DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 15th October 2012
frcc frcc is offline
Don't Worry Be Happy!
 
Join Date: Jul 2011
Location: hot,dry,dusty,rainy,windy,straight winds, etc-Texas
Posts: 47
Thanked 0 Times in 0 Posts
Default Web Server Requirement Static or DHCP?

I Have a "basic" question that i need cleared up before i can plan
out my network.

QUESTION:
I need to know if i need a "STATIC" IP address from my provider to
allow internet access to my webpage hosted on a planned internal
network? .OR. Can this be accomplished by an IP address that is
currently provided to me dynamically.

I am confused, because i am told i need a STATIC address but when i
read a paragraph like the following i realize i am missing something.

TAKEN from: OpenBSD's
"not allowed to post URL's yet so cannot give reference."
"PF: Example: Firewall for Home or Small Office"
stating the following:
----------------------------------------------------------------------------------------------
/QUOTE
Since the IP address on the external interface is assigned dynamically, parenthesis are placed around the translation interface so that PF will notice when the address changes. The :0 suffix is used so that, if the external interface has multiple addresses, only the first address is used for translation.
/
match out on egress inet from !(egress:network) to any nat-to (egress:0)
-----------------------------------------------------------------------------------------------

referring to this basic setup which is close to what i am planning


[ COMP1 ] [ COMP3 ]
| |
---+------+-----+------- xl0 [ OpenBSD ] fxp0 -------- ( Internet )
|
[ COMP2 ]


The web-server will be limited to presenting a small chrooted
Apache information webpage for my business (comp 3) within
my network.

My provider will supply me with a static address upon request at a reasonable rate, so that appears not to be a barrier. On the other hand
for testing purposes if i can set up pf with a dynamic ext_if why not.


I am currently using pf for basic filtering on individual machines
while using an off the shelf router/firewall and switches for WAN/LAN
connections. I would like to take the next step and replace the router/firewall with a small box running pf routing to my LAN.

Some thoughts will help as i am confused when i read the above
statement.

Last edited by frcc; 15th October 2012 at 01:49 AM.
Reply With Quote
  #2   (View Single Post)  
Old 15th October 2012
frcc frcc is offline
Don't Worry Be Happy!
 
Join Date: Jul 2011
Location: hot,dry,dusty,rainy,windy,straight winds, etc-Texas
Posts: 47
Thanked 0 Times in 0 Posts
Default Static and Dynamic

To summarize?????

I suppose the answer is the IF the provider DOES NOT block port 80 etc
at a residential cost then technically YES DHCP is FINE. (some differences exist of course stemming from other technical issues relating
to static vrs dynamic not really affecting this thread)

BUT if the provider blocks these ports then i will have to PAY a little
extra for the STATIC IP........AND that will dictate the required type of
address.


other info greatly appreciated.
Reply With Quote
  #3   (View Single Post)  
Old 15th October 2012
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,641
Thanked 214 Times in 189 Posts
Default

You are correct, an assigned static address may not be required. There are firms that offer domain services to dynamic addresses, and there are ports/packages to automatically inform the firm of changes to IP addresses.

I use services of dyndns.org and the ddclient script.
Reply With Quote
  #4   (View Single Post)  
Old 15th October 2012
comet--berkeley comet--berkeley is offline
Old programmer/hacker
 
Join Date: Apr 2009
Posts: 90
Thanked 1 Time in 1 Post
Default

I too have used dyndns.com and the ddclient perl script too and it works okay but the setup is tricky.

If you want simple and reliable then get a static ip address.

If you want to set up an email server, then a static ip is the only way to go.
Many email servers on the web will not accept email from a dynamic ip address.
Reply With Quote
  #5   (View Single Post)  
Old 15th October 2012
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,641
Thanked 214 Times in 189 Posts
Default

Quote:
If you want to set up an email server, then a static ip is the only way to go.
I am using DynDNS's "MailHop" service -- this is a store-and-forward facility that permits me to run an MTA on a dynamic IP address, listening on an alternative port. My DNS entry has an MX address at mailhop.org.
Reply With Quote
  #6   (View Single Post)  
Old 16th October 2012
frcc frcc is offline
Don't Worry Be Happy!
 
Join Date: Jul 2011
Location: hot,dry,dusty,rainy,windy,straight winds, etc-Texas
Posts: 47
Thanked 0 Times in 0 Posts
Default

got it, thanks folks
Reply With Quote
  #7   (View Single Post)  
Old 16th October 2012
shep shep is offline
ISO Quartermaster
 
Join Date: May 2008
Location: Dry and Dusty
Posts: 585
Thanked 9 Times in 9 Posts
Default

Another option is to utilize no-ip. Both dyndns.com and no-ip have a yearly fee.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Lenovo T60 as a wireless AP (wpi0), DHCP server mbonitat OpenBSD General 5 30th December 2011 08:25 PM
Worm uses built-in DHCP server to spread J65nko News 0 6th June 2011 09:39 AM
isc dhcp server queshaw OpenBSD Packages and Ports 1 8th February 2011 11:09 AM
snd_emu10k1 and static kly FreeBSD General 3 17th September 2009 01:28 PM
DHCP Server WeakSauceIII OpenBSD General 1 25th September 2008 03:34 AM


All times are GMT. The time now is 04:01 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick