Sign in with
Sign up | Sign in
Your question

Assigning Static IPs within a network

Last response: in Networking
Share
July 29, 2004 3:13:10 AM

Hello, right now I have 2 PCs connected wirelessly to a router (Linksys BEFW11S4), and also another one connected with CAT5. Anyway, I have to forward many different port ranges to different PCs, and lately the IPs assigned change (due to lease time?).

I need help setting up the PCs so that the first one gets 192.168.1.100, the second 192.168.1.101, and the thrid 192.168.1.102.

Here's what I did so far for the first PC: went to connection properties, then properties of TCP/IP, under general tab, I checked "use the folowing IP address," and entered...

IP Address:192.168.1.100
Subnet Mask:255.255.255.0
Default Gateway:192.168.1.1

But what do I enter for Preferred, and Alternate DNS server addresses? When I go to the STATUS section of the router setup, I get all this information, including the subnet mask; however, it's 255.255.254.0, and I've been told to enter 255.255.255.0.

Under SETUP section of the router, do I take DNS1 as the preferred DNS, and DNS2 as the alternate?

If I reset my cable modem does this (subnet mask, dns1, dns2) stuff gets changed? How about reseting(or turning off, then on) the router? Upgrading firmware on router?

Thanks a bunch
July 31, 2004 1:49:49 PM

For simplicity just use these IPs as your DNS:
4.2.2.2
4.2.2.1

---
I want my epitaph to be: "Moved to /dev/null"
July 31, 2004 7:20:01 PM

Thanks, Dev. I've also done a little research and found that some people just enter their rounter's address for DNS1 and leave DNS2 blank, is that correct too?
Related resources
August 5, 2004 3:56:27 AM

The Linksys will not serve as a DNS server or DNS fowarder. Atlest mine does not. So I would not point your pc to look for it's first DNS as 192.168.1.1.

I would get away from the 192.168.1.100~150 range, by default the linksys grants by 100, 101, 102 etc to the next pc that asks for an IP address. When I want to add a static I start at 192.168.1.99 and work down from there leaving the 192.168.1.100 and up for the dhcp server to worry about. You can always add an exception but that is alot ot explain. You could always disable the DHCP service in the router but that will cause problems if you have friends stop in with their systems.

Ignore the nonstandard subnet mask 255.255.254.0, it is on the WAN port not the LAN port. The lan port will always be 255.255.255.0 unless you do some real funky stuff.

Flagg CNE MCSE CCNA
August 5, 2004 2:13:01 PM

Flagg,

quetion for you...won't setting static IP's be a problem for when his computer later. If he get's a new IP addy from the dhcp won't that mess up everything?
August 6, 2004 8:20:40 AM

Thanks for responding, Flagg7771234! So let's see here, I have more questions if you don't mind ...

1) How do I change the 192.168.1.100 scheme to something else? What can I change it to? Is there a tutorial somewhere for this? The only relevant thing I see in the setup of router is "Local IP Address," which can be manually altered, and is currently set to 192.168.1.1.

2) If I disable DHCP, will I be able to assign "any" address to the PCs manually? Like 192.168.1.99? I can also do this with DHCP enabled, right? Making sure they don't overlap?

3) So, what should I use for Preferred, and Alternate DNS server addresses? Like Dev said: 4.2.2.2, 4.2.2.1?


One other somewhat related question, while we're on the topic of routers :) 


4) Should I enable "Filter Multicast?" How about "Filter Internet NAT Redirection?" I could never find clear answers for these, and currently I have them set to enabled and disabled, respectively.

Thanks again :) 
August 6, 2004 10:36:25 PM

Yes it will. That is why I suggested to try 192.168.1.99 and bellow. The Linksys will grant via dhcp 100,101, 102, 1,3 in that order up to 150 (by default on most linksys routers).

However if he is set to static then his PC will not request an IP, but another PC can and get the same IP. Check your DHCP, make sure it is set to give the first out at 100, then climb to 150.



