:27 PM

Mixing static IPs together with DHCP in my experience is not so good. As number of devices grow over time ip conflicts are possible. Furthermore if you need to change the subnet one day it can give trouble. You can statically bind an ip on the dhcp server to a specific Mac-address.

About your question. How do you add a device into the list ? I suppose binding an ip will do it?

jmc1987 · 10-07-2013, 12:43 PM

Quote:

Originally Posted by redfox2807

Mixing static IPs together with DHCP in my experience is not so good. As number of devices grow over time ip conflicts are possible. Furthermore if you need to change the subnet one day it can give trouble. You can statically bind an ip on the dhcp server to a specific Mac-address.

About your question. How do you add a device into the list ? I suppose binding an ip will do it?

The router doesn't appear to support that directly, its got some auto settings that tend to do this its self.

Yes I know DHCP and Static can cause conflicts. That is why I configure DHCP server only forwards ips between 2 and 99

lleb · 10-07-2013, 01:01 PM

you can have ATT disable all routing functions on their device and set it to bridge mode. that will solve your issue. put your router behind it as they will disable their firewall, DHCP, and NAT.

jmc1987 · 10-07-2013, 01:37 PM

Quote:

Originally Posted by lleb

you can have ATT disable all routing functions on their device and set it to bridge mode. that will solve your issue. put your router behind it as they will disable their firewall, DHCP, and NAT.

Yes you are right indeed, I do like having the router firewall but in this case it all fails, Bridge mode is a great idea which I've done that with some previous routers that solved that problem easily and non complicated.

The no modem/router I have is Motorola NVG510 which doesn't exactly support bridge mode so it really seems I need a different modem, but there is a little hope. I have found where a few people have done it.

http://forums.att.com/t5/Features-an...e/td-p/2890841

But, I'm still going to work to find some more solutions.

redfox2807 · 10-07-2013, 01:52 PM

If you want to replace the DSL modem you can consider buying a router with DSL support. Just to get rid of one more device. I don't know if AT&T lets its customers to be off without AT&T-owned modems.

jmc1987 · 10-07-2013, 02:05 PM

Well when AT&T was offering standard ADSL you could use your own router equipment. Now since I'm on the Uverse Technology I'm not sure if a standard DSL model will work or not. From what I understand its a beefed up DSL Line, but I guess that is really something I would have to consult them about, of course I'm sure that have a business class router they would sell me for lots of $$ that would easily solve the trick, but not looking to pay a arm & leg for something that should be so simple in the first place.

But I'll find a solution eventually, hopefully sooner rather than later, and I know some others have had issue with this so I'll be sure to post my results when I solve my problem.

I guess on to more hours of hopeless research =) Cheers!

suicidaleggroll · 10-07-2013, 02:15 PM

Quote:

Originally Posted by redfox2807

Mixing static IPs together with DHCP in my experience is not so good. As number of devices grow over time ip conflicts are possible.

As long as you restrict the DHCP range and set all of your static IPs outside of that range, you'll never have a conflict.

Quote:

Originally Posted by redfox2807

Furthermore if you need to change the subnet one day it can give trouble. You can statically bind an ip on the dhcp server to a specific Mac-address.

If you do that you'll face just as many problems if you ever change your router. Just trading one headache for another.

redfox2807 · 10-07-2013, 02:23 PM

According to this page in case of Uverse AT&T forces customers to use their equipment. Then switching Motorola NVG510 to some low cost modem that supports bridging and setting up your home network behind a router you have complete control of will be best option. Also you won't have to pay extra bucks for an AT&T router that could be easily bought from a 3rd party for less price.

suicidaleggroll · 10-07-2013, 02:31 PM

In the past, when dealing with ISP-supplied modem/router hybrids that don't have a "bridge mode" setting and typically have terrible interfaces and functionality, I've been able to "force" it to be a transparent bridge by assigning my primary router a static IP on the ISP-supplied router's network, and telling the ISP-supplied router to forward everything on every port to my primary router. The primary router then handles the firewall and various port forwarding like normal.

This does create a double NAT with two subnets (but the only device on one of the subnets is your primary router), but sometimes it's the cleanest way to get past the ISP device's restrictions.

redfox2807 · 10-07-2013, 02:38 PM

Quote:

Originally Posted by suicidaleggroll

As long as you restrict the DHCP range and set all of your static IPs outside of that range, you'll never have a conflict.

As your network grows you can face lack of unused IP addresses. Another headache is to remember all those static IP addresses in use (or to find where is that file you have saved those IPs in =)). Though I have to admit it more applies to small company networks than to home ones.

Quote:

Originally Posted by suicidaleggroll

If you do that you'll face just as many problems if you ever change your router. Just trading one headache for another.

Indeed. That hardly can be argued.

jmc1987 · 10-07-2013, 08:00 PM

Well I almost got a break through. I finally got my CentOS machine to show up in my device list on my router by changing my centos machine to dynamic ip.

Quote:

[root@oknode network-scripts]# cat ifcfg-eth0
DEVICE=eth0
HWADDR=00:17:31:88:53:0B
ONBOOT=yes
BOOTPROTO=dhcp
HOSTNAME=oknode.xxx.org
DHCP_HOSTNAME=oknode
#NETMASK=255.255.255.0
#IPADDR=192.168.1.101

Basically by changing to DHCP and added "DHCP_HOSTNAME=oknode" it broadcasted the name to the router so I can forward a port to it. So now the question is, since this is a openvz machine can I broadcast that name using a static IP. I think that will solve my problem for the most part. So is that possible.

Or am I stuck using DHCP on all my openVZ containers too (yikes).

I found out att uverse is adsl2+ technology so I'll probably on a venture to by a new modem, since I called there tier 2 support and they told me I have to pay their outsourced support department for assistance with that port forward. ATT is going down hill, I thinking a local cable company is in mind.

jmc1987 · 10-08-2013, 09:41 PM

Router: Motorola NVG510

Okay well since my router is junk, I did find a more simple work around other then what other people have proposed. Its working on my network with my OpenVZ Node and the VPS containers on the node. Note: Openvz venet will not work properly for the portforwarding, but venet device will work find behind the router (local network)

Since my router has somekind of caching system which I'm going to assume it binds the dhcp address by mac/dhcp_hostname so I basically configured my ifcfg-eth0 to use dhcp

Code:

DEVICE=eth0
ONBOOT=yes
TYPE=Ethernet
BOOTPROTO=dhcp
HOSTNAME=oknode.xxx.org
DHCP_HOSTNAME=oknode
HWADDR=00:17:31:88:53:0B

Now once my server requested the IP server which is pulls 192.168.1.64.
This is how its displayed in my network device list on my router Device > Device List

Code:


Device IPv4 Address / Name 	MAC Address 	        Status 	   Connection 	   Allocation
192.168.1.64 / oknode	        00:17:31:88:53:0b	on	   Ethernet	   dhcp

my centos machine now existed in the device list in my NAT Portforward in the Router GUI.
So Now that information is cached in the router I changed it back to static IP like this

Code:

DEVICE=eth0
ONBOOT=yes
TYPE=Ethernet
BOOTPROTO=none
HWADDR=00:17:31:88:53:0B
HOSTNAME=oknode.xxx.org
NETMASK=255.255.255.0
IPADDR=192.168.1.101
GATEWAY=192.168.1.254

My router now sees my static IP and it keeps the device name oknode. Basically it looks like this in my router Device List

Code:

Device IPv4 Address / Name 	MAC Address 	        Status 	   Connection 	   Allocation
192.168.1.101 / oknode	        00:17:31:88:53:0b	on	   Ethernet	   static

So at this point I think its safe to say its updated like it should.

Now in my router GUI I can go to my firewall > NAT/Gaming > select my services I want to port forward and my device name can be selected from the device list.

Now for some addition info for the work around for the openvz containers thats on my server. You have to use veth and not venet network devices, basically you have to bridge your network device such as this

Code:

# vi /etc/sysconfig/network-scripts/ifcfg-vmbr0 
DEVICE="vmbr0"
BOOTPROTO="static"
IPV6INIT="no"
ONBOOT="yes"
TYPE="Bridge"
DELAY=0
IPADDR=192.168.1.101
NETMASK=255.255.255.0
GATEWAY=192.168.1.254

# vi /etc/sysconfig/network-scripts/ifcfg-eth0 
DEVICE="eth0"
ONBOOT="yes"
IPV6INIT="no"
TYPE="Ethernet"
BRIDGE="vmbr0"

OpenVZ has a script you need to add to automate the veth devices.
# vi /etc/vz/vznet.conf

Quote:

#!/bin/bash
EXTERNAL_SCRIPT="/usr/sbin/vznetaddbr"

Stop your openvz container and add the veth device to openvz container
# vzctl set <CID> --netif_add eth0 --save

Now edit your container/VE/VPS network scripts

# vi /vz/root/102/etc/sysconfig/network-scripts/ifcfg-eth0

Quote:

DEVICE="eth0"
HOSTNAME="vps1"
MTU="1500"
TYPE="Ethernet"
ONBOOT=yes
BOOTPROTO=dhcp
DHCP_HOSTNAME=vps1

Now this will populate and pull from the router and bind the mac of the veth device and it will cache in the router.

Now go back and change it to static
# vi /vz/root/102/etc/sysconfig/network-scripts/ifcfg-eth0

Quote:

DEVICE="eth0"
HOSTNAME="vps"
TYPE="Ethernet"
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.1.102
NETMASK=255.255.255.0
GATEWAY=192.168.1.254

Now again successfully the router device populates in the list under the router firewall>NAT/Gaming and you can select the device and open the ports needed.
Most of this information is not in a manual or anywhere on the web to make a server work with static ips with port forward with this modem/router so I hope this work around will help somebody.