Public LAN and WAN Addresses

Hi Guys
I am slightly confused about public lan and wan ips. We have a circuit that was installed a few months ago as a backup failover but we now want to start using it so I phoned my ISP for the public range for that circuit.
Now our internal IP subnet is a 192.168.150.xx
I was expecting the ISP to provide me with one public range maybe a /30 so I can assign an public ip to my routers external interface and PAT to that address.
The ISP instead gave me a public LAN and WAN address range both of which are public IPs. Can anyone explain what these are where in my type of network will they fit it
Thanks

As Peter says it is worth talking to your ISP but LAN addresses are usually simply another public IP block you are free to use however you want.
You don't have to use them and you certainly don't need to allocate them to physical devices on your LAN. The ISP doesn't really care how you use them either, they will simpy route traffic to those address to your edge device (see below for more details).
They can be useful if you host a lot of servers/applications accessible from the internet for example.
It does depend on the devices you have ie.
LAN -> firewall -> ISP router
in the above you use the WAN addressing for the link between the firewall and the ISP router and then you can just use the LAN address range for NAT on your firewall. Non of the LAN IPs need to be actually assigned to any interface
LAN -> firewall -> router -> ISP router
here you have your own router on the outside of the firewall. The WAN addressing would be used between your router and the ISP router. The LAN addressing would be used for the firewall to your router connection and any spare IPs can be used for NAT (usually done on the firewall).
Note that usually the LAN addressing is a larger subnet than the WAN addressing and as you say the WAN addressing is usually a /30. So the ISP uses one of the IPs from the WAN range and you use the other.
If you have been allocated LAN addresses then the ISP will route traffic to these addresses to the WAN IP you have used so make sure you use the WAN IP on either -
a) in the first example above the outside interface of your firewall
or
b) in the second example above the outside interface of your router, the one connecting to the ISP router.
Hope that makes sense.
Jon

Similar Messages

Load balance on routers LAN and WAN

Hi ;
I have a setup where i need to implement load balance on 2 routers in both sides ,LAN and WAN , and there is ASA in the LAN side , my question is that when do load blance in LAN side using GLBP how the 2 ASA's will act on this because they will have only 1 default gateway IP address .
Thanks

Not Harbi
Not entirely sure i understand the question but i'll try to answer based on a few assumptions.
It sounds like you have a pair of ASA devices on the LAN side. Assuming they are in active / failover then they will appear as one IP address to the routers - a VRRP address. When the ASA arps out for the default gateway address they will get one of the virtual mac addresses back from the AVG.
They will send traffic to that mac address ie. they won't load balance.
The load balancing aspect comes in when another host on the LAN then arps out for the default gateway and the AVG assigns it a different virtual mac address tied to a different router. But as the ASA pair always appear as one host entity they will always be tied to one of the routers at any one time.
Hope this covers what you were asking
Jon

Lan and Wan port on Airport express

Hi guys I am wondering if you could help me out with my airport express.
I recently bought an airport express and have it set up as the following:
Router--->ethernet cable in to the Wan of Airport express--->ethernet from Airport Express Lan to computer
This is so that I have hardwired internet to my gaming computer and wifi in my room for all my devices. The problem is, however, next year I will not be in a situation that allows me the same setup. I will be too far away to run an ethernet cable from the router to the airport express. So I have decided I shall use it to join the network wirelessly and relay internet through both the Wan and Lan port (think this is called bridge mode?). I was also intending on connecting an ethernet hub to one of the ports so that I can connect multiple devices, smart tv, macbook, ps3 etc. But having one of the ports exclusively to my gaming pc.
My question is, with both Lan and Wan ports relaying internet to multiple devices, would I see a drop in performance, in particular in regard to my compter? Or is the airport express able to join both the 2.4GHz or 5GHz and relay each connection to a specific lan port?
Unfortunately I am not in a position to test this yet, lacking a 5GHz connection in my halls, so I would appreciate if anyone could help shed some light.
Thank you

is the main router also an apple product? if so, then yes you can extend wirelessly, but if the main router is an apple product, why are you bothering to extend wirelessly at all when the main router's signals should be strong enough?
if the main router is NOT an apple router, then you wil NOT be able to extend it wirelessly period.
in my experience, there are very FEW places you NEED to extend a network wirelessly, and i always recommend against it since there is a big performance decrease.
In the case of a wirelessly extended network, throughput may be reduced to less than 60 percent of that of a single device.
http://support.apple.com/kb/HT4145

Which Monitoring Tool is best to monitor LAN and WAN

Hi,
CAN ANYONE TELL ME Which Monitoring Tool is best to monitor LAN and WAN.
Waiting for immediate response.
Thanks
Irshad

To start with HP open, this is SNMP-based as well. As it is around for quite a while and delivers support for many vendors, it has become sort of an industry standard. Many other vendors deliver add-ons (even CiscoWorks) to support their products via HP open. That functionality however comes with a price. If you have plenty of money an a large network to manage, HP open might be your best choice.
Cisco Works and other -start-with-C- products are typically used to manage Cisco devices. If you have a fair share of non-cisco boxes around you will find that you cannot see or do everything with them that you might want.
One special thing about CiscoWorks is that it lacks a grapical real-time overview of the network. In my opinion this is a weakness in the product. On the other hand, it has many nice features to manage all kinds of Cisco devices.
My ideal solution is to use both a generic SNMP manager, SNMPc in my case, and CiscoWorks 2000. With SNMPc I can quickly see network node status and do some bandwidth management (baselining). CW2k serves mainly to execute changes (NetConfig) and as a syslogger. It is also used to perform IOS upgrades and to store config files.
I guess this could be done with HP open as well, but our money does not reach far enough to pay for both. SNMPc costs a lot less, both in purchase and in maintenance.
Hope this clarifies things a bit.
Regards,
Leo

Data package size-LAN and WAN

HI Experts,
Could anybody give explanation/Document for the below query?
When transfering R/3 to BW.How the data pacakage size is determined.?Would the size of data packets be different over LAN and WAN? Why?
Thanks
Pradeep

In transaction SBIW -> General Settings -> Maintain Control Parameters for Data Transfer (in the OLTP System), you can see and edit the default values for the source system.
If you display the infopackage in the BW system and click on the menu option Scheduler -> DataS. Default Data Transfer, you will be able to edit the settings for the infopackage and also see what's the default configuration for the source system.
You may also consult the following SAP Notes for more information (including exceptions):
[417307 - Extractor package size: Collective note for applications.|https://websmp107.sap-ag.de/sap/support/notes/417307]
[409641 - Examples of packet size dependency on ROIDOCPRMS.|https://websmp107.sap-ag.de/sap/support/notes/409641]
I don't see what difference it could have over LAN or WAN, though...

Why would i connect a external hardrive to the airport extreme and what is the difference between LAN and WAN gigabit ethernet?

Hey just wanted to know what is the reason i would connect my external hardrive to the extreme and what is the difference between LAN and WAN ehternet. I know one is local and other is wide but can someone explain in simpler terms.

Connecting a hard drive to the Airport Extreme makes it available to be shared across all the computers on your network.
WAN (Wide Area Network) is your connection to the internet
LAN (Local Area Network) is your internal (or local) ethernet connections (computers, printers, etc...)
AirPort Base Station: About the WAN and LAN Ports

Want to change Public, private and vip address on RAC 10g R2 windows 2003

The network section told us the configuration of the network who support our cluster will have to change all ip address.
We are looking for a complet document who give all the step by step instructions how to make this change.
We have to change the Public, private and VIP at the same time of our 3 nodes cluster.
We know the OCRCFG will be impact. So we will take backup of it first.
Can someone are able to indicate us how to procede to execute this task.
Thanks

Hi,
i check the Note:283684.1 you give me, but it didn't give all the answers to my problem.
I finally found a recipe to make the job. I would like to tell you it's not supported be Oracle, but it work very well
Don't forget to take a good backup of the ocrcfg and vote disk before you start.
Here we go:
Stop all Oracle service on all nodes before the change of the address, the low format of the ocrcfg and vote disk
change the address in the file host in C:\WINDOWS\system32\drivers\etc with the new address
change the ip address in the window network definition connection with the new address
ocopy \\.\ocrcfg d:\backup\ocrcfg.dmp
ocopy \\.\votedsk1 d:\backup\votedsk1.dmp
rem go to directory of the cluster binary crs\bin
cd /D D:\Oracle\Ora10g\crs/bin
rem Format raw ocrcfg and vote disk
LogPartFormat.exe \\.\ocrcfg /q
LogPartFormat.exe \\.\votedsk1 /q
rem Run in prompt mode the cluster setup
rem crssetup.exe config -nn %s_nodenumberlist% -pn %s_privatenamelist% -ch %ORA_CRS_HOME% -oh %s_OracleHome% -c %s_clustername% -l "%s_languageid%" -q %s_votedisklist% -g %s_usergroup%
rem example for 2 node
crssetup.exe config -nn host_name_node_1 ,1,host_name_node_2,2 -pn host_name_node_1-priv,1,host_name_node_2-priv,2 -ch D:\Oracle\Ora10g\crs -oh D:\Oracle\Ora10g\crs -c crs_lab -l "CANADIAN FRENCH_CANADA.WE8MSWIN1252"; -q "\\.\votedsk1"
rem ensures that all nodes are configured with the same port for the ONS
racgons.exe add_config host_name_node_1:6200 host_name_node_2:6200
rem oifcfg to direct components to use specific network interfaces
oifcfg.exe setif -global "Public"/10.200.5.0:public "Prive"/192.169.255.0:cluster_interconnect
rem to rebuild the vip address vipca in wondow componant and make the incription in the cluster (in prompt mode or online)
rem at the same time it will create the gsd and ons service
vipca.bat -silent -nodelist "host_name_node_1,host_name_node_2" -nodevips "host_name_node_1/host_name_node_1-vip/255.255.255.0/Public,host_name_node_2/host_name_node_2-vip/255.255.255.0/Public";
rem vipca
rem check the state of the crs services (inscription)
crs_stat -t
rem now make the registration of the listener in the cluster.
rem important don't use the prompt command below, it will give you a crs-0223 error at the startup service
Rem to solve this problem use netca on line
rem crs_register ora.host_name_node_1.LISTENER_host_name_node_1.lsnr -dir D:\Oracle\Ora10g\crs\crs\profile
rem crs_register ora.host_name_node_2.LISTENER_host_name_node_2.lsnr -dir D:\Oracle\Ora10g\crs\crs\profile
rem srvctl start nodeapps -n host_name_node_1
ren srvctl start nodeapps -n host_name_node_2
netca
rem check the state of the crs services (inscription)
crs_stat -t
rem start oracle object service and cluster volume before registering and accessing to asm services
sc \\host_name_node_1 start ”Oracle Object Service”
sc \\host_name_node_1 start OracleClusterVolumeService
sc \\host_name_node_2 start ”Oracle Object Service”
sc \\host_name_node_2 start OracleClusterVolumeService
rem go the the rdbms directory to make the registration of asm and the database
set ORACLE_HOME=D:\Oracle\Ora10g\rdbms
rem add the service asm in the cluster in my case asm1 and asm2 for my 2 nodes
srvctl add asm -n host_name_node_1 -i +ASM1 -o %ORACLE_HOME%
srvctl add asm -n host_name_node_2 -i +ASM2 -o %ORACLE_HOME%
rem start the asm service on each node
srvctl start asm -n host_name_node_1
srvctl start asm -n host_name_node_2
rem check the state of the crs services (inscription)
crs_stat -t
rem go to the bin directory of rdbms directory to make the registration of the database
cd /D D:\Logiciels\Oracle\Ora10g\rdbms/bin
rem register the database (in my case labotary lab) and the to database service (lab1 and lab2) of each node
srvctl add database -d lab -o %ORACLE_HOME%
srvctl add instance -d lab -i lab1 -n host_name_node_1
srvctl add instance -d lab -i lab2 -n host_name_node_2
rem finally start the database
srvctl start database -d lab
rem go to directory of the cluster binary crs\bin
rem all the services
cd /D D:\Logiciels\Oracle\Ora10g\crs/bin
rem you can go in the database with sqlplus and check all your components
crs_stat -t
I hope this will help someone who are in the same situation
Edited by: ron_berube on 2008-12-12 09:21
Edited by: ron_berube on 2008-12-12 10:08
Edited by: ron_berube on 2008-12-13 08:25
Edited by: ron_berube on 2008-12-18 10:49

5596UP killing Vcenter "heartbeat" packets on Lan and WAN

Just moved my entire off a 6509 to the dual 5596up's running version 6.0(2)N2(5) with UCS.
Now, Vcenter5 (physical machine not vm) is having problems with its "heartbeat" to tcp/udp 902.
It isn't a routing issue, not a "arp issue", not a issue with a lower switch having " ip device tracking " enabled. Not an access-list block, not a firewall block.
Every minute we can watch Vcenter lose contact with local VM's that are on the UCS which is connected by Four 10-Gig trunks.
All other protocols and devices have no issues. Its just Vcenter on the local lan and going out across our WAN.
Had zero issues with this when I had all my core routing running on a 6509 running 12.2sx code.
Nothing changed on the Vcenter side or on our UCS. The routing was just moved to the Nexus 5596UP's.