Flagg CNE MCSE CCNA
August 6, 2004 11:07:18 PM

for the first part of your question:
Prperties on your NIC will show your IP. It is mostlikly set for Dyanamic. Give yourself an IP of 192.168.1.99, second line, 255.255.255.0 then gate way 192.168.1.1, NOW you must enter a valid DNS server, the one your isp gives you are the 4.2.2.2 that I have seen posted here many times. once you save these cvhanges you should automaticaly browse the internet and recieve your pop email. Remember to check that DNS server, it is important.

You only need one DNS server, the other is in case the first does not respond. A good test of your DNS is when your connected to the internet pull up a command prompt and enter "ping novel.com" you should see automaticaly that the DNS server resolved your "novel.com" request to 216.168.60.84" wether it went through or not your DNS is correct if you see this IP.

Note: IP is extremly simple once you have an understanding of it. You must have and IP and Sub net getout, the DNS server is ONLY used when you plug a name in like microsoft.com or ebay.com you really do not need the DNS setup if you knew off the top of your head what the IP address was to Ebay.com or microsoft.com. In this case you could just type in "hyyp://216.168.60.84" to go directly to novel.com. <- bad example here they have an "a" recorder fowarder.

Filter multicast? this is a broadcast. this will be sent out via 255.255.255.255.. I would not mess with this, never have myself. This filter should be enabled by default and if it is not then you are prone to that old "ping of death". My theroy is if a broadcast does come through your PC will recieve it but it will not loop (broadcast out then in then out) <- i.e ping of death

third question:
Yes, your router started at 192.168.1.1, so you can not use that. But 192.168.1.2 up to 192.168.1.254 (253) is OK to use. Good to not use above 250 but you can with some planning. Remember your DNS is not granted, you will need to put one in so find a good one. [0~255, 0=unusable 255=broadcast, 254=unsuable]

AND last but not least the "filter internet nat", simplicity stated this should stop you broadcasting that your PC Ip address is 192.168.x.x <-nated address. This helps in some (older) games that when you hosted a game on the internet the host would display a return path to 192.168.x.x. However the new games have taken this into consideration. The best example I can think of is if you have an FTP server up and it has a 192.168.x.x and is nated, the return adress could show 192.168.x.x rather than the public IP and go no where.... of course this requires much more explaination.

Hope this helped...
(yea, I'm dizzy after reading this post... )
Yahoo IM me @ flagg7771234

Flagg CNE MCSE CCNA
August 7, 2004 12:03:54 AM

Thank you very much for the lengthy reply. I will digest it, apply it, and let you know if I have trouble.

:) 
August 7, 2004 12:55:19 AM

Damn, I just realized that neighbors can just assign static IPs and join. AH! Well, I have MAC filtering on, with the 2 PCs that are allowed to connect. But, MACs can be spoofed, right? Also got WEP :) 

What software can I use to see who's connected to my network? The router only shows DHCP people connected. I've heard about AirSnare and Kismet, any recommendations on any other?
August 7, 2004 5:20:08 AM

WEP has holes too, the good thing about the mac is it can, in it's self be a password. Do not let others know your MAK. Some of my clients use PDAs (2002 ppc) I warn them all the time to not let anyone know their mac.

My mom just this year had verizon setup a wireless network at home (she is in FL I'm in OH) I went to visit her and with my laptop got on her net and went directly to her PC and pulled up everything on the C$ share... boy was she spooked!

Yes... the DNS server resolve names, they have tables of names and what IP coreasponds to what, these all conform to "interNIC" and that is why we pay the $30 per year to keep that DNS name in thoes lists. the 4.2.2.x (correct me if I'm wrong) are the DOD first level name servers.

Not to confuse this but DNS is not just the resolution of www.microsoft.com to an IP address, they also can forward email. These are all stored in that datavbase as a record, one name, like www.microsoft.com can have an "A" record for the web page and an "MX" record for their email. and both can point to dif servers.

hope this helps, but once you get a clear understanding of IP this all becomes simple, you would be amazed how simple!

kevin

Flagg CNE MCSE CCNA
YAHOO IM @ flagg7771234
August 7, 2004 6:53:10 AM

When you say, that 4.2.2.x are "DOD first level name servers," do you mean that every time I go to a website, I let the Department of Defense know about it?
August 7, 2004 6:03:34 PM

interesting, and in a way that is true... the DNS servers can log every request you do, so can every router your connection moves through. BUT consider the amount of data that would be for just a mere secound, would mostlikly fill the the largest server in less than a sec.... so this would not be feasable.

