Thread: Web Server Requirement Static or DHCP?
View Single Post
  #1   (View Single Post)  
Old 15th October 2012
frcc frcc is offline
Don't Worry Be Happy!
  
Join Date: Jul 2011
Location: hot,dry,dusty,rainy,windy,straight winds, tornado,puts the fear of God in you-Texas
Posts: 335
Default Web Server Requirement Static or DHCP?
I Have a "basic" question that i need cleared up before i can plan
out my network.

QUESTION:
I need to know if i need a "STATIC" IP address from my provider to
allow internet access to my webpage hosted on a planned internal
network? .OR. Can this be accomplished by an IP address that is
currently provided to me dynamically.

I am confused, because i am told i need a STATIC address but when i
read a paragraph like the following i realize i am missing something.

TAKEN from: OpenBSD's
"not allowed to post URL's yet so cannot give reference."
"PF: Example: Firewall for Home or Small Office"
stating the following:
----------------------------------------------------------------------------------------------
/QUOTE
Since the IP address on the external interface is assigned dynamically, parenthesis are placed around the translation interface so that PF will notice when the address changes. The :0 suffix is used so that, if the external interface has multiple addresses, only the first address is used for translation.
/
match out on egress inet from !(egress:network) to any nat-to (egress:0)
-----------------------------------------------------------------------------------------------

referring to this basic setup which is close to what i am planning


[ COMP1 ] [ COMP3 ]
| |
---+------+-----+------- xl0 [ OpenBSD ] fxp0 -------- ( Internet )
|
[ COMP2 ]


The web-server will be limited to presenting a small chrooted
Apache information webpage for my business (comp 3) within
my network.

My provider will supply me with a static address upon request at a reasonable rate, so that appears not to be a barrier. On the other hand
for testing purposes if i can set up pf with a dynamic ext_if why not.


I am currently using pf for basic filtering on individual machines
while using an off the shelf router/firewall and switches for WAN/LAN
connections. I would like to take the next step and replace the router/firewall with a small box running pf routing to my LAN.

Some thoughts will help as i am confused when i read the above
statement.
Last edited by frcc; 15th October 2012 at 01:49 AM.
Reply With Quote