VM monitoring are the TCP/UDP probes that Vcenter sends out to the VM servers ever 20 seconds.
This lets vcenter know that the VM servers are working correctly. Without a VM heartbeat, Vcenter thinks the Esx server is down, so you can't manage any of the VM hosts on that ESX server or migrate over VM's from one ESX server to another.

Just purchased an Airport Extreme , what´s the difference between LAN and WAN

just purchased an Airport Extreme , what´s the difference between LAN and WAN

Check the Setup Guide for the AirPort Extreme to confirm that the WAN port accepts the signal from your modem or from another router on your network.
Other Ethernet devices on your network connect to the LAN <-> ports.

LAN and WAN share the same MAC address -- could this be a security issue?

When I bought the AEBS(n), I was a bit surprised to see only one ethernet MAC address listed (on bottom of unit, or was it in config utility?), in addition to wireless MAC. My main router has two ethernet MACs.
So last nite, I investigated. I confirmed my suspicion that both the WAN port and the LAN ports share the same MAC address! My setup has the AEBS WAN port plugged into my home LAN's main router, and a Linux machine plugged into a LAN port of the AEBS.
View of AEBS WAN side (from main router at 192.168.1.1)
ii# arp
Seconds IP Address MAC Address
734 66.130.224.1 001120A87AF5 -- ISP router
789 192.168.1.21 0016CBC430A6 -- AEBS WAN port
28 192.168.1.33 0010DC47DC53 -- home PC
824 192.168.1.73 00065BB2F295 -- work PC
View of AEBS LAN side (from a Linux box at 10.0.1.41)
root@LKG7CAE25 # cat /proc/net/arp
IP address HW type Flags HW address Mask Device
10.0.1.1 0x1 0x2 00:16:CB:C4:30:A6 * eth0
10.0.1.1 on the LAN side of AEBS and 192.168.1.21 on the WAN side of the AEBS both use the same MAC address, 00:16:CB:C4:30:A6.
I tried to provoke some leakage between the two sides (for example with broadcast packets), but haven't been able to do it so yet. Perhaps the switch in front of the eth MAC has enough smarts to keep the two subnets separate? Still it sort of worries me, if I used the AEBS as my only router, that both WAN and LAN go thru the same ethernet MAC (same h/w). I browsed here but found no discussion on this.
Comments anyone?

.... This is why there are separate MAC addresses
for ethernet and wireless, they are physically
different networks. In the case of the WAN/LAN, both
are ethernet-type networks but are physically
distinct (this is the purpose of a router like the
AEBS), so having the same MAC address on both sides
won't cause any sort of collision nor should it be
possible to leak across networks. MAC addresses can't
be used for routing beyond the physical network.
If it is indeed two different NICs sharing a single MAC, then indeed it is not an issue as you would never want to connect these two NICs together. But is it really two NICs?
My worry is that these two subnets are on the same physical network, with some magic going on to keep them separate anyway. Do we have some picture of AEBS internals? Maybe that would answer the question...

Can't recognize airport via lan and wan cables??

Trying to add airport extreme to present set up of G4 desktop that presently is hooked up to an external high speed modem.
Want to hard wire to desktop and use airport extreme for laptop. I'm not simple but do not know much about setting up wireless.
Here is my presnet set up.
High speed modem to airport extreme via wan cable.
Airpirt extreme to g4 mac via lan cable.
Computer won't recognize airport. can't use setup utility, can't get to internet.
Trying to locate pppoe message and then mothing.
Please...any suggestions for someone not very wireless savy
power mac g4 dual 450 Mac OS X (10.4.1)

This has been very helpful.
I used airport setup asst. for windows and now have configured a secure wireless connection for my dell (dude). I used PPPoe since my internet provider uses it. Can't wait until Feb when I will be getting my power book.
But I have the problem that the G4 dual 450 desktop will not recognize the aebs when i have connected to it via the lan port. I want to be able to configure it this way so I don't have to put a card in it. Wired to desktop, wireless to laptop.
Also, it looks like the desktop is only compatible with airport and not airport express. Not sure where could find a card.
You have been very helpful through this so thank you very much.
Do you have any last advice?
Gord
power mac g4 dual 450 Mac OS X (10.4.1)

Gigabit on LAN and WAN

Dears,
I would like to know if Gigabit ethernet on WAN uses the POS tehcnology ( packet over sonet ) or something else ( what ) ?
What is the maximum speed for gigabit on WAN ?
Concerning the MAN, is it true that Gigabit on MAN uses the DWDM technology or something else which has nothing to do with SONET ?
What is the maximum speed of Gigabit on MAN ?
Could you define the different protocols that we are meeting in the layers OSI 1-4 of Gigabit WAN and Gigabit MAN ?
Thanks for your respons !
Olivier MONTEE.