However I do not think the DOD servers would care, and at this time it might not even be dod. Remember in the 70s DOD drove the internet then droped it then picked it backup.

It was a total guess on my part the the 4.2.2.x DNS server are the DOD servers i learned about in CIS class...

Flagg CNE MCSE CCNA
YAHOO IM @ flagg7771234
August 9, 2004 6:48:33 AM

One of my questions wasn't answered, can someone help ...

"What software can I use to see who's connected to my network? The router only shows DHCP people connected. I've heard about AirSnare and Kismet, any recommendations on any other?"

Thanks
August 10, 2004 5:18:37 AM

"The Linksys will not serve as a DNS server or DNS fowarder. Atlest mine does not. So I would not point your pc to look for it's first DNS as 192.168.1.1."

My BEFW11S4 actually does (as long as it's the only DNS server entered), but the tech support said that it's better to enter the DNS1 and DNS2 servers that appear in the router's setup. Apparently, these are provided by my ISP. But, they take a long time to respond, >75ms! Compared to 4.2.2.x, which take ~10ms.

Also, for some reason all 3 PCs now have problems with DNS (does not display IP, when I run "ping novel.com"). I entered 4.2.2.1 and 4.2.2.5, and it worked for 2 days, but then just stopped. Then I tried the ones provided by the ISP, and they worked (as well as 192.168.1.1).

Hmm...
August 12, 2004 12:15:28 AM

There are alot of porscanning software out there that can scann your segment for active IPs, go to www.twocows.com and find a portscanner, when you use it make sure you enter thr entire range like 192.168.0 ~254. What this will do is a real time scan of who has a valid IP and is connected. THEN you can use the nmap utility to retrieve mac, computername, what ports are in use, etc. I think I found nmap v3.5 on downloads.com. try a google, it will be out there somewhere.

kevin

Flagg CNE MCSE CCNA
YAHOO IM @ flagg7771234
August 12, 2004 12:31:02 AM

If you have 192.168.1.1 in as dns1 and nothing for dns2 and go to a website you have never gone before will it actualy qury and get that IP?

The 4.2.2.4 servers are in use every where, not sure why you had problems with them. I know of a small office with about 10 users, all on a linksys with the PCs all set to go to 4.2.2.4 and they have had no problem getting out and browsing.

I STAND TO BE CORRECTED!
As I was writing this post I connected a PC and set dns to 192.168.1.1 and was able to browse, new sites never browsed before (incase of cache). You are 100% right, you can use the linksys as a dns fowarder.

I never tried it before nore have I ever seen documentation from linksys on this.

I believe you have helped me more that I have helped you..
KEvin

Flagg CNE MCSE CCNA
YAHOO IM @ flagg7771234
August 19, 2004 5:12:28 PM

I'm sorry I haven't responded before, but lightning struck and took out the CO of my internet provider :( 

I'll give you a quick run down of the questions I have seen so far, even though some have been answered before.

Assigning static IP addresses which are in a DHCP range is generally not a problem since the DHCP server will verify that no hosts are using an address before it is assigned. However, the easiest way to manage this is to create DHCP reservations that reserve a particular address for a specific host.
This is done by reserving an IP for the MAC address (which is unique for every NIC) of the disired host. This should be easy to configure in your router.

The 4.x.x.x range now belongs to Verizon and I think it used to belong to Digital or DEC. So these are Verizons DNS Servers.

DNS maps a name (domain) to an IP address. This is how a human readable address like you@example.com is translated to an machine readable address.

You can find who is connected to your PC with the `netstat -a` command in the dos prompt. There should be something similar in your router, but you may need to use a telnet or console connection in order to get access to that. You can also use a sniffer to see what inforamtion is traveling over your network. Ethereal is a good free one, and so is Ettercap which can find spoofers on your network. Sourceforge has them both.

If I missed something you can just ask.

---
I want my epitaph to be: "Moved to /dev/null"
!