Articles

Testing LAN clients with Public IP addresses in CDRouter

6 min read

 In a typical home network, the ISP assigns a single Public IPv4 address to the CPE device that can be reached from the global Internet. The device assigns Private IPv4 addresses to CDRouter’s LAN clients and acts as an Internet gateway to them by mapping all of the Private addresses to the one Public address using Network Address Translation (NAT). (Private IPv4 addresses are described in RFC 1918, eg. 192.168.1.x)

In some environments, however, the ISP allocates a block of Public IPv4 addresses to a single site allowing multiple devices on the LAN side of the CPE device to access the internet without the use of NAT. In some schemes, the CPE’s Public WAN address is different from the block allocated to the LAN, in which case the CPE forwards traffic from CDRouer’s LAN clients using standard IP routing. In other schemes, the router and LAN clients share the same block of Public addresses. Here, the router may passively forward traffic between the LAN clients and the ISP, or it may act as the default router for each of the LAN clients acting as a proxy to the ISP.

CDRouter supports testing environments where LAN clients are allocated Public (globally routeable) IPv4 addresses or where a mix of Public and Private IPv4 LAN clients exist simultaneously. With the CDRouter Multiport add-on, both of these scenarios can be tested simultaneously using a mix of Private- and Public-addressed LAN clients.

Typical “Private LAN” Configuration

In CDRouter’s default configuration, it is assumed that all LAN clients are assigned Private IPv4 addresses and reach the Internet via the CPE device, which uses NAT to map their addresses to its own Public address on the WAN.

The following testvar settings show an example of this type of configuration, using DHCP on the WAN link.

Note: Definitions for each of these testvars can be found here or by searching from the “Documentation” page within CDRouter’s web interface.

testvar wanMode               DHCP
testvar wanIspIp              100.1.1.1
testvar wanIspAssignIp        100.1.1.2
testvar wanIspMask            255.255.255.252
testvar natMode               address-restricted
testvar lanIp                 192.168.1.1
testvar lanMask               255.255.255.0
testvar dhcpClientStart       192.168.1.100
testvar dhcpClientEnd         192.168.1.150

= Summary =
100.1.1.1                = ISP address (default router for CPE)
100.1.1.2                = CPE WAN address
192.168.1.1              = CPE LAN address (default router for LAN clients)
192.168.1.2 thru .254    = available LAN client addresses (based on lanMask)
192.168.1.100 thru .150  = LAN client DHCP address pool




Public LAN Configuration - Separate LAN and WAN blocks

This configuration is for setups in which the CPE’s WAN address is separate from the Public IP address block allocated for LAN clients, and the CPE routes traffic between them without NAT translation.

In this example, the ISP has allocated a block of 16 Public IPv4 addresses for the CPE to distribute to its LAN clients: 200.16.32.0/28 (.0 thru .15). This block is completely separate from the Public address used by the CPE on the WAN (100.1.1.2).

Here, the CPE has selected the first address from the Public IP block for its own LAN interface. LAN clients still use the CPE as their default router, but the CPE does not peform NAT translation when forwarding their traffic to the WAN. This is indicated by setting the natMode testvar to “none”.

The CPE assigns the remaining addresses (.2 thru .14) to LAN clients from its DHCP address pool, specified by testvars dhcpClientStart and dhcpClientEnd.

 

testvar wanMode               DHCP
testvar wanIspIp              100.1.1.1
testvar wanIspAssignIp        100.1.1.2
testvar wanIspMask            255.255.255.252
testvar natMode               none
testvar lanIp                 200.16.32.1
testvar lanMask               255.255.255.240
testvar dhcpClientStart       200.16.32.2
testvar dhcpClientEnd         200.16.32.14

= Summary =
100.1.1.1                = ISP address (default router for CPE)
100.1.1.2                = CPE WAN address
200.16.32.1              = CPE LAN address (default router for LAN clients)
200.16.32.2 thru .14     = available LAN client addresses (based on lanMask)
200.16.32.2 thru .14     = LAN client DHCP address pool





Public LAN Configuration - Single block for LAN and WAN

This configuration is for setups in which the LAN clients are allocated a block of IP addresses shared by the CPE on the WAN link. Since the WAN and LAN share the same IP subnet, the CPE effectively acts as a “bridge” between LAN clients and the WAN ISP.

In this example, the ISP has allocated the same block of 16 Public IPv4 addresses as in the previous example: 200.16.32.0/28 (.0 thru .15).

Here, one address from the block is used by the ISP (200.16.32.1), which acts as the default router for all outbound traffic to the Internet. The CPE also selects one address for itself (200.16.32.2), leaving the remaining address available for LAN clients to use (.3 thru .15). Some CPE implementations allow LAN clients to use the CPE as their default router, who will in turn forward the traffic to the ISP on their behalf. 

In this particular example, the CPE does not assign addresses to LAN clients via DHCP. In a real-world environment, LAN clients would need to have their address statically configured from the Public IP block.

CDRouter accommodates this scenario using the lanMode testvar. When set to “static”, each LAN client that CDRouter creates will be assigned an address from the range specified by the dhcpClientStart and dhcpClientEnd testvars.

 

testvar wanMode               DHCP
testvar wanIspIp              200.16.32.1
testvar wanIspAssignIp        200.16.32.2
testvar wanIspMask            255.255.255.252
testvar natMode               none
testvar lanIp                 200.16.32.2
testvar lanMask               255.255.255.240
testvar lanMode               static
testvar dhcpClientStart       200.16.32.3
testvar dhcpClientEnd         200.16.32.14

= Summary =
200.16.32.1              = ISP address (default router for CPE)
200.16.32.2              = CPE WAN address
200.16.32.2              = CPE LAN address (default router for LAN clients)
200.16.32.3 thru .14     = available LAN client addresses (based on lanMask)
200.16.32.3 thru .14     = LAN client address pool (assigned by CDRouter)




Mixed Private and Public LAN

Some CPE devices allow LAN clients with Private and Public IP addresses to coexist simultaneously using a combination of the configurations shown above.

CDRouter Multiport can be used to test this type of configuration by creating LAN clients with Private addresses on one interface and Public addresses on a different interface.

In the example below, Public addresses are used on the primary LAN interface (natMode “none”) and a separate interface group, “lan2”, is defined using Private addresses. The device assigns Private addresses to clients via DHCP, requiring clients with Public addresses to be statically assigned (lanMode static).

Note that a unique MAC address must be specified for each LAN interface group to ensure the CPE can properly forward packets to both clients.

 

testvar wanMode               DHCP
testvar wanIspIp              100.1.1.1
testvar wanIspAssignIp        100.1.1.2
testvar wanIspMask            255.255.255.252
testvar lanInterface          eth1
testvar lanMac                B0:75:0C:01:01:01
testvar lanType               ethernet
testvar lanIp                 200.16.32.1
testvar lanMask               255.255.255.240
testvar natMode               none
testvar lanMode               static
testvar dhcpClientStart       200.16.32.2
testvar dhcpClientEnd         200.16.32.14

testvar_group lan2 {
   testvar lanInterface        eth2
   testvar lanMac              B0:75:0C:02:02:02
   testvar lanType             ethernet
   testvar lanIp               192.168.1.1
   testvar lanMask             255.255.255.0
   testvar natMode             address-restricted
   testvar dhcpClientStart     192.168.1.100
   testvar dhcpClientEnd       192.168.1.150
}

= Summary =
100.1.1.1                = ISP address (default router for CPE)
100.1.1.2                = CPE WAN address
200.16.32.1              = CPE LAN address (default router for Public LAN clients)
200.16.32.2 thru .14     = Public LAN client address pool (assigned by CDRouter)
192.168.1.1              = CPE LAN address (default router for Private LAN clients)
192.168.1.100 thru .150  = Public LAN client DHCP address pool (assigned by CPE)