GigE is using the same technology as Fiber Channel 8B/10B coding. It is a switched technology 100 MBs or 200 MBs full dup. It can run on Optical or copper. the 1000T uses PAM-5 coding on Cat-5. To get a GigE over distance you will need DWDM to transport a full speed feed. Hope this helps narrow your question.

WCCP and WAN optimisation via Layer 3 connection

Hi There,
I need some help with WCCP, however with Riverbeds instead of WAAS.
The topology of the set up is as follows:
WAN - R1 - LAN - L3 Switch - Riverbed
The clients reside on the WAN side and the servers reside on the LAN side.
My business wishes to enable WCCP on two separate WAN routers to the single Riverbed. One router is fuly managed service, and the other rout the is managed by the business IT team.
All the articles that I have come across talk about enabling WCCP on the router whereby the WAN optimisation appliance is directly connected to a interface router. I need to configure WCCP to a Riverbed that is connected to a subnet that is a single hop away via a Layer 3 switch.
My plan is to enable WCCP in the inbound directions on both the LAN and WAN interfaces, however my concern is that this design will mean the traffic passing through the LAN side interface will be optimised twice.
Can any one confirm if this would happen? If it could happen can it potentially be stopped by placing a "ip wccp redirect exclude out" command on the LAN interface.
Thanks is advance for your help.

Hi Andreas,
"ip wccp redirect exclude out" only makes sense if you have a "ip wccp redirect out"
on a L3 interface on the router.
It's purpose is to avoid redirecting an already optimised packet, comming from a L3-interface where the WAAS/Riverbed device is connected, once more.
A double redirect will, in a WAAS setup, cause the WAAS device to drop the packet, because
it suspects a routing loop... don't know what Riverbed does.
Running only with "ip wccp redirect in" on both the WAN and LAN interface will cause :
1) a packet comming in from the LAN, is supposed to be unoptimised, and will be redirected
2) a packet comming in from the WAN, is supposed to be optimised, and will also redirected
3) an IP-interface with only the WAAS/Riverbed connected should NEVER be redirected !
If you cannot isolate your WAAr/Riverbed in it's own L3 subnet (subinterface/VLAN),
and therefore have to place it in the "ordinary" LAN subnet, packets from the WAAS/Riverbed will becomes candidates for redirection (even with "ip wccp redirect in"), you'll need to use "WCCP negotiated Return", but don't know whether Riverbed supports this,
Riverbed normally uses "tunnels" on the WAN side, and this makes the WCCP setup somewhat different.
You should really consult the Riverbed documentation or their support
... or migrate to Cisco WAAS ;-)
Best regards
Finn Poulsen

T410 - 2537AL8 LAN vs WAN

What is the difference in usage between LAN and WAN? When do I need the WAN Card?
Solved!
Go to Solution.

There's a Wireless LAN card (aka WLAN) which is your standard 802.11 Wi-Fi card.
There's also an option for a Wireless WAN card (aka WWAN) which uses cell-tower 3G internet.
W520: i7-2720QM, Q2000M at 1080/688/1376, 21GB RAM, 500GB + 750GB HDD, FHD screen
X61T: L7500, 3GB RAM, 500GB HDD, XGA screen, Ultrabase
Y3P: 5Y70, 8GB RAM, 256GB SSD, QHD+ screen

Emulate WAN address on the LAN with DNS?

Hello guys,
My problem, I have a web server on the LAN
I do port forwarding through the firewall from the WAN.
How do i emulate the WAN address for the LAN users?
The web server is set up as a test server for developers so that the can send links to external viewers.
Can this be made as DNS lookup and how do I configure it?

How? [You configure DNS on your server|http://labs.hoffmanlabs.com/node/1436], setting up what is known as split-horizon DNS (same domain used outside/public and inside/private) and the internal DNS has all of the host name translations you use from your public DNS replicated, though the inside/private DNS translations are aimed either at your public static IP addresses (for those hosts and services that are external to your private LAN) or (for this particular web server case, and cases where you want to try to avoid sending the traffic through your NAT firewall, assuming it is capable of "reflecting" traffic back through the NAT) aimed directly at private static IP (LAN) addresses.

Public LAN and WAN Addresses

Similar Messages

Maybe you are looking for